package fr.inra.agrosyst.services.security;

import com.google.common.base.Function;
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableListMultimap;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.common.collect.Multimaps;
import com.google.common.collect.Sets;
import fr.inra.agrosyst.api.entities.Domain;
import fr.inra.agrosyst.api.entities.DomainTopiaDao;
import fr.inra.agrosyst.api.entities.Entities;
import fr.inra.agrosyst.api.entities.GrowingPlan;
import fr.inra.agrosyst.api.entities.GrowingPlanTopiaDao;
import fr.inra.agrosyst.api.entities.GrowingSystem;
import fr.inra.agrosyst.api.entities.GrowingSystemTopiaDao;
import fr.inra.agrosyst.api.entities.Network;
import fr.inra.agrosyst.api.entities.NetworkTopiaDao;
import fr.inra.agrosyst.api.entities.security.AgrosystUser;
import fr.inra.agrosyst.api.entities.security.AgrosystUserTopiaDao;
import fr.inra.agrosyst.api.entities.security.ComputedUserPermission;
import fr.inra.agrosyst.api.entities.security.ComputedUserPermissionTopiaDao;
import fr.inra.agrosyst.api.entities.security.PermissionObjectType;
import fr.inra.agrosyst.api.entities.security.RoleType;
import fr.inra.agrosyst.api.entities.security.UserRole;
import fr.inra.agrosyst.api.entities.security.UserRoleTopiaDao;
import fr.inra.agrosyst.api.services.domain.DomainFilter;
import fr.inra.agrosyst.api.services.domain.DomainService;
import fr.inra.agrosyst.api.services.growingplan.GrowingPlanFilter;
import fr.inra.agrosyst.api.services.growingplan.GrowingPlanService;
import fr.inra.agrosyst.api.services.growingsystem.GrowingSystemFilter;
import fr.inra.agrosyst.api.services.growingsystem.GrowingSystemService;
import fr.inra.agrosyst.api.services.network.NetworkFilter;
import fr.inra.agrosyst.api.services.network.NetworkService;
import fr.inra.agrosyst.api.services.referential.ImportResult;
import fr.inra.agrosyst.api.services.security.AuthenticationService;
import fr.inra.agrosyst.api.services.security.AuthorizationService;
import fr.inra.agrosyst.api.services.security.InvalidTokenException;
import fr.inra.agrosyst.api.services.security.UserRoleDto;
import fr.inra.agrosyst.api.services.security.UserRoleEntityDto;
import fr.inra.agrosyst.api.services.users.UserDto;
import fr.inra.agrosyst.api.services.users.Users;
import fr.inra.agrosyst.services.AbstractAgrosystService;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.io.IOUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuiton.csv.Import;

/* loaded from: input_file:WEB-INF/lib/agrosyst-services-0.12.jar:fr/inra/agrosyst/services/security/AuthorizationServiceImpl.class */
public class AuthorizationServiceImpl extends AbstractAgrosystService implements AuthorizationService {
    private static final Log log = LogFactory.getLog(AuthorizationServiceImpl.class);
    public static final Function<Domain, String> GET_DOMAIN_ENTITY_LABEL = new Function<Domain, String>() { // from class: fr.inra.agrosyst.services.security.AuthorizationServiceImpl.1
        @Override // com.google.common.base.Function
        public String apply(Domain domain) {
            return domain == null ? "n/c" : String.format("%s (%s)", domain.getName(), domain.getLocation().getCodePostal());
        }
    };
    public static final Function<GrowingPlan, String> GET_GROWING_PLAN_ENTITY_LABEL = new Function<GrowingPlan, String>() { // from class: fr.inra.agrosyst.services.security.AuthorizationServiceImpl.2
        @Override // com.google.common.base.Function
        public String apply(GrowingPlan growingPlan) {
            return growingPlan == null ? "n/c" : String.format("%s (%s)", growingPlan.getName(), growingPlan.getDomain().getName());
        }
    };
    public static final Function<GrowingSystem, String> GET_GROWING_SYSTEM_ENTITY_LABEL = new Function<GrowingSystem, String>() { // from class: fr.inra.agrosyst.services.security.AuthorizationServiceImpl.3
        @Override // com.google.common.base.Function
        public String apply(GrowingSystem growingSystem) {
            return growingSystem == null ? "n/c" : String.format("%s (%s)", growingSystem.getName(), growingSystem.getGrowingPlan().getDomain().getName());
        }
    };
    protected AuthenticationService authenticationService;
    protected GrowingSystemService growingSystemService;
    protected DomainService domainService;
    protected NetworkService networkService;
    protected GrowingPlanService growingPlanService;
    protected TrackerServiceImpl trackerService;
    protected UserRoleTopiaDao userRoleDao;
    protected AgrosystUserTopiaDao agrosystUserDao;
    protected ComputedUserPermissionTopiaDao computedUserPermissionDao;
    protected NetworkTopiaDao networkDao;
    protected DomainTopiaDao domainDao;
    protected GrowingPlanTopiaDao growingPlanDao;
    protected GrowingSystemTopiaDao growingSystemDao;

