package de.mhus.lib.persistence.aaa;

import de.mhus.lib.adb.DbAccessManager;
import de.mhus.lib.adb.DbCollection;
import de.mhus.lib.adb.DbManager;
import de.mhus.lib.adb.model.Field;
import de.mhus.lib.adb.model.FieldRelation;
import de.mhus.lib.adb.model.Table;
import de.mhus.lib.core.MString;
import de.mhus.lib.core.MSystem;
import de.mhus.lib.errors.AccessDeniedException;
import de.mhus.lib.sql.DbConnection;
import de.mhus.lib.sql.DbResult;
import java.util.HashMap;
import java.util.UUID;

/* loaded from: input_file:de/mhus/lib/persistence/aaa/AclAccessManager.class */
public class AclAccessManager extends DbAccessManager {
    private ISubjectCheck check;

    public AclAccessManager(ISubjectCheck iSubjectCheck) {
        this.check = iSubjectCheck;
    }

    public void hasAccess(DbManager dbManager, Table table, DbConnection dbConnection, Object obj, int i) throws AccessDeniedException {
        if (this.check.isAdministrator(dbManager, dbConnection)) {
            return;
        }
        if (i == 1) {
            hasCreateRight(dbManager, table, dbConnection, obj);
            return;
        }
        Object[] acl = getAcl(dbManager, dbConnection, table, obj);
        Acl acl2 = (Acl) acl[0];
        boolean booleanValue = ((Boolean) acl[1]).booleanValue();
        String str = (String) acl[2];
        boolean booleanValue2 = ((Boolean) acl[3]).booleanValue();
        if (booleanValue) {
            return;
        }
        if (i == 2 && booleanValue2) {
            if (!hasRight(dbManager, dbConnection, acl2, str, Acl.RIGHT_MOVE)) {
                throw new AccessDeniedException(new Object[]{"access denied", this.check.getCurrentUserInfo(), acl2, Acl.RIGHT_MOVE, obj});
            }
            hasCreateRight(dbManager, table, dbConnection, obj);
        }
        if (i == 2 && !hasRight(dbManager, dbConnection, acl2, str, Acl.RIGHT_WRITE)) {
            throw new AccessDeniedException(new Object[]{"access denied", this.check.getCurrentUserInfo(), acl2, Acl.RIGHT_WRITE, obj});
        }
        if (i == 3 && !hasRight(dbManager, dbConnection, acl2, str, Acl.RIGHT_REMOVE)) {
            throw new AccessDeniedException(new Object[]{"access denied", this.check.getCurrentUserInfo(), acl2, Acl.RIGHT_REMOVE, obj});
        }
    }

    private void hasCreateRight(DbManager dbManager, Table table, DbConnection dbConnection, Object obj) throws AccessDeniedException {
        if (obj instanceof DbResult) {
            throw new AccessDeniedException(new Object[]{"access denied", this.check.getCurrentUserInfo(), obj});
        }
        try {
            Class<?> clazz = table.getClazz();
            DbAccess dbAccess = (DbAccess) MSystem.findAnnotation(clazz, DbAccess.class);
            String str = "parent";
            Class<?> cls = Class.class;
            String str2 = "acl";
            if (dbAccess != null) {
                str = dbAccess.parent();
                cls = dbAccess.parentType();
                str2 = dbAccess.attribute();
            }
            if (cls == Class.class) {
                cls = clazz;
            }
            if (MString.isEmpty(str)) {
                return;
            }
            Table table2 = null;
            Object obj2 = table.getField(str).get(obj);
            if (obj2 == null) {
                throw new AccessDeniedException(new Object[]{"access denied: parent is null", this.check.getCurrentUserInfo(), obj});
            }
            UUID uuid = null;
            if (obj2 instanceof UUID) {
                uuid = (UUID) obj2;
            } else {
                String obj3 = obj2.toString();
                if (obj3.startsWith("from ")) {
                    String afterIndex = MString.afterIndex(obj3, ' ');
                    String trim = MString.beforeIndex(afterIndex, ' ').trim();
                    String trim2 = MString.afterIndex(afterIndex, ' ').trim();
                    if (!trim2.startsWith("where ")) {
                        throw new AccessDeniedException(new Object[]{"access denied: syntax error", this.check.getCurrentUserInfo(), obj, obj3});
                    }
                    String trim3 = MString.afterIndex(trim2, ' ').trim();
                    String lowerCase = trim.toLowerCase();
                    table2 = dbManager.getTable(lowerCase);
                    cls = table2.getClazz();
                    HashMap hashMap = new HashMap();
                    for (Field field : table.getFields()) {
                        hashMap.put(field.getMappedName(), field.get(obj));
                    }
                    DbCollection byQualification = dbManager.getByQualification(dbConnection, dbManager.createSchemaObject(lowerCase), lowerCase, trim3, hashMap);
                    r22 = byQualification.hasNext() ? byQualification.next() : null;
                    byQualification.close();
                } else {
                    uuid = UUID.fromString(obj3);
                }
            }
            if (table2 == null) {
                table2 = dbManager.getTable(dbManager.getRegistryName(cls));
                if (table2 == null) {
                    throw new AccessDeniedException(new Object[]{"access denied: parent type not found", this.check.getCurrentUserInfo(), obj, cls});
                }
            }
            if (r22 == null) {
                r22 = dbManager.getObject(dbConnection, cls, new Object[]{uuid});
            }
            if (r22 == null) {
                throw new AccessDeniedException(new Object[]{"access denied: parent not found", this.check.getCurrentUserInfo(), obj, uuid});
            }
            Object[] acl = getAcl(dbManager, dbConnection, table2, r22);
            Acl acl2 = (Acl) acl[0];
            boolean booleanValue = ((Boolean) acl[1]).booleanValue();
            String str3 = (String) acl[2];
            if (booleanValue) {
                return;
            }
            if (!hasRight(dbManager, dbConnection, acl2, str3, Acl.RIGHT_CREATE)) {
                throw new AccessDeniedException(new Object[]{"access denied", this.check.getCurrentUserInfo(), acl2, Acl.RIGHT_CREATE, obj, r22});
            }
            DbAccess dbAccess2 = (DbAccess) MSystem.findAnnotation(cls, DbAccess.class);
            String childAcl = dbAccess2 != null ? dbAccess2.childAcl() : "childacl";
            if (MString.isEmpty(childAcl)) {
                return;
            }
            table.getField(str2).set(obj, table2.getField(childAcl).get(r22));
        } catch (Exception e) {
            throw new AccessDeniedException(new Object[]{"error", e});
        } catch (AccessDeniedException e2) {
            throw e2;
        }
    }

