package org.apache.directory.fortress.core.impl;

import com.googlecode.wicket.kendo.ui.KendoIcon;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.collections.CollectionUtils;
import org.apache.directory.fortress.annotation.AdminPermissionOperation;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.GroupMgr;
import org.apache.directory.fortress.core.ReviewMgr;
import org.apache.directory.fortress.core.ReviewMgrFactory;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.model.Group;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.model.User;
import org.apache.directory.fortress.core.model.UserRole;
import org.apache.directory.fortress.web.common.GlobalIds;

/* loaded from: input_file:WEB-INF/lib/fortress-core-2.0.5.jar:org/apache/directory/fortress/core/impl/GroupMgrImpl.class */
public class GroupMgrImpl extends Manageable implements GroupMgr, Serializable {
    private static final String CLS_NM = GroupMgrImpl.class.getName();
    private GroupP groupP = new GroupP();

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation
    public Group add(Group group) throws SecurityException {
        assertContext(CLS_NM, GlobalIds.ADD, group, GlobalErrIds.GROUP_NULL);
        checkAccess(CLS_NM, GlobalIds.ADD);
        if (!group.isMemberDn()) {
            if (group.getType() == Group.Type.ROLE) {
                loadRoleDns(group);
            } else {
                loadUserDns(group);
            }
            group.setMemberDn(true);
        }
        return this.groupP.add(group);
    }

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation
    public Group update(Group group) throws SecurityException {
        assertContext(CLS_NM, "update", group, GlobalErrIds.GROUP_NULL);
        checkAccess(CLS_NM, "update");
        return this.groupP.update(group);
    }

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation
    public Group delete(Group group) throws SecurityException {
        assertContext(CLS_NM, "delete", group, GlobalErrIds.GROUP_NULL);
        checkAccess(CLS_NM, "delete");
        return this.groupP.delete(group);
    }

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation(operationName = "addProperty")
    public Group add(Group group, String str, String str2) throws SecurityException {
        assertContext(CLS_NM, "addProperty", group, GlobalErrIds.GROUP_NULL);
        checkAccess(CLS_NM, "addProperty");
        return this.groupP.add(group, str, str2);
    }

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation(operationName = "deleteProperty")
    public Group delete(Group group, String str, String str2) throws SecurityException {
        assertContext(CLS_NM, "deleteProperty", group, GlobalErrIds.GROUP_NULL);
        checkAccess(CLS_NM, "deleteProperty");
        return this.groupP.delete(group, str, str2);
    }

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation
    public Group read(Group group) throws SecurityException {
        assertContext(CLS_NM, "read", group, GlobalErrIds.GROUP_NULL);
        checkAccess(CLS_NM, "read");
        return this.groupP.read(group);
    }

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation
    public List<Group> find(Group group) throws SecurityException {
        assertContext(CLS_NM, KendoIcon.FIND, group, GlobalErrIds.GROUP_NULL);
        checkAccess(CLS_NM, KendoIcon.FIND);
        return this.groupP.search(group);
    }

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation(operationName = "findWithUsers")
    public List<Group> find(User user) throws SecurityException {
        assertContext(CLS_NM, "findWithUsers", user, GlobalErrIds.USER_NULL);
        checkAccess(CLS_NM, "findWithUsers");
        loadUserDn(user);
        return this.groupP.search(user);
    }

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation
    public List<Group> roleGroups(Role role) throws SecurityException {
        assertContext(CLS_NM, "roleGroups", role, GlobalErrIds.ROLE_NULL);
        checkAccess(CLS_NM, "roleGroups");
        loadRoleDn(role);
        return this.groupP.roleGroups(role);
    }

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation
    public List<UserRole> groupRoles(Group group) throws SecurityException {
        assertContext(CLS_NM, "groupRoles", group, GlobalErrIds.GROUP_NULL);
        checkAccess(CLS_NM, "groupRoles");
        return this.groupP.groupRoles(group);
    }

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation
    public Group assign(Group group, String str) throws SecurityException {
        String dn;
        assertContext(CLS_NM, GlobalIds.ASSIGN, group, GlobalErrIds.GROUP_NULL);
        checkAccess(CLS_NM, GlobalIds.ASSIGN);
        ReviewMgr createInstance = ReviewMgrFactory.createInstance(this.contextId);
        if (group.getType() == Group.Type.ROLE) {
            Role role = new Role(str);
            role.setContextId(group.getContextId());
            Role readRole = createInstance.readRole(role);
            dn = readRole.getDn();
            SDUtil.getInstance().validateSSD(group, readRole);
        } else {
            User user = new User(str);
            user.setContextId(group.getContextId());
            dn = createInstance.readUser(user).getDn();
        }
        return this.groupP.assign(group, dn);
    }

    @Override // org.apache.directory.fortress.core.GroupMgr
    @AdminPermissionOperation
    public Group deassign(Group group, String str) throws SecurityException {
        assertContext(CLS_NM, GlobalIds.DEASSIGN, group, GlobalErrIds.GROUP_NULL);
        checkAccess(CLS_NM, GlobalIds.DEASSIGN);
        ReviewMgr createInstance = ReviewMgrFactory.createInstance(this.contextId);
        return this.groupP.deassign(group, group.getType() == Group.Type.ROLE ? createInstance.readRole(new Role(str)).getDn() : createInstance.readUser(new User(str)).getDn());
    }

    private void loadUserDns(Group group) throws SecurityException {
        if (CollectionUtils.isNotEmpty(group.getMembers())) {
            ReviewMgr createInstance = ReviewMgrFactory.createInstance(this.contextId);
            ArrayList arrayList = new ArrayList();
            Iterator<String> it = group.getMembers().iterator();
            while (it.hasNext()) {
                arrayList.add(createInstance.readUser(new User(it.next())).getDn());
            }
            group.setMembers(arrayList);
        }
    }

    private void loadRoleDns(Group group) throws SecurityException {
        if (CollectionUtils.isNotEmpty(group.getMembers())) {
            ReviewMgr createInstance = ReviewMgrFactory.createInstance(this.contextId);
            ArrayList arrayList = new ArrayList();
            Iterator<String> it = group.getMembers().iterator();
            while (it.hasNext()) {
                arrayList.add(createInstance.readRole(new Role(it.next())).getDn());
            }
            group.setMembers(arrayList);
        }
    }

    private void loadUserDn(User user) throws SecurityException {
        user.setDn(ReviewMgrFactory.createInstance(this.contextId).readUser(user).getDn());
    }

    private void loadRoleDn(Role role) throws SecurityException {
        role.setDn(ReviewMgrFactory.createInstance(this.contextId).readRole(role).getDn());
    }
}