    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    public void setGrowingSystemService(GrowingSystemService growingSystemService) {
        this.growingSystemService = growingSystemService;
    }

    public void setDomainService(DomainService domainService) {
        this.domainService = domainService;
    }

    public void setNetworkService(NetworkService networkService) {
        this.networkService = networkService;
    }

    public void setGrowingPlanService(GrowingPlanService growingPlanService) {
        this.growingPlanService = growingPlanService;
    }

    public void setTrackerService(TrackerServiceImpl trackerServiceImpl) {
        this.trackerService = trackerServiceImpl;
    }

    public void setUserRoleDao(UserRoleTopiaDao userRoleTopiaDao) {
        this.userRoleDao = userRoleTopiaDao;
    }

    public void setAgrosystUserDao(AgrosystUserTopiaDao agrosystUserTopiaDao) {
        this.agrosystUserDao = agrosystUserTopiaDao;
    }

    public void setComputedUserPermissionDao(ComputedUserPermissionTopiaDao computedUserPermissionTopiaDao) {
        this.computedUserPermissionDao = computedUserPermissionTopiaDao;
    }

    public void setNetworkDao(NetworkTopiaDao networkTopiaDao) {
        this.networkDao = networkTopiaDao;
    }

    public void setDomainDao(DomainTopiaDao domainTopiaDao) {
        this.domainDao = domainTopiaDao;
    }

    public void setGrowingPlanDao(GrowingPlanTopiaDao growingPlanTopiaDao) {
        this.growingPlanDao = growingPlanTopiaDao;
    }

    public void setGrowingSystemDao(GrowingSystemTopiaDao growingSystemTopiaDao) {
        this.growingSystemDao = growingSystemTopiaDao;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getUserId() {
        return checkComputedPermissions(getSecurityContext().getAuthenticationToken());
    }

    protected String getUserIdOrFail(String str) {
        String authenticatedUserId = this.authenticationService.getAuthenticatedUserId(str);
        if (Strings.isNullOrEmpty(authenticatedUserId)) {
            throw new InvalidTokenException("The given authentication token is invalid, no user associated with it");
        }
        return authenticatedUserId;
    }

    protected boolean hasRole(String str, RoleType roleType) {
        return this.userRoleDao.findRole(getUserIdOrFail(str), roleType) != null;
    }

    public boolean isAdmin() {
        return isAdmin(getSecurityContext().getAuthenticationToken());
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public boolean isAdmin(String str) {
        return hasRole(str, RoleType.ADMIN);
    }

    public boolean isIsDataProcessor() {
        return isIsDataProcessor(getSecurityContext().getAuthenticationToken());
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public boolean isIsDataProcessor(String str) {
        return hasRole(str, RoleType.IS_DATA_PROCESSOR);
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public boolean canCreateUser(String str) {
        String userIdOrFail = getUserIdOrFail(str);
        boolean hasRole = hasRole(str, RoleType.ADMIN);
        if (!hasRole) {
            hasRole = this.userRoleDao.findNetworkResponsibleRole(userIdOrFail) != null;
        }
        return hasRole;
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public void dropComputedPermissions(String str) {
        dropComputedPermissions0(getUserIdOrFail(str));
        getTransaction().commit();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void dropComputedPermissions0(String str) {
        List findAll = this.computedUserPermissionDao.forUserIdEquals(str).findAll();
        if (findAll != null) {
            if (log.isInfoEnabled()) {
                log.info(String.format("%d permission(s) are about to be deleted for user '%s'", Integer.valueOf(findAll.size()), str));
            }
            this.computedUserPermissionDao.deleteAll(findAll);
        }
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public String checkComputedPermissions(String str, String str2) {
        return (Strings.isNullOrEmpty(str2) || !isAdmin(str)) ? checkComputedPermissionFromUserId(str) : checkComputedPermissionFromUserId(str2);
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public String checkComputedPermissions(String str) {
        return checkComputedPermissionFromUserId(getUserIdOrFail(str));
    }

