package edu.internet2.middleware.grouper.grouperUi.serviceLogic;

import edu.internet2.middleware.grouper.Group;
import edu.internet2.middleware.grouper.GroupFinder;
import edu.internet2.middleware.grouper.GrouperSession;
import edu.internet2.middleware.grouper.MemberFinder;
import edu.internet2.middleware.grouper.SubjectFinder;
import edu.internet2.middleware.grouper.cfg.GrouperConfig;
import edu.internet2.middleware.grouper.group.TypeOfGroup;
import edu.internet2.middleware.grouper.grouperUi.beans.api.GuiMember;
import edu.internet2.middleware.grouper.grouperUi.beans.groupUpdate.GroupUpdateRequestContainer;
import edu.internet2.middleware.grouper.grouperUi.beans.json.GuiResponseJs;
import edu.internet2.middleware.grouper.grouperUi.beans.json.GuiScreenAction;
import edu.internet2.middleware.grouper.internal.dao.QueryOptions;
import edu.internet2.middleware.grouper.internal.dao.QueryPaging;
import edu.internet2.middleware.grouper.misc.GrouperDAOFactory;
import edu.internet2.middleware.grouper.privs.AccessPrivilege;
import edu.internet2.middleware.grouper.privs.Privilege;
import edu.internet2.middleware.grouper.ui.GrouperUiFilter;
import edu.internet2.middleware.grouper.ui.exceptions.ControllerDone;
import edu.internet2.middleware.grouper.ui.util.GrouperUiConfig;
import edu.internet2.middleware.grouper.ui.util.GrouperUiUtils;
import edu.internet2.middleware.grouper.ui.util.HttpContentType;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.subject.Subject;
import edu.internet2.middleware.subject.SubjectTooManyResults;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:edu/internet2/middleware/grouper/grouperUi/serviceLogic/SimpleGroupUpdateFilter.class */
public class SimpleGroupUpdateFilter {
    private static final Log LOG = LogFactory.getLog(SimpleGroupUpdateFilter.class);

    public boolean editGroupHelper(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Group group, boolean z) {
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
        GroupUpdateRequestContainer retrieveFromRequestOrCreate = GroupUpdateRequestContainer.retrieveFromRequestOrCreate();
        try {
            GrouperSession start = GrouperSession.start(retrieveSubjectLoggedIn);
            if (z && !group.hasAdmin(retrieveSubjectLoggedIn)) {
                LOG.error("Subject " + GrouperUtil.subjectToString(retrieveSubjectLoggedIn) + " cannot admin group: " + group.getName());
                retrieveGuiResponseJs.addAction(GuiScreenAction.newAlert(GrouperUiUtils.message("simpleGroupUpdate.errorCantEditGroup", false)));
                GrouperSession.stopQuietly(start);
                return false;
            }
            retrieveFromRequestOrCreate.setGroupToEdit(group);
            retrieveFromRequestOrCreate.setCreate(false);
            Subject findAllSubject = SubjectFinder.findAllSubject();
            retrieveFromRequestOrCreate.setAllowAllAdmin(group.hasAdmin(findAllSubject));
            retrieveFromRequestOrCreate.setAllowAllUpdate(group.hasUpdate(findAllSubject));
            retrieveFromRequestOrCreate.setAllowAllView(group.hasView(findAllSubject));
            retrieveFromRequestOrCreate.setAllowAllRead(group.hasRead(findAllSubject));
            retrieveFromRequestOrCreate.setAllowAllOptin(group.hasOptin(findAllSubject));
            retrieveFromRequestOrCreate.setAllowAllOptout(group.hasOptout(findAllSubject));
            retrieveFromRequestOrCreate.setAllowAllGroupAttrRead(group.hasGroupAttrRead(findAllSubject));
            retrieveFromRequestOrCreate.setAllowAllGroupAttrUpdate(group.hasGroupAttrUpdate(findAllSubject));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#groupEditPanel", "/WEB-INF/grouperUi/templates/groupUpdate/groupEditPanel.jsp"));
            GrouperSession.stopQuietly(start);
            return true;
        } catch (Throwable th) {
            GrouperSession.stopQuietly((GrouperSession) null);
            throw th;
        }
    }

    public void filterRoles(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        GrouperSession grouperSession = null;
