package ru.cft.platform.securityadmin;

import com.google.common.base.Strings;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import java.util.function.BiFunction;
import java.util.function.Function;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ru.cft.platform.core.model.MetaClassRights;
import ru.cft.platform.core.model.MetaCriteriaRights;
import ru.cft.platform.core.model.MetaMethodRights;
import ru.cft.platform.core.model.MetaObjectRight;
import ru.cft.platform.core.model.MetaObjectRightEx;
import ru.cft.platform.core.model.MetaTransitionRights;
import ru.cft.platform.securityadmin.dao.AbstractDao;
import ru.cft.platform.securityadmin.model.IMetaObject;
import ru.cft.platform.securityadmin.model.IUser;
import ru.cft.platform.securityadmin.model.MetaCheckMethodRights;
import ru.cft.platform.securityadmin.model.SecurityDomainEntry;
import ru.cft.platform.securityadmin.model.SubjectType;
import ru.cft.platform.securityadmin.model.UserLockStatus;
import ru.cft.platform.securityadmin.model.UserProperties;
import ru.cft.platform.securityadmin.model.UserProperty;

/* loaded from: input_file:ru/cft/platform/securityadmin/Secadmin.class */
public class Secadmin extends AbstractDao implements ISecadmin {
    private static final String DML = "|";
    private static final int FULLNAME_LENGTH = 100;
    private static final String CHECK_USER_TABLE = "Z#USER";
    private static final String CHECK_USER_COLUMN = "C_USERNAME";
    private static final String UADMIN_READ_ONLY = "UADMIN_READ_ONLY";
    private static Logger secadmLogger = LoggerFactory.getLogger(Secadmin.class);
    private IUser currentUser;
    private IAuditLogger logger;
    private String currentUserName = "IBS";
    private Boolean isReadonly = null;
    private Boolean isSyncUsergroups = null;
    private Boolean isInfoSecurityAdmin = null;
    private Boolean isTechnologist = null;
    private Boolean bRootDomainUser = null;
    private final Map<String, StringBuilder> debugText = Map.of(ISecadmin.DEBUG2BUF, new StringBuilder(), ISecadmin.DEBUG2LOG, new StringBuilder(), ISecadmin.DEBUG2PIPE, new StringBuilder(), "F", new StringBuilder());

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: ru.cft.platform.securityadmin.Secadmin$1, reason: invalid class name */
    /* loaded from: input_file:ru/cft/platform/securityadmin/Secadmin$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$ru$cft$platform$securityadmin$model$UserProperty = new int[UserProperty.values().length];

        static {
            try {
                $SwitchMap$ru$cft$platform$securityadmin$model$UserProperty[UserProperty.ADMIN.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$ru$cft$platform$securityadmin$model$UserProperty[UserProperty.LOCK.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$ru$cft$platform$securityadmin$model$UserProperty[UserProperty.PDADMIN.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$ru$cft$platform$securityadmin$model$UserProperty[UserProperty.PICKER.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$ru$cft$platform$securityadmin$model$UserProperty[UserProperty.REVISOR.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$ru$cft$platform$securityadmin$model$UserProperty[UserProperty.UADMIN.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$ru$cft$platform$securityadmin$model$UserProperty[UserProperty.UPICKER.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void setCurrentUser(String str) {
        this.currentUserName = Strings.nullToEmpty(str).trim().toUpperCase();
        this.logger.setCurrentUser(this.currentUserName);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public String getCurrentUser() {
        return this.currentUserName;
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void setLogger(IAuditLogger iAuditLogger) {
        this.logger = iAuditLogger;
    }

    private void addOsLogWhenCreate(StringBuilder sb, String str, String str2) {
        if (!Strings.isNullOrEmpty(str)) {
            sb.append(System.lineSeparator());
            sb.append(String.format(Messages.Secadmin_LogChangeOsUser, "", Strings.nullToEmpty(str)));
        }
        if (Strings.isNullOrEmpty(str2)) {
            return;
        }
        sb.append(System.lineSeparator());
        sb.append(String.format(Messages.Secadmin_LogChangeOsDomain, "", Strings.nullToEmpty(str2)));
    }

    private void addOsLogWhenCreate(StringBuilder sb, String str) {
        addOsLogWhenCreate(sb, str, null);
    }

    private void addOsLogWhenEdit(StringBuilder sb, String str, String str2, IUser iUser) {
        if (!Strings.nullToEmpty(iUser.getOsUser()).equals(Strings.nullToEmpty(str))) {
            sb.append(System.lineSeparator());
            sb.append(String.format(Messages.Secadmin_LogChangeOsUser, Strings.nullToEmpty(iUser.getOsUser()), Strings.nullToEmpty(str)));
        }
        if (Strings.nullToEmpty(iUser.getOsDomain()).equals(Strings.nullToEmpty(str2))) {
            return;
        }
        sb.append(System.lineSeparator());
        sb.append(String.format(Messages.Secadmin_LogChangeOsDomain, Strings.nullToEmpty(iUser.getOsDomain()), Strings.nullToEmpty(str2)));
    }

    private void addOsLogWhenEdit(StringBuilder sb, String str, IUser iUser) {
        addOsLogWhenEdit(sb, str, null, iUser);
    }

