package org.kuali.rice.kns.document.authorization;

import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.kuali.rice.ken.util.NotificationConstants;
import org.kuali.rice.kew.dto.ProcessDTO;
import org.kuali.rice.kew.exception.WorkflowException;
import org.kuali.rice.kew.routeheader.service.RouteHeaderService;
import org.kuali.rice.kew.service.KEWServiceLocator;
import org.kuali.rice.kim.bo.Person;
import org.kuali.rice.kim.bo.impl.KimAttributes;
import org.kuali.rice.kim.bo.types.dto.AttributeSet;
import org.kuali.rice.kns.authorization.BusinessObjectAuthorizerBase;
import org.kuali.rice.kns.bo.BusinessObject;
import org.kuali.rice.kns.document.Document;
import org.kuali.rice.kns.service.KNSServiceLocator;
import org.kuali.rice.kns.workflow.service.KualiWorkflowDocument;

/* loaded from: input_file:org/kuali/rice/kns/document/authorization/DocumentAuthorizerBase.class */
public class DocumentAuthorizerBase extends BusinessObjectAuthorizerBase implements DocumentAuthorizer {
    protected static Log LOG = LogFactory.getLog(DocumentAuthorizerBase.class);
    public static final String PRE_ROUTING_ROUTE_NAME = "PreRoute";
    public static final String EDIT_MODE_DEFAULT_TRUE_VALUE = "TRUE";
    public static final String USER_SESSION_METHOD_TO_CALL_OBJECT_KEY = "METHOD_TO_CALL_KEYS_METHOD_OBJECT_KEY";
    public static final String USER_SESSION_METHOD_TO_CALL_COMPLETE_OBJECT_KEY = "METHOD_TO_CALL_KEYS_COMPLETE_OBJECT_KEY";
    public static final String USER_SESSION_METHOD_TO_CALL_COMPLETE_MARKER = "_EXITING";

    @Override // org.kuali.rice.kns.document.authorization.DocumentAuthorizer
    public Set<String> getDocumentActions(Document document, Person person, Set<String> set) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("calling DocumentAuthorizerBase.getDocumentActionFlags for document '" + document.getDocumentNumber() + "'. user '" + person.getPrincipalName() + "'");
        }
        if (set.contains("canEdit") && !isAuthorizedByTemplate(document, "KR-NS", "Edit Document", person.getPrincipalId())) {
            set.remove("canEdit");
        }
        if (set.contains("canCopy") && !isAuthorizedByTemplate(document, "KR-NS", "Copy Document", person.getPrincipalId())) {
            set.remove("canCopy");
        }
        if (set.contains("canBlanketApprove") && !isAuthorizedByTemplate(document, "KR-WKFLW", "Blanket Approve Document", person.getPrincipalId())) {
            set.remove("canBlanketApprove");
        }
        if (set.contains("canCancel") && !isAuthorizedByTemplate(document, "KR-WKFLW", "Cancel Document", person.getPrincipalId())) {
            set.remove("canCancel");
        }
        if (set.contains("canSave") && !isAuthorizedByTemplate(document, "KR-WKFLW", "Save Document", person.getPrincipalId())) {
            set.remove("canSave");
        }
        if (set.contains("canRoute") && !isAuthorizedByTemplate(document, "KR-WKFLW", "Route Document", person.getPrincipalId())) {
            set.remove("canRoute");
        }
        if (set.contains("canAcknowledge") && !canTakeRequestedAction(document, NotificationConstants.KEW_CONSTANTS.ACK_AD_HOC_ROUTE, person)) {
            set.remove("canAcknowledge");
        }
        if (set.contains("canFYI") && !canTakeRequestedAction(document, NotificationConstants.KEW_CONSTANTS.FYI_AD_HOC_ROUTE, person)) {
            set.remove("canFYI");
        }
        if ((set.contains("canApprove") || set.contains("canDisapprove")) && !canTakeRequestedAction(document, "A", person)) {
            set.remove("canApprove");
            set.remove("canDisapprove");
        }
        if (!canSendAnyTypeAdHocRequests(document, person)) {
            set.remove("canAddAdHocRequests");
            set.remove("canSendAdHocRequests");
            set.remove("canSendNoteFyi");
        }
        if (set.contains("canSendNoteFyi") && !canSendAdHocRequests(document, NotificationConstants.KEW_CONSTANTS.FYI_AD_HOC_ROUTE, person)) {
            set.remove("canSendNoteFyi");
        }
        if (set.contains("canAnnotate") && !set.contains("canEdit")) {
            set.remove("canAnnotate");
        }
        if (set.contains("canEditDocumentOverview") && !canEditDocumentOverview(document, person)) {
            set.remove("canEditDocumentOverview");
        }
        return set;
    }

    @Override // org.kuali.rice.kns.document.authorization.DocumentAuthorizer
    public final boolean canInitiate(String str, Person person) {
        AttributeSet attributeSet = new AttributeSet();
        attributeSet.put(KimAttributes.DOCUMENT_TYPE_NAME, str);
        return getIdentityManagementService().isAuthorizedByTemplateName(person.getPrincipalId(), "KR-SYS", "Initiate Document", attributeSet, (AttributeSet) null);
    }

    @Override // org.kuali.rice.kns.document.authorization.DocumentAuthorizer
    public final boolean canReceiveAdHoc(Document document, Person person, String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(KimAttributes.ACTION_REQUEST_CD, str);
        return isAuthorizedByTemplate(document, "KR-WKFLW", "Ad Hoc Review Document", person.getPrincipalId(), hashMap, null);
    }

