package org.kuali.rice.kns.service.impl;

import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.beanutils.PropertyUtils;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.kuali.rice.core.api.CoreApiServiceLocator;
import org.kuali.rice.core.api.config.property.ConfigurationService;
import org.kuali.rice.kim.api.KimConstants;
import org.kuali.rice.kim.api.identity.Person;
import org.kuali.rice.kim.api.permission.PermissionService;
import org.kuali.rice.kim.api.services.KimApiServiceLocator;
import org.kuali.rice.kns.authorization.BusinessObjectAuthorizer;
import org.kuali.rice.kns.bo.authorization.InquiryOrMaintenanceDocumentAuthorizer;
import org.kuali.rice.kns.bo.authorization.InquiryOrMaintenanceDocumentPresentationController;
import org.kuali.rice.kns.datadictionary.BusinessObjectEntry;
import org.kuali.rice.kns.datadictionary.FieldDefinition;
import org.kuali.rice.kns.datadictionary.InquiryCollectionDefinition;
import org.kuali.rice.kns.datadictionary.InquirySectionDefinition;
import org.kuali.rice.kns.datadictionary.MaintainableCollectionDefinition;
import org.kuali.rice.kns.datadictionary.MaintainableItemDefinition;
import org.kuali.rice.kns.datadictionary.MaintainableSectionDefinition;
import org.kuali.rice.kns.document.MaintenanceDocument;
import org.kuali.rice.kns.document.authorization.BusinessObjectRestrictions;
import org.kuali.rice.kns.document.authorization.BusinessObjectRestrictionsBase;
import org.kuali.rice.kns.document.authorization.InquiryOrMaintenanceDocumentRestrictions;
import org.kuali.rice.kns.document.authorization.InquiryOrMaintenanceDocumentRestrictionsBase;
import org.kuali.rice.kns.document.authorization.MaintenanceDocumentAuthorizer;
import org.kuali.rice.kns.document.authorization.MaintenanceDocumentPresentationController;
import org.kuali.rice.kns.document.authorization.MaintenanceDocumentRestrictions;
import org.kuali.rice.kns.document.authorization.MaintenanceDocumentRestrictionsBase;
import org.kuali.rice.kns.inquiry.InquiryAuthorizer;
import org.kuali.rice.kns.inquiry.InquiryPresentationController;
import org.kuali.rice.kns.inquiry.InquiryRestrictions;
import org.kuali.rice.kns.service.BusinessObjectAuthorizationService;
import org.kuali.rice.kns.service.BusinessObjectDictionaryService;
import org.kuali.rice.kns.service.DocumentHelperService;
import org.kuali.rice.kns.service.KNSServiceLocator;
import org.kuali.rice.kns.service.MaintenanceDocumentDictionaryService;
import org.kuali.rice.krad.bo.BusinessObject;
import org.kuali.rice.krad.datadictionary.AttributeDefinition;
import org.kuali.rice.krad.datadictionary.DataObjectEntry;
import org.kuali.rice.krad.document.Document;
import org.kuali.rice.krad.service.DataDictionaryService;
import org.kuali.rice.krad.service.impl.DataObjectAuthorizationServiceImpl;
import org.kuali.rice.krad.util.KRADConstants;
import org.kuali.rice.krad.util.KRADUtils;
import org.kuali.rice.krad.util.LegacyDataFramework;
import org.kuali.rice.krad.util.ObjectUtils;

@LegacyDataFramework
@Deprecated
/* loaded from: input_file:WEB-INF/lib/rice-impl-2408.0004.jar:org/kuali/rice/kns/service/impl/BusinessObjectAuthorizationServiceImpl.class */
public class BusinessObjectAuthorizationServiceImpl extends DataObjectAuthorizationServiceImpl implements BusinessObjectAuthorizationService {
    private DataDictionaryService dataDictionaryService;
    private PermissionService permissionService;
    private BusinessObjectDictionaryService businessObjectDictionaryService;
    private DocumentHelperService documentHelperService;
    private MaintenanceDocumentDictionaryService maintenanceDocumentDictionaryService;
    private ConfigurationService kualiConfigurationService;

