package com.atlassian.jira.rpc.soap.service;

import com.atlassian.crowd.embedded.api.Group;
import com.atlassian.crowd.embedded.api.User;
import com.atlassian.jira.issue.security.IssueSecuritySchemeManager;
import com.atlassian.jira.notification.NotificationSchemeManager;
import com.atlassian.jira.permission.PermissionSchemeManager;
import com.atlassian.jira.rpc.exception.RemoteException;
import com.atlassian.jira.rpc.exception.RemotePermissionException;
import com.atlassian.jira.rpc.exception.RemoteValidationException;
import com.atlassian.jira.rpc.soap.beans.RemoteEntity;
import com.atlassian.jira.rpc.soap.beans.RemoteGroup;
import com.atlassian.jira.rpc.soap.beans.RemotePermission;
import com.atlassian.jira.rpc.soap.beans.RemotePermissionScheme;
import com.atlassian.jira.rpc.soap.beans.RemoteScheme;
import com.atlassian.jira.rpc.soap.beans.RemoteUser;
import com.atlassian.jira.scheme.SchemeEntity;
import com.atlassian.jira.security.PermissionManager;
import com.atlassian.jira.user.util.UserManager;
import java.util.List;
import org.ofbiz.core.entity.GenericEntityException;
import org.ofbiz.core.entity.GenericValue;

/* loaded from: input_file:com/atlassian/jira/rpc/soap/service/SchemeServiceImpl.class */
public class SchemeServiceImpl implements SchemeService {
    private final PermissionManager permissionManager;
    private final NotificationSchemeManager notificationSchemeManager;
    private final PermissionSchemeManager permissionSchemeManager;
    private final IssueSecuritySchemeManager issueSecuritySchemeManager;
    private final UserManager userManager;
    private final ServiceHelper serviceHelper;
    public static final String __PARANAMER_DATA = "<init> com.atlassian.jira.security.PermissionManager,com.atlassian.jira.notification.NotificationSchemeManager,com.atlassian.jira.permission.PermissionSchemeManager,com.atlassian.jira.issue.security.IssueSecuritySchemeManager,com.atlassian.jira.user.util.UserManager,com.atlassian.jira.rpc.soap.service.ServiceHelper permissionManager,notificationSchemeManager,permissionSchemeManager,issueSecuritySchemeManager,userManager,serviceHelper \nvalidateRemoteGroup com.atlassian.jira.rpc.soap.beans.RemoteEntity,com.atlassian.crowd.embedded.api.Group remoteEntity,group \nvalidateRemoteUser com.atlassian.jira.rpc.soap.beans.RemoteEntity,com.atlassian.crowd.embedded.api.User remoteEntity,user \naddPermissionTo com.atlassian.crowd.embedded.api.User,com.atlassian.jira.rpc.soap.beans.RemotePermissionScheme,com.atlassian.jira.rpc.soap.beans.RemotePermission,com.atlassian.jira.rpc.soap.beans.RemoteEntity admin,remotePermissionScheme,remotePermission,remoteEntity \ncreatePermissionScheme com.atlassian.crowd.embedded.api.User,java.lang.String,java.lang.String admin,permissionSchemeName,description \ndeletePermissionFrom com.atlassian.crowd.embedded.api.User,com.atlassian.jira.rpc.soap.beans.RemotePermissionScheme,com.atlassian.jira.rpc.soap.beans.RemotePermission,com.atlassian.jira.rpc.soap.beans.RemoteEntity admin,remotePermissionScheme,remotePermission,remoteEntity \ngetPermissionSchemes com.atlassian.crowd.embedded.api.User user \ngetAllPermissions com.atlassian.crowd.embedded.api.User admin \ngetIssueSecuritySchemes com.atlassian.crowd.embedded.api.User user \ngetNotificationSchemes com.atlassian.crowd.embedded.api.User user \npopulateRemoteSchemes com.atlassian.crowd.embedded.api.User,java.util.List,java.lang.String user,schemes,type \ndeletePermissionScheme com.atlassian.crowd.embedded.api.User,java.lang.String admin,permissionSchemeName \nvalidateRemotePermission com.atlassian.jira.rpc.soap.beans.RemotePermission remotePermission \nvalidateRemotePermissionScheme com.atlassian.jira.rpc.soap.beans.RemotePermissionScheme remotePermissionScheme \n";

