package fr.inra.agrosyst.services.security;

import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableListMultimap;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.common.collect.Multimaps;
import com.google.common.collect.Sets;
import fr.inra.agrosyst.api.entities.Domain;
import fr.inra.agrosyst.api.entities.DomainTopiaDao;
import fr.inra.agrosyst.api.entities.Entities;
import fr.inra.agrosyst.api.entities.GrowingPlan;
import fr.inra.agrosyst.api.entities.GrowingPlanTopiaDao;
import fr.inra.agrosyst.api.entities.GrowingSystem;
import fr.inra.agrosyst.api.entities.GrowingSystemTopiaDao;
import fr.inra.agrosyst.api.entities.Network;
import fr.inra.agrosyst.api.entities.NetworkTopiaDao;
import fr.inra.agrosyst.api.entities.managementmode.ManagementModeTopiaDao;
import fr.inra.agrosyst.api.entities.security.AgrosystUser;
import fr.inra.agrosyst.api.entities.security.AgrosystUserTopiaDao;
import fr.inra.agrosyst.api.entities.security.ComputedUserPermission;
import fr.inra.agrosyst.api.entities.security.ComputedUserPermissionTopiaDao;
import fr.inra.agrosyst.api.entities.security.PermissionObjectType;
import fr.inra.agrosyst.api.entities.security.RoleType;
import fr.inra.agrosyst.api.entities.security.UserRole;
import fr.inra.agrosyst.api.entities.security.UserRoleTopiaDao;
import fr.inra.agrosyst.api.services.domain.DomainFilter;
import fr.inra.agrosyst.api.services.domain.DomainService;
import fr.inra.agrosyst.api.services.growingplan.GrowingPlanFilter;
import fr.inra.agrosyst.api.services.growingplan.GrowingPlanService;
import fr.inra.agrosyst.api.services.growingsystem.GrowingSystemFilter;
import fr.inra.agrosyst.api.services.growingsystem.GrowingSystemService;
import fr.inra.agrosyst.api.services.network.NetworkFilter;
import fr.inra.agrosyst.api.services.network.NetworkService;
import fr.inra.agrosyst.api.services.pz0.ImportResults;
import fr.inra.agrosyst.api.services.pz0.security.UsersRolesAndDependencies;
import fr.inra.agrosyst.api.services.referential.ImportResult;
import fr.inra.agrosyst.api.services.security.AuthenticationService;
import fr.inra.agrosyst.api.services.security.AuthorizationService;
import fr.inra.agrosyst.api.services.security.InvalidTokenException;
import fr.inra.agrosyst.api.services.security.UserRoleDto;
import fr.inra.agrosyst.api.services.security.UserRoleEntityDto;
import fr.inra.agrosyst.api.services.users.UserDto;
import fr.inra.agrosyst.api.services.users.Users;
import fr.inra.agrosyst.services.AbstractAgrosystService;
import fr.inra.agrosyst.services.common.CacheService;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.function.Function;
import java.util.stream.Collectors;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuiton.csv.Import;
import org.nuiton.topia.persistence.TopiaEntity;

/* loaded from: input_file:WEB-INF/lib/agrosyst-services-2.10.jar:fr/inra/agrosyst/services/security/AuthorizationServiceImpl.class */
public class AuthorizationServiceImpl extends AbstractAgrosystService implements AuthorizationService {
    private static final Log LOGGER = LogFactory.getLog(AuthorizationServiceImpl.class);
    public static final String N_C = "n/c";
    protected AuthenticationService authenticationService;
    protected GrowingSystemService growingSystemService;
    protected DomainService domainService;
    protected NetworkService networkService;
    protected GrowingPlanService growingPlanService;
    protected TrackerServiceImpl trackerService;
    protected CacheService cacheService;
    protected UserRoleTopiaDao userRoleDao;
    protected AgrosystUserTopiaDao agrosystUserDao;
    protected ComputedUserPermissionTopiaDao computedUserPermissionDao;
    protected NetworkTopiaDao networkDao;
    protected DomainTopiaDao domainDao;
    protected GrowingPlanTopiaDao growingPlanDao;
    protected GrowingSystemTopiaDao growingSystemDao;

    protected static String toDomainEntityLabel(Domain domain) {
        return domain == null ? N_C : String.format("%s (%s)", domain.getName(), domain.getLocation().getCodePostal());
    }

    protected static String toGrowingPlanEntityLabel(GrowingPlan growingPlan) {
        return growingPlan == null ? N_C : String.format("%s (%s)", growingPlan.getName(), growingPlan.getDomain().getName());
    }

    protected static String toGrowingSystemEntityLabel(GrowingSystem growingSystem) {
        return growingSystem == null ? N_C : String.format("%s (%s)", growingSystem.getName(), growingSystem.getGrowingPlan().getDomain().getName());
    }

    protected static UserRoleEntityDto toDomainUserRoleEntityDto(Domain domain) {
        UserRoleEntityDto userRoleEntityDto = new UserRoleEntityDto();
        userRoleEntityDto.setIdentifier(domain.getCode());
        userRoleEntityDto.setLabel(toDomainEntityLabel(domain));
        return userRoleEntityDto;
    }

    protected static UserRoleEntityDto toGrowingSystemUserRoleEntityDto(GrowingSystem growingSystem) {
        UserRoleEntityDto userRoleEntityDto = new UserRoleEntityDto();
        userRoleEntityDto.setIdentifier(growingSystem.getCode());
        userRoleEntityDto.setLabel(toGrowingSystemEntityLabel(growingSystem));
        return userRoleEntityDto;
    }

    protected static UserRoleEntityDto toGrowingPlanUserRoleEntityDto(GrowingPlan growingPlan) {
        UserRoleEntityDto userRoleEntityDto = new UserRoleEntityDto();
        userRoleEntityDto.setIdentifier(growingPlan.getCode());
        userRoleEntityDto.setLabel(toGrowingPlanEntityLabel(growingPlan));
        return userRoleEntityDto;
    }

    protected static UserRoleEntityDto toNetworkUserRoleEntityDto(Network network) {
        UserRoleEntityDto userRoleEntityDto = new UserRoleEntityDto();
        userRoleEntityDto.setIdentifier(network.getTopiaId());
        userRoleEntityDto.setLabel(network.getName());
        return userRoleEntityDto;
    }

