package com.nazdaq.noms.acls;

import com.nazdaq.core.helpers.TextHelper;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import models.Company;
import models.acl.ACLContainer;
import models.acl.ACLMapper;
import models.acl.ACLPermission;
import models.acl.UserGroup;
import models.acl.defines.ACLObjectType;
import models.acl.defines.ACLPermType;
import models.acl.defines.ACLSubject;
import models.reports.Report;
import models.system.InputServer;
import models.system.db.DBConnection;
import models.system.db.DBSchema;
import models.users.User;
import org.jetbrains.annotations.Contract;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/nazdaq/noms/acls/ACLPermissionCreator.class */
public class ACLPermissionCreator {
    private static final Logger log = LoggerFactory.getLogger(ACLPermissionCreator.class);

    public static void createSystemPermission(User user, UserGroup userGroup, boolean z) {
        ACLObjectType aCLObjectType = ACLObjectType.SYSTEM;
        ACLContainer systemDefault = ACLContainer.getSystemDefault();
        if (z) {
            log.info("ACLContainer - Creating system default permissions ...");
            if (systemDefault == null) {
                systemDefault = new ACLContainer(user, aCLObjectType, 0, "System Permission");
                systemDefault.setCreatedBy(user);
                systemDefault.save();
                log.info("Created system ACL: {}", systemDefault);
            }
            for (ACLSubject aCLSubject : aCLObjectType.getSubjects(true, true)) {
                if (!aCLSubject.equals(ACLSubject.B2DATA_DEV)) {
                    ACLPermission aCLPermission = new ACLPermission(systemDefault, userGroup, aCLSubject, ACLPermType.ALLOW, true);
                    aCLPermission.save();
                    log.debug("- Created perm: {}", aCLPermission);
                }
            }
            systemDefault.save();
            log.info("Finished creating system default permissions: {}.", systemDefault);
            systemDefault.refresh();
            ACLRebuildCacheExecutor.reBuildCache(1, 1, systemDefault, null, null);
        }
    }

    public static void rebuildMissing(UserGroup userGroup) throws InterruptedException {
        long startTime = TextHelper.startTime();
        log.info("Rebuilding missing subjects ...");
        for (ACLObjectType aCLObjectType : ACLObjectType.nonDeprecatedValues()) {
            for (ACLSubject aCLSubject : aCLObjectType.getSubjects(false, true)) {
                if (!aCLSubject.equals(ACLSubject.B2DATA_DEV)) {
                    addPermissionToAType(aCLObjectType, aCLSubject, userGroup, true, false);
                }
            }
        }
        ACLRebuildCacheExecutor.rebuildAllCached();
        ACLPermissionCheck.cleanUp();
        log.info("Finished rebuilding. (Took: {}).", TextHelper.endTime(startTime));
    }

    @NotNull
    private static ACLContainer createInheritedFrom(ACLContainer aCLContainer, @NotNull ACLObjectType aCLObjectType, int i, String str, User user) {
        log.info("Creating ACL for type {} ObjectId {}, Inherit from: {} ...", new Object[]{aCLObjectType.getValue(), Integer.valueOf(i), aCLContainer});
        ACLContainer aCLContainer2 = new ACLContainer(user, aCLObjectType, i, str);
        aCLContainer2.setCreatedBy(user);
        aCLContainer2.save();
        for (ACLSubject aCLSubject : aCLObjectType.getSubjects(true, true)) {
            boolean z = false;
            for (ACLPermission aCLPermission : aCLContainer.getPermissions()) {
                if (aCLPermission.getSubject().equals(aCLSubject)) {
                    ACLPermission aCLPermission2 = new ACLPermission(aCLContainer2, aCLPermission);
                    aCLPermission2.save();
                    if (aCLPermission2.getUser() != null && aCLPermission2.getUser().getId() == user.getId()) {
                        z = true;
                    }
                    if (aCLPermission2.getGroup() != null && aCLPermission2.getGroup().isAdmin() && user.inAdminGroup()) {
                        z = true;
                        log.debug("- Skipping adding admin to {} ", aCLPermission2);
                    }
                    aCLContainer2.getPermissions().add(aCLPermission2);
                    log.debug("- Adding subject {} ", aCLPermission);
                }
            }
            if (!z) {
                ACLPermission aCLPermission3 = new ACLPermission(aCLContainer2, user, aCLSubject, ACLPermType.ALLOW);
                aCLPermission3.save();
                aCLContainer2.getPermissions().add(aCLPermission3);
                log.debug("- Adding subject {} ", aCLPermission3);
            }
        }
        aCLContainer2.save();
        log.info("Finished Created ACL {}", aCLContainer2.getId());
        return aCLContainer2;
    }

