package edu.internet2.middleware.grouper.grouperUi.beans.ui;

import edu.internet2.middleware.grouper.GroupFinder;
import edu.internet2.middleware.grouper.GrouperSession;
import edu.internet2.middleware.grouper.exception.GrouperSessionException;
import edu.internet2.middleware.grouper.grouperUi.beans.api.GuiRuleDefinition;
import edu.internet2.middleware.grouper.misc.GrouperSessionHandler;
import edu.internet2.middleware.grouper.privs.PrivilegeHelper;
import edu.internet2.middleware.grouper.rules.RuleUtils;
import edu.internet2.middleware.grouper.ui.GrouperUiFilter;
import edu.internet2.middleware.grouper.ui.util.GrouperUiConfig;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.subject.Subject;
import java.util.Set;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;

/* loaded from: input_file:WEB-INF/lib/grouper-ui-4.5.3.jar:edu/internet2/middleware/grouper/grouperUi/beans/ui/RulesContainer.class */
public class RulesContainer {
    private Set<GuiRuleDefinition> guiRuleDefinitions;
    private Boolean canReadRules;
    private Boolean canUpdateRules;
    private static final Log LOG = GrouperUtil.getLog(RulesContainer.class);

    public boolean isCanReadPrivilegeInheritance() {
        boolean propertyValueBoolean = GrouperUiConfig.retrieveConfig().propertyValueBoolean("uiV2.privilegeInheritanceReadRequireAdmin", false);
        final Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        if (propertyValueBoolean && !PrivilegeHelper.isWheelOrRoot(retrieveSubjectLoggedIn)) {
            return false;
        }
        final String propertyValueString = GrouperUiConfig.retrieveConfig().propertyValueString("uiV2.privilegeInheritanceReadRequireGroup");
        if (!StringUtils.isBlank(propertyValueString) && false == ((Boolean) GrouperSession.callbackGrouperSession(GrouperSession.staticGrouperSession().internal_getRootSession(), new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.beans.ui.RulesContainer.1
            @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
            public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                return GroupFinder.findByName(grouperSession, propertyValueString, true).hasMember(retrieveSubjectLoggedIn);
            }
        })).booleanValue()) {
            return false;
        }
        if (GrouperUiConfig.retrieveConfig().propertyValueBoolean("uiV2.privilegeInheritanceDoesntRequireRulesPrivileges", true)) {
            return true;
        }
        return GrouperRequestContainer.retrieveFromRequestOrCreate().getRulesContainer().isCanReadRules();
    }

    public boolean isCanUpdatePrivilegeInheritance() {
        boolean propertyValueBoolean = GrouperUiConfig.retrieveConfig().propertyValueBoolean("uiV2.privilegeInheritanceUpdateRequireAdmin", false);
        final Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        if (propertyValueBoolean && !PrivilegeHelper.isWheelOrRoot(retrieveSubjectLoggedIn)) {
            return false;
        }
        final String propertyValueString = GrouperUiConfig.retrieveConfig().propertyValueString("uiV2.privilegeInheritanceUpdateRequireGroup");
        if (!StringUtils.isBlank(propertyValueString) && false == ((Boolean) GrouperSession.callbackGrouperSession(GrouperSession.staticGrouperSession().internal_getRootSession(), new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.beans.ui.RulesContainer.2
            @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
            public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                return GroupFinder.findByName(grouperSession, propertyValueString, true).hasMember(retrieveSubjectLoggedIn);
            }
        })).booleanValue()) {
            return false;
        }
        if (GrouperUiConfig.retrieveConfig().propertyValueBoolean("uiV2.privilegeInheritanceDoesntRequireRulesPrivileges", true)) {
            return true;
        }
        return GrouperRequestContainer.retrieveFromRequestOrCreate().getRulesContainer().isCanUpdateRules();
    }

    public Set<GuiRuleDefinition> getGuiRuleDefinitions() {
        return this.guiRuleDefinitions;
    }

    public void setGuiRuleDefinitions(Set<GuiRuleDefinition> set) {
        this.guiRuleDefinitions = set;
    }

    public boolean isCanReadRules() {
        if (this.canReadRules == null) {
            try {
                final Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
                this.canReadRules = (Boolean) GrouperSession.callbackGrouperSession(GrouperSession.staticGrouperSession().internal_getRootSession(), new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.beans.ui.RulesContainer.3
                    @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
                    public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                        return Boolean.valueOf(RuleUtils.ruleTypeAttributeDef().getPrivilegeDelegate().canAttrRead(retrieveSubjectLoggedIn) && RuleUtils.ruleAttrAttributeDef().getPrivilegeDelegate().canAttrRead(retrieveSubjectLoggedIn));
                    }
                });
            } catch (Exception e) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("problem checking rule", e);
                }
                if (this.canReadRules == null) {
                    this.canReadRules = false;
                }
            }
        }
        return this.canReadRules.booleanValue();
    }

    public boolean isCanUpdateRules() {
        if (this.canUpdateRules == null) {
            try {
                final Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
                this.canUpdateRules = (Boolean) GrouperSession.callbackGrouperSession(GrouperSession.staticGrouperSession().internal_getRootSession(), new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.beans.ui.RulesContainer.4
                    @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
                    public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                        return Boolean.valueOf(RuleUtils.ruleTypeAttributeDef().getPrivilegeDelegate().canAttrUpdate(retrieveSubjectLoggedIn) && RuleUtils.ruleAttrAttributeDef().getPrivilegeDelegate().canAttrUpdate(retrieveSubjectLoggedIn));
                    }
                });
            } catch (Exception e) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("problem checking rule", e);
                }
                if (this.canUpdateRules == null) {
                    this.canUpdateRules = false;
                }
            }
        }
        return this.canUpdateRules.booleanValue();
    }
}