    protected String checkComputedPermissionFromUserId(String str) {
        long currentTimeMillis = System.currentTimeMillis();
        long usersPermissionCount = this.computedUserPermissionDao.getUsersPermissionCount(str);
        boolean z = false;
        int i = 0;
        if (usersPermissionCount == 0 || this.computedUserPermissionDao.getUsersDirtyCount(str) >= 1) {
            if (usersPermissionCount >= 1) {
                dropComputedPermissions0(str);
                z = true;
            }
            Set<ComputedUserPermission> computeUserPermissions = computeUserPermissions(str);
            i = computeUserPermissions.size();
            Iterator<ComputedUserPermission> it = computeUserPermissions.iterator();
            while (it.hasNext()) {
                this.computedUserPermissionDao.create((ComputedUserPermissionTopiaDao) it.next());
            }
        }
        if (z || i > 0) {
            getTransaction().commit();
        }
        if (log.isTraceEnabled()) {
            log.trace(String.format("User's permissions computation took %dms. %d new permission(s) created.", Long.valueOf(System.currentTimeMillis() - currentTimeMillis), Integer.valueOf(i)));
        }
        return str;
    }

    protected Function<UserRole, UserRoleDto> getUserRoleToDtoFunction(final boolean z, final boolean z2) {
        return new Function<UserRole, UserRoleDto>() { // from class: fr.inra.agrosyst.services.security.AuthorizationServiceImpl.4
            @Override // com.google.common.base.Function
            public UserRoleDto apply(UserRole userRole) {
                GrowingSystem growingSystem;
                String code;
                String apply;
                UserRoleDto userRoleDto = new UserRoleDto();
                userRoleDto.setTopiaId(userRole.getTopiaId());
                userRoleDto.setType(userRole.getType());
                if (z) {
                    if (!RoleType.IS_DATA_PROCESSOR.equals(userRole.getType()) && !RoleType.ADMIN.equals(userRole.getType())) {
                        UserRoleEntityDto userRoleEntityDto = new UserRoleEntityDto();
                        userRoleDto.setEntity(userRoleEntityDto);
                        Integer num = null;
                        switch (userRole.getType()) {
                            case NETWORK_RESPONSIBLE:
                                code = userRole.getNetworkId();
                                apply = ((Network) AuthorizationServiceImpl.this.networkDao.findByTopiaId(code)).getName();
                                break;
                            case DOMAIN_RESPONSIBLE:
                                code = userRole.getDomainCode();
                                apply = AuthorizationServiceImpl.GET_DOMAIN_ENTITY_LABEL.apply((Domain) AuthorizationServiceImpl.this.domainDao.forCodeEquals(code).findAny());
                                break;
                            case GROWING_PLAN_RESPONSIBLE:
                                code = userRole.getGrowingPlanCode();
                                apply = AuthorizationServiceImpl.GET_GROWING_PLAN_ENTITY_LABEL.apply((GrowingPlan) AuthorizationServiceImpl.this.growingPlanDao.forCodeEquals(code).findAny());
                                break;
                            case GS_DATA_PROCESSOR:
                                if (Strings.isNullOrEmpty(userRole.getGrowingSystemId())) {
                                    growingSystem = (GrowingSystem) AuthorizationServiceImpl.this.growingSystemDao.forCodeEquals(userRole.getGrowingSystemCode()).findAny();
                                } else {
                                    growingSystem = (GrowingSystem) AuthorizationServiceImpl.this.growingSystemDao.findByTopiaId(userRole.getGrowingSystemId());
                                    num = Integer.valueOf(growingSystem.getGrowingPlan().getDomain().getCampaign());
                                }
                                code = growingSystem.getCode();
                                apply = AuthorizationServiceImpl.GET_GROWING_SYSTEM_ENTITY_LABEL.apply(growingSystem);
                                break;
                            default:
                                throw new UnsupportedOperationException("Not supposed to happen");
                        }
                        userRoleEntityDto.setIdentifier(code);
                        userRoleEntityDto.setLabel(apply);
                        userRoleEntityDto.setCampaign(num);
                    }
                } else if (RoleType.GS_DATA_PROCESSOR.equals(userRole.getType()) && !Strings.isNullOrEmpty(userRole.getGrowingSystemId())) {
                    UserRoleEntityDto userRoleEntityDto2 = new UserRoleEntityDto();
                    userRoleEntityDto2.setCampaign(Integer.valueOf(((GrowingSystem) AuthorizationServiceImpl.this.growingSystemDao.findByTopiaId(userRole.getGrowingSystemId())).getGrowingPlan().getDomain().getCampaign()));
                    userRoleDto.setEntity(userRoleEntityDto2);
                }
                if (z2) {
                    userRoleDto.setUser(Users.TO_USER_DTO.apply(userRole.getAgrosystUser()));
                }
                return userRoleDto;
            }
        };
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public List<UserRoleDto> getUserRoles(String str) {
        LinkedList newLinkedList = Lists.newLinkedList();
        Iterables.addAll(newLinkedList, Iterables.transform(this.userRoleDao.findAllForUserId(str), getUserRoleToDtoFunction(true, false)));
        return newLinkedList;
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public List<UserRoleDto> getEntityRoles(RoleType roleType, String str) {
        LinkedList newLinkedList = Lists.newLinkedList();
        Iterables.addAll(newLinkedList, Iterables.transform(getUserRoles0(roleType, str), getUserRoleToDtoFunction(false, true)));
        return newLinkedList;
    }

