package org.eclipse.stardust.engine.core.runtime.utils;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.xml.namespace.QName;
import org.eclipse.stardust.common.CollectionUtils;
import org.eclipse.stardust.common.error.AccessForbiddenException;
import org.eclipse.stardust.engine.api.model.IData;
import org.eclipse.stardust.engine.api.model.IModel;
import org.eclipse.stardust.engine.api.model.IOrganization;
import org.eclipse.stardust.engine.api.runtime.BpmRuntimeError;
import org.eclipse.stardust.engine.core.runtime.audittrail.management.BusinessObjectSecurityUtils;
import org.eclipse.stardust.engine.core.runtime.beans.IUser;
import org.eclipse.stardust.engine.core.runtime.beans.interceptors.PropertyLayerProviderInterceptor;

/* loaded from: input_file:lib/carnot-engine.jar:org/eclipse/stardust/engine/core/runtime/utils/DataAuthorization2Predicate.class */
public class DataAuthorization2Predicate extends AbstractAuthorization2Predicate {
    private Set<String> visitedData;
    private Map<IData, Boolean> visitedDataUnscoped;

    public DataAuthorization2Predicate(AuthorizationContext authorizationContext) {
        super(authorizationContext);
    }

    @Override // org.eclipse.stardust.engine.core.runtime.utils.AbstractAuthorization2Predicate
    public boolean accept(Object obj) {
        if (!(obj instanceof IData)) {
            return false;
        }
        this.context.setModelElementData((IData) obj);
        return Authorization2.hasPermission(this.context);
    }

    public static void verify(IData iData, ClientPermission clientPermission) {
        if (PropertyLayerProviderInterceptor.getCurrent().isSecureContext()) {
            AuthorizationContext create = AuthorizationContext.create(clientPermission);
            DataAuthorization2Predicate dataAuthorization2Predicate = new DataAuthorization2Predicate(create);
            if (dataAuthorization2Predicate.accept(iData) || BusinessObjectSecurityUtils.isUnscopedPropagatedAccessAllowed(iData, dataAuthorization2Predicate)) {
                return;
            }
            IUser user = create.getUser();
            throw new AccessForbiddenException(BpmRuntimeError.AUTHx_AUTH_MISSING_GRANTS.raise(Long.valueOf(user.getOID()), String.valueOf(clientPermission), user.getAccount()));
        }
    }

    public synchronized boolean acceptBOValue(IData iData, Object obj) {
        Map map = obj instanceof Map ? (Map) obj : null;
        for (IOrganization iOrganization : getScopedOrganizations()) {
            if (iOrganization != null) {
                String str = (String) iOrganization.getAttribute("carnot:engine:dataId");
                String str2 = (String) iOrganization.getAttribute("carnot:engine:dataPath");
                if (map != null) {
                    this.context.setPrefetchedDataValue(new QName(iOrganization.getModel().getId(), str).toString(), str2, (String) map.get(str2));
                    boolean z = false;
                    if (!this.context.isPrefetchDataAvailable()) {
                        this.context.setPrefetchDataAvailable(true);
                        z = true;
                    }
                    boolean accept = accept(iData);
                    if (z) {
                        this.context.setPrefetchDataAvailable(false);
                    }
                    if (!accept) {
                        return false;
                    }
                } else {
                    continue;
                }
            }
        }
        return true;
    }

    private List<IOrganization> getScopedOrganizations() {
        Set newSet = CollectionUtils.newSet();
        for (String str : this.context.getGrants()) {
            Iterator<IModel> it = this.context.getModels().iterator();
            while (it.hasNext()) {
                IOrganization firstScopedOrganization = DepartmentUtils.getFirstScopedOrganization(it.next().findParticipant(str));
                if (firstScopedOrganization != null) {
                    newSet.add(firstScopedOrganization);
                }
            }
        }
        return new ArrayList(newSet);
    }

    public void setVisitedData(Set<String> set) {
        this.visitedData = set;
    }

    public Set<String> getVisitedData() {
        return this.visitedData;
    }

    public Map<IData, Boolean> getVisitedDataUnscoped() {
        return this.visitedDataUnscoped;
    }

    public void setVisitedDataUnscoped(Map<IData, Boolean> map) {
        this.visitedDataUnscoped = map;
    }
}
