package edu.internet2.middleware.grouper.rules;

import edu.internet2.middleware.grouper.Group;
import edu.internet2.middleware.grouper.GrouperSession;
import edu.internet2.middleware.grouper.GrouperSourceAdapter;
import edu.internet2.middleware.grouper.MembershipFinder;
import edu.internet2.middleware.grouper.Stem;
import edu.internet2.middleware.grouper.SubjectFinder;
import edu.internet2.middleware.grouper.attr.AttributeDef;
import edu.internet2.middleware.grouper.attr.assign.AttributeAssign;
import edu.internet2.middleware.grouper.attr.assign.AttributeAssignable;
import edu.internet2.middleware.grouper.attr.value.AttributeValueDelegate;
import edu.internet2.middleware.grouper.exception.GrouperSessionException;
import edu.internet2.middleware.grouper.misc.GrouperObject;
import edu.internet2.middleware.grouper.misc.GrouperSessionHandler;
import edu.internet2.middleware.grouper.privs.AccessPrivilege;
import edu.internet2.middleware.grouper.privs.AttributeDefPrivilege;
import edu.internet2.middleware.grouper.privs.NamingPrivilege;
import edu.internet2.middleware.grouper.privs.Privilege;
import edu.internet2.middleware.grouper.subj.SubjectHelper;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.grouperClient.collections.MultiKey;
import edu.internet2.middleware.subject.Subject;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;

/* loaded from: input_file:WEB-INF/lib/grouper-4.9.0.jar:edu/internet2/middleware/grouper/rules/RuleApi.class */
public class RuleApi {
    private static final Log LOG = GrouperUtil.getLog(RuleApi.class);

    public static AttributeAssign reassignGroupPrivilegesIfFromGroup(Subject subject, Stem stem, Stem.Scope scope) {
        AttributeAssign attributeAssign = stem.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.groupCreate.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckStemScopeName(), scope.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.reassignGroupPrivilegesIfFromGroup.name());
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign reassignAttributeDefPrivilegesIfFromGroup(Subject subject, Stem stem, Stem.Scope scope) {
        AttributeAssign attributeAssign = stem.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.attributeDefCreate.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckStemScopeName(), scope.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.reassignAttributeDefPrivilegesIfFromGroup.name());
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign vetoMembershipIfNotInGroupInFolder(Subject subject, Group group, Stem stem, Stem.Scope scope, String str, String str2) {
        AttributeAssign attributeAssign = group.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.membershipAdd.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.noGroupInFolderHasImmediateEnabledMembership.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfOwnerIdName(), stem.getUuid());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfStemScopeName(), scope.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.veto.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), str);
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg1Name(), str2);
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign vetoSubjectAssignInFolderIfNotInGroup(Subject subject, Stem stem, Group group, boolean z, String str, Stem.Scope scope, String str2, String str3) {
        if (z && group != null) {
            throw new RuntimeException("If allowAll, then mustBeInGroup must be false");
        }
        AttributeAssign attributeAssign = stem.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.subjectAssignInStem.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckStemScopeName(), scope != null ? scope.name() : Stem.Scope.SUB.name());
        if (!StringUtils.isBlank(str)) {
            attributeValueDelegate.assignValue(RuleUtils.ruleCheckArg0Name(), str);
        }
        if (z) {
            attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.never.name());
        } else if (group != null) {
            attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.groupHasNoEnabledMembership.name());
            attributeValueDelegate.assignValue(RuleUtils.ruleIfOwnerIdName(), group.getId());
        }
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.veto.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), str2);
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg1Name(), str3);
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign vetoMembershipIfNotInGroup(Subject subject, Group group, Group group2, String str, String str2) {
        AttributeAssign attributeAssign = group.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.membershipAdd.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.groupHasNoEnabledMembership.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfOwnerIdName(), group2.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.veto.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), str);
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg1Name(), str2);
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign vetoMembershipIfTooManyMembers(Subject subject, Group group, Group group2, int i, String str, String str2, String str3) {
        AttributeAssign attributeAssign = group.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.membershipAdd.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.groupHasTooManyMembers.name());
        if (group2 != null) {
            attributeValueDelegate.assignValue(RuleUtils.ruleIfOwnerIdName(), group2.getId());
        }
        attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumArg0Name(), Integer.toString(i));
        if (!StringUtils.isBlank(str)) {
            attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumArg1Name(), str);
        }
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.veto.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), str2);
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg1Name(), str3);
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    @Deprecated
    public static AttributeAssign inheritAttributeDefPrivileges(Subject subject, Stem stem, Stem.Scope scope, Subject subject2, Set<Privilege> set) {
        return inheritAttributeDefPrivileges(stem, scope, subject2, set);
    }