    public SchemeServiceImpl(PermissionManager permissionManager, NotificationSchemeManager notificationSchemeManager, PermissionSchemeManager permissionSchemeManager, IssueSecuritySchemeManager issueSecuritySchemeManager, UserManager userManager, ServiceHelper serviceHelper) {
        this.permissionManager = permissionManager;
        this.notificationSchemeManager = notificationSchemeManager;
        this.permissionSchemeManager = permissionSchemeManager;
        this.issueSecuritySchemeManager = issueSecuritySchemeManager;
        this.userManager = userManager;
        this.serviceHelper = serviceHelper;
    }

    @Override // com.atlassian.jira.rpc.soap.service.SchemeService
    public RemoteScheme[] getNotificationSchemes(User user) throws RemotePermissionException, RemoteException {
        if (!this.permissionManager.hasPermission(0, user)) {
            throw new RemotePermissionException("You do not have permission to get NotificationSchemes.");
        }
        try {
            return populateRemoteSchemes(user, this.notificationSchemeManager.getSchemes(), "notification");
        } catch (GenericEntityException e) {
            throw new RemoteException((Throwable) e);
        }
    }

    @Override // com.atlassian.jira.rpc.soap.service.SchemeService
    public RemotePermissionScheme[] getPermissionSchemes(User user) throws RemotePermissionException, RemoteException {
        if (!this.permissionManager.hasPermission(0, user)) {
            throw new RemotePermissionException("You do not have permission to get PermissionSchemes.");
        }
        try {
            return (RemotePermissionScheme[]) populateRemoteSchemes(user, this.permissionSchemeManager.getSchemes(), "permission");
        } catch (GenericEntityException e) {
            throw new RemoteException((Throwable) e);
        }
    }

    @Override // com.atlassian.jira.rpc.soap.service.SchemeService
    public RemoteScheme[] getIssueSecuritySchemes(User user) throws RemotePermissionException, RemoteException {
        if (!this.permissionManager.hasPermission(0, user)) {
            throw new RemotePermissionException("You do not have permission to get SecuritySchemes.");
        }
        try {
            return populateRemoteSchemes(user, this.issueSecuritySchemeManager.getSchemes(), "issueSecurity");
        } catch (GenericEntityException e) {
            throw new RemoteException((Throwable) e);
        }
    }

    @Override // com.atlassian.jira.rpc.soap.service.SchemeService
    public RemotePermissionScheme createPermissionScheme(User user, String str, String str2) throws RemotePermissionException, RemoteException, RemoteValidationException {
        if (!this.permissionManager.hasPermission(0, user)) {
            throw new RemotePermissionException("You do not have permission to create permission schemes");
        }
        if (str == null) {
            throw new RemoteValidationException("unable to create permission scheme, name cannot be null");
        }
        if (this.permissionSchemeManager.getScheme(str) != null) {
            throw new RemoteValidationException("unable to create permission scheme, a scheme for this name already exists: " + str);
        }
        try {
            return new RemotePermissionScheme(this.permissionSchemeManager.createScheme(str, str2));
        } catch (GenericEntityException e) {
            throw new RemoteException("unable to create permission scheme, cause: " + e.getMessage(), e);
        }
    }

