package com.actionsoft.bpms.commons.security.ac;

import com.actionsoft.apps.resource.plugin.profile.ACPluginProfile;
import com.actionsoft.bpms.commons.security.ac.cache.AccessControlCache;
import com.actionsoft.bpms.commons.security.ac.constant.ACConst;
import com.actionsoft.bpms.commons.security.ac.dao.AccessControlDaoFactory;
import com.actionsoft.bpms.commons.security.ac.model.AccessControlModel;
import com.actionsoft.bpms.commons.security.mgtgrade.util.GradeSecurityUtil;
import com.actionsoft.bpms.org.cache.CompanyCache;
import com.actionsoft.bpms.org.cache.DepartmentCache;
import com.actionsoft.bpms.org.cache.TeamMemberCache;
import com.actionsoft.bpms.org.cache.UserCache;
import com.actionsoft.bpms.org.cache.UserMapCache;
import com.actionsoft.bpms.org.model.CompanyModel;
import com.actionsoft.bpms.org.model.DepartmentModel;
import com.actionsoft.bpms.org.model.TeamMemberModel;
import com.actionsoft.bpms.org.model.UserMapModel;
import com.actionsoft.bpms.org.model.UserModel;
import com.actionsoft.bpms.server.UserContext;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:com/actionsoft/bpms/commons/security/ac/AccessControlAPI.class */
public class AccessControlAPI {
    private static AccessControlAPI _accessControlAPIManager;

    private AccessControlAPI() {
    }

    public static AccessControlAPI getInstance() {
        if (_accessControlAPIManager == null) {
            _accessControlAPIManager = new AccessControlAPI();
        }
        return _accessControlAPIManager;
    }

    public ACPluginProfile getProfile(String str) {
        return ACProfileManager.getProfile(str);
    }

    public int appendACResource(String str, String str2, int i, String str3, String str4) {
        AccessControlModel accessControlModel = new AccessControlModel();
        accessControlModel._resourceId = str;
        accessControlModel._resourceType = str2;
        accessControlModel._accessModel = i;
        accessControlModel._assignmentId = str3;
        accessControlModel._assignmentType = str4;
        return AccessControlDaoFactory.creatAccessControl().insert(accessControlModel);
    }

    public int removeACResource(String str) {
        return AccessControlDaoFactory.creatAccessControl().delete(str);
    }

    public List<AccessControlModel> getAccessModelListByResource(String str, String str2, int i) {
        ArrayList arrayList = new ArrayList();
        Iterator<AccessControlModel> aCList = AccessControlCache.getACList(str, str2);
        while (aCList.hasNext()) {
            AccessControlModel next = aCList.next();
            if (next._accessModel == i) {
                arrayList.add(next);
            }
        }
        return arrayList;
    }

    public Iterator<AccessControlModel> getListByResource(String str, String str2) {
        return AccessControlCache.getACList(str, str2);
    }

    public List<AccessControlModel> getListByResourceType(String str, String str2, int i, int i2, int i3) {
        ArrayList arrayList = new ArrayList();
        UserModel model = UserCache.getModel(str);
        if (model == null) {
            throw new IllegalArgumentException("uid[" + str + "] not exist");
        }
        DepartmentModel model2 = DepartmentCache.getModel(model.getDepartmentId());
        if (model2 == null) {
            throw new IllegalArgumentException("uid[" + str + "]'s departmentModel not exist");
        }
        CompanyModel model3 = CompanyCache.getModel(model2.getCompanyId());
        if (model3 == null) {
            throw new IllegalArgumentException("uid[" + str + "]'s companyModel not exist");
        }
        int i4 = 0;
        Iterator<AccessControlModel> it = AccessControlCache.getCache().iterator();
        while (it.hasNext()) {
            AccessControlModel next = it.next();
            if (havingPermission(model, next, i, model2, model3)) {
                i4++;
                if (i4 >= i2) {
                    if (i4 >= i2 + i3) {
                        break;
                    }
                    arrayList.add(next);
                } else {
                    continue;
                }
            }
        }
        return arrayList;
    }

    public boolean havingPermission(String str, String str2, String str3, int i, boolean z) {
        if (GradeSecurityUtil.isSuperMaster(str) || GradeSecurityUtil.isSystemMaster(str)) {
            return true;
        }
        if (z || AccessControlCache.getACList(str2, str3, i).hasNext()) {
            return havingPermission(str, str2, str3, i);
        }
        return true;
    }

    public boolean havingPermission(UserContext userContext, String str, String str2, int i, boolean z) {
        return havingPermission(userContext.getUID(), str, str2, i, z);
    }

    public boolean havingPermission(UserContext userContext, String str, String str2, int i) {
        return havingPermission(userContext.getUID(), str, str2, i);
    }

    public List<AccessControlModel> getACResourceList(String str, String str2, int i) {
        ArrayList arrayList = new ArrayList();
        UserModel model = UserCache.getModel(str);
        if (model == null) {
            return arrayList;
        }
        DepartmentModel model2 = DepartmentCache.getModel(model.getDepartmentId());
        CompanyModel model3 = CompanyCache.getModel(model2.getCompanyId());
        Iterator<AccessControlModel> aCList = AccessControlCache.getACList(str2);
        while (aCList.hasNext()) {
            AccessControlModel next = aCList.next();
            if (havingPermission(model, next, i, model2, model3)) {
                arrayList.add(next);
            }
        }
        return arrayList;
    }

