package org.kuali.kfs.kns.document.authorization;

import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.kuali.kfs.kns.bo.authorization.BusinessObjectAuthorizerBase;
import org.kuali.kfs.krad.document.Document;
import org.kuali.kfs.krad.service.KRADServiceLocatorWeb;
import org.kuali.rice.kew.api.KewApiServiceLocator;
import org.kuali.rice.kew.api.WorkflowDocument;
import org.kuali.rice.kew.api.action.ActionType;
import org.kuali.rice.kew.api.doctype.ProcessDefinition;
import org.kuali.rice.kim.api.KimConstants;
import org.kuali.rice.kim.api.identity.Person;
import org.kuali.rice.krad.bo.BusinessObject;

/* loaded from: input_file:WEB-INF/lib/kfs-kns-2016-12-08.jar:org/kuali/kfs/kns/document/authorization/DocumentAuthorizerBase.class */
public class DocumentAuthorizerBase extends BusinessObjectAuthorizerBase implements DocumentAuthorizer {
    protected static Log LOG = LogFactory.getLog(DocumentAuthorizerBase.class);
    public static final String PRE_ROUTING_ROUTE_NAME = "PreRoute";
    public static final String EDIT_MODE_DEFAULT_TRUE_VALUE = "TRUE";
    public static final String USER_SESSION_METHOD_TO_CALL_OBJECT_KEY = "METHOD_TO_CALL_KEYS_METHOD_OBJECT_KEY";
    public static final String USER_SESSION_METHOD_TO_CALL_COMPLETE_OBJECT_KEY = "METHOD_TO_CALL_KEYS_COMPLETE_OBJECT_KEY";
    public static final String USER_SESSION_METHOD_TO_CALL_COMPLETE_MARKER = "_EXITING";