    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    public void setGrowingSystemService(GrowingSystemService growingSystemService) {
        this.growingSystemService = growingSystemService;
    }

    public void setCacheService(CacheService cacheService) {
        this.cacheService = cacheService;
    }

    public void setDomainService(DomainService domainService) {
        this.domainService = domainService;
    }

    public void setNetworkService(NetworkService networkService) {
        this.networkService = networkService;
    }

    public void setGrowingPlanService(GrowingPlanService growingPlanService) {
        this.growingPlanService = growingPlanService;
    }

    public void setTrackerService(TrackerServiceImpl trackerServiceImpl) {
        this.trackerService = trackerServiceImpl;
    }

    public void setUserRoleDao(UserRoleTopiaDao userRoleTopiaDao) {
        this.userRoleDao = userRoleTopiaDao;
    }

    public void setAgrosystUserDao(AgrosystUserTopiaDao agrosystUserTopiaDao) {
        this.agrosystUserDao = agrosystUserTopiaDao;
    }

    public void setComputedUserPermissionDao(ComputedUserPermissionTopiaDao computedUserPermissionTopiaDao) {
        this.computedUserPermissionDao = computedUserPermissionTopiaDao;
    }

    public void setNetworkDao(NetworkTopiaDao networkTopiaDao) {
        this.networkDao = networkTopiaDao;
    }

    public void setDomainDao(DomainTopiaDao domainTopiaDao) {
        this.domainDao = domainTopiaDao;
    }

    public void setGrowingPlanDao(GrowingPlanTopiaDao growingPlanTopiaDao) {
        this.growingPlanDao = growingPlanTopiaDao;
    }

    public void setGrowingSystemDao(GrowingSystemTopiaDao growingSystemTopiaDao) {
        this.growingSystemDao = growingSystemTopiaDao;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getUserId() {
        return checkComputedPermissions(getSecurityContext().getAuthenticationToken());
    }

    protected String getUserIdOrFail(String str) {
        String authenticatedUserId = this.authenticationService.getAuthenticatedUserId(str);
        if (Strings.isNullOrEmpty(authenticatedUserId)) {
            throw new InvalidTokenException("The given authentication token is invalid, no user associated with it");
        }
        return authenticatedUserId;
    }

    protected boolean hasRole(String str, RoleType roleType) {
        return ((Boolean) this.cacheService.get(CacheService.CACHE_HAS_ROLE, str + "_" + roleType, () -> {
            return Boolean.valueOf(this.userRoleDao.findRole(getUserIdOrFail(str), roleType) != null);
        })).booleanValue();
    }

    public boolean isAdmin() {
        return isAdmin(getSecurityContext().getAuthenticationToken());
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public boolean isAdmin(String str) {
        return hasRole(str, RoleType.ADMIN);
    }

    public boolean isIsDataProcessor() {
        return isIsDataProcessor(getSecurityContext().getAuthenticationToken());
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public boolean isIsDataProcessor(String str) {
        return hasRole(str, RoleType.IS_DATA_PROCESSOR);
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public boolean canCreateUser(String str) {
        String userIdOrFail = getUserIdOrFail(str);
        boolean hasRole = hasRole(str, RoleType.ADMIN);
        if (!hasRole) {
            hasRole = this.userRoleDao.findNetworkResponsibleRole(userIdOrFail) != null;
        }
        return hasRole;
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public void dropComputedPermissions(String str) {
        dropComputedPermissions0(getUserIdOrFail(str));
        getTransaction().commit();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void dropComputedPermissions0(String str) {
        List findAll = this.computedUserPermissionDao.forUserIdEquals(str).findAll();
        if (findAll != null) {
            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug(String.format("%d permission(s) are about to be deleted for user '%s'", Integer.valueOf(findAll.size()), str));
            }
            this.computedUserPermissionDao.deleteAll(findAll);
        }
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public String checkComputedPermissions(String str, String str2) {
        return (Strings.isNullOrEmpty(str2) || !isAdmin(str)) ? checkComputedPermissions(str) : checkComputedPermissionFromUserId(str2);
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public String checkComputedPermissions(String str) {
        return checkComputedPermissionFromUserId(getUserIdOrFail(str));
    }

    protected String checkComputedPermissionFromUserId(String str) {
        long currentTimeMillis = System.currentTimeMillis();
        long usersPermissionCount = this.computedUserPermissionDao.getUsersPermissionCount(str);
        int i = 0;
        if (usersPermissionCount == 0 || this.computedUserPermissionDao.getUsersDirtyCount(str) >= 1) {
            if (usersPermissionCount >= 1) {
                dropComputedPermissions0(str);
            }
            Set<ComputedUserPermission> computeUserPermissions = computeUserPermissions(str);
            i = computeUserPermissions.size();
            Iterator<ComputedUserPermission> it = computeUserPermissions.iterator();
            while (it.hasNext()) {
                this.computedUserPermissionDao.create((ComputedUserPermissionTopiaDao) it.next());
            }
        }
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace(String.format("User's permissions computation took %dms. %d new permission(s) created.", Long.valueOf(System.currentTimeMillis() - currentTimeMillis), Integer.valueOf(i)));
        }
        return str;
    }

