package org.kuali.coeus.common.permissions.impl.rules;

import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.kuali.coeus.common.framework.person.KcPersonService;
import org.kuali.coeus.common.permissions.impl.bo.PermissionsRoleState;
import org.kuali.coeus.common.permissions.impl.bo.PermissionsUser;
import org.kuali.coeus.common.permissions.impl.bo.PermissionsUserEditRoles;
import org.kuali.coeus.common.permissions.impl.rule.PermissionsRule;
import org.kuali.coeus.common.permissions.impl.web.bean.Role;
import org.kuali.coeus.common.permissions.impl.web.bean.User;
import org.kuali.coeus.sys.framework.rule.KcTransactionalDocumentRuleBase;
import org.kuali.coeus.sys.framework.service.KcServiceLocator;
import org.kuali.kra.infrastructure.Constants;
import org.kuali.kra.infrastructure.KeyConstants;
import org.kuali.rice.krad.document.Document;

/* loaded from: input_file:org/kuali/coeus/common/permissions/impl/rules/PermissionsRuleBase.class */
public abstract class PermissionsRuleBase extends KcTransactionalDocumentRuleBase implements PermissionsRule {
    private static final String USERNAME_FIELD_NAME = "userName";
    private transient KcPersonService kcPersonService;

    @Override // org.kuali.coeus.common.permissions.impl.rule.PermissionsRule
    public boolean processAddPermissionsUserBusinessRules(Document document, List<User> list, PermissionsUser permissionsUser) {
        boolean z = true;
        if (!isValidUser(permissionsUser.getUserName())) {
            z = false;
            reportError("newPermissionsUser.userName", KeyConstants.ERROR_UNKNOWN_USERNAME, new String[0]);
        } else if (isDuplicate(permissionsUser.getUserName(), list)) {
            z = false;
            reportError("newPermissionsUser.userName", KeyConstants.ERROR_DUPLICATE_PERMISSIONS_USER, new String[0]);
        }
        return z;
    }

    @Override // org.kuali.coeus.common.permissions.impl.rule.PermissionsRule
    public boolean processDeletePermissionsUserBusinessRules(Document document, List<User> list, int i) {
        boolean z = true;
        String administratorRoleName = getAdministratorRoleName();
        if (administratorRoleName != null && isLastAdministrator(list.get(i).getPerson().getUserName(), list, administratorRoleName)) {
            z = false;
            reportError(Constants.PERMISSION_USERS_PROPERTY_KEY, KeyConstants.ERROR_PERMISSIONS_LAST_ADMINSTRATOR, administratorRoleName);
        }
        return z;
    }

    @Override // org.kuali.coeus.common.permissions.impl.rule.PermissionsRule
    public boolean processEditPermissionsUserRolesBusinessRules(Document document, List<User> list, PermissionsUserEditRoles permissionsUserEditRoles) {
        boolean z = true;
        String administratorRoleName = getAdministratorRoleName();
        if (administratorRoleName != null) {
            if (hasAdministrator(permissionsUserEditRoles, administratorRoleName) && hasNonAdministrator(permissionsUserEditRoles, administratorRoleName)) {
                z = false;
                reportError(Constants.PERMISSIONS_EDIT_ROLES_PROPERTY_KEY, KeyConstants.ERROR_PERMISSIONS_ADMINSTRATOR_INCLUSIVE, administratorRoleName);
            } else if (!hasAdministrator(permissionsUserEditRoles, administratorRoleName) && isLastAdministrator(permissionsUserEditRoles.getUserName(), list, administratorRoleName)) {
                z = false;
                reportError(Constants.PERMISSIONS_EDIT_ROLES_PROPERTY_KEY, KeyConstants.ERROR_PERMISSIONS_LAST_ADMINSTRATOR, administratorRoleName);
            }
        }
        return z;
    }

    protected abstract String getAdministratorRoleName();

    private boolean hasAdministrator(PermissionsUserEditRoles permissionsUserEditRoles, String str) {
        for (PermissionsRoleState permissionsRoleState : permissionsUserEditRoles.getRoleStates()) {
            if (permissionsRoleState.getState().booleanValue() && StringUtils.equals(permissionsRoleState.getRole().getName(), str)) {
                return true;
            }
        }
        return false;
    }

    private boolean hasNonAdministrator(PermissionsUserEditRoles permissionsUserEditRoles, String str) {
        for (PermissionsRoleState permissionsRoleState : permissionsUserEditRoles.getRoleStates()) {
            if (permissionsRoleState.getState().booleanValue() && !StringUtils.equals(permissionsRoleState.getRole().getName(), str)) {
                return true;
            }
        }
        return false;
    }

    private boolean isValidUser(String str) {
        return StringUtils.isNotBlank(str) && getKcPersonService().getKcPersonByUserName(str) != null;
    }

    protected KcPersonService getKcPersonService() {
        if (this.kcPersonService == null) {
            this.kcPersonService = (KcPersonService) KcServiceLocator.getService(KcPersonService.class);
        }
        return this.kcPersonService;
    }

    private boolean isDuplicate(String str, List<User> list) {
        Iterator<User> it = list.iterator();
        while (it.hasNext()) {
            if (StringUtils.equals(str, it.next().getPerson().getUserName())) {
                return true;
            }
        }
        return false;
    }

    private boolean isLastAdministrator(String str, List<User> list, String str2) {
        for (User user : list) {
            if (!StringUtils.equals(str, user.getPerson().getUserName())) {
                Iterator<Role> it = user.getRoles().iterator();
                while (it.hasNext()) {
                    if (StringUtils.equals(it.next().getName(), str2)) {
                        return false;
                    }
                }
            }
        }
        return true;
    }
}
