package ru.runa.wfe.user.logic;

import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Required;
import ru.runa.wfe.commons.SystemProperties;
import ru.runa.wfe.commons.logic.CommonLogic;
import ru.runa.wfe.commons.logic.PresentationCompilerHelper;
import ru.runa.wfe.presentation.BatchPresentation;
import ru.runa.wfe.relation.dao.RelationPairDAO;
import ru.runa.wfe.security.ASystem;
import ru.runa.wfe.security.AuthorizationException;
import ru.runa.wfe.security.Permission;
import ru.runa.wfe.security.SystemPermission;
import ru.runa.wfe.security.WeakPasswordException;
import ru.runa.wfe.ss.dao.SubstitutionDAO;
import ru.runa.wfe.user.Actor;
import ru.runa.wfe.user.ActorPermission;
import ru.runa.wfe.user.Executor;
import ru.runa.wfe.user.ExecutorParticipatesInProcessesException;
import ru.runa.wfe.user.ExecutorPermission;
import ru.runa.wfe.user.Group;
import ru.runa.wfe.user.GroupPermission;
import ru.runa.wfe.user.SystemExecutors;
import ru.runa.wfe.user.TemporaryGroup;
import ru.runa.wfe.user.User;
import ru.runa.wfe.user.dao.ProfileDAO;

/* loaded from: input_file:ru/runa/wfe/user/logic/ExecutorLogic.class */
public class ExecutorLogic extends CommonLogic {
    private static final Log log = LogFactory.getLog(ExecutorLogic.class);
    private List<SetStatusHandler> setStatusHandlers;

    @Autowired
    private ProfileDAO profileDAO;

    @Autowired
    private RelationPairDAO relationPairDAO;

    @Autowired
    private SubstitutionDAO substitutionDAO;

    @Required
    public void setSetStatusHandlers(List<SetStatusHandler> list) {
        this.setStatusHandlers = list;
    }

    public boolean isExecutorExist(User user, String str) {
        if (!this.executorDAO.isExecutorExist(str)) {
            return false;
        }
        checkPermissionAllowed(user, this.executorDAO.getExecutor(str), Permission.READ);
        return true;
    }

    public Executor update(User user, Executor executor) {
        checkPermissionsOnExecutor(user, executor, ExecutorPermission.UPDATE);
        return this.executorDAO.update(executor);
    }

    public List<? extends Executor> getExecutors(User user, BatchPresentation batchPresentation) {
        return PresentationCompilerHelper.createAllExecutorsCompiler(user, batchPresentation).getBatch();
    }

    public int getExecutorsCount(User user, BatchPresentation batchPresentation) {
        return PresentationCompilerHelper.createAllExecutorsCompiler(user, batchPresentation).getCount();
    }

    public Actor getActor(User user, String str) {
        return (Actor) checkPermissionsOnExecutor(user, this.executorDAO.getActor(str), Permission.READ);
    }

    public Actor getActorCaseInsensitive(String str) {
        return this.executorDAO.getActorCaseInsensitive(str);
    }

    public Group getGroup(User user, String str) {
        return (Group) checkPermissionsOnExecutor(user, this.executorDAO.getGroup(str), Permission.READ);
    }

    public Executor getExecutor(User user, String str) {
        return checkPermissionsOnExecutor(user, this.executorDAO.getExecutor(str), Permission.READ);
    }

    public boolean isAdministrator(User user) {
        try {
            return isExecutorInGroup(user, user.getActor(), (Group) getExecutor(user, SystemProperties.getAdministratorsGroupName()));
        } catch (AuthorizationException e) {
            log.debug(e);
            return false;
        }
    }

    public void remove(User user, List<Long> list) {
        List<Executor> executors = getExecutors(user, list);
        checkPermissionsOnExecutors(user, executors, ExecutorPermission.UPDATE);
        Iterator<Executor> it = executors.iterator();
        while (it.hasNext()) {
            remove(it.next());
        }
    }

    public void remove(Executor executor) {
        if (this.permissionDAO.isPrivilegedExecutor(executor) || SystemExecutors.PROCESS_STARTER_NAME.equals(executor.getName())) {
            throw new AuthorizationException(executor.getName() + " can not be removed");
        }
        Set<Number> dependentProcessIds = this.processDAO.getDependentProcessIds(executor);
        if (dependentProcessIds.size() > 0) {
            throw new ExecutorParticipatesInProcessesException(executor.getName(), dependentProcessIds);
        }
        if (executor instanceof Actor) {
            this.profileDAO.delete((Actor) executor);
        }
        this.permissionDAO.deleteOwnPermissions(executor);
        this.permissionDAO.deleteAllPermissions(executor);
        this.relationPairDAO.removeAllRelationPairs(executor);
        this.substitutionDAO.deleteAllActorSubstitutions(executor.getId());
        this.executorDAO.remove(executor);
    }

