package de.muenchen.oss.digiwf.cockpit.security.authorization;

import org.camunda.bpm.engine.AuthorizationService;
import org.camunda.bpm.engine.authorization.Authorization;
import org.camunda.bpm.engine.authorization.Permissions;
import org.camunda.bpm.engine.authorization.Resources;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.lang.NonNull;

/* loaded from: input_file:BOOT-INF/lib/digiwf-engine-cockpit-1.4.1.jar:de/muenchen/oss/digiwf/cockpit/security/authorization/AuthorizationHelper.class */
public class AuthorizationHelper {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AuthorizationHelper.class);

    public static void setupGroupAppPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByGroupIdAndResourceType(authorizationService, str, Resources.APPLICATION)) {
            return;
        }
        log.info("Setting up Web App Permissions for group '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setGroupId(str);
        createNewAuthorization.addPermission(Permissions.ACCESS);
        createNewAuthorization.setResource(Resources.APPLICATION);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupGroupAuthorizationPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByGroupIdAndResourceType(authorizationService, str, Resources.AUTHORIZATION)) {
            return;
        }
        log.info("Setting up Authorization Permissions for group '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setGroupId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.AUTHORIZATION);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupGroupGroupPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (authorizationService.createAuthorizationQuery().groupIdIn(str).resourceType(Resources.GROUP).count() != 0) {
            return;
        }
        log.info("Setting up Group Permissions for group '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setGroupId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.GROUP);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupGroupGroupMembershipPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (authorizationService.createAuthorizationQuery().groupIdIn(str).resourceType(Resources.GROUP_MEMBERSHIP).count() != 0) {
            return;
        }
        log.info("Setting up Group Membership Permissions for group '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setGroupId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.GROUP_MEMBERSHIP);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupGroupUserPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (authorizationService.createAuthorizationQuery().groupIdIn(str).resourceType(Resources.USER).count() != 0) {
            return;
        }
        log.info("Setting up User Permissions for group '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setGroupId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.USER);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserBatchPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.BATCH)) {
            return;
        }
        log.info("Setting up Batch Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.CREATE);
        createNewAuthorization.addPermission(Permissions.READ);
        createNewAuthorization.addPermission(Permissions.DELETE);
        createNewAuthorization.addPermission(Permissions.UPDATE);
        createNewAuthorization.setResource(Resources.BATCH);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserAppPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.APPLICATION)) {
            return;
        }
        log.info("Setting up Web App Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ACCESS);
        createNewAuthorization.setResource(Resources.APPLICATION);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserTaskPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.TASK)) {
            return;
        }
        log.info("Setting up Camunda Task Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.TASK);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserProcessDefinitionPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.PROCESS_DEFINITION)) {
            return;
        }
        log.info("Setting up Camunda Process Definition Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.PROCESS_DEFINITION);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserHistoricProcessInstancePermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.HISTORIC_PROCESS_INSTANCE)) {
            return;
        }
        log.info("Setting up Camunda Historic Process Instance Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.HISTORIC_PROCESS_INSTANCE);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserDashboardPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.DASHBOARD)) {
            return;
        }
        log.info("Setting up Camunda Dashboard Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.DASHBOARD);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserOpLogPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (!existsByUserIdAndResourceType(authorizationService, str, Resources.REPORT) && authorizationService.createAuthorizationQuery().userIdIn(str).resourceType(Resources.OPERATION_LOG_CATEGORY).count() == 0) {
            log.info("Setting up Camunda Operation Log Permissions for user '{}'", str);
            Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
            createNewAuthorization.setUserId(str);
            createNewAuthorization.addPermission(Permissions.ALL);
            createNewAuthorization.setResource(Resources.OPERATION_LOG_CATEGORY);
            createNewAuthorization.setResourceId("*");
            authorizationService.saveAuthorization(createNewAuthorization);
        }
    }

    public static void setupUserReportPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.REPORT)) {
            return;
        }
        log.info("Setting up Camunda Report Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.REPORT);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserDeploymentPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.DEPLOYMENT)) {
            return;
        }
        log.info("Setting up Camunda Deployment Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.DEPLOYMENT);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserDecisionRequirementPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.DECISION_REQUIREMENTS_DEFINITION)) {
            return;
        }
        log.info("Setting up Camunda DRD Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.DECISION_REQUIREMENTS_DEFINITION);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserDecisionPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.DECISION_DEFINITION)) {
            return;
        }
        log.info("Setting up Camunda Decision Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.DECISION_DEFINITION);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserSystemPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.SYSTEM)) {
            return;
        }
        log.info("Setting up Camunda System Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.SYSTEM);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserHistoricTaskPermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.HISTORIC_TASK)) {
            return;
        }
        log.info("Setting up Camunda Historic Task Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.HISTORIC_TASK);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    public static void setupUserProcessInstancePermissions(@NonNull AuthorizationService authorizationService, @NonNull String str) {
        if (existsByUserIdAndResourceType(authorizationService, str, Resources.PROCESS_INSTANCE)) {
            return;
        }
        log.info("Setting up Camunda Process Instance Permissions for user '{}'", str);
        Authorization createNewAuthorization = authorizationService.createNewAuthorization(1);
        createNewAuthorization.setUserId(str);
        createNewAuthorization.addPermission(Permissions.ALL);
        createNewAuthorization.setResource(Resources.PROCESS_INSTANCE);
        createNewAuthorization.setResourceId("*");
        authorizationService.saveAuthorization(createNewAuthorization);
    }

    private static boolean existsByUserIdAndResourceType(@NonNull AuthorizationService authorizationService, @NonNull String str, @NonNull Resources resources) {
        return authorizationService.createAuthorizationQuery().userIdIn(str).resourceType(resources).count() != 0;
    }

    private static boolean existsByGroupIdAndResourceType(@NonNull AuthorizationService authorizationService, @NonNull String str, @NonNull Resources resources) {
        return authorizationService.createAuthorizationQuery().groupIdIn(str).resourceType(resources).count() != 0;
    }
}