    public static AttributeAssign inheritAttributeDefPrivileges(Stem stem, Stem.Scope scope, Subject subject, Set<Privilege> set) {
        AttributeAssign attributeAssign = stem.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), SubjectFinder.findRootSubject().getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), SubjectFinder.findRootSubject().getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.attributeDefCreate.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckStemScopeName(), scope.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.assignAttributeDefPrivilegeToAttributeDefId.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), subject.getSourceId() + " :::: " + subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg1Name(), Privilege.stringValue(set));
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (!StringUtils.equals("T", retrieveValueString)) {
            throw new RuntimeException(retrieveValueString);
        }
        runRulesForOwner(stem);
        return attributeAssign;
    }

    @Deprecated
    public static AttributeAssign inheritFolderPrivileges(Subject subject, Stem stem, Stem.Scope scope, Subject subject2, Set<Privilege> set) {
        return inheritFolderPrivileges(stem, scope, subject2, set);
    }

    public static AttributeAssign inheritFolderPrivileges(Stem stem, Stem.Scope scope, Subject subject, Set<Privilege> set) {
        AttributeAssign attributeAssign = stem.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), SubjectFinder.findRootSubject().getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), SubjectFinder.findRootSubject().getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.stemCreate.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckStemScopeName(), scope.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.assignStemPrivilegeToStemId.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), subject.getSourceId() + " :::: " + subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg1Name(), Privilege.stringValue(set));
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (!StringUtils.equals("T", retrieveValueString)) {
            throw new RuntimeException(retrieveValueString);
        }
        runRulesForOwner(stem);
        return attributeAssign;
    }

    @Deprecated
    public static AttributeAssign inheritGroupPrivileges(Subject subject, Stem stem, Stem.Scope scope, Subject subject2, Set<Privilege> set) {
        return inheritGroupPrivileges(stem, scope, subject2, set);
    }

    public static AttributeAssign inheritGroupPrivileges(Stem stem, Stem.Scope scope, Subject subject, Set<Privilege> set) {
        return inheritGroupPrivileges(stem, scope, subject, set, (String) null);
    }

    private static Set<RuleDefinition> inheritedRulesForFolderOrCache(Map<MultiKey, Set<RuleDefinition>> map, Stem stem, Subject subject, Privilege privilege, boolean z) {
        MultiKey multiKey = new MultiKey(stem.getId(), subject.getSourceId(), subject.getId(), privilege.getName());
        Set<RuleDefinition> set = map == null ? null : map.get(multiKey);
        if (set == null) {
            set = GrouperUtil.nonNull((Set) inheritedRulesForFolder(stem, subject, privilege, z));
            if (map != null) {
                map.put(multiKey, set);
            }
        }
        return set;
    }

