package edu.internet2.middleware.grouper;

import edu.internet2.middleware.grouper.exception.GroupNotFoundException;
import edu.internet2.middleware.grouper.exception.InsufficientPrivilegeException;
import edu.internet2.middleware.grouper.hibernate.GrouperTransaction;
import edu.internet2.middleware.grouper.hibernate.GrouperTransactionHandler;
import edu.internet2.middleware.grouper.internal.dao.GrouperDAOException;
import edu.internet2.middleware.grouper.internal.dao.QueryOptions;
import edu.internet2.middleware.grouper.membership.MembershipType;
import edu.internet2.middleware.grouper.misc.GrouperDAOFactory;
import edu.internet2.middleware.grouper.misc.SaveMode;
import edu.internet2.middleware.grouper.misc.SaveResultType;
import edu.internet2.middleware.grouper.privs.AccessPrivilege;
import edu.internet2.middleware.grouper.privs.Privilege;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.subject.Subject;
import edu.internet2.middleware.subject.SubjectNotFoundException;
import edu.internet2.middleware.subject.SubjectUtils;
import org.apache.commons.lang.ObjectUtils;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:WEB-INF/lib/grouper-5.0.1.jar:edu/internet2/middleware/grouper/PrivilegeGroupSave.class */
public class PrivilegeGroupSave {
    private String groupId;
    private Group group;
    private String groupName;
    private String memberId;
    private String subjectId;
    private String subjectSourceId;
    private String subjectIdentifier;
    private String immediateMembershipId;
    private SaveMode saveMode;
    private String fieldId;
    private String fieldName;
    private Field field;
    private Subject subject = null;
    private Member member = null;
    private SaveResultType saveResultType = null;

    public PrivilegeGroupSave assignGroupId(String str) {
        this.groupId = str;
        return this;
    }

    public PrivilegeGroupSave assignGroup(Group group) {
        this.group = group;
        return this;
    }

    public PrivilegeGroupSave assignSubject(Subject subject) {
        this.subject = subject;
        return this;
    }

    public PrivilegeGroupSave assignMember(Member member) {
        this.member = member;
        return this;
    }

    public PrivilegeGroupSave assignGroupName(String str) {
        this.groupName = str;
        return this;
    }

    public PrivilegeGroupSave assignMemberId(String str) {
        this.memberId = str;
        return this;
    }

    public PrivilegeGroupSave assignSubjectId(String str) {
        this.subjectId = str;
        return this;
    }

    public PrivilegeGroupSave assignSubjectSourceId(String str) {
        this.subjectSourceId = str;
        return this;
    }

    public PrivilegeGroupSave assignSubjectIdentifier(String str) {
        this.subjectIdentifier = str;
        return this;
    }

    public PrivilegeGroupSave assignImmediateMembershipId(String str) {
        this.immediateMembershipId = str;
        return this;
    }

    public PrivilegeGroupSave assignSaveMode(SaveMode saveMode) {
        this.saveMode = saveMode;
        return this;
    }

    public SaveResultType getSaveResultType() {
        return this.saveResultType;
    }

    public PrivilegeGroupSave assignFieldId(String str) {
        this.fieldId = str;
        return this;
    }

    public PrivilegeGroupSave assignFieldName(String str) {
        this.fieldName = str;
        return this;
    }

    public PrivilegeGroupSave assignField(Field field) {
        this.field = field;
        return this;
    }

