package org.mycore.access;

import java.util.Collection;
import java.util.Objects;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import java.util.function.Supplier;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.jdom2.Element;
import org.mycore.access.strategies.MCRAccessCheckStrategy;
import org.mycore.access.strategies.MCRDerivateIDStrategy;
import org.mycore.backend.jpa.MCREntityManagerProvider;
import org.mycore.common.MCRException;
import org.mycore.common.MCRUserInformation;
import org.mycore.common.config.MCRConfiguration2;
import org.mycore.common.events.MCRShutdownHandler;
import org.mycore.datamodel.metadata.MCRMetadataManager;
import org.mycore.datamodel.metadata.MCRObjectID;
import org.mycore.util.concurrent.MCRFixedUserCallable;

/* loaded from: input_file:org/mycore/access/MCRAccessManager.class */
public class MCRAccessManager {
    public static final String PERMISSION_READ = "read";
    public static final String PERMISSION_WRITE = "writedb";
    public static final String PERMISSION_DELETE = "deletedb";
    public static final String PERMISSION_PREVIEW = "preview";
    public static final String PERMISSION_VIEW = "view";
    private static final MCRAccessCacheManager ACCESS_CACHE = new MCRAccessCacheManager();
    public static final Logger LOGGER = LogManager.getLogger(MCRAccessManager.class);
    private static final ExecutorService EXECUTOR_SERVICE = Executors.newWorkStealingPool();

    public static MCRAccessInterface getAccessImpl() {
        return (MCRAccessInterface) MCRConfiguration2.getSingleInstanceOf("MCR.Access.Class", MCRAccessBaseImpl.class).get();
    }

    private static MCRAccessCheckStrategy getAccessStrategy() {
        return (MCRAccessCheckStrategy) MCRConfiguration2.getInstanceOf("MCR.Access.Strategy.Class").orElseGet(MCRDerivateIDStrategy::new);
    }

    public static void addRule(MCRObjectID mCRObjectID, String str, Element element, String str2) throws MCRException {
        getAccessImpl().addRule(mCRObjectID.toString(), str, element, str2);
    }

    public static void addRule(String str, String str2, Element element, String str3) throws MCRException {
        getAccessImpl().addRule(str, str2, element, str3);
    }

    public static void removeRule(MCRObjectID mCRObjectID, String str) throws MCRException {
        getAccessImpl().removeRule(mCRObjectID.toString(), str);
    }

    public static void removeRule(String str, String str2) throws MCRException {
        getAccessImpl().removeRule(str, str2);
    }

    public static void removeAllRules(MCRObjectID mCRObjectID) throws MCRException {
        getAccessImpl().removeAllRules(mCRObjectID.toString());
    }

    public static void updateRule(MCRObjectID mCRObjectID, String str, Element element, String str2) throws MCRException {
        getAccessImpl().updateRule(mCRObjectID.toString(), str, element, str2);
    }

    public static void updateRule(String str, String str2, Element element, String str3) throws MCRException {
        getAccessImpl().updateRule(str, str2, element, str3);
    }

    public static boolean checkPermission(MCRObjectID mCRObjectID, String str) {
        return checkPermission(mCRObjectID.toString(), str);
    }

    public static boolean checkDerivateMetadataPermission(MCRObjectID mCRObjectID, String str) {
        MCRObjectID objectId = MCRMetadataManager.getObjectId(mCRObjectID, 10L, TimeUnit.MINUTES);
        return objectId != null ? checkPermission(objectId, str) : checkPermission(mCRObjectID.toString(), str);
    }

    public static boolean checkDerivateContentPermission(MCRObjectID mCRObjectID, String str) {
        return checkPermission(mCRObjectID.toString(), str);
    }

    public static boolean checkDerivateDisplayPermission(String str) {
        return checkPermission(str, PERMISSION_READ) || checkPermission(str, PERMISSION_VIEW);
    }

    public static boolean checkPermission(String str, String str2) {
        Boolean isPermitted = ACCESS_CACHE.isPermitted(str, str2);
        if (isPermitted == null) {
            isPermitted = Boolean.valueOf(getAccessStrategy().checkPermission(str, str2));
            ACCESS_CACHE.cachePermission(str, str2, isPermitted.booleanValue());
        }
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("checkPermission id:{} permission:{} --> {}", str, str2, isPermitted);
        }
        return isPermitted.booleanValue();
    }

