package org.molgenis.ui.admin.permission;

import com.google.common.base.Predicate;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Map;
import java.util.Objects;
import org.molgenis.auth.GroupAuthority;
import org.molgenis.auth.GroupAuthorityFactory;
import org.molgenis.auth.User;
import org.molgenis.auth.UserAuthority;
import org.molgenis.auth.UserAuthorityFactory;
import org.molgenis.framework.ui.MolgenisPlugin;
import org.molgenis.security.core.Permission;
import org.molgenis.security.permission.PermissionManagerService;
import org.molgenis.security.permission.Permissions;
import org.molgenis.ui.MolgenisPluginController;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.context.request.WebRequest;

@RequestMapping({PermissionManagerController.URI})
@Controller
/* loaded from: input_file:org/molgenis/ui/admin/permission/PermissionManagerController.class */
public class PermissionManagerController extends MolgenisPluginController {
    private static final Logger LOG = LoggerFactory.getLogger(PermissionManagerController.class);
    public static final String URI = "/plugin/permissionmanager";
    private final PermissionManagerService pluginPermissionManagerService;
    private final UserAuthorityFactory userAuthorityFactory;
    private final GroupAuthorityFactory groupAuthorityFactory;

    @Autowired
    public PermissionManagerController(PermissionManagerService permissionManagerService, UserAuthorityFactory userAuthorityFactory, GroupAuthorityFactory groupAuthorityFactory) {
        super(URI);
        this.pluginPermissionManagerService = (PermissionManagerService) Objects.requireNonNull(permissionManagerService);
        this.userAuthorityFactory = (UserAuthorityFactory) Objects.requireNonNull(userAuthorityFactory);
        this.groupAuthorityFactory = (GroupAuthorityFactory) Objects.requireNonNull(groupAuthorityFactory);
    }

    @RequestMapping(method = {RequestMethod.GET})
    public String init(Model model) {
        model.addAttribute("users", Lists.newArrayList(Iterables.filter(this.pluginPermissionManagerService.getUsers(), new Predicate<User>() { // from class: org.molgenis.ui.admin.permission.PermissionManagerController.1
            public boolean apply(User user) {
                Boolean isSuperuser = user.isSuperuser();
                return isSuperuser == null || !isSuperuser.booleanValue();
            }
        })));
        model.addAttribute("groups", this.pluginPermissionManagerService.getGroups());
        return "view-permissionmanager";
    }

    @RequestMapping(value = {"/plugin/group/{groupId}"}, method = {RequestMethod.GET})
    @ResponseBody
    public Permissions getGroupPluginPermissions(@PathVariable String str) {
        return this.pluginPermissionManagerService.getGroupPluginPermissions(str);
    }

    @RequestMapping(value = {"/entityclass/group/{groupId}"}, method = {RequestMethod.GET})
    @ResponseBody
    public Permissions getGroupEntityClassPermissions(@PathVariable String str) {
        return this.pluginPermissionManagerService.getGroupEntityClassPermissions(str);
    }

    @RequestMapping(value = {"/plugin/user/{userId}"}, method = {RequestMethod.GET})
    @ResponseBody
    public Permissions getUserPluginPermissions(@PathVariable String str) {
        return this.pluginPermissionManagerService.getUserPluginPermissions(str);
    }

    @RequestMapping(value = {"/entityclass/user/{userId}"}, method = {RequestMethod.GET})
    @ResponseBody
    public Permissions getUserEntityClassPermissions(@PathVariable String str) {
        return this.pluginPermissionManagerService.getUserEntityClassPermissions(str);
    }

    @RequestMapping(value = {"/update/plugin/group"}, method = {RequestMethod.POST})
    @ResponseStatus(HttpStatus.OK)
    public void updateGroupPluginPermissions(@RequestParam String str, WebRequest webRequest) {
        ArrayList arrayList = new ArrayList();
        for (MolgenisPlugin molgenisPlugin : this.pluginPermissionManagerService.getPlugins()) {
            String parameter = webRequest.getParameter("radio-" + molgenisPlugin.getId());
            if (parameter.equalsIgnoreCase(Permission.READ.toString()) || parameter.equalsIgnoreCase(Permission.COUNT.toString()) || parameter.equalsIgnoreCase(Permission.WRITE.toString()) || parameter.equalsIgnoreCase(Permission.WRITEMETA.toString())) {
                GroupAuthority create = this.groupAuthorityFactory.create();
                create.setRole("ROLE_PLUGIN_" + parameter.toUpperCase() + "_" + molgenisPlugin.getId());
                arrayList.add(create);
            }
        }
        this.pluginPermissionManagerService.replaceGroupPluginPermissions(arrayList, str);
    }

