package de.unigreifswald.botanik.floradb.facade;

import de.unigreifswald.botanik.floradb.bussines.ShoppingCartRules;
import de.unigreifswald.botanik.floradb.bussines.SurveyRules;
import de.unigreifswald.botanik.floradb.controller.FloraDbContext;
import de.unigreifswald.botanik.floradb.error.FloradbAccessRulesNoClearingException;
import de.unigreifswald.botanik.floradb.error.FloradbAccessRulesViolationException;
import de.unigreifswald.botanik.floradb.error.FloradbEnitiyNotFoundException;
import de.unigreifswald.botanik.floradb.error.FloradbSurveyInUseException;
import de.unigreifswald.botanik.floradb.model.CartModel;
import de.unigreifswald.botanik.floradb.model.OccurrenceModel;
import de.unigreifswald.botanik.floradb.model.SurveyModel;
import de.unigreifswald.botanik.floradb.types.BaseType;
import de.unigreifswald.botanik.floradb.types.Clearing;
import de.unigreifswald.botanik.floradb.types.ClearingHeader;
import de.unigreifswald.botanik.floradb.types.Comment;
import de.unigreifswald.botanik.floradb.types.CommentedType;
import de.unigreifswald.botanik.floradb.types.DataShareOption;
import de.unigreifswald.botanik.floradb.types.Occurrence;
import de.unigreifswald.botanik.floradb.types.OccurrenceAttribute;
import de.unigreifswald.botanik.floradb.types.OccurrenceFilter;
import de.unigreifswald.botanik.floradb.types.Sample;
import de.unigreifswald.botanik.floradb.types.ShoppingCart;
import de.unigreifswald.botanik.floradb.types.ShoppingCartHeader;
import de.unigreifswald.botanik.floradb.types.Survey;
import de.unigreifswald.botanik.floradb.types.SurveyDump;
import de.unigreifswald.botanik.floradb.types.SurveyHeader;
import de.unigreifswald.botanik.floradb.types.User;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.NoSuchElementException;
import java.util.Set;
import java.util.UUID;
import org.apache.log4j.Logger;
import org.infinitenature.commons.pagination.Page;
import org.infinitenature.commons.pagination.PageRequest;
import org.infinitenature.commons.pagination.SortOrder;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:WEB-INF/lib/floradb-1.21.8454.jar:de/unigreifswald/botanik/floradb/facade/FloradbFacadeAccessRestrictions.class */
public class FloradbFacadeAccessRestrictions extends FloradbFacadeNoOpImpl {
    private static final Logger LOGGER = Logger.getLogger(FloradbFacadeAccessRestrictions.class);
    public static final String APPROVED = "approved";
    public static final String ADMIN = "admin";

    @Autowired
    private CartModel cartModel;

    @Autowired
    private SurveyModel surveyModel;

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public void addComment(CommentedType commentedType, Comment comment, FloraDbContext floraDbContext) {
        if (!floraDbContext.isLoggedIn()) {
            throw new FloradbAccessRulesViolationException("Only logged in users may add comments");
        }
        if (comment.getId() != 0) {
            throw new FloradbAccessRulesViolationException("The user with the id " + floraDbContext.getUser().getId() + " is not allowed to edit the comment with the id " + comment.getId() + " for the entity " + commentedType.getClass().getSimpleName() + " with the id " + ((BaseType) commentedType).getId());
        }
        super.addComment(commentedType, comment, floraDbContext);
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public void delete(Survey survey, FloraDbContext floraDbContext) {
        checkIfCurrentUserIsAllowedToDeleteSurvey(survey, floraDbContext);
        checkIfSurveyIsInUse(survey);
        super.delete(survey, floraDbContext);
    }

    protected void checkIfSurveyIsInUse(Survey survey) {
        HashSet hashSet = new HashSet(super.findChildSurveyIds(survey.getId()));
        hashSet.add(Integer.valueOf(survey.getId()));
        List<ShoppingCartHeader> findCartsBySurveyIds = this.cartModel.findCartsBySurveyIds(hashSet);
        if (!findCartsBySurveyIds.isEmpty()) {
            throw new FloradbSurveyInUseException(findCartsBySurveyIds);
        }
    }

