package edu.internet2.middleware.grouper.rules;

import edu.internet2.middleware.grouper.Group;
import edu.internet2.middleware.grouper.GroupFinder;
import edu.internet2.middleware.grouper.GrouperSession;
import edu.internet2.middleware.grouper.Member;
import edu.internet2.middleware.grouper.MemberFinder;
import edu.internet2.middleware.grouper.Stem;
import edu.internet2.middleware.grouper.SubjectFinder;
import edu.internet2.middleware.grouper.attr.AttributeDef;
import edu.internet2.middleware.grouper.attr.finder.AttributeDefNameFinder;
import edu.internet2.middleware.grouper.cfg.GrouperConfig;
import edu.internet2.middleware.grouper.group.TypeOfGroup;
import edu.internet2.middleware.grouper.permissions.PermissionEntry;
import edu.internet2.middleware.grouper.privs.AccessPrivilege;
import edu.internet2.middleware.grouper.privs.AttributeDefPrivilege;
import edu.internet2.middleware.grouper.privs.NamingPrivilege;
import edu.internet2.middleware.grouper.privs.Privilege;
import edu.internet2.middleware.grouper.privs.PrivilegeHelper;
import edu.internet2.middleware.grouper.rules.beans.RulesBean;
import edu.internet2.middleware.grouper.util.GrouperEmail;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.subject.Subject;
import edu.internet2.middleware.subject.SubjectNotFoundException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;

/* loaded from: input_file:WEB-INF/lib/grouper-4.9.0.jar:edu/internet2/middleware/grouper/rules/RuleThenEnum.class */
public enum RuleThenEnum {
    assignDisabledDaysToOwnerPermissionDefAssignments { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.1
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            return Boolean.valueOf(RuleElUtils.assignPermissionDisabledDaysForAttributeDefId(ruleDefinition.getAttributeAssignType().getOwnerAttributeDefId(), rulesBean.getMemberId(), GrouperUtil.doubleValue(ruleDefinition.getThen().getThenEnumArg0())));
        }

        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public String validate(RuleDefinition ruleDefinition) {
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg2())) {
                return "ruleThenEnumArg2 should not be entered for this ruleThenEnum: " + name();
            }
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg1())) {
                return "ruleThenEnumArg1 should not be entered for this ruleThenEnum: " + name();
            }
            try {
                GrouperUtil.doubleValue(ruleDefinition.getThen().getThenEnumArg0());
                return null;
            } catch (Exception e) {
                return "ruleThenEnumArg0 should be the number of days in the future that the disabled date should be set: " + e.getMessage();
            }
        }
    },
    assignMembershipDisabledDaysForOwnerGroupId { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.2
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            return Boolean.valueOf(RuleElUtils.assignMembershipDisabledDaysForGroupId(ruleDefinition.getAttributeAssignType().getOwnerGroupId(), rulesBean.getMemberId(), GrouperUtil.doubleValue(ruleDefinition.getThen().getThenEnumArg0()), GrouperUtil.booleanValue(ruleDefinition.getThen().getThenEnumArg1())));
        }

        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public String validate(RuleDefinition ruleDefinition) {
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg2())) {
                return "ruleThenEnumArg2 should not be entered for this ruleThenEnum: " + name();
            }
            try {
                GrouperUtil.doubleValue(ruleDefinition.getThen().getThenEnumArg0());
                try {
                    GrouperUtil.booleanValue(ruleDefinition.getThen().getThenEnumArg1());
                    return null;
                } catch (Exception e) {
                    return "ruleThenEnumArg1 should be T or F for if the membership in the owner group should be created if not there: " + e.getMessage();
                }
            } catch (Exception e2) {
                return "ruleThenEnumArg0 should be the number of days in the future that the disabled date should be set: " + e2.getMessage();
            }
        }
    },
    veto { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.3
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            throw new RuleVeto(ruleDefinition.getThen().getThenEnumArg0(), ruleDefinition.getThen().getThenEnumArg1());
        }