    private void setLogChangeProps(StringBuilder sb, String str, String str2, String str3) throws SecadminException {
        if (sb.length() > 0) {
            this.logger.logUserPropsChanged(str3.equals(SubjectType.SubjectTypeConverter.USER) ? String.format(Messages.Secadmin_ChangeUserShort, str, str2, sb.toString()) : String.format(Messages.Secadmin_ChangeGroup, str, str2, sb.toString()));
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public String createUser(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2)) {
            return "";
        }
        String upperCase = str.trim().toUpperCase();
        initPack();
        checkRoles(true, true, false, true);
        if (getUadmDao().getUser(upperCase) != null) {
            throw new SecadminException(String.format(Messages.Secadmin_HaveUser, upperCase));
        }
        UserProperties userProperties = new UserProperties(str3);
        checkUserAccessible(upperCase, userProperties);
        canCreateUser(userProperties);
        if (isRootDomainUser()) {
            if (isUAdmin(userProperties) && Strings.isNullOrEmpty(str7) && !isOwner(this.currentUser)) {
                throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
            }
        } else {
            if (Strings.isNullOrEmpty(str7)) {
                throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
            }
            SecurityDomainEntry securityDomainEntry = getUadmDao().getSecurityDomainEntry(str7, true, this.currentUserName);
            if (securityDomainEntry == null) {
                throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
            }
            canChangeRoles(userProperties, new UserProperties(""), securityDomainEntry);
        }
        if (!userProperties.hasProperty(UserProperty.LOCK)) {
            checkSystemUser(upperCase);
        }
        String str8 = ISecadmin.NO_VALUE.equalsIgnoreCase(str5) ? null : str5;
        String str9 = ISecadmin.NO_VALUE.equalsIgnoreCase(str6) ? null : str6;
        if (!(!userProperties.hasProperty(UserProperty.SESSION) && Strings.isNullOrEmpty(str8) && Strings.isNullOrEmpty(str9)) && getUadmDao().isUserExists(upperCase, str9, str8)) {
            if (!Strings.isNullOrEmpty(str9) && !Strings.isNullOrEmpty(str8)) {
                throw new SecadminException(String.format(Messages.Secadmin_HaveDomainUser, str9, str8));
            }
            if (Strings.isNullOrEmpty(str8)) {
                throw new SecadminException(String.format(Messages.Secadmin_HaveDomain, str9));
            }
            throw new SecadminException(String.format(Messages.Secadmin_HaveUser, str8));
        }
        String normalizeFullname = normalizeFullname(str2);
        getUadmDao().createUser(upperCase, normalizeFullname, SubjectType.USER, userProperties.toString(), str8, str9, str4, this.currentUserName);
        this.logger.logSubjectAdded(String.format(Messages.Secadmin_CreateUser, upperCase, userProperties.toString(), UserLockStatus.UserLockStatusConverter.formatUserStatus(null, null, null)));
        getUadmDao().setUserSecurityDomain(upperCase, str7);
        String propertyChanges = propertyChanges(userProperties, new UserProperties(userProperties.hasProperty(UserProperty.LOCK) ? DML + UserProperty.LOCK.name : ""));
        if (!Strings.isNullOrEmpty(propertyChanges)) {
            this.logger.logUserPropsChanged(String.format(Messages.Secadmin_ChangeUserShort, upperCase, normalizeFullname, propertyChanges));
        }
        StringBuilder sb = new StringBuilder();
        addOsLogWhenCreate(sb, str8, str9);
        setLogChangeProps(sb, upperCase, normalizeFullname, SubjectType.SubjectTypeConverter.USER);
        if (str4 == null) {
            return "";
        }
        this.logger.logSubjectAdded(String.format(Messages.Secadmin_LogChangeDescriptionUser, str, "", str4));
        return "";
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public String editUser(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws SecadminException {
        if (Strings.isNullOrEmpty(str)) {
            return "";
        }
        String upperCase = str.trim().toUpperCase();
        initPack();
        checkRoles(true, true, false, true);
        IUser user = getUadmDao().getUser(upperCase);
        if (user == null) {
            throw new SecadminException(String.format(Messages.Secadmin_NoUser, upperCase));
        }
        if (UserLockStatus.DELETED.equals(user.getUserLockStatus()) || UserLockStatus.TO_DELETED.equals(user.getUserLockStatus())) {
            throw new SecadminException(String.format(Messages.Secadmin_ChangingDeleted, upperCase));
        }
        if (Strings.isNullOrEmpty(str2)) {
            str2 = user.getFullName();
        }
        UserProperties userProperties = (Strings.isNullOrEmpty(str3) || ISecadmin.NO_VALUE.equalsIgnoreCase(str3)) ? new UserProperties(user.getProperties()) : new UserProperties(str3);
        UserProperties userProperties2 = new UserProperties(user.getProperties());
        checkUserAccessible(user.getShortName(), userProperties2);
        if (isUAdmin(userProperties) && !isUAdmin(userProperties2)) {
            checkUserAccessible(upperCase, userProperties);
        }
        if (isOwner(user)) {
            userProperties.modifyProperties(UserProperty.OREPORT, true);
            userProperties.modifyProperties(UserProperty.SENIOR, true);
            userProperties.modifyProperties(UserProperty.ALLOBJECTS, false);
            userProperties.modifyProperties(UserProperty.SESSION, false);
            userProperties.modifyProperties(UserProperty.OPEN_SESSION, true);
            userProperties.modifyProperties(UserProperty.INIT_SESSION, true);
            userProperties.modifyProperties(UserProperty.UADMIN, false);
            userProperties.modifyProperties(UserProperty.UPICKER, false);
            userProperties.modifyProperties(UserProperty.ADMIN, false);
            userProperties.modifyProperties(UserProperty.PICKER, false);
            userProperties.modifyProperties(UserProperty.LOCK, false);
            userProperties.modifyProperties(UserProperty.REVISOR, false);
            getUadmDao().revokeAllRights(user.getShortName());
        } else {
            canEditUser(userProperties, userProperties2, user.getUserLockStatus());
            if (!isRootDomainUser()) {
                canChangeRoles(userProperties, userProperties2, getUadmDao().getSecurityDomainEntry(upperCase, this.currentUserName));
                if (!isUAdmin(userProperties) && isUAdmin(userProperties2)) {
                    getUadmDao().clearDomainUadminPriviligies(user.getShortName());
                }
            }
            if (!userProperties.hasProperty(UserProperty.LOCK)) {
                checkSystemUser(upperCase);
            }
        }
        String str8 = null;
        String str9 = null;
        if (userProperties.hasProperty(UserProperty.SESSION) || !Strings.isNullOrEmpty(str5) || !Strings.isNullOrEmpty(str6)) {
            str8 = ISecadmin.NO_VALUE.equalsIgnoreCase(str5) ? null : str5;
            str9 = ISecadmin.NO_VALUE.equalsIgnoreCase(str6) ? null : str6;
            if (getUadmDao().isUserExists(upperCase, str9, str8)) {
                if (!Strings.isNullOrEmpty(str9) && !Strings.isNullOrEmpty(str8)) {
                    throw new SecadminException(String.format(Messages.Secadmin_HaveDomainUser, str9, str8));
                }
                if (Strings.isNullOrEmpty(str8)) {
                    throw new SecadminException(String.format(Messages.Secadmin_HaveDomain, str9));
                }
                throw new SecadminException(String.format(Messages.Secadmin_HaveUser, str8));
            }
        }
        if (ISecadmin.NO_VALUE.equalsIgnoreCase(str5)) {
            str8 = user.getOsUser();
        }
        if (ISecadmin.NO_VALUE.equalsIgnoreCase(str6)) {
            str9 = user.getOsDomain();
        }
        getUadmDao().editUser(upperCase, str2, userProperties.toString(), str8, str9, str4);
        if (!isRevisor(userProperties2) && isRevisor(userProperties)) {
            Iterator<String> it = getUadmDao().getOwnSubjEqual(upperCase).iterator();
            while (it.hasNext()) {
                getUadmDao().deleteSubjEqual(upperCase, it.next());
            }
        }
        StringBuilder sb = new StringBuilder();
        if (!user.getFullName().equals(str2)) {
            sb.append(System.lineSeparator());
            sb.append(String.format(Messages.Secadmin_LogChangeFullname, user.getFullName(), str2));
        }
        String propertyChanges = propertyChanges(userProperties, new UserProperties(user.getProperties()));
        if (!Strings.isNullOrEmpty(propertyChanges)) {
            sb.append(propertyChanges);
        }
        addOsLogWhenEdit(sb, str8, str9, user);
        setLogChangeProps(sb, user.getShortName(), user.getFullName(), SubjectType.SubjectTypeConverter.USER);
        String nullToEmpty = Strings.nullToEmpty(user.getDescription());
        String nullToEmpty2 = Strings.nullToEmpty(str4);
        if (nullToEmpty.equals(nullToEmpty2)) {
            return "";
        }
        this.logger.logUserPropsChanged(String.format(Messages.Secadmin_LogChangeDescriptionUser, user.getShortName(), nullToEmpty, nullToEmpty2));
        return "";
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void deleteUser(String str) throws SecadminException {
        if (Strings.isNullOrEmpty(str)) {
            return;
        }
        String upperCase = str.trim().toUpperCase();
        initPack();
        checkRoles(true, true, false, true);
        IUser user = getUadmDao().getUser(upperCase);
        if (user == null) {
            throw new SecadminException(String.format(Messages.Secadmin_UserNotFound, upperCase));
        }
        checkUserDeleted(user);
        getUadmDao().deleteUser(upperCase);
        this.logger.logUserPropsChanged(String.format(Messages.Secadmin_DeleteUser, upperCase));
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void createGroup(String str, String str2, String str3, String str4) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2)) {
            return;
        }
        String upperCase = str.trim().toUpperCase();
        initPack();
        checkRoles(true, true, false, true);
        if (getUadmDao().getGroup(upperCase) != null) {
            throw new SecadminException(String.format(Messages.Secadmin_HaveUser, upperCase));
        }
        checkRootUadmin();
        String str5 = null;
        if (!Strings.isNullOrEmpty(str4)) {
            str5 = str4;
            if (getUadmDao().isUserExists(upperCase, null, str5)) {
                throw new SecadminException(String.format(Messages.Secadmin_HaveUser, str5));
            }
        }
        String normalizeFullname = normalizeFullname(str2);
        getUadmDao().createUser(upperCase, normalizeFullname, SubjectType.GROUP, null, str5, null, str3, this.currentUserName);
        this.logger.logSubjectAdded(String.format(Messages.Secadmin_CreateGroup, upperCase));
        StringBuilder sb = new StringBuilder();
        addOsLogWhenCreate(sb, str5);
        setLogChangeProps(sb, upperCase, normalizeFullname, SubjectType.SubjectTypeConverter.GROUP);
        if (str3 != null) {
            this.logger.logSubjectAdded(String.format(Messages.Secadmin_LogChangeDescriptionGroup, str, "", str3));
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void editGroup(String str, String str2, String str3, String str4) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2)) {
            return;
        }
        String upperCase = str.trim().toUpperCase();
        initPack();
        checkRoles(true, true, false, true);
        IUser group = getUadmDao().getGroup(upperCase);
        if (group == null) {
            throw new SecadminException(String.format(Messages.Secadmin_GroupNotFound, upperCase));
        }
        checkUserDeleted(group);
        checkRootUadmin();
        String normalizeFullname = normalizeFullname(str2);
        String str5 = null;
        if (!Strings.isNullOrEmpty(str4)) {
            str5 = str4;
            if (getUadmDao().isUserExists(upperCase, null, str5)) {
                throw new SecadminException(String.format(Messages.Secadmin_HaveUser, str5));