    private static Set<RuleDefinition> inheritedRulesForFolder(Stem stem, Subject subject, Privilege privilege, boolean z) {
        Set<RuleDefinition> findAttributeDefPrivilegeInheritRules;
        if (privilege.isAccess()) {
            findAttributeDefPrivilegeInheritRules = RuleFinder.findGroupPrivilegeInheritRules(stem);
        } else if (privilege.isNaming()) {
            findAttributeDefPrivilegeInheritRules = RuleFinder.findFolderPrivilegeInheritRules(stem);
        } else {
            if (!privilege.isAttributeDef()) {
                throw new RuntimeException("Not expecting privilege: " + privilege);
            }
            findAttributeDefPrivilegeInheritRules = RuleFinder.findAttributeDefPrivilegeInheritRules(stem);
        }
        if (GrouperUtil.length(findAttributeDefPrivilegeInheritRules) == 0) {
            return findAttributeDefPrivilegeInheritRules;
        }
        Iterator<RuleDefinition> it = findAttributeDefPrivilegeInheritRules.iterator();
        while (it.hasNext()) {
            RuleDefinition next = it.next();
            String thenEnumArg0 = next.getThen().getThenEnumArg0();
            if (StringUtils.isBlank(thenEnumArg0)) {
                it.remove();
            } else {
                try {
                    Subject findByPackedSubjectString = SubjectFinder.findByPackedSubjectString(thenEnumArg0, true);
                    if (!SubjectHelper.eq(findByPackedSubjectString, subject)) {
                        boolean z2 = false;
                        if (z && StringUtils.equals(GrouperSourceAdapter.groupSourceId(), findByPackedSubjectString.getSourceId())) {
                            z2 = new MembershipFinder().addGroupId(findByPackedSubjectString.getId()).addField(Group.getDefaultList()).addSubject(subject).findMembershipsMembers().size() > 0;
                        }
                        if (!z || !z2) {
                            it.remove();
                        }
                    }
                } catch (Exception e) {
                    LOG.error("Problem assigning subject: '" + thenEnumArg0 + "'", e);
                }
                if (!StringUtils.equals(next.getThen().getThenEnumArg1(), privilege.getName())) {
                    it.remove();
                }
            }
        }
        return findAttributeDefPrivilegeInheritRules;
    }

    public static int removePrivilegesIfNotAssignedByRule(boolean z, final Stem stem, final Stem.Scope scope, final Subject subject, final Set<Privilege> set, final String str) {
        return ((Integer) GrouperSession.callbackGrouperSession(z ? GrouperSession.staticGrouperSession().internal_getRootSession() : GrouperSession.staticGrouperSession(), new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.rules.RuleApi.1
            @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
            public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                int i = 0;
                HashMap hashMap = new HashMap();
                for (Privilege privilege : GrouperUtil.nonNull(set)) {
                    HashSet hashSet = new HashSet();
                    if (privilege.isAccess()) {
                        hashSet.addAll(GrouperUtil.nonNull((Set) GrouperSession.staticGrouperSession().getAccessResolver().getGroupsWhereSubjectDoesHavePrivilege(stem.getId(), scope, subject, privilege, false, str)));
                    } else if (privilege.isNaming()) {
                        Set nonNull = GrouperUtil.nonNull((Set) GrouperSession.staticGrouperSession().getNamingResolver().getStemsWhereSubjectDoesHavePrivilege(stem.getId(), scope, subject, privilege, false, str));
                        if (stem.hasPrivilege(subject, privilege.getName())) {
                            nonNull.add(stem);
                        }
                        hashSet.addAll(nonNull);
                    } else {
                        if (!privilege.isAttributeDef()) {
                            throw new RuntimeException("Not expecting privilege: " + privilege);
                        }
                        hashSet.addAll(GrouperUtil.nonNull((Set) GrouperSession.staticGrouperSession().getAttributeDefResolver().getAttributeDefsWhereSubjectDoesHavePrivilege(stem.getId(), scope, subject, privilege, false, str)));
                    }
                    for (GrouperObject grouperObject : GrouperUtil.nonNull((Set) hashSet)) {
                        if (!RuleApi.hasInheritedPrivilege(hashMap, grouperObject, subject, privilege, false)) {
                            i++;
                            if (privilege.isAccess()) {
                                if (((Group) grouperObject).canHavePrivilege(grouperSession.getSubject(), AccessPrivilege.ADMIN.getName(), false)) {
                                    ((Group) grouperObject).revokePriv(subject, privilege, false);
                                    if (RuleApi.LOG.isDebugEnabled()) {
                                        RuleApi.LOG.debug("Revoking privilege (due to inherited priv removed and no other inherited priv assigned): " + privilege + " from subject: " + GrouperUtil.subjectToString(subject) + " from group: " + grouperObject.getName());
                                    }
                                }
                            } else if (!privilege.isNaming()) {
                                if (!privilege.isAttributeDef()) {
                                    throw new RuntimeException("Not expecting privilege: " + privilege);
                                }
                                if (((AttributeDef) grouperObject).getPrivilegeDelegate().canHavePrivilege(grouperSession.getSubject(), AttributeDefPrivilege.ATTR_ADMIN.getName(), false)) {
                                    ((AttributeDef) grouperObject).getPrivilegeDelegate().revokePriv(subject, privilege, false);
                                    if (RuleApi.LOG.isDebugEnabled()) {
                                        RuleApi.LOG.debug("Revoking privilege (due to inherited priv removed and no other inherited priv assigned): " + privilege + " from subject: " + GrouperUtil.subjectToString(subject) + " from attributeDef: " + grouperObject.getName());
                                    }
                                }
                            } else if (((Stem) grouperObject).canHavePrivilege(grouperSession.getSubject(), NamingPrivilege.STEM_ADMIN.getName(), false)) {
                                ((Stem) grouperObject).revokePriv(subject, privilege, false);
                                if (RuleApi.LOG.isDebugEnabled()) {
                                    RuleApi.LOG.debug("Revoking privilege (due to inherited priv removed and no other inherited priv assigned): " + privilege + " from subject: " + GrouperUtil.subjectToString(subject) + " from folder: " + grouperObject.getName());
                                }
                            }
                        }
                    }
                }
                return Integer.valueOf(i);
            }
        })).intValue();
    }