        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public String validate(RuleDefinition ruleDefinition) {
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg2())) {
                return "ruleThenEnumArg2 should not be entered for this ruleThenEnum: " + name();
            }
            String thenEnumArg0 = ruleDefinition.getThen().getThenEnumArg0();
            String thenEnumArg1 = ruleDefinition.getThen().getThenEnumArg1();
            if (StringUtils.isBlank(thenEnumArg0)) {
                return "ruleThenEnumArg0 is the message key in the UI and is required, e.g. some.key.for.ui.messages.file";
            }
            if (StringUtils.isBlank(thenEnumArg1)) {
                return "ruleThenEnumArg1 is the error message";
            }
            return null;
        }
    },
    removeMemberFromOwnerPermissionDefAssignments { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.4
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            Set<PermissionEntry> permissionsForUser = RuleUtils.permissionsForUser(ruleDefinition.getAttributeAssignType().getOwnerAttributeDefId(), rulesBean, false);
            RuntimeException runtimeException = null;
            Member member = null;
            boolean z = false;
            for (PermissionEntry permissionEntry : GrouperUtil.nonNull((Set) permissionsForUser)) {
                if (permissionEntry.isImmediatePermission() && permissionEntry.getPermissionType() == PermissionEntry.PermissionType.role_subject) {
                    try {
                        Group findByUuid = GroupFinder.findByUuid(GrouperSession.staticGrouperSession(), permissionEntry.getRoleId(), true);
                        if (member == null) {
                            member = MemberFinder.findByUuid(GrouperSession.staticGrouperSession(), permissionEntry.getMemberId(), true);
                        }
                        findByUuid.getPermissionRoleDelegate().removeSubjectRolePermission(AttributeDefNameFinder.findById(permissionEntry.getAttributeDefNameId(), true), member);
                        z = true;
                    } catch (RuntimeException e) {
                        if (runtimeException == null) {
                            runtimeException = e;
                        }
                        RuleThenEnum.LOG.error("error removing permission assignments: " + permissionEntry, e);
                    }
                }
            }
            HashSet hashSet = new HashSet();
            for (PermissionEntry permissionEntry2 : GrouperUtil.nonNull((Set) permissionsForUser)) {
                if (permissionEntry2.getPermissionType() == PermissionEntry.PermissionType.role) {
                    try {
                        String roleId = permissionEntry2.getRoleId();
                        if (!hashSet.contains(roleId)) {
                            Group findByUuid2 = GroupFinder.findByUuid(GrouperSession.staticGrouperSession(), roleId, true);
                            if (member == null) {
                                member = MemberFinder.findByUuid(GrouperSession.staticGrouperSession(), permissionEntry2.getMemberId(), true);
                            }
                            if (findByUuid2.deleteMember(member.getSubject(), false)) {
                                z = true;
                            }
                            hashSet.add(roleId);
                        }
                    } catch (RuntimeException e2) {
                        if (runtimeException == null) {
                            runtimeException = e2;
                        }
                        RuleThenEnum.LOG.error("error removing role assignments: " + permissionEntry2, e2);
                    }
                }
            }
            if (runtimeException != null) {
                throw runtimeException;
            }
            return Boolean.valueOf(z);
        }
    },
    removeMemberFromOwnerGroup { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.5
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            return Boolean.valueOf(GroupFinder.findByUuid(GrouperSession.staticGrouperSession(), ruleDefinition.getAttributeAssignType().getOwnerGroupId(), true).deleteMember(MemberFinder.findByUuid(GrouperSession.staticGrouperSession(), rulesBean.getMemberId(), true), false));
        }
    },
    addMemberToOwnerGroup { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.6
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            return Boolean.valueOf(GroupFinder.findByUuid(GrouperSession.staticGrouperSession(), ruleDefinition.getAttributeAssignType().getOwnerGroupId(), true).addMember(MemberFinder.findByUuid(GrouperSession.staticGrouperSession(), rulesBean.getMemberId(), true).getSubject(), false));
        }
    },
    reassignGroupPrivilegesIfFromGroup { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.7
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public String validate(RuleDefinition ruleDefinition) {
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg2())) {
                return "ruleThenEnumArg2 should not be entered for this ruleThenEnum: " + name();
            }
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg1())) {
                return "ruleThenEnumArg1 should not be entered for this ruleThenEnum: " + name();
            }
            if (StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg1())) {
                return null;
            }
            return "ruleThenEnumArg0 should not be entered for this ruleThenEnum: " + name();
        }

