package fr.paris.lutece.portal.web.rbac;

import fr.paris.lutece.portal.business.rbac.RBAC;
import fr.paris.lutece.portal.business.rbac.RBACHome;
import fr.paris.lutece.portal.business.rbac.RBACRole;
import fr.paris.lutece.portal.business.rbac.RBACRoleHome;
import fr.paris.lutece.portal.business.right.Level;
import fr.paris.lutece.portal.business.right.LevelHome;
import fr.paris.lutece.portal.business.role.Role;
import fr.paris.lutece.portal.business.role.RoleHome;
import fr.paris.lutece.portal.business.user.AdminUser;
import fr.paris.lutece.portal.business.user.AdminUserHome;
import fr.paris.lutece.portal.service.admin.AccessDeniedException;
import fr.paris.lutece.portal.service.admin.AdminUserService;
import fr.paris.lutece.portal.service.captcha.ICaptchaSecurityService;
import fr.paris.lutece.portal.service.i18n.I18nService;
import fr.paris.lutece.portal.service.message.AdminMessageService;
import fr.paris.lutece.portal.service.rbac.RBACRemovalListenerService;
import fr.paris.lutece.portal.service.rbac.ResourceType;
import fr.paris.lutece.portal.service.rbac.ResourceTypeManager;
import fr.paris.lutece.portal.service.security.SecurityTokenService;
import fr.paris.lutece.portal.service.template.AppTemplateService;
import fr.paris.lutece.portal.service.util.AppPathService;
import fr.paris.lutece.portal.service.util.AppPropertiesService;
import fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean;
import fr.paris.lutece.portal.web.constants.Messages;
import fr.paris.lutece.portal.web.constants.Parameters;
import fr.paris.lutece.portal.web.role.RoleJspBean;
import fr.paris.lutece.portal.web.util.LocalizedPaginator;
import fr.paris.lutece.util.ReferenceItem;
import fr.paris.lutece.util.ReferenceList;
import fr.paris.lutece.util.html.AbstractPaginator;
import fr.paris.lutece.util.html.ItemNavigator;
import fr.paris.lutece.util.sort.AttributeComparator;
import fr.paris.lutece.util.string.StringUtil;
import fr.paris.lutece.util.url.UrlItem;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:fr/paris/lutece/portal/web/rbac/RoleManagementJspBean.class */
public class RoleManagementJspBean extends AdminFeaturesPageJspBean {
    public static final String RIGHT_MANAGE_ROLES = "CORE_RBAC_MANAGEMENT";
    private static final long serialVersionUID = 5909246296083478844L;
    private static final String PARAMETER_METHOD_SELECTION_ALL = "all";
    private static final String PARAMETER_METHOD_SELECTION_CHOOSE = "choose";
    private static final String PARAMETER_SELECTION_METHOD_CHOOSE = "choose";
    private static final String PARAMETER_ROLE_KEY = "role_key";
    private static final String PARAMETER_ROLE_DESCRIPTION = "role_description";
    private static final String PARAMETER_ROLE_KEY_PREVIOUS = "role_key_previous";
    private static final String PARAMETER_RESOURCE_TYPE = "resource_type";
    private static final String PARAMETER_SELECT_RESOURCES_METHOD = "select_resources";
    private static final String PARAMETER_RESOURCE_ID = "resource_id";
    private static final String PARAMETER_PERMISSION_KEY = "permission_key";
    private static final String PARAMETER_SELECT_PERMISSIONS_METHOD = "select_permissions";
    private static final String PARAMETER_RBAC_ID = "rbac_id";
    private static final String PARAMETER_AVAILABLE_USER_LIST = "available_users_list";
    private static final String PARAMETER_ID_USER = "id_user";
    private static final String PARAMETER_ANCHOR = "anchor";
    private static final String PARAMETER_CAN_BE_ASSIGNED_TO_USER_FRONT = "can_be_assigned_to_user_front";
    private static final String MARK_PERMISSIONS_LIST = "permissions_list";