            }
        }
        String nullToEmpty = Strings.nullToEmpty(group.getDescription());
        String nullToEmpty2 = Strings.nullToEmpty(str3);
        getUadmDao().editUser(upperCase, normalizeFullname, group.getProperties(), str5, group.getOsDomain(), str3);
        if (!group.getFullName().equals(normalizeFullname) || !Strings.nullToEmpty(group.getOsUser()).equals(Strings.nullToEmpty(str5))) {
            StringBuilder sb = new StringBuilder();
            if (!group.getFullName().equals(normalizeFullname)) {
                sb.append(System.lineSeparator());
                sb.append(String.format(Messages.Secadmin_LogChangeFullname, group.getFullName(), normalizeFullname));
            }
            addOsLogWhenEdit(sb, str5, group);
            setLogChangeProps(sb, group.getShortName(), group.getFullName(), SubjectType.SubjectTypeConverter.GROUP);
        }
        if (nullToEmpty.equals(nullToEmpty2)) {
            return;
        }
        this.logger.logUserPropsChanged(String.format(Messages.Secadmin_LogChangeDescriptionGroup, group.getShortName(), nullToEmpty, nullToEmpty2));
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void deleteGroup(String str) throws SecadminException {
        if (Strings.isNullOrEmpty(str)) {
            return;
        }
        String upperCase = str.trim().toUpperCase();
        initPack();
        checkRoles(true, true, false, true);
        IUser group = getUadmDao().getGroup(upperCase);
        if (group == null) {
            throw new SecadminException(String.format(Messages.Secadmin_GroupNotFound, upperCase));
        }
        checkUserDeleted(group);
        checkRootUadmin();
        getUadmDao().deleteGroup(upperCase);
        this.logger.logUserPropsChanged(String.format(Messages.Secadmin_DeleteGroup, upperCase));
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void changeClassRights(String str, String str2, String str3, ChangeModeEnum changeModeEnum) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2)) {
            return;
        }
        initPack();
        checkRoles(true, true, true, false);
        IUser user = getUser(str2);
        checkUserDeleted(user);
        checkRightsAccessible(user);
        if (getMetadataDao().getClass(str) == null) {
            secadmLogger.info(String.format(Messages.Secadmin_ClassNotFound, str));
            return;
        }
        if (changeModeEnum == ChangeModeEnum.ADD) {
            setClassRights(user, str, str3);
        } else if (changeModeEnum == ChangeModeEnum.REMOVE) {
            deleteClassRights(user, str);
        } else {
            secadmLogger.error(String.format(Messages.Secadmin_ChangeTypeError, str));
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void changeMethodRights(String str, String str2, String str3, String str4, ChangeModeEnum changeModeEnum) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2) || Strings.isNullOrEmpty(str3)) {
            return;
        }
        initPack();
        checkRoles(true, true, true, false);
        IUser user = getUser(str3);
        checkUserDeleted(user);
        checkRightsAccessible(user);
        String str5 = Strings.isNullOrEmpty(str4) ? str : str4;
        IMetaObject method = getMetadataDao().getMethod(str5, str2);
        if (method == null) {
            secadmLogger.info(String.format(Messages.Secadmin_MethodNotFound, str5, str2));
            return;
        }
        if (changeModeEnum == ChangeModeEnum.ADD) {
            if (!getUadmDao().hasClassRights(user.getShortName(), str)) {
                setClassRights(user, str, null);
            }
            setMethodRights(user, str, method, null, true);
        } else if (changeModeEnum == ChangeModeEnum.REMOVE) {
            deleteMethodRights(user, str, method);
        } else {
            secadmLogger.error(String.format(Messages.Secadmin_ChangeTypeError2, str, str2));
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void changeCriteriaRights(String str, String str2, String str3, ChangeModeEnum changeModeEnum) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2) || Strings.isNullOrEmpty(str3)) {
            return;
        }
        initPack();
        checkRoles(true, true, true, false);
        IUser user = getUser(str3);
        checkUserDeleted(user);
        checkRightsAccessible(user);
        IMetaObject criteria = getMetadataDao().getCriteria(str2);
        if (criteria == null) {
            secadmLogger.info(String.format(Messages.Secadmin_CriteriaNotFound, str, str2));
            return;
        }
        if (changeModeEnum == ChangeModeEnum.ADD) {
            if (!getUadmDao().hasClassRights(user.getShortName(), str)) {
                setClassRights(user, str, null);
            }
            setCriteriaRights(user, str, criteria, null, null, null);
        } else if (changeModeEnum == ChangeModeEnum.REMOVE) {
            deleteCriteriaRights(user, str, criteria);
        } else {
            secadmLogger.error(String.format(Messages.Secadmin_ChangeTypeError2, str, str2));
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void changeTransitionRights(String str, String str2, String str3, ChangeModeEnum changeModeEnum) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2) || Strings.isNullOrEmpty(str3)) {
            return;
        }
        initPack();
        checkRoles(true, true, true, false);
        IUser user = getUser(str3);
        checkUserDeleted(user);
        checkRightsAccessible(user);
        IMetaObject transition = getMetadataDao().getTransition(str, str2);
        if (transition == null) {
            secadmLogger.info(String.format(Messages.Secadmin_TransitionNotFound, str, str2));
            return;
        }
        if (changeModeEnum == ChangeModeEnum.ADD) {
            if (!getUadmDao().hasClassRights(user.getShortName(), str)) {
                setClassRights(user, str, null);
            }
            setTransitionRights(user, str, transition);
        } else if (changeModeEnum == ChangeModeEnum.REMOVE) {
            deleteTransitionRights(user, str, transition);
        } else {
            secadmLogger.error(String.format(Messages.Secadmin_ChangeTypeError2, str, str2));
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void changeGroupWithGroup(String str, String str2, ChangeModeEnum changeModeEnum) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2)) {
            return;
        }
        initPack();
        checkRoles(true, true, true, true);
        checkRootUadmin();
        String upperCase = str.trim().toUpperCase();
        IUser group = getUadmDao().getGroup(upperCase);
        if (group == null) {
            secadmLogger.info(String.format(Messages.Secadmin_GroupNotFound, upperCase));
            return;
        }
        String upperCase2 = str2.trim().toUpperCase();
        IUser group2 = getUadmDao().getGroup(upperCase2);
        if (group2 == null) {
            secadmLogger.info(String.format(Messages.Secadmin_GroupNotFound, upperCase2));
            return;
        }
        if (changeModeEnum == ChangeModeEnum.ADD) {
            getUadmDao().updateSubjEqual(group.getShortName(), group2.getShortName());
            getUadmDao().addSubjEqual(group.getShortName(), group2.getShortName());
            this.logger.logGroupEqualityChanged(Messages.Secadmin_AddGroupToGroup, group, group2);
        } else if (changeModeEnum != ChangeModeEnum.REMOVE) {
            secadmLogger.error(String.format(Messages.Secadmin_ChangeTypeError, str));
        } else {
            deleteGroupFromGroup(group.getShortName(), group2.getShortName());
            this.logger.logGroupEqualityChanged(Messages.Secadmin_DeleteGroupFromGroup, group, group2);
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void changeGroupWithUser(String str, String str2, ChangeModeEnum changeModeEnum) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2)) {
            return;
        }
        initPack();
        checkRoles(true, false, false, true);
        IUser user = getUadmDao().getUser(str);
        if (user == null) {
            secadmLogger.info(String.format(Messages.Secadmin_UserNotFound, str));
            return;
        }
        IUser group = getUadmDao().getGroup(str2);
        if (group == null) {
            secadmLogger.info(String.format(Messages.Secadmin_GroupNotFound, str2));
            return;
        }
        checkUserDeleted(user);
        if (changeModeEnum == ChangeModeEnum.ADD) {
            checkEqualAccessible(user.getShortName(), group.getShortName());
            checkRevisor(user);
            getUadmDao().updateSubjEqual(user.getShortName(), group.getShortName());
            getUadmDao().addSubjEqual(user.getShortName(), group.getShortName());
            this.logger.logUserEqualityChanged(Messages.Secadmin_AddUserToGroup, user, group);
            return;
        }
        if (changeModeEnum != ChangeModeEnum.REMOVE) {
            secadmLogger.error(String.format(Messages.Secadmin_ChangeTypeError, str2));
        } else {
            deleteUserFromGroup(user.getShortName(), group.getShortName());
            this.logger.logUserEqualityChanged(Messages.Secadmin_DeleteUserFromGroup, user, group);
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void changeObjectRightsEx(String str, String str2, String str3, String str4, ChangeModeEnum changeModeEnum) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2) || Strings.isNullOrEmpty(str3) || Strings.isNullOrEmpty(str4)) {
            return;
        }
        initPack();
        checkRoles(true, true, true, false);
        String upperCase = str.trim().toUpperCase();
        IUser user = getUadmDao().getUser(upperCase);
        if (user == null) {
            throw new SecadminException(String.format(Messages.Secadmin_SubjectNotFound, upperCase));
        }
        if (user.getType() == SubjectType.USER) {
            if (changeModeEnum == ChangeModeEnum.ADD) {
                throw new SecadminException(String.format(Messages.Secadmin_AddObjRightsError, user.getShortName()));
            }
            if (changeModeEnum == ChangeModeEnum.REMOVE) {
                throw new SecadminException(String.format(Messages.Secadmin_DeleteObjRightsError, user.getShortName()));
            }
        }
        checkUserDeleted(user);
        checkRightsAccessible(user);
        setObjRightsEx(user, str2, str3, str4, changeModeEnum);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void recreateOracleUser(String str, String str2, String str3, String str4, String str5, String str6) throws SecadminException {
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void lockUser(String str, Date date, Date date2) throws SecadminException {
        IUser userToChangeLockStatus = getUserToChangeLockStatus(str);
        Date date3 = new Date();
        UserLockStatus userLockStatus = UserLockStatus.LOCKED;
        if (date != null && date.after(date3)) {
            userLockStatus = UserLockStatus.TO_LOCK;
        } else if (date2 != null) {
            userLockStatus = date2.after(date3) ? UserLockStatus.TO_UNLOCK : UserLockStatus.NONE;
            date = date == null ? new Date() : date;
        }
        getUadmDao().changeUserLockStatus(userToChangeLockStatus.getShortName(), userLockStatus, this.currentUserName, date, date2);
        this.logger.logUserChangeLock(Messages.Secadmin_UserLock, userToChangeLockStatus);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void unlockUser(String str, Date date) throws SecadminException {
        IUser userToChangeLockStatus = getUserToChangeLockStatus(str);
        UserLockStatus userLockStatus = UserLockStatus.NONE;
        if (date != null && date.after(new Date())) {
            userLockStatus = UserLockStatus.TO_UNLOCK;
        }
        getUadmDao().changeUserLockStatus(userToChangeLockStatus.getShortName(), userLockStatus, this.currentUserName, null, date);
        this.logger.logUserChangeLock(Messages.Secadmin_UserUnLock, userToChangeLockStatus);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void changeLockStatus(String str, UserLockStatus userLockStatus) throws SecadminException {
        getUadmDao().changeUserLockStatus(str, userLockStatus);
    }