    protected void checkIfCurrentUserIsAllowedToDeleteSurvey(Survey survey, FloraDbContext floraDbContext) {
        boolean userIsSurveyOwner = AccessRestrictions.userIsSurveyOwner(survey, floraDbContext.getUser());
        if (!userIsSurveyOwner) {
            userIsSurveyOwner = survey.getDeputyCustodians().contains(floraDbContext.getUser().getPerson());
        }
        if (!userIsSurveyOwner) {
            userIsSurveyOwner = isCurrentUserSurveyAdmin(survey, floraDbContext);
        }
        if (!userIsSurveyOwner) {
            throw new FloradbAccessRulesViolationException();
        }
    }

    private boolean isCurrentUserSurveyAdmin(Survey survey, FloraDbContext floraDbContext) {
        return isUserInGroupOrParentGroup(floraDbContext, survey.getId(), "admin", findAllSurveyHeaders(floraDbContext));
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public List<Occurrence> findOccurrences(OccurrenceFilter occurrenceFilter, int i, int i2, OccurrenceModel.SortField sortField, SortOrder sortOrder, Set<Integer> set, Set<Integer> set2, FloraDbContext floraDbContext, DataShareOption dataShareOption) {
        checkAccessRules(occurrenceFilter, floraDbContext);
        List<Occurrence> findOccurrences = super.findOccurrences(occurrenceFilter, i, i2, sortField, sortOrder, set, set2, floraDbContext, dataShareOption);
        adjustEditFlag(findOccurrences, floraDbContext);
        return findOccurrences;
    }

    protected void checkAccessRules(OccurrenceFilter occurrenceFilter, FloraDbContext floraDbContext) {
        if (floraDbContext.getUser() == null) {
            throw new FloradbAccessRulesViolationException("Anonymous users are not allowed to view occurrences");
        }
        if (floraDbContext.getUser().getPerson().equals(occurrenceFilter.getRecorder())) {
            return;
        }
        Iterator<Integer> it2 = occurrenceFilter.getSurveyIds().iterator();
        while (it2.hasNext()) {
            checkIfUserIsInGroupOrParentGroup(floraDbContext, it2.next(), "approved");
        }
    }

    private boolean isUserInGroupOrParentGroup(FloraDbContext floraDbContext, int i, String str, List<SurveyHeader> list) {
        if (AccessRestrictions.isInGroup(floraDbContext, String.valueOf(i) + "_" + str)) {
            return true;
        }
        SurveyHeader surveyFromList = getSurveyFromList(list, i);
        if (surveyFromList.getParentId() == 0) {
            return false;
        }
        return isUserInGroupOrParentGroup(floraDbContext, surveyFromList.getParentId(), str, list);
    }

    private SurveyHeader getSurveyFromList(List<SurveyHeader> list, int i) {
        for (SurveyHeader surveyHeader : list) {
            if (surveyHeader.getId() == i) {
                return surveyHeader;
            }
        }
        return null;
    }

    private void checkIfUserIsInGroupOrParentGroup(FloraDbContext floraDbContext, Integer num, String str) {
        if (AccessRestrictions.isInGroup(floraDbContext, num + "_" + str)) {
            return;
        }
        Survey loadSurvey = loadSurvey(num.intValue(), DataShareOption.NONE);
        if (loadSurvey.getParentId() != 0) {
            checkIfUserIsInGroupOrParentGroup(floraDbContext, Integer.valueOf(loadSurvey.getParentId()), str);
        } else {
            String str2 = "User has no rights to read from survey " + num;
            LOGGER.error(str2);
            throw new FloradbAccessRulesViolationException(str2);
        }
    }

