package org.mycore.access.facts;

import jakarta.inject.Singleton;
import java.io.File;
import java.io.IOException;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.TimeUnit;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.jdom2.Element;
import org.jdom2.output.Format;
import org.jdom2.output.XMLOutputter;
import org.mycore.access.MCRAccessInterface;
import org.mycore.access.facts.fact.MCRObjectIDFact;
import org.mycore.access.facts.fact.MCRStringFact;
import org.mycore.access.facts.model.MCRCombinedCondition;
import org.mycore.access.facts.model.MCRCondition;
import org.mycore.access.facts.model.MCRFact;
import org.mycore.access.facts.model.MCRFactComputable;
import org.mycore.access.strategies.MCRAccessCheckStrategy;
import org.mycore.backend.jpa.access.MCRACCESSPK_;
import org.mycore.common.MCRSessionMgr;
import org.mycore.common.MCRUserInformation;
import org.mycore.common.config.MCRConfiguration2;
import org.mycore.common.config.MCRConfigurationDir;
import org.mycore.common.config.annotation.MCRPostConstruction;
import org.mycore.common.config.annotation.MCRProperty;
import org.mycore.common.content.MCRJDOMContent;
import org.mycore.common.xml.MCRURIResolver;
import org.mycore.datamodel.classifications2.MCRCategoryDAOFactory;
import org.mycore.datamodel.classifications2.MCRCategoryID;
import org.mycore.datamodel.classifications2.impl.MCRCategoryLinkImpl_;
import org.mycore.datamodel.metadata.MCRMetadataManager;
import org.mycore.datamodel.metadata.MCRObjectID;

@Singleton
/* loaded from: input_file:org/mycore/access/facts/MCRFactsAccessSystem.class */
public class MCRFactsAccessSystem implements MCRAccessInterface, MCRAccessCheckStrategy {
    private static String RESOLVED_RULES_FILE_NAME = "rules.resolved.xml";
    protected static final Logger LOGGER = LogManager.getLogger();
    private MCRCondition rules;
    private Collection<MCRFactComputable<MCRFact<?>>> computers;
    private String rulesURI = MCRConfiguration2.getString("MCR.Access.RulesURI").orElse("resource:rules.xml");
    private Map<String, String> properties;

    @MCRPostConstruction
    public void init(String str) {
        this.rules = buildRulesFromXML();
        this.computers = buildComputersFromRules();
    }

    private Collection<MCRFactComputable<MCRFact<?>>> buildComputersFromRules() {
        HashMap hashMap = new HashMap();
        collectComputers(this.rules, hashMap);
        return hashMap.values();
    }

    private void collectComputers(MCRCondition mCRCondition, Map<String, MCRFactComputable<MCRFact<?>>> map) {
        if (mCRCondition instanceof MCRFactComputable) {
            MCRFactComputable<MCRFact<?>> mCRFactComputable = (MCRFactComputable) mCRCondition;
            if (!map.containsKey(mCRFactComputable.getFactName())) {
                map.put(mCRFactComputable.getFactName(), mCRFactComputable);
            }
        }
        if (mCRCondition instanceof MCRCombinedCondition) {
            ((MCRCombinedCondition) mCRCondition).getChildConditions().forEach(mCRCondition2 -> {
                collectComputers(mCRCondition2, map);
            });
        }
    }

    @MCRProperty(name = "RulesURI", required = false)
    public void setRulesURI(String str) {
        this.rulesURI = str;
    }

    public Map<String, String> getProperties() {
        return this.properties;
    }

    @MCRProperty(name = "*")
    public void setProperties(Map<String, String> map) {
        this.properties = map;
    }

    private MCRCondition buildRulesFromXML() {
        File configFile;
        Element resolve = MCRURIResolver.instance().resolve(this.rulesURI);
        Objects.requireNonNull(resolve, "The rulesURI " + this.rulesURI + " resolved to null!");
        MCRJDOMContent mCRJDOMContent = new MCRJDOMContent(resolve);
        try {
            configFile = MCRConfigurationDir.getConfigFile(RESOLVED_RULES_FILE_NAME);
        } catch (IOException e) {
            LOGGER.error("Could not write file '" + RESOLVED_RULES_FILE_NAME + "' to config directory", e);
            LOGGER.info("Rules file is: \n" + new XMLOutputter(Format.getPrettyFormat()).outputString(resolve));
        }
        if (configFile == null) {
            throw new IOException("MCRConfigurationDir is not available!");
        }
        mCRJDOMContent.sendTo(configFile);
        return MCRFactsAccessSystemHelper.parse(resolve);
    }

