package org.exist.security;

import eu.dnetlib.data.mdstore.modular.mongodb.MDStoreDaoImpl;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.exist.config.Configuration;
import org.exist.config.ConfigurationException;
import org.exist.config.Configurator;
import org.exist.config.Reference;
import org.exist.config.ReferenceImpl;
import org.exist.config.annotation.ConfigurationClass;
import org.exist.config.annotation.ConfigurationFieldAsElement;
import org.exist.config.annotation.ConfigurationReferenceBy;
import org.exist.security.internal.GroupImpl;

@ConfigurationClass("")
/* loaded from: input_file:WEB-INF/lib/exist-core-3.0.RC1.jar:org/exist/security/AbstractGroup.class */
public abstract class AbstractGroup extends AbstractPrincipal implements Comparable<Object>, Group {
    private static final Logger LOG = LogManager.getLogger((Class<?>) AbstractGroup.class);

    @ConfigurationFieldAsElement("manager")
    @ConfigurationReferenceBy("name")
    private List<Reference<SecurityManager, Account>> managers;

    @ConfigurationFieldAsElement(MDStoreDaoImpl.METADATA_NAME)
    private Map<String, String> metadata;

    public AbstractGroup(AbstractRealm abstractRealm, int i, String str, List<Account> list) throws ConfigurationException {
        super(abstractRealm, abstractRealm.collectionGroups, i, str);
        this.managers = new ArrayList();
        this.metadata = new HashMap();
        if (list != null) {
            Iterator<Account> it = list.iterator();
            while (it.hasNext()) {
                _addManager(it.next());
            }
        }
    }

    public AbstractGroup(AbstractRealm abstractRealm, String str) throws ConfigurationException {
        super(abstractRealm, abstractRealm.collectionGroups, -1, str);
        this.managers = new ArrayList();
        this.metadata = new HashMap();
    }

    public AbstractGroup(AbstractRealm abstractRealm, Configuration configuration) throws ConfigurationException {
        super(abstractRealm, configuration);
        this.managers = new ArrayList();
        this.metadata = new HashMap();
        if (this.configuration != null) {
            this.configuration = Configurator.configure(this, this.configuration);
        }
    }

    @Override // java.lang.Comparable
    public int compareTo(Object obj) {
        if (obj instanceof GroupImpl) {
            return this.name.compareTo(((GroupImpl) obj).name);
        }
        throw new IllegalArgumentException("wrong type");
    }

    @Override // java.security.Principal
    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("<group name=\"");
        sb.append(this.name);
        sb.append("\" id=\"");
        sb.append(Integer.toString(this.id));
        sb.append("\">");
        try {
            Iterator<Account> it = getManagers().iterator();
            while (it.hasNext()) {
                sb.append("<manager name=\"" + it.next().getUsername() + "\"/>");
            }
        } catch (Throwable th) {
            th.printStackTrace();
            sb.append("<manager error=\"" + th.getMessage() + "\"/>");
        }
        sb.append("</group>");
        return sb.toString();
    }

    @Override // org.exist.security.Group
    public void assertCanModifyGroup(Account account) throws PermissionDeniedException {
        if (account == null) {
            throw new PermissionDeniedException("Unspecified Account is not allowed to modify group '" + getName() + "'");
        }
        if (!account.hasDbaRole() && !isManager(account)) {
            throw new PermissionDeniedException("Account '" + account.getName() + "' is not allowed to modify group '" + getName() + "'");
        }
    }

    @Override // org.exist.security.Group
    public boolean isManager(Account account) {
        Iterator<Reference<SecurityManager, Account>> it = this.managers.iterator();
        while (it.hasNext()) {
            Account resolve = it.next().resolve();
            if (resolve != null && resolve.equals(account)) {
                return true;
            }
        }
        return false;
    }

    protected void _addManager(Account account) {
        Iterator<Reference<SecurityManager, Account>> it = this.managers.iterator();
        while (it.hasNext()) {
            String name = it.next().getName();
            if (name != null && name.equals(account.getName())) {
                return;
            }
        }
        this.managers.add(new ReferenceImpl(getRealm().getSecurityManager(), account, account.getName()));
    }

    @Override // org.exist.security.Group
    public void addManager(Account account) throws PermissionDeniedException {
        assertCanModifyGroup(getDatabase().getSubject());
        _addManager(account);
    }

    @Override // org.exist.security.Group
    public void addManagers(List<Account> list) throws PermissionDeniedException {
        if (list != null) {
            Iterator<Account> it = list.iterator();
            while (it.hasNext()) {
                addManager(it.next());
            }
        }
    }

    public void addManager(String str) throws PermissionDeniedException {
        assertCanModifyGroup(getDatabase().getSubject());
        Iterator<Reference<SecurityManager, Account>> it = this.managers.iterator();
        while (it.hasNext()) {
            String name = it.next().getName();
            if (name != null && name.equals(str)) {
                return;
            }
        }
        this.managers.add(new ReferenceImpl(getRealm().getSecurityManager(), "getAccount", str));
    }

    @Override // org.exist.security.Group
    public List<Account> getManagers() {
        HashSet hashSet = new HashSet();
        if (this.managers != null) {
            for (Reference<SecurityManager, Account> reference : this.managers) {
                Account resolve = reference.resolve();
                if (resolve != null) {
                    hashSet.add(resolve);
                } else {
                    LOG.warn("Unable to resolve reference to group manager '" + reference.getName() + "' for group '" + getName() + "'");
                }
            }
        }
        return new ArrayList(hashSet);
    }

    @Override // org.exist.security.Group
    public void removeManager(Account account) throws PermissionDeniedException {
        assertCanModifyGroup(getDatabase().getSubject());
        for (Reference<SecurityManager, Account> reference : this.managers) {
            if (reference.resolve().getName().equals(account.getName())) {
                this.managers.remove(reference);
                return;
            }
        }
    }

    public void setManagers(List<Reference<SecurityManager, Account>> list) {
        this.managers = list;
    }

    @Override // org.exist.security.Principal
    public String getMetadataValue(SchemaType schemaType) {
        return this.metadata.get(schemaType.getNamespace());
    }

    @Override // org.exist.security.Principal
    public void setMetadataValue(SchemaType schemaType, String str) {
        this.metadata.put(schemaType.getNamespace(), str);
    }

    @Override // org.exist.security.Principal
    public Set<SchemaType> getMetadataKeys() {
        HashSet hashSet = new HashSet();
        for (String str : this.metadata.keySet()) {
            if (AXSchemaType.valueOfNamespace(str) != null) {
                hashSet.add(AXSchemaType.valueOfNamespace(str));
            } else if (EXistSchemaType.valueOfNamespace(str) != null) {
                hashSet.add(EXistSchemaType.valueOfNamespace(str));
            }
        }
        return hashSet;
    }

    @Override // org.exist.security.Principal
    public void clearMetadata() {
        this.metadata.clear();
    }
}