    public <T extends Executor> T create(User user, T t) {
        checkPermissionAllowed(user, ASystem.INSTANCE, SystemPermission.CREATE_EXECUTOR);
        ArrayList newArrayList = t instanceof Group ? Lists.newArrayList(new Permission[]{Permission.READ, GroupPermission.LIST_GROUP}) : Lists.newArrayList(new Permission[]{Permission.READ});
        this.executorDAO.create(t);
        postCreateExecutor(user, t, newArrayList);
        return t;
    }

    private void postCreateExecutor(User user, Executor executor, Collection<Permission> collection) {
        this.permissionDAO.setPermissions(user.getActor(), executor.getSecuredObjectType().getNoPermission().getAllPermissions(), executor);
        this.permissionDAO.setPermissions(executor, collection, executor);
    }

    public void addExecutorsToGroup(User user, List<? extends Executor> list, Group group) {
        addExecutorsToGroupInternal(user, list, group);
    }

    public void addExecutorsToGroup(User user, List<Long> list, Long l) {
        addExecutorsToGroupInternal(user, this.executorDAO.getExecutors(list), this.executorDAO.getGroup(l));
    }

    private void addExecutorsToGroupInternal(User user, List<? extends Executor> list, Group group) {
        checkPermissionsOnExecutors(user, list, Permission.READ);
        checkPermissionsOnExecutor(user, group, GroupPermission.ADD_TO_GROUP);
        this.executorDAO.addExecutorsToGroup(list, group);
    }

    public void addExecutorToGroups(User user, Executor executor, List<Group> list) {
        addExecutorToGroupsInternal(user, executor, list);
    }

    public void addExecutorToGroups(User user, Long l, List<Long> list) {
        addExecutorToGroupsInternal(user, this.executorDAO.getExecutor(l), this.executorDAO.getGroups(list));
    }

    private void addExecutorToGroupsInternal(User user, Executor executor, List<Group> list) {
        checkPermissionsOnExecutor(user, executor, Permission.READ);
        checkPermissionsOnExecutors(user, list, GroupPermission.ADD_TO_GROUP);
        this.executorDAO.addExecutorToGroups(executor, list);
    }

    public List<Executor> getGroupChildren(User user, Group group, BatchPresentation batchPresentation, boolean z) {
        checkPermissionsOnExecutor(user, group, z ? GroupPermission.ADD_TO_GROUP : GroupPermission.LIST_GROUP);
        return PresentationCompilerHelper.createGroupChildrenCompiler(user, group, batchPresentation, !z).getBatch();
    }

    public int getGroupChildrenCount(User user, Group group, BatchPresentation batchPresentation, boolean z) {
        checkPermissionsOnExecutor(user, group, z ? GroupPermission.ADD_TO_GROUP : GroupPermission.LIST_GROUP);
        return PresentationCompilerHelper.createGroupChildrenCompiler(user, group, batchPresentation, !z).getCount();
    }

    public List<Actor> getGroupActors(User user, Group group) {
        checkPermissionsOnExecutor(user, group, GroupPermission.LIST_GROUP);
        return filterIdentifiable(user, Lists.newArrayList(this.executorDAO.getGroupActors(group)), Permission.READ);
    }

    public List<Executor> getAllExecutorsFromGroup(User user, Group group) {
        checkPermissionsOnExecutor(user, group, GroupPermission.LIST_GROUP);
        return filterIdentifiable(user, this.executorDAO.getAllNonGroupExecutorsFromGroup(group), Permission.READ);
    }

    public void removeExecutorsFromGroup(User user, List<? extends Executor> list, Group group) {
        removeExecutorsFromGroupInternal(user, list, group);
    }

    public void removeExecutorsFromGroup(User user, List<Long> list, Long l) {
        removeExecutorsFromGroupInternal(user, this.executorDAO.getExecutors(list), this.executorDAO.getGroup(l));
    }

    private void removeExecutorsFromGroupInternal(User user, List<? extends Executor> list, Group group) {
        checkPermissionsOnExecutor(user, group, GroupPermission.REMOVE_FROM_GROUP);
        checkPermissionsOnExecutors(user, list, Permission.READ);
        this.executorDAO.removeExecutorsFromGroup(list, group);
    }

    public void removeExecutorFromGroups(User user, Executor executor, List<Group> list) {
        checkPermissionsOnExecutor(user, executor, Permission.READ);
        checkPermissionsOnExecutors(user, list, GroupPermission.REMOVE_FROM_GROUP);
        this.executorDAO.removeExecutorFromGroups(executor, list);
    }

    public void removeExecutorFromGroups(User user, Long l, List<Long> list) {
        Executor executor = this.executorDAO.getExecutor(l);
        List<Group> groups = this.executorDAO.getGroups(list);
        checkPermissionsOnExecutor(user, executor, Permission.READ);
        checkPermissionsOnExecutors(user, groups, GroupPermission.REMOVE_FROM_GROUP);
        this.executorDAO.removeExecutorFromGroups(executor, groups);
    }

