package sernet.gs.ui.rcp.main.connect;

import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import org.apache.log4j.Logger;
import sernet.gs.common.ApplicationRoles;
import sernet.gs.common.SecurityException;
import sernet.gs.ui.rcp.main.common.model.CnATreeElement;
import sernet.gs.ui.rcp.main.common.model.Permission;
import sernet.gs.ui.rcp.main.common.model.configuration.Configuration;
import sernet.gs.ui.rcp.main.service.IAuthService;

/* loaded from: input_file:sernet/gs/ui/rcp/main/connect/CnATElementDao.class */
public class CnATElementDao extends HibernateBaseDao<CnATreeElement, Integer> {
    private final Logger log;
    private IAuthService authService;
    private IBaseDao<Configuration, Integer> configurationDao;
    private IBaseDao<Permission, Integer> permissionDao;
    private static HashMap<String, String[]> roleMap = new HashMap<>();

    public CnATElementDao(Class<CnATreeElement> cls) {
        super(cls);
        this.log = Logger.getLogger(CnATElementDao.class);
    }

    @Override // sernet.gs.ui.rcp.main.connect.HibernateBaseDao, sernet.gs.ui.rcp.main.connect.IBaseDao
    public void delete(CnATreeElement cnATreeElement) {
        checkRights(cnATreeElement);
        super.delete((CnATElementDao) cnATreeElement);
    }

    @Override // sernet.gs.ui.rcp.main.connect.HibernateBaseDao, sernet.gs.ui.rcp.main.connect.IBaseDao
    public CnATreeElement merge(CnATreeElement cnATreeElement) {
        return (CnATreeElement) super.merge((CnATElementDao) cnATreeElement);
    }

    @Override // sernet.gs.ui.rcp.main.connect.HibernateBaseDao, sernet.gs.ui.rcp.main.connect.IBaseDao
    public CnATreeElement merge(CnATreeElement cnATreeElement, boolean z) {
        if (cnATreeElement.getDbId() != null) {
            checkRights(cnATreeElement);
        }
        return (CnATreeElement) super.merge((CnATElementDao) cnATreeElement, z);
    }

    protected void checkRights(CnATreeElement cnATreeElement) {
        if (!getAuthService().isPermissionHandlingNeeded() || hasAdminRole(this.authService.getRoles())) {
            return;
        }
        String username = getAuthService().getUsername();
        if (this.log.isDebugEnabled()) {
            this.log.debug("Username: " + username);
        }
        String[] dynamicRoles = getDynamicRoles(username);
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < dynamicRoles.length; i++) {
            sb.append("'").append(dynamicRoles[i]).append("'");
            if (i < dynamicRoles.length - 1) {
                sb.append(",");
            }
        }
        String str = "select p.dbId from Permission p where p.cnaTreeElement.dbId = ? and p.role in (" + sb.toString() + ") and p.writeAllowed = ?";
        Object[] objArr = {cnATreeElement.getDbId(), Boolean.TRUE};
        if (this.log.isDebugEnabled()) {
            this.log.debug("checkRights, hql: " + str);
            this.log.debug("checkRights, entity db-id: " + cnATreeElement.getDbId());
        }
        List findByQuery = getPermissionDao().findByQuery(str, objArr);
        if (this.log.isDebugEnabled()) {
            this.log.debug("checkRights, permission ids: ");
            Iterator it = findByQuery.iterator();
            while (it.hasNext()) {
                this.log.debug((Integer) it.next());
            }
        }
        if ((findByQuery == null) || findByQuery.isEmpty()) {
            String str2 = "User: " + username + " has no right to write CnATreeElement with id: " + cnATreeElement.getDbId();
            this.log.warn(str2);
            throw new SecurityException(str2);
        }
    }

    private boolean hasAdminRole(String[] strArr) {
        for (String str : strArr) {
            if (ApplicationRoles.ROLE_ADMIN.equals(str)) {
                return true;
            }
        }
        return false;
    }

    private String[] getDynamicRoles(String str) {
        String[] strArr = roleMap.get(str);
        if (strArr != null) {
            return strArr;
        }
        List<Configuration> findAll = getConfigurationDao().findAll();
        for (Configuration configuration : findAll) {
            if (str.equals(configuration.getUser()) && strArr == null) {
                String[] strArr2 = (String[]) configuration.getRoles().toArray(new String[configuration.getRoles().size()]);
                findAll.clear();
                roleMap.put(str, strArr2);
                return strArr2;
            }
        }
        throw new IllegalStateException();
    }

    public void setAuthService(IAuthService iAuthService) {
        this.authService = iAuthService;
    }

    public IAuthService getAuthService() {
        return this.authService;
    }

    public void setConfigurationDao(IBaseDao<Configuration, Integer> iBaseDao) {
        this.configurationDao = iBaseDao;
    }

    public IBaseDao<Configuration, Integer> getConfigurationDao() {
        return this.configurationDao;
    }

    public void setPermissionDao(IBaseDao<Permission, Integer> iBaseDao) {
        this.permissionDao = iBaseDao;
    }

    public IBaseDao<Permission, Integer> getPermissionDao() {
        return this.permissionDao;
    }
}
