package org.alfresco.module.org_alfresco_module_rm.security;

import java.io.Serializable;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.alfresco.model.RenditionModel;
import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
import org.alfresco.module.org_alfresco_module_rm.util.ServiceBaseImpl;
import org.alfresco.repo.node.NodeServicePolicies;
import org.alfresco.repo.policy.Behaviour;
import org.alfresco.repo.policy.JavaBehaviour;
import org.alfresco.repo.policy.PolicyComponent;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.namespace.QName;
import org.alfresco.service.namespace.RegexQNamePattern;
import org.alfresco.util.ParameterCheck;

/* loaded from: input_file:org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.class */
public class ExtendedSecurityServiceImpl extends ServiceBaseImpl implements ExtendedSecurityService, RecordsManagementModel, NodeServicePolicies.OnMoveNodePolicy {
    private static final QName PROP_EXTENDED_READER_ROLE = QName.createQName(RecordsManagementModel.RM_URI, "extendedReaderRole");
    private static final QName PROP_EXTENDED_WRITER_ROLE = QName.createQName(RecordsManagementModel.RM_URI, "extendedWriterRole");
    private PolicyComponent policyComponent;
    private RecordService recordService;
    private FilePlanService filePlanService;
    private FilePlanRoleService filePlanRoleService;

    public void setPolicyComponent(PolicyComponent policyComponent) {
        this.policyComponent = policyComponent;
    }

    public void setRecordService(RecordService recordService) {
        this.recordService = recordService;
    }

    public void setFilePlanService(FilePlanService filePlanService) {
        this.filePlanService = filePlanService;
    }

    public void setFilePlanRoleService(FilePlanRoleService filePlanRoleService) {
        this.filePlanRoleService = filePlanRoleService;
    }

    public void init() {
        this.policyComponent.bindClassBehaviour(NodeServicePolicies.OnMoveNodePolicy.QNAME, ASPECT_EXTENDED_SECURITY, new JavaBehaviour(this, "onMoveNode", Behaviour.NotificationFrequency.TRANSACTION_COMMIT));
    }

    @Override // org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService
    public boolean hasExtendedSecurity(NodeRef nodeRef) {
        return this.nodeService.hasAspect(nodeRef, ASPECT_EXTENDED_SECURITY);
    }

    @Override // org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService
    public Set<String> getExtendedReaders(NodeRef nodeRef) {
        Set<String> set = null;
        Map map = (Map) this.nodeService.getProperty(nodeRef, PROP_READERS);
        if (map != null) {
            set = map.keySet();
        }
        return set;
    }

    @Override // org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService
    public Set<String> getExtendedWriters(NodeRef nodeRef) {
        Set<String> set = null;
        Map map = (Map) this.nodeService.getProperty(nodeRef, PROP_WRITERS);
        if (map != null) {
            set = map.keySet();
        }
        return set;
    }

    @Override // org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService
    public void addExtendedSecurity(NodeRef nodeRef, Set<String> set, Set<String> set2) {
        addExtendedSecurity(nodeRef, set, set2, true);
    }

    @Override // org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService
    public void addExtendedSecurity(NodeRef nodeRef, Set<String> set, Set<String> set2, boolean z) {
        ParameterCheck.mandatory("nodeRef", nodeRef);
        ParameterCheck.mandatory("applyToParents", Boolean.valueOf(z));
        if (nodeRef != null) {
            addExtendedSecurityImpl(nodeRef, set, set2, z);
        }
    }

