package org.dspace.authorize;

import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.dspace.authorize.service.AuthorizeService;
import org.dspace.authorize.service.ResourcePolicyService;
import org.dspace.content.Bitstream;
import org.dspace.content.Bundle;
import org.dspace.content.Collection;
import org.dspace.content.Community;
import org.dspace.content.DSpaceObject;
import org.dspace.content.Item;
import org.dspace.content.crosswalk.DIMDisseminationCrosswalk;
import org.dspace.content.factory.ContentServiceFactory;
import org.dspace.content.service.BitstreamService;
import org.dspace.content.service.WorkspaceItemService;
import org.dspace.core.Constants;
import org.dspace.core.Context;
import org.dspace.eperson.EPerson;
import org.dspace.eperson.Group;
import org.dspace.eperson.service.GroupService;
import org.dspace.workflow.WorkflowItemService;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:org/dspace/authorize/AuthorizeServiceImpl.class */
public class AuthorizeServiceImpl implements AuthorizeService {

    @Autowired(required = true)
    protected BitstreamService bitstreamService;

    @Autowired(required = true)
    protected ContentServiceFactory serviceFactory;

    @Autowired(required = true)
    protected GroupService groupService;

    @Autowired(required = true)
    protected ResourcePolicyService resourcePolicyService;

    @Autowired(required = true)
    protected WorkspaceItemService workspaceItemService;

    @Autowired(required = true)
    protected WorkflowItemService workflowItemService;

    protected AuthorizeServiceImpl() {
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void authorizeAnyOf(Context context, DSpaceObject dSpaceObject, int[] iArr) throws AuthorizeException, SQLException {
        AuthorizeException authorizeException = null;
        for (int i : iArr) {
            try {
                authorizeAction(context, dSpaceObject, i);
                return;
            } catch (AuthorizeException e) {
                if (authorizeException == null) {
                    authorizeException = e;
                }
            }
        }
        throw authorizeException;
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void authorizeAction(Context context, DSpaceObject dSpaceObject, int i) throws AuthorizeException, SQLException {
        authorizeAction(context, dSpaceObject, i, true);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void authorizeAction(Context context, DSpaceObject dSpaceObject, int i, boolean z) throws AuthorizeException, SQLException {
        authorizeAction(context, context.getCurrentUser(), dSpaceObject, i, z);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void authorizeAction(Context context, EPerson ePerson, DSpaceObject dSpaceObject, int i, boolean z) throws AuthorizeException, SQLException {
        if (dSpaceObject == null) {
            throw new AuthorizeException("Authorization attempted on null DSpace object " + (i == -1 ? DIMDisseminationCrosswalk.DIM_XSD : Constants.actionText[i]) + " by user " + (ePerson == null ? null : ePerson.getID()));
        }
        if (authorize(context, dSpaceObject, i, ePerson, z)) {
            return;
        }
        int type = dSpaceObject.getType();
        throw new AuthorizeException("Authorization denied for action " + (i == -1 ? DIMDisseminationCrosswalk.DIM_XSD : Constants.actionText[i]) + " on " + Constants.typeText[type] + ":" + dSpaceObject.getID() + " by user " + (ePerson == null ? null : ePerson.getID()), dSpaceObject, i);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public boolean authorizeActionBoolean(Context context, DSpaceObject dSpaceObject, int i) throws SQLException {
        return authorizeActionBoolean(context, dSpaceObject, i, true);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public boolean authorizeActionBoolean(Context context, DSpaceObject dSpaceObject, int i, boolean z) throws SQLException {
        boolean z2 = true;
        if (dSpaceObject == null) {
            return false;
        }
        try {
            authorizeAction(context, dSpaceObject, i, z);
        } catch (AuthorizeException e) {
            z2 = false;
        }
        return z2;
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public boolean authorizeActionBoolean(Context context, EPerson ePerson, DSpaceObject dSpaceObject, int i, boolean z) throws SQLException {
        boolean z2 = true;
        if (dSpaceObject == null) {
            return false;
        }
        try {
            authorizeAction(context, ePerson, dSpaceObject, i, z);
        } catch (AuthorizeException e) {
            z2 = false;
        }
        return z2;
    }