        String parameter = httpServletRequest.getParameter("mask");
        try {
            try {
                grouperSession = GrouperSession.start(retrieveSubjectLoggedIn);
                Set set = null;
                StringBuilder sb = new StringBuilder(GrouperUiUtils.DHTMLX_OPTIONS_START);
                QueryOptions queryOptions = null;
                if (StringUtils.defaultString(parameter).length() < 2) {
                    GrouperUiUtils.dhtmlxOptionAppend(sb, "", GrouperUiUtils.message("simpleGroupUpdate.errorNotEnoughChars", false), "bullet_error.png");
                } else {
                    queryOptions = new QueryOptions().paging(GrouperUiConfig.retrieveConfig().propertyValueInt("simpleGroupUpdate.groupComboboxResultSize", 200), 1, true).sortAsc("theGroup.displayNameDb");
                    set = GrouperDAOFactory.getFactory().getGroup().getAllGroupsSplitScopeSecure(parameter, grouperSession, retrieveSubjectLoggedIn, GrouperUtil.toSet(new Privilege[]{AccessPrivilege.ADMIN, AccessPrivilege.UPDATE}), queryOptions, TypeOfGroup.role);
                    if (GrouperUtil.length(set) == 0) {
                        GrouperUiUtils.dhtmlxOptionAppend(sb, "", GrouperUiUtils.message("simpleGroupUpdate.errorNoRolesFound", false), "bullet_error.png");
                    }
                }
                for (Group group : GrouperUtil.nonNull(set)) {
                    GrouperUiUtils.dhtmlxOptionAppend(sb, group.getId(), GrouperUiUtils.escapeHtml(group.getDisplayName(), true), GrouperUiUtils.imageFromSubjectSource("g:rsa"));
                }
                if (queryOptions != null && queryOptions.getCount() != null && set != null && queryOptions.getCount().longValue() > set.size()) {
                    GrouperUiUtils.dhtmlxOptionAppend(sb, "", GrouperUiUtils.message("simpleGroupUpdate.errorTooManyRoles", false), "bullet_error.png");
                }
                sb.append(GrouperUiUtils.DHTMLX_OPTIONS_END);
                GrouperUiUtils.printToScreen(sb.toString(), HttpContentType.TEXT_XML, false, false);
                GrouperSession.stopQuietly(grouperSession);
            } catch (Exception e) {
                LOG.error("Error searching for role: '" + parameter + "', " + e.getMessage(), e);
                StringBuilder sb2 = new StringBuilder(GrouperUiUtils.DHTMLX_OPTIONS_START);
                GrouperUiUtils.dhtmlxOptionAppend(sb2, null, GrouperUiUtils.escapeHtml("Error searching for roles: " + parameter + ", " + e.getMessage(), true), null);
                sb2.append(GrouperUiUtils.DHTMLX_OPTIONS_END);
                GrouperUiUtils.printToScreen(sb2.toString(), HttpContentType.TEXT_XML, false, false);
                GrouperSession.stopQuietly(grouperSession);
            }
            throw new ControllerDone();
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public void editGroupButton(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        String parameter = httpServletRequest.getParameter("simpleGroupUpdatePickGroup");
        GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
        if (StringUtils.isBlank(parameter)) {
            retrieveGuiResponseJs.addAction(GuiScreenAction.newAlert(GrouperUiUtils.message("simpleGroupUpdate.errorCantEditGroup", false)));
            return;
        }
        GrouperSession grouperSession = null;
        try {
            grouperSession = GrouperSession.start(retrieveSubjectLoggedIn);
            try {
                Group findByUuid = GroupFinder.findByUuid(grouperSession, parameter, true);
                GrouperSession.stopQuietly(grouperSession);
                editGroupHelper(httpServletRequest, httpServletResponse, findByUuid, true);
            } catch (Exception e) {
                LOG.info("Error searching for group: " + parameter, e);
                retrieveGuiResponseJs.addAction(GuiScreenAction.newAlert(GrouperUiUtils.message("simpleGroupUpdate.errorCantEditGroup", false)));
                GrouperSession.stopQuietly(grouperSession);
            }