    private void addExtendedSecurityImpl(NodeRef nodeRef, Set<String> set, Set<String> set2, boolean z) {
        NodeRef parentRef;
        ParameterCheck.mandatory("nodeRef", nodeRef);
        ParameterCheck.mandatory("applyToParents", Boolean.valueOf(z));
        if (!this.nodeService.hasAspect(nodeRef, ASPECT_EXTENDED_SECURITY)) {
            this.nodeService.addAspect(nodeRef, ASPECT_EXTENDED_SECURITY, (Map) null);
        }
        if (set != null && set.size() != 0) {
            this.nodeService.setProperty(nodeRef, PROP_READERS, (Serializable) addToMap((Map) this.nodeService.getProperty(nodeRef, PROP_READERS), set));
        }
        if (set2 != null && set2.size() != 0) {
            this.nodeService.setProperty(nodeRef, PROP_WRITERS, (Serializable) addToMap((Map) this.nodeService.getProperty(nodeRef, PROP_WRITERS), set2));
        }
        if (this.recordService.isRecord(nodeRef)) {
            Iterator it = this.nodeService.getChildAssocs(nodeRef, RenditionModel.ASSOC_RENDITION, RegexQNamePattern.MATCH_ALL).iterator();
            while (it.hasNext()) {
                addExtendedSecurityImpl(((ChildAssociationRef) it.next()).getChildRef(), set, set2, false);
            }
        }
        addExtendedSecurityRoles(nodeRef, set, set2);
        if (z && (parentRef = this.nodeService.getPrimaryParent(nodeRef).getParentRef()) != null && this.filePlanService.isFilePlanComponent(parentRef)) {
            addExtendedSecurityImpl(parentRef, set, null, z);
            addExtendedSecurityImpl(parentRef, set2, null, z);
        }
    }

    private void addExtendedSecurityRoles(NodeRef nodeRef, Set<String> set, Set<String> set2) {
        NodeRef filePlan = this.filePlanService.getFilePlan(nodeRef);
        addExtendedSecurityRolesImpl(filePlan, set, PROP_EXTENDED_READER_ROLE, FilePlanRoleService.ROLE_EXTENDED_READERS);
        addExtendedSecurityRolesImpl(filePlan, set2, PROP_EXTENDED_WRITER_ROLE, FilePlanRoleService.ROLE_EXTENDED_WRITERS);
    }

    private void addExtendedSecurityRolesImpl(NodeRef nodeRef, Set<String> set, QName qName, String str) {
        if (set != null) {
            Map<String, Integer> map = (Map) this.nodeService.getProperty(nodeRef, qName);
            for (String str2 : set) {
                if (!str2.equals("GROUP_EVERYONE") && !str2.equals("ROLE_OWNER") && (map == null || !map.containsKey(str2))) {
                    this.filePlanRoleService.assignRoleToAuthority(nodeRef, str, str2);
                }
            }
            this.nodeService.setProperty(nodeRef, qName, (Serializable) addToMap(map, set));
        }
    }

    private void removeExtendedSecurityRoles(NodeRef nodeRef, Set<String> set, Set<String> set2) {
        NodeRef filePlan = this.filePlanService.getFilePlan(nodeRef);
        removeExtendedSecurityRolesImpl(filePlan, set, PROP_EXTENDED_READER_ROLE, FilePlanRoleService.ROLE_EXTENDED_READERS);
        removeExtendedSecurityRolesImpl(filePlan, set2, PROP_EXTENDED_WRITER_ROLE, FilePlanRoleService.ROLE_EXTENDED_WRITERS);
    }

    private void removeExtendedSecurityRolesImpl(NodeRef nodeRef, Set<String> set, QName qName, String str) {
        if (set != null) {
            Map<String, Integer> map = (Map) this.nodeService.getProperty(nodeRef, qName);
            for (String str2 : set) {
                if (!str2.equals("GROUP_EVERYONE")) {
                    if (map == null) {
                        this.filePlanRoleService.unassignRoleFromAuthority(nodeRef, str, str2);
                    } else {
                        Integer num = map.get(str2);
                        if (num == null || num.intValue() == 1) {
                            this.filePlanRoleService.unassignRoleFromAuthority(nodeRef, str, str2);
                        }
                    }
                }
            }
            this.nodeService.setProperty(nodeRef, qName, (Serializable) removeFromMap(map, set));
        }
    }

    private Map<String, Integer> addToMap(Map<String, Integer> map, Set<String> set) {
        if (map == null) {
            map = new HashMap(7);
        }
        for (String str : set) {
            if (!str.equals("GROUP_EVERYONE")) {
                if (map.containsKey(str)) {
                    map.put(str, Integer.valueOf(map.get(str).intValue() + 1));
                } else {
                    map.put(str, 1);
                }
            }
        }
        return map;
    }