    @Override // com.atlassian.jira.rpc.soap.service.SchemeService
    public void deletePermissionScheme(User user, String str) throws RemotePermissionException, RemoteException, RemoteValidationException {
        if (!this.permissionManager.hasPermission(0, user)) {
            throw new RemotePermissionException("You do not have permission to delete permission schemes");
        }
        if (str == null) {
            throw new RemoteValidationException("unable to delete permission scheme, name cannot be null");
        }
        try {
            GenericValue scheme = this.permissionSchemeManager.getScheme(str);
            if (scheme == null) {
                throw new RemoteValidationException("unable to delete permission scheme, a scheme for this name does not exist: " + str);
            }
            try {
                if (this.permissionSchemeManager.getDefaultScheme() != null && this.permissionSchemeManager.getDefaultScheme().equals(scheme)) {
                    throw new RemoteValidationException("you cannot delete the default permission scheme");
                }
                List projects = this.permissionSchemeManager.getProjects(scheme);
                for (int i = 0; i < projects.size(); i++) {
                    GenericValue genericValue = (GenericValue) projects.get(i);
                    this.permissionSchemeManager.removeSchemesFromProject(genericValue);
                    this.permissionSchemeManager.addDefaultSchemeToProject(genericValue);
                }
                this.permissionSchemeManager.deleteScheme(scheme.getLong("id"));
            } catch (GenericEntityException e) {
                throw new RemoteException("unable to delete permission scheme, cause: " + e.getMessage(), e);
            }
        } catch (GenericEntityException e2) {
            throw new RemoteValidationException("unable to delete permission scheme, a scheme for this name does not exist: " + str);
        }
    }

    @Override // com.atlassian.jira.rpc.soap.service.SchemeService
    public RemotePermissionScheme addPermissionTo(User user, RemotePermissionScheme remotePermissionScheme, RemotePermission remotePermission, RemoteEntity remoteEntity) throws RemotePermissionException, RemoteException, RemoteValidationException {
        if (!this.permissionManager.hasPermission(0, user)) {
            throw new RemotePermissionException("You do not have permission to add permissions to schemes");
        }
        validateRemotePermissionScheme(remotePermissionScheme);
        validateRemotePermission(remotePermission);
        if (remoteEntity == null) {
            throw new RemoteValidationException("unable to validate, remote entity cannot be null");
        }
        User validateRemoteUser = validateRemoteUser(remoteEntity, null);
        Group validateRemoteGroup = validateRemoteGroup(remoteEntity, null);
        try {
            GenericValue scheme = this.permissionSchemeManager.getScheme(remotePermissionScheme.getId());
            String str = validateRemoteUser == null ? "group" : "user";
            String name = validateRemoteUser == null ? validateRemoteGroup.getName() : validateRemoteUser.getName();
            if (this.permissionSchemeManager.getEntities(scheme, remotePermission.getPermission(), str, name).size() > 0) {
                throw new RemoteValidationException("unable to create permission, permission for that entity already exists");
            }
            this.permissionSchemeManager.createSchemeEntity(scheme, new SchemeEntity(str, name, remotePermission.getPermission()));
            return this.serviceHelper.populateSchemePermissions(user, scheme);
        } catch (Exception e) {
            throw new RemoteException("unable to add permission to group, cause: " + e.getMessage(), e);
        }
    }

    @Override // com.atlassian.jira.rpc.soap.service.SchemeService
    public RemotePermissionScheme deletePermissionFrom(User user, RemotePermissionScheme remotePermissionScheme, RemotePermission remotePermission, RemoteEntity remoteEntity) throws RemotePermissionException, RemoteException, RemoteValidationException {
        if (!this.permissionManager.hasPermission(0, user)) {
            throw new RemotePermissionException("You do not have permission to delete permissions from schemes");
        }
        validateRemotePermissionScheme(remotePermissionScheme);
        validateRemotePermission(remotePermission);
        if (remoteEntity == null) {
            throw new RemoteValidationException("unable to validate, remote entity cannot be null");
        }
        User validateRemoteUser = validateRemoteUser(remoteEntity, null);
        Group validateRemoteGroup = validateRemoteGroup(remoteEntity, null);
        try {
            GenericValue scheme = this.permissionSchemeManager.getScheme(remotePermissionScheme.getId());
            List entities = this.permissionSchemeManager.getEntities(scheme, remotePermission.getPermission(), validateRemoteUser == null ? "group" : "user", validateRemoteUser == null ? validateRemoteGroup.getName() : validateRemoteUser.getName());
            if (entities.size() <= 0) {
                throw new RemoteValidationException("unable to delete permission from scheme, no permission of this kind exists for this remote entity:" + remotePermission + ", " + remoteEntity);
            }
            this.permissionSchemeManager.deleteEntity(((GenericValue) entities.get(0)).getLong("id"));
            new RemotePermissionScheme(scheme);
            return this.serviceHelper.populateSchemePermissions(user, scheme);
        } catch (Exception e) {
            throw new RemoteException("unable to delete permission from scheme, cause: " + e.getMessage(), e);
        }
    }