        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            Group group = rulesBean.getGroup();
            if (RuleThenEnum.LOG.isDebugEnabled()) {
                RuleThenEnum.LOG.debug("reassignGroupPrivilegesIfFromGroup: from group: " + group);
            }
            Subject subjectUnderlyingSession = rulesBean.getSubjectUnderlyingSession();
            if (subjectUnderlyingSession == null) {
                throw new NullPointerException("Why is there no subject in grouper session???");
            }
            Stem parentStem = group.getParentStem();
            Set creators = parentStem.getCreators();
            creators.addAll(GrouperUtil.nonNull(parentStem.getStemmers()));
            HashSet hashSet = new HashSet();
            Group group2 = null;
            boolean z = false;
            for (Subject subject : GrouperUtil.nonNull(creators)) {
                if (StringUtils.equals("g:gsa", subject.getSourceId()) && GroupFinder.findByUuid(GrouperSession.staticGrouperSession(), subject.getId(), false).hasMember(subjectUnderlyingSession)) {
                    if (!z) {
                        if (GrouperConfig.getPropertyBoolean(GrouperConfig.PROP_USE_WHEEL_GROUP, false)) {
                            String property = GrouperConfig.getProperty(GrouperConfig.PROP_WHEEL_GROUP);
                            if (!StringUtils.isBlank(property)) {
                                group2 = GroupFinder.findByName(GrouperSession.staticGrouperSession(), property, true);
                            }
                        }
                        z = true;
                    }
                    if (group2 == null || (!StringUtils.equals(group2.getId(), subject.getId()) && !group2.hasMember(subject))) {
                        hashSet.add(subject);
                    }
                }
            }
            boolean z2 = false;
            if (hashSet.size() > 0 || PrivilegeHelper.isWheelOrRoot(subjectUnderlyingSession)) {
                group.revokePriv(subjectUnderlyingSession, AccessPrivilege.ADMIN, false);
                z2 = true;
            }
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                group.grantPriv((Subject) it.next(), AccessPrivilege.ADMIN, false);
            }
            return Boolean.valueOf(z2);
        }
    },
    reassignAttributeDefPrivilegesIfFromGroup { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.8
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public String validate(RuleDefinition ruleDefinition) {
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg2())) {
                return "ruleThenEnumArg2 should not be entered for this ruleThenEnum: " + name();
            }
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg1())) {
                return "ruleThenEnumArg1 should not be entered for this ruleThenEnum: " + name();
            }
            if (StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg1())) {
                return null;
            }
            return "ruleThenEnumArg0 should not be entered for this ruleThenEnum: " + name();
        }

