package org.kuali.coeus.propdev.impl.auth.perm;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.TreeMap;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.kuali.coeus.common.api.sponsor.hierarchy.SponsorHierarchyService;
import org.kuali.coeus.common.framework.auth.perm.KcAuthorizationService;
import org.kuali.coeus.common.framework.custom.attr.CustomAttributeDocValue;
import org.kuali.coeus.common.framework.person.KcPerson;
import org.kuali.coeus.common.framework.person.KcPersonService;
import org.kuali.coeus.propdev.impl.attachment.LegacyNarrativeService;
import org.kuali.coeus.propdev.impl.coi.CoiConstants;
import org.kuali.coeus.propdev.impl.core.DevelopmentProposal;
import org.kuali.coeus.propdev.impl.core.ProposalDevelopmentConstants;
import org.kuali.coeus.propdev.impl.core.ProposalDevelopmentDocument;
import org.kuali.coeus.propdev.impl.docperm.AddProposalUserEvent;
import org.kuali.coeus.propdev.impl.docperm.DeleteProposalUserEvent;
import org.kuali.coeus.propdev.impl.docperm.EditUserProposalRolesEvent;
import org.kuali.coeus.propdev.impl.docperm.ProposalRoleService;
import org.kuali.coeus.propdev.impl.docperm.ProposalUserRoles;
import org.kuali.coeus.propdev.impl.person.ProposalPerson;
import org.kuali.kra.infrastructure.PermissionConstants;
import org.kuali.rice.coreservice.framework.parameter.ParameterService;
import org.kuali.rice.kim.api.identity.Person;
import org.kuali.rice.kim.api.identity.PersonService;
import org.kuali.rice.kim.api.role.Role;
import org.kuali.rice.krad.service.KualiRuleService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;

@Component("proposalDevelopmentPermissionsService")
/* loaded from: input_file:org/kuali/coeus/propdev/impl/auth/perm/ProposalDevelopmentPermissionsServiceImpl.class */
public class ProposalDevelopmentPermissionsServiceImpl implements ProposalDevelopmentPermissionsService {
    private static final Logger LOG = LogManager.getLogger(ProposalDevelopmentPermissionsServiceImpl.class);
    public static final String COI_REQUIREMENT = "COI_REQUIREMENT";
    public static final String PRINCIPAL_COI_KEY_PERSON = "PCK";
    public static final int HIERARCHY_LEVEL = 1;
    private static final String PARAMETER_DELIMITER = "\\s*,\\s*";

    @Autowired
    @Qualifier("sponsorHierarchyService")
    private SponsorHierarchyService sponsorHierarchyService;

    @Autowired
    @Qualifier("parameterService")
    private ParameterService parameterService;

    @Autowired
    @Qualifier("kcAuthorizationService")
    private KcAuthorizationService kraAuthorizationService;

    @Autowired
    @Qualifier("personService")
    private PersonService personService;

    @Autowired
    @Qualifier("kcPersonService")
    private KcPersonService kcPersonService;

    @Autowired
    @Qualifier("kualiRuleService")
    private KualiRuleService kualiRuleService;

    @Autowired
    @Qualifier("legacyNarrativeService")
    private LegacyNarrativeService narrativeService;

    @Autowired
    @Qualifier("proposalRoleService")
    private ProposalRoleService proposalRoleService;

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public List<ProposalUserRoles> getPermissions(ProposalDevelopmentDocument proposalDevelopmentDocument) {
        TreeMap treeMap = new TreeMap();
        for (Role role : this.proposalRoleService.getRolesForDisplay()) {
            Iterator<String> it = this.kraAuthorizationService.getPrincipalsInRole(role.getName(), proposalDevelopmentDocument).iterator();
            while (it.hasNext()) {
                KcPerson kcPersonByPersonId = getKcPersonService().getKcPersonByPersonId(it.next());
                if (kcPersonByPersonId != null) {
                    ProposalUserRoles proposalUserRoles = (ProposalUserRoles) treeMap.get(kcPersonByPersonId.getUserName());
                    if (proposalUserRoles != null) {
                        proposalUserRoles.addRoleName(role.getName());
                    } else {
                        ProposalUserRoles proposalUserRoles2 = new ProposalUserRoles();
                        proposalUserRoles2.setUsername(kcPersonByPersonId.getUserName());
                        proposalUserRoles2.setFullname(kcPersonByPersonId.getFullName());
                        proposalUserRoles2.addRoleName(role.getName());
                        treeMap.put(kcPersonByPersonId.getUserName(), proposalUserRoles2);
                    }
                } else {
                    LOG.error("Attempting to get roles for null user role!");
                }
            }
        }
        return new ArrayList(treeMap.values());
    }