    private IUser getUserToChangeLockStatus(String str) throws SecadminException {
        initPack();
        checkRoles(true, true, false, true);
        IUser user = getUser(str);
        if (isOwner(user) || this.currentUserName.equalsIgnoreCase(str)) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
        UserProperties userProperties = user.getUserProperties();
        checkUserAccessible(user.getShortName(), userProperties);
        canEditUser(userProperties, userProperties, user.getUserLockStatus());
        return user;
    }

    private void initPack() throws SecadminException {
        if (this.currentUser == null || !this.currentUserName.equalsIgnoreCase(this.currentUser.getShortName())) {
            this.currentUser = getUser(this.currentUserName);
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void checkRoles(boolean z, boolean z2, boolean z3, boolean z4) throws SecadminException {
        initPack();
        UserProperties userProperties = null;
        if ((z && this.isReadonly == null) || ((z2 && this.isSyncUsergroups == null) || ((z3 && this.isInfoSecurityAdmin == null) || (z4 && this.isTechnologist == null)))) {
            if (this.currentUser == null) {
                throw new SecadminException(String.format(Messages.Secadmin_NoCurrentUser, this.currentUserName));
            }
            userProperties = this.currentUser.getUserProperties();
        }
        if (z) {
            checkReadonly(userProperties);
        }
        if (z2) {
            checkSyncUsergroups(userProperties);
        }
        if (z3) {
            checkInfoSecurityAdmin(userProperties);
        }
        if (z4) {
            checkTechnologist(userProperties);
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void checkReadonly() throws SecadminException {
        initPack();
        if (this.currentUser == null) {
            throw new SecadminException(String.format(Messages.Secadmin_NoCurrentUser, this.currentUserName));
        }
        checkReadonly(this.currentUser.getUserProperties());
    }

    private void checkReadonly(UserProperties userProperties) throws SecadminException {
        if (this.isReadonly == null) {
            this.isReadonly = Boolean.valueOf(isSettingTrue(getMetadataDao().getSetting(UADMIN_READ_ONLY)) || isRevisor(userProperties) || (userProperties != null && UserProperty.READ_ONLY.name.equalsIgnoreCase(userProperties.getValue(UserProperty.UADMIN))));
        }
        if (this.isReadonly.booleanValue()) {
            throw new SecadminException(Messages.Secadmin_ReadOnly);
        }
    }

    private void checkRootUadmin() throws SecadminException {
        if (!isRootDomainUser()) {
            throw new SecadminException(Messages.Secadmin_NotRootUAdmin);
        }
    }

    private boolean isRootDomainUser() throws SecadminException {
        if (this.bRootDomainUser == null) {
            this.bRootDomainUser = Boolean.valueOf(isOwner(this.currentUser) || Strings.isNullOrEmpty(getUadmDao().getUserDomain(this.currentUserName)));
        }
        return this.bRootDomainUser.booleanValue();
    }

    private boolean isSettingTrue(String str) {
        return !Strings.isNullOrEmpty(str) && (str.toUpperCase().startsWith("Y") || str.startsWith("1"));
    }

    private void checkSyncUsergroups(UserProperties userProperties) throws SecadminException {
        if (this.isSyncUsergroups == null) {
            this.isSyncUsergroups = Boolean.valueOf(userProperties != null && UserProperty.SYNC_GROUPS.name.equalsIgnoreCase(userProperties.getValue(UserProperty.UADMIN)));
        }
        if (this.isSyncUsergroups.booleanValue()) {
            throw new SecadminException(Messages.Secadmin_ReadOnly);
        }
    }

    private void checkInfoSecurityAdmin(UserProperties userProperties) throws SecadminException {
        if (this.isInfoSecurityAdmin == null) {
            this.isInfoSecurityAdmin = Boolean.valueOf(userProperties != null && UserProperty.INFO_SECURITY_ADMIN.name.equalsIgnoreCase(userProperties.getValue(UserProperty.UADMIN)));
        }
        if (this.isInfoSecurityAdmin.booleanValue()) {
            throw new SecadminException(Messages.Secadmin_ReadOnly);
        }
    }

    private void checkTechnologist(UserProperties userProperties) throws SecadminException {
        if (this.isTechnologist == null) {
            this.isTechnologist = Boolean.valueOf(userProperties != null && UserProperty.TECHNOLOGIST.name.equalsIgnoreCase(userProperties.getValue(UserProperty.UADMIN)));
        }
        if (this.isTechnologist.booleanValue()) {
            throw new SecadminException(Messages.Secadmin_ReadOnly);
        }
    }

    private boolean setClassRights(IUser iUser, String str, String str2) throws SecadminException {
        String shortName = iUser.getShortName();
        if (!getUadmDao().hasClassRights(shortName, str)) {
            getUadmDao().addClassRights(shortName, str, str2);
            this.logger.logClassRightsChanged(Messages.Secadmin_ClassWasAdded, iUser, str);
            return true;
        }
        if (!getUadmDao().updateClassRights(shortName, str, str2)) {
            return false;
        }
        this.logger.logClassRightsChanged(Messages.Secadmin_ClassWasChanged, iUser, str);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void deleteClassRights(IUser iUser, String str) throws SecadminException {
        String shortName = iUser.getShortName();
        if (!getUadmDao().hasClassRights(shortName, str)) {
            this.logger.logClassRightsChanged(Messages.Secadmin_ClassWasChanged, iUser, str);
            return;
        }
        deleteRightsByClass(iUser, str);
        getUadmDao().deleteClassRights(shortName, str);
        getUadmDao().deleteObjectRightsList(shortName, str);
        getUadmDao().deleteObjectRightsEx(shortName, str);
        this.logger.logClassRightsChanged(Messages.Secadmin_ClassWasDeleted, iUser, str);
    }