    protected List<UserRole> getUserRoles0(RoleType roleType, String str) {
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put("type", roleType);
        switch (roleType) {
            case DOMAIN_RESPONSIBLE:
                newHashMap.put("domainCode", str);
                break;
            case GROWING_PLAN_RESPONSIBLE:
                newHashMap.put(UserRole.PROPERTY_GROWING_PLAN_CODE, str);
                break;
            case GS_DATA_PROCESSOR:
                newHashMap.put(UserRole.PROPERTY_GROWING_SYSTEM_CODE, str);
                break;
            default:
                throw new UnsupportedOperationException("Unexcpected role type: " + roleType);
        }
        List<UserRole> findAll = this.userRoleDao.forProperties((Map<String, Object>) newHashMap).findAll();
        if (RoleType.GS_DATA_PROCESSOR.equals(roleType)) {
            Iterables.addAll(findAll, this.userRoleDao.newQueryBuilder().addEquals("type", RoleType.GS_DATA_PROCESSOR).addIn(UserRole.PROPERTY_GROWING_SYSTEM_ID, this.growingSystemDao.forCodeEquals(str).findAllIds()).findAll());
        }
        return findAll;
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public List<UserRoleEntityDto> searchPossibleEntities(RoleType roleType, String str) {
        String emptyToNull = Strings.emptyToNull(str);
        LinkedList newLinkedList = Lists.newLinkedList();
        switch (roleType) {
            case NETWORK_RESPONSIBLE:
                NetworkFilter networkFilter = new NetworkFilter();
                networkFilter.setNetworkName(emptyToNull);
                networkFilter.setPageSize(-1);
                Iterables.addAll(newLinkedList, Iterables.transform(this.networkService.getFilteredNetworks(networkFilter), new Function<Network, UserRoleEntityDto>() { // from class: fr.inra.agrosyst.services.security.AuthorizationServiceImpl.6
                    @Override // com.google.common.base.Function
                    public UserRoleEntityDto apply(Network network) {
                        UserRoleEntityDto userRoleEntityDto = new UserRoleEntityDto();
                        userRoleEntityDto.setIdentifier(network.getTopiaId());
                        userRoleEntityDto.setLabel(network.getName());
                        return userRoleEntityDto;
                    }
                }));
                break;
            case DOMAIN_RESPONSIBLE:
                DomainFilter domainFilter = new DomainFilter();
                domainFilter.setDomainName(emptyToNull);
                domainFilter.setPageSize(-1);
                Iterables.addAll(newLinkedList, Iterables.transform(this.domainService.getFilteredDomains(domainFilter), new Function<Domain, UserRoleEntityDto>() { // from class: fr.inra.agrosyst.services.security.AuthorizationServiceImpl.5
                    @Override // com.google.common.base.Function
                    public UserRoleEntityDto apply(Domain domain) {
                        UserRoleEntityDto userRoleEntityDto = new UserRoleEntityDto();
                        userRoleEntityDto.setIdentifier(domain.getCode());
                        userRoleEntityDto.setLabel(AuthorizationServiceImpl.GET_DOMAIN_ENTITY_LABEL.apply(domain));
                        return userRoleEntityDto;
                    }
                }));
                break;
            case GROWING_PLAN_RESPONSIBLE:
                GrowingPlanFilter growingPlanFilter = new GrowingPlanFilter();
                growingPlanFilter.setGrowingPlanName(emptyToNull);
                growingPlanFilter.setPageSize(-1);
                Iterables.addAll(newLinkedList, Iterables.transform(this.growingPlanService.getFilteredGrowingPlans(growingPlanFilter), new Function<GrowingPlan, UserRoleEntityDto>() { // from class: fr.inra.agrosyst.services.security.AuthorizationServiceImpl.7
                    @Override // com.google.common.base.Function
                    public UserRoleEntityDto apply(GrowingPlan growingPlan) {
                        UserRoleEntityDto userRoleEntityDto = new UserRoleEntityDto();
                        userRoleEntityDto.setIdentifier(growingPlan.getCode());
                        userRoleEntityDto.setLabel(AuthorizationServiceImpl.GET_GROWING_PLAN_ENTITY_LABEL.apply(growingPlan));
                        return userRoleEntityDto;
                    }
                }));
                break;
            case GS_DATA_PROCESSOR:
                GrowingSystemFilter growingSystemFilter = new GrowingSystemFilter();
                growingSystemFilter.setGrowingSystemName(emptyToNull);
                growingSystemFilter.setPageSize(-1);
                Iterables.addAll(newLinkedList, Iterables.transform(this.growingSystemService.getFilteredGrowingSystems(growingSystemFilter), new Function<GrowingSystem, UserRoleEntityDto>() { // from class: fr.inra.agrosyst.services.security.AuthorizationServiceImpl.8
                    @Override // com.google.common.base.Function
                    public UserRoleEntityDto apply(GrowingSystem growingSystem) {
                        UserRoleEntityDto userRoleEntityDto = new UserRoleEntityDto();
                        userRoleEntityDto.setIdentifier(growingSystem.getCode());
                        userRoleEntityDto.setLabel(AuthorizationServiceImpl.GET_GROWING_SYSTEM_ENTITY_LABEL.apply(growingSystem));
                        return userRoleEntityDto;