    protected boolean authorize(Context context, DSpaceObject dSpaceObject, int i, EPerson ePerson, boolean z) throws SQLException {
        if (dSpaceObject == null) {
            return false;
        }
        if (context.ignoreAuthorization()) {
            return true;
        }
        Boolean cachedAuthorizationResult = context.getCachedAuthorizationResult(dSpaceObject, i, ePerson);
        if (cachedAuthorizationResult != null) {
            return cachedAuthorizationResult.booleanValue();
        }
        EPerson ePerson2 = null;
        if (ePerson != null) {
            ePerson2 = ePerson;
            if (isAdmin(context, ePerson, z ? this.serviceFactory.getDSpaceObjectService((ContentServiceFactory) dSpaceObject).getAdminObject(context, dSpaceObject, i) : null)) {
                context.cacheAuthorizedAction(dSpaceObject, i, ePerson, true, null);
                return true;
            }
        }
        boolean z2 = false;
        if (dSpaceObject instanceof Bitstream) {
            Bitstream bitstream = (Bitstream) dSpaceObject;
            DSpaceObject parentObject = this.bitstreamService.getParentObject(context, bitstream);
            if (!(parentObject instanceof Collection) && !(parentObject instanceof Community)) {
                z2 = !isAnyItemInstalled(context, bitstream.getBundles());
            }
        }
        if (dSpaceObject instanceof Bundle) {
            z2 = !isAnyItemInstalled(context, Arrays.asList((Bundle) dSpaceObject));
        }
        if ((dSpaceObject instanceof Item) && (this.workspaceItemService.findByItem(context, (Item) dSpaceObject) != null || this.workflowItemService.findByItem(context, (Item) dSpaceObject) != null)) {
            z2 = true;
        }
        for (ResourcePolicy resourcePolicy : getPoliciesActionFilter(context, dSpaceObject, i)) {
            if (!z2 || !ResourcePolicy.TYPE_CUSTOM.equals(resourcePolicy.getRpType())) {
                if (this.resourcePolicyService.isDateValid(resourcePolicy)) {
                    if (resourcePolicy.getEPerson() != null && resourcePolicy.getEPerson().equals(ePerson2)) {
                        context.cacheAuthorizedAction(dSpaceObject, i, ePerson, true, resourcePolicy);
                        return true;
                    }
                    if (resourcePolicy.getGroup() != null && this.groupService.isMember(context, ePerson, resourcePolicy.getGroup())) {
                        context.cacheAuthorizedAction(dSpaceObject, i, ePerson, true, resourcePolicy);
                        return true;
                    }
                }
                if (context.isReadOnly()) {
                    context.uncacheEntity(resourcePolicy);
                }
            } else if (context.isReadOnly()) {
                context.uncacheEntity(resourcePolicy);
            }
        }
        context.cacheAuthorizedAction(dSpaceObject, i, ePerson, false, null);
        return false;
    }

