package com.ibm.tenx.app.security;

import com.ibm.tenx.core.Identifier;
import com.ibm.tenx.core.User;
import com.ibm.tenx.db.Expression;
import com.ibm.tenx.db.metadata.ActionDefinition;
import com.ibm.tenx.db.metadata.EntityDefinition;
import com.ibm.tenx.db.metadata.MetadataManager;
import com.ibm.tenx.db.metadata.RoleDefinition;
import com.ibm.tenx.db.metadata.RolePermissionDefinition;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* JADX WARN: Classes with same name are omitted:
  input_file:healthCheck/exploded_wars/healthcheck/WEB-INF/lib/10x-app-2.3.0.12.jar:com/ibm/tenx/app/security/EntityPermission.class
 */
/* loaded from: input_file:healthCheck/healthCheck/exploded_wars/healthcheck/WEB-INF/lib/10x-app-2.3.0.12.jar:com/ibm/tenx/app/security/EntityPermission.class */
public class EntityPermission implements Serializable {
    public static final EntityPermission ANYTHING_GOES = new EntityPermission();
    private boolean _create;
    private boolean _read;
    private boolean _update;
    private boolean _delete;
    private Expression _rls;
    private Expression _updateExpr;
    private Expression _deleteExpr;
    private Map<ActionDefinition, Expression> _enablementExpressionsByAction;
    private boolean _anythingGoes;

    public EntityPermission(User user, EntityDefinition entityDefinition) {
        this._enablementExpressionsByAction = new HashMap();
        if (user != null) {
            if (user.isSystemAdministrator()) {
                this._create = true;
                this._read = true;
                this._update = true;
                this._delete = true;
            } else {
                List<RoleDefinition> roles = getRoles(user);
                Iterator<RoleDefinition> it = roles.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    Boolean booleanPermission = it.next().getBooleanPermission(entityDefinition, RolePermissionDefinition.Permission.CREATE, true);
                    if (booleanPermission != null && booleanPermission.booleanValue()) {
                        this._create = true;
                        break;
                    }
                }
                Iterator<RoleDefinition> it2 = roles.iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    RoleDefinition next = it2.next();
                    Boolean booleanPermission2 = next.getBooleanPermission(entityDefinition, RolePermissionDefinition.Permission.READ, true);
                    if (booleanPermission2 != null && booleanPermission2.booleanValue()) {
                        this._read = true;
                        Expression rowLevelSecurity = next.getRowLevelSecurity(entityDefinition, true);
                        if (rowLevelSecurity == null) {
                            this._rls = null;
                            break;
                        }
                        this._rls = Expression.or(this._rls, rowLevelSecurity);
                    }
                }
                Iterator<RoleDefinition> it3 = roles.iterator();
                while (true) {
                    if (!it3.hasNext()) {
                        break;
                    }
                    RoleDefinition next2 = it3.next();
                    Boolean booleanPermission3 = next2.getBooleanPermission(entityDefinition, RolePermissionDefinition.Permission.UPDATE, true);
                    if (booleanPermission3 != null && booleanPermission3.booleanValue()) {
                        this._update = true;
                        Expression expression = next2.getExpression(entityDefinition, RolePermissionDefinition.Permission.UPDATE, true);
                        if (expression == null) {
                            this._updateExpr = null;
                            break;
                        }
                        this._updateExpr = Expression.or(this._updateExpr, expression);
                    }
                }
                Iterator<RoleDefinition> it4 = roles.iterator();
                while (true) {
                    if (!it4.hasNext()) {
                        break;
                    }
                    RoleDefinition next3 = it4.next();
                    Boolean booleanPermission4 = next3.getBooleanPermission(entityDefinition, RolePermissionDefinition.Permission.DELETE, true);
                    if (booleanPermission4 != null && booleanPermission4.booleanValue()) {
                        this._delete = true;
                        Expression expression2 = next3.getExpression(entityDefinition, RolePermissionDefinition.Permission.DELETE, true);
                        if (expression2 == null) {
                            this._deleteExpr = null;
                            break;
                        }
                        this._deleteExpr = Expression.or(this._deleteExpr, expression2);
                    }
                }
                for (ActionDefinition actionDefinition : entityDefinition.getActions()) {
                    Iterator<RoleDefinition> it5 = roles.iterator();
                    while (true) {
                        if (!it5.hasNext()) {
                            break;
                        }
                        RoleDefinition next4 = it5.next();
                        Boolean booleanPermission5 = next4.getBooleanPermission(actionDefinition, true);
                        if (booleanPermission5 != null && booleanPermission5.booleanValue()) {
                            Expression expression3 = next4.getExpression(actionDefinition, true);
                            if (expression3 == null) {
                                this._enablementExpressionsByAction.remove(actionDefinition);
                                break;
                            }
                            this._enablementExpressionsByAction.put(actionDefinition, Expression.or(this._enablementExpressionsByAction.get(actionDefinition), expression3));
                        }
                    }
                }
            }
        }
        if (!this._create || this._update) {
            return;
        }
        this._update = true;
        this._updateExpr = Expression.FALSE;
    }

    public EntityPermission() {
        this._enablementExpressionsByAction = new HashMap();
        this._anythingGoes = true;
    }

    private List<RoleDefinition> getRoles(User user) {
        ArrayList arrayList = new ArrayList();
        List<Identifier> roleIds = user.getRoleIds();
        if (roleIds != null) {
            Iterator<Identifier> it = roleIds.iterator();
            while (it.hasNext()) {
                RoleDefinition role = MetadataManager.getInstance().getRole(it.next());
                if (role != null) {
                    RoleDefinition inheritsFrom = role.getInheritsFrom();
                    while (true) {
                        RoleDefinition roleDefinition = inheritsFrom;
                        if (roleDefinition != null) {
                            if (!arrayList.contains(roleDefinition)) {
                                arrayList.add(roleDefinition);
                            }
                            inheritsFrom = roleDefinition.getInheritsFrom();
                        }
                    }
                }
            }
        }
        ArrayList arrayList2 = new ArrayList();
        if (roleIds != null) {
            Iterator<Identifier> it2 = roleIds.iterator();
            while (it2.hasNext()) {
                RoleDefinition role2 = MetadataManager.getInstance().getRole(it2.next());
                if (role2 != null && !arrayList.contains(role2)) {
                    arrayList2.add(role2);
                }
            }
        }
        return arrayList2;
    }

    public boolean canCreate() {
        return this._create || this._anythingGoes;
    }

    public boolean canRead() {
        return this._read || this._anythingGoes;
    }

    public boolean canUpdate() {
        return this._update || this._anythingGoes;
    }

    public boolean canDelete() {
        return this._delete || this._anythingGoes;
    }

    public Expression getRowLevelSecurity() {
        return this._rls;
    }

    public Expression getUpdateExpression() {
        return this._updateExpr;
    }

    public Expression getDeleteExpression() {
        return this._deleteExpr;
    }

    public Expression getEnablementExpression(ActionDefinition actionDefinition) {
        return this._enablementExpressionsByAction.get(actionDefinition);
    }
}
