package org.jabylon.rest.ui.wicket.config.sections.security;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;
import org.apache.wicket.Component;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.ajax.form.AjaxFormComponentUpdatingBehavior;
import org.apache.wicket.ajax.markup.html.form.AjaxButton;
import org.apache.wicket.behavior.Behavior;
import org.apache.wicket.markup.html.WebMarkupContainer;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.html.form.DropDownChoice;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.markup.repeater.Item;
import org.apache.wicket.markup.repeater.RefreshingView;
import org.apache.wicket.markup.repeater.util.ModelIteratorAdapter;
import org.apache.wicket.model.CompoundPropertyModel;
import org.apache.wicket.model.IModel;
import org.apache.wicket.request.mapper.parameter.PageParameters;
import org.eclipse.emf.cdo.util.CommitException;
import org.eclipse.emf.common.util.EList;
import org.jabylon.common.resolver.URIResolver;
import org.jabylon.properties.Project;
import org.jabylon.rest.ui.model.EObjectModel;
import org.jabylon.rest.ui.security.RestrictedComponent;
import org.jabylon.rest.ui.wicket.BasicPanel;
import org.jabylon.rest.ui.wicket.components.UserImagePanel;
import org.jabylon.rest.ui.wicket.config.AbstractConfigSection;
import org.jabylon.security.CommonPermissions;
import org.jabylon.users.Permission;
import org.jabylon.users.Role;
import org.jabylon.users.User;
import org.jabylon.users.UserManagement;
import org.jabylon.users.UsersFactory;
import org.osgi.service.prefs.Preferences;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jabylon/rest/ui/wicket/config/sections/security/ProjectPermissionsConfigSection.class */
public class ProjectPermissionsConfigSection extends BasicPanel<Project> implements RestrictedComponent {
    private static final long serialVersionUID = 1;
    private static final Logger logger = LoggerFactory.getLogger(ProjectPermissionsConfigSection.class);

    @Inject
    private URIResolver resolver;
    private IModel<UserManagement> userManagement;
    private List<UserPermission> userPermissions;
    private List<IModel<User>> assignableUsers;
    private List<RolePermission> rolePermissions;
    private List<IModel<Role>> assignableRoles;

    /* loaded from: input_file:org/jabylon/rest/ui/wicket/config/sections/security/ProjectPermissionsConfigSection$ProjectPermissionsConfigSectionContributor.class */
    public static class ProjectPermissionsConfigSectionContributor extends AbstractConfigSection<Project> {
        private static final long serialVersionUID = 1;
        private ProjectPermissionsConfigSection projectPermissionsConfigSection;

        @Override // org.jabylon.rest.ui.wicket.config.AbstractConfigSection
        public WebMarkupContainer doCreateContents(String str, IModel<Project> iModel, Preferences preferences) {
            this.projectPermissionsConfigSection = new ProjectPermissionsConfigSection(str, iModel, new PageParameters());
            return this.projectPermissionsConfigSection;
        }

        @Override // org.jabylon.rest.ui.wicket.config.ConfigSection
        public void commit(IModel<Project> iModel, Preferences preferences) {
            this.projectPermissionsConfigSection.commit();
        }

        @Override // org.jabylon.rest.ui.security.RestrictedComponent
        public String getRequiredPermission() {
            String str = null;
            if (getDomainObject() != null) {
                str = getDomainObject().getName();
            }
            return CommonPermissions.constructPermissionName("Project", str, "config");
        }
    }

    public ProjectPermissionsConfigSection(String str, IModel<Project> iModel, PageParameters pageParameters) {
        super(str, iModel, pageParameters);
    }

