package org.flowable.ui.task.service.runtime;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.flowable.bpmn.model.ExtensionElement;
import org.flowable.bpmn.model.FlowElement;
import org.flowable.bpmn.model.UserTask;
import org.flowable.cmmn.api.CmmnHistoryService;
import org.flowable.cmmn.api.history.HistoricCaseInstance;
import org.flowable.content.api.ContentItem;
import org.flowable.editor.language.json.converter.util.CollectionUtils;
import org.flowable.engine.HistoryService;
import org.flowable.engine.RepositoryService;
import org.flowable.engine.RuntimeService;
import org.flowable.engine.TaskService;
import org.flowable.engine.history.HistoricProcessInstance;
import org.flowable.engine.history.HistoricProcessInstanceQuery;
import org.flowable.engine.repository.ProcessDefinition;
import org.flowable.identitylink.api.IdentityLink;
import org.flowable.idm.api.User;
import org.flowable.task.api.Task;
import org.flowable.task.api.history.HistoricTaskInstance;
import org.flowable.task.api.history.HistoricTaskInstanceQuery;
import org.flowable.ui.common.model.RemoteGroup;
import org.flowable.ui.common.model.RemoteUser;
import org.flowable.ui.common.service.exception.NotFoundException;
import org.flowable.ui.common.service.exception.NotPermittedException;
import org.flowable.ui.common.service.idm.RemoteIdmService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Transactional
@Service
/* loaded from: input_file:WEB-INF/lib/flowable-ui-task-logic-6.4.1.jar:org/flowable/ui/task/service/runtime/PermissionService.class */
public class PermissionService {

    @Autowired
    protected TaskService taskService;

    @Autowired
    protected RuntimeService runtimeService;

    @Autowired
    protected RepositoryService repositoryService;

    @Autowired
    protected HistoryService historyService;

    @Autowired
    protected CmmnHistoryService cmmnHistoryService;

    @Autowired
    protected RemoteIdmService remoteIdmService;

    public HistoricTaskInstance validateReadPermissionOnTask(User user, String str) {
        List<V> list = this.historyService.createHistoricTaskInstanceQuery().taskId2(str).taskInvolvedUser2(String.valueOf(user.getId())).list();
        if (CollectionUtils.isNotEmpty(list)) {
            return (HistoricTaskInstance) list.get(0);
        }
        HistoricTaskInstanceQuery createHistoricTaskInstanceQuery = this.historyService.createHistoricTaskInstanceQuery();
        createHistoricTaskInstanceQuery.taskId2(str);
        if (!getGroupIdsForUser(user).isEmpty()) {
            createHistoricTaskInstanceQuery.taskCandidateGroupIn(getGroupIdsForUser(user));
        }
        List<V> list2 = createHistoricTaskInstanceQuery.list();
        if (CollectionUtils.isNotEmpty(list2)) {
            return (HistoricTaskInstance) list2.get(0);
        }
        List<V> list3 = this.historyService.createHistoricTaskInstanceQuery().taskId2(str).list();
        if (CollectionUtils.isNotEmpty(list3)) {
            HistoricTaskInstance historicTaskInstance = (HistoricTaskInstance) list3.get(0);
            if (historicTaskInstance == null || historicTaskInstance.getProcessInstanceId() == null) {
                if (historicTaskInstance != null && historicTaskInstance.getParentTaskId() != null) {
                    validateReadPermissionOnTask(user, historicTaskInstance.getParentTaskId());
                    return historicTaskInstance;
                }
            } else if (hasReadPermissionOnProcessInstance(user, historicTaskInstance.getProcessInstanceId())) {
                return historicTaskInstance;
            }
        }
        throw new NotPermittedException("User is not allowed to work with task " + str);
    }

    private List<String> getGroupIdsForUser(User user) {
        ArrayList arrayList = new ArrayList();
        Iterator<RemoteGroup> it = ((RemoteUser) user).getGroups().iterator();
        while (it.hasNext()) {
            arrayList.add(String.valueOf(it.next().getId()));
        }
        return arrayList;
    }

    public boolean isTaskOwnerOrAssignee(User user, String str) {
        return isTaskOwnerOrAssignee(user, (Task) this.taskService.createTaskQuery().taskId2(str).singleResult());
    }

