package com.atlassian.jira.permission;

import com.atlassian.core.ofbiz.association.AssociationManager;
import com.atlassian.core.ofbiz.util.EntityUtils;
import com.atlassian.core.util.map.EasyMap;
import com.atlassian.crowd.embedded.api.User;
import com.atlassian.jira.ManagerFactory;
import com.atlassian.jira.event.ClearCacheEvent;
import com.atlassian.jira.exception.DataAccessException;
import com.atlassian.jira.exception.RemoveException;
import com.atlassian.jira.imports.project.handler.ProjectIssueSecurityLevelMapperHandler;
import com.atlassian.jira.imports.project.parser.ProjectParser;
import com.atlassian.jira.jelly.tag.admin.GetAssociatedSchemes;
import com.atlassian.jira.ofbiz.OfBizDelegator;
import com.atlassian.jira.project.ProjectManager;
import com.atlassian.jira.scheme.AbstractSchemeManager;
import com.atlassian.jira.scheme.SchemeEntity;
import com.atlassian.jira.scheme.SchemeFactory;
import com.atlassian.jira.security.Permissions;
import com.atlassian.jira.security.groups.GroupManager;
import com.atlassian.jira.security.type.SecurityType;
import com.atlassian.jira.util.collect.MapBuilder;
import com.opensymphony.user.Group;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import org.apache.log4j.Logger;
import org.ofbiz.core.entity.EntityExpr;
import org.ofbiz.core.entity.EntityOperator;
import org.ofbiz.core.entity.EntityUtil;
import org.ofbiz.core.entity.GenericEntityException;
import org.ofbiz.core.entity.GenericValue;

/* loaded from: input_file:com/atlassian/jira/permission/DefaultPermissionSchemeManager.class */
public class DefaultPermissionSchemeManager extends AbstractSchemeManager implements PermissionSchemeManager {
    private static final Logger log = Logger.getLogger(DefaultPermissionSchemeManager.class);
    private static final String SCHEME_ENTITY_NAME = "PermissionScheme";
    private static final String PERMISSION_ENTITY_NAME = "SchemePermissions";
    private static final String SCHEME_DESC = "Permission";
    private static final String DEFAULT_NAME_KEY = "admin.schemes.permissions.default";
    private static final String DEFAULT_DESC_KEY = "admin.schemes.permissions.default.desc";
    private final ConcurrentMap<Long, List<GenericValue>> schemeEntityCache;
    private final PermissionTypeManager permissionTypeManager;
    private final PermissionContextFactory permissionContextFactory;
    private final OfBizDelegator delegator;

    public DefaultPermissionSchemeManager(ProjectManager projectManager, PermissionTypeManager permissionTypeManager, PermissionContextFactory permissionContextFactory, OfBizDelegator ofBizDelegator, SchemeFactory schemeFactory, AssociationManager associationManager, GroupManager groupManager) {
        super(projectManager, permissionTypeManager, permissionContextFactory, schemeFactory, associationManager, ofBizDelegator, groupManager);
        this.schemeEntityCache = new ConcurrentHashMap();
        this.permissionTypeManager = permissionTypeManager;
        this.permissionContextFactory = permissionContextFactory;
        this.delegator = ofBizDelegator;
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public void onClearCache(ClearCacheEvent clearCacheEvent) {
        super.onClearCache(clearCacheEvent);
        flushSchemeEntities();
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public String getSchemeEntityName() {
        return "PermissionScheme";
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public String getEntityName() {
        return PERMISSION_ENTITY_NAME;
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public String getSchemeDesc() {
        return SCHEME_DESC;
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public String getDefaultNameKey() {
        return DEFAULT_NAME_KEY;
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public String getDefaultDescriptionKey() {
        return DEFAULT_DESC_KEY;
    }

    public List<GenericValue> getEntities(GenericValue genericValue, Long l) throws GenericEntityException {
        List<GenericValue> entities = getEntities(genericValue);
        ArrayList arrayList = new ArrayList(entities.size());
        for (GenericValue genericValue2 : entities) {
            if (genericValue2.getLong(GetAssociatedSchemes.SCHEME_TYPE_PERMISSION).equals(l)) {
                arrayList.add(genericValue2);
            }
        }
        return arrayList;
    }

