package org.phenotips.data.permissions.rest.internal;

import com.xpn.xwiki.api.Document;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
import javax.ws.rs.core.UriInfo;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.xpath.compiler.Keywords;
import org.phenotips.data.Patient;
import org.phenotips.data.permissions.AccessLevel;
import org.phenotips.data.permissions.Collaborator;
import org.phenotips.data.permissions.EntityAccess;
import org.phenotips.data.permissions.EntityPermissionsManager;
import org.phenotips.data.permissions.Owner;
import org.phenotips.data.permissions.Visibility;
import org.phenotips.data.permissions.internal.EntityAccessHelper;
import org.phenotips.data.permissions.rest.CollaboratorResource;
import org.phenotips.data.permissions.rest.DomainObjectFactory;
import org.phenotips.data.permissions.rest.model.CollaboratorRepresentation;
import org.phenotips.data.permissions.rest.model.CollaboratorsRepresentation;
import org.phenotips.data.permissions.rest.model.OwnerRepresentation;
import org.phenotips.data.permissions.rest.model.PrincipalRepresentation;
import org.phenotips.data.permissions.rest.model.PrincipalsRepresentation;
import org.phenotips.data.permissions.rest.model.UserSummary;
import org.phenotips.data.permissions.rest.model.VisibilityRepresentation;
import org.phenotips.entities.PrimaryEntity;
import org.phenotips.groups.GroupManager;
import org.phenotips.rest.Autolinker;
import org.phenotips.studies.family.FamilyRepository;
import org.xwiki.component.annotation.Component;
import org.xwiki.model.reference.DocumentReference;
import org.xwiki.model.reference.DocumentReferenceResolver;
import org.xwiki.model.reference.EntityReference;
import org.xwiki.model.reference.EntityReferenceSerializer;
import org.xwiki.security.authorization.AuthorizationManager;
import org.xwiki.security.authorization.Right;
import org.xwiki.stability.Unstable;

@Singleton
@Unstable
@Component
/* loaded from: input_file:WEB-INF/lib/entity-access-rules-rest-1.4.9.jar:org/phenotips/data/permissions/rest/internal/DefaultDomainObjectFactory.class */
public class DefaultDomainObjectFactory implements DomainObjectFactory {

    @Inject
    @Named("secure")
    private EntityPermissionsManager manager;

    @Inject
    private NameAndEmailExtractor nameAndEmailExtractor;

    @Inject
    private EntityReferenceSerializer<String> entitySerializer;

    @Inject
    private Provider<Autolinker> autolinker;

    @Inject
    private GroupManager groupManager;

    @Inject
    private EntityAccessHelper helper;

    @Inject
    private FamilyRepository familyRepository;

    @Inject
    private AuthorizationManager rights;

    @Inject
    @Named(Keywords.FUNC_CURRENT_STRING)
    private DocumentReferenceResolver<EntityReference> resolver;

    @Inject
    @Named("manage")
    private AccessLevel manageAccess;

    @Inject
    @Named("edit")
    private AccessLevel editAccess;

    @Inject
    @Named("view")
    private AccessLevel viewAccess;

    @Override // org.phenotips.data.permissions.rest.DomainObjectFactory
    public OwnerRepresentation createOwnerRepresentation(PrimaryEntity primaryEntity) {
        Owner owner = this.manager.getEntityAccess(primaryEntity).getOwner();
        return (OwnerRepresentation) loadUserSummary(new OwnerRepresentation(), owner.getUser(), owner.getType());
    }

    private <E extends UserSummary> E loadUserSummary(E e, EntityReference entityReference, String str) {
        e.withId(this.entitySerializer.serialize(entityReference, new Object[0]));
        e.withType(str);
        Pair<String, String> nameAndEmail = this.nameAndEmailExtractor.getNameAndEmail(str, entityReference);
        if (nameAndEmail != null) {
            if (!StringUtils.isBlank(nameAndEmail.getLeft())) {
                e.withName(nameAndEmail.getLeft());
            }
            if (!StringUtils.isBlank(nameAndEmail.getRight())) {
                e.withEmail(nameAndEmail.getRight());
            }
        }
        return e;
    }

    @Override // org.phenotips.data.permissions.rest.DomainObjectFactory
    public VisibilityRepresentation createVisibilityRepresentation(PrimaryEntity primaryEntity) {
        return createVisibilityRepresentation(this.manager.getEntityAccess(primaryEntity).getVisibility());
    }