    public boolean isTaskOwnerOrAssignee(User user, Task task) {
        String valueOf = String.valueOf(user.getId());
        return valueOf.equals(task.getAssignee()) || valueOf.equals(task.getOwner());
    }

    public boolean validateIfUserIsInitiatorAndCanCompleteTask(User user, Task task) {
        HistoricCaseInstance singleResult;
        boolean z = false;
        if (task.getProcessInstanceId() != null) {
            HistoricProcessInstance singleResult2 = this.historyService.createHistoricProcessInstanceQuery().processInstanceId(task.getProcessInstanceId()).singleResult();
            if (singleResult2 != null && StringUtils.isNotEmpty(singleResult2.getStartUserId())) {
                if (String.valueOf(user.getId()).equals(singleResult2.getStartUserId())) {
                    FlowElement flowElement = this.repositoryService.getBpmnModel(task.getProcessDefinitionId()).getFlowElement(task.getTaskDefinitionKey());
                    if (flowElement instanceof UserTask) {
                        List<ExtensionElement> list = ((UserTask) flowElement).getExtensionElements().get("initiator-can-complete");
                        if (CollectionUtils.isNotEmpty(list)) {
                            String elementText = list.get(0).getElementText();
                            if (StringUtils.isNotEmpty(elementText) && Boolean.valueOf(elementText).booleanValue()) {
                                z = true;
                            }
                        }
                    }
                }
            }
        } else if (task.getScopeId() != null && (singleResult = this.cmmnHistoryService.createHistoricCaseInstanceQuery().caseInstanceId(task.getScopeId()).singleResult()) != null && StringUtils.isNotEmpty(singleResult.getStartUserId())) {
            if (String.valueOf(user.getId()).equals(singleResult.getStartUserId())) {
                z = true;
            }
        }
        return z;
    }

    public boolean isInvolved(User user, String str) {
        return this.historyService.createHistoricTaskInstanceQuery().taskId2(str).taskInvolvedUser2(String.valueOf(user.getId())).count() == 1;
    }

    public boolean hasReadPermissionOnProcessInstance(User user, String str) {
        return hasReadPermissionOnProcessInstance(user, this.historyService.createHistoricProcessInstanceQuery().processInstanceId(str).singleResult(), str);
    }

    public boolean hasReadPermissionOnCase(User user, String str) {
        return hasReadPermissionOnCaseInstance(user, this.cmmnHistoryService.createHistoricCaseInstanceQuery().caseInstanceId(str).singleResult(), str);
    }

    public boolean hasReadPermissionOnProcessInstance(User user, HistoricProcessInstance historicProcessInstance, String str) {
        if (historicProcessInstance == null) {
            throw new NotFoundException("Process instance not found for id " + str);
        }
        if (historicProcessInstance.getStartUserId() != null && historicProcessInstance.getStartUserId().equals(user.getId())) {
            return true;
        }
        HistoricProcessInstanceQuery createHistoricProcessInstanceQuery = this.historyService.createHistoricProcessInstanceQuery();
        createHistoricProcessInstanceQuery.processInstanceId(str);
        createHistoricProcessInstanceQuery.involvedUser(user.getId());
        if (createHistoricProcessInstanceQuery.count() > 0) {
            return true;
        }
        HistoricTaskInstanceQuery createHistoricTaskInstanceQuery = this.historyService.createHistoricTaskInstanceQuery();
        createHistoricTaskInstanceQuery.processInstanceId2(str);
        createHistoricTaskInstanceQuery.taskInvolvedUser2(user.getId());
        if (createHistoricTaskInstanceQuery.count() > 0) {
            return true;
        }
        List<String> groupIdsForUser = getGroupIdsForUser(user);
        if (groupIdsForUser.isEmpty()) {
            return false;
        }
        HistoricTaskInstanceQuery createHistoricTaskInstanceQuery2 = this.historyService.createHistoricTaskInstanceQuery();
        createHistoricTaskInstanceQuery2.processInstanceId2(str).taskCandidateGroupIn(groupIdsForUser);
        return createHistoricTaskInstanceQuery2.count() > 0;
    }

