package org.phenotips.data.permissions.internal;

import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import com.xpn.xwiki.doc.XWikiDocument;
import com.xpn.xwiki.objects.BaseObject;
import com.xpn.xwiki.user.api.XWikiGroupService;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.TreeMap;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.apache.commons.lang3.StringUtils;
import org.phenotips.data.Patient;
import org.phenotips.data.permissions.AccessLevel;
import org.phenotips.data.permissions.Collaborator;
import org.phenotips.data.permissions.Owner;
import org.phenotips.data.permissions.PermissionsManager;
import org.phenotips.data.permissions.Visibility;
import org.slf4j.Logger;
import org.xwiki.bridge.DocumentAccessBridge;
import org.xwiki.component.annotation.Component;
import org.xwiki.context.Execution;
import org.xwiki.model.EntityType;
import org.xwiki.model.reference.DocumentReference;
import org.xwiki.model.reference.DocumentReferenceResolver;
import org.xwiki.model.reference.EntityReference;
import org.xwiki.model.reference.EntityReferenceSerializer;
import org.xwiki.security.authorization.AuthorizationManager;
import org.xwiki.security.authorization.Right;

@Singleton
@Component
/* loaded from: input_file:WEB-INF/lib/patient-access-rules-api-1.3.7-rc-1.jar:org/phenotips/data/permissions/internal/DefaultPatientAccessHelper.class */
public class DefaultPatientAccessHelper implements PatientAccessHelper {
    private static final EntityReference USER_CLASS = new EntityReference("XWikiUsers", EntityType.DOCUMENT, new EntityReference("XWiki", EntityType.SPACE));
    private static final EntityReference GROUP_CLASS = new EntityReference("XWikiGroups", EntityType.DOCUMENT, new EntityReference("XWiki", EntityType.SPACE));

    @Inject
    private Logger logger;

    @Inject
    private DocumentAccessBridge bridge;

    @Inject
    private Execution execution;

    @Inject
    @Named("currentmixed")
    private DocumentReferenceResolver<EntityReference> partialEntityResolver;

    @Inject
    @Named("currentmixed")
    private DocumentReferenceResolver<String> stringEntityResolver;

    @Inject
    private EntityReferenceSerializer<String> entitySerializer;

    @Inject
    private PermissionsManager manager;

    @Inject
    private AuthorizationManager rights;