        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            AttributeDef attributeDef = rulesBean.getAttributeDef();
            if (RuleThenEnum.LOG.isDebugEnabled()) {
                RuleThenEnum.LOG.debug("reassignAttributeDefPrivilegesIfFromGroup: from attributeDef: " + attributeDef);
            }
            Subject subjectUnderlyingSession = rulesBean.getSubjectUnderlyingSession();
            if (subjectUnderlyingSession == null) {
                throw new NullPointerException("Why is there no subject in grouper session???");
            }
            Stem parentStem = attributeDef.getParentStem();
            Set creators = parentStem.getCreators();
            creators.addAll(GrouperUtil.nonNull(parentStem.getStemmers()));
            HashSet hashSet = new HashSet();
            Group group = null;
            boolean z = false;
            for (Subject subject : GrouperUtil.nonNull(creators)) {
                if (StringUtils.equals("g:gsa", subject.getSourceId()) && GroupFinder.findByUuid(GrouperSession.staticGrouperSession(), subject.getId(), false).hasMember(subjectUnderlyingSession)) {
                    if (!z) {
                        if (GrouperConfig.getPropertyBoolean(GrouperConfig.PROP_USE_WHEEL_GROUP, false)) {
                            String property = GrouperConfig.getProperty(GrouperConfig.PROP_WHEEL_GROUP);
                            if (!StringUtils.isBlank(property)) {
                                group = GroupFinder.findByName(GrouperSession.staticGrouperSession(), property, true);
                            }
                        }
                        z = true;
                    }
                    if (group == null || (!StringUtils.equals(group.getId(), subject.getId()) && !group.hasMember(subject))) {
                        hashSet.add(subject);
                    }
                }
            }
            boolean z2 = false;
            if (hashSet.size() > 0 || PrivilegeHelper.isWheelOrRoot(subjectUnderlyingSession)) {
                attributeDef.getPrivilegeDelegate().revokePriv(subjectUnderlyingSession, AttributeDefPrivilege.ATTR_ADMIN, false);
                z2 = true;
            }
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                attributeDef.getPrivilegeDelegate().grantPriv((Subject) it.next(), AttributeDefPrivilege.ATTR_ADMIN, false);
            }
            return Boolean.valueOf(z2);
        }
    },
    reassignStemPrivilegesIfFromGroup { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.9
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public String validate(RuleDefinition ruleDefinition) {
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg2())) {
                return "ruleThenEnumArg2 should not be entered for this ruleThenEnum: " + name();
            }
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg1())) {
                return "ruleThenEnumArg1 should not be entered for this ruleThenEnum: " + name();
            }
            if (StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg1())) {
                return null;
            }
            return "ruleThenEnumArg0 should not be entered for this ruleThenEnum: " + name();
        }

        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            Stem stem = rulesBean.getStem();
            if (RuleThenEnum.LOG.isDebugEnabled()) {
                RuleThenEnum.LOG.debug("reassignStemPrivilegesIfFromGroup: from stem: " + stem);
            }
            Subject subjectUnderlyingSession = rulesBean.getSubjectUnderlyingSession();
            if (subjectUnderlyingSession == null) {
                throw new NullPointerException("Why is there no subject in grouper session???");
            }
            Set stemmers = stem.getParentStem().getStemmers();
            HashSet<Subject> hashSet = new HashSet();
            Group group = null;
            boolean z = false;
            for (Subject subject : GrouperUtil.nonNull(stemmers)) {
                if (StringUtils.equals("g:gsa", subject.getSourceId()) && GroupFinder.findByUuid(GrouperSession.staticGrouperSession(), subject.getId(), false).hasMember(subjectUnderlyingSession)) {
                    if (!z) {
                        if (GrouperConfig.getPropertyBoolean(GrouperConfig.PROP_USE_WHEEL_GROUP, false)) {
                            String property = GrouperConfig.getProperty(GrouperConfig.PROP_WHEEL_GROUP);
                            if (!StringUtils.isBlank(property)) {
                                group = GroupFinder.findByName(GrouperSession.staticGrouperSession(), property, true);
                            }
                        }
                        z = true;
                    }
                    if (group == null || (!StringUtils.equals(group.getId(), subject.getId()) && !group.hasMember(subject))) {
                        hashSet.add(subject);
                    }
                }
            }
            boolean z2 = false;
            boolean z3 = false;
            boolean z4 = false;
            if (hashSet.size() > 0 || PrivilegeHelper.isWheelOrRoot(subjectUnderlyingSession)) {
                z4 = stem.revokePriv(subjectUnderlyingSession, NamingPrivilege.STEM_ADMIN, false);
                z3 = stem.revokePriv(subjectUnderlyingSession, NamingPrivilege.CREATE, false);
                z2 = true;
            }
            for (Subject subject2 : hashSet) {
                if (z4) {
                    stem.grantPriv(subject2, NamingPrivilege.STEM_ADMIN, false);
                }
                if (z3) {
                    stem.grantPriv(subject2, NamingPrivilege.CREATE, false);
                }
            }
            return Boolean.valueOf(z2);
        }
    },
    assignGroupPrivilegeToGroupId { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.10
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public String validate(RuleDefinition ruleDefinition) {
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg2())) {
                return "ruleThenEnumArg2 should not be entered for this ruleThenEnum: " + name();
            }
            String thenEnumArg0 = ruleDefinition.getThen().getThenEnumArg0();
            String thenEnumArg1 = ruleDefinition.getThen().getThenEnumArg1();
            if (StringUtils.isBlank(thenEnumArg0)) {
                return "ruleThenEnumArg0 is the subject string to assign to and is required, e.g. g:gsa::::::someFolder:someGroup";
            }
            if (StringUtils.isBlank(thenEnumArg1)) {
                return "ruleThenEnumArg1 are the access privileges, e.g. read,update,admin";
            }
            try {
                SubjectFinder.findByPackedSubjectString(thenEnumArg0, true);
                for (String str : GrouperUtil.splitTrimToSet(thenEnumArg1, ",")) {
                    try {
                        if (!Privilege.isAccess(Privilege.getInstance(str))) {
                            return "Privilege '" + str + "' must be an access privilege, e.g. admin, read, update, view, optin, optout";
                        }
                    } catch (Exception e) {
                        return e.getMessage();
                    }
                }
                return null;
            } catch (Exception e2) {
                return e2.getMessage();
            }
        }

