package org.molgenis.omx.auth;

import java.io.Serializable;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.eclipse.persistence.jpa.jpql.parser.Expression;
import org.molgenis.framework.db.Database;
import org.molgenis.framework.db.DatabaseException;
import org.molgenis.framework.db.QueryRule;
import org.molgenis.framework.security.Login;
import org.molgenis.framework.server.TokenFactory;
import org.molgenis.framework.ui.ScreenController;
import org.molgenis.omx.auth.service.MolgenisUserService;
import org.molgenis.omx.auth.util.PasswordHasher;
import org.molgenis.util.Entity;

/* loaded from: input_file:WEB-INF/lib/molgenis-omx-auth-0.0.1.jar:org/molgenis/omx/auth/DatabaseLogin.class */
public class DatabaseLogin implements Login, Serializable {
    private static final long serialVersionUID = 1;
    private static Logger logger = Logger.getLogger(DatabaseLogin.class);
    private final TokenFactory tm;
    MolgenisUser user;
    List<MolgenisGroup> groups;
    Map<String, Permission> readMap;
    Map<String, Permission> writeMap;
    Map<String, Permission> executeMap;
    Map<String, Permission> ownMap;
    protected String redirect;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/molgenis-omx-auth-0.0.1.jar:org/molgenis/omx/auth/DatabaseLogin$Permission.class */
    public enum Permission {
        read,
        write,
        own
    }

    public DatabaseLogin(TokenFactory tokenFactory) {
        this.groups = new ArrayList();
        this.readMap = new TreeMap();
        this.writeMap = new TreeMap();
        this.executeMap = new TreeMap();
        this.ownMap = new TreeMap();
        logger.debug("DatabaseLogin()");
        this.tm = tokenFactory;
    }

    public DatabaseLogin(Database database, TokenFactory tokenFactory) throws Exception {
        this.groups = new ArrayList();
        this.readMap = new TreeMap();
        this.writeMap = new TreeMap();
        this.executeMap = new TreeMap();
        this.ownMap = new TreeMap();
        this.tm = tokenFactory;
        login(database, "anonymous", "anonymous");
    }

    public DatabaseLogin(Database database, String str, TokenFactory tokenFactory) throws Exception {
        this(database, tokenFactory);
        this.redirect = str;
    }

    @Override // org.molgenis.framework.security.Login
    public Integer getUserId() {
        if (this.user != null) {
            return this.user.getId();
        }
        return null;
    }

    @Override // org.molgenis.framework.security.Login
    public String getUserName() {
        if (this.user != null) {
            return this.user.getName();
        }
        return null;
    }

    public String getFullUserName() {
        return this.user.getFirstName() + " " + this.user.getLastName();
    }

    @Override // org.molgenis.framework.security.Login
    public boolean isAuthenticated() {
        return (this.user == null || "anonymous".equals(this.user.getName())) ? false : true;
    }

    @Override // org.molgenis.framework.security.Login
    public boolean login(Database database, String str, String str2) throws Exception {
        if (str == null || "".equals(str)) {
            return false;
        }
        this.tm.invalidateTokens();
        if (this.tm.checkIfTokenExists(str)) {
            List find = database.query(MolgenisUser.class).eq("Name", this.tm.getToken(str).getUserName()).eq(MolgenisUser.ACTIVE, true).find();
            if (find.size() != 1) {
                return false;
            }
            this.user = (MolgenisUser) find.get(0);
            reload(database);
            return true;
        }
        if (str2 == null || "".equals(str2)) {
            return false;
        }
        try {
            database.find(MolgenisUser.class, new QueryRule[0]);
            try {
                String md5 = new PasswordHasher().toMD5(str2);
                List find2 = database.query(MolgenisUser.class).eq("Name", str).eq(MolgenisUser.PASSWORD_, md5).eq(MolgenisUser.ACTIVE, true).find();
                if (find2.size() != 1 || !str.equals(((MolgenisUser) find2.get(0)).getName()) || !md5.equals(((MolgenisUser) find2.get(0)).getPassword())) {
                    return false;
                }
                this.user = (MolgenisUser) find2.get(0);
                reload(database);
                return true;
            } catch (Exception e) {
                e.printStackTrace();
                throw e;
            }
        } catch (Exception e2) {
            return false;
        }
    }

    @Override // org.molgenis.framework.security.Login
    public void logout(Database database) throws Exception {
        this.user = null;
        reload(database);
    }

    @Override // org.molgenis.framework.security.Login
    public void reload(Database database) throws Exception {
        if (this.user == null) {
            login(database, "anonymous", "anonymous");
        }
        List<Integer> findGroupIds = MolgenisUserService.getInstance(database).findGroupIds(this.user);
        if (!findGroupIds.isEmpty()) {
            this.groups = database.query(MolgenisGroup.class).in("id", findGroupIds).find();
        }
        this.readMap.clear();
        this.writeMap.clear();
        this.executeMap.clear();
        this.ownMap.clear();
        loadPermissions(database, this.user);
        Iterator<MolgenisGroup> it = this.groups.iterator();
        while (it.hasNext()) {
            loadPermissions(database, it.next());
        }
    }

