package fr.inra.agrosyst.services.security;

import com.google.common.base.Predicate;
import com.google.common.collect.Iterables;
import fr.inra.agrosyst.api.entities.AgrosystDAOHelper;
import fr.inra.agrosyst.api.entities.AgrosystUser;
import fr.inra.agrosyst.api.entities.Domain;
import fr.inra.agrosyst.api.entities.GrowingPlan;
import fr.inra.agrosyst.api.entities.GrowingSystem;
import fr.inra.agrosyst.api.entities.Network;
import fr.inra.agrosyst.api.entities.security.ComputedUserPermission;
import fr.inra.agrosyst.api.entities.security.PermissionObjectType;
import fr.inra.agrosyst.api.entities.security.RoleType;
import fr.inra.agrosyst.api.entities.security.UserRole;
import fr.inra.agrosyst.api.services.security.AgrosystAccessDeniedException;
import fr.inra.agrosyst.api.services.security.BusinessAuthorizationService;
import java.util.List;

/* loaded from: input_file:WEB-INF/lib/agrosyst-services-0.5.1.jar:fr/inra/agrosyst/services/security/BusinessAuthorizationServiceImpl.class */
public class BusinessAuthorizationServiceImpl extends AuthorizationServiceImpl implements BusinessAuthorizationService {
    protected static final Predicate<ComputedUserPermission> HAS_WRITE_PERMISSION = new Predicate<ComputedUserPermission>() { // from class: fr.inra.agrosyst.services.security.BusinessAuthorizationServiceImpl.1
        @Override // com.google.common.base.Predicate
        public boolean apply(ComputedUserPermission computedUserPermission) {
            return computedUserPermission.getAction() >= 3;
        }
    };

    protected boolean hasObjectPermissionWritable(String str, PermissionObjectType permissionObjectType, String str2) {
        return Iterables.tryFind(AgrosystDAOHelper.getComputedUserPermissionDAO(getTransaction()).findAllByProperties("userId", str, "type", permissionObjectType, ComputedUserPermission.PROPERTY_OBJECT, str2), HAS_WRITE_PERMISSION).isPresent();
    }

    protected boolean hasObjectPermissionReadable(String str, PermissionObjectType permissionObjectType, String str2) {
        List<E> findAllByProperties = AgrosystDAOHelper.getComputedUserPermissionDAO(getTransaction()).findAllByProperties("userId", str, "type", permissionObjectType, ComputedUserPermission.PROPERTY_OBJECT, str2);
        return (findAllByProperties == 0 || findAllByProperties.isEmpty()) ? false : true;
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public boolean isDomainWritable(String str) {
        String userId = getUserId();
        boolean z = isAdmin() || hasObjectPermissionWritable(userId, PermissionObjectType.DOMAIN_ID, str);
        if (!z) {
            z = hasObjectPermissionWritable(userId, PermissionObjectType.DOMAIN_CODE, ((Domain) AgrosystDAOHelper.getDomainDAO(getTransaction()).findByTopiaId(str)).getCode());
        }
        return z;
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public boolean isGrowingPlanWritable(String str) {
        String userId = getUserId();
        boolean z = isAdmin() || hasObjectPermissionWritable(userId, PermissionObjectType.GROWING_PLAN_ID, str);
        if (!z) {
            z = hasObjectPermissionWritable(userId, PermissionObjectType.GROWING_PLAN_CODE, ((GrowingPlan) AgrosystDAOHelper.getGrowingPlanDAO(getTransaction()).findByTopiaId(str)).getCode());
        }
        return z;
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public boolean isGrowingSystemWritable(String str) {
        String userId = getUserId();
        boolean z = isAdmin() || hasObjectPermissionWritable(userId, PermissionObjectType.GROWING_SYSTEM_ID, str);
        if (!z) {
            z = hasObjectPermissionWritable(userId, PermissionObjectType.GROWING_SYSTEM_CODE, ((GrowingSystem) AgrosystDAOHelper.getGrowingSystemDAO(getTransaction()).findByTopiaId(str)).getCode());
        }
        return z;
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public boolean isNetworkWritable(String str) {
        return isAdmin() || hasObjectPermissionWritable(getUserId(), PermissionObjectType.NETWORK_ID, str);
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public void domainCreated(Domain domain) {
        String userId = getUserId();
        AgrosystDAOHelper.getUserRoleDAO(getTransaction()).create("agrosystUser", (AgrosystUser) AgrosystDAOHelper.getAgrosystUserDAO(getTransaction()).findByTopiaId(userId), "type", RoleType.DOMAIN_RESPONSIBLE, UserRole.PROPERTY_DOMAIN_CODE, domain.getCode());
        dropComputedPermissions0(userId);
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public void growingPlanCreated(GrowingPlan growingPlan) {
        String userId = getUserId();
        AgrosystDAOHelper.getUserRoleDAO(getTransaction()).create("agrosystUser", (AgrosystUser) AgrosystDAOHelper.getAgrosystUserDAO(getTransaction()).findByTopiaId(userId), "type", RoleType.GROWING_PLAN_RESPONSIBLE, UserRole.PROPERTY_GROWING_PLAN_CODE, growingPlan.getCode());
        dropComputedPermissions0(userId);
        domainIsDirty(growingPlan.getDomain());
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public void growingSystemCreated(GrowingSystem growingSystem) {
        growingPlanIsDirty(growingSystem.getGrowingPlan());
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public void networkCreated(Network network) {
        String userId = getUserId();
        AgrosystDAOHelper.getUserRoleDAO(getTransaction()).create("agrosystUser", (AgrosystUser) AgrosystDAOHelper.getAgrosystUserDAO(getTransaction()).findByTopiaId(userId), "type", RoleType.NETWORK_RESPONSIBLE, UserRole.PROPERTY_NETWORK_ID, network.getTopiaId());
        dropComputedPermissions0(userId);
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public void networkUpdated(Network network) {
        objectsAreDirty(PermissionObjectType.NETWORK_ID);
    }