    public Membership save() throws InsufficientPrivilegeException, GroupNotFoundException {
        this.saveMode = (SaveMode) ObjectUtils.defaultIfNull(this.saveMode, SaveMode.INSERT_OR_UPDATE);
        return (Membership) GrouperTransaction.callbackGrouperTransaction(new GrouperTransactionHandler() { // from class: edu.internet2.middleware.grouper.PrivilegeGroupSave.1
            @Override // edu.internet2.middleware.grouper.hibernate.GrouperTransactionHandler
            public Object callback(GrouperTransaction grouperTransaction) throws GrouperDAOException {
                grouperTransaction.setCachingEnabled(false);
                Membership membership = null;
                if (0 == 0 && !StringUtils.isBlank(PrivilegeGroupSave.this.immediateMembershipId)) {
                    membership = MembershipFinder.findByUuid(GrouperSession.staticGrouperSession(), PrivilegeGroupSave.this.immediateMembershipId, false, false);
                }
                if (PrivilegeGroupSave.this.group == null && !StringUtils.isBlank(PrivilegeGroupSave.this.groupId)) {
                    PrivilegeGroupSave.this.group = GroupFinder.findByUuid(GrouperSession.staticGrouperSession(), PrivilegeGroupSave.this.groupId, false, new QueryOptions().secondLevelCache(false));
                }
                if (PrivilegeGroupSave.this.group == null && !StringUtils.isBlank(PrivilegeGroupSave.this.groupName)) {
                    PrivilegeGroupSave.this.group = GroupFinder.findByName(GrouperSession.staticGrouperSession(), PrivilegeGroupSave.this.groupName, false, new QueryOptions().secondLevelCache(false));
                }
                if (membership != null && PrivilegeGroupSave.this.group == null) {
                    PrivilegeGroupSave.this.group = GroupFinder.findByUuid(GrouperSession.staticGrouperSession(), membership.getOwnerGroupId(), true, new QueryOptions().secondLevelCache(false));
                }
                GrouperUtil.assertion(PrivilegeGroupSave.this.group != null, "Group not found");
                if (PrivilegeGroupSave.this.member == null && !StringUtils.isBlank(PrivilegeGroupSave.this.memberId)) {
                    PrivilegeGroupSave.this.member = MemberFinder.findByUuid(GrouperSession.staticGrouperSession(), PrivilegeGroupSave.this.memberId, false);
                }
                if (PrivilegeGroupSave.this.subject == null && !StringUtils.isBlank(PrivilegeGroupSave.this.subjectId) && !StringUtils.isBlank(PrivilegeGroupSave.this.subjectSourceId)) {
                    PrivilegeGroupSave.this.subject = SubjectFinder.findByIdAndSource(PrivilegeGroupSave.this.subjectId, PrivilegeGroupSave.this.subjectSourceId, false);
                }
                if (PrivilegeGroupSave.this.subject == null && !StringUtils.isBlank(PrivilegeGroupSave.this.subjectId) && StringUtils.isBlank(PrivilegeGroupSave.this.subjectSourceId)) {
                    PrivilegeGroupSave.this.subject = SubjectFinder.findById(PrivilegeGroupSave.this.subjectId, false);
                }
                if (PrivilegeGroupSave.this.subject == null && !StringUtils.isBlank(PrivilegeGroupSave.this.subjectIdentifier) && !StringUtils.isBlank(PrivilegeGroupSave.this.subjectSourceId)) {
                    PrivilegeGroupSave.this.subject = SubjectFinder.findByIdentifierAndSource(PrivilegeGroupSave.this.subjectIdentifier, PrivilegeGroupSave.this.subjectSourceId, false);
                }
                if (PrivilegeGroupSave.this.subject == null && !StringUtils.isBlank(PrivilegeGroupSave.this.subjectIdentifier) && StringUtils.isBlank(PrivilegeGroupSave.this.subjectSourceId)) {
                    PrivilegeGroupSave.this.subject = SubjectFinder.findByIdentifier(PrivilegeGroupSave.this.subjectIdentifier, false);
                }
                if (PrivilegeGroupSave.this.subject == null && PrivilegeGroupSave.this.member != null) {
                    PrivilegeGroupSave.this.subject = PrivilegeGroupSave.this.member.getSubject();
                }
                if (PrivilegeGroupSave.this.member == null && PrivilegeGroupSave.this.subject != null) {