    @Override // org.kuali.rice.kns.service.BusinessObjectAuthorizationService
    public BusinessObjectRestrictions getLookupResultRestrictions(Object obj, Person person) {
        BusinessObjectRestrictionsBase businessObjectRestrictionsBase = new BusinessObjectRestrictionsBase();
        considerBusinessObjectFieldUnmaskAuthorization(obj, person, businessObjectRestrictionsBase, "", null);
        return businessObjectRestrictionsBase;
    }

    @Override // org.kuali.rice.kns.service.BusinessObjectAuthorizationService
    public InquiryRestrictions getInquiryRestrictions(BusinessObject businessObject, Person person) {
        InquiryRestrictions inquiryOrMaintenanceDocumentRestrictionsBase = new InquiryOrMaintenanceDocumentRestrictionsBase();
        BusinessObjectEntry businessObjectEntry = (BusinessObjectEntry) getDataDictionaryService().getDataDictionary().getBusinessObjectEntry(businessObject.getClass().getName());
        InquiryPresentationController inquiryPresentationController = getBusinessObjectDictionaryService().getInquiryPresentationController(businessObject.getClass());
        InquiryAuthorizer inquiryAuthorizer = getBusinessObjectDictionaryService().getInquiryAuthorizer(businessObject.getClass());
        considerBusinessObjectFieldUnmaskAuthorization(businessObject, person, inquiryOrMaintenanceDocumentRestrictionsBase, "", null);
        considerBusinessObjectFieldViewAuthorization(businessObjectEntry, businessObject, null, person, inquiryAuthorizer, inquiryOrMaintenanceDocumentRestrictionsBase, "");
        considerInquiryOrMaintenanceDocumentPresentationController(inquiryPresentationController, businessObject, inquiryOrMaintenanceDocumentRestrictionsBase);
        considerInquiryOrMaintenanceDocumentAuthorizer(inquiryAuthorizer, businessObject, person, inquiryOrMaintenanceDocumentRestrictionsBase);
        for (InquirySectionDefinition inquirySectionDefinition : businessObjectEntry.getInquiryDefinition().getInquirySections()) {
            if (inquirySectionDefinition.getInquiryCollections() != null) {
                addInquirableItemRestrictions(inquirySectionDefinition.getInquiryCollections().values(), inquiryAuthorizer, inquiryOrMaintenanceDocumentRestrictionsBase, businessObject, businessObject, "", person);
            }
            List<FieldDefinition> inquiryFields = inquirySectionDefinition.getInquiryFields();
            if (inquiryFields != null) {
                for (FieldDefinition fieldDefinition : inquiryFields) {
                    addInquirableItemRestrictions(inquiryFields, inquiryAuthorizer, inquiryOrMaintenanceDocumentRestrictionsBase, businessObject, businessObject, "", person);
                }
            }
        }
        return inquiryOrMaintenanceDocumentRestrictionsBase;
    }