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public void newGroupButton(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        GroupUpdateRequestContainer retrieveFromRequestOrCreate = GroupUpdateRequestContainer.retrieveFromRequestOrCreate();
        GrouperSession grouperSession = null;
        try {
            grouperSession = GrouperSession.start(retrieveSubjectLoggedIn);
            retrieveFromRequestOrCreate.setGroupToEdit(new Group());
            retrieveFromRequestOrCreate.setCreate(true);
            GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
            retrieveFromRequestOrCreate.setAllowAllAdmin(GrouperConfig.getPropertyBoolean("groups.create.grant.all.admin", false));
            retrieveFromRequestOrCreate.setAllowAllUpdate(GrouperConfig.getPropertyBoolean("groups.create.grant.all.update", false));
            retrieveFromRequestOrCreate.setAllowAllRead(GrouperConfig.getPropertyBoolean("groups.create.grant.all.read", false));
            retrieveFromRequestOrCreate.setAllowAllView(GrouperConfig.getPropertyBoolean("groups.create.grant.all.view", false));
            retrieveFromRequestOrCreate.setAllowAllOptin(GrouperConfig.getPropertyBoolean("groups.create.grant.all.optin", false));
            retrieveFromRequestOrCreate.setAllowAllOptout(GrouperConfig.getPropertyBoolean("groups.create.grant.all.optout", false));
            retrieveFromRequestOrCreate.setAllowAllGroupAttrRead(GrouperConfig.getPropertyBoolean("groups.create.grant.all.groupAttrRead", false));
            retrieveFromRequestOrCreate.setAllowAllGroupAttrUpdate(GrouperConfig.getPropertyBoolean("groups.create.grant.all.groupAttrUpdate", false));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#groupEditPanel", "/WEB-INF/grouperUi/templates/groupUpdate/groupEditPanel.jsp"));
            GrouperSession.stopQuietly(grouperSession);
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public void filterCreatableNamespace(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        new SimpleAttributeUpdateFilter().filterCreatableNamespace(httpServletRequest, httpServletResponse);
    }

    public void addPrivilegeSubject(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
        GroupUpdateRequestContainer retrieveFromRequestOrCreate = GroupUpdateRequestContainer.retrieveFromRequestOrCreate();
        GrouperSession grouperSession = null;
        try {
            grouperSession = GrouperSession.start(retrieveSubjectLoggedIn);
            String parameter = httpServletRequest.getParameter("simpleGroupUpdatePrivilegeSubject");
            if (StringUtils.isBlank(parameter)) {
                LOG.error("Why is subject blank?");
                retrieveGuiResponseJs.addAction(GuiScreenAction.newAlert(GrouperUiUtils.message("simpleGroupUpdate.additionalPrivilegeSubjectNotFound", false)));
                GrouperSession.stopQuietly(grouperSession);
                return;
            }
            try {
                retrieveFromRequestOrCreate.privilegeAdditionalGuiMembers().add(0, new GuiMember(MemberFinder.findBySubject(grouperSession, GrouperUiUtils.findSubject(parameter, true), true)));
                GrouperSession.stopQuietly(grouperSession);
                new SimpleGroupUpdate().groupEditPanelPrivileges(httpServletRequest, httpServletResponse);
            } catch (Exception e) {
                LOG.error("Error finding subject: " + parameter, e);
                retrieveGuiResponseJs.addAction(GuiScreenAction.newAlert(GrouperUiUtils.message("simpleGroupUpdate.additionalPrivilegeSubjectNotFound", false)));
                GrouperSession.stopQuietly(grouperSession);
            }
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public void filterPrivilegeUsers(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        String parameter = httpServletRequest.getParameter("groupToEditId");
        GroupUpdateRequestContainer retrieveFromRequestOrCreate = GroupUpdateRequestContainer.retrieveFromRequestOrCreate();
        GrouperSession grouperSession = null;
        String parameter2 = httpServletRequest.getParameter("mask");
