package info.magnolia.security.app.tools.permission;

import com.google.common.collect.HashBasedTable;
import com.google.common.collect.Table;
import com.vaadin.data.Container;
import com.vaadin.data.Item;
import com.vaadin.data.util.BeanItem;
import com.vaadin.data.util.HierarchicalContainer;
import info.magnolia.cms.security.AccessDeniedException;
import info.magnolia.cms.security.Group;
import info.magnolia.cms.security.Permission;
import info.magnolia.cms.security.Role;
import info.magnolia.cms.security.SecuritySupport;
import info.magnolia.cms.security.User;
import info.magnolia.cms.security.auth.ACL;
import info.magnolia.i18nsystem.SimpleTranslator;
import info.magnolia.security.app.tools.AbstractSecurityToolPresenter;
import info.magnolia.security.app.tools.SecurityToolView;
import info.magnolia.ui.api.context.UiContext;
import info.magnolia.ui.dialog.formdialog.FormBuilder;
import info.magnolia.ui.framework.tools.FormToolActionExecutor;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;

/* loaded from: input_file:WEB-INF/lib/magnolia-security-app-5.5.3.jar:info/magnolia/security/app/tools/permission/PermissionToolPresenter.class */
public class PermissionToolPresenter extends AbstractSecurityToolPresenter {
    private final SecuritySupport securitySupport;
    private final SimpleTranslator i18n;
    private PermissionViewOption viewOption;
    private static final List<String> REPO_NAMES = Arrays.asList("uri", "forum");
    private static final Table<String, Long, String> PERMISSION_MESSAGES = HashBasedTable.create();

    /* loaded from: input_file:WEB-INF/lib/magnolia-security-app-5.5.3.jar:info/magnolia/security/app/tools/permission/PermissionToolPresenter$DumpMode.class */
    public enum DumpMode {
        WITH_PERMISSIONS,
        WITHOUT_PERMISSIONS
    }

    /* loaded from: input_file:WEB-INF/lib/magnolia-security-app-5.5.3.jar:info/magnolia/security/app/tools/permission/PermissionToolPresenter$DumpType.class */
    public enum DumpType {
        USER,
        GROUP
    }

    /* loaded from: input_file:WEB-INF/lib/magnolia-security-app-5.5.3.jar:info/magnolia/security/app/tools/permission/PermissionToolPresenter$PermissionViewOption.class */
    public static class PermissionViewOption extends AbstractSecurityToolPresenter.ViewOption {
        private DumpType type;
        private DumpMode dumpMode;

        public DumpType getType() {
            return this.type;
        }

        public void setType(DumpType dumpType) {
            this.type = dumpType;
        }

        public DumpMode getDumpMode() {
            return this.dumpMode;
        }

        public void setDumpMode(DumpMode dumpMode) {
            this.dumpMode = dumpMode;
        }
    }

    @Inject
    public PermissionToolPresenter(SecurityToolView securityToolView, FormBuilder formBuilder, FormToolActionExecutor formToolActionExecutor, UiContext uiContext, SecuritySupport securitySupport, SimpleTranslator simpleTranslator) {
        super(securityToolView, formBuilder, formToolActionExecutor, uiContext);
        this.securitySupport = securitySupport;
        this.i18n = simpleTranslator;
    }

    @Override // info.magnolia.ui.framework.tools.FormToolPresenter
    protected Item getItem() {
        this.viewOption = new PermissionViewOption();
        return new BeanItem(this.viewOption);
    }