    public void setPassword(User user, Actor actor, String str) {
        String strongPasswordsRegexp = SystemProperties.getStrongPasswordsRegexp();
        if (!Strings.isNullOrEmpty(strongPasswordsRegexp) && !Pattern.compile(strongPasswordsRegexp).matcher(str).matches()) {
            throw new WeakPasswordException();
        }
        if (!isPermissionAllowed(user, actor, ExecutorPermission.UPDATE)) {
            if (!user.getActor().equals(actor)) {
                throw new AuthorizationException(user + " hasn't permission to change password for actor " + actor);
            }
            checkPermissionAllowed(user, ASystem.INSTANCE, SystemPermission.CHANGE_SELF_PASSWORD);
        }
        this.executorDAO.setPassword(actor, str);
    }

    public Actor setStatus(User user, Actor actor, boolean z, boolean z2) {
        checkPermissionsOnExecutor(user, actor, ActorPermission.UPDATE_STATUS);
        Actor status = this.executorDAO.setStatus(actor, z);
        if (z2) {
            for (SetStatusHandler setStatusHandler : this.setStatusHandlers) {
                try {
                    setStatusHandler.onStatusChange(actor, z);
                } catch (Throwable th) {
                    log.warn("Exception while calling loginHandler " + setStatusHandler, th);
                }
            }
        }
        return status;
    }

    public List<Group> getExecutorGroups(User user, Executor executor, BatchPresentation batchPresentation, boolean z) {
        checkPermissionsOnExecutor(user, executor, Permission.READ);
        return PresentationCompilerHelper.createExecutorGroupsCompiler(user, executor, batchPresentation, !z).getBatch();
    }

    public int getExecutorGroupsCount(User user, Executor executor, BatchPresentation batchPresentation, boolean z) {
        checkPermissionsOnExecutor(user, executor, Permission.READ);
        return PresentationCompilerHelper.createExecutorGroupsCompiler(user, executor, batchPresentation, !z).getCount();
    }

    public boolean isExecutorInGroup(User user, Executor executor, Group group) {
        checkPermissionsOnExecutor(user, executor, Permission.READ);
        checkPermissionsOnExecutor(user, group, Permission.READ);
        return this.executorDAO.isExecutorInGroup(executor, group);
    }

    public Executor getExecutor(User user, Long l) {
        return checkPermissionsOnExecutor(user, this.executorDAO.getExecutor(l), Permission.READ);
    }

    public List<Executor> getExecutors(User user, List<Long> list) {
        return checkPermissionsOnExecutors(user, this.executorDAO.getExecutors(list), Permission.READ);
    }

    public Actor getActorByCode(User user, Long l) {
        return (Actor) checkPermissionsOnExecutor(user, this.executorDAO.getActorByCode(l), Permission.READ);
    }

    public Group saveTemporaryGroup(Group group, Collection<? extends Executor> collection) {
        Group group2;
        if (this.executorDAO.isExecutorExist(group.getName())) {
            group2 = (Group) this.executorDAO.getExecutor(group.getName());
            Set<Executor> groupChildren = this.executorDAO.getGroupChildren(group2);
            HashSet hashSet = new HashSet();
            HashSet hashSet2 = new HashSet();
            for (Executor executor : groupChildren) {
                if (!collection.contains(executor)) {
                    hashSet.add(executor);
                }
            }
            for (Executor executor2 : collection) {
                if (!groupChildren.contains(executor2)) {
                    hashSet2.add(executor2);
                }
            }
            this.executorDAO.deleteExecutorsFromGroup(group2, hashSet);
            addNewExecutorsToGroup(group2, hashSet2);
        } else {
            group2 = (Group) this.executorDAO.create(group);
            addNewExecutorsToGroup(group2, collection);
        }
        return group2;
    }

    public List<TemporaryGroup> getTemporaryGroups() {
        return this.executorDAO.getTemporaryGroups();
    }

    private void addNewExecutorsToGroup(Group group, Collection<? extends Executor> collection) {
        this.executorDAO.addExecutorsToGroup(collection, group);
        if (SystemProperties.setPermissionsToTemporaryGroups()) {
            HashSet newHashSet = Sets.newHashSet();
            newHashSet.addAll(collection);
            Iterator<? extends Executor> it = collection.iterator();
            while (it.hasNext()) {
                newHashSet.addAll(this.permissionDAO.getExecutorsWithPermission(it.next()));
            }
            Iterator it2 = newHashSet.iterator();
            while (it2.hasNext()) {
                this.permissionDAO.setPermissions((Executor) it2.next(), Lists.newArrayList(new Permission[]{GroupPermission.LIST_GROUP, GroupPermission.READ}), group);
            }
        }
    }
}