        Group group = null;
        boolean z = false;
        try {
            try {
                StringBuilder sb = new StringBuilder(GrouperUiUtils.DHTMLX_OPTIONS_START);
                if (0 == 0 && StringUtils.isBlank(parameter)) {
                    GrouperUiUtils.dhtmlxOptionAppend(sb, "", GrouperUiUtils.message("simpleGroupUpdate.errorCantEditGroup", false), null);
                    z = true;
                }
                grouperSession = GrouperSession.start(retrieveSubjectLoggedIn);
                if (!z) {
                    try {
                        group = GroupFinder.findByUuid(grouperSession, parameter, true);
                    } catch (Exception e) {
                        LOG.info("Error searching for group: " + parameter, e);
                        GrouperUiUtils.dhtmlxOptionAppend(sb, "", GrouperUiUtils.message("simpleGroupUpdate.errorCantEditGroup", false), null);
                        z = true;
                    }
                    if (!z && !group.hasAdmin(retrieveSubjectLoggedIn)) {
                        LOG.error("Subject " + GrouperUtil.subjectToString(retrieveSubjectLoggedIn) + " cannot admin group: " + group.getName());
                        GrouperUiUtils.dhtmlxOptionAppend(sb, "", GrouperUiUtils.message("simpleGroupUpdate.errorCantEditGroup", false), null);
                        z = true;
                    }
                }
                if (!z) {
                    retrieveFromRequestOrCreate.setGroupToEdit(group);
                    Set<Subject> set = null;
                    QueryPaging queryPaging = null;
                    boolean z2 = false;
                    if (StringUtils.defaultString(parameter2).length() < 2) {
                        GrouperUiUtils.dhtmlxOptionAppend(sb, "", GrouperUiUtils.message("simpleGroupUpdate.errorNotEnoughChars", false), null);
                    } else {
                        try {
                            Set results = SubjectFinder.findPageInStem(group.getParentStemName(), parameter2).getResults();
                            queryPaging = new QueryPaging(GrouperUiConfig.retrieveConfig().propertyValueInt("simpleGroupUpdate.groupPrivilegeUserComboboxResultSize", 50), 1, true);
                            set = GrouperUiUtils.subjectsSortedPaged(results, queryPaging, parameter2);
                        } catch (SubjectTooManyResults e2) {
                            z2 = true;
                        }
                    }
                    for (Subject subject : GrouperUtil.nonNull(set)) {
                        GrouperUiUtils.dhtmlxOptionAppend(sb, GrouperUiUtils.convertSubjectToValue(subject), GrouperUiUtils.escapeHtml(GrouperUiUtils.convertSubjectToLabelConfigured(subject), true), GrouperUiUtils.imageFromSubjectSource(subject.getSource().getId()));
                    }
                    if (z2 || (queryPaging != null && GrouperUtil.length(set) < queryPaging.getTotalRecordCount())) {
                        GrouperUiUtils.dhtmlxOptionAppend(sb, null, GrouperUiUtils.message("simpleGroupUpdate.errorTooManyPrivilegeSubjects", false), "bullet_error.png");
                    } else if (GrouperUtil.length(set) == 0) {
                        GrouperUiUtils.dhtmlxOptionAppend(sb, "", GrouperUiUtils.message("simpleGroupUpdate.errorPrivilegeUserSearchNoResults", false), "bullet_error.png");
                    }
                }
                sb.append(GrouperUiUtils.DHTMLX_OPTIONS_END);
                GrouperUiUtils.printToScreen(sb.toString(), HttpContentType.TEXT_XML, false, false);
                GrouperSession.stopQuietly(grouperSession);
            } catch (Exception e3) {
                LOG.error("Error searching for subjects: '" + parameter2 + "', " + e3.getMessage(), e3);
                StringBuilder sb2 = new StringBuilder(GrouperUiUtils.DHTMLX_OPTIONS_START);
                GrouperUiUtils.dhtmlxOptionAppend(sb2, null, GrouperUiUtils.escapeHtml("Error searching for subjects: " + parameter2 + ", " + e3.getMessage(), true), null);