    public boolean hasRight(DbManager dbManager, DbConnection dbConnection, Acl acl, String str, String str2) {
        return this.check.hasRight(dbManager, dbConnection, acl, str2) || AaaUtil.hasRight(str, str2) || this.check.hasRight(dbManager, dbConnection, acl, Acl.RIGHT_ALL) || AaaUtil.hasRight(str, Acl.RIGHT_ALL) || this.check.isAdministrator(dbManager, dbConnection);
    }

    public void hasReadAccess(DbManager dbManager, Table table, DbConnection dbConnection, DbResult dbResult) throws AccessDeniedException {
        if (this.check.isAdministrator(dbManager, dbConnection) || table.getClazz() == Subject.class || table.getClazz() == Acl.class || table.getClazz() == SubjectToSubject.class || table.getClazz() == AclToSubject.class) {
            return;
        }
        try {
            Object[] acl = getAcl(dbManager, dbConnection, table, dbResult);
            Acl acl2 = (Acl) acl[0];
            boolean booleanValue = ((Boolean) acl[1]).booleanValue();
            String str = (String) acl[2];
            if (!booleanValue && !hasRight(dbManager, dbConnection, acl2, str, Acl.RIGHT_READ)) {
                throw new AccessDeniedException(new Object[]{"access denied", this.check.getCurrentUserInfo(), acl2, Acl.RIGHT_READ});
            }
        } catch (Exception e) {
            throw new AccessDeniedException(new Object[]{e});
        }
    }

    public Object[] getAcl(DbManager dbManager, DbConnection dbConnection, Table table, Object obj) {
        Object obj2;
        String str = "acl";
        String str2 = "acloriginal";
        String str3 = "";
        String str4 = "";
        Class<?> cls = null;
        Acl acl = null;
        boolean z = true;
        boolean z2 = false;
        DbAccess dbAccess = (DbAccess) MSystem.findAnnotation(table.getClazz(), DbAccess.class);
        if (dbAccess != null) {
            z = false;
            str = dbAccess.attribute();
            str2 = dbAccess.original();
            str3 = dbAccess.worldAccess();
            str4 = dbAccess.owner();
            cls = dbAccess.ownerType();
        }
        try {
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (MString.isSet(str4)) {
            Field field = table.getField(str4);
            Object string = obj instanceof DbResult ? ((DbResult) obj).getString(field.getMappedName()) : field.get(obj);
            Object obj3 = null;
            UUID fromString = string instanceof UUID ? (UUID) string : UUID.fromString(string.toString());
            if (fromString != null) {
                obj3 = dbManager.getObject(dbConnection, cls, new Object[]{fromString});
            }
            if (obj3 == null) {
                return null;
            }
            return getAcl(dbManager, dbConnection, dbManager.getTable(dbManager.getRegistryName(obj3)), obj3);
        }
        Field field2 = table.getField(str);
        FieldRelation fieldRelation = table.getFieldRelation(str2);
        if (field2 != null) {
            z = false;
            if (obj instanceof DbResult) {
                obj2 = ((DbResult) obj).getString(field2.getMappedName());
            } else if (fieldRelation != null) {
                obj2 = ((RelAcl) fieldRelation.getRelationObject(obj)).getValue();
                z2 = ((RelAcl) fieldRelation.getRelationObject(obj)).isParentChanged();
            } else {
                obj2 = field2.get(obj);
            }
            if (obj2 != null) {
                UUID fromString2 = obj2 instanceof UUID ? (UUID) obj2 : UUID.fromString(obj2.toString());
                if (fromString2 != null) {
                    acl = (Acl) dbManager.getObject(dbConnection, Acl.class, new Object[]{fromString2});
                }
            }
        }
        return new Object[]{acl, Boolean.valueOf(z), str3, Boolean.valueOf(z2)};
    }
}