    private void deleteRightsByClass(IUser iUser, String str) throws SecadminException {
        deleteCriteriaRightsByClass(iUser, str);
        deleteMethodRightsByClass(iUser, str);
        deleteTransitionRightsByClass(iUser, str);
    }

    private void deleteCriteriaRightsByClass(IUser iUser, String str) throws SecadminException {
        String shortName = iUser.getShortName();
        if (getUadmDao().hasCriteriaRights(shortName, str, null)) {
            Iterator<String> it = getUadmDao().getCriteriaWithRightsByClass(shortName, str).iterator();
            while (it.hasNext()) {
                deleteCriteriaRights(iUser, str, getMetadataDao().getCriteriaById(it.next()));
            }
        }
    }

    private void deleteMethodRightsByClass(IUser iUser, String str) throws SecadminException {
        String shortName = iUser.getShortName();
        if (getUadmDao().hasMethodRights(shortName, str)) {
            getUadmDao().deleteCheckMethodRights(shortName, str);
            Iterator<String> it = getUadmDao().getMethodsWithRightsByClass(shortName, str).iterator();
            while (it.hasNext()) {
                deleteMethodRights(iUser, str, getMetadataDao().getMethodById(it.next()));
            }
        }
    }

    private void deleteTransitionRightsByClass(IUser iUser, String str) throws SecadminException {
        String shortName = iUser.getShortName();
        if (getUadmDao().hasTransitionRights(shortName, str)) {
            Iterator<String> it = getUadmDao().getTransitionsWithRightsByClass(shortName, str).iterator();
            while (it.hasNext()) {
                deleteTransitionRights(iUser, str, getMetadataDao().getTransitionById(it.next()));
            }
        }
    }

    private int setMethodRights(IUser iUser, String str, IMetaObject iMetaObject, String str2, boolean z) throws SecadminException {
        String shortName = iUser.getShortName();
        if (getUadmDao().hasMethodRights(shortName, str, iMetaObject.getId())) {
            return 0;
        }
        getUadmDao().addMethodRights(shortName, str, iMetaObject.getId());
        this.logger.logMethodRightsChanged(Messages.Secadmin_MethodWasAdded, iUser, str, iMetaObject);
        return 0 + 4;
    }

    private void deleteMethodRights(IUser iUser, String str, IMetaObject iMetaObject) throws SecadminException {
        String shortName = iUser.getShortName();
        String id = iMetaObject.getId();
        if (getUadmDao().hasClassRights(shortName, str) && getUadmDao().hasMethodRights(shortName, str, id)) {
            getUadmDao().deleteMethodRights(shortName, str, id);
            this.logger.logMethodRightsChanged(Messages.Secadmin_MethodWasDeleted, iUser, str, iMetaObject);
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public int getCheckMethodMaxPos(String str, String str2) throws SecadminException {
        return getUadmDao().getCheckMethodMaxPos(str, str2);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public boolean isCheckMethodValid(String str) throws SecadminException {
        if (Strings.isNullOrEmpty(str)) {
            return false;
        }
        return getMetadataDao().isCheckMethodValid(str);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void setCheckMethod(IUser iUser, IMetaObject iMetaObject, IMetaObject iMetaObject2, Integer num) throws SecadminException {
        if (isCheckMethodValid(iMetaObject2.getId())) {
            secadmLogger.error(String.format(Messages.Secadmin_BadMethodType, iMetaObject2.getId()));
        }
        int checkMethodMaxPos = getCheckMethodMaxPos(iUser.getShortName(), iMetaObject.getId());
        int intValue = (num == null || num.intValue() > checkMethodMaxPos + 1) ? checkMethodMaxPos + 1 : num.intValue() <= 0 ? 1 : num.intValue();
        int positionCheckMethodRights = getUadmDao().getPositionCheckMethodRights(iUser.getShortName(), iMetaObject.getId(), iMetaObject2.getId());
        if (positionCheckMethodRights != -1) {
            if (intValue > checkMethodMaxPos) {
                intValue = checkMethodMaxPos;
            }
            if (intValue == positionCheckMethodRights) {
                return;
            } else {
                getUadmDao().updateCheckMethodRights(iUser.getShortName(), iMetaObject.getId(), iMetaObject2.getId(), intValue, positionCheckMethodRights);
            }
        }
        getUadmDao().addCheckMethodRights(iUser.getShortName(), iMetaObject.getId(), iMetaObject2.getId(), intValue);
        this.logger.logCheckMethodRightsChanged(Messages.Secadmin_MethodCheckWasAdded, iUser, iMetaObject, iMetaObject2);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void checkUserDeleted(IUser iUser) throws SecadminException {
        if (UserLockStatus.DELETED.equals(iUser.getUserLockStatus()) || UserLockStatus.TO_DELETED.equals(iUser.getUserLockStatus())) {
            throw new SecadminException(String.format(Messages.Secadmin_NoUser, iUser.getShortName()));
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void checkUserAccessible(String str, UserProperties userProperties) throws SecadminException {
        checkUserAccessible(str, null, userProperties);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void checkUserAccessible(String str, SecurityDomainEntry securityDomainEntry, UserProperties userProperties) throws SecadminException {
        if ((this.currentUserName.equalsIgnoreCase(str) || isOwner(str)) && !isOwner(this.currentUser)) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
        boolean isUAdmin = isUAdmin(userProperties);
        if (!isRootDomainUser()) {
            if (isUAdmin && !canCreateUserInDomain(str, securityDomainEntry, this.currentUserName)) {
                throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
            }
            return;
        }
        String userDomain = getUadmDao().getUserDomain(str);
        if (isUAdmin && Strings.isNullOrEmpty(userDomain) && !isOwner(this.currentUser)) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
        if (securityDomainEntry != null) {
            securityDomainEntry.setUserDomain(userDomain);
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void checkEqualAccessible(String str, String str2) throws SecadminException {
        if ((this.currentUserName.equalsIgnoreCase(str) || isOwner(str)) && !isOwner(this.currentUser)) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
        if (isRootDomainUser()) {
            if (!getUadmDao().isDomainsAreEqual(str, str2)) {
                throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
            }
        } else if (!getUadmDao().isCanCreateUserGroupInDomain(str, str2, this.currentUserName)) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void removeCopyRights(String str, String str2) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2)) {
            return;
        }
        initPack();
        checkRoles(true, true, false, true);
        IUser user = getUser(str);
        checkUserDeleted(user);
        revokeCopyRights(user.getShortName(), str2);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void addCopyRights(String str, String str2, Collection<String> collection, Collection<String> collection2) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2)) {
            return;
        }
        initPack();
        checkRoles(true, true, false, true);
        IUser user = getUser(str);
        checkUserDeleted(user);
        IUser user2 = getUser(str2);
        setUserEqual(user.getShortName(), str2, collection, collection2);
        this.logger.logUserEqualityChanged(Messages.Secadmin_AddUserToUser, user2, user);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void copyRights(String str, String str2, String str3, Function<Collection<? extends MetaObjectRight>, Collection<? extends MetaObjectRight>> function, BiFunction<String, String, String> biFunction) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2) || Strings.isNullOrEmpty(str3)) {
            return;
        }
        initPack();
        checkRoles(true, true, false, false);
        String upperCase = str.trim().toUpperCase();
        String upperCase2 = str2.trim().toUpperCase();
        IUser user = getUser(upperCase);
        if (user == null) {
            throw new SecadminException(String.format(Messages.Secadmin_SubjectNotFound, upperCase));
        }
        IUser user2 = getUser(upperCase2);
        if (user2 == null) {
            throw new SecadminException(String.format(Messages.Secadmin_SubjectNotFound, upperCase2));
        }
        checkUserDeleted(user2);
        checkRightsAccessible(user2);
        checkRevisor(user);
        if (str3.contains(ISecadmin.CLASSES)) {
            copyRightsToClasses(user, user2);
        }
        if (str3.contains(ISecadmin.CRITERIAS)) {
            copyRightsToCriterias(user, user2);
        }
        if (str3.contains(ISecadmin.TRANSITIONS)) {
            copyRightsToTransitions(user, user2);
        }
        if (str3.contains(ISecadmin.METHODS)) {
            copyRightsToMethods(user, user2);
        }
        if (str3.contains(ISecadmin.INSTANCES)) {
            copyRightsToInstances(user, user2, biFunction);
        }
        if (str3.contains(ISecadmin.ACCESS_BY_ATTRIBUTE)) {
            copyAccessRightsByAttribute(user, user2, function);
        }
        if (str3.contains("F")) {
            copyUserMenu(user, user2);
        }
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void copyGroups(String str, String str2) throws SecadminException {
        int copyGroups;
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2)) {
            return;
        }
        initPack();
        checkRoles(true, true, false, true);
        String upperCase = str.trim().toUpperCase();
        String upperCase2 = str2.trim().toUpperCase();
        IUser user = getUser(upperCase);
        if (user == null) {
            throw new SecadminException(String.format(Messages.Secadmin_SubjectNotFound, upperCase));
        }
        IUser user2 = getUser(upperCase2);
        if (user2 == null) {
            throw new SecadminException(String.format(Messages.Secadmin_SubjectNotFound, upperCase));
        }
        if (user2.getType() == SubjectType.GROUP) {
            checkRootUadmin();
            copyGroups = copyGroups(user, user2, false, null, null, Messages.Secadmin_AddGroupToGroup);
        } else {
            checkUserDeleted(user2);
            SecurityDomainEntry securityDomainEntry = new SecurityDomainEntry();
            checkUserAccessible(user2.getShortName(), securityDomainEntry, user2.getUserProperties());
            copyGroups = copyGroups(user, user2, !isRootDomainUser(), this.currentUser.getShortName(), securityDomainEntry.getUserDomain(), Messages.Secadmin_AddUserToGroup);
        }
        this.debugText.get(ISecadmin.DEBUG2BUF).append(String.format("Скопировано групп: %d\n", Integer.valueOf(copyGroups)));
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void changePassword(String str, String str2) throws SecadminException {
        throw new SecadminException(new UnsupportedOperationException("changePassword"));
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void resetPassword(String str) throws SecadminException {
        throw new SecadminException(new UnsupportedOperationException("resetPassword"));
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void expirePassword(String str) throws SecadminException {
        throw new SecadminException(new UnsupportedOperationException("expirePassword"));
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void removeProfile(String str) throws SecadminException {
        getUadmDao().removeProfile(str);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void createProfileProperty(String str, String str2, String str3, String str4) throws SecadminException {
        getUadmDao().createProfileProperty(str, str2, str3, str4);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void editProfileProperty(String str, String str2, String str3, String str4) throws SecadminException {
        getUadmDao().editProfileProperty(str, str2, str3, str4);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void deleteProfileProperty(String str, String str2) throws SecadminException {
        getUadmDao().deleteProfileProperty(str, str2);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void becomeUser(String str) throws SecadminException {
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void createDomain(String str, String str2, String str3, String str4) throws SecadminException {
        initPack();
        checkRoles(true, true, false, true);
        String upperCase = Strings.nullToEmpty(str).trim().toUpperCase();
        if (!Strings.isNullOrEmpty(str2)) {
            str2 = Strings.nullToEmpty(str2).trim().toUpperCase();
        }
        if (!Strings.isNullOrEmpty(str4)) {
            str4 = Strings.nullToEmpty(str4).trim().toUpperCase();
        }
        checkDomainAccessible(upperCase, true);
        getUadmDao().createSecurityDomain(upperCase, str2, str3, str4);
        if (!Strings.isNullOrEmpty(str2)) {
            String str5 = str2;
            while (true) {
                String str6 = str5;
                if (str6 == null) {
                    break;
                }
                getUadmDao().addSecDomainEquals(str6, upperCase);
                str5 = getUadmDao().getParentDomain(str6);
            }
        }
        getUadmDao().addSecDomainEquals(upperCase, upperCase);
        this.logger.logCreateDomain(Messages.Secadmin_CreateDomain, upperCase, str3, str2);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public String appIdToDomain(String str) throws SecadminException {
        return getUadmDao().getDomainFromAppId(Strings.nullToEmpty(str).toUpperCase());
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void addGroupToDomain(String str, String str2) throws SecadminException {
        initPack();
        checkRoles(true, true, false, true);
        String upperCase = Strings.nullToEmpty(str).trim().toUpperCase();
        String upperCase2 = Strings.nullToEmpty(str2).trim().toUpperCase();
        checkDomainGroupAccessible(upperCase2, upperCase);
        if (getUadmDao().getGroup(upperCase) == null) {
            throw new SecadminException(String.format(Messages.Secadmin_NotGroup, upperCase));
        }
        getUadmDao().setSecurityDomain(upperCase, upperCase2);
        String revisorGroupDomain = getUadmDao().getRevisorGroupDomain(upperCase2);
        if (!Strings.isNullOrEmpty(revisorGroupDomain)) {
            getUadmDao().updateSubjEqual(revisorGroupDomain, upperCase);
            getUadmDao().addSubjEqual(revisorGroupDomain, upperCase);
        }
        this.logger.logAddGroupFromDomain(Messages.Secadmin_AddGroupFromDomain, upperCase, upperCase2);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public IUser getUser(String str) throws SecadminException {
        String upperCase = Strings.nullToEmpty(str).trim().toUpperCase();
        IUser user = getUadmDao().getUser(upperCase);
        if (user == null) {
            throw new SecadminException(String.format(Messages.Secadmin_NoUser, upperCase));
        }
        return user;
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public long fillUserid() throws SecadminException {
        getUadmDao().fillUserid();
        return getUadmDao().getNextUserid();
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public void changeUserDomain(String str, String str2, Date date, boolean z, String[] strArr) throws SecadminException {
        initPack();
        checkRoles(true, true, false, true);
        IUser user = getUser(str);
        checkUserDeleted(user);
        String userDomain = getUadmDao().getUserDomain(str);
        DomainSupport domainSupport = new DomainSupport(getUadmDao(), this, isRootDomainUser());
        domainSupport.checkChangeUserDomain(user, userDomain, str2);
        if (date == null) {
            domainSupport.changeUserDomain(user, userDomain, str2);
            if (z) {
                throw new SecadminException(new UnsupportedOperationException("changeUserDomain - change"));
            }
            if (strArr != null && strArr.length > 0) {
                for (String str3 : strArr) {
                    changeGroupWithUser(str, str3, ChangeModeEnum.ADD);
                }
            }
        } else {
            domainSupport.laterChangeUserDomain(user, userDomain, str2);
        }
        this.logger.logChangeUserDomain(Messages.Secadmin_ChangeUserDomain, str, userDomain, str2);
    }