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public DocumentReference getCurrentUser() {
        return this.bridge.getCurrentUserReference();
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public boolean isAdministrator(Patient patient) {
        if (patient == null || patient.getDocument() == null) {
            return false;
        }
        return this.rights.hasAccess(Right.ADMIN, getCurrentUser(), patient.getDocument());
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public boolean isAdministrator(Patient patient, DocumentReference documentReference) {
        if (patient == null || patient.getDocument() == null) {
            return false;
        }
        return this.rights.hasAccess(Right.ADMIN, documentReference, patient.getDocument());
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public Owner getOwner(Patient patient) {
        if (patient == null || patient.getDocument() == null) {
            return null;
        }
        String valueOf = String.valueOf(this.bridge.getProperty(patient.getDocument(), this.partialEntityResolver.resolve(Owner.CLASS_REFERENCE, patient.getDocument()), "owner"));
        return (!StringUtils.isNotBlank(valueOf) || "null".equals(valueOf)) ? new DefaultOwner(null, this) : new DefaultOwner(this.stringEntityResolver.resolve(valueOf, patient.getDocument()), this);
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public boolean setOwner(Patient patient, EntityReference entityReference) {
        DocumentReference resolve = this.partialEntityResolver.resolve(Owner.CLASS_REFERENCE, patient.getDocument());
        try {
            EntityReference user = getOwner(patient).getUser();
            this.bridge.setProperty(patient.getDocument(), resolve, "owner", entityReference != null ? this.entitySerializer.serialize(this.partialEntityResolver.resolve(entityReference, new Object[0]), new Object[0]) : "");
            if (!user.equals(entityReference)) {
                addCollaborator(patient, new DefaultCollaborator(user, this.manager.resolveAccessLevel("manage"), null));
            }
            removeCollaborator(patient, new DefaultCollaborator(entityReference, null, null));
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public Visibility getVisibility(Patient patient) {
        String str = (String) this.bridge.getProperty(patient.getDocument(), this.partialEntityResolver.resolve(Visibility.CLASS_REFERENCE, patient.getDocument()), "visibility");
        if (StringUtils.isNotBlank(str)) {
            return this.manager.resolveVisibility(str);
        }
        return null;
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public boolean setVisibility(Patient patient, Visibility visibility) {
        try {
            this.bridge.setProperty(patient.getDocument(), this.partialEntityResolver.resolve(Visibility.CLASS_REFERENCE, patient.getDocument()), "visibility", visibility != null ? visibility.getName() : "");
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public AccessLevel getAccessLevel(Patient patient, EntityReference entityReference) {
        AccessLevel resolveAccessLevel = this.manager.resolveAccessLevel("none");
        if (patient == null || entityReference == null) {
            return resolveAccessLevel;
        }
        try {
            EntityReference user = getOwner(patient).getUser();
            Collection<Collaborator> collaborators = getCollaborators(patient);
            HashSet hashSet = new HashSet();
            LinkedList linkedList = new LinkedList();
            linkedList.add((DocumentReference) entityReference);
            XWikiContext xWikiContext = getXWikiContext();
            XWikiGroupService groupService = xWikiContext.getWiki().getGroupService(xWikiContext);
            while (!linkedList.isEmpty()) {
                DocumentReference documentReference = (DocumentReference) linkedList.poll();
                AccessLevel accessLevel = getAccessLevel(documentReference, user, collaborators);
                if (accessLevel.compareTo(resolveAccessLevel) > 0) {
                    resolveAccessLevel = accessLevel;
                }
                hashSet.add(documentReference);
                Collection<DocumentReference> allGroupsReferencesForMember = groupService.getAllGroupsReferencesForMember(documentReference, 0, 0, xWikiContext);
                allGroupsReferencesForMember.removeAll(hashSet);
                linkedList.addAll(allGroupsReferencesForMember);
            }
        } catch (XWikiException e) {
            this.logger.warn("Failed to compute access level for [{}] on [{}]: {}", entityReference, patient.getDocument(), e.getMessage());
        }
        return resolveAccessLevel;
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public Collection<Collaborator> getCollaborators(Patient patient) {
        try {
            XWikiDocument xWikiDocument = (XWikiDocument) this.bridge.getDocument(patient.getDocument());
            DocumentReference resolve = this.partialEntityResolver.resolve(Collaborator.CLASS_REFERENCE, patient.getDocument());
            TreeMap treeMap = new TreeMap();
            for (BaseObject baseObject : xWikiDocument.getXObjects(resolve)) {
                if (baseObject != null) {
                    String stringValue = baseObject.getStringValue("collaborator");
