package ome.security.basic;

import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import ome.api.local.LocalAdmin;
import ome.conditions.ApiUsageException;
import ome.conditions.InternalException;
import ome.conditions.SecurityViolation;
import ome.model.IObject;
import ome.model.enums.EventType;
import ome.model.internal.Details;
import ome.model.internal.Permissions;
import ome.model.meta.Event;
import ome.model.meta.EventLog;
import ome.model.meta.Experimenter;
import ome.model.meta.ExperimenterGroup;
import ome.model.meta.Session;
import ome.services.messages.RegisterServiceCleanupMessage;
import ome.services.sessions.state.SessionCache;
import ome.services.sessions.stats.SessionStats;
import ome.services.sharing.ShareStore;
import ome.system.EventContext;
import ome.system.Principal;
import ome.system.Roles;
import ome.tools.hibernate.HibernateUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.Assert;

/* loaded from: input_file:ome/security/basic/CurrentDetails.class */
public class CurrentDetails implements PrincipalHolder {
    private static Logger log = LoggerFactory.getLogger(CurrentDetails.class);
    private final SessionCache cache;
    private final Roles roles;
    private final ThreadLocal<LinkedList<BasicEventContext>> contexts;
    private final ThreadLocal<Map<String, String>> delayedCallContext;

    public CurrentDetails() {
        this.contexts = new ThreadLocal<>();
        this.delayedCallContext = new ThreadLocal<>();
        this.cache = null;
        this.roles = new Roles();
    }

    public CurrentDetails(SessionCache sessionCache) {
        this.contexts = new ThreadLocal<>();
        this.delayedCallContext = new ThreadLocal<>();
        this.cache = sessionCache;
        this.roles = new Roles();
    }

    public CurrentDetails(SessionCache sessionCache, Roles roles) {
        this.contexts = new ThreadLocal<>();
        this.delayedCallContext = new ThreadLocal<>();
        this.cache = sessionCache;
        this.roles = roles;
    }

    private LinkedList<BasicEventContext> list() {
        LinkedList<BasicEventContext> linkedList = this.contexts.get();
        if (linkedList == null) {
            linkedList = new LinkedList<>();
            this.contexts.set(linkedList);
        }
        return linkedList;
    }

    public Map<String, String> setContext(Map<String, String> map) {
        LinkedList<BasicEventContext> list = list();
        if (list.size() != 0) {
            return list.getLast().setCallContext(map);
        }
        this.delayedCallContext.set(map);
        return null;
    }

    public Map<String, String> getContext() {
        return list().getLast().getCallContext();
    }

    protected void checkDelayedCallContext(BasicEventContext basicEventContext) {
        Map<String, String> map = this.delayedCallContext.get();
        this.delayedCallContext.set(null);
        basicEventContext.setCallContext(map);
    }

    @Override // ome.security.basic.PrincipalHolder
    public int size() {
        return list().size();
    }

    @Override // ome.security.basic.PrincipalHolder
    public Principal getLast() {
        return list().getLast().getPrincipal();
    }

    @Override // ome.security.basic.PrincipalHolder
    public void login(Principal principal) {
        login(new BasicEventContext(principal, this.cache.getSessionContext(principal.getName()).stats()));
    }

    @Override // ome.security.basic.PrincipalHolder
    public void login(BasicEventContext basicEventContext) {
        if (log.isDebugEnabled()) {
            log.debug("Logging in :" + basicEventContext);
        }
        checkDelayedCallContext(basicEventContext);
        list().add(basicEventContext);
        basicEventContext.getStats().methodIn();
    }

    @Override // ome.security.basic.PrincipalHolder
    public int logout() {
        LinkedList<BasicEventContext> list = list();
        BasicEventContext removeLast = list.removeLast();
        removeLast.getStats().methodOut();
        if (log.isDebugEnabled()) {
            log.debug("Logged out: " + removeLast);
        }
        return list.size();
    }

    public boolean isReady() {
        BasicEventContext current = current();
        return (current.getEvent() == null || current.getGroup() == null || current.getOwner() == null) ? false : true;
    }