    protected void growingPlanIsDirty(GrowingPlan growingPlan) {
        objectIsDirty(PermissionObjectType.GROWING_PLAN_ID, growingPlan.getTopiaId());
        objectIsDirty(PermissionObjectType.GROWING_PLAN_CODE, growingPlan.getCode());
        domainIsDirty(growingPlan.getDomain());
    }

    protected void domainIsDirty(Domain domain) {
        objectIsDirty(PermissionObjectType.DOMAIN_ID, domain.getTopiaId());
        objectIsDirty(PermissionObjectType.DOMAIN_CODE, domain.getCode());
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public void checkIsAdmin() throws AgrosystAccessDeniedException {
        if (!isAdmin()) {
            throw new AgrosystAccessDeniedException();
        }
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public void checkDomainReadable(String str) throws AgrosystAccessDeniedException {
        String userId = getUserId();
        boolean z = isAdmin() || hasObjectPermissionReadable(userId, PermissionObjectType.DOMAIN_ID, str);
        if (!z) {
            z = hasObjectPermissionReadable(userId, PermissionObjectType.DOMAIN_CODE, ((Domain) AgrosystDAOHelper.getDomainDAO(getTransaction()).findByTopiaId(str)).getCode());
        }
        if (!z) {
            throw new AgrosystAccessDeniedException();
        }
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public void checkGrowingPlanReadable(String str) throws AgrosystAccessDeniedException {
        String userId = getUserId();
        boolean z = isAdmin() || hasObjectPermissionReadable(userId, PermissionObjectType.GROWING_PLAN_ID, str);
        if (!z) {
            z = hasObjectPermissionReadable(userId, PermissionObjectType.GROWING_PLAN_CODE, ((GrowingPlan) AgrosystDAOHelper.getGrowingPlanDAO(getTransaction()).findByTopiaId(str)).getCode());
        }
        if (!z) {
            throw new AgrosystAccessDeniedException();
        }
    }

    @Override // fr.inra.agrosyst.api.services.security.BusinessAuthorizationService
    public void checkGrowingSystemReadable(String str) throws AgrosystAccessDeniedException {
        String userId = getUserId();
        boolean z = isAdmin() || hasObjectPermissionWritable(userId, PermissionObjectType.GROWING_SYSTEM_ID, str);
        if (!z) {
            z = hasObjectPermissionWritable(userId, PermissionObjectType.GROWING_SYSTEM_CODE, ((GrowingSystem) AgrosystDAOHelper.getGrowingSystemDAO(getTransaction()).findByTopiaId(str)).getCode());
        }
        if (!z) {
            throw new AgrosystAccessDeniedException();
        }
    }
}