    @Override // org.kuali.rice.kns.document.authorization.DocumentAuthorizer
    public final boolean canOpen(Document document, Person person) {
        return isAuthorizedByTemplate(document, "KR-NS", "Open Document", person.getPrincipalId());
    }

    @Override // org.kuali.rice.kns.document.authorization.DocumentAuthorizer
    public final boolean canAddNoteAttachment(Document document, String str, Person person) {
        HashMap hashMap = new HashMap();
        if (str != null) {
            hashMap.put(KimAttributes.ATTACHMENT_TYPE_CODE, str);
        }
        return isAuthorizedByTemplate(document, "KR-NS", "Add Note / Attachment", person.getPrincipalId(), hashMap, null);
    }

    @Override // org.kuali.rice.kns.document.authorization.DocumentAuthorizer
    public final boolean canDeleteNoteAttachment(Document document, String str, String str2, Person person) {
        HashMap hashMap = new HashMap();
        if (str != null) {
            hashMap.put(KimAttributes.ATTACHMENT_TYPE_CODE, str);
        }
        hashMap.put(KimAttributes.CREATED_BY_SELF, str2);
        return isAuthorizedByTemplate(document, "KR-NS", "Delete Note / Attachment", person.getPrincipalId(), hashMap, null);
    }

    @Override // org.kuali.rice.kns.document.authorization.DocumentAuthorizer
    public final boolean canViewNoteAttachment(Document document, String str, Person person) {
        HashMap hashMap = new HashMap();
        if (str != null) {
            hashMap.put(KimAttributes.ATTACHMENT_TYPE_CODE, str);
        }
        return isAuthorizedByTemplate(document, "KR-NS", "View Note / Attachment", person.getPrincipalId(), hashMap, null);
    }

    @Override // org.kuali.rice.kns.document.authorization.DocumentAuthorizer
    public final boolean canSendAdHocRequests(Document document, String str, Person person) {
        HashMap hashMap = new HashMap();
        if (str != null) {
            hashMap.put(KimAttributes.ACTION_REQUEST_CD, str);
        }
        return isAuthorizedByTemplate(document, "KR-NS", "Send Ad Hoc Request", person.getPrincipalId(), hashMap, null);
    }

    public boolean canEditDocumentOverview(Document document, Person person) {
        return isAuthorizedByTemplate(document, "KR-NS", "Edit Document", person.getPrincipalId()) && isDocumentInitiator(document, person);
    }

    protected final boolean canSendAnyTypeAdHocRequests(Document document, Person person) {
        if (!canSendAdHocRequests(document, NotificationConstants.KEW_CONSTANTS.FYI_AD_HOC_ROUTE, person)) {
            if (canSendAdHocRequests(document, NotificationConstants.KEW_CONSTANTS.ACK_AD_HOC_ROUTE, person)) {
                return true;
            }
            return canSendAdHocRequests(document, "A", person);
        }
        try {
            ProcessDTO primaryProcess = KNSServiceLocator.getWorkflowInfoService().getDocType(document.getDocumentHeader().getWorkflowDocument().getDocumentType()).getRoutePath().getPrimaryProcess();
            if (primaryProcess != null) {
                return primaryProcess.getInitialRouteNode() != null;
            }
            return false;
        } catch (WorkflowException e) {
            return false;
        }
    }

    protected boolean canTakeRequestedAction(Document document, String str, Person person) {
        HashMap hashMap = new HashMap();
        hashMap.put(KimAttributes.ACTION_REQUEST_CD, str);
        return isAuthorizedByTemplate(document, "KR-NS", "Take Requested Action", person.getPrincipalId(), hashMap, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.kuali.rice.kns.authorization.BusinessObjectAuthorizerBase
    public void addPermissionDetails(BusinessObject businessObject, Map<String, String> map) {
        super.addPermissionDetails(businessObject, map);
        if (businessObject instanceof Document) {
            addStandardAttributes((Document) businessObject, map);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.kuali.rice.kns.authorization.BusinessObjectAuthorizerBase
    public void addRoleQualification(BusinessObject businessObject, Map<String, String> map) {
        super.addRoleQualification(businessObject, map);
        if (businessObject instanceof Document) {
            addStandardAttributes((Document) businessObject, map);
        }
    }

    protected void addStandardAttributes(Document document, Map<String, String> map) {
        KualiWorkflowDocument workflowDocument = document.getDocumentHeader().getWorkflowDocument();
        map.put("documentNumber", document.getDocumentNumber());
        map.put(KimAttributes.DOCUMENT_TYPE_NAME, workflowDocument.getDocumentType());
        if (workflowDocument.stateIsInitiated() || workflowDocument.stateIsSaved()) {
            map.put("routeNodeName", PRE_ROUTING_ROUTE_NAME);
        } else {
            map.put("routeNodeName", workflowDocument.getCurrentRouteNodeNames());
        }
        map.put(KimAttributes.ROUTE_STATUS_CODE, workflowDocument.getRouteHeader().getDocRouteStatus());
    }

    protected boolean isDocumentInitiator(Document document, Person person) {
        return document.getDocumentHeader().getWorkflowDocument().getInitiatorPrincipalId().equalsIgnoreCase(person.getPrincipalId());
    }

    protected RouteHeaderService getRouteHeaderService() {
        return (RouteHeaderService) KEWServiceLocator.getService(KEWServiceLocator.DOC_ROUTE_HEADER_SRV);
    }
}
