package org.wso2.carbon.identity.organization.management.authz.service.dao;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.database.utils.jdbc.exceptions.DataAccessException;
import org.wso2.carbon.identity.organization.management.authz.service.constant.AuthorizationConstants;
import org.wso2.carbon.identity.organization.management.authz.service.constant.SQLConstants;
import org.wso2.carbon.identity.organization.management.authz.service.exception.OrganizationManagementAuthzServiceServerException;
import org.wso2.carbon.identity.organization.management.authz.service.internal.OrganizationManagementAuthzServiceHolder;
import org.wso2.carbon.identity.organization.management.authz.service.util.OrganizationManagementAuthzUtil;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.core.common.Group;

/* loaded from: input_file:org/wso2/carbon/identity/organization/management/authz/service/dao/OrganizationManagementAuthzDAOImpl.class */
public class OrganizationManagementAuthzDAOImpl implements OrganizationManagementAuthzDAO {
    @Override // org.wso2.carbon.identity.organization.management.authz.service.dao.OrganizationManagementAuthzDAO
    public boolean isUserAuthorized(String str, String str2, String str3) throws OrganizationManagementAuthzServiceServerException {
        String str4 = "PERMISSION_";
        List<String> allowedPermissions = OrganizationManagementAuthzUtil.getAllowedPermissions(str2);
        ArrayList arrayList = new ArrayList();
        for (int i = 1; i <= allowedPermissions.size(); i++) {
            arrayList.add(":PERMISSION_" + i + ";");
        }
        String join = String.join(", ", arrayList);
        try {
            if (((Boolean) OrganizationManagementAuthzUtil.getNewTemplate().fetchSingleRecord(SQLConstants.IS_USER_AUTHORIZED.replace(SQLConstants.PERMISSION_LIST_PLACEHOLDER, join), (resultSet, i2) -> {
                return Boolean.valueOf(resultSet.getInt(1) > 0);
            }, namedPreparedStatement -> {
                namedPreparedStatement.setString("ID", str);
                namedPreparedStatement.setString("NAME", str3);
                int i3 = 1;
                Iterator it = allowedPermissions.iterator();
                while (it.hasNext()) {
                    namedPreparedStatement.setString(str4 + i3, (String) it.next());
                    i3++;
                }
            })).booleanValue()) {
                return true;
            }
            try {
                AbstractUserStoreManager userStoreManager = getUserStoreManager(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
                if (!userStoreManager.isExistingUserWithID(str)) {
                    return false;
                }
                List<Group> groupListOfUser = userStoreManager.getGroupListOfUser(str, (String) null, (String) null);
                String replace = SQLConstants.IS_GROUP_AUTHORIZED.replace(SQLConstants.PERMISSION_LIST_PLACEHOLDER, join);
                for (Group group : groupListOfUser) {
                    if (((Boolean) OrganizationManagementAuthzUtil.getNewTemplate().fetchSingleRecord(replace, (resultSet2, i3) -> {
                        return Boolean.valueOf(resultSet2.getInt(1) > 0);
                    }, namedPreparedStatement2 -> {
                        namedPreparedStatement2.setString("ID", group.getGroupID());
                        namedPreparedStatement2.setString("NAME", str3);
                        int i4 = 1;
                        Iterator it = allowedPermissions.iterator();
                        while (it.hasNext()) {
                            namedPreparedStatement2.setString(str4 + i4, (String) it.next());
                            i4++;
                        }
                    })).booleanValue()) {
                        return true;
                    }
                }
                return false;
            } catch (UserStoreException | DataAccessException e) {
                throw new OrganizationManagementAuthzServiceServerException((Throwable) e);
            }
        } catch (DataAccessException e2) {
            throw new OrganizationManagementAuthzServiceServerException((Throwable) e2);
        }
    }

    @Override // org.wso2.carbon.identity.organization.management.authz.service.dao.OrganizationManagementAuthzDAO
    public boolean hasUserOrgAssociation(String str, String str2) throws OrganizationManagementAuthzServiceServerException {
        try {
            if (((Boolean) OrganizationManagementAuthzUtil.getNewTemplate().fetchSingleRecord(SQLConstants.CHECK_USER_HAS_PERMISSION_TO_ORG_THROUGH_USER_ROLE_ASSIGNMENT, (resultSet, i) -> {
                return Boolean.valueOf(resultSet.getInt(1) > 0);
            }, namedPreparedStatement -> {
                namedPreparedStatement.setString("ID", str);
                namedPreparedStatement.setString("NAME", str2);
            })).booleanValue()) {
                return true;
            }
            try {
                AbstractUserStoreManager userStoreManager = getUserStoreManager(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
                if (!userStoreManager.isExistingUserWithID(str)) {
                    return false;
                }
                for (Group group : userStoreManager.getGroupListOfUser(str, (String) null, (String) null)) {
                    if (((Boolean) OrganizationManagementAuthzUtil.getNewTemplate().fetchSingleRecord(SQLConstants.CHECK_USER_HAS_PERMISSION_TO_ORG_THROUGH_GROUPS_ASSIGNED_TO_ROLES, (resultSet2, i2) -> {
                        return Boolean.valueOf(resultSet2.getInt(1) > 0);
                    }, namedPreparedStatement2 -> {
                        namedPreparedStatement2.setString("ID", group.getGroupID());
                        namedPreparedStatement2.setString("NAME", str2);
                    })).booleanValue()) {
                        return true;
                    }
                }
                return false;
            } catch (UserStoreException | DataAccessException e) {
                throw new OrganizationManagementAuthzServiceServerException((Throwable) e);
            }
        } catch (DataAccessException e2) {
            throw new OrganizationManagementAuthzServiceServerException((Throwable) e2);
        }
    }

    @Override // org.wso2.carbon.identity.organization.management.authz.service.dao.OrganizationManagementAuthzDAO
    public String getRootOrganizationId() throws OrganizationManagementAuthzServiceServerException {
        try {
            return (String) OrganizationManagementAuthzUtil.getNewTemplate().fetchSingleRecord(SQLConstants.GET_ORGANIZATION_ID_BY_NAME, (resultSet, i) -> {
                return resultSet.getString(SQLConstants.VIEW_ID_COLUMN);
            }, namedPreparedStatement -> {
                namedPreparedStatement.setString("NAME", AuthorizationConstants.ROOT);
            });
        } catch (DataAccessException e) {
            throw new OrganizationManagementAuthzServiceServerException((Throwable) e);
        }
    }

    private AbstractUserStoreManager getUserStoreManager(int i) throws UserStoreException {
        return OrganizationManagementAuthzServiceHolder.getInstance().getRealmService().getTenantUserRealm(i).getUserStoreManager();
    }
}
