package it.geosolutions.geostore.services;

import com.googlecode.genericdao.search.Filter;
import com.googlecode.genericdao.search.Search;
import it.geosolutions.geostore.core.dao.ResourceDAO;
import it.geosolutions.geostore.core.dao.SecurityDAO;
import it.geosolutions.geostore.core.dao.UserDAO;
import it.geosolutions.geostore.core.dao.UserGroupAttributeDAO;
import it.geosolutions.geostore.core.dao.UserGroupDAO;
import it.geosolutions.geostore.core.model.Resource;
import it.geosolutions.geostore.core.model.SecurityRule;
import it.geosolutions.geostore.core.model.User;
import it.geosolutions.geostore.core.model.UserGroup;
import it.geosolutions.geostore.core.model.UserGroupAttribute;
import it.geosolutions.geostore.core.model.enums.GroupReservedNames;
import it.geosolutions.geostore.core.model.enums.Role;
import it.geosolutions.geostore.services.dto.ShortResource;
import it.geosolutions.geostore.services.exception.BadRequestServiceEx;
import it.geosolutions.geostore.services.exception.NotFoundServiceEx;
import it.geosolutions.geostore.services.exception.ReservedUserGroupNameEx;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.lang.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:it/geosolutions/geostore/services/UserGroupServiceImpl.class */
public class UserGroupServiceImpl implements UserGroupService {
    private static final Logger LOGGER = LogManager.getLogger(UserGroupServiceImpl.class);
    private UserGroupDAO userGroupDAO;
    private UserDAO userDAO;
    private ResourceDAO resourceDAO;
    private SecurityDAO securityDAO;
    private UserGroupAttributeDAO userGroupAttributeDAO;

    public void setUserGroupDAO(UserGroupDAO userGroupDAO) {
        this.userGroupDAO = userGroupDAO;
    }

    public void setUserDAO(UserDAO userDAO) {
        this.userDAO = userDAO;
    }

    public void setResourceDAO(ResourceDAO resourceDAO) {
        this.resourceDAO = resourceDAO;
    }

    public void setSecurityDAO(SecurityDAO securityDAO) {
        this.securityDAO = securityDAO;
    }

    public void setUserGroupAttributeDAO(UserGroupAttributeDAO userGroupAttributeDAO) {
        this.userGroupAttributeDAO = userGroupAttributeDAO;
    }

    public long insert(UserGroup userGroup) throws BadRequestServiceEx {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Persisting UserGroup... ");
        }
        if (userGroup == null || StringUtils.isEmpty(userGroup.getGroupName())) {
            throw new BadRequestServiceEx("The provided UserGroup instance is null or group Name is not specified!");
        }
        if (!GroupReservedNames.isAllowedName(userGroup.getGroupName())) {
            throw new ReservedUserGroupNameEx("The usergroup name you try to save: '" + userGroup.getGroupName() + "' is a reserved name!");
        }
        userGroup.setGroupName(userGroup.getGroupName());
        this.userGroupDAO.persist(new UserGroup[]{userGroup});
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("UserGroup '" + userGroup.getGroupName() + "' persisted!");
        }
        List<UserGroupAttribute> attributes = userGroup.getAttributes();
        if (attributes != null && !attributes.isEmpty()) {
            for (UserGroupAttribute userGroupAttribute : attributes) {
                userGroupAttribute.setUserGroup(userGroup);
                this.userGroupAttributeDAO.persist(new UserGroupAttribute[]{userGroupAttribute});
            }
        }
        return userGroup.getId().longValue();
    }

    public boolean delete(long j) throws NotFoundServiceEx, BadRequestServiceEx {
        UserGroup userGroup = (UserGroup) this.userGroupDAO.find(Long.valueOf(j));
        if (userGroup == null) {
            LOGGER.error("Can't find usergroup with id '" + j + "'");
            throw new NotFoundServiceEx("Can't find usergroup with id '" + j + "'");
        }
        if (!GroupReservedNames.isAllowedName(userGroup.getGroupName())) {
            throw new BadRequestServiceEx("Delete a special usergroup ('" + userGroup.getGroupName() + "' in this case) isn't possible");
        }
        for (User user : getUsersByGroup(j)) {
            user.removeGroup(j);
            this.userDAO.merge(user);
        }
        this.userGroupDAO.remove(userGroup);
        return true;
    }

    private Collection<User> getUsersByGroup(long j) {
        Search search = new Search(User.class);
        search.addFilterSome("groups", Filter.equal("id", Long.valueOf(j)));
        return this.userDAO.search(search);
    }

    public void assignUserGroup(long j, long j2) throws NotFoundServiceEx {
        UserGroup userGroup = (UserGroup) this.userGroupDAO.find(Long.valueOf(j2));
        User user = (User) this.userDAO.find(Long.valueOf(j));
        if (userGroup == null || user == null) {
            throw new NotFoundServiceEx("The userGroup or the user you provide doesn't exist");
        }
        if (!GroupReservedNames.isAllowedName(userGroup.getGroupName())) {
            throw new NotFoundServiceEx("You can't re-assign the group EVERYONE or any other reserved groups...");
        }
        if (user.getGroups() == null) {
            HashSet hashSet = new HashSet();
            hashSet.add(userGroup);
            user.setGroups(hashSet);
        } else {
            user.getGroups().add(userGroup);
        }
        this.userDAO.merge(user);
    }