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public void savePermissions(ProposalDevelopmentDocument proposalDevelopmentDocument, List<ProposalUserRoles> list, List<ProposalUserRoles> list2) {
        ArrayList arrayList = new ArrayList(list);
        arrayList.removeAll(list2);
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            deleteProposalUser((ProposalUserRoles) it.next(), proposalDevelopmentDocument);
        }
        ArrayList arrayList2 = new ArrayList(list2);
        arrayList2.removeAll(list);
        Iterator it2 = arrayList2.iterator();
        while (it2.hasNext()) {
            saveProposalUser((ProposalUserRoles) it2.next(), proposalDevelopmentDocument);
        }
    }

    public void deleteProposalUser(ProposalUserRoles proposalUserRoles, ProposalDevelopmentDocument proposalDevelopmentDocument) {
        Iterator<String> it = proposalUserRoles.getRoleNames().iterator();
        while (it.hasNext()) {
            this.kraAuthorizationService.removeDocumentLevelRole(getPersonId(proposalUserRoles.getUsername()), it.next(), proposalDevelopmentDocument);
        }
    }

    protected String getPersonId(String str) {
        return this.personService.getPersonByPrincipalName(str).getPrincipalId();
    }

    public void saveProposalUser(ProposalUserRoles proposalUserRoles, ProposalDevelopmentDocument proposalDevelopmentDocument) {
        Iterator<String> it = proposalUserRoles.getRoleNames().iterator();
        while (it.hasNext()) {
            this.kraAuthorizationService.addDocumentLevelRole(getPersonId(proposalUserRoles.getUsername()), it.next(), proposalDevelopmentDocument);
        }
    }

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public boolean hasCertificationPermissions(ProposalDevelopmentDocument proposalDevelopmentDocument, Person person, ProposalPerson proposalPerson) {
        return canCertify(person.getPrincipalId(), proposalPerson, canProxyCertify(proposalDevelopmentDocument, person));
    }

    protected boolean canCertify(String str, ProposalPerson proposalPerson, boolean z) {
        return (z || proposalPersonIsUser(str, proposalPerson)) && (proposalPerson.needsCertification() || !proposalPerson.getOptInCertificationStatus().booleanValue());
    }

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public boolean isKeyPersonRoleExempt(ProposalPerson proposalPerson) {
        return getExemptKeyPersonRoles().stream().anyMatch(str -> {
            return str.equalsIgnoreCase(proposalPerson.getProjectRole());
        });
    }

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public boolean doesSponsorRequireKeyPersonCertification(ProposalPerson proposalPerson) {
        return getSponsorHierarchyService().isSponsorInHierarchy(proposalPerson.getDevelopmentProposal().getSponsorCode(), getParameterService().getParameterValueAsString(ProposalDevelopmentDocument.class, CoiConstants.COI_SPONSOR_HIERARCHY), 1, getParameterService().getParameterValueAsString(ProposalDevelopmentDocument.class, CoiConstants.COI_SPONSOR_HEIRARCHY_LEVEL1));
    }

    protected List<String> getExemptKeyPersonRoles() {
        String parameterValueAsString = getParameterService().getParameterValueAsString(ProposalDevelopmentDocument.class, ProposalDevelopmentConstants.Parameters.KEY_PERSON_PROJECT_ROLE);
        return StringUtils.isEmpty(parameterValueAsString) ? Collections.emptyList() : Arrays.asList(parameterValueAsString.split(PARAMETER_DELIMITER));
    }

    protected boolean proposalPersonIsUser(String str, ProposalPerson proposalPerson) {
        if (proposalPerson.isNonEmployee()) {
            return false;
        }
        return proposalPerson.getPersonId().equals(str);
    }

    protected boolean canProxyCertify(ProposalDevelopmentDocument proposalDevelopmentDocument, Person person) {
        return getKraAuthorizationService().hasPermission(person.getPrincipalId(), proposalDevelopmentDocument, PermissionConstants.CERTIFY);
    }

