package edu.internet2.middleware.grouper.rules;

import edu.internet2.middleware.grouper.GrouperSession;
import edu.internet2.middleware.grouper.MembershipFinder;
import edu.internet2.middleware.grouper.Stem;
import edu.internet2.middleware.grouper.SubjectFinder;
import edu.internet2.middleware.grouper.internal.dao.QueryOptions;
import edu.internet2.middleware.grouper.privs.AccessPrivilege;
import edu.internet2.middleware.grouper.privs.AttributeDefPrivilege;
import edu.internet2.middleware.grouper.privs.NamingPrivilege;
import edu.internet2.middleware.grouper.privs.PrivilegeHelper;
import edu.internet2.middleware.grouper.subj.SubjectHelper;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.subject.Subject;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* loaded from: input_file:WEB-INF/lib/grouper-5.0.3.jar:edu/internet2/middleware/grouper/rules/RuleFinder.class */
public class RuleFinder {
    public static Set<RuleDefinition> findGroupPrivilegeInheritRules(Stem stem) {
        HashSet hashSet = new HashSet(GrouperUtil.nonNull((Set) RuleEngine.ruleEngine().ruleCheckIndexDefinitionsByNameOrIdInFolder(new RuleCheck(RuleCheckType.groupCreate.name(), null, stem.isRootStem() ? "qwertyuiopasdfghjkl:b" : stem.getName() + ":b", null, null, null))));
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            if (((RuleDefinition) it.next()).getThen().thenEnum() != RuleThenEnum.assignGroupPrivilegeToGroupId) {
                it.remove();
            }
        }
        return hashSet;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:43:0x0127. Please report as an issue. */
    public static Set<RuleDefinition> findPrivilegeInheritRules(boolean z) {
        RuleEngine ruleEngine = RuleEngine.ruleEngine();
        HashSet hashSet = new HashSet();
        Subject subject = GrouperSession.staticGrouperSession().getSubject();
        boolean isWheelOrRoot = PrivilegeHelper.isWheelOrRoot(GrouperSession.staticGrouperSession().getSubject());
        for (RuleDefinition ruleDefinition : ruleEngine.getRuleDefinitions()) {
            if (ruleDefinition != null && ruleDefinition.getCheck() != null && ruleDefinition.getCheck().checkTypeEnum() != null) {
                switch (ruleDefinition.getCheck().checkTypeEnum()) {
                    case attributeDefCreate:
                    case groupCreate:
                    case stemCreate:
                        if (ruleDefinition.getThen() != null && ruleDefinition.getThen().thenEnum() != null) {
                            switch (ruleDefinition.getThen().thenEnum()) {
                                case assignAttributeDefPrivilegeToAttributeDefId:
                                case assignGroupPrivilegeToGroupId:
                                case assignStemPrivilegeToStemId:
                                    Stem ownerStemFailsafe = ruleDefinition.getAttributeAssignType().getOwnerStemFailsafe();
                                    if (ownerStemFailsafe == null) {
                                        break;
                                    } else {
                                        boolean z2 = isWheelOrRoot || !z;
                                        if (!z2 && ownerStemFailsafe.canHavePrivilege(subject, NamingPrivilege.STEM_ADMIN.getName(), false)) {
                                            z2 = true;
                                        }
                                        if (!z2) {
                                            Stem.Scope valueOfIgnoreCase = Stem.Scope.valueOfIgnoreCase(ruleDefinition.getCheck().getCheckStemScope(), false);
                                            if (valueOfIgnoreCase == null) {
                                                break;
                                            } else {
                                                switch (ruleDefinition.getCheck().checkTypeEnum()) {
                                                    case attributeDefCreate:
                                                        z2 = new MembershipFinder().assignStem(ownerStemFailsafe).assignStemScope(valueOfIgnoreCase).assignField(AttributeDefPrivilege.ATTR_ADMIN.getField()).assignQueryOptionsForAttributeDef(new QueryOptions().paging(1, 1, false)).findMembershipsMembers().size() > 0;
                                                        break;
                                                    case groupCreate:
                                                        z2 = new MembershipFinder().assignStem(ownerStemFailsafe).assignStemScope(valueOfIgnoreCase).assignField(AccessPrivilege.ADMIN.getField()).assignQueryOptionsForGroup(new QueryOptions().paging(1, 1, false)).findMembershipsMembers().size() > 0;
                                                        break;
                                                    case stemCreate:
                                                        z2 = new MembershipFinder().assignStem(ownerStemFailsafe).assignStemScope(valueOfIgnoreCase).assignField(NamingPrivilege.STEM_ADMIN.getField()).assignQueryOptionsForStem(new QueryOptions().paging(1, 1, false)).findMembershipsMembers().size() > 0;
                                                        break;
                                                }
                                            }
                                        }
                                        if (z2) {
                                            hashSet.add(ruleDefinition);
                                            break;
                                        } else {
                                            break;
                                        }
                                    }
                                    break;
                            }
                        }
                        break;
                }
            }
        }
        return hashSet;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:40:0x012b. Please report as an issue. */
    public static Set<RuleDefinition> findSubjectPrivilegeInheritRules(Subject subject, boolean z) {
        Stem ownerStemFailsafe;
        RuleEngine ruleEngine = RuleEngine.ruleEngine();
        HashSet hashSet = new HashSet();
        Subject subject2 = GrouperSession.staticGrouperSession().getSubject();
        boolean isWheelOrRoot = PrivilegeHelper.isWheelOrRoot(GrouperSession.staticGrouperSession().getSubject());
        for (RuleDefinition ruleDefinition : ruleEngine.getRuleDefinitions()) {
            if (ruleDefinition.getThen() != null && ruleDefinition.getThen().thenEnum() != null) {
                switch (ruleDefinition.getCheck().checkTypeEnum()) {
                    case attributeDefCreate:
                    case groupCreate:
                    case stemCreate:
                        switch (ruleDefinition.getThen().thenEnum()) {
                            case assignAttributeDefPrivilegeToAttributeDefId:
                            case assignGroupPrivilegeToGroupId:
                            case assignStemPrivilegeToStemId:
                                Subject findByPackedSubjectString = SubjectFinder.findByPackedSubjectString(ruleDefinition.getThen().getThenEnumArg0(), false);
                                if (subject != null && SubjectHelper.eq(findByPackedSubjectString, subject) && (ownerStemFailsafe = ruleDefinition.getAttributeAssignType().getOwnerStemFailsafe()) != null) {
                                    boolean z2 = isWheelOrRoot || !z;
                                    if (!z2 && !ownerStemFailsafe.canHavePrivilege(subject2, NamingPrivilege.STEM_ADMIN.getName(), false)) {
                                        z2 = true;
                                    }
                                    if (!z2) {
                                        Stem.Scope valueOfIgnoreCase = Stem.Scope.valueOfIgnoreCase(ruleDefinition.getCheck().getCheckStemScope(), false);
                                        if (valueOfIgnoreCase == null) {
                                            break;
                                        } else {
                                            switch (ruleDefinition.getCheck().checkTypeEnum()) {
                                                case attributeDefCreate:
                                                    z2 = new MembershipFinder().assignScope(ownerStemFailsafe.getName()).assignStemScope(valueOfIgnoreCase).assignField(AttributeDefPrivilege.ATTR_ADMIN.getField()).assignQueryOptionsForAttributeDef(new QueryOptions().paging(1, 1, false)).findMembership(false) != null;
                                                    break;
                                                case groupCreate:
                                                    z2 = new MembershipFinder().assignScope(ownerStemFailsafe.getName()).assignStemScope(valueOfIgnoreCase).assignField(AccessPrivilege.ADMIN.getField()).assignQueryOptionsForGroup(new QueryOptions().paging(1, 1, false)).findMembership(false) != null;
                                                    break;
                                                case stemCreate:
                                                    z2 = new MembershipFinder().assignScope(ownerStemFailsafe.getName()).assignStemScope(valueOfIgnoreCase).assignField(NamingPrivilege.STEM_ADMIN.getField()).assignQueryOptionsForStem(new QueryOptions().paging(1, 1, false)).findMembership(false) != null;
                                                    break;
                                            }
                                        }
                                    }
                                    if (z2) {
                                        hashSet.add(ruleDefinition);
                                        break;
                                    } else {
                                        break;
                                    }
                                }
                                break;
                        }
                }
            }
        }
        return hashSet;
    }