                    }
                }));
                break;
            case ADMIN:
            case IS_DATA_PROCESSOR:
                break;
            default:
                throw new UnsupportedOperationException("Unexpected type: " + roleType);
        }
        ImmutableListMultimap index = Multimaps.index(newLinkedList, new Function<UserRoleEntityDto, String>() { // from class: fr.inra.agrosyst.services.security.AuthorizationServiceImpl.9
            @Override // com.google.common.base.Function
            public String apply(UserRoleEntityDto userRoleEntityDto) {
                return userRoleEntityDto.getIdentifier();
            }
        });
        Set<K> keySet = index.keySet();
        ArrayList newArrayListWithCapacity = Lists.newArrayListWithCapacity(keySet.size());
        Iterator it = keySet.iterator();
        while (it.hasNext()) {
            newArrayListWithCapacity.add((UserRoleEntityDto) Iterables.getFirst(index.get((ImmutableListMultimap) it.next()), null));
        }
        return newArrayListWithCapacity;
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public void saveUserRoles(String str, List<UserRoleDto> list) {
        createOrUpdateUserRoles(str, list, true);
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public void addUserRoles(String str, List<UserRoleDto> list) {
        createOrUpdateUserRoles(str, list, false);
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:11:0x00c3. Please report as an issue. */
    /* JADX WARN: Removed duplicated region for block: B:37:0x01e5 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:41:0x01cf A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected void createOrUpdateUserRoles(java.lang.String r6, java.util.List<fr.inra.agrosyst.api.services.security.UserRoleDto> r7, java.lang.Boolean r8) {
        /*
            Method dump skipped, instructions count: 584
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: fr.inra.agrosyst.services.security.AuthorizationServiceImpl.createOrUpdateUserRoles(java.lang.String, java.util.List, java.lang.Boolean):void");
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public void saveEntityUserRoles(RoleType roleType, String str, List<UserRoleDto> list) {
        UserRole userRole;
        ImmutableMap uniqueIndex = Maps.uniqueIndex(getUserRoles0(roleType, str), Entities.GET_TOPIA_ID);
        HashSet newHashSet = Sets.newHashSet(uniqueIndex.keySet());
        for (UserRoleDto userRoleDto : list) {
            String topiaId = userRoleDto.getUser().getTopiaId();
            AgrosystUser agrosystUser = (AgrosystUser) this.agrosystUserDao.findByTopiaId(topiaId);
            String topiaId2 = userRoleDto.getTopiaId();
            if (Strings.isNullOrEmpty(topiaId2)) {
                userRole = (UserRole) this.userRoleDao.newInstance();
            } else {
                userRole = (UserRole) uniqueIndex.get(topiaId2);
                newHashSet.remove(topiaId2);
            }
            userRole.setAgrosystUser(agrosystUser);
            RoleType type = userRoleDto.getType();
            userRole.setType(type);
            switch (type) {
                case DOMAIN_RESPONSIBLE:
                    userRole.setDomainCode(str);
                    break;
                case GROWING_PLAN_RESPONSIBLE:
                    userRole.setGrowingPlanCode(str);
                    break;
                case GS_DATA_PROCESSOR:
                    Integer campaign = userRoleDto.getEntity() != null ? userRoleDto.getEntity().getCampaign() : null;
                    if (campaign == null) {
                        userRole.setGrowingSystemCode(str);
                        userRole.setGrowingSystemId(null);
                        break;
                    } else {
                        GrowingSystem next = this.growingSystemDao.findAllByCodeAndCampaign(str, Sets.newHashSet(campaign)).iterator().next();
                        userRole.setGrowingSystemCode(null);
                        userRole.setGrowingSystemId(next.getTopiaId());
                        break;
                    }
                default:
                    throw new UnsupportedOperationException("Unexpected type: " + type);
            }
            if (Strings.isNullOrEmpty(topiaId2)) {
                this.userRoleDao.create((UserRoleTopiaDao) userRole);
                this.trackerService.roleAdded(userRole);
            } else {
                this.userRoleDao.update(userRole);
            }
            dropComputedPermissions0(topiaId);
        }
        Iterator it = newHashSet.iterator();
        while (it.hasNext()) {
            UserRole userRole2 = (UserRole) uniqueIndex.get((String) it.next());
            this.userRoleDao.delete((UserRoleTopiaDao) userRole2);
            this.trackerService.roleRemoved(userRole2);
        }
        getTransaction().commit();
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public List<UserDto> getDomainResponsibles(String str) {
        return Lists.transform(this.userRoleDao.findAllRoleUsers(RoleType.DOMAIN_RESPONSIBLE, "domainCode", str), Users.TO_USER_DTO);
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public List<UserDto> getGrowingPlanResponsibles(String str) {
        return Lists.transform(this.userRoleDao.findAllRoleUsers(RoleType.GROWING_PLAN_RESPONSIBLE, UserRole.PROPERTY_GROWING_PLAN_CODE, str), Users.TO_USER_DTO);
    }