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public boolean isPiCoiKeyPersonsForcedToDiscloseWithCustomData(DevelopmentProposal developmentProposal) {
        try {
            for (CustomAttributeDocValue customAttributeDocValue : developmentProposal.getProposalDocument().getCustomDataList()) {
                if (customAttributeDocValue.m1821getCustomAttribute().getName().equalsIgnoreCase(COI_REQUIREMENT) && PRINCIPAL_COI_KEY_PERSON.equals(customAttributeDocValue.getValue())) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            LOG.warn(e.getMessage(), e);
            return false;
        }
    }

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public boolean validateAddPermissions(ProposalDevelopmentDocument proposalDevelopmentDocument, List<ProposalUserRoles> list, ProposalUserRoles proposalUserRoles) {
        return getKualiRuleService().applyRules(new AddProposalUserEvent(proposalDevelopmentDocument, list, proposalUserRoles));
    }

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public boolean validateDeletePermissions(ProposalDevelopmentDocument proposalDevelopmentDocument, List<ProposalUserRoles> list, int i) {
        return getKualiRuleService().applyRules(new DeleteProposalUserEvent(proposalDevelopmentDocument, list, i));
    }

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public boolean validateUpdatePermissions(ProposalDevelopmentDocument proposalDevelopmentDocument, List<ProposalUserRoles> list, ProposalUserRoles proposalUserRoles) {
        return getKualiRuleService().applyRules(new EditUserProposalRolesEvent(proposalDevelopmentDocument, list, proposalUserRoles));
    }

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public void processAddPermission(ProposalDevelopmentDocument proposalDevelopmentDocument, ProposalUserRoles proposalUserRoles) {
        getNarrativeService().addPerson(proposalUserRoles.getUsername(), proposalDevelopmentDocument, proposalUserRoles.getRoleNames());
    }

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public void processDeletePermission(ProposalDevelopmentDocument proposalDevelopmentDocument, ProposalUserRoles proposalUserRoles) {
        getNarrativeService().deletePerson(getPersonService().getPersonByPrincipalName(proposalUserRoles.getUsername()).getPrincipalId(), proposalDevelopmentDocument);
    }

    @Override // org.kuali.coeus.propdev.impl.auth.perm.ProposalDevelopmentPermissionsService
    public void processUpdatePermission(ProposalDevelopmentDocument proposalDevelopmentDocument, ProposalUserRoles proposalUserRoles) {
        getNarrativeService().readjustRights(getPersonId(proposalUserRoles.getUsername()), proposalDevelopmentDocument, proposalUserRoles.getRoleNames());
    }

    public KcAuthorizationService getKraAuthorizationService() {
        return this.kraAuthorizationService;
    }

    public void setKraAuthorizationService(KcAuthorizationService kcAuthorizationService) {
        this.kraAuthorizationService = kcAuthorizationService;
    }

    public PersonService getPersonService() {
        return this.personService;
    }

    public void setPersonService(PersonService personService) {
        this.personService = personService;
    }

    public KcPersonService getKcPersonService() {
        return this.kcPersonService;
    }

    public void setKcPersonService(KcPersonService kcPersonService) {
        this.kcPersonService = kcPersonService;
    }

    public KualiRuleService getKualiRuleService() {
        return this.kualiRuleService;
    }

    public void setKualiRuleService(KualiRuleService kualiRuleService) {
        this.kualiRuleService = kualiRuleService;
    }

    public LegacyNarrativeService getNarrativeService() {
        return this.narrativeService;
    }

    public void setNarrativeService(LegacyNarrativeService legacyNarrativeService) {
        this.narrativeService = legacyNarrativeService;
    }

    public SponsorHierarchyService getSponsorHierarchyService() {
        return this.sponsorHierarchyService;
    }

    public void setSponsorHierarchyService(SponsorHierarchyService sponsorHierarchyService) {
        this.sponsorHierarchyService = sponsorHierarchyService;
    }

    public void setParameterService(ParameterService parameterService) {
        this.parameterService = parameterService;
    }

    protected ParameterService getParameterService() {
        return this.parameterService;
    }
}