    protected Function<UserRole, UserRoleDto> getUserRoleToDtoFunction(boolean z, boolean z2) {
        return userRole -> {
            GrowingSystem growingSystem;
            String code;
            String growingSystemEntityLabel;
            UserRoleDto userRoleDto = new UserRoleDto();
            userRoleDto.setTopiaId(userRole.getTopiaId());
            userRoleDto.setType(userRole.getType());
            if (z) {
                if (!RoleType.IS_DATA_PROCESSOR.equals(userRole.getType()) && !RoleType.ADMIN.equals(userRole.getType())) {
                    UserRoleEntityDto userRoleEntityDto = new UserRoleEntityDto();
                    userRoleDto.setEntity(userRoleEntityDto);
                    Integer num = null;
                    switch (userRole.getType()) {
                        case DOMAIN_RESPONSIBLE:
                            code = userRole.getDomainCode();
                            growingSystemEntityLabel = toDomainEntityLabel((Domain) this.domainDao.forCodeEquals(code).findAny());
                            break;
                        case GROWING_PLAN_RESPONSIBLE:
                            code = userRole.getGrowingPlanCode();
                            growingSystemEntityLabel = toGrowingPlanEntityLabel((GrowingPlan) this.growingPlanDao.forCodeEquals(code).findAny());
                            break;
                        case GS_DATA_PROCESSOR:
                            if (Strings.isNullOrEmpty(userRole.getGrowingSystemId())) {
                                growingSystem = (GrowingSystem) this.growingSystemDao.forCodeEquals(userRole.getGrowingSystemCode()).findAny();
                            } else {
                                growingSystem = (GrowingSystem) this.growingSystemDao.forTopiaIdEquals(userRole.getGrowingSystemId()).findUnique();
                                num = Integer.valueOf(growingSystem.getGrowingPlan().getDomain().getCampaign());
                            }
                            code = growingSystem.getCode();
                            growingSystemEntityLabel = toGrowingSystemEntityLabel(growingSystem);
                            break;
                        case ADMIN:
                        case IS_DATA_PROCESSOR:
                        default:
                            throw new UnsupportedOperationException("Not supposed to happen");
                        case NETWORK_RESPONSIBLE:
                            code = userRole.getNetworkId();
                            growingSystemEntityLabel = ((Network) this.networkDao.forTopiaIdEquals(code).findUnique()).getName();
                            break;
                    }
                    userRoleEntityDto.setIdentifier(code);
                    userRoleEntityDto.setLabel(growingSystemEntityLabel);
                    userRoleEntityDto.setCampaign(num);
                }
            } else if (RoleType.GS_DATA_PROCESSOR.equals(userRole.getType()) && !Strings.isNullOrEmpty(userRole.getGrowingSystemId())) {
                UserRoleEntityDto userRoleEntityDto2 = new UserRoleEntityDto();
                userRoleEntityDto2.setCampaign(Integer.valueOf(((GrowingSystem) this.growingSystemDao.forTopiaIdEquals(userRole.getGrowingSystemId()).findUnique()).getGrowingPlan().getDomain().getCampaign()));
                userRoleDto.setEntity(userRoleEntityDto2);
            }
            if (z2) {
                userRoleDto.setUser(Users.TO_USER_DTO.apply(userRole.getAgrosystUser()));
            }
            return userRoleDto;
        };
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public List<UserRoleDto> getUserRoles(String str) {
        LinkedList newLinkedList = Lists.newLinkedList();
        Iterables.addAll(newLinkedList, (Iterable) this.userRoleDao.findAllForUserId(str).stream().map(getUserRoleToDtoFunction(true, false)).collect(Collectors.toList()));
        return newLinkedList;
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public List<UserRoleDto> getEntityRoles(RoleType roleType, String str) {
        LinkedList newLinkedList = Lists.newLinkedList();
        Iterables.addAll(newLinkedList, (Iterable) getUserRoles0(roleType, str).stream().map(getUserRoleToDtoFunction(false, true)).collect(Collectors.toList()));
        return newLinkedList;
    }