    protected Group validateRemoteGroup(RemoteEntity remoteEntity, Group group) throws RemoteValidationException {
        if (remoteEntity instanceof RemoteGroup) {
            group = this.userManager.getGroup(((RemoteGroup) remoteEntity).getName());
            if (group == null) {
                throw new RemoteValidationException("unable to validate, group does not exist" + group);
            }
        }
        return group;
    }

    protected User validateRemoteUser(RemoteEntity remoteEntity, User user) throws RemoteValidationException {
        if (remoteEntity instanceof RemoteUser) {
            RemoteUser remoteUser = (RemoteUser) remoteEntity;
            try {
                user = this.userManager.getUser(remoteUser.getName());
            } catch (Exception e) {
                throw new RemoteValidationException("unable to validate, user '" + remoteUser.getName() + "' does not exist: " + e.getMessage(), e);
            }
        }
        return user;
    }

    protected void validateRemotePermission(RemotePermission remotePermission) throws RemoteValidationException {
        if (remotePermission == null) {
            throw new RemoteValidationException("unable to validate, permission cannot be null");
        }
        if (this.serviceHelper.getPermissionName(Integer.valueOf("" + remotePermission.getPermission())) == null) {
            throw new RemoteValidationException("unable to validate, permission does not exist for: " + remotePermission.getName());
        }
    }

    protected void validateRemotePermissionScheme(RemotePermissionScheme remotePermissionScheme) throws RemoteValidationException {
        if (remotePermissionScheme == null) {
            throw new RemoteValidationException("unable to validate, remotePermissionScheme cannot be null");
        }
        try {
            GenericValue scheme = this.permissionSchemeManager.getScheme(remotePermissionScheme.getName());
            if (scheme == null) {
                throw new RemoteValidationException("unable to validate, remotePermissionScheme does not exist for: " + scheme);
            }
        } catch (GenericEntityException e) {
            throw new RemoteValidationException("unable to validate, remotePermissionScheme does not exist for: " + e.getMessage(), (Throwable) e);
        }
    }

    protected RemoteScheme[] populateRemoteSchemes(User user, List list, String str) throws RemotePermissionException, RemoteException, GenericEntityException {
        RemoteScheme[] remoteSchemeArr;
        if ("permission".equals(str)) {
            remoteSchemeArr = new RemotePermissionScheme[list.size()];
            for (int i = 0; i < list.size(); i++) {
                remoteSchemeArr[i] = this.serviceHelper.populateSchemePermissions(user, (GenericValue) list.get(i));
            }
        } else {
            remoteSchemeArr = new RemoteScheme[list.size()];
            for (int i2 = 0; i2 < list.size(); i2++) {
                remoteSchemeArr[i2] = new RemoteScheme((GenericValue) list.get(i2), str);
            }
        }
        return remoteSchemeArr;
    }

    @Override // com.atlassian.jira.rpc.soap.service.SchemeService
    public RemotePermission[] getAllPermissions(User user) throws RemotePermissionException, RemoteException {
        return this.serviceHelper.getAllPermissions(user);
    }
}