    @Override // info.magnolia.security.app.tools.AbstractSecurityToolPresenter
    protected Container.Hierarchical buildContainer() throws AccessDeniedException {
        this.container = new HierarchicalContainer();
        this.container.addContainerProperty("value", String.class, "");
        Iterator<String> emptyIterator = Collections.emptyIterator();
        Iterator<String> emptyIterator2 = Collections.emptyIterator();
        switch (this.viewOption.getType()) {
            case GROUP:
                Group group = this.securitySupport.getGroupManager().getGroup(this.viewOption.getName());
                if (group == null) {
                    return null;
                }
                emptyIterator = group.getGroups().iterator();
                emptyIterator2 = group.getRoles().iterator();
                break;
            case USER:
                User user = this.securitySupport.getUserManager().getUser(this.viewOption.getName());
                if (user == null) {
                    return null;
                }
                emptyIterator = user.getGroups().iterator();
                emptyIterator2 = user.getRoles().iterator();
                break;
        }
        boolean equals = DumpMode.WITH_PERMISSIONS.equals(this.viewOption.getDumpMode());
        getGroupRole(emptyIterator, equals, null);
        getRole(emptyIterator2, equals, null);
        for (Object obj : this.container.getItemIds()) {
            this.container.setChildrenAllowed(obj, this.container.getChildren(obj) != null && this.container.getChildren(obj).size() > 0);
        }
        return this.container;
    }

    @Override // info.magnolia.security.app.tools.AbstractSecurityToolPresenter
    protected String getErrorMessage() {
        return this.i18n.translate(String.format("security.permissionsTab.%s.error", this.viewOption.getType().name().toLowerCase()), this.viewOption.getName());
    }

    private void getGroupRole(Iterator<String> it, boolean z, Object obj) throws AccessDeniedException {
        while (it.hasNext()) {
            Group group = this.securitySupport.getGroupManager().getGroup(it.next());
            Object addContainerItem = addContainerItem("value", getGroupRepresentation(group), obj);
            getGroupRole(group.getGroups().iterator(), z, addContainerItem);
            getRole(group.getRoles().iterator(), z, addContainerItem);
        }
    }

    private void getRole(Iterator<String> it, boolean z, Object obj) {
        while (it.hasNext()) {
            Role role = this.securitySupport.getRoleManager().getRole(it.next());
            Object addContainerItem = addContainerItem("value", getRoleRepresentation(role), obj);
            if (z) {
                getPermission(role.getName(), addContainerItem);
            }
        }
    }

    private void getPermission(String str, Object obj) {
        for (ACL acl : this.securitySupport.getRoleManager().getACLs(str).values()) {
            Iterator<Permission> it = acl.getList().iterator();
            while (it.hasNext()) {
                addContainerItem("value", getPermissionRepresentation(it.next(), acl.getName()), obj);
            }
        }
    }

    private String getGroupRepresentation(Group group) {
        return this.i18n.translate("security.tools.results.group", group.getName());
    }

    private String getRoleRepresentation(Role role) {
        return this.i18n.translate("security.tools.results.role", role.getName());
    }

    private String getPermissionRepresentation(Permission permission, String str) {
        return this.i18n.translate("security.tools.results.permission", getPermissionAsName(str, permission), str, permission.getPattern().getPatternString());
    }

    private String getPermissionAsName(String str, Permission permission) {
        if (!REPO_NAMES.contains(str)) {
            str = "";
        }
        String str2 = PERMISSION_MESSAGES.get(str, Long.valueOf(permission.getPermissions()));
        return str2 == null ? "(" + permission.getPermissions() + ") unknown " : this.i18n.translate(str2, new Object[0]);
    }

    static {
        PERMISSION_MESSAGES.put("uri", 0L, "roles.permission.deny");
        PERMISSION_MESSAGES.put("uri", 8L, "roles.permission.get");
        PERMISSION_MESSAGES.put("uri", 63L, "roles.permission.getAndPost");
        PERMISSION_MESSAGES.put("forum", 0L, "roles.permission.deny");
        PERMISSION_MESSAGES.put("forum", 8L, "roles.permission.readOnly");
        PERMISSION_MESSAGES.put("forum", 11L, "roles.permission.post");
        PERMISSION_MESSAGES.put("forum", 75L, "roles.permission.moderate");
        PERMISSION_MESSAGES.put("forum", 79L, "roles.permission.moderateAndDelete");
        PERMISSION_MESSAGES.put("forum", 111L, "roles.permission.admin");
        PERMISSION_MESSAGES.put("", 0L, "roles.permission.deny");
        PERMISSION_MESSAGES.put("", 8L, "roles.permission.readOnly");
        PERMISSION_MESSAGES.put("", 63L, "roles.permission.readWrite");
    }
}
