package org.kuali.kfs.sys.rest.resource;

import java.time.Instant;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.kuali.kfs.kns.datadictionary.MaintenanceDocumentEntry;
import org.kuali.kfs.kns.service.BusinessObjectAuthorizationService;
import org.kuali.kfs.krad.bo.PersistableBusinessObject;
import org.kuali.kfs.krad.service.BusinessObjectService;
import org.kuali.kfs.krad.service.DataDictionaryService;
import org.kuali.kfs.krad.service.KualiModuleService;
import org.kuali.kfs.krad.service.ModuleService;
import org.kuali.kfs.krad.service.PersistenceStructureService;
import org.kuali.kfs.krad.util.KRADUtils;
import org.kuali.kfs.sec.SecConstants;
import org.kuali.kfs.sec.service.AccessSecurityService;
import org.kuali.kfs.sys.KFSConstants;
import org.kuali.kfs.sys.context.SpringContext;
import org.kuali.kfs.sys.rest.service.SearchParameterService;
import org.kuali.kfs.sys.rest.service.SerializationService;
import org.kuali.rice.core.api.config.property.ConfigurationService;
import org.kuali.rice.kim.api.KimConstants;
import org.kuali.rice.kim.api.identity.Person;
import org.kuali.rice.kim.api.permission.PermissionService;

@Produces({"application/json"})
@Path("reference/{documentTypeName}")
@Consumes({"application/json"})
/* loaded from: input_file:WEB-INF/lib/kfs-core-2018-09-13.jar:org/kuali/kfs/sys/rest/resource/BusinessObjectReferenceResource.class */
public class BusinessObjectReferenceResource {
    private static final Logger LOG = LogManager.getLogger((Class<?>) BusinessObjectReferenceResource.class);
    private String moduleName;
    private static volatile KualiModuleService kualiModuleService;
    private static volatile BusinessObjectService businessObjectService;
    private static volatile BusinessObjectAuthorizationService businessObjectAuthorizationService;
    private static volatile ConfigurationService configurationService;
    private static volatile PermissionService permissionService;
    private static volatile AccessSecurityService accessSecurityService;
    private static volatile DataDictionaryService dataDictionaryService;
    private static volatile PersistenceStructureService persistenceStructureService;
    private static volatile SearchParameterService searchParameterService;
    private static volatile SerializationService serializationService;

    @Context
    protected HttpServletRequest servletRequest;

    public BusinessObjectReferenceResource(String str) {
        this.moduleName = str;
    }

    @GET
    public Response findMultipleBusinessObjects(@PathParam("documentTypeName") String str, @Context UriInfo uriInfo) {
        Class<PersistableBusinessObject> determineClass;
        LOG.debug("findMultipleBusinessObjects() started");
        MaintenanceDocumentEntry maintenanceDocumentEntry = getMaintenanceDocumentEntry(str);
        if (maintenanceDocumentEntry != null && (determineClass = determineClass(this.moduleName, maintenanceDocumentEntry)) != null) {
            return !isAuthorized(determineClass) ? Response.status(Response.Status.FORBIDDEN).build() : Response.ok(searchBusinessObjects(determineClass, uriInfo, maintenanceDocumentEntry)).build();
        }
        return Response.status(Response.Status.NOT_FOUND).build();
    }

    @GET
    @Path("{objectId}")
    public Response findSingleBusinessObject(@PathParam("documentTypeName") String str, @PathParam("objectId") String str2) {
        Class<PersistableBusinessObject> determineClass;
        LOG.debug("findSingleBusinessObject() started");
        MaintenanceDocumentEntry maintenanceDocumentEntry = getMaintenanceDocumentEntry(str);
        if (maintenanceDocumentEntry != null && (determineClass = determineClass(this.moduleName, maintenanceDocumentEntry)) != null) {
            if (!isAuthorized(determineClass)) {
                return Response.status(Response.Status.FORBIDDEN).build();
            }
            PersistableBusinessObject findBusinessObject = findBusinessObject(determineClass, str2);
            return findBusinessObject == null ? Response.status(Response.Status.NOT_FOUND).build() : !isAuthorizedByAccessSecurity(findBusinessObject) ? Response.status(Response.Status.FORBIDDEN).build() : Response.ok(getSerializationService().businessObjectToJson(determineClass, findBusinessObject, getSerializationService().findBusinessObjectFields(maintenanceDocumentEntry), getPerson())).build();
        }
        return Response.status(Response.Status.NOT_FOUND).build();
    }

    protected <T extends PersistableBusinessObject> T findBusinessObject(Class<T> cls, String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("objectId", str);
        Collection findMatching = getBusinessObjectService().findMatching(cls, hashMap);
        if (findMatching.size() != 1) {
            return null;
        }
        return (T) findMatching.iterator().next();
    }

