package org.eclipse.stardust.engine.core.preferences.permissions;

import java.io.Serializable;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.TreeSet;
import javax.xml.namespace.QName;
import org.eclipse.stardust.common.CollectionUtils;
import org.eclipse.stardust.common.StringUtils;
import org.eclipse.stardust.common.error.ValidationException;
import org.eclipse.stardust.engine.api.model.IModel;
import org.eclipse.stardust.engine.api.model.IModelParticipant;
import org.eclipse.stardust.engine.api.model.PredefinedConstants;
import org.eclipse.stardust.engine.core.preferences.IPreferenceStorageManager;
import org.eclipse.stardust.engine.core.preferences.PreferenceScope;
import org.eclipse.stardust.engine.core.preferences.Preferences;
import org.eclipse.stardust.engine.core.runtime.beans.ModelManagerFactory;
import org.eclipse.stardust.engine.core.runtime.utils.DepartmentUtils;
import org.eclipse.stardust.engine.core.runtime.utils.ExecutionPermission;

/* loaded from: input_file:lib/carnot-engine.jar:org/eclipse/stardust/engine/core/preferences/permissions/PermissionUtils.class */
public class PermissionUtils {
    public static final String PERMISSIONS = "permissions";
    public static final String GLOBAL_SCOPE = "global";
    private static final Map<String, String> defaultPermissions = new HashMap();

    public static boolean isDefaultPermission(String str, List<String> list) {
        String str2;
        return !CollectionUtils.isEmpty(list) && (str2 = defaultPermissions.get(stripPrefix(str))) != null && list.size() == 1 && list.get(0).equals(str2);
    }

    public static Map<String, List<String>> getGlobalPermissions(IPreferenceStorageManager iPreferenceStorageManager, boolean z) {
        return filterPermissions(getPreferences(iPreferenceStorageManager), z);
    }

    public static List<String> getGlobalPermissionValues(IPreferenceStorageManager iPreferenceStorageManager, String str, boolean z) {
        String stripPrefix = stripPrefix(str);
        List<String> list = (List) getPreferences(iPreferenceStorageManager).get(stripPrefix);
        if (z && (list == null || list.isEmpty())) {
            String str2 = getModelDefaultPermissions().get(stripPrefix);
            if (!StringUtils.isEmpty(str2)) {
                list = new LinkedList();
                list.add(str2);
            }
        }
        if (list == null) {
            list = Collections.EMPTY_LIST;
        }
        return list;
    }

    public static void setGlobalPermissions(IPreferenceStorageManager iPreferenceStorageManager, Map<String, List<String>> map) throws ValidationException {
        Map<String, Serializable> preferences = getPreferences(iPreferenceStorageManager);
        mergePermissions(preferences, map);
        savePreferences(iPreferenceStorageManager, preferences);
    }

    public static void setGlobalPermissionValues(IPreferenceStorageManager iPreferenceStorageManager, String str, List<String> list) {
        String stripPrefix = stripPrefix(str);
        Map<String, Serializable> preferences = getPreferences(iPreferenceStorageManager);
        preferences.put(stripPrefix, (Serializable) list);
        savePreferences(iPreferenceStorageManager, preferences);
    }

    private static String stripPrefix(String str) {
        int lastIndexOf;
        return (StringUtils.isEmpty(str) || (lastIndexOf = str.lastIndexOf(46)) <= -1) ? str : str.substring(lastIndexOf + 1);
    }

    private static void addDefaultPermissions(Map<String, List<String>> map) {
        for (Map.Entry<String, String> entry : getModelDefaultPermissions().entrySet()) {
            if (map.get(entry.getKey()) == null) {
                List<String> linkedList = new LinkedList<>();
                linkedList.add(entry.getValue());
                map.put(entry.getKey(), linkedList);
            }
        }
    }

    private static Map<String, String> getModelDefaultPermissions() {
        return defaultPermissions;
    }

    private static Map<String, Serializable> getPreferences(IPreferenceStorageManager iPreferenceStorageManager) {
        return mergePreferencesMap(iPreferenceStorageManager.getPreferences(PreferenceScope.DEFAULT, PERMISSIONS, GLOBAL_SCOPE), iPreferenceStorageManager.getPreferences(PreferenceScope.PARTITION, PERMISSIONS, GLOBAL_SCOPE));
    }

    private static Map<String, Serializable> mergePreferencesMap(Preferences preferences, Preferences preferences2) {
        HashMap newHashMap = CollectionUtils.newHashMap();
        if (preferences != null) {
            newHashMap.putAll(preferences.getPreferences());
        }
        if (preferences2 != null) {
            newHashMap.putAll(preferences2.getPreferences());
        }
        return newHashMap;
    }