    protected List<UserRole> getUserRoles0(RoleType roleType, String str) {
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put("type", roleType);
        switch (roleType) {
            case DOMAIN_RESPONSIBLE:
                newHashMap.put("domainCode", str);
                break;
            case GROWING_PLAN_RESPONSIBLE:
                newHashMap.put(UserRole.PROPERTY_GROWING_PLAN_CODE, str);
                break;
            case GS_DATA_PROCESSOR:
                newHashMap.put(UserRole.PROPERTY_GROWING_SYSTEM_CODE, str);
                break;
            default:
                throw new UnsupportedOperationException("Unexcpected role type: " + roleType);
        }
        List<UserRole> findAll = this.userRoleDao.forProperties((Map<String, Object>) newHashMap).findAll();
        if (RoleType.GS_DATA_PROCESSOR.equals(roleType)) {
            Iterables.addAll(findAll, this.userRoleDao.newQueryBuilder().addEquals("type", RoleType.GS_DATA_PROCESSOR).addIn(UserRole.PROPERTY_GROWING_SYSTEM_ID, this.growingSystemDao.forCodeEquals(str).findAllIds()).findAll());
        }
        return findAll;
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public List<UserRoleEntityDto> searchPossibleEntities(RoleType roleType, String str) {
        String emptyToNull = Strings.emptyToNull(str);
        LinkedList newLinkedList = Lists.newLinkedList();
        switch (roleType) {
            case DOMAIN_RESPONSIBLE:
                DomainFilter domainFilter = new DomainFilter();
                domainFilter.setDomainName(emptyToNull);
                domainFilter.setPageSize(-1);
                Iterables.addAll(newLinkedList, (Iterable) this.domainService.getFilteredDomains(domainFilter).getElements().stream().map(AuthorizationServiceImpl::toDomainUserRoleEntityDto).collect(Collectors.toList()));
                break;
            case GROWING_PLAN_RESPONSIBLE:
                GrowingPlanFilter growingPlanFilter = new GrowingPlanFilter();
                growingPlanFilter.setGrowingPlanName(emptyToNull);
                growingPlanFilter.setPageSize(-1);
                Iterables.addAll(newLinkedList, (Iterable) this.growingPlanService.getFilteredGrowingPlans(growingPlanFilter).getElements().stream().map(AuthorizationServiceImpl::toGrowingPlanUserRoleEntityDto).collect(Collectors.toList()));
                break;
            case GS_DATA_PROCESSOR:
                GrowingSystemFilter growingSystemFilter = new GrowingSystemFilter();
                growingSystemFilter.setGrowingSystemName(emptyToNull);
                growingSystemFilter.setPageSize(-1);
                Iterables.addAll(newLinkedList, (Iterable) this.growingSystemService.getFilteredGrowingSystems(growingSystemFilter).getElements().stream().map(AuthorizationServiceImpl::toGrowingSystemUserRoleEntityDto).collect(Collectors.toList()));
                break;
            case ADMIN:
            case IS_DATA_PROCESSOR:
                break;
            case NETWORK_RESPONSIBLE:
                NetworkFilter networkFilter = new NetworkFilter();
                networkFilter.setNetworkName(emptyToNull);
                networkFilter.setPageSize(-1);
                Iterables.addAll(newLinkedList, (Iterable) this.networkService.getFilteredNetworks(networkFilter).getElements().stream().map(AuthorizationServiceImpl::toNetworkUserRoleEntityDto).collect(Collectors.toList()));
                break;
            default:
                throw new UnsupportedOperationException("Unexpected type: " + roleType);
        }
        ImmutableListMultimap index = Multimaps.index(newLinkedList, (v0) -> {
            return v0.getIdentifier();
        });
        Set<K> keySet = index.keySet();
        ArrayList newArrayListWithCapacity = Lists.newArrayListWithCapacity(keySet.size());
        Iterator it = keySet.iterator();
        while (it.hasNext()) {
            newArrayListWithCapacity.add((UserRoleEntityDto) Iterables.getFirst(index.get((ImmutableListMultimap) it.next()), null));
        }
        return newArrayListWithCapacity;
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public List<UserRoleEntityDto> searchEntities(RoleType roleType, String str, Integer num) {
        LinkedList newLinkedList = Lists.newLinkedList();
        switch (roleType) {
            case DOMAIN_RESPONSIBLE:
                Iterables.addAll(newLinkedList, (Iterable) this.domainService.getDomainWithName(str).stream().map(AuthorizationServiceImpl::toDomainUserRoleEntityDto).collect(Collectors.toList()));
                break;
            case GROWING_PLAN_RESPONSIBLE:
                Iterables.addAll(newLinkedList, (Iterable) this.growingPlanService.getGrowingPlanWithName(str).stream().map(AuthorizationServiceImpl::toGrowingPlanUserRoleEntityDto).collect(Collectors.toList()));
                break;
            case GS_DATA_PROCESSOR:
                List<GrowingSystem> growingSystemWithNameAndCampaign = this.growingSystemService.getGrowingSystemWithNameAndCampaign(str, num);
                HashMap newHashMap = Maps.newHashMap();
                for (GrowingSystem growingSystem : growingSystemWithNameAndCampaign) {
                    newHashMap.putIfAbsent(growingSystem.getCode(), growingSystem);
                }
                if (newHashMap.size() == 1) {
                    Iterables.addAll(newLinkedList, (Iterable) newHashMap.values().stream().map(AuthorizationServiceImpl::toGrowingSystemUserRoleEntityDto).collect(Collectors.toList()));
                    break;
                }
                break;
            case ADMIN:
            case IS_DATA_PROCESSOR:
                break;
            case NETWORK_RESPONSIBLE:
                Iterables.addAll(newLinkedList, (Iterable) this.networkService.getNetworkWithName(str).stream().map(AuthorizationServiceImpl::toNetworkUserRoleEntityDto).collect(Collectors.toList()));
                break;
            default:
                throw new UnsupportedOperationException("Unexpected type: " + roleType);
        }
        ImmutableListMultimap index = Multimaps.index(newLinkedList, (v0) -> {
            return v0.getIdentifier();
        });
        Set<K> keySet = index.keySet();
        ArrayList newArrayListWithCapacity = Lists.newArrayListWithCapacity(keySet.size());
        Iterator it = keySet.iterator();
        while (it.hasNext()) {
            newArrayListWithCapacity.add((UserRoleEntityDto) Iterables.getFirst(index.get((ImmutableListMultimap) it.next()), null));
        }
        return newArrayListWithCapacity;
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public void saveUserRoles(String str, List<UserRoleDto> list) {
        createOrUpdateUserRoles(str, list, true);
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public void addUserRoles(String str, List<UserRoleDto> list) {
        createOrUpdateUserRoles(str, list, false);
    }

