package prerna.auth.utils;

import java.sql.SQLException;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import prerna.auth.AccessPermission;
import prerna.auth.AuthProvider;
import prerna.auth.User;
import prerna.ds.util.RdbmsQueryBuilder;
import prerna.engine.api.IRawSelectWrapper;
import prerna.engine.impl.InsightAdministrator;
import prerna.rdf.engine.wrappers.WrapperManager;
import prerna.sablecc.RemoteRdbmsQueryApiReactor;
import prerna.ui.components.MapComboBoxRenderer;
import prerna.util.Utility;

/* loaded from: input_file:WEB-INF/lib/semoss-3.6.0.jar:prerna/auth/utils/SecurityAdminUtils.class */
public class SecurityAdminUtils extends AbstractSecurityUtils {
    private static SecurityAdminUtils instance = new SecurityAdminUtils();

    private SecurityAdminUtils() {
    }

    public static SecurityAdminUtils getInstance(User user) {
        if (user != null && userIsAdmin(user).booleanValue()) {
            return instance;
        }
        return null;
    }

    public static Boolean userIsAdmin(User user) {
        IRawSelectWrapper rawWrapper = WrapperManager.getInstance().getRawWrapper(securityDb, "SELECT * FROM USER WHERE ADMIN=TRUE AND ID IN " + getUserFilters(user) + " LIMIT 1;");
        try {
            Boolean valueOf = Boolean.valueOf(rawWrapper.hasNext());
            rawWrapper.cleanUp();
            return valueOf;
        } catch (Throwable th) {
            rawWrapper.cleanUp();
            throw th;
        }
    }

    public List<Map<String, Object>> getAllUsers() throws IllegalArgumentException {
        return getSimpleQuery("SELECT ID, NAME, USERNAME, EMAIL, TYPE, ADMIN, PUBLISHER FROM USER ORDER BY NAME, TYPE");
    }

    public boolean editUser(Map<String, Object> map) {
        String obj = map.remove(MapComboBoxRenderer.KEY).toString();
        if (obj == null || obj.toString().isEmpty()) {
            throw new IllegalArgumentException("Must define which user we are editing");
        }
        String obj2 = map.get("name") != null ? map.get("name").toString() : "";
        String obj3 = map.get("email") != null ? map.get("email").toString() : "";
        String obj4 = map.get(RemoteRdbmsQueryApiReactor.PASSWORD_KEY) != null ? map.get(RemoteRdbmsQueryApiReactor.PASSWORD_KEY).toString() : "";
        if (SecurityQueryUtils.isUserType(obj, AuthProvider.NATIVE).booleanValue() && SecurityQueryUtils.checkUserExist(obj2, obj3)) {
            throw new IllegalArgumentException("The user name or email already exist");
        }
        String str = "";
        if (obj3 != null && !obj3.isEmpty()) {
            str = validEmail(obj3);
        }
        if (obj4 != null && !obj4.isEmpty()) {
            str = str + validPassword(obj4);
            if (str.isEmpty()) {
                String generateSalt = SecurityQueryUtils.generateSalt();
                map.put(RemoteRdbmsQueryApiReactor.PASSWORD_KEY, SecurityQueryUtils.hash(obj4, generateSalt));
                map.put("salt", generateSalt);
            }
        }
        if (str != null && !str.isEmpty()) {
            throw new IllegalArgumentException(str);
        }
        boolean z = true;
        StringBuilder sb = new StringBuilder("UPDATE USER SET ");
        for (String str2 : map.keySet()) {
            Object obj5 = map.get(str2);
            if (obj5 != null && !obj5.toString().isEmpty()) {
                if (!z) {
                    sb.append(", ");
                }
                sb.append(str2).append(" = '").append(RdbmsQueryBuilder.escapeForSQLStatement(obj5.toString())).append("'");
                z = false;
            }
        }
        sb.append(" WHERE ID='").append(obj).append("'");
        if (securityDb.execUpdateAndRetrieveStatement(sb.toString(), true) == null) {
            return false;
        }
        securityDb.commit();
        return true;
    }

    public boolean deleteUser(String str) {
        Iterator<String> it = SecurityQueryUtils.getGroupsOwnedByUser(str).iterator();
        while (it.hasNext()) {
            removeGroup(str, it.next());
        }
        securityDb.execUpdateAndRetrieveStatement("DELETE FROM ENGINEPERMISSION WHERE USERID = '?1'; DELETE FROM GROUPMEMBERS WHERE USERID = '?1'; DELETE FROM USER WHERE ID = '?1';".replace("?1", RdbmsQueryBuilder.escapeForSQLStatement(str)), true);
        securityDb.commit();
        return true;
    }

    public boolean setDbGlobal(String str, boolean z) {
        securityDb.execUpdateAndRetrieveStatement("UPDATE ENGINE SET GLOBAL = " + z + " WHERE ENGINEID ='" + str + "';", true);
        securityDb.commit();
        return true;
    }

    public List<Map<String, Object>> getAllUserDatabaseSettings() {
        return flushRsToMap(WrapperManager.getInstance().getRawWrapper(securityDb, "SELECT DISTINCT ENGINE.ENGINEID as \"app_id\", ENGINE.ENGINENAME as \"app_name\", LOWER(ENGINE.ENGINENAME) as \"low_app_name\", ENGINE.GLOBAL as \"app_global\" FROM ENGINE ORDER BY LOWER(ENGINE.ENGINENAME)"));
    }