    private static void savePreferences(IPreferenceStorageManager iPreferenceStorageManager, Map<String, Serializable> map) {
        iPreferenceStorageManager.savePreferences(new Preferences(PreferenceScope.PARTITION, PERMISSIONS, GLOBAL_SCOPE, map), true);
    }

    private static void mergePermissions(Map<String, Serializable> map, Map<String, List<String>> map2) throws ValidationException {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, List<String>> entry : map2.entrySet()) {
            if (entry.getValue() != null && !entry.getValue().isEmpty()) {
                List list = (List) map.get(entry.getKey());
                List<String> value = entry.getValue();
                TreeSet treeSet = list != null ? new TreeSet(list) : null;
                TreeSet treeSet2 = new TreeSet(value);
                if ((treeSet != null && treeSet.equals(treeSet2)) || checkValidParticipants(value)) {
                    hashMap.put(entry.getKey(), (Serializable) entry.getValue());
                }
            }
        }
        map.clear();
        map.putAll(hashMap);
    }

    private static boolean checkValidParticipants(List<String> list) throws ValidationException {
        for (String str : list) {
            if (!PredefinedConstants.ADMINISTRATOR_ROLE.equals(str) && !"__carnot_internal_all_permissions__".equals(str)) {
                QName valueOf = QName.valueOf(str);
                IModel iModel = null;
                if (StringUtils.isEmpty(valueOf.getNamespaceURI())) {
                    List<IModel> findActiveModels = ModelManagerFactory.getCurrent().findActiveModels();
                    if (findActiveModels != null && findActiveModels.size() == 1) {
                        iModel = findActiveModels.get(0);
                    }
                } else {
                    iModel = ModelManagerFactory.getCurrent().findActiveModel(valueOf.getNamespaceURI());
                }
                if (iModel == null) {
                    throw new ValidationException("Setting permissions failed. No active model found for participant: " + str, false);
                }
                IModelParticipant findParticipant = iModel.findParticipant(valueOf.getLocalPart());
                if (findParticipant == null) {
                    throw new ValidationException("Setting permissions failed. Participant does not exist in active model: " + str, false);
                }
                if (DepartmentUtils.getFirstScopedOrganization(findParticipant) != null) {
                    throw new ValidationException("Setting permissions failed. Setting grants to scoped model participants is not allowed: " + str, false);
                }
            }
        }
        return true;
    }

    private static Map<String, List<String>> filterPermissions(Map<String, Serializable> map, boolean z) {
        HashMap newHashMap = CollectionUtils.newHashMap();
        for (Map.Entry<String, Serializable> entry : map.entrySet()) {
            if (entry.getValue() != null && (entry.getValue() instanceof List)) {
                newHashMap.put(entry.getKey(), (List) entry.getValue());
            }
        }
        if (z) {
            addDefaultPermissions(newHashMap);
        }
        return newHashMap;
    }

    static {
        defaultPermissions.put(ExecutionPermission.Id.controlProcessEngine.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.deployProcessModel.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.forceSuspend.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.manageDaemons.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.modifyAuditTrail.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.modifyDepartments.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.modifyUserData.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.readAuditTrailStatistics.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.createCase.name(), "__carnot_internal_all_permissions__");
        defaultPermissions.put(ExecutionPermission.Id.readDepartments.name(), "__carnot_internal_all_permissions__");
        defaultPermissions.put(ExecutionPermission.Id.readModelData.name(), "__carnot_internal_all_permissions__");
        defaultPermissions.put(ExecutionPermission.Id.readUserData.name(), "__carnot_internal_all_permissions__");
        defaultPermissions.put(ExecutionPermission.Id.resetUserPassword.name(), "__carnot_internal_all_permissions__");
        defaultPermissions.put(ExecutionPermission.Id.runRecovery.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.manageAuthorization.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.manageDeputies.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.saveOwnPartitionScopePreferences.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.saveOwnRealmScopePreferences.name(), PredefinedConstants.ADMINISTRATOR_ROLE);
        defaultPermissions.put(ExecutionPermission.Id.saveOwnUserScopePreferences.name(), "__carnot_internal_all_permissions__");
        defaultPermissions.put(ExecutionPermission.Id.spawnSubProcessInstance.name(), "__carnot_internal_all_permissions__");
        defaultPermissions.put(ExecutionPermission.Id.spawnPeerProcessInstance.name(), "__carnot_internal_all_permissions__");
        defaultPermissions.put(ExecutionPermission.Id.joinProcessInstance.name(), "__carnot_internal_all_permissions__");
    }
}
