package no.kantega.publishing.security.service;

import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import no.kantega.commons.exception.SystemException;
import no.kantega.publishing.common.Aksess;
import no.kantega.publishing.common.data.BaseObject;
import no.kantega.publishing.common.data.Content;
import no.kantega.publishing.security.ao.PermissionsAO;
import no.kantega.publishing.security.data.Permission;
import no.kantega.publishing.security.data.PermissionsCache;
import no.kantega.publishing.security.data.Role;
import no.kantega.publishing.security.data.SecurityIdentifier;
import no.kantega.publishing.security.data.User;
import no.kantega.publishing.security.data.enums.NotificationPriority;
import org.apache.velocity.tools.generic.ComparisonDateTool;

/* loaded from: input_file:WEB-INF/lib/openaksess-core-7.1.16.jar:no/kantega/publishing/security/service/SecurityService.class */
public class SecurityService {
    public static boolean isAuthorized(Role role, BaseObject baseObject, int i) throws SystemException {
        List<Permission> permissions = PermissionsCache.getPermissions(baseObject);
        if (permissions == null || permissions.size() == 0) {
            return true;
        }
        for (int i2 = 0; i2 < permissions.size(); i2++) {
            Permission permission = permissions.get(i2);
            if (permission.getPrivilege() >= i) {
                if (role.getId().equalsIgnoreCase(permission.getSecurityIdentifier().getId())) {
                    return true;
                }
            }
        }
        return false;
    }

    public static boolean isAuthorized(User user, BaseObject baseObject, int i) throws SystemException {
        String owner = baseObject.getOwner();
        if ("".equals(owner)) {
            owner = null;
        }
        String ownerPerson = baseObject.getOwnerPerson();
        if ("".equals(ownerPerson)) {
            ownerPerson = null;
        }
        if (baseObject instanceof Content) {
            baseObject = ((Content) baseObject).getAssociation();
        }
        List<Permission> permissions = PermissionsCache.getPermissions(baseObject);
        return permissions == null || permissions.size() == 0 || getPermissionForUser(user, i, permissions, ownerPerson, owner) != null || isUserInRole(user, Aksess.getAdminRole());
    }

    public static boolean isApprover(User user, Content content) throws SystemException {
        String owner = content.getOwner();
        if ("".equals(owner)) {
            owner = null;
        }
        String ownerPerson = content.getOwnerPerson();
        if ("".equals(ownerPerson)) {
            ownerPerson = null;
        }
        List<Permission> permissions = PermissionsCache.getPermissions(content.getAssociation());
        if (permissions == null || permissions.size() == 0) {
            return true;
        }
        long time = new Date().getTime();
        long time2 = content.getLastModified().getTime();
        Permission permissionForUser = getPermissionForUser(user, 2, permissions, ownerPerson, owner);
        if (permissionForUser != null) {
            NotificationPriority notificationPriority = permissionForUser.getNotificationPriority();
            if (notificationPriority == NotificationPriority.PRIORITY1) {
                return true;
            }
            return notificationPriority == NotificationPriority.PRIORITY2 ? time - time2 > ComparisonDateTool.MILLIS_PER_WEEK : notificationPriority == NotificationPriority.PRIORITY3 && time - time2 > 2 * ComparisonDateTool.MILLIS_PER_WEEK;
        }
        if (!isUserInRole(user, Aksess.getAdminRole())) {
            return false;
        }
        boolean z = false;
        Iterator<Permission> it = permissions.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (it.next().getPrivilege() >= 2) {
                z = true;
                break;
            }
        }
        return !z || time - time2 > 2 * ComparisonDateTool.MILLIS_PER_WEEK;
    }

    private static Permission getPermissionForUser(User user, int i, List<Permission> list, String str, String str2) {
        for (Permission permission : list) {
            if (permission.getPrivilege() >= i) {
                SecurityIdentifier securityIdentifier = permission.getSecurityIdentifier();
                String id = securityIdentifier.getId();
                if (securityIdentifier.equals(Aksess.getEveryoneRole())) {
                    return permission;
                }
                if (user == null) {
                    continue;
                } else {
                    if ((securityIdentifier instanceof User) && user.equals(id)) {
                        return permission;
                    }
                    if (securityIdentifier.equals(Aksess.getOwnerRole()) && user.getId().equals(str)) {
                        return permission;
                    }
                    if (!isUserInRole(user, id)) {
                        continue;
                    } else {
                        if (!securityIdentifier.equals(Aksess.getUnitRole())) {
                            return permission;
                        }
                        if (str2 != null && str2.length() > 0 && isUserInRole(user, str2)) {
                            return permission;
                        }
                    }
                }
            }
        }
        return null;
    }

    public static boolean isUserInRole(User user, String str) {
        HashMap roles;
        if (str.equalsIgnoreCase(Aksess.getEveryoneRole())) {
            return true;
        }
        return (user == null || (roles = user.getRoles()) == null || ((Role) roles.get(str)) == null) ? false : true;
    }

    public static List getPermissions(BaseObject baseObject) throws SystemException {
        if (baseObject instanceof Content) {
            baseObject = ((Content) baseObject).getAssociation();
        }
        ArrayList arrayList = new ArrayList();
        List<Permission> permissions = PermissionsCache.getPermissions(baseObject);
        if (permissions != null) {
            for (int i = 0; i < permissions.size(); i++) {
                arrayList.add(new Permission(permissions.get(i)));
            }
        }
        return arrayList;
    }

    public static void setPermissions(BaseObject baseObject, List list) throws SystemException {
        if (baseObject instanceof Content) {
            baseObject = ((Content) baseObject).getAssociation();
        }
        PermissionsAO.setPermissions(baseObject, list);
        PermissionsCache.reloadCache();
    }

    public static List getPermissionsOverview(int i) throws SystemException {
        return PermissionsAO.getPermissionsOverview(i);
    }
}