    public static boolean addNewPermissionSubject(ACLObjectType aCLObjectType, ACLSubject aCLSubject, UserGroup userGroup, boolean z) {
        if (z && aCLObjectType.getParent() != null) {
            addNewPermissionSubject(aCLObjectType.getParent(), aCLSubject, userGroup, true);
        }
        List<ACLContainer> allByType = ACLContainer.getAllByType(aCLObjectType);
        int i = 0;
        int i2 = 0;
        for (ACLContainer aCLContainer : allByType) {
            if (aCLContainer.getPermissionsBySubject(aCLSubject).size() == 0) {
                i2++;
                ACLPermission aCLPermission = new ACLPermission(aCLContainer, userGroup, aCLSubject, ACLPermType.ALLOW, true);
                aCLPermission.save();
                aCLContainer.getPermissions().add(aCLPermission);
                ACLRebuildCacheExecutor.reBuildCache(i2, allByType.size(), aCLContainer, null, null);
                log.info("AddNewPermission {}.{} To: {} finished.", new Object[]{aCLObjectType.getValue(), aCLSubject.getValue(), aCLContainer});
                i++;
            }
        }
        log.info("Finished checking Subject {}.{}, (Total Added: {}).", new Object[]{aCLObjectType.getValue(), aCLSubject, Integer.valueOf(i)});
        return i > 0;
    }

    public static boolean addPermissionToAType(ACLObjectType aCLObjectType, ACLSubject aCLSubject, UserGroup userGroup, boolean z, boolean z2) {
        int i = 0;
        if (z && aCLObjectType.getParent() != null) {
            i = 0 + (addPermissionToAType(aCLObjectType.getParent(), aCLSubject, userGroup, true, z2) ? 1 : 0);
        }
        for (ACLContainer aCLContainer : ACLContainer.getAllByType(aCLObjectType)) {
            boolean z3 = false;
            Iterator<ACLPermission> it = aCLContainer.getPermissionsBySubject(aCLSubject).iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                ACLPermission next = it.next();
                if (next.getGroup() != null && next.getGroup().getId().equals(userGroup.getId())) {
                    z3 = true;
                    break;
                }
            }
            if (!z3) {
                ACLPermission aCLPermission = new ACLPermission(aCLContainer, userGroup, aCLSubject, ACLPermType.ALLOW, true);
                aCLPermission.save();
                aCLContainer.getPermissions().add(aCLPermission);
                if (z2) {
                    ACLRebuildCacheExecutor.reBuildCache(1, 1, aCLContainer, null, null);
                }
                log.debug("addPermissionToAType {}.{} To: {} finished.", new Object[]{aCLObjectType.getValue(), aCLSubject.getValue(), aCLContainer});
                i++;
            }
        }
        if (i <= 0) {
            return false;
        }
        log.debug("Finished addPermissionToAType Subject {}.{}, (Total Added: {}).", new Object[]{aCLObjectType.getValue(), aCLSubject, Integer.valueOf(i)});
        return true;
    }

    public static InputServer createInputServerPermission(@NotNull InputServer inputServer, User user) {
        ACLContainer aCLContainer = ACLContainer.getACLContainer(ACLObjectType.SYSTEM, 0);
        if (inputServer.getAcl() == null) {
            log.info("Creating ACL for input Server {} ...", inputServer.getHostname());
            ACLContainer createInheritedFrom = createInheritedFrom(aCLContainer, ACLObjectType.INPUTSERVER, inputServer.getCurrentObjectId(), inputServer.getName(), user);
            inputServer.setAcl(createInheritedFrom);
            inputServer.save();
            ACLRebuildCacheExecutor.reBuildCache(1, 1, createInheritedFrom, null, null);
            log.info("Finished Creating ACL for input Server {}, ACL: {} ...", inputServer.getHostname(), createInheritedFrom.getId());
        }
        return inputServer;
    }