    @Override // org.kuali.rice.kns.service.BusinessObjectAuthorizationService
    public MaintenanceDocumentRestrictions getMaintenanceDocumentRestrictions(MaintenanceDocument maintenanceDocument, Person person) {
        MaintenanceDocumentRestrictions maintenanceDocumentRestrictionsBase = new MaintenanceDocumentRestrictionsBase();
        DataObjectEntry dataObjectEntry = getDataDictionaryService().getDataDictionary().getDataObjectEntry(maintenanceDocument.getNewMaintainableObject().getDataObject().getClass().getName());
        MaintenanceDocumentPresentationController maintenanceDocumentPresentationController = (MaintenanceDocumentPresentationController) getDocumentHelperService().getDocumentPresentationController(maintenanceDocument);
        MaintenanceDocumentAuthorizer maintenanceDocumentAuthorizer = (MaintenanceDocumentAuthorizer) getDocumentHelperService().getDocumentAuthorizer(maintenanceDocument);
        considerBusinessObjectFieldUnmaskAuthorization(maintenanceDocument.getNewMaintainableObject().getDataObject(), person, maintenanceDocumentRestrictionsBase, "", maintenanceDocument);
        considerBusinessObjectFieldViewAuthorization(dataObjectEntry, maintenanceDocument.getNewMaintainableObject().getDataObject(), null, person, maintenanceDocumentAuthorizer, maintenanceDocumentRestrictionsBase, "");
        considerBusinessObjectFieldModifyAuthorization(dataObjectEntry, maintenanceDocument.getNewMaintainableObject().getDataObject(), null, person, maintenanceDocumentAuthorizer, maintenanceDocumentRestrictionsBase, "");
        considerCustomButtonFieldAuthorization(dataObjectEntry, maintenanceDocument.getNewMaintainableObject().getDataObject(), null, person, maintenanceDocumentAuthorizer, maintenanceDocumentRestrictionsBase, "");
        considerInquiryOrMaintenanceDocumentPresentationController(maintenanceDocumentPresentationController, maintenanceDocument, maintenanceDocumentRestrictionsBase);
        considerInquiryOrMaintenanceDocumentAuthorizer(maintenanceDocumentAuthorizer, maintenanceDocument, person, maintenanceDocumentRestrictionsBase);
        considerMaintenanceDocumentPresentationController(maintenanceDocumentPresentationController, maintenanceDocument, maintenanceDocumentRestrictionsBase);
        considerMaintenanceDocumentAuthorizer(maintenanceDocumentAuthorizer, maintenanceDocument, person, maintenanceDocumentRestrictionsBase);
        Iterator<MaintainableSectionDefinition> it = getMaintenanceDocumentDictionaryService().getMaintenanceDocumentEntry(maintenanceDocument.getDocumentHeader().getWorkflowDocument().getDocumentTypeName()).getMaintainableSections().iterator();
        while (it.hasNext()) {
            addMaintainableItemRestrictions(it.next().getMaintainableItems(), maintenanceDocumentAuthorizer, maintenanceDocumentRestrictionsBase, maintenanceDocument, maintenanceDocument.getNewMaintainableObject().getBusinessObject(), "", person);
        }
        return maintenanceDocumentRestrictionsBase;
    }

    protected void considerBusinessObjectFieldUnmaskAuthorization(Object obj, Person person, BusinessObjectRestrictions businessObjectRestrictions, String str, Document document) {
        DataObjectEntry dataObjectEntry = getDataDictionaryService().getDataDictionary().getDataObjectEntry(obj.getClass().getName());
        for (String str2 : dataObjectEntry.getAttributeNames()) {
            AttributeDefinition attributeDefinition = dataObjectEntry.getAttributeDefinition(str2);
            if (attributeDefinition.getAttributeSecurity() != null) {
                if (attributeDefinition.getAttributeSecurity().isMask() && !canFullyUnmaskField(person, obj.getClass(), str2, document)) {
                    businessObjectRestrictions.addFullyMaskedField(str + str2, attributeDefinition.getAttributeSecurity().getMaskFormatter());
                }
                if (attributeDefinition.getAttributeSecurity().isPartialMask() && !canPartiallyUnmaskField(person, obj.getClass(), str2, document)) {
                    businessObjectRestrictions.addPartiallyMaskedField(str + str2, attributeDefinition.getAttributeSecurity().getPartialMaskFormatter());
                }
            }
        }
    }