    private boolean isUserInGroupOrParentGroup(FloraDbContext floraDbContext, int i, String str, DataShareOption dataShareOption) {
        Survey loadSurvey = loadSurvey(i, dataShareOption);
        if (AccessRestrictions.isInGroup(floraDbContext, loadSurvey, str)) {
            return true;
        }
        if (loadSurvey.getParentId() == 0) {
            return false;
        }
        return isUserInGroupOrParentGroup(floraDbContext, loadSurvey.getParentId(), str, dataShareOption);
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public Page<Occurrence> getOccurrencePage(OccurrenceFilter occurrenceFilter, PageRequest pageRequest, FloraDbContext floraDbContext, DataShareOption dataShareOption) {
        checkAccessRules(occurrenceFilter, floraDbContext);
        Page<Occurrence> occurrencePage = super.getOccurrencePage(occurrenceFilter, pageRequest, floraDbContext, dataShareOption);
        adjustEditFlag(occurrencePage.getContent(), floraDbContext);
        return occurrencePage;
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public Page<Occurrence> getOccurrencePageNoCount(OccurrenceFilter occurrenceFilter, PageRequest pageRequest, FloraDbContext floraDbContext, DataShareOption dataShareOption) {
        checkAccessRules(occurrenceFilter, floraDbContext);
        Page<Occurrence> occurrencePageNoCount = super.getOccurrencePageNoCount(occurrenceFilter, pageRequest, floraDbContext, dataShareOption);
        adjustEditFlag(occurrencePageNoCount.getContent(), floraDbContext);
        return occurrencePageNoCount;
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public Sample loadSample(UUID uuid, UUID uuid2, FloraDbContext floraDbContext, DataShareOption dataShareOption) {
        ShoppingCart loadShoppingCart = loadShoppingCart(uuid, floraDbContext, dataShareOption);
        if (!ShoppingCartRules.isAllowedToDownload(loadShoppingCart, floraDbContext.getCurrentPerson())) {
            throw new FloradbAccessRulesViolationException("The user is not allowed to download form shoppingCart " + uuid);
        }
        try {
            if (ShoppingCartRules.isAllowedToDownloadPlot(loadShoppingCart, uuid2, floraDbContext)) {
                return super.loadSample(uuid, uuid2, floraDbContext, dataShareOption);
            }
            throw new FloradbAccessRulesNoClearingException(uuid, uuid2);
        } catch (NoSuchElementException unused) {
            throw new FloradbEnitiyNotFoundException(uuid2.toString(), Sample.class);
        }
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public Sample loadSample(UUID uuid, FloraDbContext floraDbContext, DataShareOption dataShareOption) {
        if (floraDbContext.getUser() == null) {
            throw new FloradbAccessRulesViolationException();
        }
        Sample loadSample = super.loadSample(uuid, floraDbContext, dataShareOption);
        if (loadSample != null) {
            loadSample.setAllowEdit(AccessRestrictions.isAllowedToEdit(loadSample, floraDbContext));
        }
        return loadSample;
    }

    private void adjustEditFlag(List<Occurrence> list, FloraDbContext floraDbContext) {
        setEditFlag(extractSamples(list), floraDbContext);
    }

    private void setEditFlag(Set<Sample> set, FloraDbContext floraDbContext) {
        for (Sample sample : set) {
            sample.setAllowEdit(AccessRestrictions.isAllowedToEdit(sample, floraDbContext));
        }
    }