    @RequestMapping(value = {"/update/entityclass/group"}, method = {RequestMethod.POST})
    @ResponseStatus(HttpStatus.OK)
    public void updateGroupEntityClassPermissions(@RequestParam String str, WebRequest webRequest) {
        ArrayList arrayList = new ArrayList();
        for (Object obj : this.pluginPermissionManagerService.getEntityClassIds()) {
            String parameter = webRequest.getParameter("radio-" + obj);
            if (parameter.equalsIgnoreCase(Permission.READ.toString()) || parameter.equalsIgnoreCase(Permission.COUNT.toString()) || parameter.equalsIgnoreCase(Permission.WRITE.toString()) || parameter.equalsIgnoreCase(Permission.WRITEMETA.toString())) {
                GroupAuthority create = this.groupAuthorityFactory.create();
                create.setRole("ROLE_ENTITY_" + parameter.toUpperCase() + "_" + obj);
                arrayList.add(create);
            }
        }
        this.pluginPermissionManagerService.replaceGroupEntityClassPermissions(arrayList, str);
    }

    @RequestMapping(value = {"/update/plugin/user"}, method = {RequestMethod.POST})
    @ResponseStatus(HttpStatus.OK)
    public void updateUserPluginPermissions(@RequestParam String str, WebRequest webRequest) {
        ArrayList arrayList = new ArrayList();
        for (MolgenisPlugin molgenisPlugin : this.pluginPermissionManagerService.getPlugins()) {
            String parameter = webRequest.getParameter("radio-" + molgenisPlugin.getId());
            if (parameter.equalsIgnoreCase(Permission.READ.toString()) || parameter.equalsIgnoreCase(Permission.COUNT.toString()) || parameter.equalsIgnoreCase(Permission.WRITE.toString()) || parameter.equalsIgnoreCase(Permission.WRITEMETA.toString())) {
                UserAuthority create = this.userAuthorityFactory.create();
                create.setRole("ROLE_PLUGIN_" + parameter.toUpperCase() + "_" + molgenisPlugin.getId());
                arrayList.add(create);
            }
        }
        this.pluginPermissionManagerService.replaceUserPluginPermissions(arrayList, str);
    }

    @RequestMapping(value = {"/update/entityclass/user"}, method = {RequestMethod.POST})
    @ResponseStatus(HttpStatus.OK)
    public void updateUserEntityClassPermissions(@RequestParam String str, WebRequest webRequest) {
        ArrayList arrayList = new ArrayList();
        for (Object obj : this.pluginPermissionManagerService.getEntityClassIds()) {
            String parameter = webRequest.getParameter("radio-" + obj);
            if (parameter.equalsIgnoreCase(Permission.READ.toString()) || parameter.equalsIgnoreCase(Permission.COUNT.toString()) || parameter.equalsIgnoreCase(Permission.WRITE.toString()) || parameter.equalsIgnoreCase(Permission.WRITEMETA.toString())) {
                UserAuthority create = this.userAuthorityFactory.create();
                create.setRole("ROLE_ENTITY_" + parameter.toUpperCase() + "_" + obj);
                arrayList.add(create);
            }
        }
        this.pluginPermissionManagerService.replaceUserEntityClassPermissions(arrayList, str);
    }

    @ExceptionHandler({RuntimeException.class})
    @ResponseBody
    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
    public Map<String, String> handleRuntimeException(RuntimeException runtimeException) {
        LOG.error((String) null, runtimeException);
        return Collections.singletonMap("errorMessage", "An error occurred. Please contact the administrator.<br />Message:" + runtimeException.getMessage());
    }
}
