package com.appiancorp.miningdatasync.data;

import com.appiancorp.exceptions.InsufficientPrivilegesException;
import com.appiancorp.exceptions.ObjectNotFoundException;
import com.appiancorp.features.FeatureToggleClient;
import com.appiancorp.miningdatasync.data.MiningProcessProvider;
import com.appiancorp.miningdatasync.error.MiningProcessNotFoundException;
import com.appiancorp.miningdatasync.service.ProcessMiningApiService;
import com.appiancorp.security.acl.HasRoleMap;
import com.appiancorp.security.acl.Role;
import com.appiancorp.security.acl.RoleMap;
import com.appiancorp.security.acl.RoleMapEntry;
import com.appiancorp.security.acl.Roles;
import com.appiancorp.security.auth.SecurityContextProvider;
import com.appiancorp.security.changelog.EntityRoleMapUpdateResult;
import com.appiancorp.security.changelog.SecurityAuditLogger;
import com.appiancorp.security.user.service.EnsureCurrentUserIsInPrimaryDataSourceAspect;
import com.appiancorp.security.user.service.KdbRdbmsIdBinder;
import com.appiancorp.suiteapi.common.exceptions.AppianException;
import com.appiancorp.suiteapi.common.exceptions.ErrorCode;
import com.appiancorp.type.refs.UserRef;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import javax.transaction.Transactional;

/* loaded from: input_file:com/appiancorp/miningdatasync/data/MiningProcessServiceImpl.class */
public class MiningProcessServiceImpl implements MiningProcessService {
    private final MiningProcessDao miningProcessDao;
    private final KdbRdbmsIdBinder kdbRdbmsIdBinder;
    private final SecurityContextProvider scp;
    private final ProcessMiningApiService processMiningApiService;
    private final DataStewardAccessValidator dataStewardAccessValidator;
    private final SecurityAuditLogger securityAuditLogger;
    private final FeatureToggleClient featureToggleClient;

    public MiningProcessServiceImpl(MiningProcessDao miningProcessDao, KdbRdbmsIdBinder kdbRdbmsIdBinder, SecurityContextProvider securityContextProvider, ProcessMiningApiService processMiningApiService, DataStewardAccessValidator dataStewardAccessValidator, SecurityAuditLogger securityAuditLogger, FeatureToggleClient featureToggleClient) {
        this.miningProcessDao = miningProcessDao;
        this.kdbRdbmsIdBinder = kdbRdbmsIdBinder;
        this.scp = securityContextProvider;
        this.processMiningApiService = processMiningApiService;
        this.dataStewardAccessValidator = dataStewardAccessValidator;
        this.securityAuditLogger = securityAuditLogger;
        this.featureToggleClient = featureToggleClient;
    }

    @Transactional
    public Long create(MiningProcess miningProcess) throws InsufficientPrivilegesException {
        Iterator it = miningProcess.getMiningProcessProviders().iterator();
        while (it.hasNext()) {
            isCurrentUserDataStewardOfRecordType(((MiningProcessProvider) it.next()).getDataset().getRootRecordTypeUuid());
        }
        Long l = (Long) this.miningProcessDao.create(miningProcess);
        setInitialRoleMap(miningProcess);
        return l;
    }

    @Transactional
    public void update(MiningProcess miningProcess) throws AppianException {
        update(miningProcess, false);
    }

    @Transactional
    public void update(MiningProcess miningProcess, boolean z) throws AppianException {
        if (!this.scp.get().getUserRef().getUsername().equals("Administrator")) {
            checkSufficientPrivilegesForItem(miningProcess, Roles.MINING_PROCESS_ANALYST);
        }
        if (z) {
            this.processMiningApiService.setLogNameAndDescription(miningProcess.getLogId(), miningProcess.getName(), miningProcess.getDescription());
        }
        miningProcess.discardRoleMap();
        this.miningProcessDao.update(miningProcess);
    }

    @Transactional
    public MiningProcess getByName(String str) throws InsufficientPrivilegesException {
        MiningProcess byName = this.miningProcessDao.getByName(str);
        if (byName != null) {
            externalize(byName);
            checkSufficientPrivilegesForItem(byName, Roles.MINING_PROCESS_VIEWER);
        }
        return byName;
    }

    @Transactional
    public MiningProcess getById(Long l) throws InsufficientPrivilegesException {
        MiningProcess miningProcess = (MiningProcess) this.miningProcessDao.get(l);
        if (miningProcess != null) {
            externalize(miningProcess);
            if (!this.scp.get().getUserRef().getUsername().equals("Administrator")) {
                checkSufficientPrivilegesForItem(miningProcess, Roles.MINING_PROCESS_VIEWER);
            }
        }
        return miningProcess;
    }

