package org.craftercms.studio.impl.v2.security;

import com.google.common.cache.Cache;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.studio.api.v1.constant.StudioConstants;
import org.craftercms.studio.api.v1.constant.StudioXmlConstants;
import org.craftercms.studio.api.v1.exception.ServiceLayerException;
import org.craftercms.studio.api.v1.exception.security.UserNotFoundException;
import org.craftercms.studio.api.v1.log.Logger;
import org.craftercms.studio.api.v1.log.LoggerFactory;
import org.craftercms.studio.api.v2.dal.Group;
import org.craftercms.studio.api.v2.dal.security.RolePermissionMappings;
import org.craftercms.studio.api.v2.dal.security.SitePermissionMappings;
import org.craftercms.studio.api.v2.security.AvailableActionsResolver;
import org.craftercms.studio.api.v2.security.ContentItemAvailableActionsConstants;
import org.craftercms.studio.api.v2.service.config.ConfigurationService;
import org.craftercms.studio.api.v2.service.security.internal.UserServiceInternal;
import org.craftercms.studio.api.v2.utils.StudioConfiguration;
import org.dom4j.Document;
import org.dom4j.Element;
import org.dom4j.Node;

/* loaded from: input_file:org/craftercms/studio/impl/v2/security/AvailableActionsResolverImpl.class */
public class AvailableActionsResolverImpl implements AvailableActionsResolver {
    private static final Logger logger = LoggerFactory.getLogger(AvailableActionsResolverImpl.class);
    public static final String CACHE_KEY = ":available-actions";
    private StudioConfiguration studioConfiguration;
    private ConfigurationService configurationService;
    private UserServiceInternal userServiceInternal;
    private Cache<String, SitePermissionMappings> cache;

    public AvailableActionsResolverImpl(StudioConfiguration studioConfiguration, ConfigurationService configurationService, UserServiceInternal userServiceInternal, Cache<String, SitePermissionMappings> cache) {
        this.studioConfiguration = studioConfiguration;
        this.configurationService = configurationService;
        this.userServiceInternal = userServiceInternal;
        this.cache = cache;
    }

    private SitePermissionMappings fetchSitePermissionMappings(String str) throws ServiceLayerException {
        SitePermissionMappings sitePermissionMappings = new SitePermissionMappings();
        sitePermissionMappings.setSiteId(str);
        Document globalConfigurationAsDocument = this.configurationService.getGlobalConfigurationAsDocument(this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_CONFIG_BASE_PATH) + "/" + this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_ROLE_MAPPINGS_FILE_NAME));
        Document globalConfigurationAsDocument2 = this.configurationService.getGlobalConfigurationAsDocument(this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_CONFIG_BASE_PATH) + "/" + this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_PERMISSION_MAPPINGS_FILE_NAME));
        loadRoles(globalConfigurationAsDocument, sitePermissionMappings);
        loadPermissions(globalConfigurationAsDocument2, sitePermissionMappings);
        if (!StringUtils.equals(str, this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE))) {
            Document configurationAsDocument = this.configurationService.getConfigurationAsDocument(str, StudioConstants.MODULE_STUDIO, this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_SITE_ROLE_MAPPINGS_FILE_NAME), this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_ENVIRONMENT_ACTIVE));
            Document configurationAsDocument2 = this.configurationService.getConfigurationAsDocument(str, StudioConstants.MODULE_STUDIO, this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_SITE_PERMISSION_MAPPINGS_FILE_NAME), this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_ENVIRONMENT_ACTIVE));
            loadRoles(configurationAsDocument, sitePermissionMappings);
            loadPermissions(configurationAsDocument2, sitePermissionMappings);
        }
        return sitePermissionMappings;
    }