    public List<GenericValue> getEntities(GenericValue genericValue, Long l, String str) throws GenericEntityException {
        return EntityUtil.filterByAnd(getEntities(genericValue), MapBuilder.build(GetAssociatedSchemes.SCHEME_TYPE_PERMISSION, l, "parameter", str));
    }

    public List<GenericValue> getEntities(GenericValue genericValue, Long l, String str, String str2) throws GenericEntityException {
        return EntityUtil.filterByAnd(getEntities(genericValue), MapBuilder.build(GetAssociatedSchemes.SCHEME_TYPE_PERMISSION, l, "type", str, "parameter", str2));
    }

    public List<GenericValue> getEntities(GenericValue genericValue, String str, Long l) throws GenericEntityException {
        return EntityUtil.filterByAnd(getEntities(genericValue), MapBuilder.build(GetAssociatedSchemes.SCHEME_TYPE_PERMISSION, l, "type", str));
    }

    public List<GenericValue> getEntities(GenericValue genericValue, String str) throws GenericEntityException {
        throw new IllegalArgumentException("Permission scheme IDs must be Long values.");
    }

    public GenericValue createSchemeEntity(GenericValue genericValue, SchemeEntity schemeEntity) throws GenericEntityException {
        if (genericValue == null) {
            throw new IllegalArgumentException("Scheme passed must NOT be null");
        }
        if (!(schemeEntity.getEntityTypeId() instanceof Long) && !(schemeEntity.getEntityTypeId() instanceof Integer)) {
            throw new IllegalArgumentException("Permission scheme IDs must be long or int values, not:" + schemeEntity.getEntityTypeId().getClass());
        }
        if (schemeEntity.getType() == null) {
            throw new IllegalArgumentException("Type in SchemeEntity can NOT be null");
        }
        GenericValue createValue = EntityUtils.createValue(PERMISSION_ENTITY_NAME, MapBuilder.newBuilder(ProjectIssueSecurityLevelMapperHandler.ISSUE_SECURITY_LEVEL_SCHEME, genericValue.getLong("id")).add(GetAssociatedSchemes.SCHEME_TYPE_PERMISSION, schemeEntity.getEntityTypeId()).add("type", schemeEntity.getType()).add("parameter", schemeEntity.getParameter()).toMap());
        flushSchemeEntities();
        return createValue;
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public void deleteEntity(Long l) throws DataAccessException {
        super.deleteEntity(l);
        flushSchemeEntities();
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public GenericValue copySchemeEntity(GenericValue genericValue, GenericValue genericValue2) throws GenericEntityException {
        return createSchemeEntity(genericValue, new SchemeEntity(genericValue2.getString("type"), genericValue2.getString("parameter"), genericValue2.getLong(GetAssociatedSchemes.SCHEME_TYPE_PERMISSION)));
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public List<GenericValue> getEntities(GenericValue genericValue) throws GenericEntityException {
        Long schemeEntityCacheKey = getSchemeEntityCacheKey(genericValue);
        List<GenericValue> list = this.schemeEntityCache.get(schemeEntityCacheKey);
        if (list == null) {
            list = super.getEntities(genericValue);
            List<GenericValue> putIfAbsent = this.schemeEntityCache.putIfAbsent(schemeEntityCacheKey, list);
            if (putIfAbsent != null) {
                list = putIfAbsent;
            }
        }
        return new ArrayList(list);
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public boolean removeEntities(String str, String str2) throws RemoveException {
        boolean removeEntities = super.removeEntities(str, str2);
        flushSchemeEntities();
        return removeEntities;
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public boolean removeEntities(GenericValue genericValue, Long l) throws RemoveException {
        if (Permissions.isGlobalPermission(l.intValue())) {
            throw new IllegalArgumentException("PermissionId passed must not be a global permissions " + l.toString() + " is global");
        }
        boolean removeEntities = super.removeEntities(genericValue, l);
        flushSchemeEntities();
        return removeEntities;
    }

    public boolean hasSchemeAuthority(Long l, GenericValue genericValue) {
        return hasPermission(l, genericValue, null, false);
    }

    public boolean hasSchemeAuthority(Long l, GenericValue genericValue, User user, boolean z) {
        if (user == null) {
            throw new IllegalArgumentException("The user passed must not be null");
        }
        return hasPermission(l, genericValue, user, z);
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public Collection<Group> getGroups(Long l, GenericValue genericValue) {
        if (Permissions.isGlobalPermission(l.intValue())) {
            throw new IllegalArgumentException("PermissionId passed can NOT be a global permission " + l.toString() + " is a global");
        }
        return super.getGroups(l, genericValue);
    }

