package no.kantega.projectweb.permission.scheme;

import java.util.Iterator;
import java.util.Set;
import no.kantega.projectweb.dao.ProjectWebDao;
import no.kantega.projectweb.model.Participant;
import no.kantega.projectweb.model.Project;
import no.kantega.projectweb.model.ProjectRole;
import org.apache.log4j.Logger;
import org.springframework.beans.propertyeditors.StringArrayPropertyEditor;

/* loaded from: input_file:WEB-INF/lib/aksess-modules-projectweb-1.20.5.jar:no/kantega/projectweb/permission/scheme/PermissionSchemeManager.class */
public class PermissionSchemeManager {
    private ProjectWebDao dao;
    private Logger log = Logger.getLogger(PermissionSchemeManager.class);
    private String[] administratorRoles = new String[0];

    public boolean hasPermission(String str, long j, Project project) {
        PermissionScheme populatedPermissionScheme = this.dao.getPopulatedPermissionScheme(project.getPermissionSchemeId());
        this.log.info("Permission scheme '" + populatedPermissionScheme.getName() + "' for project " + project.getName());
        Participant projectParticipant = this.dao.getProjectParticipant(project.getId(), str);
        if (projectParticipant == null) {
            this.log.info("User " + str + " is not participant in project");
            return false;
        }
        Set<PermissionEntry> permissionEntries = populatedPermissionScheme.getPermissionEntries();
        if (permissionEntries == null) {
            this.log.warn("Permission scheme " + populatedPermissionScheme.getId() + " contains no entries");
            return false;
        }
        for (PermissionEntry permissionEntry : permissionEntries) {
            this.log.info("Checking entry with permission " + permissionEntry.getPermission());
            if (permissionEntry.getPermission() == j && hasRole(projectParticipant.getRoles(), permissionEntry.getRoles())) {
                return true;
            }
        }
        return false;
    }

    private boolean hasRole(Set set, Set set2) {
        Iterator it = set2.iterator();
        while (it.hasNext()) {
            ProjectRole projectRole = (ProjectRole) it.next();
            this.log.info("Testing role " + projectRole.getCode());
            Iterator it2 = set.iterator();
            while (it2.hasNext()) {
                ProjectRole projectRole2 = (ProjectRole) it2.next();
                if (projectRole.getId() == projectRole2.getId()) {
                    this.log.info("  matched against " + projectRole2.getCode());
                    return true;
                }
                this.log.info("  no match against " + projectRole2.getCode());
            }
        }
        this.log.info("User does not have one of the required roles");
        return false;
    }

    public void setDao(ProjectWebDao projectWebDao) {
        this.dao = projectWebDao;
    }

    public boolean hasGlobalPermission(String str, long j) {
        if (j != 1) {
            return false;
        }
        for (int i = 0; i < this.administratorRoles.length; i++) {
            if (this.dao.isUserInGroup(str, this.administratorRoles[i])) {
                return true;
            }
        }
        return false;
    }

    public void setAdministratorRoles(String str) {
        if (str != null) {
            this.administratorRoles = str.split(StringArrayPropertyEditor.DEFAULT_SEPARATOR);
        }
    }
}