    public boolean isGraphCritical(Details details) {
        EventContext currentEventContext = getCurrentEventContext();
        long longValue = currentEventContext.getCurrentGroupId().longValue();
        Permissions currentGroupPermissions = currentEventContext.getCurrentGroupPermissions();
        if (longValue < 0) {
            try {
                ExperimenterGroup group = details.getGroup();
                longValue = group.getId().longValue();
                currentGroupPermissions = group.getDetails().getPermissions();
                if (longValue == this.roles.getUserGroupId()) {
                    throw new SecurityViolation("isGraphCriticalCheck: Current group < 0 while accessing 'user' group!");
                }
            } catch (NullPointerException e) {
                throw new SecurityViolation("isGraphCriticalCheck: not enough context");
            }
        }
        boolean isCurrentUserAdmin = currentEventContext.isCurrentUserAdmin();
        boolean contains = currentEventContext.getLeaderOfGroupsList().contains(Long.valueOf(longValue));
        if (currentGroupPermissions.isGranted(Permissions.Role.WORLD, Permissions.Right.READ) || currentGroupPermissions.isGranted(Permissions.Role.GROUP, Permissions.Right.READ)) {
            return false;
        }
        return isCurrentUserAdmin || contains;
    }

    public boolean isOwnerOrSupervisor(IObject iObject) {
        if (iObject == null) {
            throw new ApiUsageException("Object can't be null");
        }
        Long nullSafeOwnerId = HibernateUtils.nullSafeOwnerId(iObject);
        Long id = iObject instanceof ExperimenterGroup ? iObject.getId() : HibernateUtils.nullSafeGroupId(iObject);
        EventContext currentEventContext = getCurrentEventContext();
        return currentEventContext.isCurrentUserAdmin() || currentEventContext.getLeaderOfGroupsList().contains(id) || currentEventContext.getCurrentUserId().equals(nullSafeOwnerId);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void checkAndInitialize(EventContext eventContext, LocalAdmin localAdmin, ShareStore shareStore) {
        current().checkAndInitialize(eventContext, localAdmin, shareStore);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BasicEventContext current() {
        return list().getLast();
    }

    public EventContext getCurrentEventContext() {
        return current();
    }

    public void invalidateCurrentEventContext() {
        BasicEventContext current = current();
        current.invalidate();
        if (log.isDebugEnabled()) {
            log.debug("Invalidated login: " + current);
        }
    }

    public Event newEvent(Session session, EventType eventType, TokenHolder tokenHolder) {
        BasicEventContext current = current();
        Event event = new Event();
        event.setType(eventType);
        event.setTime(new Timestamp(System.currentTimeMillis()));
        tokenHolder.setToken(event.getGraphHolder());
        event.getDetails().setPermissions(Permissions.READ_ONLY);
        event.setExperimenter(current.getOwner());
        event.setExperimenterGroup(current.getGroup());
        event.setSession(session);
        current.setEvent(event);
        return event;
    }

    public void addLog(String str, Class cls, Long l) {
        Assert.notNull(str);
        Assert.notNull(cls);
        Assert.notNull(l);
        if (Event.class.isAssignableFrom(cls) || EventLog.class.isAssignableFrom(cls)) {
            if (log.isDebugEnabled()) {
                log.debug("Not logging creation of logging type:" + cls);
                return;
            }
            return;
        }
        if (!isReady()) {
            throw new InternalException("Not ready to add EventLog");
        }
        if (log.isInfoEnabled()) {
            log.info("Adding log:" + str + "," + cls + "," + l);
        }
        BasicEventContext current = current();
        List<EventLog> logs = current().getLogs();
        if (logs == null) {
            logs = new ArrayList();
            current.setLogs(logs);
        }
        EventLog eventLog = new EventLog();
        eventLog.setAction(str);
        eventLog.setEntityType(cls.getName());
        eventLog.setEntityId(l);
        eventLog.setEvent(current.getEvent());
        Details create = Details.create();
        create.setPermissions(Permissions.WORLD_IMMUTABLE);
        eventLog.getDetails().copy(create);
        logs.add(eventLog);
    }

    public SessionStats getStats() {
        return current().getStats();
    }

    public List<EventLog> getLogs() {
        List<EventLog> logs = current().getLogs();
        return logs == null ? new ArrayList() : logs;
    }

    public void clearLogs() {
        current().setLogs(null);
    }

    public Details createDetails() {
        BasicEventContext current = current();
        Details create = Details.create(new Object[]{current, current.getCallContext()});
        create.setCreationEvent(current.getEvent());
        create.setUpdateEvent(current.getEvent());
        create.setOwner(current.getOwner());
        create.setGroup(current.getGroup());
        create.setPermissions(new Permissions(current.getCurrentGroupPermissions()));
        return create;
    }