    @Override // org.phenotips.data.permissions.rest.DomainObjectFactory
    public VisibilityRepresentation createVisibilityRepresentation(Visibility visibility) {
        if (visibility == null) {
            return null;
        }
        return new VisibilityRepresentation().withLevel(visibility.getName()).withLabel(visibility.getLabel()).withDescription(visibility.getDescription());
    }

    @Override // org.phenotips.data.permissions.rest.DomainObjectFactory
    public CollaboratorsRepresentation createCollaboratorsRepresentation(PrimaryEntity primaryEntity, UriInfo uriInfo) {
        EntityAccess entityAccess = this.manager.getEntityAccess(primaryEntity);
        Collection<Collaborator> collaborators = entityAccess.getCollaborators();
        CollaboratorsRepresentation collaboratorsRepresentation = new CollaboratorsRepresentation();
        for (Collaborator collaborator : collaborators) {
            CollaboratorRepresentation createCollaboratorRepresentation = createCollaboratorRepresentation(collaborator);
            createCollaboratorRepresentation.withLinks(this.autolinker.get().forSecondaryResource(CollaboratorResource.class, uriInfo).withExtraParameters("collaborator-id", this.entitySerializer.serialize(collaborator.getUser(), new Object[0])).withGrantedRight(entityAccess.getAccessLevel().getGrantedRight()).build());
            collaboratorsRepresentation.withCollaborators(createCollaboratorRepresentation);
        }
        return collaboratorsRepresentation;
    }

    @Override // org.phenotips.data.permissions.rest.DomainObjectFactory
    public CollaboratorRepresentation createCollaboratorRepresentation(Collaborator collaborator) {
        CollaboratorRepresentation collaboratorRepresentation = (CollaboratorRepresentation) loadUserSummary(new CollaboratorRepresentation(), collaborator.getUser(), collaborator.getType());
        collaboratorRepresentation.withLevel(collaborator.getAccessLevel().getName());
        return collaboratorRepresentation;
    }

    @Override // org.phenotips.data.permissions.rest.DomainObjectFactory
    public PrincipalsRepresentation createPrincipalsRepresentation(PrimaryEntity primaryEntity, String str, UriInfo uriInfo) {
        PrincipalsRepresentation principalsRepresentation = new PrincipalsRepresentation();
        addEntity(primaryEntity, str, new HashMap(), principalsRepresentation, false);
        return principalsRepresentation;
    }

    private void addEntity(PrimaryEntity primaryEntity, String str, Map<String, Pair<PrincipalRepresentation, AccessLevel>> map, PrincipalsRepresentation principalsRepresentation, boolean z) {
        EntityAccess entityAccess = this.manager.getEntityAccess(primaryEntity);
        Owner owner = entityAccess.getOwner();
        String username = owner.getUsername();
        if (owner == null || StringUtils.isBlank(username)) {
            return;
        }
        String str2 = "owner";
        AccessLevel accessLevel = this.manageAccess;
        PrincipalRepresentation principalRepresentation = null;
        if (z) {
            if (map.containsKey(username)) {
                principalRepresentation = map.get(username).getLeft();
                if (map.get(username).getRight().equals(this.viewAccess)) {
                    checkAccessRight(map.get(username).getLeft(), map.get(username).getRight(), this.editAccess, "family-member-owner", z);
                }
            } else if (this.rights.hasAccess(Right.ADMIN, this.resolver.resolve(owner.getUser(), new Object[0]), owner.getUser().getRoot())) {
                str2 = "admin";
            } else {
                str2 = "family-member-owner";
                accessLevel = this.editAccess;
            }
        }
        if (principalRepresentation == null) {
            PrincipalRepresentation createPrincipalRepresentation = createPrincipalRepresentation(owner.getUser(), owner.getType(), accessLevel.getName(), str2, "", this.helper.getDocument(owner.getUser()).getURL());
            principalsRepresentation.withPrincipals(createPrincipalRepresentation);
            map.put(username, new ImmutablePair(createPrincipalRepresentation, accessLevel));
            if (owner.isGroup()) {
                addGroupMembers(map, principalsRepresentation, createPrincipalRepresentation.getId(), createPrincipalRepresentation.getName(), accessLevel, str2, z);
            }
        }
        addEntityCollaborators(entityAccess, map, principalsRepresentation, z);
        if ("families".equals(str)) {
            addFamilyMembers(primaryEntity, map, principalsRepresentation);
        }
    }