    protected <T extends PersistableBusinessObject> Map<String, Object> searchBusinessObjects(Class<T> cls, UriInfo uriInfo, MaintenanceDocumentEntry maintenanceDocumentEntry) {
        List listFieldNames = getPersistenceStructureService().listFieldNames(cls);
        List<String> businessObjectFieldList = getSerializationService().getBusinessObjectFieldList(maintenanceDocumentEntry);
        Map<String, Object> findBusinessObjectFields = getSerializationService().findBusinessObjectFields(maintenanceDocumentEntry);
        ArrayList arrayList = new ArrayList((List) findBusinessObjectFields.get(SerializationService.FIELDS_KEY));
        arrayList.retainAll(listFieldNames);
        MultivaluedMap<String, String> queryParameters = uriInfo.getQueryParameters();
        Map<String, String> searchQueryCriteria = getSearchParameterService().getSearchQueryCriteria(queryParameters, businessObjectFieldList);
        int intQueryParameter = getSearchParameterService().getIntQueryParameter(KFSConstants.Search.SKIP, queryParameters);
        int limit = getSearchParameterService().getLimit(cls, queryParameters);
        Instant dateQueryParameter = getSearchParameterService().getDateQueryParameter(KFSConstants.Search.UPDATED_BEFORE, queryParameters);
        Instant dateQueryParameter2 = getSearchParameterService().getDateQueryParameter(KFSConstants.Search.UPDATED_AFTER, queryParameters);
        String[] sortCriteria = getSearchParameterService().getSortCriteria(cls, queryParameters, arrayList);
        HashMap hashMap = new HashMap();
        hashMap.put("sort", sortCriteria);
        hashMap.put(KFSConstants.Search.SKIP, Integer.valueOf(intQueryParameter));
        hashMap.put(KFSConstants.Search.LIMIT, Integer.valueOf(limit));
        hashMap.put("query", searchQueryCriteria);
        hashMap.put(KFSConstants.Search.UPDATED_BEFORE, queryParameters.getFirst(KFSConstants.Search.UPDATED_BEFORE));
        hashMap.put(KFSConstants.Search.UPDATED_AFTER, queryParameters.getFirst(KFSConstants.Search.UPDATED_AFTER));
        hashMap.put(KFSConstants.Search.TOTAL_COUNT, Integer.valueOf(getBusinessObjectService().countMatching(cls, searchQueryCriteria, dateQueryParameter, dateQueryParameter2)));
        Collection findMatching = getBusinessObjectService().findMatching(cls, searchQueryCriteria, intQueryParameter, limit, dateQueryParameter, dateQueryParameter2, sortCriteria);
        if (findMatching.size() < 1) {
            hashMap.put("results", new ArrayList());
            return hashMap;
        }
        ArrayList arrayList2 = new ArrayList();
        Iterator it = findMatching.iterator();
        while (it.hasNext()) {
            arrayList2.add(getSerializationService().businessObjectToJson(cls, (PersistableBusinessObject) it.next(), findBusinessObjectFields, getPerson()));
        }
        hashMap.put("results", arrayList2);
        return hashMap;
    }

    protected Class<PersistableBusinessObject> determineClass(String str, MaintenanceDocumentEntry maintenanceDocumentEntry) {
        ModuleService determineModuleService = determineModuleService(str);
        if (determineModuleService == null) {
            return null;
        }
        Class dataObjectClass = maintenanceDocumentEntry.getDataObjectClass();
        if (determineModuleService.getModuleConfiguration().getPackagePrefixes().stream().anyMatch(str2 -> {
            return dataObjectClass.getName().startsWith(str2);
        }) && PersistableBusinessObject.class.isAssignableFrom(dataObjectClass)) {
            return dataObjectClass;
        }
        return null;
    }

    protected MaintenanceDocumentEntry getMaintenanceDocumentEntry(String str) {
        if (StringUtils.isNotBlank(str)) {
            return (MaintenanceDocumentEntry) getDataDictionaryService().getDataDictionary().getDocumentEntry(str.length() < 5 ? str.toUpperCase() : str);
        }
        return null;
    }

    protected ModuleService determineModuleService(String str) {
        for (ModuleService moduleService : getKualiModuleService().getInstalledModuleServices()) {
            if (moduleService.getModuleConfiguration().getNamespaceCode().toUpperCase().contains(StringUtils.upperCase(str))) {
                return moduleService;
            }
        }
        return null;
    }

    protected boolean isAuthorized(Class<PersistableBusinessObject> cls) {
        return getPermissionService().isAuthorizedByTemplate(getPrincipalId(), "KR-NS", KimConstants.PermissionTemplateNames.INQUIRE_INTO_RECORDS, KRADUtils.getNamespaceAndComponentSimpleName(cls), Collections.emptyMap()) && getPermissionService().isAuthorizedByTemplate(getPrincipalId(), "KR-NS", KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS, KRADUtils.getNamespaceAndComponentSimpleName(cls), Collections.emptyMap());
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected boolean isAuthorizedByAccessSecurity(PersistableBusinessObject persistableBusinessObject) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(persistableBusinessObject);
        applySecurityRestrictionsForInquiry(persistableBusinessObject.getClass(), arrayList);
        return !arrayList.isEmpty();
    }