    @Override // org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService
    public void removeExtendedSecurity(NodeRef nodeRef, Set<String> set, Set<String> set2) {
        removeExtendedSecurity(nodeRef, set, set2, true);
    }

    @Override // org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService
    public void removeExtendedSecurity(NodeRef nodeRef, Set<String> set, Set<String> set2, boolean z) {
        NodeRef parentRef;
        if (hasExtendedSecurity(nodeRef)) {
            removeExtendedSecurityImpl(nodeRef, set, set2);
            if (this.recordService.isRecord(nodeRef)) {
                Iterator it = this.nodeService.getChildAssocs(nodeRef, RenditionModel.ASSOC_RENDITION, RegexQNamePattern.MATCH_ALL).iterator();
                while (it.hasNext()) {
                    removeExtendedSecurityImpl(((ChildAssociationRef) it.next()).getChildRef(), set, set2);
                }
            }
            if (z && (parentRef = this.nodeService.getPrimaryParent(nodeRef).getParentRef()) != null && this.filePlanService.isFilePlanComponent(parentRef)) {
                removeExtendedSecurity(parentRef, set, null, z);
                removeExtendedSecurity(parentRef, set2, null, z);
            }
        }
    }

    private void removeExtendedSecurityImpl(NodeRef nodeRef, Set<String> set, Set<String> set2) {
        Map<String, Integer> map = (Map) this.nodeService.getProperty(nodeRef, PROP_READERS);
        this.nodeService.setProperty(nodeRef, PROP_READERS, (Serializable) removeFromMap(map, set));
        Map<String, Integer> map2 = (Map) this.nodeService.getProperty(nodeRef, PROP_WRITERS);
        this.nodeService.setProperty(nodeRef, PROP_WRITERS, (Serializable) removeFromMap(map2, set2));
        if (map == null && map2 == null) {
            this.nodeService.removeAspect(nodeRef, ASPECT_EXTENDED_SECURITY);
        }
    }

    private Map<String, Integer> removeFromMap(Map<String, Integer> map, Set<String> set) {
        Integer num;
        if (map != null && set != null && set.size() != 0) {
            for (String str : set) {
                if (!str.equals("GROUP_EVERYONE") && (num = map.get(str)) != null) {
                    if (num.intValue() == 1) {
                        map.remove(str);
                    } else {
                        map.put(str, Integer.valueOf(num.intValue() - 1));
                    }
                }
            }
        }
        if (map != null && map.isEmpty()) {
            map = null;
        }
        return map;
    }

    @Override // org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService
    public void removeAllExtendedSecurity(NodeRef nodeRef) {
        removeAllExtendedSecurity(nodeRef, true);
    }

    @Override // org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService
    public void removeAllExtendedSecurity(NodeRef nodeRef, boolean z) {
        if (hasExtendedSecurity(nodeRef)) {
            removeExtendedSecurity(nodeRef, getExtendedReaders(nodeRef), getExtendedWriters(nodeRef));
        }
    }

    public void onMoveNode(final ChildAssociationRef childAssociationRef, final ChildAssociationRef childAssociationRef2) {
        AuthenticationUtil.runAsSystem(new AuthenticationUtil.RunAsWork<Void>() { // from class: org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityServiceImpl.1
            /* renamed from: doWork, reason: merged with bridge method [inline-methods] */
            public Void m170doWork() throws Exception {
                NodeRef childRef = childAssociationRef2.getChildRef();
                NodeRef parentRef = childAssociationRef2.getParentRef();
                NodeRef parentRef2 = childAssociationRef.getParentRef();
                Set<String> extendedReaders = ExtendedSecurityServiceImpl.this.getExtendedReaders(childRef);
                Set<String> extendedWriters = ExtendedSecurityServiceImpl.this.getExtendedWriters(childRef);
                ExtendedSecurityServiceImpl.this.addExtendedSecurity(parentRef, extendedReaders, extendedWriters);
                ExtendedSecurityServiceImpl.this.removeExtendedSecurity(parentRef2, extendedReaders, extendedWriters);
                return null;
            }
        });
    }
}