                    String stringValue2 = baseObject.getStringValue("access");
                    if (!StringUtils.isBlank(stringValue) && !StringUtils.isBlank(stringValue2)) {
                        DocumentReference resolve2 = this.stringEntityResolver.resolve(stringValue, patient.getDocument());
                        AccessLevel resolveAccessLevel = this.manager.resolveAccessLevel(stringValue2);
                        if (!treeMap.containsKey(resolve2) || resolveAccessLevel.compareTo(((Collaborator) treeMap.get(resolve2)).getAccessLevel()) > 0) {
                            treeMap.put(resolve2, new DefaultCollaborator(resolve2, resolveAccessLevel, this));
                        }
                    }
                }
            }
            return treeMap.values();
        } catch (Exception e) {
            return Collections.emptySet();
        }
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public boolean setCollaborators(Patient patient, Collection<Collaborator> collection) {
        try {
            XWikiDocument xWikiDocument = (XWikiDocument) this.bridge.getDocument(patient.getDocument());
            DocumentReference resolve = this.partialEntityResolver.resolve(Collaborator.CLASS_REFERENCE, patient.getDocument());
            XWikiContext xWikiContext = (XWikiContext) this.execution.getContext().getProperty("xwikicontext");
            xWikiDocument.removeXObjects(resolve);
            for (Collaborator collaborator : collection) {
                BaseObject newXObject = xWikiDocument.newXObject(resolve, xWikiContext);
                newXObject.setStringValue("collaborator", this.entitySerializer.serialize(collaborator.getUser(), new Object[0]));
                newXObject.setStringValue("access", collaborator.getAccessLevel().getName());
            }
            xWikiContext.getWiki().saveDocument(xWikiDocument, "Updated collaborators", true, xWikiContext);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public boolean addCollaborator(Patient patient, Collaborator collaborator) {
        try {
            XWikiDocument xWikiDocument = (XWikiDocument) this.bridge.getDocument(patient.getDocument());
            DocumentReference resolve = this.partialEntityResolver.resolve(Collaborator.CLASS_REFERENCE, patient.getDocument());
            XWikiContext xWikiContext = (XWikiContext) this.execution.getContext().getProperty("xwikicontext");
            String serialize = collaborator.getUser() != null ? this.entitySerializer.serialize(this.partialEntityResolver.resolve(collaborator.getUser(), new Object[0]), new Object[0]) : "";
            BaseObject xObject = xWikiDocument.getXObject(resolve, "collaborator", serialize, false);
            if (xObject == null) {
                xObject = xWikiDocument.newXObject(resolve, xWikiContext);
            }
            xObject.setStringValue("collaborator", StringUtils.defaultString(serialize));
            xObject.setStringValue("access", collaborator.getAccessLevel().getName());
            xWikiContext.getWiki().saveDocument(xWikiDocument, "Added collaborator: " + serialize, true, xWikiContext);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public boolean removeCollaborator(Patient patient, Collaborator collaborator) {
        try {
            XWikiDocument xWikiDocument = (XWikiDocument) this.bridge.getDocument(patient.getDocument());
            DocumentReference resolve = this.partialEntityResolver.resolve(Collaborator.CLASS_REFERENCE, patient.getDocument());
            XWikiContext xWikiContext = (XWikiContext) this.execution.getContext().getProperty("xwikicontext");
            String serialize = collaborator.getUser() != null ? this.entitySerializer.serialize(this.partialEntityResolver.resolve(collaborator.getUser(), new Object[0]), new Object[0]) : "";
            BaseObject xObject = xWikiDocument.getXObject(resolve, "collaborator", serialize, false);
            if (xObject == null) {
                return false;
            }
            xWikiDocument.removeXObject(xObject);
            xWikiContext.getWiki().saveDocument(xWikiDocument, "Removed collaborator: " + serialize, true, xWikiContext);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // org.phenotips.data.permissions.internal.PatientAccessHelper
    public String getType(EntityReference entityReference) {
        try {
            XWikiDocument xWikiDocument = (XWikiDocument) this.bridge.getDocument((DocumentReference) entityReference);
            return xWikiDocument.getXObject(USER_CLASS) != null ? "user" : xWikiDocument.getXObject(GROUP_CLASS) != null ? "group" : "unknown";
        } catch (Exception e) {
            return "unknown";
        }
    }

    private AccessLevel getAccessLevel(EntityReference entityReference, EntityReference entityReference2, Collection<Collaborator> collection) {
        if (entityReference.equals(entityReference2)) {
            return this.manager.resolveAccessLevel("owner");
        }
        for (Collaborator collaborator : collection) {
            if (collaborator.getUser().equals(entityReference)) {
                return collaborator.getAccessLevel();
            }
        }
        return this.manager.resolveAccessLevel("none");
    }

    private XWikiContext getXWikiContext() {
        return (XWikiContext) this.execution.getContext().getProperty("xwikicontext");
    }
}
