package org.broadleafcommerce.openadmin.server.security.service.navigation;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.Iterator;
import java.util.List;
import javax.annotation.Resource;
import org.apache.commons.beanutils.BeanComparator;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.broadleafcommerce.common.extensibility.jpa.SiteDiscriminator;
import org.broadleafcommerce.common.site.domain.Site;
import org.broadleafcommerce.common.web.BroadleafRequestContext;
import org.broadleafcommerce.openadmin.server.security.dao.AdminNavigationDao;
import org.broadleafcommerce.openadmin.server.security.domain.AdminMenu;
import org.broadleafcommerce.openadmin.server.security.domain.AdminModule;
import org.broadleafcommerce.openadmin.server.security.domain.AdminModuleDTO;
import org.broadleafcommerce.openadmin.server.security.domain.AdminModuleImpl;
import org.broadleafcommerce.openadmin.server.security.domain.AdminPermission;
import org.broadleafcommerce.openadmin.server.security.domain.AdminRole;
import org.broadleafcommerce.openadmin.server.security.domain.AdminSection;
import org.broadleafcommerce.openadmin.server.security.domain.AdminUser;
import org.broadleafcommerce.openadmin.server.security.service.AdminSecurityService;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Service("blAdminNavigationService")
/* loaded from: input_file:org/broadleafcommerce/openadmin/server/security/service/navigation/AdminNavigationServiceImpl.class */
public class AdminNavigationServiceImpl implements AdminNavigationService {
    private static final String PATTERN = "_";

    @Resource(name = "blAdminNavigationDao")
    protected AdminNavigationDao adminNavigationDao;

    @Resource(name = "blAdditionalSectionAuthorizations")
    protected List<SectionAuthorization> additionalSectionAuthorizations = new ArrayList();
    private static final Log LOG = LogFactory.getLog(AdminNavigationServiceImpl.class);
    private static SectionComparator SECTION_COMPARATOR = new SectionComparator();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/broadleafcommerce/openadmin/server/security/service/navigation/AdminNavigationServiceImpl$SectionComparator.class */
    public static class SectionComparator implements Comparator<AdminSection> {
        private SectionComparator() {
        }

        @Override // java.util.Comparator
        public int compare(AdminSection adminSection, AdminSection adminSection2) {
            if (adminSection.getDisplayOrder() != null) {
                if (adminSection2.getDisplayOrder() != null) {
                    return adminSection.getDisplayOrder().compareTo(adminSection2.getDisplayOrder());
                }
                return -1;
            }
            if (adminSection2.getDisplayOrder() != null) {
                return 1;
            }
            return adminSection.getId().compareTo(adminSection2.getId());
        }
    }

    @Override // org.broadleafcommerce.openadmin.server.security.service.navigation.AdminNavigationService
    @Transactional("blTransactionManager")
    public AdminSection save(AdminSection adminSection) {
        return this.adminNavigationDao.save(adminSection);
    }

    @Override // org.broadleafcommerce.openadmin.server.security.service.navigation.AdminNavigationService
    public void remove(AdminSection adminSection) {
        this.adminNavigationDao.remove(adminSection);
    }

    @Override // org.broadleafcommerce.openadmin.server.security.service.navigation.AdminNavigationService
    public AdminMenu buildMenu(AdminUser adminUser) {
        AdminMenu adminMenu = new AdminMenu();
        populateAdminMenu(adminUser, adminMenu, this.adminNavigationDao.readAllAdminModules());
        return adminMenu;
    }

    protected void populateAdminMenu(AdminUser adminUser, AdminMenu adminMenu, List<AdminModule> list) {
        for (AdminModule adminModule : list) {
            List<AdminSection> buildAuthorizedSectionsList = buildAuthorizedSectionsList(adminUser, adminModule);
            if (buildAuthorizedSectionsList != null && buildAuthorizedSectionsList.size() > 0) {
                AdminModuleDTO adminModuleDTO = ((AdminModuleImpl) adminModule).getAdminModuleDTO();
                adminMenu.getAdminModules().add(adminModuleDTO);
                adminModuleDTO.setSections(buildAuthorizedSectionsList);
            }
        }
        Collections.sort(adminMenu.getAdminModules(), new BeanComparator("displayOrder"));
    }

    protected List<AdminSection> buildAuthorizedSectionsList(AdminUser adminUser, AdminModule adminModule) {
        ArrayList arrayList = new ArrayList();
        Site nonPersistentSite = BroadleafRequestContext.getBroadleafRequestContext().getNonPersistentSite();
        Long id = nonPersistentSite == null ? null : nonPersistentSite.getId();
        Iterator<AdminSection> it = adminModule.getSections().iterator();
        while (it.hasNext()) {
            SiteDiscriminator siteDiscriminator = (AdminSection) it.next();
            if (isUserAuthorizedToViewSection(adminUser, siteDiscriminator)) {
                if (siteDiscriminator instanceof SiteDiscriminator) {
                    Long siteDiscriminator2 = siteDiscriminator.getSiteDiscriminator();
                    if (siteDiscriminator2 == null || siteDiscriminator2.equals(id)) {
                        arrayList.add(siteDiscriminator);
                    }
                } else {
                    arrayList.add(siteDiscriminator);
                }
            }
        }
        Collections.sort(arrayList, SECTION_COMPARATOR);
        return arrayList;
    }

