package org.molgenis.data.importer;

import com.google.common.collect.Lists;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.TreeMap;
import java.util.UUID;
import org.molgenis.auth.Authority;
import org.molgenis.auth.GroupAuthority;
import org.molgenis.auth.MolgenisGroup;
import org.molgenis.data.DataService;
import org.molgenis.data.MolgenisDataAccessException;
import org.molgenis.data.support.QueryImpl;
import org.molgenis.security.core.Permission;
import org.molgenis.security.core.utils.SecurityUtils;
import org.molgenis.security.permission.Permissions;
import org.molgenis.security.user.UserAccountService;
import org.molgenis.ui.wizard.AbstractWizardController;
import org.molgenis.ui.wizard.Wizard;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.context.request.WebRequest;

@RequestMapping({ImportWizardController.URI})
@Controller
/* loaded from: input_file:WEB-INF/lib/molgenis-data-import-1.8.3.jar:org/molgenis/data/importer/ImportWizardController.class */
public class ImportWizardController extends AbstractWizardController {
    public static final String ID = "importwizard";
    public static final String URI = "/plugin/importwizard";
    private final UploadWizardPage uploadWizardPage;
    private final OptionsWizardPage optionsWizardPage;
    private final ValidationResultWizardPage validationResultWizardPage;
    private final ImportResultsWizardPage importResultsWizardPage;
    private final PackageWizardPage packageWizardPage;
    private final DataService dataService;
    private final GrantedAuthoritiesMapper grantedAuthoritiesMapper;
    private final UserAccountService userAccountService;

    @Autowired
    public ImportWizardController(UploadWizardPage uploadWizardPage, OptionsWizardPage optionsWizardPage, PackageWizardPage packageWizardPage, ValidationResultWizardPage validationResultWizardPage, ImportResultsWizardPage importResultsWizardPage, DataService dataService, GrantedAuthoritiesMapper grantedAuthoritiesMapper, UserAccountService userAccountService) {
        super(URI, "importWizard");
        if (uploadWizardPage == null) {
            throw new IllegalArgumentException("UploadWizardPage is null");
        }
        if (optionsWizardPage == null) {
            throw new IllegalArgumentException("OptionsWizardPage is null");
        }
        if (validationResultWizardPage == null) {
            throw new IllegalArgumentException("ValidationResultWizardPage is null");
        }
        if (importResultsWizardPage == null) {
            throw new IllegalArgumentException("ImportResultsWizardPage is null");
        }
        this.uploadWizardPage = uploadWizardPage;
        this.optionsWizardPage = optionsWizardPage;
        this.validationResultWizardPage = validationResultWizardPage;
        this.importResultsWizardPage = importResultsWizardPage;
        this.packageWizardPage = packageWizardPage;
        this.userAccountService = userAccountService;
        this.dataService = dataService;
        this.grantedAuthoritiesMapper = grantedAuthoritiesMapper;
    }

    @Override // org.molgenis.ui.wizard.AbstractWizardController
    protected Wizard createWizard() {
        ImportWizard importWizard = new ImportWizard();
        importWizard.addPage(this.uploadWizardPage);
        importWizard.addPage(this.optionsWizardPage);
        importWizard.addPage(this.packageWizardPage);
        importWizard.addPage(this.validationResultWizardPage);
        importWizard.addPage(this.importResultsWizardPage);
        return importWizard;
    }

    @RequestMapping(value = {"/entityclass/group/{groupId}"}, method = {RequestMethod.GET})
    @ResponseBody
    public Permissions getGroupEntityClassPermissions(@PathVariable String str, WebRequest webRequest) {
        boolean z = false;
        Iterator<MolgenisGroup> it = this.userAccountService.getCurrentUserGroups().iterator();
        while (it.hasNext()) {
            if (it.next().getId().equals(str)) {
                z = true;
            }
        }
        if (!z && !this.userAccountService.getCurrentUser().getSuperuser().booleanValue()) {
            throw new RuntimeException("Current user does not belong to the requested group.");
        }
        List<String> asList = Arrays.asList(webRequest.getParameter("entityIds").split(","));
        MolgenisGroup molgenisGroup = (MolgenisGroup) this.dataService.findOne(MolgenisGroup.ENTITY_NAME, str, MolgenisGroup.class);
        if (molgenisGroup == null) {
            throw new RuntimeException("unknown group id [" + str + "]");
        }
        Permissions createPermissions = createPermissions(getGroupPermissions(molgenisGroup), asList);
        createPermissions.setGroupId(str);
        return createPermissions;
    }