    protected void createOrUpdateUserRoles(String str, List<UserRoleDto> list, Boolean bool) {
        List<UserRole> findAllForUserId = this.userRoleDao.findAllForUserId(str);
        AgrosystUser agrosystUser = (AgrosystUser) this.agrosystUserDao.forTopiaIdEquals(str).findUnique();
        Function<TopiaEntity, String> function = Entities.GET_TOPIA_ID;
        function.getClass();
        ImmutableMap<String, UserRole> uniqueIndex = Maps.uniqueIndex(findAllForUserId, (v1) -> {
            return r1.apply(v1);
        });
        HashSet newHashSet = Sets.newHashSet(uniqueIndex.keySet());
        doCreateOrUpdateUserRoles(list, agrosystUser, uniqueIndex, newHashSet);
        removePreviousRoles(bool, uniqueIndex, newHashSet);
        dropComputedPermissions0(str);
        getTransaction().commit();
        this.cacheService.clear(CacheService.CACHE_HAS_ROLE);
    }

    protected void removePreviousRoles(Boolean bool, ImmutableMap<String, UserRole> immutableMap, Set<String> set) {
        if (bool.booleanValue()) {
            Iterator<String> it = set.iterator();
            while (it.hasNext()) {
                UserRole userRole = immutableMap.get(it.next());
                this.userRoleDao.delete((UserRoleTopiaDao) userRole);
                this.trackerService.roleRemoved(userRole);
            }
        }
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:13:0x0099. Please report as an issue. */
    /* JADX WARN: Removed duplicated region for block: B:39:0x01bd A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:43:0x01a7 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected void doCreateOrUpdateUserRoles(java.util.List<fr.inra.agrosyst.api.services.security.UserRoleDto> r6, fr.inra.agrosyst.api.entities.security.AgrosystUser r7, com.google.common.collect.ImmutableMap<java.lang.String, fr.inra.agrosyst.api.entities.security.UserRole> r8, java.util.Set<java.lang.String> r9) {
        /*
            Method dump skipped, instructions count: 459
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: fr.inra.agrosyst.services.security.AuthorizationServiceImpl.doCreateOrUpdateUserRoles(java.util.List, fr.inra.agrosyst.api.entities.security.AgrosystUser, com.google.common.collect.ImmutableMap, java.util.Set):void");
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public void saveEntityUserRoles(RoleType roleType, String str, List<UserRoleDto> list) {
        UserRole userRole;
        List<UserRole> userRoles0 = getUserRoles0(roleType, str);
        Function<TopiaEntity, String> function = Entities.GET_TOPIA_ID;
        function.getClass();
        ImmutableMap uniqueIndex = Maps.uniqueIndex(userRoles0, (v1) -> {
            return r1.apply(v1);
        });
        HashSet newHashSet = Sets.newHashSet(uniqueIndex.keySet());
        for (UserRoleDto userRoleDto : list) {
            String topiaId = userRoleDto.getUser().getTopiaId();
            AgrosystUser agrosystUser = (AgrosystUser) this.agrosystUserDao.forTopiaIdEquals(topiaId).findUnique();
            String topiaId2 = userRoleDto.getTopiaId();
            if (Strings.isNullOrEmpty(topiaId2)) {
                userRole = (UserRole) this.userRoleDao.newInstance();
            } else {
                userRole = (UserRole) uniqueIndex.get(topiaId2);
                newHashSet.remove(topiaId2);
            }
            userRole.setAgrosystUser(agrosystUser);
            RoleType type = userRoleDto.getType();
            userRole.setType(type);
            switch (type) {
                case DOMAIN_RESPONSIBLE:
                    userRole.setDomainCode(str);
                    break;
                case GROWING_PLAN_RESPONSIBLE:
                    userRole.setGrowingPlanCode(str);
                    break;
                case GS_DATA_PROCESSOR:
                    Integer campaign = userRoleDto.getEntity() != null ? userRoleDto.getEntity().getCampaign() : null;
                    if (campaign == null) {
                        userRole.setGrowingSystemCode(str);
                        userRole.setGrowingSystemId(null);
                        break;
                    } else {
                        GrowingSystem next = this.growingSystemDao.findAllByCodeAndCampaign(str, Sets.newHashSet(campaign)).iterator().next();
                        userRole.setGrowingSystemCode(null);
                        userRole.setGrowingSystemId(next.getTopiaId());
                        break;
                    }
                default:
                    throw new UnsupportedOperationException("Unexpected type: " + type);
            }
            if (Strings.isNullOrEmpty(topiaId2)) {
                this.userRoleDao.create((UserRoleTopiaDao) userRole);
                this.trackerService.roleAdded(userRole);
            } else {
                this.userRoleDao.update(userRole);
            }
            dropComputedPermissions0(topiaId);
        }
        Iterator it = newHashSet.iterator();
        while (it.hasNext()) {
            UserRole userRole2 = (UserRole) uniqueIndex.get((String) it.next());
            this.userRoleDao.delete((UserRoleTopiaDao) userRole2);
            this.trackerService.roleRemoved(userRole2);
        }
        getTransaction().commit();
        this.cacheService.clear(CacheService.CACHE_HAS_ROLE);
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public List<UserDto> getDomainResponsibles(String str) {
        List<AgrosystUser> findAllRoleUsers = this.userRoleDao.findAllRoleUsers(RoleType.DOMAIN_RESPONSIBLE, "domainCode", str);
        Function<AgrosystUser, UserDto> function = Users.TO_USER_DTO;
        function.getClass();
        return Lists.transform(findAllRoleUsers, (v1) -> {
            return r1.apply(v1);
        });
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public List<UserDto> getGrowingPlanResponsibles(String str) {
        List<AgrosystUser> findAllRoleUsers = this.userRoleDao.findAllRoleUsers(RoleType.GROWING_PLAN_RESPONSIBLE, UserRole.PROPERTY_GROWING_PLAN_CODE, str);
        Function<AgrosystUser, UserDto> function = Users.TO_USER_DTO;
        function.getClass();
        return Lists.transform(findAllRoleUsers, (v1) -> {
            return r1.apply(v1);
        });
    }