    public static boolean hasInheritedPrivilege(GrouperObject grouperObject, Subject subject, Privilege privilege, boolean z) {
        return hasInheritedPrivilege(null, grouperObject, subject, privilege, z);
    }

    public static boolean hasInheritedPrivilege(final Map<MultiKey, Set<RuleDefinition>> map, final GrouperObject grouperObject, final Subject subject, final Privilege privilege, final boolean z) {
        return ((Boolean) GrouperSession.callbackGrouperSession(GrouperSession.staticGrouperSession().internal_getRootSession(), new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.rules.RuleApi.2
            @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
            public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                boolean z2 = true;
                Stem parentStem = GrouperObject.this.getParentStem();
                loop0: while (true) {
                    for (RuleDefinition ruleDefinition : GrouperUtil.nonNull((Set) RuleApi.inheritedRulesForFolderOrCache(map, parentStem, subject, privilege, z))) {
                        if (z2 || Stem.Scope.SUB.name().equalsIgnoreCase(ruleDefinition.getCheck().getCheckStemScope())) {
                            if (ruleDefinition.getIfCondition() == null || ruleDefinition.getIfCondition().getIfConditionEnum() == null || (RuleIfConditionEnum.nameMatchesSqlLikeString.name().equalsIgnoreCase(ruleDefinition.getIfCondition().getIfConditionEnum()) && GrouperUtil.matchSqlString(ruleDefinition.getIfCondition().getIfConditionEnumArg0(), GrouperObject.this.getName()))) {
                                break loop0;
                            }
                        }
                    }
                    parentStem = parentStem.getParentStemOrNull();
                    if (parentStem == null) {
                        return false;
                    }
                    z2 = false;
                }
                return true;
            }
        })).booleanValue();
    }

    @Deprecated
    public static AttributeAssign inheritGroupPrivileges(Subject subject, Stem stem, Stem.Scope scope, Subject subject2, Set<Privilege> set, String str) {
        return inheritGroupPrivileges(stem, scope, subject2, set, str);
    }

    public static AttributeAssign inheritGroupPrivileges(Stem stem, Stem.Scope scope, Subject subject, Set<Privilege> set, String str) {
        AttributeAssign attributeAssign = stem.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), SubjectFinder.findRootSubject().getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), SubjectFinder.findRootSubject().getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.groupCreate.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckStemScopeName(), scope.name());
        if (!StringUtils.isBlank(str)) {
            attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.nameMatchesSqlLikeString.name());
            attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumArg0Name(), str);
        }
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.assignGroupPrivilegeToGroupId.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), subject.getSourceId() + " :::: " + subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg1Name(), Privilege.stringValue(set));
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (!StringUtils.equals("T", retrieveValueString)) {
            throw new RuntimeException(retrieveValueString);
        }
        runRulesForOwner(stem);
        return attributeAssign;
    }

