package org.apache.syncope.core.logic;

import java.lang.reflect.Method;
import java.util.List;
import org.apache.commons.io.output.NullOutputStream;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.syncope.common.lib.SyncopeClientException;
import org.apache.syncope.common.lib.patch.UserPatch;
import org.apache.syncope.common.lib.to.UserRequest;
import org.apache.syncope.common.lib.to.UserRequestForm;
import org.apache.syncope.common.lib.to.UserTO;
import org.apache.syncope.common.lib.types.BpmnProcessFormat;
import org.apache.syncope.common.lib.types.ClientExceptionType;
import org.apache.syncope.core.flowable.api.BpmnProcessManager;
import org.apache.syncope.core.flowable.api.UserRequestHandler;
import org.apache.syncope.core.persistence.api.dao.NotFoundException;
import org.apache.syncope.core.persistence.api.dao.UserDAO;
import org.apache.syncope.core.persistence.api.dao.search.OrderByClause;
import org.apache.syncope.core.persistence.api.entity.user.User;
import org.apache.syncope.core.provisioning.api.WorkflowResult;
import org.apache.syncope.core.provisioning.api.data.UserDataBinder;
import org.apache.syncope.core.provisioning.api.propagation.PropagationManager;
import org.apache.syncope.core.provisioning.api.propagation.PropagationTaskExecutor;
import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.flowable.engine.runtime.ProcessInstance;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;

@Component
/* loaded from: input_file:org/apache/syncope/core/logic/UserRequestLogic.class */
public class UserRequestLogic extends AbstractTransactionalLogic<UserRequestForm> {

    @Autowired
    protected BpmnProcessManager bpmnProcessManager;

    @Autowired
    protected UserRequestHandler userRequestHandler;

    @Autowired
    protected PropagationManager propagationManager;

    @Autowired
    protected PropagationTaskExecutor taskExecutor;

    @Autowired
    protected UserDataBinder binder;

    @Autowired
    protected UserDAO userDAO;

    @Transactional(readOnly = true)
    @PreAuthorize("isAuthenticated()")
    public Pair<Integer, List<UserRequest>> list(String str, int i, int i2, List<OrderByClause> list) {
        if (str == null) {
            securityChecks(null, "USER_REQUEST_LIST", "Listing user requests not allowed");
        } else {
            User find = this.userDAO.find(str);
            if (find == null) {
                throw new NotFoundException("User " + str);
            }
            securityChecks(find.getUsername(), "USER_REQUEST_LIST", "Listing requests for user" + find.getUsername() + " not allowed");
        }
        return this.userRequestHandler.getUserRequests(str, i, i2, list);
    }

    protected UserRequest doStart(String str, User user) {
        this.bpmnProcessManager.exportProcess(str, BpmnProcessFormat.XML, new NullOutputStream());
        return this.userRequestHandler.start(str, user);
    }

    @PreAuthorize("isAuthenticated()")
    public UserRequest start(String str) {
        return doStart(str, this.userDAO.findByUsername(AuthContextUtils.getUsername()));
    }

    @PreAuthorize("hasRole('USER_REQUEST_START')")
    public UserRequest start(String str, String str2) {
        return doStart(str, (User) this.userDAO.authFind(str2));
    }

    protected void securityChecks(String str, String str2, String str3) {
        if (AuthContextUtils.getUsername().equals(str) || AuthContextUtils.getAuthorities().stream().anyMatch(syncopeGrantedAuthority -> {
            return str2.equals(syncopeGrantedAuthority.getAuthority());
        })) {
            return;
        }
        SyncopeClientException build = SyncopeClientException.build(ClientExceptionType.DelegatedAdministration);
        build.getElements().add(str3);
        throw build;
    }

    @PreAuthorize("isAuthenticated()")
    public void cancel(String str, String str2) {
        Pair parse = this.userRequestHandler.parse(str);
        securityChecks(this.userDAO.find((String) parse.getRight()).getUsername(), "USER_REQUEST_CANCEL", "Canceling " + str + " not allowed");
        this.userRequestHandler.cancel((ProcessInstance) parse.getLeft(), str2);
    }

    @PreAuthorize("isAuthenticated()")
    public UserRequestForm claimForm(String str) {
        UserRequestForm claimForm = this.userRequestHandler.claimForm(str);
        securityChecks(claimForm.getUsername(), "USER_REQUEST_FORM_CLAIM", "Claiming form " + str + " not allowed");
        return claimForm;
    }

    @Transactional(readOnly = true)
    @PreAuthorize("isAuthenticated()")
    public Pair<Integer, List<UserRequestForm>> getForms(String str, int i, int i2, List<OrderByClause> list) {
        if (str == null) {
            securityChecks(null, "USER_REQUEST_FORM_LIST", "Listing forms not allowed");
        } else {
            User find = this.userDAO.find(str);
            if (find == null) {
                throw new NotFoundException("User " + str);
            }
            securityChecks(find.getUsername(), "USER_REQUEST_FORM_LIST", "Listing forms for user" + find.getUsername() + " not allowed");
        }
        return this.userRequestHandler.getForms(str, i, i2, list);
    }

    @PreAuthorize("isAuthenticated()")
    public UserTO submitForm(UserRequestForm userRequestForm) {
        UserTO userTO;
        if (userRequestForm.getUsername() == null) {
            securityChecks(null, "USER_REQUEST_FORM_SUBMIT", "Submitting forms not allowed");
        } else {
            securityChecks(userRequestForm.getUsername(), "USER_REQUEST_FORM_SUBMIT", "Submitting forms for user" + userRequestForm.getUsername() + " not allowed");
        }
        WorkflowResult submitForm = this.userRequestHandler.submitForm(userRequestForm);
        if (submitForm.getPropByRes() != null && !submitForm.getPropByRes().isEmpty()) {
            this.taskExecutor.execute(this.propagationManager.getUserUpdateTasks(new WorkflowResult(Pair.of(submitForm.getResult(), Boolean.TRUE), submitForm.getPropByRes(), submitForm.getPerformedTasks())), false);
        }
        if (this.userDAO.find(((UserPatch) submitForm.getResult()).getKey()) == null) {
            userTO = new UserTO();
            userTO.setKey(((UserPatch) submitForm.getResult()).getKey());
        } else {
            userTO = this.binder.getUserTO(((UserPatch) submitForm.getResult()).getKey());
        }
        return userTO;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: resolveReference, reason: merged with bridge method [inline-methods] */
    public UserRequestForm m1resolveReference(Method method, Object... objArr) throws UnresolvedReferenceException {
        throw new UnresolvedReferenceException();
    }
}