    public void applyContext(Details details, boolean z) {
        BasicEventContext current = current();
        details.setContexts(new Object[]{current, current.getCallContext()});
        if (z) {
            Permissions currentGroupPermissions = current.getCurrentGroupPermissions();
            if (currentGroupPermissions != Permissions.DUMMY) {
                details.setPermissions(new Permissions(currentGroupPermissions));
                return;
            }
            if (details.getGroup() != null) {
                Long id = details.getGroup().getId();
                Permissions permissionsForGroup = current.getPermissionsForGroup(id);
                if (permissionsForGroup != null) {
                    details.setPermissions(new Permissions(permissionsForGroup));
                } else {
                    if (!id.equals(Long.valueOf(this.roles.getUserGroupId()))) {
                        throw new InternalException("No permissions: " + details);
                    }
                    details.setPermissions(new Permissions(Permissions.EMPTY));
                }
            }
        }
    }

    public void loadPermissions(org.hibernate.Session session) {
        current().loadPermissions(session);
    }

    public Experimenter getOwner() {
        return current().getOwner();
    }

    public ExperimenterGroup getGroup() {
        return current().getGroup();
    }

    public Event getEvent() {
        return current().getEvent();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setValues(Experimenter experimenter, ExperimenterGroup experimenterGroup, Permissions permissions, boolean z, boolean z2, Long l) {
        BasicEventContext current = current();
        current.setOwner(experimenter);
        current.setGroup(experimenterGroup, permissions);
        current.setAdmin(z);
        current.setReadOnly(z2);
        current.setShareId(l);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void updateEvent(Event event) {
        current().setEvent(event);
    }

    public boolean isCurrentUserGuest() {
        return current().getCurrentUserId().longValue() == this.roles.getGuestId();
    }

    public void addCleanup(RegisterServiceCleanupMessage registerServiceCleanupMessage) {
        Set<RegisterServiceCleanupMessage> serviceCleanups = current().getServiceCleanups();
        if (serviceCleanups == null) {
            serviceCleanups = new HashSet();
            current().setServiceCleanups(serviceCleanups);
        }
        serviceCleanups.add(registerServiceCleanupMessage);
    }

    public Set<RegisterServiceCleanupMessage> emptyCleanups() {
        Set<RegisterServiceCleanupMessage> serviceCleanups = current().getServiceCleanups();
        if (current().getServiceCleanups() == null) {
            return Collections.emptySet();
        }
        HashSet hashSet = new HashSet(serviceCleanups);
        serviceCleanups.clear();
        return hashSet;
    }

    public boolean addDisabled(String str) {
        Set<String> disabledSubsystems = current().getDisabledSubsystems();
        if (disabledSubsystems == null) {
            disabledSubsystems = new HashSet();
            current().setDisabledSubsystems(disabledSubsystems);
        }
        return disabledSubsystems.add(str);
    }

    public boolean addAllDisabled(String... strArr) {
        Set<String> disabledSubsystems = current().getDisabledSubsystems();
        if (disabledSubsystems == null) {
            disabledSubsystems = new HashSet();
            current().setDisabledSubsystems(disabledSubsystems);
        }
        if (strArr != null) {
            return Collections.addAll(disabledSubsystems, strArr);
        }
        return false;
    }

    public boolean removeDisabled(String str) {
        Set<String> disabledSubsystems = current().getDisabledSubsystems();
        if (disabledSubsystems == null || str == null) {
            return false;
        }
        return disabledSubsystems.remove(str);
    }

    public boolean removeAllDisabled(String... strArr) {
        Set<String> disabledSubsystems = current().getDisabledSubsystems();
        if (disabledSubsystems == null || strArr == null) {
            return false;
        }
        boolean z = false;
        for (String str : strArr) {
            z |= disabledSubsystems.remove(str);
        }
        return false;
    }

    public void clearDisabled() {
        current().setDisabledSubsystems(null);
    }

    public boolean isDisabled(String str) {
        Set<String> disabledSubsystems;
        return (size() == 0 || (disabledSubsystems = current().getDisabledSubsystems()) == null || str == null || !disabledSubsystems.contains(str)) ? false : true;
    }
}