    @Override // org.jabylon.rest.ui.wicket.BasicPanel
    protected void preConstruct() {
        Object resolve = this.resolver.resolve("security");
        if (resolve instanceof UserManagement) {
            this.userManagement = new EObjectModel((UserManagement) resolve);
            this.assignableUsers = new ArrayList();
            this.userPermissions = createUserPermissions((Project) getModel().getObject(), (UserManagement) this.userManagement.getObject(), this.assignableUsers);
            this.assignableRoles = new ArrayList();
            this.rolePermissions = createRolePermissions((Project) getModel().getObject(), (UserManagement) this.userManagement.getObject(), this.assignableRoles);
        }
    }

    private List<UserPermission> createUserPermissions(Project project, UserManagement userManagement, List<IModel<User>> list) {
        EList<User> users = userManagement.getUsers();
        ArrayList arrayList = new ArrayList();
        for (User user : users) {
            boolean hasPermission = user.hasPermission("*");
            PermissionSetting permissionSetting = PermissionSetting.NONE;
            Iterator it = user.getPermissions().iterator();
            while (it.hasNext()) {
                String name = ((Permission) it.next()).getName();
                if (name.startsWith(CommonPermissions.constructPermission(new String[]{"Project", project.getName()}))) {
                    if (name.endsWith("edit")) {
                        permissionSetting = PermissionSetting.values()[Math.max(permissionSetting.ordinal(), PermissionSetting.EDIT.ordinal())];
                    }
                    permissionSetting = name.endsWith("suggest") ? PermissionSetting.values()[Math.max(permissionSetting.ordinal(), PermissionSetting.SUGGEST.ordinal())] : name.endsWith("view") ? PermissionSetting.values()[Math.max(permissionSetting.ordinal(), PermissionSetting.READ.ordinal())] : PermissionSetting.CONFIG;
                    hasPermission = true;
                }
            }
            if (permissionSetting != PermissionSetting.NONE) {
                arrayList.add(new UserPermission(new EObjectModel(user), permissionSetting));
            }
            if (!hasPermission) {
                list.add(new EObjectModel(user));
            }
        }
        return arrayList;
    }

    private List<RolePermission> createRolePermissions(Project project, UserManagement userManagement, List<IModel<Role>> list) {
        EList<Role> roles = userManagement.getRoles();
        ArrayList arrayList = new ArrayList();
        for (Role role : roles) {
            boolean hasPermission = hasPermission(role, "*");
            PermissionSetting permissionSetting = PermissionSetting.NONE;
            Iterator it = role.getPermissions().iterator();
            while (it.hasNext()) {
                String name = ((Permission) it.next()).getName();
                if (name.startsWith(CommonPermissions.constructPermission(new String[]{"Project", project.getName()}))) {
                    permissionSetting = name.endsWith("edit") ? PermissionSetting.values()[Math.max(permissionSetting.ordinal(), PermissionSetting.EDIT.ordinal())] : name.endsWith("suggest") ? PermissionSetting.values()[Math.max(permissionSetting.ordinal(), PermissionSetting.SUGGEST.ordinal())] : name.endsWith("view") ? PermissionSetting.values()[Math.max(permissionSetting.ordinal(), PermissionSetting.READ.ordinal())] : PermissionSetting.CONFIG;
                    hasPermission = true;
                }
            }
            if (permissionSetting != PermissionSetting.NONE) {
                arrayList.add(new RolePermission(new EObjectModel(role), permissionSetting));
            }
            if (!hasPermission) {
                list.add(new EObjectModel(role));
            }
        }
        return arrayList;
    }

    private boolean hasPermission(Role role, String str) {
        Iterator it = role.getAllPermissions().iterator();
        while (it.hasNext()) {
            if (((Permission) it.next()).getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    protected void onDetach() {
        if (this.userManagement != null) {
            this.userManagement.detach();
        }
        if (this.assignableUsers != null) {
            Iterator<IModel<User>> it = this.assignableUsers.iterator();
            while (it.hasNext()) {
                it.next().detach();
            }
        }
        if (this.assignableRoles != null) {
            Iterator<IModel<Role>> it2 = this.assignableRoles.iterator();
            while (it2.hasNext()) {
                it2.next().detach();
            }
        }
        super.onDetach();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jabylon.rest.ui.wicket.BasicPanel
    public void construct() {
        setOutputMarkupId(true);
        add(new Component[]{new RefreshingView<RolePermission>("rolePermissionRow") { // from class: org.jabylon.rest.ui.wicket.config.sections.security.ProjectPermissionsConfigSection.1
            private static final long serialVersionUID = 1;

