package com.liferay.app.builder.rest.internal.resource.v1_0;

import com.liferay.app.builder.rest.dto.v1_0.AppModelPermission;
import com.liferay.app.builder.rest.resource.v1_0.AppModelPermissionResource;
import com.liferay.data.engine.rest.client.dto.v2_0.DataModelPermission;
import com.liferay.data.engine.rest.client.resource.v2_0.DataModelPermissionResource;
import com.liferay.portal.kernel.exception.NoSuchRoleException;
import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.Company;
import com.liferay.portal.kernel.model.ResourceAction;
import com.liferay.portal.kernel.model.ResourcePermission;
import com.liferay.portal.kernel.model.Role;
import com.liferay.portal.kernel.security.auth.AuthTokenUtil;
import com.liferay.portal.kernel.security.permission.PermissionThreadLocal;
import com.liferay.portal.kernel.security.permission.resource.PortletResourcePermission;
import com.liferay.portal.kernel.service.ResourceActionLocalService;
import com.liferay.portal.kernel.service.ResourcePermissionLocalService;
import com.liferay.portal.kernel.service.RoleLocalService;
import com.liferay.portal.kernel.service.permission.ModelPermissions;
import com.liferay.portal.kernel.service.permission.ModelPermissionsFactory;
import com.liferay.portal.kernel.util.ArrayUtil;
import com.liferay.portal.kernel.util.CookieKeys;
import com.liferay.portal.kernel.util.Portal;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.vulcan.pagination.Page;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.validation.ValidationException;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ServiceScope;

@Component(properties = {"OSGI-INF/liferay/rest/v1_0/app-model-permission.properties"}, scope = ServiceScope.PROTOTYPE, service = {AppModelPermissionResource.class})
/* loaded from: input_file:com/liferay/app/builder/rest/internal/resource/v1_0/AppModelPermissionResourceImpl.class */
public class AppModelPermissionResourceImpl extends BaseAppModelPermissionResourceImpl {
    private static final Log _log = LogFactoryUtil.getLog(AppModelPermissionResourceImpl.class);

    @Reference
    private Portal _portal;

    @Reference(target = "(resource.name=com.liferay.app.builder)")
    private PortletResourcePermission _portletResourcePermission;

    @Reference
    private ResourceActionLocalService _resourceActionLocalService;

    @Reference
    private ResourcePermissionLocalService _resourcePermissionLocalService;

    @Reference
    private RoleLocalService _roleLocalService;

    @Override // com.liferay.app.builder.rest.internal.resource.v1_0.BaseAppModelPermissionResourceImpl
    public Page<AppModelPermission> getAppModelPermissionsPage(String str) throws Exception {
        _checkPortletPermissions();
        List resourceActions = this._resourceActionLocalService.getResourceActions("com.liferay.app.builder");
        return Page.of(transform(_getRoles(this.contextCompany, this._roleLocalService, StringUtil.split(str)), role -> {
            return _toAppModelPermission(Long.valueOf(this.contextCompany.getCompanyId()), Long.valueOf(this.contextCompany.getGroupId()), resourceActions, "com.liferay.app.builder", role);
        }));
    }

    @Override // com.liferay.app.builder.rest.internal.resource.v1_0.BaseAppModelPermissionResourceImpl
    public void putAppModelPermission(AppModelPermission[] appModelPermissionArr) throws Exception {
        _checkPortletPermissions();
        long siteGroupId = this._portal.getSiteGroupId(this.contextCompany.getGroupId());
        this._resourcePermissionLocalService.updateResourcePermissions(this.contextCompany.getCompanyId(), siteGroupId, "com.liferay.app.builder", String.valueOf(siteGroupId), _getModelPermissions(this.contextCompany.getCompanyId(), appModelPermissionArr, siteGroupId, "com.liferay.app.builder"));
        for (AppModelPermission appModelPermission : appModelPermissionArr) {
            if (ArrayUtil.contains(appModelPermission.getActionIds(), "MANAGE", true)) {
                DataModelPermissionResource.builder().endpoint(this._portal.getHost(this.contextHttpServletRequest), this.contextHttpServletRequest.getServerPort(), this.contextHttpServletRequest.getScheme()).header("Cookie", "JSESSIONID=" + CookieKeys.getCookie(this.contextHttpServletRequest, "JSESSIONID")).parameter("p_auth", AuthTokenUtil.getToken(this.contextHttpServletRequest)).build().putDataModelPermission(_getDataModelPermissions(appModelPermission.getRoleName()));
            }
        }
    }