    protected boolean isAnyItemInstalled(Context context, List<Bundle> list) throws SQLException {
        Iterator<Bundle> it = list.iterator();
        while (it.hasNext()) {
            for (Item item : it.next().getItems()) {
                if (this.workspaceItemService.findByItem(context, item) == null && this.workflowItemService.findByItem(context, item) == null) {
                    return true;
                }
            }
        }
        return false;
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public boolean isAdmin(Context context, DSpaceObject dSpaceObject) throws SQLException {
        return isAdmin(context, context.getCurrentUser(), dSpaceObject);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public boolean isAdmin(Context context, EPerson ePerson, DSpaceObject dSpaceObject) throws SQLException {
        if (isAdmin(context, ePerson)) {
            return true;
        }
        if (dSpaceObject == null) {
            return false;
        }
        Boolean cachedAuthorizationResult = context.getCachedAuthorizationResult(dSpaceObject, 11, ePerson);
        if (cachedAuthorizationResult != null) {
            return cachedAuthorizationResult.booleanValue();
        }
        for (ResourcePolicy resourcePolicy : getPoliciesActionFilter(context, dSpaceObject, 11)) {
            if (this.resourcePolicyService.isDateValid(resourcePolicy)) {
                if (resourcePolicy.getEPerson() != null && resourcePolicy.getEPerson().equals(ePerson)) {
                    context.cacheAuthorizedAction(dSpaceObject, 11, ePerson, true, resourcePolicy);
                    return true;
                }
                if (resourcePolicy.getGroup() != null && this.groupService.isMember(context, ePerson, resourcePolicy.getGroup())) {
                    context.cacheAuthorizedAction(dSpaceObject, 11, ePerson, true, resourcePolicy);
                    return true;
                }
            }
            if (context.isReadOnly()) {
                context.uncacheEntity(resourcePolicy);
            }
        }
        DSpaceObject parentObject = this.serviceFactory.getDSpaceObjectService((ContentServiceFactory) dSpaceObject).getParentObject(context, dSpaceObject);
        if (parentObject == null) {
            context.cacheAuthorizedAction(dSpaceObject, 11, ePerson, false, null);
            return false;
        }
        boolean isAdmin = isAdmin(context, ePerson, parentObject);
        context.cacheAuthorizedAction(dSpaceObject, 11, ePerson, Boolean.valueOf(isAdmin), null);
        return isAdmin;
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public boolean isAdmin(Context context) throws SQLException {
        if (context.ignoreAuthorization()) {
            return true;
        }
        if (context.getCurrentUser() == null) {
            return false;
        }
        return this.groupService.isMember(context, Group.ADMIN);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public boolean isAdmin(Context context, EPerson ePerson) throws SQLException {
        if (context.ignoreAuthorization()) {
            return true;
        }
        if (ePerson == null) {
            return false;
        }
        return this.groupService.isMember(context, ePerson, Group.ADMIN);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public boolean isCommunityAdmin(Context context) throws SQLException {
        EPerson currentUser = context.getCurrentUser();
        return currentUser != null && CollectionUtils.isNotEmpty(this.resourcePolicyService.find(context, currentUser, this.groupService.allMemberGroups(context, currentUser), 11, 4));
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public boolean isCollectionAdmin(Context context) throws SQLException {
        EPerson currentUser = context.getCurrentUser();
        return currentUser != null && CollectionUtils.isNotEmpty(this.resourcePolicyService.find(context, currentUser, this.groupService.allMemberGroups(context, currentUser), 11, 3));
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void addPolicy(Context context, DSpaceObject dSpaceObject, int i, EPerson ePerson) throws SQLException, AuthorizeException {
        addPolicy(context, dSpaceObject, i, ePerson, (String) null);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void addPolicy(Context context, DSpaceObject dSpaceObject, int i, EPerson ePerson, String str) throws SQLException, AuthorizeException {
        createResourcePolicy(context, dSpaceObject, null, ePerson, i, str);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void addPolicy(Context context, DSpaceObject dSpaceObject, int i, Group group) throws SQLException, AuthorizeException {
        createResourcePolicy(context, dSpaceObject, group, null, i, null);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void addPolicy(Context context, DSpaceObject dSpaceObject, int i, Group group, String str) throws SQLException, AuthorizeException {
        createResourcePolicy(context, dSpaceObject, group, null, i, str);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public List<ResourcePolicy> getPolicies(Context context, DSpaceObject dSpaceObject) throws SQLException {
        return this.resourcePolicyService.find(context, dSpaceObject);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public List<ResourcePolicy> findPoliciesByDSOAndType(Context context, DSpaceObject dSpaceObject, String str) throws SQLException {