    protected void considerBusinessObjectFieldViewAuthorization(DataObjectEntry dataObjectEntry, Object obj, BusinessObject businessObject, Person person, BusinessObjectAuthorizer businessObjectAuthorizer, InquiryOrMaintenanceDocumentRestrictions inquiryOrMaintenanceDocumentRestrictions, String str) {
        for (String str2 : dataObjectEntry.getAttributeNames()) {
            AttributeDefinition attributeDefinition = dataObjectEntry.getAttributeDefinition(str2);
            if (attributeDefinition.getAttributeSecurity() != null && attributeDefinition.getAttributeSecurity().isHide()) {
                HashMap hashMap = new HashMap();
                HashMap hashMap2 = null;
                if (ObjectUtils.isNotNull(businessObject)) {
                    hashMap.putAll(getFieldPermissionDetails(businessObject, str2));
                    hashMap.putAll(businessObjectAuthorizer.getCollectionItemPermissionDetails(businessObject));
                    hashMap2 = new HashMap(businessObjectAuthorizer.getCollectionItemRoleQualifications(businessObject));
                } else {
                    hashMap.putAll(getFieldPermissionDetails(obj, str2));
                }
                if (!businessObjectAuthorizer.isAuthorizedByTemplate(obj, KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.VIEW_MAINTENANCE_INQUIRY_FIELD, person.getPrincipalId(), hashMap, hashMap2)) {
                    inquiryOrMaintenanceDocumentRestrictions.addHiddenField(str + str2);
                }
            }
        }
    }

    protected void considerBusinessObjectFieldModifyAuthorization(DataObjectEntry dataObjectEntry, Object obj, BusinessObject businessObject, Person person, BusinessObjectAuthorizer businessObjectAuthorizer, MaintenanceDocumentRestrictions maintenanceDocumentRestrictions, String str) {
        for (String str2 : dataObjectEntry.getAttributeNames()) {
            AttributeDefinition attributeDefinition = dataObjectEntry.getAttributeDefinition(str2);
            if (attributeDefinition.getAttributeSecurity() != null) {
                HashMap hashMap = new HashMap();
                HashMap hashMap2 = null;
                if (ObjectUtils.isNotNull(businessObject)) {
                    hashMap.putAll(getFieldPermissionDetails(businessObject, str2));
                    hashMap.putAll(businessObjectAuthorizer.getCollectionItemPermissionDetails(businessObject));
                    hashMap2 = new HashMap(businessObjectAuthorizer.getCollectionItemRoleQualifications(businessObject));
                } else {
                    hashMap.putAll(getFieldPermissionDetails(obj, str2));
                }
                if (attributeDefinition.getAttributeSecurity().isReadOnly() && !businessObjectAuthorizer.isAuthorizedByTemplate(obj, KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.MODIFY_FIELD, person.getPrincipalId(), hashMap, hashMap2)) {
                    maintenanceDocumentRestrictions.addReadOnlyField(str + str2);
                }
            }
        }
    }

    protected void considerCustomButtonFieldAuthorization(DataObjectEntry dataObjectEntry, Object obj, BusinessObject businessObject, Person person, BusinessObjectAuthorizer businessObjectAuthorizer, MaintenanceDocumentRestrictions maintenanceDocumentRestrictions, String str) {
        for (String str2 : dataObjectEntry.getAttributeNames()) {
            AttributeDefinition attributeDefinition = dataObjectEntry.getAttributeDefinition(str2);
            if (attributeDefinition.getControl() != null && attributeDefinition.getControl().isButton()) {
                HashMap hashMap = new HashMap();
                HashMap hashMap2 = null;
                if (ObjectUtils.isNotNull(businessObject)) {
                    hashMap.putAll(getButtonFieldPermissionDetails(businessObject, str2));
                    hashMap.putAll(businessObjectAuthorizer.getCollectionItemPermissionDetails(businessObject));
                    hashMap2 = new HashMap(businessObjectAuthorizer.getCollectionItemRoleQualifications(businessObject));
                } else {
                    getButtonFieldPermissionDetails(obj, str2);
                }
                if (!businessObjectAuthorizer.isAuthorizedByTemplate(obj, KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.PERFORM_CUSTOM_MAINTENANCE_DOCUMENT_FUNCTION, person.getPrincipalId(), hashMap, hashMap2)) {
                    maintenanceDocumentRestrictions.addHiddenField(str + str2);
                }
            }
        }
    }

