package controllers.api.approval;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.nazdaq.core.exceptions.ApprovalException;
import com.nazdaq.core.helpers.RequestHelper;
import com.nazdaq.noms.acls.ACLNoPermissionException;
import com.nazdaq.noms.app.auth.action.Authentication;
import com.nazdaq.noms.app.auth.action.ResponseType;
import com.nazdaq.noms.app.dbcon.DBConnectionLoader;
import com.nazdaq.noms.app.globals.APIGlobal;
import com.nazdaq.noms.engine.approval.ApprovalActions;
import java.util.Iterator;
import javax.inject.Inject;
import models.acl.defines.ACLSubject;
import models.approval.ApprovalDocument;
import models.approval.ApprovalPermission;
import models.users.User;
import play.Logger;
import play.i18n.MessagesApi;
import play.libs.Json;
import play.mvc.Http;
import play.mvc.Result;

/* loaded from: input_file:controllers/api/approval/ApprovalActsAPI.class */
public class ApprovalActsAPI extends APIGlobal {
    private static final Logger.ALogger logger = Logger.of(ApprovalActsAPI.class);
    public static String NAME = "ApprovalActsAPI";
    public final DBConnectionLoader dbLoader;

    @Inject
    public ApprovalActsAPI(MessagesApi messagesApi, DBConnectionLoader dBConnectionLoader) {
        super(messagesApi);
        this.dbLoader = dBConnectionLoader;
    }

    @Authentication(response = ResponseType.JSON)
    public Result releaseAll(Http.Request request) {
        ObjectNode newObject = Json.newObject();
        try {
            if (!hasApproval()) {
                throw new Exception("You don't have a valid license for approval!");
            }
            JsonNode asJson = request.body().asJson();
            if (asJson == null) {
                return response(request, false, NAME, "Expecting Json data", newObject, "INPUT");
            }
            JsonNode jsonNode = asJson.get("docs");
            String baseURL = RequestHelper.getBaseURL(request);
            if (jsonNode.isEmpty()) {
                throw new Exception("No documents found in array!");
            }
            int i = 0;
            Iterator elements = jsonNode.elements();
            while (elements.hasNext()) {
                long asLong = ((JsonNode) elements.next()).get("apid").asLong();
                ApprovalDocument approvalDocument = ApprovalDocument.getbyid(asLong);
                if (approvalDocument == null) {
                    throw new Exception("The document id: " + asLong + ", doesn't found in the system!");
                }
                if (hasPermission(request, getCurrentUser(request), approvalDocument, "Release".toLowerCase())) {
                    new ApprovalActions(this.dbLoader, approvalDocument, "", getCurrentUser(request), baseURL).releaseDoc();
                    i++;
                }
            }
            return response(request, true, NAME, "Approval Released a total of " + i + " documents.", newObject, "noerr");
        } catch (Exception e) {
            logger.error("Failed while releasing all!", e);
            return response(request, false, NAME, "Failed while releasing all!", newObject, "INPUT", e);
        }
    }

    @Authentication(response = ResponseType.JSON)
    public Result perform(Http.Request request, Long l, String str) {
        ObjectNode newObject = Json.newObject();
        try {
            if (!hasApproval()) {
                throw new Exception("You don't have a valid license for approval!");
            }
            ApprovalDocument approvalDocument = ApprovalDocument.getbyid(l.longValue());
            if (approvalDocument == null) {
                return response(request, false, NAME, "Can't find Approval Status!", newObject, "UNKNOWN");
            }
            if (approvalDocument.isDeleted()) {
                logger.error("Documentid '" + l + "' already removed from system!");
                return response(request, false, NAME, "Approval Document '" + l + "' was removed from system!", newObject, "UNKNOWN");
            }
            if (!hasPermission(request, getCurrentUser(request), approvalDocument, str)) {
                throw new Exception("No permission, for an unknown reason.");
            }
            ApprovalActions approvalActions = new ApprovalActions(this.dbLoader, approvalDocument, RequestHelper.hasParam(request, "remarks") ? RequestHelper.getParamString(request, "remarks") : "", getCurrentUser(request), RequestHelper.getBaseURL(request));
            if (str.equals("Approve".toLowerCase())) {
                approvalActions.approveDoc();
            } else if (str.equals("Deny".toLowerCase())) {
                approvalActions.denyDoc();
            } else if (str.equals("Release".toLowerCase())) {
                approvalActions.releaseDoc();
            } else {
                if (!str.equals("Void".toLowerCase())) {
                    throw new Exception("Unknown action '" + str + "'!");
                }
                approvalActions.voidDoc();
            }
            return response(request, true, NAME, "Approval Action '" + str + "' performed on document: " + approvalDocument.getDocId(), newObject, "noerr");
        } catch (Exception e) {
            logger.error("Failed while performing action: " + str + ", on apid: " + l + " Error: " + e.getMessage(), e);
            return response(request, false, NAME, "Action: " + str + " Failed on apid: " + l + ", Error: " + e.getMessage(), newObject, "INPUT", e);
        } catch (ApprovalException e2) {
            logger.error("Failed while performing action: " + str + ", on apid: " + l + ", Permission: " + e2.getMessage(), e2);
            return response(request, false, NAME, "Failed while performing action: " + str + ", on apid: " + l, newObject, "INPUT", e2);
        }
    }

    private boolean hasPermission(Http.Request request, User user, ApprovalDocument approvalDocument, String str) throws ApprovalException, ACLNoPermissionException {
        if (!str.equals("Void".toLowerCase())) {
            return new ApprovalPermission().hasPermission(user, approvalDocument, str);
        }
        if (permSystemCheck(request, ACLSubject.APPROVAL_VOID, true)) {
            return true;
        }
        throw new ApprovalException("You don't have permission to void this document: " + approvalDocument.getDocId());
    }
}