    private void _checkPortletPermissions() throws PortalException {
        if (this._portletResourcePermission.contains(PermissionThreadLocal.getPermissionChecker(), this.contextCompany.getGroupId(), "MANAGE")) {
            return;
        }
        this._portletResourcePermission.check(PermissionThreadLocal.getPermissionChecker(), this.contextCompany.getGroupId(), "PERMISSIONS");
    }

    private DataModelPermission[] _getDataModelPermissions(final String str) {
        return new DataModelPermission[]{new DataModelPermission() { // from class: com.liferay.app.builder.rest.internal.resource.v1_0.AppModelPermissionResourceImpl.1
            {
                this.actionIds = new String[]{"ADD_DATA_DEFINITION", "ADD_DATA_RECORD_COLLECTION", "PERMISSIONS"};
                this.roleName = str;
            }
        }};
    }

    private ModelPermissions _getModelPermissions(long j, AppModelPermission[] appModelPermissionArr, long j2, String str) throws PortalException {
        ModelPermissions create = ModelPermissionsFactory.create(new String[0], new String[0], str);
        for (AppModelPermission appModelPermission : appModelPermissionArr) {
            if (appModelPermission.getActionIds().length == 0) {
                List resourceActions = this._resourceActionLocalService.getResourceActions(str);
                Role role = this._roleLocalService.getRole(j, appModelPermission.getRoleName());
                Iterator it = resourceActions.iterator();
                while (it.hasNext()) {
                    this._resourcePermissionLocalService.removeResourcePermission(j, str, 4, String.valueOf(j2), role.getRoleId(), ((ResourceAction) it.next()).getActionId());
                }
            } else {
                create.addRolePermissions(appModelPermission.getRoleName(), appModelPermission.getActionIds());
            }
        }
        return create;
    }

    private List<Role> _getRoles(Company company, RoleLocalService roleLocalService, String[] strArr) throws PortalException {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (String str : strArr) {
            try {
                arrayList2.add(roleLocalService.getRole(company.getCompanyId(), str));
            } catch (NoSuchRoleException e) {
                if (_log.isDebugEnabled()) {
                    _log.debug(str, e);
                }
                arrayList.add(str);
            }
        }
        if (arrayList.isEmpty()) {
            return arrayList2;
        }
        throw new ValidationException("Invalid roles: " + ArrayUtil.toStringArray(arrayList));
    }

    private AppModelPermission _toAppModelPermission(Long l, Long l2, List<ResourceAction> list, String str, final Role role) {
        ResourcePermission fetchResourcePermission = this._resourcePermissionLocalService.fetchResourcePermission(l.longValue(), str, 4, String.valueOf(l2), role.getRoleId());
        if (fetchResourcePermission == null) {
            return null;
        }
        final HashSet hashSet = new HashSet();
        long actionIds = fetchResourcePermission.getActionIds();
        for (ResourceAction resourceAction : list) {
            long bitwiseValue = resourceAction.getBitwiseValue();
            if ((actionIds & bitwiseValue) == bitwiseValue) {
                hashSet.add(resourceAction.getActionId());
            }
        }
        return new AppModelPermission() { // from class: com.liferay.app.builder.rest.internal.resource.v1_0.AppModelPermissionResourceImpl.2
            {
                this.actionIds = (String[]) hashSet.toArray(new String[0]);
                this.roleName = role.getName();
            }
        };
    }
}
