package org.kuali.kfs.sys.rest;

import com.google.common.base.CaseFormat;
import java.beans.PropertyDescriptor;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import javassist.Modifier;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.commons.beanutils.PropertyUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.kuali.kfs.krad.bo.PersistableBusinessObject;
import org.kuali.kfs.krad.datadictionary.AttributeDefinition;
import org.kuali.kfs.krad.datadictionary.BusinessObjectEntry;
import org.kuali.kfs.krad.service.BusinessObjectService;
import org.kuali.kfs.krad.service.DataDictionaryService;
import org.kuali.kfs.krad.service.KualiModuleService;
import org.kuali.kfs.krad.service.ModuleService;
import org.kuali.kfs.krad.util.KRADUtils;
import org.kuali.kfs.krad.util.ObjectUtils;
import org.kuali.kfs.sec.SecConstants;
import org.kuali.kfs.sec.service.AccessSecurityService;
import org.kuali.kfs.sys.context.SpringContext;
import org.kuali.rice.core.api.config.property.ConfigurationService;
import org.kuali.rice.kim.api.KimConstants;
import org.kuali.rice.kim.api.identity.Person;
import org.kuali.rice.kim.api.permission.PermissionService;
import org.kuali.rice.krad.bo.BusinessObject;

@Produces({"application/json"})
@Path("{moduleName}/{businessObjectName}")
@Consumes({"application/json"})
/* loaded from: input_file:WEB-INF/lib/kfs-core-2016-10-06.jar:org/kuali/kfs/sys/rest/BusinessObjectResource.class */
public class BusinessObjectResource {
    private static final Logger LOG = Logger.getLogger(BusinessObjectResource.class);
    protected static volatile KualiModuleService kualiModuleService;
    protected static volatile BusinessObjectService businessObjectService;
    protected static volatile ConfigurationService configurationService;
    protected static volatile PermissionService permissionService;
    protected static volatile AccessSecurityService accessSecurityService;
    protected static volatile DataDictionaryService dataDictionaryService;

    @Context
    protected HttpServletRequest servletRequest;

    @GET
    @Path("/{objectId}")
    public Response getSingleObject(@PathParam("moduleName") String str, @PathParam("businessObjectName") String str2, @PathParam("objectId") String str3) {
        Object jsonValue;
        LOG.debug("processV1Request() started");
        Class<PersistableBusinessObject> determineClass = determineClass(str, str2);
        if (determineClass == null) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        if (!isAuthorized(KimConstants.PermissionTemplateNames.INQUIRE_INTO_RECORDS, determineClass)) {
            return Response.status(Response.Status.FORBIDDEN).build();
        }
        PersistableBusinessObject findBusinessObject = findBusinessObject(determineClass, str3);
        if (findBusinessObject == null) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        if (!isAuthorizedByAccessSecurity(findBusinessObject)) {
            return Response.status(Response.Status.FORBIDDEN).build();
        }
        ObjectUtils.materializeSubObjectsToDepth(findBusinessObject, 3);
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        try {
            for (PropertyDescriptor propertyDescriptor : PropertyUtils.getPropertyDescriptors(findBusinessObject)) {
                Method readMethod = propertyDescriptor.getReadMethod();
                if (readMethod != null && readMethod.getParameterCount() == 0 && Modifier.isPublic(readMethod.getModifiers()) && (jsonValue = getJsonValue(findBusinessObject, propertyDescriptor)) != null) {
                    linkedHashMap.put(propertyDescriptor.getName(), maskJsonValueIfNecessary(determineClass.getSimpleName(), propertyDescriptor.getName(), jsonValue));
                }
            }
            return Response.ok(linkedHashMap).build();
        } catch (ReflectiveOperationException e) {
            LOG.error("Could not serialize BO", e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
    }

    protected Object maskJsonValueIfNecessary(String str, String str2, Object obj) {
        AttributeDefinition attributeDefinition = getDataDictionaryService().getAttributeDefinition(str, str2);
        if (attributeDefinition == null || attributeDefinition.getAttributeSecurity() == null || !(attributeDefinition.getAttributeSecurity().isMask() || attributeDefinition.getAttributeSecurity().isPartialMask())) {
            return obj;
        }
        return (attributeDefinition.getAttributeSecurity().isMask() ? attributeDefinition.getAttributeSecurity().getMaskFormatter() : attributeDefinition.getAttributeSecurity().getPartialMaskFormatter()).maskValue(obj);
    }