    @Transactional
    public MiningProcess getByUuid(String str) throws InsufficientPrivilegesException {
        MiningProcess m1getByUuid = this.miningProcessDao.m1getByUuid(str);
        if (m1getByUuid != null) {
            externalize(m1getByUuid);
            checkSufficientPrivilegesForItem(m1getByUuid, Roles.MINING_PROCESS_VIEWER);
        }
        return m1getByUuid;
    }

    @Transactional
    public MiningProcess getByLogId(String str) throws InsufficientPrivilegesException {
        MiningProcess byLogId = this.miningProcessDao.getByLogId(str);
        if (byLogId != null) {
            externalize(byLogId);
            checkSufficientPrivilegesForItem(byLogId, Roles.MINING_PROCESS_VIEWER);
        }
        return byLogId;
    }

    @Transactional
    public List<MiningProcess> getAll() {
        List<MiningProcess> allWithContext = this.miningProcessDao.getAllWithContext(Roles.MINING_PROCESS_VIEWER, MiningProcess.ALL_ROLES, this.featureToggleClient.isFeatureEnabled("ae.mining-data-flow.case-record-type-data-stewards-as-process-admins"));
        Iterator<MiningProcess> it = allWithContext.iterator();
        while (it.hasNext()) {
            externalize(it.next());
        }
        return allWithContext;
    }

    @Transactional
    public void delete(String str) throws InsufficientPrivilegesException {
        checkSufficientPrivilegesForItem(this.miningProcessDao.getByLogId(str), Roles.MINING_PROCESS_ADMIN);
        this.miningProcessDao.deleteByLogId(str);
    }

    @Transactional
    public void deleteAll() {
        this.miningProcessDao.deleteAll();
    }

    @Transactional
    public Set<MiningProcessProvider> getProcessProviders(Long l) throws MiningProcessNotFoundException {
        return this.miningProcessDao.getProvidersById(l);
    }

    @Transactional
    public Set<MiningProcessProvider> getProcessProvidersByUuid(String str) throws MiningProcessNotFoundException {
        return this.miningProcessDao.getProvidersByUuid(str);
    }

    @Transactional
    public String getUuidByName(String str) {
        MiningProcess byName = this.miningProcessDao.getByName(str);
        if (byName == null) {
            return null;
        }
        return byName.getUuid();
    }

    public void checkSufficientPrivilegesInRoleMap(RoleMap roleMap, Role role) throws InsufficientPrivilegesException {
        UserRef userRef = this.scp.get().getUserRef();
        if (roleMap == null || role == null) {
            throw buildInsufficientPrivilegesException(userRef.getUsername(), null, ErrorCode.MINING_PROCESS_NOT_FOUND_INSUFFICIENT_PRIVILEGES);
        }
        RoleMapEntry roleMapEntry = (RoleMapEntry) roleMap.getEntriesByRole().get(role);
        Set set = (Set) this.kdbRdbmsIdBinder.fromRdbmsGroupRefToK(this.scp.get().getMemberGroupRefs()).values().stream().map((v0) -> {
            return v0.getId();
        }).collect(Collectors.toSet());
        if (roleMapEntry == null || !roleMapEntry.hasPermissionInRole(userRef.getUsername(), set)) {
            throw buildInsufficientPrivilegesException(userRef.getUsername(), null, ErrorCode.MINING_PROCESS_NOT_FOUND_INSUFFICIENT_PRIVILEGES);
        }
    }

    @Transactional
    public RoleMap getRoleMap(Long l) throws ObjectNotFoundException, InsufficientPrivilegesException {
        MiningProcess requireExistingProcess = requireExistingProcess(l);
        checkSufficientPrivilegesForItem(requireExistingProcess, Roles.MINING_PROCESS_VIEWER);
        return this.kdbRdbmsIdBinder.bindRoleMapFromRdbmsToK(requireExistingProcess.getRoleMap());
    }