    public boolean havingPermission(String str, Iterator<AccessControlModel> it, int i) {
        CompanyModel model;
        UserModel model2 = UserCache.getModel(str);
        if (model2 == null) {
            return false;
        }
        boolean z = false;
        DepartmentModel model3 = DepartmentCache.getModel(model2.getDepartmentId());
        if (model3 == null || (model = CompanyCache.getModel(model3.getCompanyId())) == null) {
            return false;
        }
        while (it.hasNext()) {
            z = havingPermission(model2, it.next(), i, model3, model);
            if (z) {
                break;
            }
        }
        return z;
    }

    public boolean havingPermission(String str, String str2, String str3, int i) {
        return havingPermission(str, AccessControlCache.getACList(str2, str3), i);
    }

    private boolean havingPermission(UserModel userModel, AccessControlModel accessControlModel, int i, DepartmentModel departmentModel, CompanyModel companyModel) {
        List mapListOfUser;
        List mapListOfUser2;
        List mapListOfUser3;
        CompanyModel model;
        if (accessControlModel._assignmentType.equals(ACConst.ASSIGN_COMPANY)) {
            r10 = accessControlModel._assignmentId.equals(companyModel.getId()) ? accessControlModel._accessModel == i : false;
            if (!r10 && (mapListOfUser3 = UserMapCache.getMapListOfUser(userModel.getUID())) != null && mapListOfUser3.size() > 0) {
                for (int i2 = 0; i2 < mapListOfUser3.size(); i2++) {
                    DepartmentModel model2 = DepartmentCache.getModel(((UserMapModel) mapListOfUser3.get(Integer.valueOf(i2).intValue())).getDepartmentId());
                    if (model2 != null && (model = CompanyCache.getModel(model2.getCompanyId())) != null && accessControlModel._assignmentId.equals(model.getId())) {
                        r10 = accessControlModel._accessModel == i;
                        if (r10) {
                            break;
                        }
                    }
                }
            }
        } else if (accessControlModel._assignmentType.equals(ACConst.ASSIGN_DEPARTMENT)) {
            DepartmentModel model3 = DepartmentCache.getModel(accessControlModel._assignmentId);
            r10 = (departmentModel.getId().equals(accessControlModel._assignmentId) || putDepartmentTree(model3, departmentModel.getId())) ? accessControlModel._accessModel == i : false;
            if (!r10 && (mapListOfUser2 = UserMapCache.getMapListOfUser(userModel.getUID())) != null && mapListOfUser2.size() > 0) {
                for (int i3 = 0; i3 < mapListOfUser2.size(); i3++) {
                    DepartmentModel model4 = DepartmentCache.getModel(((UserMapModel) mapListOfUser2.get(Integer.valueOf(i3).intValue())).getDepartmentId());
                    if (model4 != null && (model4.getId().equals(accessControlModel._assignmentId) || putDepartmentTree(model3, model4.getId()))) {
                        r10 = accessControlModel._accessModel == i;
                    }
                    if (r10) {
                        break;
                    }
                }
            }
        } else if (accessControlModel._assignmentType.equals("role")) {
            r10 = accessControlModel._assignmentId.equals(userModel.getRoleId()) ? accessControlModel._accessModel == i : false;
            if (!r10 && (mapListOfUser = UserMapCache.getMapListOfUser(userModel.getUID())) != null && mapListOfUser.size() > 0) {
                for (int i4 = 0; i4 < mapListOfUser.size(); i4++) {
                    UserMapModel userMapModel = (UserMapModel) mapListOfUser.get(Integer.valueOf(i4).intValue());
                    if (userMapModel != null && accessControlModel._assignmentId.equals(userMapModel.getRoleId())) {
                        r10 = accessControlModel._accessModel == i;
                        if (r10) {
                            break;
                        }
                    }
                }
            }
        } else if (accessControlModel._assignmentType.equals(ACConst.ASSIGN_TEAM)) {
            Iterator listOfMember = TeamMemberCache.getListOfMember(accessControlModel._assignmentId);
            while (listOfMember.hasNext()) {
                TeamMemberModel teamMemberModel = (TeamMemberModel) listOfMember.next();
                if (userModel.getUID() != null && userModel.getUID().equals(teamMemberModel.getUserId())) {
                    r10 = accessControlModel._accessModel == i;
                    if (r10) {
                        break;
                    }
                }
            }
        } else if (accessControlModel._assignmentType.equals("user") && accessControlModel._assignmentId.equals(userModel.getUID())) {
            r10 = accessControlModel._accessModel == i;
        }
        return r10;
    }

    private boolean putDepartmentTree(DepartmentModel departmentModel, String str) {
        return (departmentModel == null || new StringBuilder("/").append(DepartmentCache.getFullID(str)).toString().indexOf(new StringBuilder("/").append(departmentModel.getId()).append("/").toString()) == -1) ? false : true;
    }
}