                    PrivilegeGroupSave.this.member = MemberFinder.findBySubject(GrouperSession.staticGrouperSession(), PrivilegeGroupSave.this.subject, PrivilegeGroupSave.this.saveMode != SaveMode.DELETE);
                }
                if (PrivilegeGroupSave.this.subject == null) {
                    throw new SubjectNotFoundException("Cant find subject" + ((PrivilegeGroupSave.this.subjectId == null || PrivilegeGroupSave.this.subjectSourceId == null) ? "" : ": " + PrivilegeGroupSave.this.subjectSourceId + ", " + PrivilegeGroupSave.this.subjectId));
                }
                if (PrivilegeGroupSave.this.member == null) {
                    throw new SubjectNotFoundException("Cant find member" + ((PrivilegeGroupSave.this.subjectId == null || PrivilegeGroupSave.this.subjectSourceId == null) ? "" : ": " + PrivilegeGroupSave.this.subjectSourceId + ", " + PrivilegeGroupSave.this.subjectId));
                }
                if (PrivilegeGroupSave.this.field == null && !StringUtils.isBlank(PrivilegeGroupSave.this.fieldId)) {
                    PrivilegeGroupSave.this.field = FieldFinder.findById(PrivilegeGroupSave.this.fieldId, true);
                }
                if (PrivilegeGroupSave.this.field == null && !StringUtils.isBlank(PrivilegeGroupSave.this.fieldName)) {
                    PrivilegeGroupSave.this.field = FieldFinder.find(PrivilegeGroupSave.this.fieldName, true, true);
                }
                GrouperUtil.assertion(PrivilegeGroupSave.this.field != null, "Field not found");
                GrouperUtil.assertion(PrivilegeGroupSave.this.field.isGroupAccessField(), "Must be group access field '" + PrivilegeGroupSave.this.field.getName() + "'");
                if (membership == null) {
                    membership = GrouperDAOFactory.getFactory().getMembership().findByGroupOwnerAndMemberAndFieldAndType(PrivilegeGroupSave.this.group.getId(), PrivilegeGroupSave.this.member.getId(), PrivilegeGroupSave.this.field, MembershipType.IMMEDIATE.getTypeString(), false, true);
                }
                if (!PrivilegeGroupSave.this.group.canHavePrivilege(GrouperSession.staticGrouperSession().getSubject(), AccessPrivilege.ADMIN.getName(), false)) {
                    throw new RuntimeException("Subject '" + SubjectUtils.subjectToString(GrouperSession.staticGrouperSession().getSubject()) + "' cannot ADMIN group '" + PrivilegeGroupSave.this.group.getName() + "'");
                }
                if (PrivilegeGroupSave.this.saveMode == SaveMode.DELETE) {
                    if (membership == null) {
                        PrivilegeGroupSave.this.saveResultType = SaveResultType.NO_CHANGE;
                        return null;
                    }
                    PrivilegeGroupSave.this.group.revokePriv(PrivilegeGroupSave.this.subject, Privilege.listToPriv(PrivilegeGroupSave.this.field.getName(), true), false);
                    PrivilegeGroupSave.this.saveResultType = SaveResultType.DELETE;
                    return membership;
                }
                if (PrivilegeGroupSave.this.saveMode == SaveMode.INSERT && membership != null) {
                    throw new RuntimeException("Inserting membership but it already exists!");
                }
                if (PrivilegeGroupSave.this.saveMode == SaveMode.UPDATE && membership == null) {
                    throw new RuntimeException("Updating membership but it doesnt exist!");
                }
                if (membership != null) {
                    PrivilegeGroupSave.this.saveResultType = SaveResultType.NO_CHANGE;
                    return membership;
                }
                PrivilegeGroupSave.this.group.internal_grantPriv(PrivilegeGroupSave.this.subject, AccessPrivilege.listToPriv(PrivilegeGroupSave.this.field.getName()), false, PrivilegeGroupSave.this.immediateMembershipId);
                PrivilegeGroupSave.this.saveResultType = SaveResultType.INSERT;
                return membership;
            }
        });
    }
}