    public void deassignUserGroup(long j, long j2) throws NotFoundServiceEx {
        UserGroup userGroup = (UserGroup) this.userGroupDAO.find(Long.valueOf(j2));
        if (!GroupReservedNames.isAllowedName(userGroup.getGroupName())) {
            throw new NotFoundServiceEx("You can't remove the group EVERYONE or any other reserved groups from the users group list...");
        }
        User user = (User) this.userDAO.find(Long.valueOf(j));
        if (userGroup == null || user == null) {
            throw new NotFoundServiceEx("The userGroup or the user you provide doesn't exist");
        }
        if (user.removeGroup(j2)) {
            this.userDAO.merge(user);
        }
    }

    public List<UserGroup> getAllAllowed(User user, Integer num, Integer num2, String str, boolean z) throws BadRequestServiceEx {
        if (user == null) {
            throw new BadRequestServiceEx("User must be defined.");
        }
        Search createGetAllSearchCriteria = createGetAllSearchCriteria(num, num2, str, z);
        if (user.getRole() == Role.USER) {
            Set groups = user.getGroups();
            ArrayList arrayList = new ArrayList(groups.size());
            Iterator it2 = groups.iterator();
            while (it2.hasNext()) {
                arrayList.add(((UserGroup) it2.next()).getId());
            }
            createGetAllSearchCriteria.addFilterIn("id", arrayList);
        }
        return remapWithoutAttributes(this.userGroupDAO.search(createGetAllSearchCriteria));
    }

    public List<UserGroup> getAll(Integer num, Integer num2) throws BadRequestServiceEx {
        return getAll(num, num2, null, true);
    }

    public List<UserGroup> getAll(Integer num, Integer num2, String str, boolean z) throws BadRequestServiceEx {
        return remapWithoutAttributes(this.userGroupDAO.search(createGetAllSearchCriteria(num, num2, str, z)));
    }

    private Search createGetAllSearchCriteria(Integer num, Integer num2, String str, boolean z) throws BadRequestServiceEx {
        if ((num != null && num2 == null) || (num == null && num2 != null)) {
            throw new BadRequestServiceEx("Page and entries params should be declared together.");
        }
        Search search = new Search(UserGroup.class);
        search.addSortAsc("groupName");
        if (num != null) {
            search.setMaxResults(num2.intValue());
            search.setPage(num.intValue());
        }
        if (str != null) {
            search.addFilterILike("groupName", str);
        }
        if (!z) {
            search.addFilterNotEqual("groupName", GroupReservedNames.EVERYONE.groupName());
        }
        return search;
    }

    public List<ShortResource> updateSecurityRules(Long l, List<Long> list, boolean z, boolean z2) throws NotFoundServiceEx, BadRequestServiceEx {
        ArrayList arrayList = new ArrayList();
        UserGroup userGroup = (UserGroup) this.userGroupDAO.find(l);
        if (userGroup == null) {
            throw new NotFoundServiceEx("The usergroup id you provide doesn't exist!");
        }
        if (userGroup.getGroupName().equals(GroupReservedNames.EVERYONE.groupName()) && (!z || z2)) {
            LOGGER.error("You are trying to assign to a resource the following permissions for the group EVERYONE: [canRead='" + z + "',canWrite'" + z2 + "'] but...");
            LOGGER.error("...the group EVERYONE can be set only in this way: [canRead='true',canWrite='false'] .");
            throw new BadRequestServiceEx("GroupEveryone cannot be set with this grants [canRead='" + z + "',canWrite'" + z2 + "']");
        }
        for (Resource resource : this.resourceDAO.findResources(list)) {
            SecurityRule ruleForGroup = getRuleForGroup(resource.getSecurity(), userGroup);
            if (ruleForGroup == null) {
                SecurityRule securityRule = new SecurityRule();
                securityRule.setCanRead(z);
                securityRule.setCanWrite(z2);
                securityRule.setGroup(userGroup);
                securityRule.setResource(resource);
                this.securityDAO.persist(new SecurityRule[]{securityRule});
                resource.getSecurity().add(securityRule);
                ShortResource shortResource = new ShortResource(resource);
                shortResource.setCanDelete(z2);
                shortResource.setCanEdit(z2);
                arrayList.add(shortResource);
            } else {
                ruleForGroup.setCanRead(z);
                ruleForGroup.setCanWrite(z2);
                this.securityDAO.merge(ruleForGroup);
                ShortResource shortResource2 = new ShortResource(resource);
                shortResource2.setCanDelete(z2);
                shortResource2.setCanEdit(z2);
                arrayList.add(shortResource2);
            }
        }
        return arrayList;
    }

    private SecurityRule getRuleForGroup(List<SecurityRule> list, UserGroup userGroup) {
        for (SecurityRule securityRule : list) {
            if (securityRule.getGroup() != null && securityRule.getGroup().getGroupName() != null && securityRule.getGroup().getGroupName().equals(userGroup.getGroupName())) {
                return securityRule;
            }
        }
        return null;
    }

