package us.jts.fortress.rbac;

import java.util.Iterator;
import java.util.List;
import java.util.Set;
import us.jts.fortress.FinderException;
import us.jts.fortress.GlobalErrIds;
import us.jts.fortress.SecurityException;
import us.jts.fortress.ValidationException;
import us.jts.fortress.rbac.OrgUnit;
import us.jts.fortress.util.attr.VUtil;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:us/jts/fortress/rbac/PermP.class */
public final class PermP {
    private static final String CLS_NM = PermP.class.getName();
    private static final PermDAO pDao = new PermDAO();
    private final OrgUnitP orgUnitP = new OrgUnitP();

    /* JADX INFO: Access modifiers changed from: package-private */
    public final boolean checkPermission(Session session, Permission permission) throws SecurityException {
        return pDao.checkPermission(session, permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final List<Permission> search(Permission permission) throws SecurityException {
        return pDao.findPermissions(permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final List<PermObj> search(PermObj permObj) throws SecurityException {
        return pDao.findPermissions(permObj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final List<PermObj> search(OrgUnit orgUnit, boolean z) throws SecurityException {
        return pDao.findPermissions(orgUnit, z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final List<Permission> search(Role role) throws SecurityException {
        return pDao.findPermissions(role);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final List<Permission> search(User user) throws SecurityException {
        return pDao.findPermissions(user);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void remove(User user) throws SecurityException {
        try {
            Iterator<Permission> it = pDao.findUserPermissions(user).iterator();
            while (it.hasNext()) {
                revoke(it.next(), user);
            }
        } catch (FinderException e) {
            throw new SecurityException(GlobalErrIds.PERM_BULK_USER_REVOKE_FAILED, CLS_NM + ".remove userId [" + user.getUserId() + "] caught FinderException=" + e, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void remove(Role role) throws SecurityException {
        try {
            Iterator<Permission> it = pDao.findPermissions(role).iterator();
            while (it.hasNext()) {
                revoke(it.next(), role);
            }
        } catch (FinderException e) {
            throw new SecurityException(GlobalErrIds.PERM_BULK_ROLE_REVOKE_FAILED, CLS_NM + ".remove role [" + role.getName() + "] caught FinderException=" + e, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void remove(AdminRole adminRole) throws SecurityException {
        try {
            for (Permission permission : pDao.findPermissions(adminRole)) {
                permission.setAdmin(true);
                revoke(permission, adminRole);
            }
        } catch (FinderException e) {
            throw new SecurityException(3024, CLS_NM + ".remove admin role [" + adminRole.getName() + "] caught FinderException=" + e, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final List<Permission> search(Session session) throws SecurityException {
        return pDao.findPermissions(session);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final Permission read(Permission permission) throws SecurityException {
        return pDao.getPerm(permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final PermObj read(PermObj permObj) throws SecurityException {
        return pDao.getPerm(permObj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final PermObj add(PermObj permObj) throws SecurityException {
        validate(permObj, false);
        return pDao.createObject(permObj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final Permission add(Permission permission) throws SecurityException {
        validate(permission, false);
        return pDao.createOperation(permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final PermObj update(PermObj permObj) throws SecurityException {
        update(permObj, true);
        return permObj;
    }

    private PermObj update(PermObj permObj, boolean z) throws SecurityException {
        if (z) {
            validate(permObj, true);
        }
        return pDao.updateObj(permObj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final Permission update(Permission permission) throws SecurityException {
        update(permission, true);
        return permission;
    }

    private Permission update(Permission permission, boolean z) throws SecurityException {
        if (z) {
            validate(permission, true);
        }
        return pDao.updateOperation(permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void delete(PermObj permObj) throws SecurityException {
        pDao.deleteObj(permObj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void delete(Permission permission) throws SecurityException {
        pDao.deleteOperation(permission);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void grant(Permission permission, Role role) throws SecurityException {
        pDao.grant(permission, role);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void revoke(Permission permission, Role role) throws SecurityException {
        pDao.revoke(permission, role);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void grant(Permission permission, User user) throws SecurityException {
        pDao.grant(permission, user);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void revoke(Permission permission, User user) throws SecurityException {
        pDao.revoke(permission, user);
    }

    final void validate(PermObj permObj, boolean z) throws ValidationException {
        if (z) {
            if (VUtil.isNotNullOrEmpty(permObj.getOu())) {
                VUtil.orgUnit(permObj.getOu());
                OrgUnit orgUnit = new OrgUnit(permObj.getOu(), OrgUnit.Type.PERM);
                orgUnit.setContextId(permObj.getContextId());
                if (!this.orgUnitP.isValid(orgUnit)) {
                    throw new ValidationException(GlobalErrIds.PERM_OU_INVALID, CLS_NM + ".validate detected invalid orgUnit name [" + permObj.getOu() + "] for object name [" + permObj.getObjectName() + "]");
                }
            }
            if (VUtil.isNotNullOrEmpty(permObj.getDescription())) {
                VUtil.description(permObj.getDescription());
                return;
            }
            return;
        }
        VUtil.orgUnit(permObj.getOu());
        OrgUnit orgUnit2 = new OrgUnit(permObj.getOu(), OrgUnit.Type.PERM);
        orgUnit2.setContextId(permObj.getContextId());
        if (!this.orgUnitP.isValid(orgUnit2)) {
            throw new ValidationException(GlobalErrIds.PERM_OU_INVALID, CLS_NM + ".validate detected invalid orgUnit name [" + permObj.getOu() + "] for object name [" + permObj.getObjectName() + "]");
        }
        if (VUtil.isNotNullOrEmpty(permObj.getObjectName())) {
            VUtil.description(permObj.getObjectName());
        }
        if (VUtil.isNotNullOrEmpty(permObj.getOu())) {
            VUtil.orgUnit(permObj.getOu());
        }
        if (VUtil.isNotNullOrEmpty(permObj.getDescription())) {
            VUtil.description(permObj.getDescription());
        }
    }

    private void validate(Permission permission, boolean z) throws SecurityException {
        if (!z && permission.getOpName() != null && permission.getOpName().length() > 0) {
            VUtil.description(permission.getOpName());
        }
        if (VUtil.isNotNullOrEmpty(permission.getType())) {
            VUtil.description(permission.getType());
        }
        if (VUtil.isNotNullOrEmpty(permission.getRoles())) {
            Set<String> roles = permission.getRoles();
            RoleP roleP = new RoleP();
            Iterator<String> it = roles.iterator();
            while (it.hasNext()) {
                Role role = new Role(it.next());
                role.setContextId(permission.getContextId());
                roleP.read(role);
            }
        }
        if (VUtil.isNotNullOrEmpty(permission.getUsers())) {
            Set<String> users = permission.getUsers();
            UserP userP = new UserP();
            Iterator<String> it2 = users.iterator();
            while (it2.hasNext()) {
                User user = new User(it2.next());
                user.setContextId(permission.getContextId());
                userP.read(user, false);
            }
        }
    }
}