    private void loadPermissions(Database database, MolgenisRole molgenisRole) throws DatabaseException, ParseException {
        for (MolgenisPermission molgenisPermission : database.query(MolgenisPermission.class).in("role_", MolgenisUserService.getInstance(database).findGroupIds(molgenisRole)).find()) {
            if ("read".equals(molgenisPermission.getPermission())) {
                this.readMap.put(molgenisPermission.getEntity_ClassName(), Permission.read);
            } else if ("write".equals(molgenisPermission.getPermission())) {
                this.readMap.put(molgenisPermission.getEntity_ClassName(), Permission.read);
                this.writeMap.put(molgenisPermission.getEntity_ClassName(), Permission.write);
            } else if ("own".equals(molgenisPermission.getPermission())) {
                this.readMap.put(molgenisPermission.getEntity_ClassName(), Permission.read);
                this.writeMap.put(molgenisPermission.getEntity_ClassName(), Permission.write);
                this.ownMap.put(molgenisPermission.getEntity_ClassName(), Permission.own);
            }
        }
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("Login(user=" + getUserName() + " roles=");
        for (int i = 0; i < this.groups.size(); i++) {
            if (i > 0) {
                stringBuffer.append("," + this.groups.get(i).getName());
            } else {
                stringBuffer.append(this.groups.get(i).getName());
            }
        }
        for (String str : this.readMap.keySet()) {
            stringBuffer.append(" " + str + Expression.EQUAL + this.readMap.get(str));
        }
        for (String str2 : this.writeMap.keySet()) {
            stringBuffer.append(" " + str2 + Expression.EQUAL + this.writeMap.get(str2));
        }
        stringBuffer.append(")");
        return stringBuffer.toString();
    }

    @Override // org.molgenis.framework.security.Login
    public boolean isLoginRequired() {
        return false;
    }

    @Override // org.molgenis.framework.security.Login
    public QueryRule getRowlevelSecurityFilters(Class<? extends Entity> cls) {
        return null;
    }

    @Override // org.molgenis.framework.security.Login
    public boolean canRead(Class<? extends Entity> cls) throws DatabaseException {
        if (isAuthenticated() && this.user.getSuperuser().booleanValue()) {
            return true;
        }
        String name = cls.getName();
        return name.startsWith("org.molgenis.omx.auth.Molgenis") || this.readMap.containsKey(name);
    }

    @Override // org.molgenis.framework.security.Login
    public boolean canWrite(Class<? extends Entity> cls) throws DatabaseException {
        if (isAuthenticated() && this.user.getSuperuser().booleanValue()) {
            return true;
        }
        return this.writeMap.containsKey(cls.getName());
    }

    public boolean owns(Class<? extends Entity> cls) throws DatabaseException {
        if (isAuthenticated() && this.user.getSuperuser().booleanValue()) {
            return true;
        }
        String name = cls.getName();
        return name.startsWith("org.molgenis.omx.auth.Molgenis") || this.ownMap.containsKey(name);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.molgenis.framework.security.Login
    public boolean canRead(Entity entity) throws DatabaseException {
        if (isAuthenticated() && this.user.getSuperuser().booleanValue()) {
            return true;
        }
        if (!isImplementing(entity, "org.molgenis.omx.auth.Authorizable")) {
            return canRead((Class<? extends Entity>) entity.getClass());
        }
        if (!isAuthenticated()) {
            return false;
        }
        if (getUserId().equals((Integer) entity.get("canRead"))) {
            return true;
        }
        return canWrite(entity);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.molgenis.framework.security.Login
    public boolean canWrite(Entity entity) throws DatabaseException {
        if (isAuthenticated() && this.user.getSuperuser().booleanValue()) {
            return true;
        }
        if (!isImplementing(entity, "org.molgenis.omx.auth.Authorizable")) {
            return canWrite((Class<? extends Entity>) entity.getClass());
        }
        if (!isAuthenticated()) {
            entity.setReadonly(true);
            return false;
        }
        if (getUserId().equals((Integer) entity.get("canWrite"))) {
            return true;
        }
        return owns(entity);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public boolean owns(Entity entity) throws DatabaseException {
        if (isAuthenticated() && this.user.getSuperuser().booleanValue()) {
            return true;
        }
        if (!isImplementing(entity, "org.molgenis.omx.auth.Authorizable")) {
            return owns((Class<? extends Entity>) entity.getClass());
        }
        if (!isAuthenticated()) {
            return false;
        }
        Integer num = (Integer) entity.get("owns_id");
        if (num == null) {
            logger.error("owns shouldnt be null for " + entity);
        }
        return num != null && num.equals(getUserId());
    }

    @Override // org.molgenis.framework.security.Login
    public boolean canReadScreenController(Class<? extends ScreenController<?>> cls) {
        return (isAuthenticated() && this.user.getSuperuser().booleanValue()) || this.readMap.containsKey(cls.getName());
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.molgenis.framework.security.Login
    public boolean canRead(ScreenController<?> screenController) {
        return canReadScreenController(screenController.getClass());
    }

    @Override // org.molgenis.framework.security.Login
    public String getRedirect() {
        return this.redirect;
    }

    private boolean isImplementing(Entity entity, String str) {
        if (StringUtils.isEmpty(str)) {
            return false;
        }
        for (Class<?> cls : entity.getClass().getInterfaces()) {
            if (cls.getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    @Override // org.molgenis.framework.security.Login
    public void setAdmin(List<? extends Entity> list, Database database) throws DatabaseException {
        for (Entity entity : list) {
            try {
                Class<?> cls = entity.getClass();
                if (cls.getMethod("getOwns_Id", new Class[0]).invoke(entity, new Object[0]) == null) {
                    cls.getMethod("setOwns_Id", Integer.class).invoke(entity, ((MolgenisRole) database.find(MolgenisRole.class, new QueryRule("Name", QueryRule.Operator.EQUALS, "admin")).get(0)).getId());
                }
            } catch (Exception e) {
                e.printStackTrace();
                throw new DatabaseException(e);
            }
        }
    }

    @Override // org.molgenis.framework.security.Login
    public void setRedirect(String str) {
        this.redirect = str;
    }
}