            protected Iterator<IModel<RolePermission>> getItemModels() {
                return new ModelIteratorAdapter<RolePermission>(ProjectPermissionsConfigSection.this.rolePermissions.iterator()) { // from class: org.jabylon.rest.ui.wicket.config.sections.security.ProjectPermissionsConfigSection.1.1
                    /* JADX INFO: Access modifiers changed from: protected */
                    public IModel<RolePermission> model(RolePermission rolePermission) {
                        return new CompoundPropertyModel(rolePermission);
                    }
                };
            }

            protected void populateItem(Item<RolePermission> item) {
                item.add(new Component[]{new Label("registrant", ((Role) ((RolePermission) item.getModelObject()).getRegistrant().getObject()).getName())});
                final Component dropDownChoice = new DropDownChoice("permission", Arrays.asList(PermissionSetting.values()), new PermissionSettingRenderer());
                dropDownChoice.setOutputMarkupId(true);
                dropDownChoice.add(new Behavior[]{new AjaxFormComponentUpdatingBehavior("onchange") { // from class: org.jabylon.rest.ui.wicket.config.sections.security.ProjectPermissionsConfigSection.1.2
                    private static final long serialVersionUID = 1;

                    protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
                        ajaxRequestTarget.add(new Component[]{dropDownChoice});
                    }
                }});
                item.add(new Component[]{dropDownChoice});
            }
        }});
        addAddRolePermissionForm(this.assignableRoles);
        add(new Component[]{new RefreshingView<UserPermission>("userPermissionRow") { // from class: org.jabylon.rest.ui.wicket.config.sections.security.ProjectPermissionsConfigSection.2
            private static final long serialVersionUID = 1;

            protected Iterator<IModel<UserPermission>> getItemModels() {
                return new ModelIteratorAdapter<UserPermission>(ProjectPermissionsConfigSection.this.userPermissions.iterator()) { // from class: org.jabylon.rest.ui.wicket.config.sections.security.ProjectPermissionsConfigSection.2.1
                    /* JADX INFO: Access modifiers changed from: protected */
                    public IModel<UserPermission> model(UserPermission userPermission) {
                        return new CompoundPropertyModel(userPermission);
                    }
                };
            }

            protected void populateItem(Item<UserPermission> item) {
                item.add(new Component[]{new UserImagePanel("registrant", ((UserPermission) item.getModelObject()).getRegistrant())});
                final Component dropDownChoice = new DropDownChoice("permission", Arrays.asList(PermissionSetting.values()), new PermissionSettingRenderer());
                dropDownChoice.setOutputMarkupId(true);
                dropDownChoice.add(new Behavior[]{new AjaxFormComponentUpdatingBehavior("onchange") { // from class: org.jabylon.rest.ui.wicket.config.sections.security.ProjectPermissionsConfigSection.2.2
                    private static final long serialVersionUID = 1;

                    protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
                        ajaxRequestTarget.add(new Component[]{dropDownChoice});
                    }
                }});
                item.add(new Component[]{dropDownChoice});
            }
        }});
        addAddPermissionForm(this.assignableUsers);
    }

    protected void commit() {
        UserManagement userManagement = (UserManagement) this.resolver.resolveWithTransaction(((UserManagement) this.userManagement.getObject()).cdoID());
        for (UserPermission userPermission : this.userPermissions) {
            User object = userManagement.cdoView().getObject((User) userPermission.getRegistrant().getObject());
            String constructPermission = CommonPermissions.constructPermission(new String[]{"Project", ((Project) getModel().getObject()).getName()});
            Iterator it = object.getPermissions().iterator();
            while (it.hasNext()) {
                if (((Permission) it.next()).getName().startsWith(constructPermission)) {
                    it.remove();
                }
            }
            PermissionSetting permission = userPermission.getPermission();
            if (permission != PermissionSetting.NONE) {
                object.getPermissions().add(getOrCreatePermission(CommonPermissions.constructPermissionName("Project", ((Project) getModel().getObject()).getName(), permission.getPermissionName()), userManagement));
            }
        }
        for (RolePermission rolePermission : this.rolePermissions) {
            Role object2 = userManagement.cdoView().getObject((Role) rolePermission.getRegistrant().getObject());
            String constructPermission2 = CommonPermissions.constructPermission(new String[]{"Project", ((Project) getModel().getObject()).getName()});
            Iterator it2 = object2.getPermissions().iterator();
            while (it2.hasNext()) {
                if (((Permission) it2.next()).getName().startsWith(constructPermission2)) {
                    it2.remove();
                }
            }
            PermissionSetting permission2 = rolePermission.getPermission();
            if (permission2 != PermissionSetting.NONE) {
                object2.getPermissions().add(getOrCreatePermission(CommonPermissions.constructPermissionName("Project", ((Project) getModel().getObject()).getName(), permission2.getPermissionName()), userManagement));
            }
        }
        try {
            userManagement.cdoView().commit();
        } catch (CommitException e) {
            logger.error("Failed to commit new permission settings", e);
        }
    }