                sb2.append(GrouperUiUtils.DHTMLX_OPTIONS_END);
                GrouperUiUtils.printToScreen(sb2.toString(), HttpContentType.TEXT_XML, false, false);
                GrouperSession.stopQuietly(grouperSession);
            }
            throw new ControllerDone();
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public void filterGroups(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        filterGroupsRolesEntitiesHelper(httpServletRequest, httpServletResponse, TypeOfGroup.GROUP_OR_ROLE_SET);
    }

    private void filterGroupsRolesEntitiesHelper(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Set<TypeOfGroup> set) {
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        GrouperSession grouperSession = null;
        String parameter = httpServletRequest.getParameter("mask");
        try {
            try {
                grouperSession = GrouperSession.start(retrieveSubjectLoggedIn);
                Set set2 = null;
                StringBuilder sb = new StringBuilder(GrouperUiUtils.DHTMLX_OPTIONS_START);
                QueryOptions queryOptions = null;
                if (StringUtils.defaultString(parameter).length() < 2) {
                    GrouperUiUtils.dhtmlxOptionAppend(sb, "", GrouperUiUtils.message("simpleGroupUpdate.errorNotEnoughChars", false), "bullet_error.png");
                } else {
                    queryOptions = new QueryOptions().paging(GrouperUiConfig.retrieveConfig().propertyValueInt("simpleGroupUpdate.groupComboboxResultSize", 200), 1, true).sortAsc("theGroup.displayNameDb");
                    set2 = GrouperDAOFactory.getFactory().getGroup().getAllGroupsSplitScopeSecure(parameter, grouperSession, retrieveSubjectLoggedIn, GrouperUtil.toSet(new Privilege[]{AccessPrivilege.ADMIN}), queryOptions, set);
                    if (GrouperUtil.length(set2) == 0) {
                        GrouperUiUtils.dhtmlxOptionAppend(sb, "", GrouperUiUtils.message("simpleGroupUpdate.errorNoGroupsFound", false), "bullet_error.png");
                    }
                }
                for (Group group : GrouperUtil.nonNull(set2)) {
                    GrouperUiUtils.dhtmlxOptionAppend(sb, group.getId(), GrouperUiUtils.escapeHtml(group.getDisplayName(), true), group.getTypeOfGroup() == TypeOfGroup.role ? GrouperUiUtils.imageFromSubjectSource("g:rsa") : (group.getTypeOfGroup() != TypeOfGroup.entity || SubjectFinder.internal_getEntitySourceAdapter(false) == null) ? GrouperUiUtils.imageFromSubjectSource("g:gsa") : GrouperUiUtils.imageFromSubjectSource(SubjectFinder.internal_getEntitySourceAdapter(true).getId()));
                }
                if (queryOptions != null && queryOptions.getCount() != null && set2 != null && queryOptions.getCount().longValue() > set2.size()) {
                    GrouperUiUtils.dhtmlxOptionAppend(sb, "", GrouperUiUtils.message("simpleGroupUpdate.errorTooManyGroups", false), "bullet_error.png");
                }
                sb.append(GrouperUiUtils.DHTMLX_OPTIONS_END);
                GrouperUiUtils.printToScreen(sb.toString(), HttpContentType.TEXT_XML, false, false);
                GrouperSession.stopQuietly(grouperSession);
            } catch (Exception e) {
                LOG.error("Error searching for group: '" + parameter + "', " + e.getMessage(), e);
                StringBuilder sb2 = new StringBuilder(GrouperUiUtils.DHTMLX_OPTIONS_START);
                GrouperUiUtils.dhtmlxOptionAppend(sb2, null, GrouperUiUtils.escapeHtml("Error searching for groups: " + parameter + ", " + e.getMessage(), true), null);
                sb2.append(GrouperUiUtils.DHTMLX_OPTIONS_END);
                GrouperUiUtils.printToScreen(sb2.toString(), HttpContentType.TEXT_XML, false, false);
                GrouperSession.stopQuietly(grouperSession);
            }
            throw new ControllerDone();
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public void filterGroupsRolesEntities(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        filterGroupsRolesEntitiesHelper(httpServletRequest, httpServletResponse, null);
    }
}
