package org.apache.directory.fortress.core.impl;

import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.directory.fortress.core.FinderException;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.GlobalIds;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.ValidationException;
import org.apache.directory.fortress.core.model.AdminRole;
import org.apache.directory.fortress.core.model.OrgUnit;
import org.apache.directory.fortress.core.model.PermObj;
import org.apache.directory.fortress.core.model.Permission;
import org.apache.directory.fortress.core.model.PermissionAttribute;
import org.apache.directory.fortress.core.model.PermissionAttributeSet;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.model.Session;
import org.apache.directory.fortress.core.model.User;
import org.apache.directory.fortress.core.util.VUtil;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/apache/directory/fortress/core/impl/PermP.class */
public final class PermP {
    private PermDAO pDao = new PermDAO();
    private OrgUnitP orgUnitP = new OrgUnitP();

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean checkPermission(Session session, Permission permission) throws SecurityException {
        return this.pDao.checkPermission(session, permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<Permission> search(Permission permission) throws SecurityException {
        return this.pDao.findPermissions(permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<Permission> searchOperations(PermObj permObj) throws SecurityException {
        return this.pDao.findPermissionOperations(permObj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<Permission> searchAny(Permission permission) throws SecurityException {
        return this.pDao.findAnyPermissions(permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<PermObj> search(PermObj permObj) throws SecurityException {
        return this.pDao.findPermissions(permObj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<PermObj> search(OrgUnit orgUnit, boolean z) throws SecurityException {
        return this.pDao.findPermissions(orgUnit, z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<Permission> search(Role role, boolean z) throws SecurityException {
        return this.pDao.findPermissions(role, z);
    }

    List<Permission> search(Role role) throws SecurityException {
        return search(role, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<Permission> search(User user) throws SecurityException {
        return this.pDao.findPermissions(user);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void remove(User user) throws SecurityException {
        try {
            Iterator<Permission> it = this.pDao.findUserPermissions(user).iterator();
            while (it.hasNext()) {
                revoke(it.next(), user);
            }
        } catch (FinderException e) {
            throw new SecurityException(GlobalErrIds.PERM_BULK_USER_REVOKE_FAILED, "remove userId [" + user.getUserId() + "] caught FinderException=" + e, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void remove(Role role) throws SecurityException {
        try {
            Iterator<Permission> it = search(role).iterator();
            while (it.hasNext()) {
                revoke(it.next(), role);
            }
        } catch (FinderException e) {
            throw new SecurityException(GlobalErrIds.PERM_BULK_ROLE_REVOKE_FAILED, "remove role [" + role.getName() + "] caught FinderException=" + e, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void remove(AdminRole adminRole) throws SecurityException {
        try {
            for (Permission permission : search(adminRole)) {
                permission.setAdmin(true);
                revoke(permission, adminRole);
            }
        } catch (FinderException e) {
            throw new SecurityException(GlobalErrIds.PERM_BULK_ADMINROLE_REVOKE_FAILED, "remove admin role [" + adminRole.getName() + "] caught FinderException=" + e, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<Permission> search(Session session) throws SecurityException {
        return search(session, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<Permission> search(Session session, boolean z) throws SecurityException {
        return this.pDao.findPermissions(session, z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Permission read(Permission permission) throws SecurityException {
        return this.pDao.getPerm(permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermObj read(PermObj permObj) throws SecurityException {
        return this.pDao.getPerm(permObj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermissionAttributeSet read(PermissionAttributeSet permissionAttributeSet) throws SecurityException {
        return this.pDao.getPermAttributeSet(permissionAttributeSet);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermObj add(PermObj permObj) throws SecurityException {
        validate(permObj, false);
        return this.pDao.createObject(permObj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Permission add(Permission permission) throws SecurityException {
        validate(permission, false);
        return this.pDao.createOperation(permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermissionAttributeSet add(PermissionAttributeSet permissionAttributeSet) throws SecurityException {
        validate(permissionAttributeSet);
        return this.pDao.createPermissionAttributeSet(permissionAttributeSet);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermissionAttribute add(PermissionAttribute permissionAttribute, String str) throws SecurityException {
        validate(permissionAttribute);
        return this.pDao.createPermissionAttribute(permissionAttribute, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void delete(PermissionAttribute permissionAttribute, String str) throws SecurityException {
        validate(permissionAttribute);
        this.pDao.deletePermissionAttribute(permissionAttribute, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void update(PermissionAttribute permissionAttribute, String str, boolean z) throws SecurityException {
        validate(permissionAttribute);
        this.pDao.updatePermissionAttribute(permissionAttribute, str, z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermObj update(PermObj permObj) throws SecurityException {
        update(permObj, true);
        return permObj;
    }

    private PermObj update(PermObj permObj, boolean z) throws SecurityException {
        if (z) {
            validate(permObj, true);
        }
        return this.pDao.updateObj(permObj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Permission update(Permission permission) throws SecurityException {
        update(permission, true);
        return permission;
    }

    private Permission update(Permission permission, boolean z) throws SecurityException {
        if (z) {
            validate(permission, true);
        }
        return this.pDao.updateOperation(permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void delete(PermObj permObj) throws SecurityException {
        this.pDao.deleteObj(permObj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void delete(Permission permission) throws SecurityException {
        this.pDao.deleteOperation(permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void delete(PermissionAttributeSet permissionAttributeSet) throws SecurityException {
        this.pDao.deleteAttributeSet(permissionAttributeSet);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void grant(Permission permission, Role role) throws SecurityException {
        this.pDao.grant(permission, role);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void revoke(Permission permission, Role role) throws SecurityException {
        this.pDao.revoke(permission, role);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void grant(Permission permission, User user) throws SecurityException {
        this.pDao.grant(permission, user);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void revoke(Permission permission, User user) throws SecurityException {
        this.pDao.revoke(permission, user);
    }