    protected void considerInquiryOrMaintenanceDocumentPresentationController(InquiryOrMaintenanceDocumentPresentationController inquiryOrMaintenanceDocumentPresentationController, Object obj, InquiryOrMaintenanceDocumentRestrictions inquiryOrMaintenanceDocumentRestrictions) {
        Iterator<String> it = inquiryOrMaintenanceDocumentPresentationController.getConditionallyHiddenPropertyNames(obj).iterator();
        while (it.hasNext()) {
            inquiryOrMaintenanceDocumentRestrictions.addHiddenField(it.next());
        }
        Iterator<String> it2 = inquiryOrMaintenanceDocumentPresentationController.getConditionallyHiddenSectionIds(obj).iterator();
        while (it2.hasNext()) {
            inquiryOrMaintenanceDocumentRestrictions.addHiddenSectionId(it2.next());
        }
    }

    protected void considerInquiryOrMaintenanceDocumentAuthorizer(InquiryOrMaintenanceDocumentAuthorizer inquiryOrMaintenanceDocumentAuthorizer, Object obj, Person person, InquiryOrMaintenanceDocumentRestrictions inquiryOrMaintenanceDocumentRestrictions) {
        for (String str : inquiryOrMaintenanceDocumentAuthorizer.getSecurePotentiallyHiddenSectionIds()) {
            HashMap hashMap = new HashMap();
            hashMap.put(KimConstants.AttributeConstants.SECTION_ID, str);
            if (!inquiryOrMaintenanceDocumentAuthorizer.isAuthorizedByTemplate(obj, KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.VIEW_SECTION, person.getPrincipalId(), hashMap, null)) {
                inquiryOrMaintenanceDocumentRestrictions.addHiddenSectionId(str);
            }
        }
    }

    protected void considerMaintenanceDocumentPresentationController(MaintenanceDocumentPresentationController maintenanceDocumentPresentationController, MaintenanceDocument maintenanceDocument, MaintenanceDocumentRestrictions maintenanceDocumentRestrictions) {
        Iterator<String> it = maintenanceDocumentPresentationController.getConditionallyReadOnlyPropertyNames(maintenanceDocument).iterator();
        while (it.hasNext()) {
            maintenanceDocumentRestrictions.addReadOnlyField(it.next());
        }
        Iterator<String> it2 = maintenanceDocumentPresentationController.getConditionallyReadOnlySectionIds(maintenanceDocument).iterator();
        while (it2.hasNext()) {
            maintenanceDocumentRestrictions.addReadOnlySectionId(it2.next());
        }
    }

    protected void considerMaintenanceDocumentAuthorizer(MaintenanceDocumentAuthorizer maintenanceDocumentAuthorizer, MaintenanceDocument maintenanceDocument, Person person, MaintenanceDocumentRestrictions maintenanceDocumentRestrictions) {
        for (String str : maintenanceDocumentAuthorizer.getSecurePotentiallyReadOnlySectionIds()) {
            HashMap hashMap = new HashMap();
            hashMap.put(KimConstants.AttributeConstants.SECTION_ID, str);
            if (!maintenanceDocumentAuthorizer.isAuthorizedByTemplate(maintenanceDocument, KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.MODIFY_SECTION, person.getPrincipalId(), hashMap, null)) {
                maintenanceDocumentRestrictions.addReadOnlySectionId(str);
            }
        }
    }

    protected void addInquirableItemRestrictions(Collection collection, InquiryAuthorizer inquiryAuthorizer, InquiryRestrictions inquiryRestrictions, BusinessObject businessObject, BusinessObject businessObject2, String str, Person person) {
        for (Object obj : collection) {
            if (obj instanceof InquiryCollectionDefinition) {
                InquiryCollectionDefinition inquiryCollectionDefinition = (InquiryCollectionDefinition) obj;
                BusinessObjectEntry businessObjectEntry = (BusinessObjectEntry) getDataDictionaryService().getDataDictionary().getBusinessObjectEntry(inquiryCollectionDefinition.getBusinessObjectClass().getName());
                try {
                    int i = 0;
                    for (Object obj2 : (Collection) PropertyUtils.getProperty(businessObject2, inquiryCollectionDefinition.getName())) {
                        String str2 = str + inquiryCollectionDefinition.getName() + "[" + i + "].";
                        considerBusinessObjectFieldUnmaskAuthorization(obj2, person, inquiryRestrictions, str2, null);
                        if (obj2 instanceof BusinessObject) {
                            considerBusinessObjectFieldViewAuthorization(businessObjectEntry, businessObject, (BusinessObject) obj2, person, inquiryAuthorizer, inquiryRestrictions, str2);
                            addInquirableItemRestrictions(inquiryCollectionDefinition.getInquiryCollections(), inquiryAuthorizer, inquiryRestrictions, businessObject, (BusinessObject) obj2, str2, person);
                        }
                        i++;
                    }
                } catch (Exception e) {
                    throw new RuntimeException("Unable to resolve collection property: " + businessObject2.getClass() + ":" + inquiryCollectionDefinition.getName(), e);
                }
            }
        }
    }