    private void addGroupMembers(Map<String, Pair<PrincipalRepresentation, AccessLevel>> map, PrincipalsRepresentation principalsRepresentation, String str, String str2, AccessLevel accessLevel, String str3, boolean z) {
        for (Document document : this.groupManager.getAllMembersForGroup(str)) {
            String name = document.getName();
            AccessLevel accessLevel2 = accessLevel;
            String str4 = str3;
            boolean hasAccess = this.rights.hasAccess(Right.ADMIN, document.getDocumentReference(), document.getDocumentReference().getRoot());
            if (z || !"owner".equals(name)) {
                if (!map.containsKey(name)) {
                    if (hasAccess) {
                        str4 = "admin";
                        accessLevel2 = this.manageAccess;
                    }
                    DocumentReference documentReference = document.getDocumentReference();
                    PrincipalRepresentation createPrincipalRepresentation = createPrincipalRepresentation(documentReference, this.helper.getType(documentReference), accessLevel2.getName(), str4, str2, document.getURL());
                    principalsRepresentation.withPrincipals(createPrincipalRepresentation);
                    map.put(documentReference.getName(), new ImmutablePair(createPrincipalRepresentation, accessLevel));
                } else if (!this.manageAccess.equals(map.get(name).getRight())) {
                    checkAccessRight(map.get(name).getLeft(), map.get(name).getRight(), accessLevel, str4, z);
                }
            }
        }
    }

    private void addEntityCollaborators(EntityAccess entityAccess, Map<String, Pair<PrincipalRepresentation, AccessLevel>> map, PrincipalsRepresentation principalsRepresentation, boolean z) {
        for (Collaborator collaborator : entityAccess.getCollaborators()) {
            AccessLevel accessLevel = collaborator.getAccessLevel();
            String str = "collaborator";
            if (z) {
                str = "family-member-collaborator";
                accessLevel = accessLevel == this.manageAccess ? this.editAccess : accessLevel;
            }
            if (this.rights.hasAccess(Right.ADMIN, this.resolver.resolve(collaborator.getUser(), new Object[0]), collaborator.getUser().getRoot())) {
                str = "admin";
                accessLevel = this.manageAccess;
            }
            String username = collaborator.getUsername();
            if (map.containsKey(username)) {
                checkAccessRight(map.get(username).getLeft(), map.get(username).getRight(), accessLevel, str, z);
            } else {
                PrincipalRepresentation createPrincipalRepresentation = createPrincipalRepresentation(collaborator.getUser(), collaborator.getType(), accessLevel.getName(), str, "", this.helper.getDocument(collaborator.getUser()).getURL());
                principalsRepresentation.withPrincipals(createPrincipalRepresentation);
                map.put(username, new ImmutablePair(createPrincipalRepresentation, accessLevel));
                if (collaborator.isGroup()) {
                    addGroupMembers(map, principalsRepresentation, createPrincipalRepresentation.getId(), createPrincipalRepresentation.getName(), accessLevel, str, z);
                }
            }
        }
    }

    private void addFamilyMembers(PrimaryEntity primaryEntity, Map<String, Pair<PrincipalRepresentation, AccessLevel>> map, PrincipalsRepresentation principalsRepresentation) {
        Iterator<Patient> it = this.familyRepository.get(primaryEntity.getId()).getMembers().iterator();
        while (it.hasNext()) {
            addEntity(it.next(), "patients", map, principalsRepresentation, true);
        }
    }

    private void checkAccessRight(PrincipalRepresentation principalRepresentation, AccessLevel accessLevel, AccessLevel accessLevel2, String str, boolean z) {
        if (accessLevel.compareTo(accessLevel2) < 0) {
            principalRepresentation.setLevel(accessLevel2.getName());
            principalRepresentation.setRole(str);
        }
    }

    private PrincipalRepresentation createPrincipalRepresentation(EntityReference entityReference, String str, String str2, String str3, String str4, String str5) {
        PrincipalRepresentation principalRepresentation = (PrincipalRepresentation) loadUserSummary(new PrincipalRepresentation(), entityReference, str);
        principalRepresentation.withLevel(str2);
        principalRepresentation.withRole(str3);
        principalRepresentation.withGroup(str4);
        principalRepresentation.withUrl(str5);
        return principalRepresentation;
    }
}