    @Override // ru.cft.platform.securityadmin.ISecadmin
    public String getDebugText(String str) throws SecadminException {
        if (Strings.isNullOrEmpty(str)) {
            return "";
        }
        StringBuilder sb = new StringBuilder(this.debugText.get(str));
        this.debugText.get(str).delete(0, sb.length());
        return sb.toString();
    }

    private void copyRightsToClasses(IUser iUser, IUser iUser2) throws SecadminException {
        int i = 0;
        for (MetaClassRights metaClassRights : getUadmDao().getClassRights(iUser.getShortName())) {
            if (setClassRights(iUser2, metaClassRights.getObjId(), metaClassRights.getNotInMenu())) {
                i++;
            }
        }
        this.debugText.get(ISecadmin.DEBUG2BUF).append(String.format("Скопировано прав на типы: %d\n", Integer.valueOf(i)));
    }

    private void copyRightsToCriterias(IUser iUser, IUser iUser2) throws SecadminException {
        int i = 0;
        for (MetaCriteriaRights metaCriteriaRights : getUadmDao().getCriteriaRightsForCopyingRights(iUser.getShortName(), iUser2.getShortName())) {
            IMetaObject criteriaById = getMetadataDao().getCriteriaById(metaCriteriaRights.getObjId());
            if (criteriaById != null && setCriteriaRights(iUser2, metaCriteriaRights.getClassId(), criteriaById, null, null, null)) {
                i++;
            }
        }
        this.debugText.get(ISecadmin.DEBUG2BUF).append(String.format("Скопировано прав на представления: %d\n", Integer.valueOf(i)));
    }

    private void copyRightsToTransitions(IUser iUser, IUser iUser2) throws SecadminException {
        int i = 0;
        for (MetaTransitionRights metaTransitionRights : getUadmDao().getTransitionRightsForCopyingRights(iUser.getShortName(), iUser2.getShortName())) {
            IMetaObject transitionById = getMetadataDao().getTransitionById(metaTransitionRights.getObjId());
            if (transitionById != null && setTransitionRights(iUser2, metaTransitionRights.getClassId(), transitionById)) {
                i++;
            }
        }
        this.debugText.get(ISecadmin.DEBUG2BUF).append(String.format("Скопировано прав на переходы: %d\n", Integer.valueOf(i)));
    }