    private static final String MARK_RESOURCE_ID_LIST = "resource_id_list";
    private static final String MARK_RESOURCE_TYPE_LIST = "resource_type_list";
    private static final String MARK_CONTROLED_RESOURCE_LIST = "controled_resource_list";
    private static final String MARK_ROLE = "role";
    private static final String MARK_ROLE_LIST = "role_list";
    private static final String MARK_PAGINATOR = "paginator";
    private static final String MARK_NB_ITEMS_PER_PAGE = "nb_items_per_page";
    private static final String MARK_ROLE_KEY = "role_key";
    private static final String MARK_RESOURCE_TYPE = "resource_type";
    private static final String MARK_SELECT_RESOURCES_METHOD = "select_resources";
    private static final String MARK_RESOURCE_LIST_AVAILABLE = "resource_list_available";
    private static final String MARK_ASSIGNED_USERS_LIST = "assigned_users_list";
    private static final String MARK_AVAILABLE_USERS_LIST = "available_users_list";
    private static final String MARK_ASSIGNED_USERS_NUMBER = "assigned_users_number";
    private static final String MARK_ITEM_NAVIGATOR = "item_navigator";
    private static final String MARK_USER_LEVELS_LIST = "user_levels";
    private static final String MARK_EXIST_FRONT_ROLE_MAP = "exist_front_role_map";
    private static final String MARK_EXIST_FRONT_ROLE = "exist_front_role";
    private static final String MARK_HAS_RIGHT_MANAGE_FRONT_ROLE = "has_right_manage_front_role";
    private static final String PROPERTY_CONFIRM_DELETE_ROLE = "portal.rbac.message.confirmDeleteRole";
    private static final String PROPERTY_CONFIRM_DELETE_CONTROL = "portal.rbac.message.confirmDeleteControl";
    private static final String PROPERTY_ROLE_ALREADY_EXISTS = "portal.rbac.message.roleAlreadyExists";
    private static final String PROPERTY_ROLE_ATTRIBUTED = "portal.rbac.message.roleAttributed";
    private static final String PROPERTY_ROLE_CREATION_PAGETITLE = "portal.rbac.pageTitle.createRole";
    private static final String PROPERTY_ROLE_DESCRIPTION_PAGETITLE = "portal.rbac.pageTitle.viewRoleDescription";
    private static final String PROPERTY_CHOOSE_RESOURCES_PAGETITLE = "portal.rbac.pageTitle.chooseResources";
    private static final String PROPERTY_SELECT_RESOURCES_IDS_PAGETITLE = "portal.rbac.pageTitle.selectResourceIds";
    private static final String PROPERTY_SELECT_PERMISSIONS_PAGETITLE = "portal.rbac.pageTitle.selectPermissions";
    private static final String PROPERTY_MESSAGE_NO_ID_SELECTION_METHOD = "portal.rbac.message.resourceIdSelectionMethod";
    private static final String PROPERTY_MESSAGE_ID_LIST_EMPTY = "portal.rbac.message.resourceIdListEmpty";
    private static final String PROPERTY_MESSAGE_NO_PERMISSION_SELECTION_METHOD = "portal.rbac.message.permissionSelectionMethod";
    private static final String PROPERTY_MESSAGE_PERMISSION_LIST_EMPTY = "portal.rbac.message.permissionListEmpty";
    private static final String MESSAGE_ROLE_SPECIAL_CHARACTER = "portal.rbac.message.specialCharacters";
    private static final String PROPERTY_ROLES_PER_PAGE = "paginator.roles.itemsPerPage";
    private static final String PROPERTY_ASSIGN_USERS_PAGETITLE = "portal.rbac.assign_users.pageTitle";
    private static final String PROPERTY_MANAGE_ROLES_PAGETITLE = "portal.rbac.manage_roles.pageTitle";
    private static final String MESSAGE_CANNOT_REMOVE_ROLE = "portal.rbac.message.cannotRemoveRole";
    private static final String TEMPLATE_MANAGE_ROLES = "admin/rbac/manage_roles.html";
    private static final String TEMPLATE_CREATE_ROLE = "admin/rbac/create_role.html";
    private static final String TEMPLATE_VIEW_ROLE_DESCRIPTION = "admin/rbac/view_role_description.html";
