package org.mycore.services.acl;

import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
import org.hibernate.Criteria;
import org.hibernate.criterion.Criterion;
import org.mycore.access.mcrimpl.MCRAccessControlSystem;
import org.mycore.access.mcrimpl.MCRAccessRule;
import org.mycore.access.mcrimpl.MCRAccessStore;
import org.mycore.access.mcrimpl.MCRRuleMapping;
import org.mycore.access.mcrimpl.MCRRuleStore;
import org.mycore.backend.hibernate.MCRHIBConnection;
import org.mycore.backend.hibernate.tables.MCRACCESS;
import org.mycore.backend.hibernate.tables.MCRACCESSRULE;
import org.mycore.common.MCRCache;
import org.mycore.common.MCRConfiguration;
import org.mycore.common.MCRException;
import org.mycore.services.acl.filter.MCRAclCriterionFilter;

/* loaded from: input_file:org/mycore/services/acl/MCRACLHIBAccess.class */
public class MCRACLHIBAccess {
    private static Logger LOGGER = Logger.getLogger(MCRACLHIBAccess.class);

    public List<MCRACCESS> getRuleMappingList(HttpServletRequest httpServletRequest) {
        Criteria createCriteria = MCRHIBConnection.instance().getSession().createCriteria(MCRACCESS.class);
        filterQuery(createCriteria, httpServletRequest, "MCR.ACL.Editor.ruleMappingFilter");
        return createCriteria.list();
    }

    public List<MCRACCESSRULE> getRuleList(HttpServletRequest httpServletRequest) {
        Criteria createCriteria = MCRHIBConnection.instance().getSession().createCriteria(MCRACCESSRULE.class);
        filterQuery(createCriteria, httpServletRequest, "MCR.ACL.Editor.ruleFilter");
        return createCriteria.list();
    }

    public void filterQuery(Criteria criteria, HttpServletRequest httpServletRequest, String str) {
        for (Object obj : MCRConfiguration.instance().getProperties(str).values()) {
            try {
                Class<?> cls = Class.forName(obj.toString());
                Object newInstance = cls.newInstance();
                if (newInstance instanceof MCRAclCriterionFilter) {
                    Criterion filter = ((MCRAclCriterionFilter) newInstance).filter(httpServletRequest);
                    if (filter != null) {
                        criteria.add(filter);
                    }
                } else {
                    LOGGER.warn("'" + cls.getCanonicalName() + "' doesnt implements MCRAclCriterionFilter. Check the " + str + ".xxx filters.");
                }
            } catch (Exception e) {
                LOGGER.error("while loading acl filter '" + obj + "'!", e);
            }
        }
    }

    public void saveRuleMappingChanges(Map<MCRAclAction, List<MCRRuleMapping>> map) {
        MCRAccessStore mCRAccessStore = MCRAccessStore.getInstance();
        List<MCRRuleMapping> list = map.get(MCRAclAction.update);
        List<MCRRuleMapping> list2 = map.get(MCRAclAction.save);
        List<MCRRuleMapping> list3 = map.get(MCRAclAction.delete);
        if (list != null) {
            for (MCRRuleMapping mCRRuleMapping : list) {
                String ruleId = mCRRuleMapping.getRuleId();
                if (ruleId == null || ruleId.trim().length() <= 0) {
                    throw new MCRException("The rule ID should not be null, empty or just spaces");
                }
                String pool = mCRRuleMapping.getPool();
                if (pool == null || pool.trim().length() <= 0) {
                    throw new MCRException("The AcPool ID should not be null, empty or just spaces");
                }
                String objId = mCRRuleMapping.getObjId();
                if (objId == null || objId.trim().length() <= 0) {
                    throw new MCRException("The object ID should not be null, empty or just spaces");
                }
                mCRAccessStore.updateAccessDefinition(mCRRuleMapping);
            }
        }
        if (list2 != null) {
            Iterator<MCRRuleMapping> it = list2.iterator();
            while (it.hasNext()) {
                mCRAccessStore.createAccessDefinition(it.next());
            }
        }
        if (list3 != null) {
            Iterator<MCRRuleMapping> it2 = list3.iterator();
            while (it2.hasNext()) {
                mCRAccessStore.deleteAccessDefinition(it2.next());
            }
        }
    }

    public void saveRuleChanges(Map<MCRAclAction, List<MCRACCESSRULE>> map) {
        MCRRuleStore mCRRuleStore = MCRRuleStore.getInstance();
        MCRCache cache = MCRAccessControlSystem.getCache();
        List<MCRACCESSRULE> list = map.get(MCRAclAction.update);
        List<MCRACCESSRULE> list2 = map.get(MCRAclAction.save);
        List<MCRACCESSRULE> list3 = map.get(MCRAclAction.delete);
        if (list != null) {
            for (MCRACCESSRULE mcraccessrule : list) {
                String rid = mcraccessrule.getRid();
                String rule = mcraccessrule.getRule();
                String description = mcraccessrule.getDescription();
                String creator = mcraccessrule.getCreator();
                StringBuffer stringBuffer = new StringBuffer("Update: ");
                stringBuffer.append(rid).append(" - ");
                stringBuffer.append(rule).append(" - ");
                stringBuffer.append(description);
                LOGGER.debug(stringBuffer.toString());
                MCRAccessRule mCRAccessRule = new MCRAccessRule(rid, creator, new Date(), rule, description);
                mCRRuleStore.updateRule(mCRAccessRule);
                cache.put(rid, mCRAccessRule);
            }
        }
        if (list2 != null) {
            for (MCRACCESSRULE mcraccessrule2 : list2) {
                String rid2 = mcraccessrule2.getRid();
                MCRAccessRule mCRAccessRule2 = new MCRAccessRule(rid2, mcraccessrule2.getCreator(), new Date(), mcraccessrule2.getRule(), mcraccessrule2.getDescription());
                mCRRuleStore.createRule(mCRAccessRule2);
                cache.put(rid2, mCRAccessRule2);
            }
        }
        if (list3 != null) {
            Iterator<MCRACCESSRULE> it = list3.iterator();
            while (it.hasNext()) {
                String rid3 = it.next().getRid();
                if (isRuleInUse(rid3)) {
                    LOGGER.debug("Rule " + rid3 + " is in use, don't deleted!");
                } else {
                    mCRRuleStore.deleteRule(rid3);
                    cache.remove(rid3);
                    LOGGER.debug("Rule " + rid3 + " deleted!");
                }
            }
        }
    }

    public boolean isRuleInUse(String str) {
        return !MCRHIBConnection.instance().getSession().createQuery(new StringBuilder().append("from MCRACCESS as accdef where accdef.rule.rid = '").append(str).append("'").toString()).list().isEmpty();
    }
}