    @Override // com.atlassian.jira.scheme.AbstractSchemeManager
    public Collection<com.opensymphony.user.User> getUsers(Long l, GenericValue genericValue) {
        if (Permissions.isGlobalPermission(l.intValue())) {
            throw new IllegalArgumentException("PermissionId passed can NOT be a global permission " + l.toString() + " is a global");
        }
        return super.getUsers(l, this.permissionContextFactory.getPermissionContext(genericValue));
    }

    private boolean hasPermission(Long l, GenericValue genericValue, User user, boolean z) {
        if (Permissions.isGlobalPermission(l.intValue())) {
            throw new IllegalArgumentException("permissionId passed to this function must NOT be a global permission, " + l + " is not");
        }
        if (genericValue == null) {
            throw new IllegalArgumentException("The entity passed must not be null");
        }
        if (!ProjectParser.PROJECT_ENTITY_NAME.equals(genericValue.getEntityName()) && !"Issue".equals(genericValue.getEntityName())) {
            throw new IllegalArgumentException("The entity passed must be a Project or an Issue not a " + genericValue.getEntityName());
        }
        try {
            List emptyList = Collections.emptyList();
            if (ProjectParser.PROJECT_ENTITY_NAME.equals(genericValue.getEntityName())) {
                emptyList = ManagerFactory.getPermissionSchemeManager().getSchemes(genericValue);
            } else if ("Issue".equals(genericValue.getEntityName())) {
                emptyList = ManagerFactory.getPermissionSchemeManager().getSchemes(ManagerFactory.getProjectManager().getProject(genericValue));
            }
            Iterator it = emptyList.iterator();
            while (it.hasNext()) {
                if (hasSchemePermission(l, (GenericValue) it.next(), genericValue, user, z)) {
                    return true;
                }
            }
            return false;
        } catch (GenericEntityException e) {
            log.error(e, e);
            return false;
        }
    }

    boolean hasSchemePermission(Long l, GenericValue genericValue, GenericValue genericValue2, User user, boolean z) throws GenericEntityException {
        List<GenericValue> entities = getEntities(genericValue, l);
        Map<String, SecurityType> types = this.permissionTypeManager.getTypes();
        for (GenericValue genericValue3 : entities) {
            if (genericValue3 != null) {
                SecurityType securityType = types.get(genericValue3.getString("type"));
                if (user == null) {
                    if (securityType.hasPermission(genericValue2, genericValue3.getString("parameter"))) {
                        return true;
                    }
                } else if (l == null || securityType.isValidForPermission(l.intValue())) {
                    if (securityType.hasPermission(genericValue2, genericValue3.getString("parameter"), user, z)) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    private Long getSchemeEntityCacheKey(GenericValue genericValue) {
        return genericValue.getLong("id");
    }

    public void flushSchemeEntities() {
        this.schemeEntityCache.clear();
    }

    public Collection<GenericValue> getSchemesContainingEntity(String str, String str2) {
        List findByAnd = this.delegator.findByAnd(PERMISSION_ENTITY_NAME, EasyMap.build("type", str, "parameter", str2));
        HashSet hashSet = new HashSet();
        ArrayList arrayList = new ArrayList();
        Iterator it = findByAnd.iterator();
        while (it.hasNext()) {
            hashSet.add(((GenericValue) it.next()).getLong(ProjectIssueSecurityLevelMapperHandler.ISSUE_SECURITY_LEVEL_SCHEME));
        }
        Iterator it2 = hashSet.iterator();
        while (it2.hasNext()) {
            arrayList.add(new EntityExpr("id", EntityOperator.EQUALS, (Long) it2.next()));
        }
        return !arrayList.isEmpty() ? this.delegator.findByOr("PermissionScheme", arrayList, Collections.EMPTY_LIST) : Collections.emptyList();
    }
}
