package com.atlassian.greenhopper.service.sprint;

import com.atlassian.greenhopper.jira.permission.GHProjectPermissions;
import com.atlassian.greenhopper.model.rapid.RapidView;
import com.atlassian.greenhopper.model.validation.ErrorCollection;
import com.atlassian.greenhopper.service.PermissionService;
import com.atlassian.greenhopper.service.ServiceOutcome;
import com.atlassian.greenhopper.service.ServiceOutcomeImpl;
import com.atlassian.greenhopper.service.ServiceResult;
import com.atlassian.greenhopper.service.ServiceResultImpl;
import com.atlassian.greenhopper.service.query.QueryService;
import com.atlassian.greenhopper.service.rapid.RapidViewQueryService;
import com.atlassian.greenhopper.service.rapid.view.RapidViewService;
import com.atlassian.jira.bc.issue.search.SearchService;
import com.atlassian.jira.issue.Issue;
import com.atlassian.jira.issue.search.SearchException;
import com.atlassian.jira.jql.builder.JqlQueryBuilder;
import com.atlassian.jira.project.Project;
import com.atlassian.jira.project.ProjectManager;
import com.atlassian.jira.security.PermissionManager;
import com.atlassian.jira.user.ApplicationUser;
import com.google.common.collect.ImmutableSet;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.annotation.Nonnull;
import org.apache.commons.collections.CollectionUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/atlassian/greenhopper/service/sprint/SprintPermissionServiceImpl.class */
public class SprintPermissionServiceImpl implements SprintPermissionService {

    @Autowired
    private PermissionService permissionService;

    @Autowired
    private PermissionManager permissionManager;

    @Autowired
    private SprintQueryService sprintQueryService;

    @Autowired
    private SearchService jiraSearchService;

    @Autowired
    private QueryService queryService;

    @Autowired
    private ProjectManager projectManager;

    @Autowired
    private RapidViewService rapidViewService;

    @Autowired
    private RapidViewQueryService rapidViewQueryService;

    @Override // com.atlassian.greenhopper.service.sprint.SprintPermissionService
    @Nonnull
    public ServiceOutcome<Boolean> canViewSprint(ApplicationUser applicationUser, Sprint sprint) {
        if (this.permissionService.isJiraAdministrator(applicationUser)) {
            return ServiceOutcomeImpl.ok(true);
        }
        if (sprint.getRapidViewId() != null && this.rapidViewService.getRapidView(applicationUser, sprint.getRapidViewId()).isValid()) {
            return ServiceOutcomeImpl.ok(true);
        }
        ServiceOutcome<Long> issueCountForSprint = getIssueCountForSprint(applicationUser, sprint);
        if (issueCountForSprint.isValid()) {
            return ServiceOutcomeImpl.ok(Boolean.valueOf(issueCountForSprint.get().longValue() > 0));
        }
        return ServiceOutcomeImpl.from(issueCountForSprint.getErrors());
    }

    @Override // com.atlassian.greenhopper.service.sprint.SprintPermissionService
    @Nonnull
    public ServiceResult canCreateSprint(ApplicationUser applicationUser, RapidView rapidView) {
        return this.permissionService.isJiraAdministrator(applicationUser) ? ServiceResultImpl.ok() : validateManageSprintsPermissionInBoard(applicationUser, rapidView, "gh.sprint.create.no.permission");
    }

    @Override // com.atlassian.greenhopper.service.sprint.SprintPermissionService
    @Nonnull
    public ServiceResult canUpdateSprint(ApplicationUser applicationUser, Sprint sprint) {
        if (this.permissionService.isJiraAdministrator(applicationUser)) {
            return ServiceResultImpl.ok();
        }
        RapidView value = this.rapidViewService.getRapidView(applicationUser, sprint.getRapidViewId()).getValue();
        return value != null ? validateManageSprintsPermissionInBoard(applicationUser, value, "gh.sprint.update.no.permission") : validateManageSprintsPermissionInSprint(applicationUser, sprint, "gh.sprint.update.no.permission");
    }

    @Override // com.atlassian.greenhopper.service.sprint.SprintPermissionService
    @Nonnull
    public ServiceOutcome<Map<Sprint, Boolean>> canUpdateSprints(ApplicationUser applicationUser, List<Sprint> list) {
        HashMap hashMap = new HashMap();
        for (Sprint sprint : list) {
            hashMap.put(sprint, Boolean.valueOf(canUpdateSprint(applicationUser, sprint).isValid()));
        }
        return ServiceOutcomeImpl.ok(hashMap);
    }