    protected void addMaintainableItemRestrictions(List<? extends MaintainableItemDefinition> list, MaintenanceDocumentAuthorizer maintenanceDocumentAuthorizer, MaintenanceDocumentRestrictions maintenanceDocumentRestrictions, MaintenanceDocument maintenanceDocument, BusinessObject businessObject, String str, Person person) {
        for (MaintainableItemDefinition maintainableItemDefinition : list) {
            if (maintainableItemDefinition instanceof MaintainableCollectionDefinition) {
                try {
                    MaintainableCollectionDefinition maintainableCollectionDefinition = (MaintainableCollectionDefinition) maintainableItemDefinition;
                    Collection<BusinessObject> collection = (Collection) ObjectUtils.getNestedValue(businessObject, maintainableItemDefinition.getName());
                    DataObjectEntry dataObjectEntry = (BusinessObjectEntry) getDataDictionaryService().getDataDictionary().getBusinessObjectEntry(maintainableCollectionDefinition.getBusinessObjectClass().getName());
                    if (CollectionUtils.isNotEmpty(collection)) {
                        int i = 0;
                        for (BusinessObject businessObject2 : collection) {
                            String str2 = str + maintainableItemDefinition.getName() + "[" + i + "].";
                            considerBusinessObjectFieldUnmaskAuthorization(businessObject2, person, maintenanceDocumentRestrictions, str2, maintenanceDocument);
                            considerBusinessObjectFieldViewAuthorization(dataObjectEntry, maintenanceDocument, businessObject2, person, maintenanceDocumentAuthorizer, maintenanceDocumentRestrictions, str2);
                            considerBusinessObjectFieldModifyAuthorization(dataObjectEntry, maintenanceDocument, businessObject2, person, maintenanceDocumentAuthorizer, maintenanceDocumentRestrictions, str2);
                            addMaintainableItemRestrictions(((MaintainableCollectionDefinition) maintainableItemDefinition).getMaintainableCollections(), maintenanceDocumentAuthorizer, maintenanceDocumentRestrictions, maintenanceDocument, businessObject2, str2, person);
                            addMaintainableItemRestrictions(((MaintainableCollectionDefinition) maintainableItemDefinition).getMaintainableFields(), maintenanceDocumentAuthorizer, maintenanceDocumentRestrictions, maintenanceDocument, businessObject2, str2, person);
                            i++;
                        }
                    }
                } catch (Exception e) {
                    throw new RuntimeException("Unable to resolve collection property: " + businessObject.getClass() + ":" + maintainableItemDefinition.getName(), e);
                }
            }
        }
    }

    @Override // org.kuali.rice.kns.service.BusinessObjectAuthorizationService
    public boolean canFullyUnmaskField(Person person, Class<?> cls, String str, Document document) {
        if (isNonProductionEnvAndUnmaskingTurnedOff() || person == null || StringUtils.isEmpty(person.getPrincipalId())) {
            return false;
        }
        Boolean bool = null;
        if (document != null) {
            try {
                bool = Boolean.valueOf(getDocumentHelperService().getDocumentAuthorizer(document).isAuthorizedByTemplate(document, KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.FULL_UNMASK_FIELD, person.getPrincipalId(), getFieldPermissionDetails(cls, str), null));
            } catch (IllegalArgumentException e) {
            }
        }
        if (bool == null) {
            bool = Boolean.valueOf(getPermissionService().isAuthorizedByTemplate(person.getPrincipalId(), KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.FULL_UNMASK_FIELD, new HashMap(getFieldPermissionDetails(cls, str)), Collections.emptyMap()));
        }
        return bool.booleanValue();
    }