        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            Group group = rulesBean.getGroup();
            try {
                Subject findByPackedSubjectString = SubjectFinder.findByPackedSubjectString(ruleDefinition.getThen().getThenEnumArg0(), true);
                String thenEnumArg1 = ruleDefinition.getThen().getThenEnumArg1();
                if (RuleThenEnum.LOG.isDebugEnabled()) {
                    RuleThenEnum.LOG.debug("assignGroupPrivilege: from group: " + group + ", subject: " + GrouperUtil.subjectToString(findByPackedSubjectString) + " privilegeNamesCommaSeparated: " + thenEnumArg1);
                }
                boolean z = false;
                Iterator<String> it = GrouperUtil.splitTrimToSet(thenEnumArg1, ",").iterator();
                while (it.hasNext()) {
                    Privilege privilege = Privilege.getInstance(it.next());
                    if (Privilege.isEntity(privilege) || group.getTypeOfGroup() != TypeOfGroup.entity) {
                        if (group.grantPriv(findByPackedSubjectString, privilege, false)) {
                            z = true;
                        }
                    }
                }
                return Boolean.valueOf(z);
            } catch (SubjectNotFoundException e) {
                RuleThenEnum.LOG.error("Subject not found in rule then arg0: " + ruleDefinition.getThen().getThenEnumArg0());
                return false;
            }
        }
    },
    assignStemPrivilegeToStemId { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.11
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public String validate(RuleDefinition ruleDefinition) {
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg2())) {
                return "ruleThenEnumArg2 should not be entered for this ruleThenEnum: " + name();
            }
            String thenEnumArg0 = ruleDefinition.getThen().getThenEnumArg0();
            String thenEnumArg1 = ruleDefinition.getThen().getThenEnumArg1();
            if (StringUtils.isBlank(thenEnumArg0)) {
                return "ruleThenEnumArg0 is the subject string to assign to and is required, e.g. g:gsa::::::someFolder:someGroup";
            }
            if (StringUtils.isBlank(thenEnumArg1)) {
                return "ruleThenEnumArg1 are the naming privileges, e.g. stem,create";
            }
            try {
                SubjectFinder.findByPackedSubjectString(thenEnumArg0, true);
                for (String str : GrouperUtil.splitTrimToSet(thenEnumArg1, ",")) {
                    try {
                        if (!Privilege.isNaming(Privilege.getInstance(str))) {
                            return "Privilege '" + str + "' must be a naming privilege, e.g. stemAdmin, create";
                        }
                    } catch (Exception e) {
                        return e.getMessage();
                    }
                }
                return null;
            } catch (Exception e2) {
                return e2.getMessage();
            }
        }