    protected Set<ComputedUserPermission> computeUserPermissions(String str) {
        LinkedHashSet newLinkedHashSet = Sets.newLinkedHashSet();
        List<UserRole> findAllForUserId = this.userRoleDao.findAllForUserId(str);
        if (findAllForUserId != null) {
            for (UserRole userRole : findAllForUserId) {
                switch (userRole.getType()) {
                    case DOMAIN_RESPONSIBLE:
                        newLinkedHashSet.addAll(computeDomainResponsiblePermissions(str, userRole));
                        break;
                    case GROWING_PLAN_RESPONSIBLE:
                        newLinkedHashSet.addAll(computeGrowingPlanResponsiblePermissions(str, userRole));
                        break;
                    case GS_DATA_PROCESSOR:
                        newLinkedHashSet.addAll(computeGrowingSystemDataProcessorPermissions(str, userRole));
                        break;
                    case ADMIN:
                        break;
                    case IS_DATA_PROCESSOR:
                        newLinkedHashSet.addAll(computeIsDataProcessorPermissions(str));
                        break;
                    case NETWORK_RESPONSIBLE:
                        newLinkedHashSet.addAll(computeNetworkResponsiblePermissions(str, userRole));
                        break;
                    default:
                        throw new UnsupportedOperationException("Unexpected type: " + userRole);
                }
            }
        }
        return newLinkedHashSet;
    }

    protected List<ComputedUserPermission> computeIsDataProcessorPermissions(String str) {
        LinkedList newLinkedList = Lists.newLinkedList();
        Iterator<String> it = this.domainDao.getAllDomainCodes().iterator();
        while (it.hasNext()) {
            newLinkedList.add(this.computedUserPermissionDao.newDomainReadValidatedPermission(str, it.next()));
        }
        Iterator<String> it2 = this.growingPlanDao.getAllGrowingPlanCodes().iterator();
        while (it2.hasNext()) {
            newLinkedList.add(this.computedUserPermissionDao.newGrowingPlanReadValidatedPermission(str, it2.next()));
        }
        Iterator<String> it3 = this.growingSystemDao.getAllGrowingSystemCodes().iterator();
        while (it3.hasNext()) {
            newLinkedList.add(this.computedUserPermissionDao.newGrowingSystemReadValidatedPermission(str, it3.next()));
        }
        return newLinkedList;
    }

    protected List<ComputedUserPermission> computeGrowingSystemDataProcessorPermissions(String str, UserRole userRole) {
        ComputedUserPermission newSpecificGrowingPlanReadValidatedPermission;
        ComputedUserPermission newSpecificDomainReadValidatedPermission;
        String str2;
        String str3;
        LinkedList newLinkedList = Lists.newLinkedList();
        String growingSystemCode = userRole.getGrowingSystemCode();
        String growingSystemId = userRole.getGrowingSystemId();
        Preconditions.checkState((Strings.isNullOrEmpty(growingSystemCode) && Strings.isNullOrEmpty(growingSystemId)) ? false : true);
        newLinkedList.add(!Strings.isNullOrEmpty(growingSystemCode) ? this.computedUserPermissionDao.newGrowingSystemReadValidatedPermission(str, growingSystemCode) : this.computedUserPermissionDao.newSpecificGrowingSystemReadValidatedPermission(str, growingSystemId));
        if (Strings.isNullOrEmpty(growingSystemCode)) {
            GrowingPlan growingPlan = ((GrowingSystem) this.growingSystemDao.forTopiaIdEquals(growingSystemId).findUnique()).getGrowingPlan();
            newSpecificGrowingPlanReadValidatedPermission = this.computedUserPermissionDao.newSpecificGrowingPlanReadValidatedPermission(str, growingPlan.getTopiaId());
            newSpecificDomainReadValidatedPermission = this.computedUserPermissionDao.newSpecificDomainReadValidatedPermission(str, growingPlan.getDomain().getTopiaId());
            str2 = ManagementModeTopiaDao.PROPERTY_GROWING_SYSTEM_ID;
            str3 = growingSystemId;
        } else {
            GrowingPlan growingPlan2 = ((GrowingSystem) this.growingSystemDao.forCodeEquals(growingSystemCode).findAny()).getGrowingPlan();
            newSpecificGrowingPlanReadValidatedPermission = this.computedUserPermissionDao.newGrowingPlanReadValidatedPermission(str, growingPlan2.getCode());
            newSpecificDomainReadValidatedPermission = this.computedUserPermissionDao.newDomainReadValidatedPermission(str, growingPlan2.getDomain().getCode());
            str2 = "growingSystem.code";
            str3 = growingSystemCode;
        }
        newLinkedList.add(newSpecificGrowingPlanReadValidatedPermission);
        newLinkedList.add(newSpecificDomainReadValidatedPermission);
        Iterator<String> it = this.computedUserPermissionDao.getProjectionHelper().growingSystemsToReportRegional(str2, str3).iterator();
        while (it.hasNext()) {
            newLinkedList.add(this.computedUserPermissionDao.newReportRegionalReadPermission(str, it.next()));
        }
        return newLinkedList;
    }