    @RequestMapping(value = {"/add/entityclass/group"}, method = {RequestMethod.POST})
    @ResponseStatus(HttpStatus.OK)
    public void addGroupEntityClassPermissions(@RequestParam String str, WebRequest webRequest) {
        for (String str2 : Lists.newArrayList(this.dataService.getEntityNames())) {
            GroupAuthority groupAuthority = getGroupAuthority(str, str2);
            String parameter = webRequest.getParameter("radio-" + str2);
            if (parameter == null || !(SecurityUtils.currentUserHasRole(SecurityUtils.AUTHORITY_ENTITY_WRITE_PREFIX + str2.toUpperCase()) || this.userAccountService.getCurrentUser().getSuperuser().booleanValue())) {
                if (parameter != null) {
                    throw new MolgenisDataAccessException("Current user is not allowed to change the permissions for this entity: " + str2);
                }
            } else if (parameter.equalsIgnoreCase(Permission.READ.toString()) || parameter.equalsIgnoreCase(Permission.COUNT.toString()) || parameter.equalsIgnoreCase(Permission.WRITE.toString())) {
                groupAuthority.setMolgenisGroup((MolgenisGroup) this.dataService.findOne(MolgenisGroup.ENTITY_NAME, str, MolgenisGroup.class));
                groupAuthority.setRole(SecurityUtils.AUTHORITY_ENTITY_PREFIX + parameter.toUpperCase() + "_" + str2.toUpperCase());
                if (groupAuthority.getId() == null) {
                    groupAuthority.setId(UUID.randomUUID().toString());
                    this.dataService.add(GroupAuthority.ENTITY_NAME, groupAuthority);
                } else {
                    this.dataService.update(GroupAuthority.ENTITY_NAME, groupAuthority);
                }
            } else {
                if (!parameter.equalsIgnoreCase(Permission.NONE.toString())) {
                    throw new RuntimeException("Unknown value: " + parameter + " for permission on entity: " + str2);
                }
                if (groupAuthority.getId() != null) {
                    this.dataService.delete(GroupAuthority.ENTITY_NAME, groupAuthority.getId());
                }
            }
        }
    }

    private List<Authority> getGroupPermissions(MolgenisGroup molgenisGroup) {
        return Lists.newArrayList(this.dataService.findAll(GroupAuthority.ENTITY_NAME, new QueryImpl().eq("molgenisGroup", molgenisGroup), GroupAuthority.class));
    }

    private Permissions createPermissions(List<? extends Authority> list, List<String> list2) {
        Permissions permissions = new Permissions();
        if (list2 != null) {
            TreeMap treeMap = new TreeMap();
            for (String str : list2) {
                treeMap.put(str, str);
            }
            permissions.setEntityIds(treeMap);
        }
        for (Authority authority : list) {
            if (authority.getRole().startsWith(SecurityUtils.AUTHORITY_ENTITY_PREFIX)) {
                org.molgenis.security.permission.Permission permission = new org.molgenis.security.permission.Permission();
                String authorityType = getAuthorityType(authority.getRole());
                String authorityEntityId = getAuthorityEntityId(authority.getRole());
                permission.setType(authorityType);
                if (authority instanceof GroupAuthority) {
                    permission.setGroup(((GroupAuthority) authority).getMolgenisGroup().getName());
                    permissions.addGroupPermission(authorityEntityId, permission);
                }
            }
            SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(authority.getRole());
            Collection<? extends GrantedAuthority> mapAuthorities = this.grantedAuthoritiesMapper.mapAuthorities(Collections.singletonList(simpleGrantedAuthority));
            mapAuthorities.remove(simpleGrantedAuthority);
            for (GrantedAuthority grantedAuthority : mapAuthorities) {
                if (grantedAuthority.getAuthority().startsWith(SecurityUtils.AUTHORITY_ENTITY_PREFIX)) {
                    String authorityEntityId2 = getAuthorityEntityId(grantedAuthority.getAuthority());
                    org.molgenis.security.permission.Permission permission2 = new org.molgenis.security.permission.Permission();
                    permission2.setType(getAuthorityType(grantedAuthority.getAuthority()));
                    permissions.addHierarchyPermission(authorityEntityId2, permission2);
                }
            }
        }
        permissions.sort();
        return permissions;
    }

    private GroupAuthority getGroupAuthority(String str, String str2) {
        GroupAuthority groupAuthority = new GroupAuthority();
        for (GroupAuthority groupAuthority2 : this.dataService.findAll(GroupAuthority.ENTITY_NAME, new QueryImpl().eq("molgenisGroup", str), GroupAuthority.class)) {
            String str3 = "";
            if (groupAuthority2.getRole().startsWith(SecurityUtils.AUTHORITY_ENTITY_COUNT_PREFIX) || groupAuthority2.getRole().startsWith(SecurityUtils.AUTHORITY_ENTITY_WRITE_PREFIX)) {
                str3 = groupAuthority2.getRole().substring(SecurityUtils.AUTHORITY_ENTITY_COUNT_PREFIX.length());
            } else if (groupAuthority2.getRole().startsWith(SecurityUtils.AUTHORITY_ENTITY_READ_PREFIX)) {
                str3 = groupAuthority2.getRole().substring(SecurityUtils.AUTHORITY_ENTITY_READ_PREFIX.length());
            }
            if (str3.equals(str2.toUpperCase())) {
                groupAuthority = groupAuthority2;
            }
        }
        return groupAuthority;
    }

    private String getAuthorityEntityId(String str) {
        String substring = str.substring(SecurityUtils.AUTHORITY_ENTITY_PREFIX.length());
        return substring.substring(substring.indexOf(95) + 1).toLowerCase();
    }

    private String getAuthorityType(String str) {
        String substring = str.substring(SecurityUtils.AUTHORITY_ENTITY_PREFIX.length());
        return substring.substring(0, substring.indexOf(95)).toLowerCase();
    }
}