    public static Set<RuleDefinition> findFolderPrivilegeInheritRules(Stem stem) {
        Set<RuleDefinition> ruleCheckIndexDefinitionsByNameOrIdInFolder = RuleEngine.ruleEngine().ruleCheckIndexDefinitionsByNameOrIdInFolder(new RuleCheck(RuleCheckType.stemCreate.name(), null, stem.isRootStem() ? "qwertyuiopasdfghjkl:b" : stem.getName() + ":b", null, null, null));
        Iterator<RuleDefinition> it = ruleCheckIndexDefinitionsByNameOrIdInFolder.iterator();
        while (it.hasNext()) {
            if (it.next().getThen().thenEnum() != RuleThenEnum.assignStemPrivilegeToStemId) {
                it.remove();
            }
        }
        return ruleCheckIndexDefinitionsByNameOrIdInFolder;
    }

    public static Set<RuleDefinition> findAttributeDefPrivilegeInheritRules(Stem stem) {
        Set<RuleDefinition> ruleCheckIndexDefinitionsByNameOrIdInFolder = RuleEngine.ruleEngine().ruleCheckIndexDefinitionsByNameOrIdInFolder(new RuleCheck(RuleCheckType.attributeDefCreate.name(), null, stem.isRootStem() ? "qwertyuiopasdfghjkl:b" : stem.getName() + ":b", null, null, null));
        Iterator<RuleDefinition> it = ruleCheckIndexDefinitionsByNameOrIdInFolder.iterator();
        while (it.hasNext()) {
            if (it.next().getThen().thenEnum() != RuleThenEnum.assignAttributeDefPrivilegeToAttributeDefId) {
                it.remove();
            }
        }
        return ruleCheckIndexDefinitionsByNameOrIdInFolder;
    }
}