    protected Set<ComputedUserPermission> computeUserPermissions(String str) {
        LinkedHashSet newLinkedHashSet = Sets.newLinkedHashSet();
        List<UserRole> findAllForUserId = this.userRoleDao.findAllForUserId(str);
        if (findAllForUserId != null) {
            for (UserRole userRole : findAllForUserId) {
                switch (userRole.getType()) {
                    case NETWORK_RESPONSIBLE:
                        newLinkedHashSet.addAll(computeNetworkResponsiblePermissions(str, userRole));
                        break;
                    case DOMAIN_RESPONSIBLE:
                        newLinkedHashSet.addAll(computeDomainResponsiblePermissions(str, userRole));
                        break;
                    case GROWING_PLAN_RESPONSIBLE:
                        newLinkedHashSet.addAll(computeGrowingPlanResponsiblePermissions(str, userRole));
                        break;
                    case GS_DATA_PROCESSOR:
                        newLinkedHashSet.addAll(computeGrowingSystemDataProcessorPermissions(str, userRole));
                        break;
                    case ADMIN:
                        break;
                    case IS_DATA_PROCESSOR:
                        newLinkedHashSet.addAll(computeIsDataProcessorPermissions(str));
                        break;
                    default:
                        throw new UnsupportedOperationException("Unexpected type: " + userRole);
                }
            }
        }
        return newLinkedHashSet;
    }