    @Override // com.atlassian.greenhopper.service.sprint.SprintPermissionService
    @Nonnull
    public ServiceResult canAddRemoveIssuesToSprint(ApplicationUser applicationUser, Iterable<Issue> iterable) {
        boolean z = false;
        Iterator<Issue> it = iterable.iterator();
        while (it.hasNext()) {
            z = !this.permissionService.hasPermission(applicationUser, it.next(), 28);
            if (z) {
                break;
            }
        }
        return z ? ServiceResultImpl.error(ErrorCollection.Reason.FORBIDDEN, "gh.sprint.issue.edit.no.permission", new Object[0]) : ServiceResultImpl.ok();
    }

    @Override // com.atlassian.greenhopper.service.sprint.SprintPermissionService
    public boolean hasManageSprintsPermission(ApplicationUser applicationUser, RapidView rapidView) {
        return this.permissionService.isJiraAdministrator(applicationUser) || validateManageSprintsPermissionInBoard(applicationUser, rapidView, "").isValid();
    }

    private ServiceResult validateManageSprintsPermissionInBoard(ApplicationUser applicationUser, RapidView rapidView, String str) {
        ServiceOutcome<Set<Project>> projectsForRapidViewFilterQuery = this.queryService.getProjectsForRapidViewFilterQuery(applicationUser, rapidView);
        if (!projectsForRapidViewFilterQuery.isValid()) {
            return ServiceOutcomeImpl.error(projectsForRapidViewFilterQuery);
        }
        ImmutableSet immutableSet = (Set) projectsForRapidViewFilterQuery.getValue();
        if (CollectionUtils.isEmpty(immutableSet)) {
            immutableSet = ImmutableSet.copyOf(this.projectManager.getProjectObjects());
        }
        if (hasManageSprintsPermissionInAllProjects(applicationUser, immutableSet)) {
            return ServiceResultImpl.ok();
        }
        return ServiceOutcomeImpl.error(ErrorCollection.Reason.FORBIDDEN, str, getProjectNamesString(applicationUser, immutableSet));
    }

    private ServiceResult validateManageSprintsPermissionInSprint(ApplicationUser applicationUser, Sprint sprint, String str) {
        ServiceOutcome<Set<Project>> projectsOverrideSecurity = this.sprintQueryService.getProjectsOverrideSecurity(applicationUser, sprint);
        if (projectsOverrideSecurity.isInvalid()) {
            return ServiceOutcomeImpl.error(projectsOverrideSecurity);
        }
        Set<Project> set = projectsOverrideSecurity.get();
        if (hasManageSprintsPermissionInAllProjects(applicationUser, set)) {
            return ServiceResultImpl.ok();
        }
        return ServiceOutcomeImpl.error(ErrorCollection.Reason.FORBIDDEN, str, getProjectNamesString(applicationUser, set));
    }

    private ServiceOutcome<Long> getIssueCountForSprint(ApplicationUser applicationUser, Sprint sprint) {
        JqlQueryBuilder newBuilder = JqlQueryBuilder.newBuilder();
        newBuilder.where().defaultAnd().addClause(this.sprintQueryService.getSprintClause(sprint));
        try {
            return ServiceOutcomeImpl.ok(Long.valueOf(this.jiraSearchService.searchCount(applicationUser, newBuilder.buildQuery())));
        } catch (SearchException e) {
            return ServiceOutcomeImpl.error(ErrorCollection.Reason.SERVER_ERROR, e.getMessage(), new Object[0]);
        }
    }

    private String getProjectNamesString(ApplicationUser applicationUser, Set<Project> set) {
        StringBuilder sb = new StringBuilder();
        for (Project project : set) {
            if (this.permissionService.hasPermission(applicationUser, project, 10)) {
                sb.append(project.getName()).append(", ");
            } else {
                sb.append(project.getId()).append(", ");
            }
        }
        String sb2 = sb.toString();
        return sb2.substring(0, sb2.length() - 2);
    }

    private boolean hasManageSprintsPermissionInAllProjects(ApplicationUser applicationUser, Set<Project> set) {
        return set.stream().allMatch(project -> {
            return this.permissionManager.hasPermission(GHProjectPermissions.MANAGE_SPRINTS, project, applicationUser);
        });
    }
}