    private static final String TEMPLATE_ADD_CONTROL_TO_ROLE = "admin/rbac/add_control_to_role.html";
    private static final String TEMPLATE_SELECT_PERMISSIONS = "admin/rbac/select_permissions.html";
    private static final String TEMPLATE_SELECT_RESOURCE_IDS = "admin/rbac/select_resource_ids.html";
    private static final String TEMPLATE_ASSIGN_USERS = "admin/rbac/assign_users_role.html";
    private static final String JSP_URL_ROLES_MANAGEMENT = "ManageRoles.jsp";
    private static final String JSP_URL_SELECT_PERMISSIONS = "SelectPermissions.jsp";
    private static final String JSP_URL_ROLE_DESCRIPTION = "ViewRoleDescription.jsp";
    private static final String JSP_URL_SELECT_SPECIFIC_IDS = "SelectSpecificIds.jsp";
    private static final String JSP_URL_REMOVE_ROLE = "jsp/admin/rbac/DoRemoveRole.jsp";
    private static final String JSP_URL_REMOVE_CONTROL_FROM_ROLE = "jsp/admin/rbac/DoRemoveControlFromRole.jsp";
    private static final String JSP_ASSIGN_USERS_TO_ROLE = "AssignUsersRole.jsp";
    private static final String JSP_URL_ASSIGN_USERS_TO_ROLE = "jsp/admin/rbac/AssignUsersRole.jsp";
    private int _nItemsPerPage;
    private int _nDefaultItemsPerPage;
    private String _strCurrentPageIndex;
    private ItemNavigator _itemNavigator;

    public String getManageRoles(HttpServletRequest httpServletRequest) {
        setPageTitleProperty(PROPERTY_MANAGE_ROLES_PAGETITLE);
        reinitItemNavigator();
        List list = (List) RBACRoleHome.findAll();
        String parameter = httpServletRequest.getParameter(Parameters.SORTED_ATTRIBUTE_NAME);
        String str = null;
        if (parameter != null) {
            str = httpServletRequest.getParameter(Parameters.SORTED_ASC);
            Collections.sort(list, new AttributeComparator(parameter, Boolean.parseBoolean(str)));
        }
        this._strCurrentPageIndex = AbstractPaginator.getPageIndex(httpServletRequest, "page_index", this._strCurrentPageIndex);
        this._nDefaultItemsPerPage = AppPropertiesService.getPropertyInt(PROPERTY_ROLES_PER_PAGE, 50);
        this._nItemsPerPage = AbstractPaginator.getItemsPerPage(httpServletRequest, "items_per_page", this._nItemsPerPage, this._nDefaultItemsPerPage);
        UrlItem urlItem = new UrlItem(getHomeUrl(httpServletRequest));
        if (parameter != null) {
            urlItem.addParameter(Parameters.SORTED_ATTRIBUTE_NAME, parameter);
        }
        if (str != null) {
            urlItem.addParameter(Parameters.SORTED_ASC, str);
        }
        LocalizedPaginator localizedPaginator = new LocalizedPaginator(list, this._nItemsPerPage, urlItem.getUrl(), "page_index", this._strCurrentPageIndex, getLocale());
        Map map = (Map) localizedPaginator.getPageItems().stream().collect(Collectors.toMap((v0) -> {
            return v0.getKey();
        }, rBACRole -> {
            return Boolean.valueOf(RoleHome.findExistRole(rBACRole.getKey()));
        }));
        HashMap hashMap = new HashMap();
        hashMap.put(MARK_NB_ITEMS_PER_PAGE, Integer.toString(this._nItemsPerPage));
        hashMap.put(MARK_PAGINATOR, localizedPaginator);
        hashMap.put(MARK_ROLE_LIST, localizedPaginator.getPageItems());
        hashMap.put(MARK_EXIST_FRONT_ROLE_MAP, map);
        return getAdminPage(AppTemplateService.getTemplate(TEMPLATE_MANAGE_ROLES, getLocale(), hashMap).getHtml());
    }

    public String getCreateRole(HttpServletRequest httpServletRequest) {
        setPageTitleProperty(PROPERTY_ROLE_CREATION_PAGETITLE);
        HashMap hashMap = new HashMap(1);
        hashMap.put("token", SecurityTokenService.getInstance().getToken(httpServletRequest, TEMPLATE_CREATE_ROLE));