    protected List<ComputedUserPermission> computeIsDataProcessorPermissions(String str) {
        LinkedList newLinkedList = Lists.newLinkedList();
        Iterator<String> it = this.domainDao.getAllDomainCodes().iterator();
        while (it.hasNext()) {
            newLinkedList.add(this.computedUserPermissionDao.newDomainReadValidatedPermission(str, it.next()));
        }
        Iterator<String> it2 = this.growingPlanDao.getAllGrowingPlanCodes().iterator();
        while (it2.hasNext()) {
            newLinkedList.add(this.computedUserPermissionDao.newGrowingPlanReadValidatedPermission(str, it2.next()));
        }
        Iterator<String> it3 = this.growingSystemDao.getAllGrowingSystemCodes().iterator();
        while (it3.hasNext()) {
            newLinkedList.add(this.computedUserPermissionDao.newGrowingSystemReadValidatedPermission(str, it3.next()));
        }
        return newLinkedList;
    }

    protected List<ComputedUserPermission> computeGrowingSystemDataProcessorPermissions(String str, UserRole userRole) {
        ComputedUserPermission newSpecificGrowingPlanReadValidatedPermission;
        ComputedUserPermission newSpecificDomainReadValidatedPermission;
        LinkedList newLinkedList = Lists.newLinkedList();
        String growingSystemCode = userRole.getGrowingSystemCode();
        String growingSystemId = userRole.getGrowingSystemId();
        Preconditions.checkState((Strings.isNullOrEmpty(growingSystemCode) && Strings.isNullOrEmpty(growingSystemId)) ? false : true);
        newLinkedList.add(!Strings.isNullOrEmpty(growingSystemCode) ? this.computedUserPermissionDao.newGrowingSystemReadValidatedPermission(str, growingSystemCode) : this.computedUserPermissionDao.newSpecificGrowingSystemReadValidatedPermission(str, growingSystemId));
        if (Strings.isNullOrEmpty(growingSystemCode)) {
            GrowingPlan growingPlan = ((GrowingSystem) this.growingSystemDao.findByTopiaId(growingSystemId)).getGrowingPlan();
            newSpecificGrowingPlanReadValidatedPermission = this.computedUserPermissionDao.newSpecificGrowingPlanReadValidatedPermission(str, growingPlan.getTopiaId());
            newSpecificDomainReadValidatedPermission = this.computedUserPermissionDao.newSpecificDomainReadValidatedPermission(str, growingPlan.getDomain().getTopiaId());
        } else {
            GrowingPlan growingPlan2 = ((GrowingSystem) this.growingSystemDao.forCodeEquals(growingSystemCode).findAny()).getGrowingPlan();
            newSpecificGrowingPlanReadValidatedPermission = this.computedUserPermissionDao.newGrowingPlanReadValidatedPermission(str, growingPlan2.getCode());
            newSpecificDomainReadValidatedPermission = this.computedUserPermissionDao.newDomainReadValidatedPermission(str, growingPlan2.getDomain().getCode());
        }
        newLinkedList.add(newSpecificGrowingPlanReadValidatedPermission);
        newLinkedList.add(newSpecificDomainReadValidatedPermission);
        return newLinkedList;
    }

    protected List<ComputedUserPermission> computeGrowingPlanResponsiblePermissions(String str, UserRole userRole) {
        LinkedList newLinkedList = Lists.newLinkedList();
        String growingPlanCode = userRole.getGrowingPlanCode();
        Preconditions.checkState(!Strings.isNullOrEmpty(growingPlanCode));
        ImmutableSet of = ImmutableSet.of(growingPlanCode);
        newLinkedList.add(this.computedUserPermissionDao.newGrowingPlanAdminPermission(str, growingPlanCode));
        newLinkedList.add(this.computedUserPermissionDao.newDomainReadPermission(str, ((GrowingPlan) this.growingPlanDao.forCodeEquals(growingPlanCode).findAny()).getDomain().getCode()));
        Set<String> growingPlansToGrowingSystemsCode = this.growingSystemDao.growingPlansToGrowingSystemsCode(of);
        if (growingPlansToGrowingSystemsCode != null) {
            Iterator<String> it = growingPlansToGrowingSystemsCode.iterator();
            while (it.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newGrowingSystemAdminPermission(str, it.next()));
            }
        }
        return newLinkedList;
    }

    protected List<ComputedUserPermission> computeDomainResponsiblePermissions(String str, UserRole userRole) {
        LinkedList newLinkedList = Lists.newLinkedList();
        String domainCode = userRole.getDomainCode();
        Preconditions.checkState(!Strings.isNullOrEmpty(domainCode));
        ImmutableSet of = ImmutableSet.of(domainCode);
        newLinkedList.add(this.computedUserPermissionDao.newDomainAdminPermission(str, domainCode));
        Set<String> domainsToGrowingPlansCode = this.growingPlanDao.domainsToGrowingPlansCode(of);
        if (domainsToGrowingPlansCode != null) {
            Iterator<String> it = domainsToGrowingPlansCode.iterator();
            while (it.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newGrowingPlanReadPermission(str, it.next()));
            }
        }
        Set<String> domainsToGrowingSystemsCode = this.growingSystemDao.domainsToGrowingSystemsCode(of);
        if (domainsToGrowingSystemsCode != null) {
            Iterator<String> it2 = domainsToGrowingSystemsCode.iterator();
            while (it2.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newGrowingSystemReadPermission(str, it2.next()));
            }
        }
        return newLinkedList;
    }