    @Contract("_, _, _ -> param1")
    @NotNull
    public static Report createReportPermission(@NotNull Report report, User user, boolean z) {
        log.info("Creating ACL for report {} ...", report.getName());
        ACLContainer createInheritedFrom = createInheritedFrom(report.getInputServer().getAcl(), ACLObjectType.B2OUTPUT, report.getCurrentObjectId(), report.getName(), user);
        if (z) {
            ArrayList arrayList = new ArrayList();
            for (ACLPermission aCLPermission : createInheritedFrom.getPermissions()) {
                if (aCLPermission.getGroup() != null) {
                    if (aCLPermission.getGroup().isAdmin()) {
                        arrayList.add(aCLPermission);
                    } else if (aCLPermission.getGroup().isDemoGroup()) {
                        aCLPermission.setGroup(null);
                        aCLPermission.setUser(user);
                        arrayList.add(aCLPermission);
                    } else {
                        aCLPermission.delete();
                    }
                } else if (aCLPermission.getUser() == null || !aCLPermission.getUser().isMainAdmin()) {
                    aCLPermission.delete();
                } else {
                    arrayList.add(aCLPermission);
                }
            }
            createInheritedFrom.setPermissions(arrayList);
            createInheritedFrom.save();
            log.info("Saving acl container {} for report {}, with the demo permissions only", createInheritedFrom.getId(), report.getName());
        }
        report.setAcl(createInheritedFrom);
        report.save();
        ACLRebuildCacheExecutor.reBuildCache(1, 1, createInheritedFrom, null, null);
        ACLRebuildCacheExecutor.waitForActiveFinish();
        log.info("Finished Creating ACL for report {}, ACL: {} ...", report.getName(), createInheritedFrom.getId());
        return report;
    }

    public static void rebuildChildren(ACLObjectType aCLObjectType, int i, @NotNull ACLContainer aCLContainer, @NotNull ACLContainer aCLContainer2) {
        int i2 = 0;
        long startTime = TextHelper.startTime();
        log.info("Rebuilding the children of {} {}, From ACL: {} To: {}, Started ...", new Object[]{aCLObjectType, Integer.valueOf(i), aCLContainer.getId(), aCLContainer2.getId()});
        Iterator<ACLObjectType> it = aCLObjectType.getChildTypes(true).iterator();
        while (it.hasNext()) {
            i2 += updateForSpecificType(it.next(), aCLContainer, aCLContainer2);
        }
        log.info("Rebuilding the children of {} {}, From ACL: {} To: {}, Finished (Total: {}, Took: {})", new Object[]{aCLObjectType, Integer.valueOf(i), aCLContainer.getId(), aCLContainer2.getId(), Integer.valueOf(i2), TextHelper.endTime(startTime)});
    }

    private static int updateForSpecificType(@NotNull ACLObjectType aCLObjectType, ACLContainer aCLContainer, ACLContainer aCLContainer2) {
        if (aCLObjectType.equals(ACLObjectType.B2OUTPUT)) {
            return ACLMapper.updateAllACL(Report.class, aCLContainer, aCLContainer2);
        }
        if (aCLObjectType.equals(ACLObjectType.COMPANY)) {
            return ACLMapper.updateAllACL(Company.class, aCLContainer, aCLContainer2);
        }
        if (aCLObjectType.equals(ACLObjectType.DB)) {
            return ACLMapper.updateAllACL(DBConnection.class, aCLContainer, aCLContainer2);
        }
        if (aCLObjectType.equals(ACLObjectType.DBSCHEMA)) {
            return ACLMapper.updateAllACL(DBSchema.class, aCLContainer, aCLContainer2);
        }
        log.error("Missing type: " + aCLObjectType.getValue());
        return 0;
    }
}