        return this.resourcePolicyService.find(context, dSpaceObject, str);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public List<ResourcePolicy> getPoliciesForGroup(Context context, Group group) throws SQLException {
        return this.resourcePolicyService.find(context, group);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public List<ResourcePolicy> getPoliciesActionFilter(Context context, DSpaceObject dSpaceObject, int i) throws SQLException {
        return this.resourcePolicyService.find(context, dSpaceObject, i);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void inheritPolicies(Context context, DSpaceObject dSpaceObject, DSpaceObject dSpaceObject2) throws SQLException, AuthorizeException {
        List<ResourcePolicy> policies = getPolicies(context, dSpaceObject);
        ArrayList arrayList = new ArrayList();
        for (ResourcePolicy resourcePolicy : policies) {
            if (resourcePolicy.getAction() != 11) {
                arrayList.add(resourcePolicy);
            }
        }
        addPolicies(context, arrayList, dSpaceObject2);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void switchPoliciesAction(Context context, DSpaceObject dSpaceObject, int i, int i2) throws SQLException, AuthorizeException {
        List<ResourcePolicy> policiesActionFilter = getPoliciesActionFilter(context, dSpaceObject, i);
        Iterator<ResourcePolicy> it = policiesActionFilter.iterator();
        while (it.hasNext()) {
            it.next().setAction(i2);
        }
        this.resourcePolicyService.update(context, (List) policiesActionFilter);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void addPolicies(Context context, List<ResourcePolicy> list, DSpaceObject dSpaceObject) throws SQLException, AuthorizeException {
        LinkedList linkedList = new LinkedList();
        for (ResourcePolicy resourcePolicy : list) {
            ResourcePolicy create = this.resourcePolicyService.create(context);
            create.setdSpaceObject(dSpaceObject);
            create.setAction(resourcePolicy.getAction());
            create.setEPerson(resourcePolicy.getEPerson());
            create.setGroup(resourcePolicy.getGroup());
            create.setStartDate(resourcePolicy.getStartDate());
            create.setEndDate(resourcePolicy.getEndDate());
            create.setRpName(resourcePolicy.getRpName());
            create.setRpDescription(resourcePolicy.getRpDescription());
            create.setRpType(resourcePolicy.getRpType());
            linkedList.add(create);
        }
        this.resourcePolicyService.update(context, (List) linkedList);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void removeAllPolicies(Context context, DSpaceObject dSpaceObject) throws SQLException, AuthorizeException {
        this.resourcePolicyService.removeAllPolicies(context, dSpaceObject);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void removeAllPoliciesByDSOAndTypeNotEqualsTo(Context context, DSpaceObject dSpaceObject, String str) throws SQLException, AuthorizeException {
        this.resourcePolicyService.removeDsoAndTypeNotEqualsToPolicies(context, dSpaceObject, str);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void removeAllPoliciesByDSOAndType(Context context, DSpaceObject dSpaceObject, String str) throws SQLException, AuthorizeException {
        this.resourcePolicyService.removePolicies(context, dSpaceObject, str);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void removePoliciesActionFilter(Context context, DSpaceObject dSpaceObject, int i) throws SQLException, AuthorizeException {
        this.resourcePolicyService.removePolicies(context, dSpaceObject, i);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void removeGroupPolicies(Context context, Group group) throws SQLException {
        this.resourcePolicyService.removeGroupPolicies(context, group);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void removeGroupPolicies(Context context, DSpaceObject dSpaceObject, Group group) throws SQLException, AuthorizeException {
        this.resourcePolicyService.removeDsoGroupPolicies(context, dSpaceObject, group);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void removeEPersonPolicies(Context context, DSpaceObject dSpaceObject, EPerson ePerson) throws SQLException, AuthorizeException {
        this.resourcePolicyService.removeDsoEPersonPolicies(context, dSpaceObject, ePerson);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public List<Group> getAuthorizedGroups(Context context, DSpaceObject dSpaceObject, int i) throws SQLException {
        List<ResourcePolicy> policiesActionFilter = getPoliciesActionFilter(context, dSpaceObject, i);
        ArrayList arrayList = new ArrayList();
        for (ResourcePolicy resourcePolicy : policiesActionFilter) {
            if (resourcePolicy.getGroup() != null && this.resourcePolicyService.isDateValid(resourcePolicy)) {
                arrayList.add(resourcePolicy.getGroup());
            }
        }
        return arrayList;
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public boolean isAnIdenticalPolicyAlreadyInPlace(Context context, DSpaceObject dSpaceObject, ResourcePolicy resourcePolicy) throws SQLException {
        return isAnIdenticalPolicyAlreadyInPlace(context, dSpaceObject, resourcePolicy.getGroup(), resourcePolicy.getAction(), resourcePolicy.getID().intValue());