    protected Object getJsonValue(PersistableBusinessObject persistableBusinessObject, PropertyDescriptor propertyDescriptor) throws ReflectiveOperationException {
        Object simpleProperty = PropertyUtils.getSimpleProperty(persistableBusinessObject, propertyDescriptor.getName());
        if (ObjectUtils.isNull(simpleProperty)) {
            return null;
        }
        Class propertyType = propertyDescriptor.getPropertyType();
        if (BusinessObject.class.isAssignableFrom(propertyType)) {
            return convertBoToUrl((BusinessObject) simpleProperty);
        }
        if (!Collection.class.isAssignableFrom(propertyType)) {
            return Date.class.isAssignableFrom(propertyType) ? Long.valueOf(((Date) simpleProperty).getTime()) : simpleProperty;
        }
        ArrayList arrayList = new ArrayList();
        for (Object obj : (Collection) simpleProperty) {
            if (obj instanceof BusinessObject) {
                Map<String, Object> convertBoToUrl = convertBoToUrl((BusinessObject) obj);
                if (convertBoToUrl != null) {
                    arrayList.add(convertBoToUrl);
                }
            } else {
                arrayList.add(obj);
            }
        }
        return arrayList;
    }

    protected <T extends PersistableBusinessObject> T findBusinessObject(Class<T> cls, String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("objectId", str);
        Collection findMatching = getBusinessObjectService().findMatching(cls, hashMap);
        if (findMatching.size() != 1) {
            return null;
        }
        return (T) findMatching.iterator().next();
    }

    protected Class<PersistableBusinessObject> determineClass(String str, String str2) {
        if (determineModuleService(str) == null) {
            return null;
        }
        String convertUrlBoNameToClassName = convertUrlBoNameToClassName(str2);
        if (!getDataDictionaryService().containsDictionaryObject(convertUrlBoNameToClassName)) {
            return null;
        }
        Object dictionaryObject = getDataDictionaryService().getDictionaryObject(convertUrlBoNameToClassName);
        if (!(dictionaryObject instanceof BusinessObjectEntry)) {
            return null;
        }
        Class businessObjectClass = ((BusinessObjectEntry) dictionaryObject).getBusinessObjectClass();
        if (PersistableBusinessObject.class.isAssignableFrom(businessObjectClass)) {
            return businessObjectClass;
        }
        return null;
    }

    protected ModuleService determineModuleService(String str) {
        for (ModuleService moduleService : getKualiModuleService().getInstalledModuleServices()) {
            if (moduleService.getModuleConfiguration().getNamespaceCode().toUpperCase().contains(StringUtils.upperCase(str))) {
                return moduleService;
            }
        }
        return null;
    }

    protected String convertUrlBoNameToClassName(String str) {
        return StringUtils.chop(CaseFormat.LOWER_HYPHEN.to(CaseFormat.UPPER_CAMEL, str));
    }

    protected String convertClassToUrlBoName(Class cls, ModuleService moduleService) {
        BusinessObjectEntry businessObjectEntryForConcreteClass = getDataDictionaryService().getDataDictionary().getBusinessObjectEntryForConcreteClass(cls.getName());
        if (businessObjectEntryForConcreteClass == null) {
            return null;
        }
        return CaseFormat.UPPER_CAMEL.to(CaseFormat.LOWER_HYPHEN, businessObjectEntryForConcreteClass.getJstlKey()) + "s";
    }

    protected Map<String, Object> convertBoToUrl(BusinessObject businessObject) {
        ModuleService responsibleModuleService;
        String moduleName;
        String convertClassToUrlBoName;
        if (!(businessObject instanceof PersistableBusinessObject)) {
            return null;
        }
        PersistableBusinessObject persistableBusinessObject = (PersistableBusinessObject) businessObject;
        if (persistableBusinessObject.getObjectId() == null || (responsibleModuleService = kualiModuleService.getResponsibleModuleService(businessObject.getClass())) == null || (moduleName = getModuleName(responsibleModuleService)) == null || (convertClassToUrlBoName = convertClassToUrlBoName(persistableBusinessObject.getClass(), responsibleModuleService)) == null) {
            return null;
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("link", getBaseUrl() + "/api/v1/business-object/" + moduleName + "/" + convertClassToUrlBoName + "/" + persistableBusinessObject.getObjectId());
        return linkedHashMap;
    }