    protected List<ComputedUserPermission> computeGrowingPlanResponsiblePermissions(String str, UserRole userRole) {
        LinkedList newLinkedList = Lists.newLinkedList();
        String growingPlanCode = userRole.getGrowingPlanCode();
        Preconditions.checkState(!Strings.isNullOrEmpty(growingPlanCode));
        ImmutableSet of = ImmutableSet.of(growingPlanCode);
        newLinkedList.add(this.computedUserPermissionDao.newGrowingPlanAdminPermission(str, growingPlanCode));
        newLinkedList.add(this.computedUserPermissionDao.newDomainReadPermission(str, ((GrowingPlan) this.growingPlanDao.forCodeEquals(growingPlanCode).findAny()).getDomain().getCode()));
        LinkedHashSet linkedHashSet = (LinkedHashSet) this.cacheService.get("growingPlansToGrowingSystemsCode", of, () -> {
            return this.computedUserPermissionDao.getProjectionHelper().growingPlansToGrowingSystemsCode(of);
        });
        if (linkedHashSet != null) {
            Iterator it = linkedHashSet.iterator();
            while (it.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newGrowingSystemAdminPermission(str, (String) it.next()));
            }
        }
        LinkedHashSet linkedHashSet2 = (LinkedHashSet) this.cacheService.get("growingPlanToReportRegional", linkedHashSet, () -> {
            return this.growingPlanDao.getProjectionHelper().growingPlanToReportRegional(of);
        });
        if (linkedHashSet2 != null) {
            Iterator it2 = linkedHashSet2.iterator();
            while (it2.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newReportRegionalReadPermission(str, (String) it2.next()));
            }
        }
        return newLinkedList;
    }

    protected List<ComputedUserPermission> computeDomainResponsiblePermissions(String str, UserRole userRole) {
        LinkedList newLinkedList = Lists.newLinkedList();
        String domainCode = userRole.getDomainCode();
        Preconditions.checkState(!Strings.isNullOrEmpty(domainCode));
        ImmutableSet of = ImmutableSet.of(domainCode);
        newLinkedList.add(this.computedUserPermissionDao.newDomainAdminPermission(str, domainCode));
        Set set = (Set) this.cacheService.get("domainToGrowingPlanCodes", of, () -> {
            return this.growingPlanDao.domainsToGrowingPlansCode(of);
        });
        if (set != null) {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newGrowingPlanReadPermission(str, (String) it.next()));
            }
        }
        LinkedHashSet linkedHashSet = (LinkedHashSet) this.cacheService.get("domainToGrowingSystemCodes", of, () -> {
            return this.growingPlanDao.getProjectionHelper().domainsToGrowingSystemsCode(of);
        });
        if (linkedHashSet != null) {
            Iterator it2 = linkedHashSet.iterator();
            while (it2.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newGrowingSystemReadPermission(str, (String) it2.next()));
            }
        }
        LinkedHashSet linkedHashSet2 = (LinkedHashSet) this.cacheService.get("growingSystemCodesToReportRegional", linkedHashSet, () -> {
            return this.growingPlanDao.getProjectionHelper().domainsToReportRegional(of);
        });
        if (linkedHashSet2 != null) {
            Iterator it3 = linkedHashSet2.iterator();
            while (it3.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newReportRegionalReadPermission(str, (String) it3.next()));
            }
        }
        return newLinkedList;
    }

    protected List<ComputedUserPermission> computeNetworkResponsiblePermissions(String str, UserRole userRole) {
        LinkedList newLinkedList = Lists.newLinkedList();
        String networkId = userRole.getNetworkId();
        Preconditions.checkState(!Strings.isNullOrEmpty(networkId));
        ImmutableSet of = ImmutableSet.of(networkId);
        newLinkedList.add(this.computedUserPermissionDao.newNetworkAdminPermission(str, networkId));
        Set<String> networksToDomainsCode = this.computedUserPermissionDao.getProjectionHelper().networksToDomainsCode(of);
        if (networksToDomainsCode != null) {
            Iterator<String> it = networksToDomainsCode.iterator();
            while (it.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newDomainReadPermission(str, it.next()));
            }
        }
        Set<String> networksToGrowingPlansCode = this.computedUserPermissionDao.getProjectionHelper().networksToGrowingPlansCode(of);
        if (networksToGrowingPlansCode != null) {
            Iterator<String> it2 = networksToGrowingPlansCode.iterator();
            while (it2.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newGrowingPlanReadPermission(str, it2.next()));
            }
        }
        Set<String> networksToGrowingSystemsCode = this.computedUserPermissionDao.getProjectionHelper().networksToGrowingSystemsCode(of);
        if (networksToGrowingSystemsCode != null) {
            Iterator<String> it3 = networksToGrowingSystemsCode.iterator();
            while (it3.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newGrowingSystemReadPermission(str, it3.next()));
            }
        }
        Set<String> networksToReportRegional = this.computedUserPermissionDao.getProjectionHelper().networksToReportRegional(of);
        if (networksToReportRegional != null) {
            Iterator<String> it4 = networksToReportRegional.iterator();
            while (it4.hasNext()) {
                newLinkedList.add(this.computedUserPermissionDao.newReportRegionalAdminPermission(str, it4.next()));
            }
        }
        return newLinkedList;
    }