        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            Stem stem = rulesBean.getStem();
            SubjectFinder.findByPackedSubjectString(ruleDefinition.getThen().getThenEnumArg0(), true);
            try {
                Subject findByPackedSubjectString = SubjectFinder.findByPackedSubjectString(ruleDefinition.getThen().getThenEnumArg0(), true);
                String thenEnumArg1 = ruleDefinition.getThen().getThenEnumArg1();
                if (RuleThenEnum.LOG.isDebugEnabled()) {
                    RuleThenEnum.LOG.debug("assignStemPrivilege: from stem: " + stem + ", subject: " + GrouperUtil.subjectToString(findByPackedSubjectString) + " privilegeNamesCommaSeparated: " + thenEnumArg1);
                }
                boolean z = false;
                Iterator<String> it = GrouperUtil.splitTrimToSet(thenEnumArg1, ",").iterator();
                while (it.hasNext()) {
                    if (stem.grantPriv(findByPackedSubjectString, Privilege.getInstance(it.next()), false)) {
                        z = true;
                    }
                }
                return Boolean.valueOf(z);
            } catch (SubjectNotFoundException e) {
                RuleThenEnum.LOG.error("Subject not found in rule then arg0: " + ruleDefinition.getThen().getThenEnumArg0());
                return false;
            }
        }
    },
    assignAttributeDefPrivilegeToAttributeDefId { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.12
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public String validate(RuleDefinition ruleDefinition) {
            if (!StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg2())) {
                return "ruleThenEnumArg2 should not be entered for this ruleThenEnum: " + name();
            }
            String thenEnumArg0 = ruleDefinition.getThen().getThenEnumArg0();
            String thenEnumArg1 = ruleDefinition.getThen().getThenEnumArg1();
            if (StringUtils.isBlank(thenEnumArg0)) {
                return "ruleThenEnumArg0 is the subject string to assign to and is required, e.g. g:gsa::::::someFolder:someGroup";
            }
            if (StringUtils.isBlank(thenEnumArg1)) {
                return "ruleThenEnumArg1 are the attrDef privileges, e.g. attrRead,attrUpdate,attrAdmin";
            }
            try {
                SubjectFinder.findByPackedSubjectString(thenEnumArg0, true);
                for (String str : GrouperUtil.splitTrimToSet(thenEnumArg1, ",")) {
                    try {
                        if (!Privilege.isAttributeDef(Privilege.getInstance(str))) {
                            return "Privilege '" + str + "' must be an attributeDef privilege, e.g. attrAdmin, attrRead, attrUpdate, attrView, attrOptin, attrOptout";
                        }
                    } catch (Exception e) {
                        return e.getMessage();
                    }
                }
                return null;
            } catch (Exception e2) {
                return e2.getMessage();
            }
        }

