package org.sakaiproject.metaobj.security.mgt.impl;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.sakaiproject.authz.api.AuthzGroup;
import org.sakaiproject.authz.api.GroupNotDefinedException;
import org.sakaiproject.authz.api.Role;
import org.sakaiproject.authz.cover.AuthzGroupService;
import org.sakaiproject.metaobj.security.Authorization;
import org.sakaiproject.metaobj.security.AuthorizationFacade;
import org.sakaiproject.metaobj.security.mgt.PermissionManager;
import org.sakaiproject.metaobj.security.mgt.ToolPermissionManager;
import org.sakaiproject.metaobj.security.model.Permission;
import org.sakaiproject.metaobj.security.model.PermissionsEdit;
import org.sakaiproject.metaobj.shared.mgt.AgentManager;
import org.sakaiproject.metaobj.shared.model.Agent;
import org.sakaiproject.metaobj.shared.model.Id;
import org.sakaiproject.metaobj.shared.model.OspException;
import org.sakaiproject.metaobj.shared.model.OspRole;
import org.sakaiproject.site.api.Site;

/* loaded from: input_file:WEB-INF/lib/sakai-metaobj-tool-lib-dev.jar:org/sakaiproject/metaobj/security/mgt/impl/PermissionManagerImpl.class */
public class PermissionManagerImpl implements PermissionManager {
    protected final transient Log logger = LogFactory.getLog(getClass());
    private AgentManager agentManager;
    private AuthorizationFacade authzManager;
    private Map tools;

    @Override // org.sakaiproject.metaobj.security.mgt.PermissionManager
    public List getWorksiteRoles(PermissionsEdit permissionsEdit) {
        try {
            AuthzGroup authzGroup = AuthzGroupService.getAuthzGroup("/site/" + permissionsEdit.getSiteId());
            authzGroup.getRoles();
            ArrayList arrayList = new ArrayList();
            arrayList.addAll(authzGroup.getRoles());
            return arrayList;
        } catch (GroupNotDefinedException e) {
            this.logger.error("", e);
            throw new OspException(e);
        }
    }

    @Override // org.sakaiproject.metaobj.security.mgt.PermissionManager
    public PermissionsEdit fillPermissions(PermissionsEdit permissionsEdit) {
        permissionsEdit.setPermissions(new ArrayList());
        PermissionsEdit fillPermissionsInternal = fillPermissionsInternal(permissionsEdit, permissionsEdit.getQualifier(), false);
        Iterator it = getToolManager(fillPermissionsInternal).getReadOnlyQualifiers(fillPermissionsInternal).iterator();
        while (it.hasNext()) {
            fillPermissionsInternal(fillPermissionsInternal, (Id) it.next(), true);
        }
        return fillPermissionsInternal;
    }

    protected PermissionsEdit fillPermissionsInternal(PermissionsEdit permissionsEdit, Id id, boolean z) {
        try {
            Iterator it = AuthzGroupService.getAuthzGroup("/site/" + permissionsEdit.getSiteId()).getRoles().iterator();
            while (it.hasNext()) {
                Agent worksiteRole = getAgentManager().getWorksiteRole(((Role) it.next()).getId(), permissionsEdit.getSiteId());
                Iterator it2 = getAuthzManager().getAuthorizations(worksiteRole, (String) null, id).iterator();
                while (it2.hasNext()) {
                    permissionsEdit.getPermissions().add(new Permission(worksiteRole, ((Authorization) it2.next()).getFunction(), z));
                }
            }
            return permissionsEdit;
        } catch (GroupNotDefinedException e) {
            this.logger.error("", e);
            throw new OspException(e);
        }
    }

    @Override // org.sakaiproject.metaobj.security.mgt.PermissionManager
    public void updatePermissions(PermissionsEdit permissionsEdit) {
        AuthorizationFacade authzManager = getAuthzManager();
        List<Permission> permissions = fillPermissions((PermissionsEdit) permissionsEdit.clone()).getPermissions();
        for (Permission permission : permissionsEdit.getPermissions()) {
            if (permissions.contains(permission)) {
                permissions.remove(permission);
            } else if (!permission.isReadOnly()) {
                authzManager.createAuthorization(permission.getAgent(), permission.getFunction(), permissionsEdit.getQualifier());
            }
        }
        for (Permission permission2 : permissions) {
            authzManager.deleteAuthorization(permission2.getAgent(), permission2.getFunction(), permissionsEdit.getQualifier());
        }
    }

    @Override // org.sakaiproject.metaobj.security.mgt.PermissionManager
    public void duplicatePermissions(Id id, Id id2, Site site) {
        AuthorizationFacade authzManager = getAuthzManager();
        for (Authorization authorization : authzManager.getAuthorizations((Agent) null, (String) null, id)) {
            Agent agent = authorization.getAgent();
            if (site != null && (agent instanceof OspRole)) {
                agent = getAgentManager().getTempWorksiteRole(((OspRole) agent).getRoleName(), site.getId());
            }
            if (agent != null) {
                authzManager.createAuthorization(agent, authorization.getFunction(), id2);
            }
        }
    }

    @Override // org.sakaiproject.metaobj.security.mgt.PermissionManager
    public List getAppFunctions(PermissionsEdit permissionsEdit) {
        return getToolManager(permissionsEdit).getFunctions(permissionsEdit);
    }

    protected ToolPermissionManager getToolManager(PermissionsEdit permissionsEdit) {
        return (ToolPermissionManager) getTools().get(permissionsEdit.getName());
    }

    public AgentManager getAgentManager() {
        return this.agentManager;
    }

    public void setAgentManager(AgentManager agentManager) {
        this.agentManager = agentManager;
    }

    public AuthorizationFacade getAuthzManager() {
        return this.authzManager;
    }

    public void setAuthzManager(AuthorizationFacade authorizationFacade) {
        this.authzManager = authorizationFacade;
    }

    public Map getTools() {
        return this.tools;
    }

    public void setTools(Map map) {
        this.tools = map;
    }
}