        hashMap.put(MARK_HAS_RIGHT_MANAGE_FRONT_ROLE, Boolean.valueOf(getUser().checkRight(RoleJspBean.RIGHT_ROLES_MANAGEMENT)));
        return getAdminPage(AppTemplateService.getTemplate(TEMPLATE_CREATE_ROLE, getLocale(), hashMap).getHtml());
    }

    public String doCreateRole(HttpServletRequest httpServletRequest) throws AccessDeniedException {
        String parameter = httpServletRequest.getParameter("role_key");
        String parameter2 = httpServletRequest.getParameter(PARAMETER_ROLE_DESCRIPTION);
        String parameter3 = httpServletRequest.getParameter(PARAMETER_CAN_BE_ASSIGNED_TO_USER_FRONT);
        if (StringUtils.isBlank(parameter) || StringUtils.isBlank(parameter2)) {
            return AdminMessageService.getMessageUrl(httpServletRequest, Messages.MANDATORY_FIELDS, 5);
        }
        if (RBACRoleHome.checkExistRole(parameter)) {
            return AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_ROLE_ALREADY_EXISTS, 5);
        }
        if (!StringUtil.checkCodeKey(parameter)) {
            return AdminMessageService.getMessageUrl(httpServletRequest, MESSAGE_ROLE_SPECIAL_CHARACTER, 5);
        }
        if (!SecurityTokenService.getInstance().validate(httpServletRequest, TEMPLATE_CREATE_ROLE)) {
            throw new AccessDeniedException("Invalid security token");
        }
        RBACRole rBACRole = new RBACRole();
        rBACRole.setKey(parameter.trim());
        rBACRole.setDescription(parameter2);
        RBACRoleHome.create(rBACRole);
        if (getUser() != null && getUser().checkRight(RoleJspBean.RIGHT_ROLES_MANAGEMENT) && parameter3 != null && !RoleHome.findExistRole(rBACRole.getKey())) {
            Role role = new Role();
            role.setRole(parameter);
            role.setRoleDescription(parameter2);
            role.setWorkgroup("all");
            RoleHome.create(role);
        }
        return "ViewRoleDescription.jsp?role_key=" + parameter;
    }

    public String doModifyRole(HttpServletRequest httpServletRequest) throws AccessDeniedException {
        String parameter = httpServletRequest.getParameter(PARAMETER_ROLE_KEY_PREVIOUS);
        String parameter2 = httpServletRequest.getParameter("role_key");
        String parameter3 = httpServletRequest.getParameter(PARAMETER_ROLE_DESCRIPTION);
        String parameter4 = httpServletRequest.getParameter(PARAMETER_CAN_BE_ASSIGNED_TO_USER_FRONT);
        if (StringUtils.isBlank(parameter2) || StringUtils.isBlank(parameter3)) {
            return AdminMessageService.getMessageUrl(httpServletRequest, Messages.MANDATORY_FIELDS, 5);
        }
        if (parameter.equals(parameter2)) {
            if (!SecurityTokenService.getInstance().validate(httpServletRequest, TEMPLATE_VIEW_ROLE_DESCRIPTION)) {
                throw new AccessDeniedException("Invalid security token");
            }
            RBACRole findByPrimaryKey = RBACRoleHome.findByPrimaryKey(parameter);
            findByPrimaryKey.setKey(parameter2);
            findByPrimaryKey.setDescription(parameter3);
            if (getUser() != null && getUser().checkRight(RoleJspBean.RIGHT_ROLES_MANAGEMENT) && parameter4 != null && !RoleHome.findExistRole(findByPrimaryKey.getKey())) {
                Role role = new Role();
                role.setRole(findByPrimaryKey.getKey());
                role.setRoleDescription(parameter3);
                role.setWorkgroup("all");
                RoleHome.create(role);
            }
            RBACRoleHome.update(parameter, findByPrimaryKey);
        } else {
            if (RBACRoleHome.checkExistRole(parameter2)) {
                return AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_ROLE_ALREADY_EXISTS, 5);