    @Override // org.kuali.rice.kns.service.BusinessObjectAuthorizationService
    public boolean canPartiallyUnmaskField(Person person, Class<?> cls, String str, Document document) {
        if (isNonProductionEnvAndUnmaskingTurnedOff() || person == null || StringUtils.isEmpty(person.getPrincipalId())) {
            return false;
        }
        return document == null ? getPermissionService().isAuthorizedByTemplate(person.getPrincipalId(), KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.PARTIAL_UNMASK_FIELD, new HashMap(getFieldPermissionDetails(cls, str)), Collections.emptyMap()) : getDocumentHelperService().getDocumentAuthorizer(document).isAuthorizedByTemplate(document, KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.PARTIAL_UNMASK_FIELD, person.getPrincipalId(), getFieldPermissionDetails(cls, str), Collections.emptyMap());
    }

    protected Map<String, String> getFieldPermissionDetails(Class<?> cls, String str) {
        try {
            return getFieldPermissionDetails(cls.newInstance(), str);
        } catch (Exception e) {
            throw new RuntimeException("The getPermissionDetails method of BusinessObjectAuthorizationServiceImpl was unable to instantiate the dataObjectClass" + cls, e);
        }
    }

    protected Map<String, String> getFieldPermissionDetails(Object obj, String str) {
        Map<String, String> namespaceAndComponentSimpleName = KRADUtils.getNamespaceAndComponentSimpleName(obj.getClass());
        namespaceAndComponentSimpleName.put("propertyName", str);
        return namespaceAndComponentSimpleName;
    }

    protected Map<String, String> getButtonFieldPermissionDetails(Object obj, String str) {
        HashMap hashMap = new HashMap();
        if (str.contains(".")) {
            hashMap.put(KimConstants.AttributeConstants.BUTTON_NAME, str);
        } else {
            hashMap.put(KimConstants.AttributeConstants.BUTTON_NAME, str);
        }
        return hashMap;
    }

    private PermissionService getPermissionService() {
        if (this.permissionService == null) {
            this.permissionService = KimApiServiceLocator.getPermissionService();
        }
        return this.permissionService;
    }

    private BusinessObjectDictionaryService getBusinessObjectDictionaryService() {
        if (this.businessObjectDictionaryService == null) {
            this.businessObjectDictionaryService = KNSServiceLocator.getBusinessObjectDictionaryService();
        }
        return this.businessObjectDictionaryService;
    }

    private MaintenanceDocumentDictionaryService getMaintenanceDocumentDictionaryService() {
        if (this.maintenanceDocumentDictionaryService == null) {
            this.maintenanceDocumentDictionaryService = KNSServiceLocator.getMaintenanceDocumentDictionaryService();
        }
        return this.maintenanceDocumentDictionaryService;
    }

    private ConfigurationService getKualiConfigurationService() {
        if (this.kualiConfigurationService == null) {
            this.kualiConfigurationService = CoreApiServiceLocator.getKualiConfigurationService();
        }
        return this.kualiConfigurationService;
    }

    private boolean isNonProductionEnvAndUnmaskingTurnedOff() {
        return (getKualiConfigurationService().getPropertyValueAsString("production.environment.code").equalsIgnoreCase(getKualiConfigurationService().getPropertyValueAsString("environment")) || getKualiConfigurationService().getPropertyValueAsBoolean(KRADConstants.ENABLE_NONPRODUCTION_UNMASKING)) ? false : true;
    }

    protected DocumentHelperService getDocumentHelperService() {
        return KNSServiceLocator.getDocumentHelperService();
    }
}