    protected List<ComputedUserPermission> computeNetworkResponsiblePermissions(String str, UserRole userRole) {
        LinkedList newLinkedList = Lists.newLinkedList();
        String networkId = userRole.getNetworkId();
        Preconditions.checkState(!Strings.isNullOrEmpty(networkId));
        ImmutableSet of = ImmutableSet.of(networkId);
        newLinkedList.add(this.computedUserPermissionDao.newNetworkAdminPermission(str, networkId));
        Set<String> networksToDomainsCode = this.growingSystemDao.networksToDomainsCode(of);
        if (networksToDomainsCode != null) {
            Iterator<String> it = networksToDomainsCode.iterator();
            while (it.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newDomainReadPermission(str, it.next()));
            }
        }
        Set<String> networksToGrowingPlansCode = this.growingSystemDao.networksToGrowingPlansCode(of);
        if (networksToGrowingPlansCode != null) {
            Iterator<String> it2 = networksToGrowingPlansCode.iterator();
            while (it2.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newGrowingPlanReadPermission(str, it2.next()));
            }
        }
        Set<String> networksToGrowingSystemsCode = this.growingSystemDao.networksToGrowingSystemsCode(of);
        if (networksToGrowingSystemsCode != null) {
            Iterator<String> it3 = networksToGrowingSystemsCode.iterator();
            while (it3.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newGrowingSystemReadPermission(str, it3.next()));
            }
        }
        return newLinkedList;
    }

    protected void markPermissionsAsDirty(ComputedUserPermissionTopiaDao computedUserPermissionTopiaDao, Iterable<ComputedUserPermission> iterable) {
        for (ComputedUserPermission computedUserPermission : iterable) {
            computedUserPermission.setDirty(true);
            computedUserPermissionTopiaDao.update(computedUserPermission);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void objectsAreDirty(PermissionObjectType permissionObjectType) {
        markPermissionsAsDirty(this.computedUserPermissionDao, this.computedUserPermissionDao.forProperties("type", (Object) permissionObjectType, ComputedUserPermission.PROPERTY_DIRTY, false).findAll());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void objectIsDirty(PermissionObjectType permissionObjectType, String str) {
        markPermissionsAsDirty(this.computedUserPermissionDao, this.computedUserPermissionDao.forProperties("type", (Object) permissionObjectType, ComputedUserPermission.PROPERTY_OBJECT, str, ComputedUserPermission.PROPERTY_DIRTY, false).findAll());
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public ImportResult importRoles(InputStream inputStream) {
        Import r7 = null;
        ImportResult importResult = new ImportResult();
        try {
            r7 = Import.newImport(new UserRolesImportModel(), inputStream);
            HashMap newHashMap = Maps.newHashMap();
            Iterator it = r7.iterator();
            while (it.hasNext()) {
                ImportUserRoleDto importUserRoleDto = (ImportUserRoleDto) it.next();
                Preconditions.checkArgument(!Strings.isNullOrEmpty(importUserRoleDto.getUserEmail()));
                AgrosystUser agrosystUser = (AgrosystUser) this.agrosystUserDao.forEmailEquals(importUserRoleDto.getUserEmail().toLowerCase()).findAnyOrNull();
                if (agrosystUser == null) {
                    importResult.incIgnored();
                } else {
                    String targetedEntity = importUserRoleDto.getTargetedEntity();
                    ArrayList newArrayList = Lists.newArrayList();
                    newArrayList.addAll(searchPossibleEntities(importUserRoleDto.getType(), targetedEntity));
                    if (newArrayList.size() == 1) {
                        List list = (List) newHashMap.get(agrosystUser.getTopiaId());
                        if (list == null) {
                            list = Lists.newArrayList();
                            newHashMap.put(agrosystUser.getTopiaId(), list);
                        }
                        UserRoleDto userRoleDto = new UserRoleDto();
                        userRoleDto.setType(importUserRoleDto.getType());
                        UserRoleEntityDto userRoleEntityDto = (UserRoleEntityDto) newArrayList.get(0);
                        userRoleEntityDto.setCampaign(importUserRoleDto.getCampaign());
                        userRoleDto.setEntity(userRoleEntityDto);
                        list.add(userRoleDto);
                    } else if (newArrayList.isEmpty()) {
                        if (log.isWarnEnabled()) {
                            log.warn("Can't find any entity for term " + targetedEntity);
                        }
                        importResult.incIgnored();
                    } else {
                        if (log.isWarnEnabled()) {
                            log.warn("Too many entities founds for term " + targetedEntity);
                        }
                        importResult.incIgnored();
                    }
                }
            }
            for (Map.Entry entry : newHashMap.entrySet()) {
                saveUserRoles((String) entry.getKey(), (List) entry.getValue());
                importResult.incCreated();
            }
            getTransaction().commit();
            IOUtils.closeQuietly(r7);
            return importResult;
        } catch (Throwable th) {
            IOUtils.closeQuietly(r7);
            throw th;
        }
    }
}