    public static boolean checkPermission(String str) {
        Boolean isPermitted = ACCESS_CACHE.isPermitted(null, str);
        if (isPermitted == null) {
            isPermitted = Boolean.valueOf(getAccessImpl().checkPermission(str));
            ACCESS_CACHE.cachePermission(null, str, isPermitted.booleanValue());
        }
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("checkPermission permission:{} --> {}", str, isPermitted);
        }
        return isPermitted.booleanValue();
    }

    public static void invalidPermissionCache(String str, String str2) {
        ACCESS_CACHE.removePermission(str, str2);
    }

    public static void invalidPermissionCache(String str) {
        invalidPermissionCache(null, str);
    }

    @Deprecated
    public static boolean checkPermissionForReadingDerivate(String str) {
        boolean checkPermission;
        MCRObjectID objectId = MCRMetadataManager.getObjectId(MCRObjectID.getInstance(str), 10L, TimeUnit.MINUTES);
        if (objectId != null) {
            checkPermission = checkPermission(objectId, PERMISSION_READ) && checkPermission(str, PERMISSION_READ);
        } else {
            checkPermission = checkPermission(str, PERMISSION_READ);
            LogManager.getLogger("MCRAccessManager.class").warn("no mcrobject could be found for derivate: {}", str);
        }
        return checkPermission;
    }

    public static Collection<String> getPermissionsForID(String str) {
        return getAccessImpl().getPermissionsForID(str);
    }

    public static Collection<String> getPermissionsForID(MCRObjectID mCRObjectID) {
        return getAccessImpl().getPermissionsForID(mCRObjectID.toString());
    }

    public static Element getTrueRule() {
        Element element = new Element("condition");
        element.setAttribute("format", "xml");
        Element element2 = new Element("boolean");
        element2.setAttribute("operator", "true");
        element.addContent(element2);
        return element;
    }

    public static Element getFalseRule() {
        Element element = new Element("condition");
        element.setAttribute("format", "xml");
        Element element2 = new Element("boolean");
        element2.setAttribute("operator", "false");
        element.addContent(element2);
        return element;
    }

    public static boolean hasRule(String str, String str2) {
        return getAccessImpl().hasRule(str, str2);
    }

    public static CompletableFuture<Boolean> checkPermission(MCRUserInformation mCRUserInformation, Supplier<Boolean> supplier) {
        return checkPermission(mCRUserInformation, supplier, EXECUTOR_SERVICE);
    }

    public static CompletableFuture<Boolean> checkPermission(MCRUserInformation mCRUserInformation, Supplier<Boolean> supplier, ExecutorService executorService) {
        return CompletableFuture.supplyAsync(getWrappedFixedUserCallable(mCRUserInformation, supplier), executorService);
    }

    private static Supplier<Boolean> getWrappedFixedUserCallable(MCRUserInformation mCRUserInformation, Supplier<Boolean> supplier) {
        Supplier supplier2 = () -> {
            try {
                Boolean bool = (Boolean) supplier.get();
                MCREntityManagerProvider.getCurrentEntityManager().clear();
                return bool;
            } catch (Throwable th) {
                MCREntityManagerProvider.getCurrentEntityManager().clear();
                throw th;
            }
        };
        Objects.requireNonNull(supplier2);
        MCRFixedUserCallable mCRFixedUserCallable = new MCRFixedUserCallable(supplier2::get, mCRUserInformation);
        return () -> {
            try {
                return (Boolean) mCRFixedUserCallable.call();
            } catch (Exception e) {
                LOGGER.error("Exception while running ACL check for user: {}", mCRUserInformation.getUserID(), e);
                return false;
            }
        };
    }

    static {
        MCRShutdownHandler mCRShutdownHandler = MCRShutdownHandler.getInstance();
        ExecutorService executorService = EXECUTOR_SERVICE;
        Objects.requireNonNull(executorService);
        mCRShutdownHandler.addCloseable(executorService::shutdownNow);
    }
}