    @Transactional
    @EnsureCurrentUserIsInPrimaryDataSourceAspect.RequiresCurrentUserInPrimaryDataSource
    public void setRoleMap(Long l, RoleMap roleMap, boolean z) throws ObjectNotFoundException, InsufficientPrivilegesException {
        RoleMap bindRoleMapFromKToRdbms = roleMap == null ? null : this.kdbRdbmsIdBinder.bindRoleMapFromKToRdbms(roleMap);
        HasRoleMap requireExistingProcess = requireExistingProcess(l);
        isCurrentUserDataStewardOfCaseRecordOfMiningProcess((MiningProcess) requireExistingProcess);
        EntityRoleMapUpdateResult roleMap2 = this.miningProcessDao.setRoleMap(requireExistingProcess, bindRoleMapFromKToRdbms);
        roleMap2.setName(requireExistingProcess.getName());
        roleMap2.setObjectUuid(requireExistingProcess.getUuid());
        roleMap2.setIsSystem(Boolean.valueOf(z));
        roleMap2.setUser(this.scp.get().getUserRef().getUsername());
        this.securityAuditLogger.logUpdate(roleMap2);
    }

    @EnsureCurrentUserIsInPrimaryDataSourceAspect.RequiresCurrentUserInPrimaryDataSource
    private void setInitialRoleMap(MiningProcess miningProcess) {
        this.miningProcessDao.setRoleMap(miningProcess, this.kdbRdbmsIdBinder.bindRoleMapFromKToRdbms(RoleMap.builder().users(Roles.MINING_PROCESS_ADMIN, new String[]{this.scp.get().getUserRef().getUsername()}).build()));
    }

    private void externalize(MiningProcess miningProcess) {
        if (miningProcess != null) {
            this.miningProcessDao.evict(miningProcess);
            miningProcess.setRoleMap(this.kdbRdbmsIdBinder.bindRoleMapFromRdbmsToK(miningProcess.getRoleMap()));
        }
    }

    private MiningProcess requireExistingProcess(Long l) throws ObjectNotFoundException {
        MiningProcess miningProcess = (MiningProcess) this.miningProcessDao.get(l);
        if (miningProcess == null) {
            throw new ObjectNotFoundException(l, ErrorCode.PERSISTED_NOT_FOUND, new Object[0]);
        }
        return miningProcess;
    }

    public void checkSufficientPrivilegesForItem(MiningProcess miningProcess, Role role) throws InsufficientPrivilegesException {
        if (Role.hasSufficientPrivileges(this.miningProcessDao.getUserRoleName(miningProcess), role, miningProcess.getRoles())) {
            return;
        }
        throw buildInsufficientPrivilegesException(this.scp.get().getUserRef().getUsername(), miningProcess.getId(), ErrorCode.MINING_PROCESS_NOT_FOUND_INSUFFICIENT_PRIVILEGES);
    }

    public void isCurrentUserDataStewardOfRecordType(String str) throws InsufficientPrivilegesException {
        if (!this.dataStewardAccessValidator.isCurrentUserDataStewardOfRecordType(str)) {
            throw buildInsufficientPrivilegesException(this.scp.get().getUserRef().getUsername(), str, ErrorCode.MINING_PROCESS_NOT_DATA_STEWARD_INSUFFICIENT_PRIVILEGES);
        }
    }

    @Transactional
    public void isCurrentUserDataStewardOfCaseRecordOfMiningProcess(Long l) throws InsufficientPrivilegesException, ObjectNotFoundException {
        isCurrentUserDataStewardOfCaseRecordOfMiningProcess(requireExistingProcess(l));
    }

    private void isCurrentUserDataStewardOfCaseRecordOfMiningProcess(MiningProcess miningProcess) throws InsufficientPrivilegesException {
        isCurrentUserDataStewardOfRecordType(((MiningProcessProvider) miningProcess.getMiningProcessProviders().stream().filter(miningProcessProvider -> {
            return MiningProcessProvider.MiningProcessProviderType.CASE == miningProcessProvider.getProviderType();
        }).findFirst().orElseThrow(() -> {
            return new IllegalStateException("MiningProcess \"" + miningProcess.getUuid() + "\" doesn't have any provider for Case data");
        })).getDataset().getRootRecordTypeUuid());
    }

    @Transactional
    public Set<String> getAllRecordTypeUuidsForProcess(String str) throws MiningProcessNotFoundException {
        return (Set) getProcessProvidersByUuid(str).stream().flatMap(miningProcessProvider -> {
            return miningProcessProvider.getMiningProcessFields().stream();
        }).map(miningProcessField -> {
            return miningProcessField.getDatasetField().getRecordTypeUuid();
        }).collect(Collectors.toSet());
    }

    public InsufficientPrivilegesException buildInsufficientPrivilegesException(String str, Object obj, ErrorCode errorCode) {
        return new InsufficientPrivilegesException(str, obj, errorCode, new Object[]{obj});
    }
}