    protected void applySecurityRestrictionsForInquiry(Class<? extends PersistableBusinessObject> cls, List<PersistableBusinessObject> list) {
        AccessSecurityService accessSecurityService2 = getAccessSecurityService();
        if (accessSecurityService2 != null) {
            accessSecurityService2.applySecurityRestrictions(list, getPerson(), accessSecurityService2.getInquiryWithFieldValueTemplate(), Collections.singletonMap("namespaceCode", KRADUtils.getNamespaceCode(cls)));
        }
    }

    protected String getPrincipalId() {
        return getPerson().getPrincipalId();
    }

    protected Person getPerson() {
        return KRADUtils.getUserSessionFromRequest(this.servletRequest).getPerson();
    }

    protected KualiModuleService getKualiModuleService() {
        if (kualiModuleService == null) {
            kualiModuleService = (KualiModuleService) SpringContext.getBean(KualiModuleService.class);
        }
        return kualiModuleService;
    }

    protected BusinessObjectService getBusinessObjectService() {
        if (businessObjectService == null) {
            businessObjectService = (BusinessObjectService) SpringContext.getBean(BusinessObjectService.class);
        }
        return businessObjectService;
    }

    protected static BusinessObjectAuthorizationService getBusinessObjectAuthorizationService() {
        if (businessObjectAuthorizationService == null) {
            businessObjectAuthorizationService = (BusinessObjectAuthorizationService) SpringContext.getBean(BusinessObjectAuthorizationService.class);
        }
        return businessObjectAuthorizationService;
    }

    protected ConfigurationService getConfigurationService() {
        if (configurationService == null) {
            configurationService = (ConfigurationService) SpringContext.getBean(ConfigurationService.class);
        }
        return configurationService;
    }

    protected PermissionService getPermissionService() {
        if (permissionService == null) {
            permissionService = (PermissionService) SpringContext.getBean(PermissionService.class);
        }
        return permissionService;
    }

    protected AccessSecurityService getAccessSecurityService() {
        if (!getConfigurationService().getPropertyValueAsBoolean(SecConstants.ACCESS_SECURITY_MODULE_ENABLED_PROPERTY_NAME)) {
            return null;
        }
        if (accessSecurityService == null) {
            accessSecurityService = (AccessSecurityService) SpringContext.getBean(AccessSecurityService.class);
        }
        return accessSecurityService;
    }

    protected static DataDictionaryService getDataDictionaryService() {
        if (dataDictionaryService == null) {
            dataDictionaryService = (DataDictionaryService) SpringContext.getBean(DataDictionaryService.class);
        }
        return dataDictionaryService;
    }

    protected PersistenceStructureService getPersistenceStructureService() {
        if (persistenceStructureService == null) {
            persistenceStructureService = (PersistenceStructureService) SpringContext.getBean(PersistenceStructureService.class);
        }
        return persistenceStructureService;
    }

    protected SearchParameterService getSearchParameterService() {
        if (searchParameterService == null) {
            searchParameterService = (SearchParameterService) SpringContext.getBean(SearchParameterService.class);
        }
        return searchParameterService;
    }

    protected SerializationService getSerializationService() {
        if (serializationService == null) {
            serializationService = (SerializationService) SpringContext.getBean(SerializationService.class);
        }
        return serializationService;
    }

    public static void setKualiModuleService(KualiModuleService kualiModuleService2) {
        kualiModuleService = kualiModuleService2;
    }

    public static void setBusinessObjectService(BusinessObjectService businessObjectService2) {
        businessObjectService = businessObjectService2;
    }

    public static void setBusinessObjectAuthorizationService(BusinessObjectAuthorizationService businessObjectAuthorizationService2) {
        businessObjectAuthorizationService = businessObjectAuthorizationService2;
    }

    public static void setConfigurationService(ConfigurationService configurationService2) {
        configurationService = configurationService2;
    }

    public static void setPermissionService(PermissionService permissionService2) {
        permissionService = permissionService2;
    }

    public static void setAccessSecurityService(AccessSecurityService accessSecurityService2) {
        accessSecurityService = accessSecurityService2;
    }

    public static void setDataDictionaryService(DataDictionaryService dataDictionaryService2) {
        dataDictionaryService = dataDictionaryService2;
    }

    public static void setPersistenceStructureService(PersistenceStructureService persistenceStructureService2) {
        persistenceStructureService = persistenceStructureService2;
    }

    public static void setSearchParameterService(SearchParameterService searchParameterService2) {
        searchParameterService = searchParameterService2;
    }

    public static void setSerializationService(SerializationService serializationService2) {
        serializationService = serializationService2;
    }
}