    @Override // org.mycore.access.MCRAccessInterface
    public boolean checkPermission(String str, String str2) {
        return checkPermission(str, str2, MCRSessionMgr.getCurrentSession().getUserInformation());
    }

    @Override // org.mycore.access.MCRAccessInterface
    public boolean checkPermissionForUser(String str, MCRUserInformation mCRUserInformation) {
        return false;
    }

    public boolean checkPermission(String str, String str2, List<MCRFact> list) {
        String str3;
        String str4;
        boolean matches;
        String replaceAll = str2.replaceAll("db$", "");
        MCRFactsHolder mCRFactsHolder = new MCRFactsHolder(this.computers);
        Objects.requireNonNull(mCRFactsHolder);
        list.forEach(mCRFactsHolder::add);
        if (str == null) {
            str4 = replaceAll;
        } else {
            if (str.startsWith("webpage")) {
                str3 = "webpage";
            } else if (str.startsWith("solr")) {
                str3 = "solr";
            } else if (isCategory(str)) {
                str3 = MCRCategoryLinkImpl_.CATEGORY;
            } else if (MCRObjectID.isValid(str)) {
                MCRObjectID mCRObjectID = MCRObjectID.getInstance(str);
                str3 = "derivate".equals(mCRObjectID.getTypeId()) ? "files" : "metadata";
                if (!MCRMetadataManager.exists(mCRObjectID)) {
                    LOGGER.debug("There is no object or derivate with id " + mCRObjectID + " in metadata store");
                } else if ("derivate".equals(mCRObjectID.getTypeId())) {
                    mCRFactsHolder.add(new MCRObjectIDFact("derid", str, mCRObjectID));
                    MCRObjectID objectId = MCRMetadataManager.getObjectId(mCRObjectID, 10L, TimeUnit.MINUTES);
                    if (objectId != null) {
                        mCRFactsHolder.add(new MCRObjectIDFact(MCRACCESSPK_.OBJID, str, objectId));
                    }
                } else {
                    mCRFactsHolder.add(new MCRObjectIDFact(MCRACCESSPK_.OBJID, str, mCRObjectID));
                }
            } else {
                str3 = "unknown";
            }
            str4 = replaceAll + " " + str + " " + str3;
            mCRFactsHolder.add(new MCRStringFact("id", str));
            mCRFactsHolder.add(new MCRStringFact("target", str3));
        }
        mCRFactsHolder.add(new MCRStringFact("action", replaceAll));
        LOGGER.debug("Testing {} ", str4);
        if (LOGGER.isDebugEnabled()) {
            MCRCondition buildRulesFromXML = buildRulesFromXML();
            matches = buildRulesFromXML.matches(mCRFactsHolder);
            LOGGER.debug("Facts are: {}", mCRFactsHolder);
            LOGGER.debug(new XMLOutputter(Format.getPrettyFormat()).outputString(buildRulesFromXML.getBoundElement()));
        } else {
            matches = this.rules.matches(mCRFactsHolder);
        }
        LOGGER.info("Checked permission to {} := {}", str4, Boolean.valueOf(matches));
        return matches;
    }

    private boolean isCategory(String str) {
        if (!MCRCategoryID.isValid(str)) {
            return false;
        }
        try {
            return MCRCategoryDAOFactory.getInstance().exist(MCRCategoryID.fromString(str));
        } catch (IllegalArgumentException e) {
            return false;
        }
    }

    @Override // org.mycore.access.MCRAccessInterface
    public boolean checkPermission(String str, String str2, MCRUserInformation mCRUserInformation) {
        return checkPermission(str, str2, Collections.emptyList());
    }

    @Override // org.mycore.access.MCRAccessInterface
    public boolean checkPermission(String str) {
        return checkPermission(null, str);
    }
}