    private SitePermissionMappings loadRoles(Document document, SitePermissionMappings sitePermissionMappings) {
        Element rootElement = document.getRootElement();
        if (rootElement.getName().equals(StudioXmlConstants.DOCUMENT_ROLE_MAPPINGS)) {
            Map<String, List<String>> roles = getRoles(rootElement.selectNodes(StudioXmlConstants.DOCUMENT_ELM_GROUPS_NODE), getRoles(rootElement.selectNodes(StudioXmlConstants.DOCUMENT_ELM_USER_NODE), new HashMap()));
            Objects.requireNonNull(sitePermissionMappings);
            roles.forEach(sitePermissionMappings::addGroupToRolesMapping);
        }
        return sitePermissionMappings;
    }

    private Map<String, List<String>> getRoles(List<Node> list, Map<String, List<String>> map) {
        for (Node node : list) {
            String valueOf = node.valueOf(StudioXmlConstants.DOCUMENT_ATTR_PERMISSIONS_NAME);
            if (!StringUtils.isEmpty(valueOf)) {
                List selectNodes = node.selectNodes("role");
                ArrayList arrayList = new ArrayList();
                Iterator it = selectNodes.iterator();
                while (it.hasNext()) {
                    arrayList.add(((Node) it.next()).getText());
                }
                map.put(valueOf, arrayList);
            }
        }
        return map;
    }

    private SitePermissionMappings loadPermissions(Document document, SitePermissionMappings sitePermissionMappings) {
        Element rootElement = document.getRootElement();
        if (rootElement.getName().equals("permissions")) {
            Element element = (Element) rootElement.selectSingleNode("site");
            if (element != null) {
                rootElement = element;
            }
            for (Node node : rootElement.selectNodes("role")) {
                String valueOf = node.valueOf(StudioXmlConstants.DOCUMENT_ATTR_PERMISSIONS_NAME);
                RolePermissionMappings rolePermissionMappings = new RolePermissionMappings();
                rolePermissionMappings.setRole(valueOf);
                node.selectNodes(StudioXmlConstants.DOCUMENT_ELM_PERMISSION_RULE).forEach(node2 -> {
                    String valueOf2 = node2.valueOf(StudioXmlConstants.DOCUMENT_ATTR_REGEX);
                    List selectNodes = node2.selectNodes(StudioXmlConstants.DOCUMENT_ELM_ALLOWED_PERMISSIONS);
                    ArrayList arrayList = new ArrayList();
                    selectNodes.forEach(node2 -> {
                        arrayList.add(node2.getText().toLowerCase());
                    });
                    rolePermissionMappings.addRuleContentItemPermissionsMapping(valueOf2, Long.valueOf(ContentItemAvailableActionsConstants.mapPermissionsToContentItemAvailableActions(arrayList)));
                });
                sitePermissionMappings.addRolePermissionMapping(valueOf, rolePermissionMappings);
            }
        }
        return sitePermissionMappings;
    }

    @Override // org.craftercms.studio.api.v2.security.AvailableActionsResolver
    public long getContentItemAvailableActions(String str, String str2, String str3) throws ServiceLayerException, UserNotFoundException {
        return calculateAvailableActions(str, str3, findSitePermissionMappings(str2));
    }

    private SitePermissionMappings findSitePermissionMappings(String str) throws ServiceLayerException {
        String str2 = str + ":available-actions";
        SitePermissionMappings sitePermissionMappings = (SitePermissionMappings) this.cache.getIfPresent(str2);
        if (sitePermissionMappings == null) {
            logger.debug("Cache miss for {0}", str2);
            sitePermissionMappings = fetchSitePermissionMappings(str);
            this.cache.put(str2, sitePermissionMappings);
        }
        return sitePermissionMappings;
    }

    private long calculateAvailableActions(String str, String str2, SitePermissionMappings sitePermissionMappings) throws ServiceLayerException, UserNotFoundException {
        long j = 0;
        List<Group> userGroups = this.userServiceInternal.getUserGroups(-1L, str);
        if (CollectionUtils.isNotEmpty(userGroups)) {
            j = ((List) userGroups.stream().map(group -> {
                return group.getGroupName();
            }).collect(Collectors.toList())).contains(StudioConstants.SYSTEM_ADMIN_GROUP) ? -1L : sitePermissionMappings.getAvailableActions(str, userGroups, str2);
        }
        return j;
    }
}