    public boolean insertSpecialUsersGroups() {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Persisting Reserved UsersGroup... ");
        }
        UserGroup userGroup = new UserGroup();
        userGroup.setGroupName(GroupReservedNames.EVERYONE.groupName());
        this.userGroupDAO.persist(new UserGroup[]{userGroup});
        if (!LOGGER.isDebugEnabled()) {
            return true;
        }
        LOGGER.debug("Special UserGroup '" + userGroup.getGroupName() + "' persisted!");
        return true;
    }

    public boolean removeSpecialUsersGroups() {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Removing Reserved UsersGroup... ");
        }
        Search search = new Search();
        search.addFilterEqual("groupName", GroupReservedNames.EVERYONE.groupName());
        List search2 = this.userGroupDAO.search(search);
        if (search2.size() != 1) {
            return false;
        }
        UserGroup userGroup = (UserGroup) search2.get(0);
        boolean removeById = this.userGroupDAO.removeById(userGroup.getId());
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Special UserGroup '" + userGroup.getGroupName() + "' removed!");
        }
        return removeById;
    }

    public UserGroup get(long j) throws BadRequestServiceEx {
        return (UserGroup) this.userGroupDAO.find(Long.valueOf(j));
    }

    public UserGroup get(String str) {
        return this.userGroupDAO.findByName(str);
    }

    public long getCount(String str, boolean z) throws BadRequestServiceEx {
        return this.userGroupDAO.count(createCountSearchCriteria(str, z));
    }

    public long getCount(User user, String str, boolean z) throws BadRequestServiceEx {
        if (user == null) {
            throw new BadRequestServiceEx("User must be defined.");
        }
        Search createCountSearchCriteria = createCountSearchCriteria(str, z);
        if (user.getRole() == Role.USER) {
            Set groups = user.getGroups();
            ArrayList arrayList = new ArrayList();
            Iterator it2 = groups.iterator();
            while (it2.hasNext()) {
                arrayList.add(((UserGroup) it2.next()).getId());
            }
            createCountSearchCriteria.addFilterIn("id", arrayList);
        }
        return this.userGroupDAO.count(createCountSearchCriteria);
    }

    private Search createCountSearchCriteria(String str, boolean z) {
        Search search = new Search(UserGroup.class);
        if (str != null) {
            search.addFilterILike("groupName", str);
        }
        if (!z) {
            search.addFilterNotEqual("groupName", GroupReservedNames.EVERYONE.groupName());
        }
        return search;
    }

    public void updateAttributes(long j, List<UserGroupAttribute> list) throws NotFoundServiceEx {
        UserGroup userGroup = (UserGroup) this.userGroupDAO.find(Long.valueOf(j));
        if (userGroup == null) {
            throw new NotFoundServiceEx("User not found " + j);
        }
        List attributes = userGroup.getAttributes();
        if (attributes != null) {
            Iterator it2 = attributes.iterator();
            while (it2.hasNext()) {
                this.userGroupAttributeDAO.removeById(((UserGroupAttribute) it2.next()).getId());
            }
        }
        for (UserGroupAttribute userGroupAttribute : list) {
            userGroupAttribute.setUserGroup(userGroup);
            this.userGroupAttributeDAO.persist(new UserGroupAttribute[]{userGroupAttribute});
        }
    }

    public long update(UserGroup userGroup) throws NotFoundServiceEx, BadRequestServiceEx {
        UserGroup userGroup2 = get(userGroup.getId().longValue());
        if (userGroup2 == null) {
            userGroup2 = get(userGroup.getGroupName());
        }
        userGroup.setId(userGroup2.getId());
        this.userGroupDAO.merge(userGroup);
        return userGroup2.getId().longValue();
    }

    public Collection<UserGroup> findByAttribute(String str, List<String> list, boolean z) {
        Search search = new Search(UserGroupAttribute.class);
        if (z) {
            search.addFilterILike("name", str);
        } else {
            search.addFilterEqual("name", str);
        }
        if (list.size() > 1) {
            search.addFilterIn("value", list);
        } else {
            search.addFilterEqual("value", list.get(0));
        }
        search.addFetch("userGroup");
        return (Collection) this.userGroupAttributeDAO.search(search).stream().map(userGroupAttribute -> {
            return userGroupAttribute.getUserGroup();
        }).filter(userGroup -> {
            return userGroup != null;
        }).collect(Collectors.toSet());
    }

    private List<UserGroup> remapWithoutAttributes(Collection<UserGroup> collection) {
        ArrayList arrayList = new ArrayList(collection.size());
        for (UserGroup userGroup : collection) {
            UserGroup userGroup2 = new UserGroup();
            userGroup2.setId(userGroup.getId());
            userGroup2.setGroupName(userGroup.getGroupName());
            userGroup2.setDescription(userGroup.getDescription());
            userGroup2.setEnabled(userGroup.isEnabled());
            arrayList.add(userGroup2);
        }
        return arrayList;
    }
}