    @Override // org.broadleafcommerce.openadmin.server.security.service.navigation.AdminNavigationService
    public boolean isUserAuthorizedToViewModule(AdminUser adminUser, AdminModule adminModule) {
        List<AdminSection> sections = adminModule.getSections();
        if (sections == null || sections.isEmpty()) {
            return false;
        }
        Iterator<AdminSection> it = sections.iterator();
        while (it.hasNext()) {
            if (isUserAuthorizedToViewSection(adminUser, it.next())) {
                return true;
            }
        }
        return false;
    }

    @Override // org.broadleafcommerce.openadmin.server.security.service.navigation.AdminNavigationService
    public AdminSection findAdminSectionByURI(String str) {
        return this.adminNavigationDao.readAdminSectionByURI(str);
    }

    @Override // org.broadleafcommerce.openadmin.server.security.service.navigation.AdminNavigationService
    public AdminSection findAdminSectionByClassAndSectionId(String str, String str2) {
        try {
            return findAdminSectionByClassAndSectionId(Class.forName(str), str2);
        } catch (ClassNotFoundException e) {
            LOG.warn("Invalid classname received. This likely points to a configuration error.");
            return null;
        }
    }

    @Override // org.broadleafcommerce.openadmin.server.security.service.navigation.AdminNavigationService
    public AdminSection findAdminSectionByClassAndSectionId(Class<?> cls, String str) {
        return this.adminNavigationDao.readAdminSectionByClassAndSectionId(cls, str);
    }

    @Override // org.broadleafcommerce.openadmin.server.security.service.navigation.AdminNavigationService
    public AdminSection findAdminSectionBySectionKey(String str) {
        return this.adminNavigationDao.readAdminSectionBySectionKey(str);
    }

    @Override // org.broadleafcommerce.openadmin.server.security.service.navigation.AdminNavigationService
    public boolean isUserAuthorizedToViewSection(AdminUser adminUser, AdminSection adminSection) {
        boolean z = false;
        List<AdminPermission> permissions = adminSection.getPermissions();
        if (!CollectionUtils.isEmpty(adminUser.getAllRoles())) {
            Iterator<AdminRole> it = adminUser.getAllRoles().iterator();
            loop0: while (it.hasNext()) {
                Iterator<AdminPermission> it2 = it.next().getAllPermissions().iterator();
                while (it2.hasNext()) {
                    if (checkPermissions(permissions, it2.next())) {
                        z = true;
                        break loop0;
                    }
                }
            }
        }
        if (!CollectionUtils.isEmpty(adminUser.getAllPermissions())) {
            Iterator<AdminPermission> it3 = adminUser.getAllPermissions().iterator();
            while (it3.hasNext()) {
                if (checkPermissions(permissions, it3.next())) {
                    z = true;
                    break;
                }
            }
        }
        String[] strArr = AdminSecurityService.DEFAULT_PERMISSIONS;
        int length = strArr.length;
        int i = 0;
        loop4: while (true) {
            if (i >= length) {
                break;
            }
            String str = strArr[i];
            Iterator<AdminPermission> it4 = permissions.iterator();
            while (it4.hasNext()) {
                if (it4.next().getName().equals(str)) {
                    z = true;
                    break loop4;
                }
            }
            i++;
        }
        if (z) {
            Iterator<SectionAuthorization> it5 = this.additionalSectionAuthorizations.iterator();
            while (true) {
                if (!it5.hasNext()) {
                    break;
                }
                if (!it5.next().isUserAuthorizedToViewSection(adminUser, adminSection)) {
                    z = false;
                    break;
                }
            }
        }
        return z;
    }

    @Override // org.broadleafcommerce.openadmin.server.security.service.navigation.AdminNavigationService
    public List<AdminSection> findAllAdminSections() {
        List<AdminSection> readAllAdminSections = this.adminNavigationDao.readAllAdminSections();
        Collections.sort(readAllAdminSections, SECTION_COMPARATOR);
        return readAllAdminSections;
    }

    protected boolean checkPermissions(List<AdminPermission> list, AdminPermission adminPermission) {
        if (list == null) {
            return false;
        }
        if (list.contains(adminPermission)) {
            return true;
        }
        Iterator<AdminPermission> it = list.iterator();
        while (it.hasNext()) {
            if (adminPermission.getName().equals(parseForAllPermission(it.next().getName()))) {
                return true;
            }
        }
        return false;
    }

    protected String parseForAllPermission(String str) {
        String[] split = str.split(PATTERN);
        StringBuilder sb = new StringBuilder(50);
        sb.append(split[0]);
        sb.append("_ALL_");
        for (int i = 2; i < split.length; i++) {
            sb.append(split[i]);
            if (i < split.length - 1) {
                sb.append('_');
            }
        }
        return sb.toString();
    }

    public List<SectionAuthorization> getAdditionalSectionAuthorizations() {
        return this.additionalSectionAuthorizations;
    }

    public void setAdditionalSectionAuthorizations(List<SectionAuthorization> list) {
        this.additionalSectionAuthorizations = list;
    }
}