    private Permission getOrCreatePermission(String str, UserManagement userManagement) {
        Permission findPermissionByName = userManagement.findPermissionByName(str);
        if (findPermissionByName == null) {
            findPermissionByName = UsersFactory.eINSTANCE.createPermission();
            userManagement.getPermissions().add(findPermissionByName);
            findPermissionByName.setName(str);
        }
        return findPermissionByName;
    }

    private void addAddPermissionForm(final List<IModel<User>> list) {
        Form form = new Form("addUserPermissionForm", new CompoundPropertyModel(new UserPermission()));
        Component dropDownChoice = new DropDownChoice("registrant", list, new UserRenderer());
        form.add(new Component[]{dropDownChoice});
        form.add(new Component[]{new DropDownChoice("permission", Arrays.asList(PermissionSetting.values()), new PermissionSettingRenderer())});
        form.add(new Component[]{new AjaxButton("addPermissionButton", form) { // from class: org.jabylon.rest.ui.wicket.config.sections.security.ProjectPermissionsConfigSection.3
            private static final long serialVersionUID = 1;

            protected void onSubmit(AjaxRequestTarget ajaxRequestTarget, Form<?> form2) {
                UserPermission userPermission = (UserPermission) form2.getModel().getObject();
                if (userPermission.getPermission() == null) {
                    return;
                }
                ProjectPermissionsConfigSection.this.userPermissions.add(new UserPermission(userPermission.getRegistrant(), userPermission.getPermission()));
                Collections.sort(ProjectPermissionsConfigSection.this.userPermissions);
                list.remove(userPermission.getRegistrant());
                ajaxRequestTarget.add(new Component[]{ProjectPermissionsConfigSection.this});
            }
        }});
        if (list.isEmpty()) {
            form.setVisible(false);
        } else {
            dropDownChoice.setDefaultModelObject(list.get(0));
        }
        add(new Component[]{form});
    }

    private void addAddRolePermissionForm(final List<IModel<Role>> list) {
        Form form = new Form("addRolePermissionForm", new CompoundPropertyModel(new RolePermission()));
        Component dropDownChoice = new DropDownChoice("registrant", list, new RoleRenderer());
        form.add(new Component[]{dropDownChoice});
        form.add(new Component[]{new DropDownChoice("permission", Arrays.asList(PermissionSetting.values()), new PermissionSettingRenderer())});
        form.add(new Component[]{new AjaxButton("addPermissionButton", form) { // from class: org.jabylon.rest.ui.wicket.config.sections.security.ProjectPermissionsConfigSection.4
            private static final long serialVersionUID = 1;

            protected void onSubmit(AjaxRequestTarget ajaxRequestTarget, Form<?> form2) {
                RolePermission rolePermission = (RolePermission) form2.getModel().getObject();
                if (rolePermission.getPermission() == null) {
                    return;
                }
                ProjectPermissionsConfigSection.this.rolePermissions.add(new RolePermission(rolePermission.getRegistrant(), rolePermission.getPermission()));
                Collections.sort(ProjectPermissionsConfigSection.this.rolePermissions);
                list.remove(rolePermission.getRegistrant());
                ajaxRequestTarget.add(new Component[]{ProjectPermissionsConfigSection.this});
            }
        }});
        if (list.isEmpty()) {
            form.setVisible(false);
        } else {
            dropDownChoice.setDefaultModelObject(list.get(0));
        }
        add(new Component[]{form});
    }

    @Override // org.jabylon.rest.ui.security.RestrictedComponent
    public String getRequiredPermission() {
        return CommonPermissions.constructPermissionName("Project", ((Project) getModelObject()).getName(), "config");
    }
}
