package com.googlecode.fascinator.access.hibernate;

import com.googlecode.fascinator.api.PluginDescription;
import com.googlecode.fascinator.api.PluginException;
import com.googlecode.fascinator.api.access.AccessControl;
import com.googlecode.fascinator.api.access.AccessControlException;
import com.googlecode.fascinator.api.access.AccessControlSchema;
import com.googlecode.fascinator.common.JsonSimple;
import com.googlecode.fascinator.model.Role;
import com.googlecode.fascinator.model.User;
import com.googlecode.fascinator.model.service.HibernateAccessControlService;
import com.googlecode.fascinator.spring.ApplicationContextProvider;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/googlecode/fascinator/access/hibernate/HibernateAccessControl.class */
public class HibernateAccessControl implements AccessControl {
    private final Logger log = LoggerFactory.getLogger(HibernateAccessControl.class);
    private JsonSimple config;
    private HibernateAccessControlService hibernateService;

    public String getId() {
        return "hibernateAccessControl";
    }

    public String getName() {
        return "Hibernate Access Control Plugin";
    }

    public PluginDescription getPluginDetails() {
        return new PluginDescription(this);
    }

    public void init(File file) throws PluginException {
        try {
            setConfig(new JsonSimple(file));
        } catch (IOException e) {
            throw new AccessControlException(e);
        }
    }

    public void init(String str) throws PluginException {
        try {
            setConfig(new JsonSimple(str));
        } catch (IOException e) {
            throw new AccessControlException(e);
        }
    }

    private void setConfig(JsonSimple jsonSimple) throws AccessControlException {
        this.log.debug("Access control getting config...");
        this.config = jsonSimple;
        if (!ApplicationContextProvider.getApplicationContext().containsBean("hibernateAccessControlService")) {
            throw new AccessControlException("hibernateAccessControlService bean not available, please check your Spring configuration.");
        }
        this.hibernateService = (HibernateAccessControlService) ApplicationContextProvider.getApplicationContext().getBean("hibernateAccessControlService");
    }

    public void shutdown() throws PluginException {
        this.log.debug("Access control shutting down...");
    }

    public AccessControlSchema getEmptySchema() {
        return new HibernateAccessSchema();
    }

    public List<AccessControlSchema> getSchemas(String str) throws AccessControlException {
        this.log.debug("Getting schemas for:" + str);
        ArrayList arrayList = new ArrayList();
        try {
            List<Role> roles = this.hibernateService.getRoles(str);
            List<User> users = this.hibernateService.getUsers(str);
            if ((roles == null || roles.isEmpty()) && (users == null || users.isEmpty())) {
                return new ArrayList();
            }
            for (Role role : roles) {
                HibernateAccessSchema hibernateAccessSchema = new HibernateAccessSchema();
                hibernateAccessSchema.init(str);
                hibernateAccessSchema.set("role", role.getRole());
                arrayList.add(hibernateAccessSchema);
            }
            for (User user : users) {
                HibernateAccessSchema hibernateAccessSchema2 = new HibernateAccessSchema();
                hibernateAccessSchema2.init(str);
                hibernateAccessSchema2.set("user", user.getUsername());
                arrayList.add(hibernateAccessSchema2);
            }
            return arrayList;
        } catch (Exception e) {
            this.log.error("Error searching security database: ", e);
            throw new AccessControlException("Error searching security database");
        }
    }

    public void applySchema(AccessControlSchema accessControlSchema) throws AccessControlException {
        this.log.debug("Applying new schema...");
        String recordId = accessControlSchema.getRecordId();
        if (recordId == null || recordId.equals("")) {
            throw new AccessControlException("No record provided by schema.");
        }
        String str = accessControlSchema.get("role");
        if (str != null && !str.equals("")) {
            processRoleSchema(recordId, str);
            return;
        }
        String str2 = accessControlSchema.get("user");
        if (str2 == null || str2.equals("")) {
            this.log.error("Should have returned from applySchema:", accessControlSchema);
            throw new AccessControlException("No security role or user provided by schema.");
        }
        processUserSchema(recordId, str2);
    }

    private void processUserSchema(String str, String str2) throws AccessControlException {
        List<User> users = this.hibernateService.getUsers(str);
        Iterator<User> it = users.iterator();
        while (it.hasNext()) {
            if (it.next().getUsername().equalsIgnoreCase(str2)) {
                throw new AccessControlException("Duplicate! That user has already been applied to this record.");
            }
        }
        if (users.isEmpty()) {
            this.hibernateService.createOrGetRecord(str);
        }
        this.hibernateService.grantUserAccess(str, str2);
    }

    private void processRoleSchema(String str, String str2) throws AccessControlException {
        List<Role> roles = this.hibernateService.getRoles(str);
        Iterator<Role> it = roles.iterator();
        while (it.hasNext()) {
            if (it.next().getRole().equalsIgnoreCase(str2)) {
                throw new AccessControlException("Duplicate! That role has already been applied to this record.");
            }
        }
        if (roles.isEmpty()) {
            this.hibernateService.createOrGetRecord(str);
        }
        this.hibernateService.grantRoleAccess(str, str2);
    }

    public void removeSchema(AccessControlSchema accessControlSchema) throws AccessControlException {
        this.log.debug("Removing schema...");
        String recordId = accessControlSchema.getRecordId();
        if (StringUtils.isBlank(recordId)) {
            throw new AccessControlException("No record provided by schema.");
        }
        String str = accessControlSchema.get("role");
        if (!StringUtils.isBlank(str)) {
            removeRole(recordId, str);
            return;
        }
        String str2 = accessControlSchema.get("user");
        if (StringUtils.isBlank(str2)) {
            throw new AccessControlException("No security role/user provided by schema.");
        }
        removeUser(recordId, str2);
    }

    private void removeUser(String str, String str2) throws AccessControlException {
        User user = this.hibernateService.getUser(str, str2);
        if (user == null) {
            throw new AccessControlException("That user does not have access to this record.");
        }
        try {
            this.hibernateService.revokeUserAccess(user);
        } catch (Exception e) {
            this.log.error("Error updating security database: ", e);
            throw new AccessControlException("Error updating security database");
        }
    }

    private void removeRole(String str, String str2) throws AccessControlException {
        Role role = this.hibernateService.getRole(str, str2);
        if (role == null) {
            throw new AccessControlException("That role does not have access to this record.");
        }
        try {
            this.hibernateService.revokeRoleAccess(role);
        } catch (Exception e) {
            this.log.error("Error updating security database: ", e);
            throw new AccessControlException("Error updating security database");
        }
    }

    public List<String> getRoles(String str) throws AccessControlException {
        this.log.debug("Getting roles...");
        ArrayList arrayList = new ArrayList();
        Iterator<Role> it = this.hibernateService.getRoles(str).iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getRole());
        }
        return arrayList;
    }

    public List<String> getUsers(String str) throws AccessControlException {
        this.log.debug("Getting users...");
        ArrayList arrayList = new ArrayList();
        Iterator<User> it = this.hibernateService.getUsers(str).iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getUsername());
        }
        return arrayList;
    }

    public List<String> getPossibilities(String str) throws AccessControlException {
        throw new AccessControlException("Not supported by this plugin. Use any freetext role name.");
    }
}