    private void copyRightsToMethods(IUser iUser, IUser iUser2) throws SecadminException {
        int i = 0;
        for (MetaMethodRights metaMethodRights : getUadmDao().getMethodRightsForCopyingRights(iUser.getShortName(), iUser2.getShortName())) {
            IMetaObject methodById = getMetadataDao().getMethodById(metaMethodRights.getObjId());
            if (methodById != null) {
                String type = methodById.getType();
                if (setMethodRights(iUser2, metaMethodRights.getClassId(), methodById, type, "R".equalsIgnoreCase(type)) > 0) {
                    i++;
                }
                boolean z = false;
                for (MetaCheckMethodRights metaCheckMethodRights : getUadmDao().getCheckMethodRights(iUser.getShortName(), methodById.getId())) {
                    IMetaObject methodById2 = getMetadataDao().getMethodById(metaCheckMethodRights.getCheckMethodId());
                    if (methodById2 != null) {
                        setCheckMethod(iUser2, methodById, methodById2, metaCheckMethodRights.getPosition());
                        z = true;
                    }
                }
                if (z) {
                    i++;
                }
            }
        }
        this.debugText.get(ISecadmin.DEBUG2BUF).append(String.format("Скопировано прав на операции: %d\n", Integer.valueOf(i)));
    }

    private void copyRightsToInstances(IUser iUser, IUser iUser2, BiFunction<String, String, String> biFunction) throws SecadminException {
        this.debugText.get(ISecadmin.DEBUG2BUF).append(biFunction.apply(iUser.getShortName(), iUser2.getShortName()));
    }

    private void copyAccessRightsByAttribute(IUser iUser, IUser iUser2, Function<Collection<? extends MetaObjectRight>, Collection<? extends MetaObjectRight>> function) throws SecadminException {
        int i = 0;
        Iterator<? extends MetaObjectRight> it = function.apply(getUadmDao().getMetaObjectRightExForCopyingRights(iUser.getShortName(), iUser2.getShortName())).iterator();
        while (it.hasNext()) {
            MetaObjectRightEx metaObjectRightEx = (MetaObjectRight) it.next();
            setObjRightsEx(iUser2, metaObjectRightEx.getObjId(), metaObjectRightEx.getClassId(), metaObjectRightEx.getReferenceClassId(), ChangeModeEnum.ADD);
            i++;
        }
        this.debugText.get(ISecadmin.DEBUG2BUF).append(String.format("Скопировано прав доступа на экземпляры через реквизиты: %d\n", Integer.valueOf(i)));
    }

    private void copyUserMenu(IUser iUser, IUser iUser2) throws SecadminException {
        this.debugText.get(ISecadmin.DEBUG2BUF).append(String.format("Скопировано пунктов меню пользователя: %d\n", Integer.valueOf(getUadmDao().copyUserMenu(iUser.getShortName(), iUser2.getShortName()))));
    }

    private boolean setCriteriaRights(IUser iUser, String str, IMetaObject iMetaObject, Boolean bool, Boolean bool2, Boolean bool3) throws SecadminException {
        String shortName = iUser.getShortName();
        if (!getUadmDao().hasCriteriaRights(iUser.getShortName(), str, iMetaObject.getId(), bool)) {
            getUadmDao().addCriteriaRights(shortName, str, iMetaObject.getId(), bool, bool3, bool2);
            this.logger.logCriteriaRightsChanged(Messages.Secadmin_CriteriaWasAdded, iUser, str, iMetaObject);
            return true;
        }
        if (!getUadmDao().updateCriteriaRights(iUser.getShortName(), str, iMetaObject.getId(), bool, bool3, bool2)) {
            return false;
        }
        this.logger.logCriteriaRightsPrintChanged(Messages.Secadmin_CriteriaPrintWasChanged, iUser, str, iMetaObject, bool2, bool3);
        return true;
    }

    private void deleteCriteriaRights(IUser iUser, String str, IMetaObject iMetaObject) throws SecadminException {
        String shortName = iUser.getShortName();
        String id = iMetaObject.getId();
        if (getUadmDao().hasClassRights(shortName, str) && getUadmDao().hasCriteriaRights(shortName, str, id, null)) {
            getUadmDao().deleteCriteriaRights(shortName, str, id);
            this.logger.logCriteriaRightsChanged(Messages.Secadmin_CriteriaWasDeleted, iUser, str, iMetaObject);
        }
    }

    private boolean setTransitionRights(IUser iUser, String str, IMetaObject iMetaObject) throws SecadminException {
        String shortName = iUser.getShortName();
        if (getUadmDao().hasTransitionRights(shortName, str, iMetaObject.getId())) {
            return false;
        }
        getUadmDao().addTransitionRights(shortName, str, iMetaObject.getId());
        this.logger.logTransitionRightsChanged(Messages.Secadmin_TransitionWasAdded, iUser, str, iMetaObject);
        return true;
    }

    private void deleteTransitionRights(IUser iUser, String str, IMetaObject iMetaObject) throws SecadminException {
        String shortName = iUser.getShortName();
        String id = iMetaObject.getId();
        if (getUadmDao().hasClassRights(shortName, str) && getUadmDao().hasTransitionRights(shortName, str, id)) {
            getUadmDao().deleteTransitionRights(shortName, str, id);
            this.logger.logTransitionRightsChanged(Messages.Secadmin_TransitionWasDeleted, iUser, str, iMetaObject);
        }
    }

    private void setUserEqual(String str, String str2, Collection<String> collection, Collection<String> collection2) throws SecadminException {
        int updateOwnerSubjEqual = getUadmDao().updateOwnerSubjEqual(str, str2, str2);
        if (collection2.isEmpty() && !collection.contains(str2)) {
            getUadmDao().setOwnerEqual(str, str2, str2);
            return;
        }
        if (updateOwnerSubjEqual == 0) {
            getUadmDao().insertSubjectToSubject(str, str2, str2);
        }
        Iterator<String> it = getUadmDao().getOwnSubjEqual(str2).iterator();
        while (it.hasNext()) {
            getUadmDao().setOwnerEqual(str, it.next(), str2);
        }
        if (collection.contains(str2)) {
            return;
        }
        for (String str3 : getUadmDao().getEqualSubjEqual(str2)) {
            if (!collection2.contains(str3)) {
                getUadmDao().setOwnerEqual(str, str3, str2);
            }
        }
        for (String str4 : getUadmDao().getSubjEqual(str)) {
            if (!collection2.contains(str4)) {
                getUadmDao().setOwnerEqual(str4, str, str);
            }
        }
    }

    private void revokeCopyRights(String str, String str2) throws SecadminException {
        String upperCase = Strings.nullToEmpty(str2).trim().toUpperCase();
        for (String str3 : upperCase.length() == 0 ? getUadmDao().getTopLevelTemporaryUserRights(str) : getUadmDao().getTopLevelTemporaryUserRights(str, upperCase)) {
            getUadmDao().deleteSubjEqual(str, str3);
            this.logger.logTempDeleteRights(Messages.Secadmin_Untrust, str, str3);
        }
    }

    private boolean canCreateUserInDomain(String str, SecurityDomainEntry securityDomainEntry, String str2) throws SecadminException {
        if (Strings.isNullOrEmpty(str) || Strings.isNullOrEmpty(str2)) {
            return false;
        }
        SecurityDomainEntry securityDomainEntry2 = getUadmDao().getSecurityDomainEntry(str, str2);
        if (securityDomainEntry2 != null && securityDomainEntry != null) {
            securityDomainEntry.setAdmDomain(securityDomainEntry2.getAdmDomain());
            securityDomainEntry.setAdmPriviliges(securityDomainEntry2.getAdmPriviliges());
            securityDomainEntry.setUserDomain(securityDomainEntry2.getUserDomain());
        }
        return (securityDomainEntry2 == null || Strings.nullToEmpty(securityDomainEntry2.getUserDomain()).equalsIgnoreCase(securityDomainEntry2.getAdmDomain())) ? false : true;
    }

    private void canCreateUser(UserProperties userProperties) {
    }

    private void canEditUser(UserProperties userProperties, UserProperties userProperties2, UserLockStatus userLockStatus) {
    }

    private void checkRightsAccessible(IUser iUser) throws SecadminException {
        if (!areRightsAccessible(iUser)) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
    }

    private boolean areRightsAccessible(IUser iUser) throws SecadminException {
        checkRootUadmin();
        checkRevisor(iUser);
        if (SubjectType.GROUP.equals(iUser.getType())) {
            return true;
        }
        return (this.currentUser.getShortName().equalsIgnoreCase(iUser.getShortName()) || isOwner(iUser)) ? false : true;
    }