    private Set<Sample> extractSamples(List<Occurrence> list) {
        HashSet hashSet = new HashSet();
        Iterator<Occurrence> it2 = list.iterator();
        while (it2.hasNext()) {
            hashSet.add(it2.next().getSample());
        }
        return hashSet;
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public long saveOrUpdate(Sample sample, FloraDbContext floraDbContext) {
        if (AccessRestrictions.isAllowedToEdit(sample, floraDbContext)) {
            return super.saveOrUpdate(sample, floraDbContext);
        }
        throw new FloradbAccessRulesViolationException("Access to sample: " + sample.getUuid() + "denied to user: " + floraDbContext.getUser());
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public void delete(ShoppingCart shoppingCart, FloraDbContext floraDbContext) {
        if (floraDbContext.getUser() == null || !ShoppingCartRules.isAllowedToEdit(shoppingCart, floraDbContext)) {
            throw new FloradbAccessRulesViolationException();
        }
        super.delete(shoppingCart, floraDbContext);
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public ShoppingCart save(ShoppingCart shoppingCart, FloraDbContext floraDbContext) {
        ShoppingCart loadShoppingCart = this.cartModel.loadShoppingCart(shoppingCart.getUuid(), DataShareOption.DATA_FLOW);
        if (loadShoppingCart == null && ShoppingCartRules.isAllowedToEdit(shoppingCart, floraDbContext)) {
            return super.save(shoppingCart, floraDbContext);
        }
        if (loadShoppingCart.equalsExceptOwner(shoppingCart)) {
            if (floraDbContext.isPortalAdmin() && shoppingCart.getStatus() == ShoppingCart.Status.DRAFT) {
                return super.save(shoppingCart, floraDbContext);
            }
        } else if (ShoppingCartRules.isAllowedToEdit(shoppingCart, floraDbContext) && loadShoppingCart.isSameOwner(shoppingCart)) {
            return super.save(shoppingCart, floraDbContext);
        }
        if (loadShoppingCart.equalsExceptNameAndOrLinks(shoppingCart) && ShoppingCartRules.isAllowedToEditNameAndOrLinks(shoppingCart, floraDbContext)) {
            return super.save(shoppingCart, floraDbContext);
        }
        throw new FloradbAccessRulesViolationException("Not enought rights to modify shoppingCart " + shoppingCart.getUuid());
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public ShoppingCart loadShoppingCart(UUID uuid, FloraDbContext floraDbContext, DataShareOption dataShareOption) {
        ShoppingCart loadShoppingCart = super.loadShoppingCart(uuid, floraDbContext, dataShareOption);
        if (ShoppingCartRules.isAllowedToLoad(loadShoppingCart, floraDbContext)) {
            return loadShoppingCart;
        }
        throw new FloradbAccessRulesViolationException("Not enought rights to load shoppingCart " + uuid);
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public void publish(ShoppingCart shoppingCart, FloraDbContext floraDbContext) {
        User user = floraDbContext.getUser();
        if (user == null || !ShoppingCartRules.isAllowedToPublish(shoppingCart, user.getPerson(), floraDbContext)) {
            throw new FloradbAccessRulesViolationException("Current user is not allowed to publish shoppingCart.");
        }
        super.publish(shoppingCart, floraDbContext);
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public ShoppingCart requestData(ShoppingCartHeader shoppingCartHeader, FloraDbContext floraDbContext, boolean z) {
        User user = floraDbContext.getUser();
        if (user == null || !ShoppingCartRules.isAllowedToRequest(shoppingCartHeader, user.getPerson(), floraDbContext)) {
            throw new FloradbAccessRulesViolationException("Current user is not allowed to request data for shoppingCart.");
        }
        return super.requestData(shoppingCartHeader, floraDbContext, z);
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public Clearing updateClearing(Clearing clearing, ClearingHeader.Status status, FloraDbContext floraDbContext) {
        if (SurveyRules.isCurruentUserSurveyOwner(clearing.getSurvey(), floraDbContext)) {
            return super.updateClearing(clearing, status, floraDbContext);
        }
        throw new FloradbAccessRulesViolationException("Only the owner of a survey is allowd to update clearing requests regarding it.");
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public SurveyDump getDump(int i, OccurrenceAttribute occurrenceAttribute, FloraDbContext floraDbContext, DataShareOption dataShareOption) {
        boolean z = false;
        SurveyHeader loadSurveyHeader = this.surveyModel.loadSurveyHeader(i, dataShareOption);
        if (SurveyRules.isCurruentUserSurveyOwner(loadSurveyHeader, floraDbContext)) {
            z = true;
        } else if (loadSurveyHeader.getAvailability() == SurveyHeader.Availability.FREE) {
            z = true;
        } else if (isUserInGroupOrParentGroup(floraDbContext, i, "admin", dataShareOption)) {
            z = true;
        } else if (SurveyRules.isCurrentUserSurveyDeputyCustodian(loadSurveyHeader, floraDbContext)) {
            z = true;
        }
        if (z) {
            return super.getDump(i, occurrenceAttribute, floraDbContext, dataShareOption);
        }
        throw new FloradbAccessRulesViolationException("User has enough rights the read the survey snaphsot");
    }

    @Override // de.unigreifswald.botanik.floradb.facade.FloradbFacadeNoOpImpl, de.unigreifswald.botanik.floradb.facade.FloradbFacade
    public SurveyDump getSnapshot(UUID uuid, FloraDbContext floraDbContext, DataShareOption dataShareOption) {
        loadShoppingCart(uuid, floraDbContext, dataShareOption);
        return super.getSnapshot(uuid, floraDbContext, dataShareOption);
    }

    public void setCartModel(CartModel cartModel) {
        this.cartModel = cartModel;
    }
}