    protected void markPermissionsAsDirty(ComputedUserPermissionTopiaDao computedUserPermissionTopiaDao, Iterable<ComputedUserPermission> iterable) {
        for (ComputedUserPermission computedUserPermission : iterable) {
            computedUserPermission.setDirty(true);
            computedUserPermissionTopiaDao.update(computedUserPermission);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void objectsAreDirty(PermissionObjectType permissionObjectType) {
        markPermissionsAsDirty(this.computedUserPermissionDao, this.computedUserPermissionDao.forProperties("type", (Object) permissionObjectType, ComputedUserPermission.PROPERTY_DIRTY, false).findAll());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void objectIsDirty(PermissionObjectType permissionObjectType, String str) {
        markPermissionsAsDirty(this.computedUserPermissionDao, this.computedUserPermissionDao.forProperties("type", (Object) permissionObjectType, ComputedUserPermission.PROPERTY_OBJECT, str, ComputedUserPermission.PROPERTY_DIRTY, false).findAll());
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public ImportResult importRoles(InputStream inputStream) {
        UserRolesImportModel userRolesImportModel = new UserRolesImportModel();
        ImportResult importResult = new ImportResult();
        Import newImport = Import.newImport(userRolesImportModel, inputStream);
        Throwable th = null;
        try {
            try {
                HashMap newHashMap = Maps.newHashMap();
                Iterator it = newImport.iterator();
                while (it.hasNext()) {
                    ImportUserRoleDto importUserRoleDto = (ImportUserRoleDto) it.next();
                    Preconditions.checkArgument(!Strings.isNullOrEmpty(importUserRoleDto.getUserEmail()));
                    AgrosystUser agrosystUser = (AgrosystUser) this.agrosystUserDao.forEmailEquals(importUserRoleDto.getUserEmail().toLowerCase()).findAnyOrNull();
                    if (agrosystUser == null) {
                        importResult.incIgnored();
                    } else if (importUserRoleDto.getType() == RoleType.ADMIN || importUserRoleDto.getType() == RoleType.IS_DATA_PROCESSOR) {
                        List list = (List) newHashMap.computeIfAbsent(agrosystUser.getTopiaId(), str -> {
                            return Lists.newArrayList();
                        });
                        UserRoleDto userRoleDto = new UserRoleDto();
                        userRoleDto.setType(importUserRoleDto.getType());
                        list.add(userRoleDto);
                    } else {
                        String targetedEntity = importUserRoleDto.getTargetedEntity();
                        ArrayList newArrayList = Lists.newArrayList();
                        newArrayList.addAll(searchEntities(importUserRoleDto.getType(), targetedEntity, importUserRoleDto.getCampaign()));
                        if (newArrayList.size() == 1) {
                            List list2 = (List) newHashMap.computeIfAbsent(agrosystUser.getTopiaId(), str2 -> {
                                return Lists.newArrayList();
                            });
                            UserRoleDto userRoleDto2 = new UserRoleDto();
                            userRoleDto2.setType(importUserRoleDto.getType());
                            UserRoleEntityDto userRoleEntityDto = (UserRoleEntityDto) newArrayList.get(0);
                            userRoleEntityDto.setCampaign(importUserRoleDto.getCampaign());
                            userRoleDto2.setEntity(userRoleEntityDto);
                            list2.add(userRoleDto2);
                        } else if (newArrayList.isEmpty()) {
                            if (LOGGER.isWarnEnabled()) {
                                LOGGER.warn("Can't find any entity for term " + targetedEntity);
                            }
                            importResult.incIgnored();
                        } else {
                            if (LOGGER.isWarnEnabled()) {
                                LOGGER.warn("Too many entities founds for term " + targetedEntity);
                            }
                            importResult.incIgnored();
                        }
                    }
                }
                for (Map.Entry entry : newHashMap.entrySet()) {
                    saveUserRoles((String) entry.getKey(), (List) entry.getValue());
                    importResult.incCreated();
                }
                getTransaction().commit();
                if (newImport != null) {
                    if (0 != 0) {
                        try {
                            newImport.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        newImport.close();
                    }
                }
                return importResult;
            } finally {
            }
        } catch (Throwable th3) {
            if (newImport != null) {
                if (th != null) {
                    try {
                        newImport.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    newImport.close();
                }
            }
            throw th3;
        }
    }

    protected void importPz0UserRoles(String str, List<UserRoleDto> list) {
        List<UserRole> findAllForUserId = this.userRoleDao.findAllForUserId(str);
        AgrosystUser agrosystUser = (AgrosystUser) this.agrosystUserDao.forTopiaIdEquals(str).findUnique();
        Function<TopiaEntity, String> function = Entities.GET_TOPIA_ID;
        function.getClass();
        ImmutableMap<String, UserRole> uniqueIndex = Maps.uniqueIndex(findAllForUserId, (v1) -> {
            return r1.apply(v1);
        });
        doCreateOrUpdateUserRoles(list, agrosystUser, uniqueIndex, Sets.newHashSet(uniqueIndex.keySet()));
        dropComputedPermissions0(str);
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthorizationService
    public void importPz0UsersRoles(Map<Class, ImportResults> map) {
        ImportResults remove = map.remove(UserRoleDto.class);
        if (remove != null) {
            Map<String, List<UserRoleDto>> usersRoles = ((UsersRolesAndDependencies) remove.getEntityAndDepsByCsvIds().get("usersRolesImport")).getUsersRoles();
            int i = 1;
            int size = usersRoles.entrySet().size();
            for (Map.Entry<String, List<UserRoleDto>> entry : usersRoles.entrySet()) {
                String key = entry.getKey();
                long currentTimeMillis = System.currentTimeMillis();
                if (LOGGER.isInfoEnabled()) {
                    int i2 = i;
                    i++;
                    LOGGER.info(String.format("Début sauvegarde du roles utilisateur %d/%d.", Integer.valueOf(i2), Integer.valueOf(size)));
                }
                importPz0UserRoles(key, entry.getValue());
                long currentTimeMillis2 = System.currentTimeMillis();
                if (LOGGER.isInfoEnabled()) {
                    LOGGER.info(String.format("Fin de sauvegarde du roles utilisateur en %d:", Long.valueOf(currentTimeMillis2 - currentTimeMillis)));
                }
            }
        }
        this.cacheService.clear(CacheService.CACHE_HAS_ROLE);
    }
}