    public Set<String> getDocumentActions(Document document, Person person, Set<String> set) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("calling DocumentAuthorizerBase.getDocumentActionFlags for document '" + document.getDocumentNumber() + "'. user '" + person.getPrincipalName() + "'");
        }
        if (set.contains("canEdit") && !canEdit(document, person)) {
            set.remove("canEdit");
        }
        if (set.contains("canCopy") && !canCopy(document, person)) {
            set.remove("canCopy");
        }
        if (set.contains("canClose") && !canClose(document, person)) {
            set.remove("canClose");
        }
        if (set.contains("canReload") && !canReload(document, person)) {
            set.remove("canReload");
        }
        if (set.contains("canBlanketApprove") && !canBlanketApprove(document, person)) {
            set.remove("canBlanketApprove");
        }
        if (set.contains("canCancel") && !canCancel(document, person)) {
            set.remove("canCancel");
        }
        if (set.contains("canRecall") && !canRecall(document, person)) {
            set.remove("canRecall");
        }
        if (set.contains("canSave") && !canSave(document, person)) {
            set.remove("canSave");
        }
        if (set.contains("canRoute") && !canRoute(document, person)) {
            set.remove("canRoute");
        }
        if (set.contains("canAcknowledge") && !canAcknowledge(document, person)) {
            set.remove("canAcknowledge");
        }
        if (set.contains("canFYI") && !canFyi(document, person)) {
            set.remove("canFYI");
        }
        if (set.contains("canApprove") && !canApprove(document, person)) {
            set.remove("canApprove");
        }
        if (set.contains("canDisapprove") && !canDisapprove(document, person)) {
            set.remove("canDisapprove");
        }
        if (!canSendAnyTypeAdHocRequests(document, person)) {
            set.remove("canAddAdHocRequests");
            set.remove("canSendAdHocRequests");
            set.remove("canSendNoteFyi");
        }
        if (set.contains("canSendNoteFyi") && !canSendNoteFyi(document, person)) {
            set.remove("canSendNoteFyi");
        }
        if (set.contains("canAnnotate") && !canAnnotate(document, person)) {
            set.remove("canAnnotate");
        }
        if (set.contains("canEditDocumentOverview") && !canEditDocumentOverview(document, person)) {
            set.remove("canEditDocumentOverview");
        }
        if (set.contains("canPerformRouteReport") && !canPerformRouteReport(document, person)) {
            set.remove("canPerformRouteReport");
        }
        return set;
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canInitiate(String str, Person person) {
        HashMap hashMap = new HashMap();
        hashMap.put("documentTypeName", str);
        return getPermissionService().isAuthorizedByTemplate(person.getPrincipalId(), "KR-SYS", "Initiate Document", hashMap, Collections.emptyMap());
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canEdit(Document document, Person person) {
        return document.getDocumentHeader().getWorkflowDocument().isCompletionRequested() || isAuthorizedByTemplate((BusinessObject) document, "KR-NS", KimConstants.PermissionTemplateNames.EDIT_DOCUMENT, person.getPrincipalId());
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canAnnotate(Document document, Person person) {
        return canEdit(document, person);
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canReload(Document document, Person person) {
        return true;
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canClose(Document document, Person person) {
        return true;
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canSave(Document document, Person person) {
        return isAuthorizedByTemplate((BusinessObject) document, "KR-WKFLW", "Save Document", person.getPrincipalId());
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canRoute(Document document, Person person) {
        return isAuthorizedByTemplate((BusinessObject) document, "KR-WKFLW", "Route Document", person.getPrincipalId());
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canCancel(Document document, Person person) {
        return document.getDocumentHeader().getWorkflowDocument().isCompletionRequested() || isAuthorizedByTemplate((BusinessObject) document, "KR-WKFLW", "Cancel Document", person.getPrincipalId());
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canRecall(Document document, Person person) {
        return KewApiServiceLocator.getWorkflowDocumentActionsService().determineValidActions(document.getDocumentNumber(), person.getPrincipalId()).getValidActions().contains(ActionType.RECALL);
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canCopy(Document document, Person person) {
        return isAuthorizedByTemplate((BusinessObject) document, "KR-NS", KimConstants.PermissionTemplateNames.COPY_DOCUMENT, person.getPrincipalId());
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canPerformRouteReport(Document document, Person person) {
        return true;
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canBlanketApprove(Document document, Person person) {
        return isAuthorizedByTemplate((BusinessObject) document, "KR-WKFLW", "Blanket Approve Document", person.getPrincipalId());
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canApprove(Document document, Person person) {
        return canTakeRequestedAction(document, "A", person);
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canDisapprove(Document document, Person person) {
        return canApprove(document, person);
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canSendNoteFyi(Document document, Person person) {
        return canSendAdHocRequests(document, "F", person);
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canFyi(Document document, Person person) {
        return canTakeRequestedAction(document, "F", person);
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canAcknowledge(Document document, Person person) {
        return canTakeRequestedAction(document, "K", person);
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canReceiveAdHoc(Document document, Person person, String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("actionRequestCd", str);
        return isAuthorizedByTemplate(document, "KR-WKFLW", "Ad Hoc Review Document", person.getPrincipalId(), hashMap, Collections.emptyMap());
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canOpen(Document document, Person person) {
        return isAuthorizedByTemplate((BusinessObject) document, "KR-NS", KimConstants.PermissionTemplateNames.OPEN_DOCUMENT, person.getPrincipalId());
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canAddNoteAttachment(Document document, String str, Person person) {
        HashMap hashMap = new HashMap();
        if (str != null) {
            hashMap.put(KimConstants.AttributeConstants.ATTACHMENT_TYPE_CODE, str);
        }
        return isAuthorizedByTemplate(document, "KR-NS", KimConstants.PermissionTemplateNames.ADD_NOTE_ATTACHMENT, person.getPrincipalId(), hashMap, Collections.emptyMap());
    }

    @Override // org.kuali.kfs.kns.document.authorization.DocumentAuthorizer, org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canDeleteNoteAttachment(Document document, String str, String str2, Person person) {
        HashMap hashMap = new HashMap();
        if (str != null) {
            hashMap.put(KimConstants.AttributeConstants.ATTACHMENT_TYPE_CODE, str);
        }
        hashMap.put(KimConstants.AttributeConstants.CREATED_BY_SELF, str2);
        return isAuthorizedByTemplate(document, "KR-NS", KimConstants.PermissionTemplateNames.DELETE_NOTE_ATTACHMENT, person.getPrincipalId(), hashMap, Collections.emptyMap());
    }