    protected String getBaseUrl() {
        return getConfigurationService().getPropertyValueAsString("application.url");
    }

    protected String getModuleName(ModuleService moduleService) {
        String lowerCase = moduleService.getModuleConfiguration().getNamespaceCode().toLowerCase();
        if (lowerCase.contains("-")) {
            lowerCase = StringUtils.substringAfter(lowerCase, "-");
        }
        return lowerCase;
    }

    protected boolean isAuthorized(String str, Class<PersistableBusinessObject> cls) {
        return getPermissionService().isAuthorizedByTemplate(getPrincipalId(), "KR-NS", KimConstants.PermissionTemplateNames.INQUIRE_INTO_RECORDS, KRADUtils.getNamespaceAndComponentSimpleName(cls), Collections.emptyMap());
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected boolean isAuthorizedByAccessSecurity(PersistableBusinessObject persistableBusinessObject) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(persistableBusinessObject);
        applySecurityRestrictionsForInquiry(persistableBusinessObject.getClass(), arrayList);
        return !arrayList.isEmpty();
    }

    protected void applySecurityRestrictionsForInquiry(Class<? extends PersistableBusinessObject> cls, List<PersistableBusinessObject> list) {
        AccessSecurityService accessSecurityService2 = getAccessSecurityService();
        if (accessSecurityService2 != null) {
            accessSecurityService2.applySecurityRestrictions(list, getPerson(), accessSecurityService2.getInquiryWithFieldValueTemplate(), Collections.singletonMap("namespaceCode", KRADUtils.getNamespaceCode(cls)));
        }
    }

    protected String getPrincipalId() {
        return getPerson().getPrincipalId();
    }

    protected Person getPerson() {
        return KRADUtils.getUserSessionFromRequest(this.servletRequest).getPerson();
    }

    protected KualiModuleService getKualiModuleService() {
        if (kualiModuleService == null) {
            kualiModuleService = (KualiModuleService) SpringContext.getBean(KualiModuleService.class);
        }
        return kualiModuleService;
    }

    protected BusinessObjectService getBusinessObjectService() {
        if (businessObjectService == null) {
            businessObjectService = (BusinessObjectService) SpringContext.getBean(BusinessObjectService.class);
        }
        return businessObjectService;
    }

    protected ConfigurationService getConfigurationService() {
        if (configurationService == null) {
            configurationService = (ConfigurationService) SpringContext.getBean(ConfigurationService.class);
        }
        return configurationService;
    }

    protected PermissionService getPermissionService() {
        if (permissionService == null) {
            permissionService = (PermissionService) SpringContext.getBean(PermissionService.class);
        }
        return permissionService;
    }

    protected AccessSecurityService getAccessSecurityService() {
        if (!getConfigurationService().getPropertyValueAsBoolean(SecConstants.ACCESS_SECURITY_MODULE_ENABLED_PROPERTY_NAME)) {
            return null;
        }
        if (accessSecurityService == null) {
            accessSecurityService = (AccessSecurityService) SpringContext.getBean(AccessSecurityService.class);
        }
        return accessSecurityService;
    }

    public static DataDictionaryService getDataDictionaryService() {
        if (dataDictionaryService == null) {
            dataDictionaryService = (DataDictionaryService) SpringContext.getBean(DataDictionaryService.class);
        }
        return dataDictionaryService;
    }

    public static void setKualiModuleService(KualiModuleService kualiModuleService2) {
        kualiModuleService = kualiModuleService2;
    }

    public static void setBusinessObjectService(BusinessObjectService businessObjectService2) {
        businessObjectService = businessObjectService2;
    }

    public static void setConfigurationService(ConfigurationService configurationService2) {
        configurationService = configurationService2;
    }

    public static void setPermissionService(PermissionService permissionService2) {
        permissionService = permissionService2;
    }

    public static void setAccessSecurityService(AccessSecurityService accessSecurityService2) {
        accessSecurityService = accessSecurityService2;
    }

    public static void setDataDictionaryService(DataDictionaryService dataDictionaryService2) {
        dataDictionaryService = dataDictionaryService2;
    }
}