        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            AttributeDef attributeDef = rulesBean.getAttributeDef();
            try {
                Subject findByPackedSubjectString = SubjectFinder.findByPackedSubjectString(ruleDefinition.getThen().getThenEnumArg0(), true);
                String thenEnumArg1 = ruleDefinition.getThen().getThenEnumArg1();
                if (RuleThenEnum.LOG.isDebugEnabled()) {
                    RuleThenEnum.LOG.debug("assignAttributeDefPrivilege: from attributeDef: " + attributeDef + ", subject: " + GrouperUtil.subjectToString(findByPackedSubjectString) + " privilegeNamesCommaSeparated: " + thenEnumArg1);
                }
                boolean z = false;
                Iterator<String> it = GrouperUtil.splitTrimToSet(thenEnumArg1, ",").iterator();
                while (it.hasNext()) {
                    if (attributeDef.getPrivilegeDelegate().grantPriv(findByPackedSubjectString, Privilege.getInstance(it.next()), false)) {
                        z = true;
                    }
                }
                return Boolean.valueOf(z);
            } catch (SubjectNotFoundException e) {
                RuleThenEnum.LOG.error("Subject not found in rule then arg0: " + ruleDefinition.getThen().getThenEnumArg0());
                return false;
            }
        }
    },
    sendEmail { // from class: edu.internet2.middleware.grouper.rules.RuleThenEnum.13
        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public String validate(RuleDefinition ruleDefinition) {
            String thenEnumArg0 = ruleDefinition.getThen().getThenEnumArg0();
            String thenEnumArg1 = ruleDefinition.getThen().getThenEnumArg1();
            String thenEnumArg2 = ruleDefinition.getThen().getThenEnumArg2();
            if (StringUtils.isBlank(thenEnumArg0)) {
                return "sendEmail ruleThenEnum requires ruleThenArg0 to be the comma separated addresses to send the email to";
            }
            if (StringUtils.isBlank(thenEnumArg1)) {
                return "sendEmail ruleThenEnum requires ruleThenArg1 to be the subject EL script or template: templateName ";
            }
            if (StringUtils.isBlank(thenEnumArg2)) {
                return "sendEmail ruleThenEnum requires ruleThenArg2 to be the body EL script or template: templateName ";
            }
            try {
                RuleUtils.emailTemplate(thenEnumArg1);
                RuleUtils.emailTemplate(thenEnumArg2);
                return null;
            } catch (Exception e) {
                return e.getMessage();
            }
        }

        @Override // edu.internet2.middleware.grouper.rules.RuleThenEnum
        public Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb) {
            String thenEnumArg0 = ruleDefinition.getThen().getThenEnumArg0();
            String thenEnumArg1 = ruleDefinition.getThen().getThenEnumArg1();
            String thenEnumArg2 = ruleDefinition.getThen().getThenEnumArg2();
            String emailTemplate = RuleUtils.emailTemplate(thenEnumArg1);
            String emailTemplate2 = RuleUtils.emailTemplate(thenEnumArg2);
            HashMap hashMap = new HashMap();
            ruleDefinition.addElVariables(hashMap, rulesBean, RuleEngine.hasAccessToElApi(ruleDefinition.getActAs().subject(true)));
            if (sb != null) {
                sb.append(", EL variables: ");
                for (String str : hashMap.keySet()) {
                    sb.append(str);
                    Object obj = hashMap.get(str);
                    if (obj instanceof String) {
                        sb.append("(").append(obj).append(")");
                    }
                    sb.append(",");
                }
            }
            String substituteExpressionLanguage = GrouperUtil.substituteExpressionLanguage(thenEnumArg0, hashMap);
            String substituteExpressionLanguage2 = GrouperUtil.substituteExpressionLanguage(emailTemplate, hashMap);
            String substituteExpressionLanguage3 = GrouperUtil.substituteExpressionLanguage(emailTemplate2, hashMap);
            if (sb != null) {
                sb.append(", toAddressesString: ").append(substituteExpressionLanguage);
                sb.append(", subject: ").append(substituteExpressionLanguage2);
                sb.append(", body: ").append(substituteExpressionLanguage3);
            }
            new GrouperEmail().setTo(substituteExpressionLanguage).setBody(substituteExpressionLanguage3).setSubject(substituteExpressionLanguage2).send();
            return true;
        }
    };

    private static final Log LOG = GrouperUtil.getLog(RuleThenEnum.class);

    public static RuleThenEnum valueOfIgnoreCase(String str, boolean z) {
        return (RuleThenEnum) GrouperUtil.enumValueOfIgnoreCase(RuleThenEnum.class, str, z);
    }

    public abstract Object fireRule(RuleDefinition ruleDefinition, RuleEngine ruleEngine, RulesBean rulesBean, StringBuilder sb);

    public String validate(RuleDefinition ruleDefinition) {
        if (StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg0()) && StringUtils.isBlank(ruleDefinition.getThen().getThenEnumArg1())) {
            return null;
        }
        return "This ruleThenEnum does not take any arguments: " + this;
    }
}