    private Boolean removeGroup(String str, String str2) {
        securityDb.execUpdateAndRetrieveStatement("DELETE FROM GROUPENGINEPERMISSION WHERE GROUPENGINEPERMISSION.GROUPID IN (SELECT USERGROUP.GROUPID FROM USERGROUP WHERE USERGROUP.GROUPID='" + str2 + "'); DELETE FROM GROUPMEMBERS WHERE GROUPMEMBERS.GROUPID IN (SELECT USERGROUP.GROUPID FROM USERGROUP WHERE USERGROUP.GROUPID='" + str2 + "'); DELETE FROM USERGROUP WHERE USERGROUP.GROUPID='" + str2 + "';", true);
        securityDb.commit();
        return true;
    }

    public List<Map<String, Object>> getAppInsights(String str) {
        return flushRsToMap(WrapperManager.getInstance().getRawWrapper(securityDb, "SELECT ENGINEID AS \"app_id\", INSIGHTID AS \"app_insight_id\", INSIGHTNAME as \"name\", GLOBAL as \"insight_global\", EXECUTIONCOUNT as \"exec_count\", CREATEDON  as \"created_on\", LASTMODIFIEDON as \"last_modified_on\", CACHEABLE as \"cacheable\" FROM INSIGHT WHERE ENGINEID='" + str + "'"));
    }

    public void deleteAppInsights(String str, List<String> list) throws Exception {
        new InsightAdministrator(Utility.getEngine(str).getInsightDatabase()).dropInsight(list);
        String createFilter = createFilter(list);
        securityDb.insertData(("DELETE FROM INSIGHT WHERE INSIGHTID " + createFilter + " AND ENGINEID='" + str + "';") + "DELETE FROM USERINSIGHTPERMISSION  WHERE INSIGHTID " + createFilter + " AND ENGINEID='" + str + "'");
        securityDb.commit();
    }

    public List<Map<String, Object>> getInsightUsers(String str, String str2) throws IllegalAccessException {
        return flushRsToMap(WrapperManager.getInstance().getRawWrapper(securityDb, "SELECT USER.ID AS \"id\", USER.NAME AS \"name\", PERMISSION.NAME AS \"permission\" FROM USER INNER JOIN USERINSIGHTPERMISSION ON (USER.ID = USERINSIGHTPERMISSION.USERID) INNER JOIN PERMISSION ON (USERINSIGHTPERMISSION.PERMISSION = PERMISSION.ID) WHERE USERINSIGHTPERMISSION.ENGINEID='" + str + "' AND USERINSIGHTPERMISSION.INSIGHTID='" + str2 + "'"));
    }

    public void addInsightUser(String str, String str2, String str3, String str4) {
        if (SecurityInsightUtils.getUserInsightPermission(str, str2, str3) != null) {
            throw new IllegalArgumentException("This user already has access to this insight. Please edit the existing permission level.");
        }
        try {
            securityDb.insertData("INSERT INTO USERINSIGHTPERMISSION (USERID, ENGINEID, INSIGHTID, PERMISSION) VALUES('" + RdbmsQueryBuilder.escapeForSQLStatement(str) + "', '" + RdbmsQueryBuilder.escapeForSQLStatement(str2) + "', '" + RdbmsQueryBuilder.escapeForSQLStatement(str3) + "', " + AccessPermission.getIdByPermission(str4) + ");");
        } catch (SQLException e) {
            e.printStackTrace();
            throw new IllegalArgumentException("An error occured adding user permissions for this insight");
        }
    }

    public void editInsightUserPermission(String str, String str2, String str3, String str4) {
        if (SecurityInsightUtils.getUserInsightPermission(str, str2, str3) == null) {
            throw new IllegalArgumentException("Attempting to modify user permission for a user who does not currently have access to the insight");
        }
        try {
            securityDb.insertData("UPDATE USERINSIGHTPERMISSION SET PERMISSION=" + AccessPermission.getIdByPermission(str4) + " WHERE USERID='" + RdbmsQueryBuilder.escapeForSQLStatement(str) + "' AND ENGINEID='" + RdbmsQueryBuilder.escapeForSQLStatement(str2) + "' AND INSIGHTID='" + RdbmsQueryBuilder.escapeForSQLStatement(str3) + "';");
        } catch (SQLException e) {
            e.printStackTrace();
            throw new IllegalArgumentException("An error occured adding user permissions for this insight");
        }
    }

    public void removeInsightUser(String str, String str2, String str3) {
        if (SecurityInsightUtils.getUserInsightPermission(str, str2, str3) == null) {
            throw new IllegalArgumentException("Attempting to modify user permission for a user who does not currently have access to the insight");
        }
        try {
            securityDb.insertData("DELETE FROM USERINSIGHTPERMISSION WHERE USERID='" + RdbmsQueryBuilder.escapeForSQLStatement(str) + "' AND ENGINEID='" + RdbmsQueryBuilder.escapeForSQLStatement(str2) + "' AND INSIGHTID='" + RdbmsQueryBuilder.escapeForSQLStatement(str3) + "';");
        } catch (SQLException e) {
            e.printStackTrace();
            throw new IllegalArgumentException("An error occured adding user permissions for this insight");
        }
    }

    public void setInsightGlobalWithinApp(String str, String str2, boolean z) {
        try {
            securityDb.insertData("UPDATE INSIGHT SET GLOBAL=" + z + " WHERE ENGINEID ='" + str + "' AND INSIGHTID='" + str2 + "';");
        } catch (SQLException e) {
            e.printStackTrace();
            throw new IllegalArgumentException("An error occured setting this insight global");
        }
    }

    public void setUserPublisher(String str, boolean z) {
        try {
            securityDb.insertData("UPDATE USER SET PUBLISHER=" + z + " WHERE ID ='" + RdbmsQueryBuilder.escapeForSQLStatement(str) + "';");
        } catch (SQLException e) {
            e.printStackTrace();
            throw new IllegalArgumentException("An error occured setting this insight global");
        }
    }
}