    private void checkRevisor(IUser iUser) throws SecadminException {
        if (isRevisor(iUser.getUserProperties())) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
    }

    private String normalizeFullname(String str) {
        return Strings.nullToEmpty(str).length() > 100 ? str.substring(0, 100) : str;
    }

    private void checkSystemUser(String str) throws SecadminException {
        if (!Strings.isNullOrEmpty(CHECK_USER_TABLE) && !isOwner(str) && !getUadmDao().isAppUserExists(CHECK_USER_TABLE, CHECK_USER_COLUMN, str)) {
            throw new SecadminException(String.format(Messages.Secadmin_NotRegistered, str));
        }
    }

    private void canChangeRoles(UserProperties userProperties, UserProperties userProperties2, SecurityDomainEntry securityDomainEntry) throws SecadminException {
        Map<String, String> added = userProperties.getAdded(userProperties2);
        StringBuilder sb = new StringBuilder();
        for (Map.Entry<String, String> entry : added.entrySet()) {
            switch (AnonymousClass1.$SwitchMap$ru$cft$platform$securityadmin$model$UserProperty[UserProperty.valueOfName(entry.getKey()).ordinal()]) {
                case SecadminException.DEFAULT_CODE /* 1 */:
                case 2:
                case 3:
                case 4:
                case 5:
                case 6:
                case 7:
                    if (securityDomainEntry.getAdmPriviligesToSet().contains(entry.getKey())) {
                        break;
                    } else {
                        if (sb.length() == 0) {
                            sb.append(DML);
                        }
                        sb.append((CharSequence) sb);
                        sb.append(DML);
                        break;
                    }
            }
        }
        if (sb.length() > 0) {
            throw new SecadminException(String.format(Messages.Secadmin_CannotChangePrivs, sb.toString()));
        }
    }

    private String propertyChanges(UserProperties userProperties, UserProperties userProperties2) {
        StringBuilder sb = new StringBuilder();
        for (Map.Entry<String, String> entry : userProperties.getDeleted(userProperties2).entrySet()) {
            sb.append(System.lineSeparator());
            if (UserProperty.isRole(entry.getKey())) {
                sb.append(String.format(Messages.Secadmin_LogRemRole, UserProperty.getReadableRole(entry.getKey(), entry.getValue())));
            } else {
                String readableName = UserProperty.getReadableName(entry.getKey());
                if (Strings.isNullOrEmpty(entry.getValue())) {
                    sb.append(String.format(Messages.Secadmin_LogDelProp, readableName));
                } else {
                    sb.append(String.format(Messages.Secadmin_LogDelPropValue2, readableName, entry.getValue()));
                }
            }
        }
        for (Map.Entry<String, String> entry2 : userProperties.getAdded(userProperties2).entrySet()) {
            sb.append(System.lineSeparator());
            if (UserProperty.isRole(entry2.getKey())) {
                sb.append(String.format(Messages.Secadmin_LogAddRole, UserProperty.getReadableRole(entry2.getKey(), entry2.getValue())));
            } else {
                String readableName2 = UserProperty.getReadableName(entry2.getKey());
                if (Strings.isNullOrEmpty(entry2.getValue())) {
                    sb.append(String.format(Messages.Secadmin_LogAddProp, readableName2));
                } else {
                    sb.append(String.format(Messages.Secadmin_LogAddPropValue, readableName2, entry2.getValue()));
                }
            }
        }
        for (Map.Entry<String, String> entry3 : userProperties.getChanged(userProperties2).entrySet()) {
            String readableName3 = UserProperty.getReadableName(entry3.getKey());
            sb.append(System.lineSeparator());
            String value = userProperties2.getValue(UserProperty.valueOfName(entry3.getKey()));
            if (Strings.isNullOrEmpty(entry3.getValue())) {
                if (Strings.isNullOrEmpty(value)) {
                    sb.append(String.format(Messages.Secadmin_LogDelProp, readableName3));
                } else {
                    sb.append(String.format(Messages.Secadmin_LogDelPropValue2, readableName3, value));
                }
                sb.append(System.lineSeparator());
                sb.append(String.format(Messages.Secadmin_LogAddProp, readableName3));
            } else if (Strings.isNullOrEmpty(value)) {
                sb.append(String.format(Messages.Secadmin_LogDelProp, readableName3));
                sb.append(System.lineSeparator());
                sb.append(String.format(Messages.Secadmin_LogAddPropValue, readableName3, entry3.getValue()));
            } else {
                sb.append(String.format(Messages.Secadmin_LogChangePropValue, readableName3, value, entry3.getValue()));
            }
        }
        return sb.toString();
    }

    private int copyGroups(IUser iUser, IUser iUser2, boolean z, String str, String str2, String str3) throws SecadminException {
        int i = 0;
        Iterator<String> it = getUadmDao().getEqualSubjEqualForCopyingGroups(iUser.getShortName(), iUser2.getShortName(), z, str, str2).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String next = it.next();
            IUser user = getUser(next);
            if (user == null) {
                secadmLogger.info(String.format(Messages.Secadmin_GroupNotFound, next));
                break;
            }
            getUadmDao().updateSubjEqual(iUser2.getShortName(), user.getShortName());
            getUadmDao().addSubjEqual(iUser2.getShortName(), user.getShortName());
            this.logger.logGroupEqualityChanged(str3, iUser2, user);
            i++;
        }
        return i;
    }

    private void checkDomainAccessible(String str, boolean z) throws SecadminException {
        if (isRootDomainUser()) {
            return;
        }
        if (Strings.isNullOrEmpty(str)) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
        SecurityDomainEntry securityDomainEntry = getUadmDao().getSecurityDomainEntry(str, z, this.currentUserName);
        if (securityDomainEntry == null) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
        if (!securityDomainEntry.getAdmPriviligesToSet().contains(SecurityDomainEntry.PRIV_DOMAINS)) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
    }

    private void checkDomainGroupAccessible(String str, String str2) throws SecadminException {
        if (isRootDomainUser()) {
            return;
        }
        if (Strings.isNullOrEmpty(str)) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
        SecurityDomainEntry securityDomainEntry = getUadmDao().getSecurityDomainEntry(str, str2, this.currentUserName);
        if (securityDomainEntry == null) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
        if (!securityDomainEntry.getAdmPriviligesToSet().contains(SecurityDomainEntry.PRIV_DOMAINS)) {
            throw new SecadminException(Messages.Secadmin_DoNotHaveRights);
        }
    }

    private void setObjRightsEx(IUser iUser, String str, String str2, String str3, ChangeModeEnum changeModeEnum) throws SecadminException {
        if (getMetadataDao().getClass(str2) == null) {
            secadmLogger.info(String.format(Messages.Secadmin_ClassNotFound, str2));
            return;
        }
        if (getMetadataDao().getClass(str3) == null) {
            secadmLogger.info(String.format(Messages.Secadmin_ClassNotFound, str3));
            return;
        }
        boolean hasObjectRightsEx = getUadmDao().hasObjectRightsEx(iUser.getShortName(), str, str3);
        if (changeModeEnum == ChangeModeEnum.ADD) {
            if (hasObjectRightsEx) {
                return;
            }
            getUadmDao().addObjectRightsEx(iUser.getShortName(), str, str2, str3);
            this.logger.logObjectRightsExChanged(Messages.Secadmin_ObjExWasPermitted, iUser, str, str2, str3);
            return;
        }
        if (changeModeEnum != ChangeModeEnum.REMOVE) {
            secadmLogger.error(String.format(Messages.Secadmin_ChangeTypeError, iUser.getShortName()));
        } else if (hasObjectRightsEx) {
            getUadmDao().deleteObjectRightsEx(iUser.getShortName(), str, str3);
            this.logger.logObjectRightsExChanged(Messages.Secadmin_ObjExWasDenied, iUser, str, str2, str3);
        }
    }

    private void deleteGroupFromGroup(String str, String str2) throws SecadminException {
        Iterator<String> it = getUadmDao().getGroupsTransferredRightsGroupDirectly(str, str2).iterator();
        while (it.hasNext()) {
            getUadmDao().deleteSubjEqual(str, it.next());
        }
    }

    private void deleteUserFromGroup(String str, String str2) throws SecadminException {
        for (String str3 : getUadmDao().getGroupsTransferredRightsUserDirectly(str, str2)) {
            checkEqualAccessible(str, str3);
            getUadmDao().deleteSubjEqual(str, str3);
        }
    }
}