    public static AttributeAssign groupIntersectionWithFolder(Subject subject, Group group, Stem stem, Stem.Scope scope) {
        AttributeAssign attributeAssign = group.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckOwnerIdName(), stem.getUuid());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.flattenedMembershipRemoveInFolder.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckStemScopeName(), scope.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.thisGroupAndNotFolderHasImmediateEnabledMembership.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.removeMemberFromOwnerGroup.name());
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign groupIntersection(Subject subject, Group group, Group group2) {
        AttributeAssign attributeAssign = group.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckOwnerIdName(), group2.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.flattenedMembershipRemove.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.thisGroupHasImmediateEnabledMembership.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.removeMemberFromOwnerGroup.name());
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign groupIntersection(Subject subject, Group group, Group group2, int i) {
        AttributeAssign attributeAssign = group.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckOwnerIdName(), group2.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.flattenedMembershipRemove.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.thisGroupHasImmediateEnabledNoEndDateMembership.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.assignMembershipDisabledDaysForOwnerGroupId.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), Integer.toString(i));
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg1Name(), "F");
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static String rulesToString() {
        RuleEngine ruleEngine = RuleEngine.ruleEngine();
        StringBuilder sb = new StringBuilder();
        int i = 0;
        for (RuleDefinition ruleDefinition : ruleEngine.getRuleDefinitions()) {
            sb.append("Rule " + i + ": ");
            sb.append(ruleDefinition.toString()).append("\n");
            i++;
        }
        return sb.toString();
    }

    public static String rulesToString(AttributeAssignable attributeAssignable) {
        Set<AttributeAssign> retrieveAssignments = attributeAssignable.getAttributeDelegate().retrieveAssignments(RuleUtils.ruleAttributeDefName());
        Iterator it = GrouperUtil.nonNull((Set) retrieveAssignments).iterator();
        while (it.hasNext()) {
            if (!((AttributeAssign) it.next()).isEnabled()) {
                it.remove();
            }
        }
        if (GrouperUtil.length(retrieveAssignments) == 0) {
            return "ro rules assigned";
        }
        StringBuilder sb = new StringBuilder();
        int i = 0;
        for (AttributeAssign attributeAssign : retrieveAssignments) {
            sb.append("Rule " + i + ": ");
            sb.append(new RuleDefinition(attributeAssign.getId()).toString());
            if (i < GrouperUtil.length(retrieveAssignments) - 1) {
                sb.append("\n");
            }
            i++;
        }
        return sb.toString();
    }

    public static int runRulesForOwner(AttributeAssignable attributeAssignable) {
        Set<AttributeAssign> retrieveAssignments = attributeAssignable.getAttributeDelegate().retrieveAssignments(RuleUtils.ruleAttributeDefName());
        Iterator it = GrouperUtil.nonNull((Set) retrieveAssignments).iterator();
        while (it.hasNext()) {
            if (!((AttributeAssign) it.next()).isEnabled()) {
                it.remove();
            }
        }
        if (GrouperUtil.length(retrieveAssignments) == 0) {
            return 0;
        }
        int i = 0;
        Iterator<AttributeAssign> it2 = retrieveAssignments.iterator();
        while (it2.hasNext()) {
            RuleDefinition ruleDefinition = new RuleDefinition(it2.next().getId());
            if (ruleDefinition.validate() == null && ruleDefinition.runDaemonOnDefinitionIfShould()) {
                i++;
            }
        }
        return i;
    }