    void validate(PermObj permObj, boolean z) throws ValidationException {
        if (z) {
            if (StringUtils.isNotEmpty(permObj.getOu())) {
                VUtil.orgUnit(permObj.getOu());
                OrgUnit orgUnit = new OrgUnit(permObj.getOu(), OrgUnit.Type.PERM);
                orgUnit.setContextId(permObj.getContextId());
                if (!this.orgUnitP.isValid(orgUnit)) {
                    throw new ValidationException(GlobalErrIds.PERM_OU_INVALID, "validate detected invalid orgUnit name [" + permObj.getOu() + "] for object name [" + permObj.getObjName() + "]");
                }
            }
            if (StringUtils.isNotEmpty(permObj.getDescription())) {
                VUtil.description(permObj.getDescription());
                return;
            }
            return;
        }
        VUtil.orgUnit(permObj.getOu());
        OrgUnit orgUnit2 = new OrgUnit(permObj.getOu(), OrgUnit.Type.PERM);
        orgUnit2.setContextId(permObj.getContextId());
        if (!this.orgUnitP.isValid(orgUnit2)) {
            throw new ValidationException(GlobalErrIds.PERM_OU_INVALID, "validate detected invalid orgUnit name [" + permObj.getOu() + "] for object name [" + permObj.getObjName() + "]");
        }
        if (StringUtils.isNotEmpty(permObj.getObjName())) {
            VUtil.description(permObj.getObjName());
        }
        if (StringUtils.isNotEmpty(permObj.getOu())) {
            VUtil.orgUnit(permObj.getOu());
        }
        if (StringUtils.isNotEmpty(permObj.getDescription())) {
            VUtil.description(permObj.getDescription());
        }
    }

    private void validate(Permission permission, boolean z) throws SecurityException {
        if (!z && permission.getOpName() != null && permission.getOpName().length() > 0) {
            VUtil.description(permission.getOpName());
        }
        if (StringUtils.isNotEmpty(permission.getType())) {
            VUtil.description(permission.getType());
        }
        if (StringUtils.isNotEmpty(permission.getDescription())) {
            VUtil.description(permission.getDescription());
        }
        if (CollectionUtils.isNotEmpty(permission.getRoles())) {
            Set<String> roles = permission.getRoles();
            if (permission.isAdmin()) {
                AdminRoleP adminRoleP = new AdminRoleP();
                Iterator<String> it = roles.iterator();
                while (it.hasNext()) {
                    AdminRole adminRole = new AdminRole(it.next());
                    adminRole.setContextId(permission.getContextId());
                    adminRoleP.read(adminRole);
                }
            } else {
                RoleP roleP = new RoleP();
                Iterator<String> it2 = roles.iterator();
                while (it2.hasNext()) {
                    Role role = new Role(it2.next());
                    role.setContextId(permission.getContextId());
                    roleP.readConstraints(role);
                }
            }
        }
        if (CollectionUtils.isNotEmpty(permission.getUsers())) {
            Set<String> users = permission.getUsers();
            UserP userP = new UserP();
            Iterator<String> it3 = users.iterator();
            while (it3.hasNext()) {
                User user = new User(it3.next());
                user.setContextId(permission.getContextId());
                userP.read(user, false);
            }
        }
        if (CollectionUtils.isNotEmpty(permission.getPaSets())) {
            Iterator<String> it4 = permission.getPaSets().iterator();
            while (it4.hasNext()) {
                validatePaSet(it4.next(), permission.getContextId());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void validatePaSet(String str, String str2) throws ValidationException {
        try {
            PermissionAttributeSet permissionAttributeSet = new PermissionAttributeSet(str);
            permissionAttributeSet.setContextId(str2);
            read(permissionAttributeSet);
            VUtil.safeText(str, GlobalIds.DESC_LEN);
        } catch (SecurityException e) {
            throw new ValidationException(GlobalErrIds.PERM_ATTRIBUTE_SET_NOT_FOUND, "validatePaSet - paSetName not found with name [" + str + "] caught SecurityException=" + e);
        }
    }

    private void validate(PermissionAttributeSet permissionAttributeSet) throws SecurityException {
        if (StringUtils.isNotEmpty(permissionAttributeSet.getType())) {
            VUtil.description(permissionAttributeSet.getType());
        }
        if (StringUtils.isNotEmpty(permissionAttributeSet.getDescription())) {
            VUtil.description(permissionAttributeSet.getDescription());
        }
    }

    private void validate(PermissionAttribute permissionAttribute) throws SecurityException {
        if (StringUtils.isNotEmpty(permissionAttribute.getAttributeName())) {
            VUtil.description(permissionAttribute.getAttributeName());
        }
        if (StringUtils.isNotEmpty(permissionAttribute.getDataType())) {
            VUtil.description(permissionAttribute.getDataType());
        }
        if (StringUtils.isNotEmpty(permissionAttribute.getDefaultOperator())) {
            VUtil.description(permissionAttribute.getDefaultOperator());
        }
        if (StringUtils.isNotEmpty(permissionAttribute.getDefaultStrategy())) {
            VUtil.description(permissionAttribute.getDefaultStrategy());
        }
        if (StringUtils.isNotEmpty(permissionAttribute.getDefaultValue())) {
            VUtil.description(permissionAttribute.getDefaultValue());
        }
        if (StringUtils.isNotEmpty(permissionAttribute.getDescription())) {
            VUtil.description(permissionAttribute.getDescription());
        }
    }
}