    @Override // org.kuali.kfs.kns.document.authorization.DocumentAuthorizer
    public boolean canViewNoteAttachment(Document document, String str, Person person) {
        HashMap hashMap = new HashMap();
        if (str != null) {
            hashMap.put(KimConstants.AttributeConstants.ATTACHMENT_TYPE_CODE, str);
        }
        return isAuthorizedByTemplate(document, "KR-NS", KimConstants.PermissionTemplateNames.VIEW_NOTE_ATTACHMENT, person.getPrincipalId(), hashMap, Collections.emptyMap());
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canViewNoteAttachment(Document document, String str, String str2, Person person) {
        return canViewNoteAttachment(document, str, person);
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canSendAdHocRequests(Document document, String str, Person person) {
        HashMap hashMap = new HashMap();
        if (str != null) {
            hashMap.put("actionRequestCd", str);
        }
        return isAuthorizedByTemplate(document, "KR-NS", KimConstants.PermissionTemplateNames.SEND_AD_HOC_REQUEST, person.getPrincipalId(), hashMap, Collections.emptyMap());
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canEditDocumentOverview(Document document, Person person) {
        return isAuthorizedByTemplate((BusinessObject) document, "KR-NS", KimConstants.PermissionTemplateNames.EDIT_DOCUMENT, person.getPrincipalId()) && isDocumentInitiator(document, person);
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canSendAnyTypeAdHocRequests(Document document, Person person) {
        if (canSendAdHocRequests(document, "F", person)) {
            ProcessDefinition primaryProcess = KewApiServiceLocator.getDocumentTypeService().getRoutePathForDocumentTypeName(document.getDocumentHeader().getWorkflowDocument().getDocumentTypeName()).getPrimaryProcess();
            return (primaryProcess == null || primaryProcess.getInitialRouteNode() == null) ? false : true;
        }
        if (canSendAdHocRequests(document, "K", person)) {
            return true;
        }
        return canSendAdHocRequests(document, "A", person);
    }

    @Override // org.kuali.kfs.krad.document.DocumentAuthorizer
    public boolean canTakeRequestedAction(Document document, String str, Person person) {
        HashMap hashMap = new HashMap();
        hashMap.put("actionRequestCd", str);
        return isAuthorizedByTemplate(document, "KR-NS", KimConstants.PermissionTemplateNames.TAKE_REQUESTED_ACTION, person.getPrincipalId(), hashMap, Collections.emptyMap());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.kuali.kfs.krad.bo.DataObjectAuthorizerBase
    public void addPermissionDetails(Object obj, Map<String, String> map) {
        super.addPermissionDetails(obj, map);
        if (obj instanceof Document) {
            addStandardAttributes((Document) obj, map);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.kuali.kfs.krad.bo.DataObjectAuthorizerBase
    public void addRoleQualification(Object obj, Map<String, String> map) {
        super.addRoleQualification(obj, map);
        if (obj instanceof Document) {
            addStandardAttributes((Document) obj, map);
        }
    }

    protected void addStandardAttributes(Document document, Map<String, String> map) {
        WorkflowDocument workflowDocument = document.getDocumentHeader().getWorkflowDocument();
        map.put("documentNumber", document.getDocumentNumber());
        map.put("documentTypeName", workflowDocument.getDocumentTypeName());
        if (workflowDocument.isInitiated() || workflowDocument.isSaved()) {
            map.put("routeNodeName", "PreRoute");
        } else {
            map.put("routeNodeName", KRADServiceLocatorWeb.getWorkflowDocumentService().getCurrentRouteNodeNames(workflowDocument));
        }
        map.put("routeStatusCode", workflowDocument.getStatus().getCode());
    }

    protected boolean isDocumentInitiator(Document document, Person person) {
        return document.getDocumentHeader().getWorkflowDocument().getInitiatorPrincipalId().equalsIgnoreCase(person.getPrincipalId());
    }
}