    public static AttributeAssign permissionGroupIntersection(Subject subject, AttributeDef attributeDef, Group group, int i) {
        AttributeAssign attributeAssign = attributeDef.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckOwnerIdName(), group.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.flattenedMembershipRemove.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.thisPermissionDefHasNoEndDateAssignment.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.assignDisabledDaysToOwnerPermissionDefAssignments.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), Integer.toString(i));
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign permissionGroupIntersection(Subject subject, AttributeDef attributeDef, Group group) {
        AttributeAssign attributeAssign = attributeDef.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckOwnerIdName(), group.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.flattenedMembershipRemove.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.thisPermissionDefHasAssignment.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.removeMemberFromOwnerPermissionDefAssignments.name());
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign permissionFolderIntersection(Subject subject, AttributeDef attributeDef, Stem stem, Stem.Scope scope) {
        AttributeAssign attributeAssign = attributeDef.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckOwnerIdName(), stem.getUuid());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.flattenedMembershipRemoveInFolder.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckStemScopeName(), scope.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.thisPermissionDefHasAssignmentAndNotFolder.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.removeMemberFromOwnerPermissionDefAssignments.name());
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign vetoPermissionIfNotInGroup(Subject subject, AttributeDef attributeDef, Group group, String str, String str2) {
        AttributeAssign attributeAssign = attributeDef.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.permissionAssignToSubject.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfConditionEnumName(), RuleIfConditionEnum.groupHasNoEnabledMembership.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleIfOwnerIdName(), group.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.veto.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg0Name(), str);
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumArg1Name(), str2);
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign emailOnFlattenedMembershipRemove(Subject subject, Group group, String str, String str2, String str3) {
        AttributeAssign attributeAssign = group.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.flattenedMembershipRemove.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.sendEmail.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg0Name(), str);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg1Name(), str2);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg2Name(), str3);
        String retrieveValueString = attributeAssign.getAttributeValueDelegate().retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign emailOnFlattenedMembershipAddFromStem(Subject subject, Stem stem, Stem.Scope scope, String str, String str2, String str3) {
        AttributeAssign attributeAssign = stem.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.flattenedMembershipAddInFolder.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckStemScopeName(), scope.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.sendEmail.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg0Name(), str);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg1Name(), str2);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg2Name(), str3);
        String retrieveValueString = attributeAssign.getAttributeValueDelegate().retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign emailOnFlattenedMembershipRemoveFromStem(Subject subject, Stem stem, Stem.Scope scope, String str, String str2, String str3) {
        AttributeAssign attributeAssign = stem.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.flattenedMembershipRemoveInFolder.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckStemScopeName(), scope.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.sendEmail.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg0Name(), str);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg1Name(), str2);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg2Name(), str3);
        String retrieveValueString = attributeAssign.getAttributeValueDelegate().retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign emailOnFlattenedMembershipAdd(Subject subject, Group group, String str, String str2, String str3) {
        AttributeAssign attributeAssign = group.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.flattenedMembershipAdd.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.sendEmail.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg0Name(), str);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg1Name(), str2);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg2Name(), str3);
        String retrieveValueString = attributeAssign.getAttributeValueDelegate().retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign emailOnFlattenedDisabledDate(Subject subject, Group group, Integer num, Integer num2, String str, String str2, String str3) {
        AttributeAssign attributeAssign = group.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.membershipDisabledDate.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckArg0Name(), num == null ? null : num.toString());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckArg1Name(), num2 == null ? null : num2.toString());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.sendEmail.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg0Name(), str);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg1Name(), str2);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg2Name(), str3);
        String retrieveValueString = attributeAssign.getAttributeValueDelegate().retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign emailOnFlattenedPermissionDisabledDate(Subject subject, AttributeDef attributeDef, Integer num, Integer num2, String str, String str2, String str3) {
        AttributeAssign attributeAssign = attributeDef.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.permissionDisabledDate.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckArg0Name(), num == null ? null : num.toString());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleCheckArg1Name(), num2 == null ? null : num2.toString());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.sendEmail.name());
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg0Name(), str);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg1Name(), str2);
        attributeAssign.getAttributeValueDelegate().assignValue(RuleUtils.ruleThenEnumArg2Name(), str3);
        String retrieveValueString = attributeAssign.getAttributeValueDelegate().retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }

    public static AttributeAssign reassignStemPrivilegesIfFromGroup(Subject subject, Stem stem, Stem.Scope scope) {
        AttributeAssign attributeAssign = stem.getAttributeDelegate().addAttribute(RuleUtils.ruleAttributeDefName()).getAttributeAssign();
        AttributeValueDelegate attributeValueDelegate = attributeAssign.getAttributeValueDelegate();
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectSourceIdName(), subject.getSourceId());
        attributeValueDelegate.assignValue(RuleUtils.ruleActAsSubjectIdName(), subject.getId());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckTypeName(), RuleCheckType.stemCreate.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleCheckStemScopeName(), scope.name());
        attributeValueDelegate.assignValue(RuleUtils.ruleThenEnumName(), RuleThenEnum.reassignStemPrivilegesIfFromGroup.name());
        String retrieveValueString = attributeValueDelegate.retrieveValueString(RuleUtils.ruleValidName());
        if (StringUtils.equals("T", retrieveValueString)) {
            return attributeAssign;
        }
        throw new RuntimeException(retrieveValueString);
    }
}