    public boolean hasReadPermissionOnCaseInstance(User user, HistoricCaseInstance historicCaseInstance, String str) {
        if (historicCaseInstance == null) {
            throw new NotFoundException("Case instance not found for id " + str);
        }
        if ((historicCaseInstance.getStartUserId() != null && historicCaseInstance.getStartUserId().equals(user.getId())) || user.getId().equals(historicCaseInstance.getStartUserId())) {
            return true;
        }
        HistoricTaskInstanceQuery createHistoricTaskInstanceQuery = this.cmmnHistoryService.createHistoricTaskInstanceQuery();
        createHistoricTaskInstanceQuery.caseInstanceId2(str);
        createHistoricTaskInstanceQuery.taskInvolvedUser2(user.getId());
        if (createHistoricTaskInstanceQuery.count() > 0) {
            return true;
        }
        List<String> groupIdsForUser = getGroupIdsForUser(user);
        if (groupIdsForUser.isEmpty()) {
            return false;
        }
        HistoricTaskInstanceQuery createHistoricTaskInstanceQuery2 = this.historyService.createHistoricTaskInstanceQuery();
        createHistoricTaskInstanceQuery2.caseInstanceId2(str).taskCandidateGroupIn(groupIdsForUser);
        return createHistoricTaskInstanceQuery2.count() > 0;
    }

    public boolean canAddRelatedContentToTask(User user, String str) {
        validateReadPermissionOnTask(user, str);
        return true;
    }

    public boolean canAddRelatedContentToProcessInstance(User user, String str) {
        return hasReadPermissionOnProcessInstance(user, str);
    }

    public boolean canAddRelatedContentToCase(User user, String str) {
        return hasReadPermissionOnCase(user, str);
    }

    public boolean canDownloadContent(User user, ContentItem contentItem) {
        if (contentItem.getTaskId() != null) {
            validateReadPermissionOnTask(user, contentItem.getTaskId());
            return true;
        }
        if (contentItem.getProcessInstanceId() != null) {
            return hasReadPermissionOnProcessInstance(user, contentItem.getProcessInstanceId());
        }
        if ("cmmn".equals(contentItem.getScopeType())) {
            return hasReadPermissionOnCase(user, contentItem.getScopeId());
        }
        return false;
    }

    public boolean hasWritePermissionOnRelatedContent(User user, ContentItem contentItem) {
        if (contentItem.getProcessInstanceId() != null) {
            return hasReadPermissionOnProcessInstance(user, contentItem.getProcessInstanceId());
        }
        if (contentItem.getCreatedBy() != null) {
            return contentItem.getCreatedBy().equals(user.getId());
        }
        return false;
    }

    public boolean canDeleteProcessInstance(User user, HistoricProcessInstance historicProcessInstance) {
        boolean z = false;
        if (historicProcessInstance.getStartUserId() != null) {
            z = historicProcessInstance.getStartUserId().equals(user.getId());
        }
        return z;
    }

    public boolean canStartProcess(User user, ProcessDefinition processDefinition) {
        List<IdentityLink> identityLinksForProcessDefinition = this.repositoryService.getIdentityLinksForProcessDefinition(processDefinition.getId());
        List<String> potentialStarterUserIds = getPotentialStarterUserIds(identityLinksForProcessDefinition);
        List<String> potentialStarterGroupIds = getPotentialStarterGroupIds(identityLinksForProcessDefinition);
        if ((potentialStarterUserIds.isEmpty() && potentialStarterGroupIds.isEmpty()) || potentialStarterUserIds.contains(user.getId())) {
            return true;
        }
        List<String> groupIdsForUser = getGroupIdsForUser(user);
        Iterator<String> it = potentialStarterGroupIds.iterator();
        while (it.hasNext()) {
            if (groupIdsForUser.contains(it.next())) {
                return true;
            }
        }
        return false;
    }

    protected List<String> getPotentialStarterGroupIds(List<IdentityLink> list) {
        ArrayList arrayList = new ArrayList();
        for (IdentityLink identityLink : list) {
            if (identityLink.getGroupId() != null && identityLink.getGroupId().length() > 0 && !arrayList.contains(identityLink.getGroupId())) {
                arrayList.add(identityLink.getGroupId());
            }
        }
        return arrayList;
    }

    protected List<String> getPotentialStarterUserIds(List<IdentityLink> list) {
        ArrayList arrayList = new ArrayList();
        for (IdentityLink identityLink : list) {
            if (identityLink.getUserId() != null && identityLink.getUserId().length() > 0 && !arrayList.contains(identityLink.getUserId())) {
                arrayList.add(identityLink.getUserId());
            }
        }
        return arrayList;
    }
}