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public boolean isAnIdenticalPolicyAlreadyInPlace(Context context, DSpaceObject dSpaceObject, Group group, int i, int i2) throws SQLException {
        return !this.resourcePolicyService.findByTypeGroupActionExceptId(context, dSpaceObject, group, i, i2).isEmpty();
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public ResourcePolicy findByTypeGroupAction(Context context, DSpaceObject dSpaceObject, Group group, int i) throws SQLException {
        List<ResourcePolicy> find = this.resourcePolicyService.find(context, dSpaceObject, group, i);
        if (CollectionUtils.isNotEmpty(find)) {
            return find.iterator().next();
        }
        return null;
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public void generateAutomaticPolicies(Context context, Date date, String str, DSpaceObject dSpaceObject, Collection collection) throws SQLException, AuthorizeException {
        if (date != null || (date == null && (dSpaceObject instanceof Bitstream))) {
            List<Group> authorizedGroups = getAuthorizedGroups(context, collection, 10);
            removeAllPoliciesByDSOAndType(context, dSpaceObject, ResourcePolicy.TYPE_CUSTOM);
            boolean z = false;
            Iterator<Group> it = authorizedGroups.iterator();
            while (it.hasNext()) {
                if (StringUtils.equals(it.next().getName(), Group.ANONYMOUS)) {
                    z = true;
                }
            }
            if (z) {
                ResourcePolicy createOrModifyPolicy = createOrModifyPolicy(null, context, null, this.groupService.findByName(context, Group.ANONYMOUS), null, date, 0, str, dSpaceObject);
                if (createOrModifyPolicy != null) {
                    this.resourcePolicyService.update(context, (Context) createOrModifyPolicy);
                    return;
                }
                return;
            }
            Iterator<Group> it2 = authorizedGroups.iterator();
            while (it2.hasNext()) {
                ResourcePolicy createOrModifyPolicy2 = createOrModifyPolicy(null, context, null, it2.next(), null, date, 0, str, dSpaceObject);
                if (createOrModifyPolicy2 != null) {
                    this.resourcePolicyService.update(context, (Context) createOrModifyPolicy2);
                }
            }
        }
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public ResourcePolicy createResourcePolicy(Context context, DSpaceObject dSpaceObject, Group group, EPerson ePerson, int i, String str) throws SQLException, AuthorizeException {
        return createResourcePolicy(context, dSpaceObject, group, ePerson, i, str, null, null, null, null);
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public ResourcePolicy createResourcePolicy(Context context, DSpaceObject dSpaceObject, Group group, EPerson ePerson, int i, String str, String str2, String str3, Date date, Date date2) throws SQLException, AuthorizeException {
        if (group == null && ePerson == null) {
            throw new IllegalArgumentException("We need at least an eperson or a group in order to create a resource policy.");
        }
        ResourcePolicy create = this.resourcePolicyService.create(context);
        create.setdSpaceObject(dSpaceObject);
        create.setAction(i);
        create.setGroup(group);
        create.setEPerson(ePerson);
        create.setRpType(str);
        create.setRpName(str2);
        create.setRpDescription(str3);
        create.setEndDate(date2);
        create.setStartDate(date);
        this.resourcePolicyService.update(context, (Context) create);
        return create;
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public ResourcePolicy createOrModifyPolicy(ResourcePolicy resourcePolicy, Context context, String str, Group group, EPerson ePerson, Date date, int i, String str2, DSpaceObject dSpaceObject) throws AuthorizeException, SQLException {
        ResourcePolicy resourcePolicy2 = null;
        if (resourcePolicy != null) {
            List<ResourcePolicy> findByTypeGroupActionExceptId = this.resourcePolicyService.findByTypeGroupActionExceptId(context, dSpaceObject, group, i, resourcePolicy.getID().intValue());
            if (!findByTypeGroupActionExceptId.isEmpty()) {
                resourcePolicy = findByTypeGroupActionExceptId.get(0);
            }
        } else {
            resourcePolicy2 = findByTypeGroupAction(context, dSpaceObject, group, i);
        }
        if (resourcePolicy2 != null) {
            resourcePolicy = resourcePolicy2;
            resourcePolicy.setRpType(ResourcePolicy.TYPE_CUSTOM);
        }
        if (resourcePolicy == null) {
            resourcePolicy = createResourcePolicy(context, dSpaceObject, group, ePerson, i, ResourcePolicy.TYPE_CUSTOM);
        }
        resourcePolicy.setGroup(group);
        resourcePolicy.setEPerson(ePerson);
        if (date != null) {
            resourcePolicy.setStartDate(date);
        } else {
            resourcePolicy.setStartDate(null);
            resourcePolicy.setEndDate(null);
        }
        resourcePolicy.setRpName(str);
        resourcePolicy.setRpDescription(str2);
        return resourcePolicy;
    }

    @Override // org.dspace.authorize.service.AuthorizeService
    public List<ResourcePolicy> getPoliciesActionFilterExceptRpType(Context context, DSpaceObject dSpaceObject, int i, String str) throws SQLException {
        return this.resourcePolicyService.findExceptRpType(context, dSpaceObject, i, str);
    }
}