            }
            if (!SecurityTokenService.getInstance().validate(httpServletRequest, TEMPLATE_VIEW_ROLE_DESCRIPTION)) {
                throw new AccessDeniedException("Invalid security token");
            }
            RBACRole findByPrimaryKey2 = RBACRoleHome.findByPrimaryKey(parameter);
            findByPrimaryKey2.setKey(parameter2);
            findByPrimaryKey2.setDescription(parameter3);
            RBACRoleHome.update(parameter, findByPrimaryKey2);
            AdminUserHome.updateUsersRole(parameter, findByPrimaryKey2);
            RBACHome.updateRoleKey(parameter, parameter2);
            if (getUser().checkRight(RoleJspBean.RIGHT_ROLES_MANAGEMENT) && parameter4 != null && !RoleHome.findExistRole(parameter2)) {
                Role role2 = new Role();
                role2.setRole(parameter2);
                role2.setRoleDescription(parameter3);
                RoleHome.create(role2);
            }
        }
        return "ViewRoleDescription.jsp?role_key=" + parameter2;
    }

    public String doConfirmRemoveRole(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("role_key");
        HashMap hashMap = new HashMap(2);
        hashMap.put("role_key", parameter);
        hashMap.put("token", SecurityTokenService.getInstance().getToken(httpServletRequest, JSP_URL_REMOVE_ROLE));
        return AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_CONFIRM_DELETE_ROLE, JSP_URL_REMOVE_ROLE, 4, hashMap);
    }

    public String doRemoveRole(HttpServletRequest httpServletRequest) throws AccessDeniedException {
        String parameter = httpServletRequest.getParameter("role_key");
        ArrayList arrayList = new ArrayList();
        if (AdminUserHome.checkRoleAttributed(parameter)) {
            return AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_ROLE_ATTRIBUTED, 5);
        }
        if (!RBACRemovalListenerService.getService().checkForRemoval(parameter, arrayList, getLocale())) {
            return AdminMessageService.getMessageUrl(httpServletRequest, MESSAGE_CANNOT_REMOVE_ROLE, new Object[]{AdminMessageService.getFormattedList(arrayList, getLocale())}, 5);
        }
        if (!SecurityTokenService.getInstance().validate(httpServletRequest, JSP_URL_REMOVE_ROLE)) {
            throw new AccessDeniedException("Invalid security token");
        }
        RBACRoleHome.remove(parameter);
        RBACHome.removeForRoleKey(parameter);
        return JSP_URL_ROLES_MANAGEMENT;
    }

    public String getViewRoleDescription(HttpServletRequest httpServletRequest) {
        setPageTitleProperty(PROPERTY_ROLE_DESCRIPTION_PAGETITLE);
        String parameter = httpServletRequest.getParameter("role_key");
        Collection<RBAC> findResourcesByCode = RBACHome.findResourcesByCode(parameter);
        I18nService.localizeCollection(findResourcesByCode, getLocale());
        Collection<ResourceType> resourceTypeList = ResourceTypeManager.getResourceTypeList();
        I18nService.localizeCollection(resourceTypeList, getLocale());
        RBACRole findByPrimaryKey = RBACRoleHome.findByPrimaryKey(parameter);
        if (findByPrimaryKey == null) {
            return getManageRoles(httpServletRequest);
        }
        HashMap hashMap = new HashMap();
        hashMap.put(MARK_EXIST_FRONT_ROLE, Boolean.valueOf(RoleHome.findExistRole(findByPrimaryKey.getKey())));
        hashMap.put(MARK_HAS_RIGHT_MANAGE_FRONT_ROLE, Boolean.valueOf(getUser().checkRight(RoleJspBean.RIGHT_ROLES_MANAGEMENT)));
        hashMap.put("role", findByPrimaryKey);
        hashMap.put(MARK_CONTROLED_RESOURCE_LIST, findResourcesByCode);
        hashMap.put(MARK_RESOURCE_TYPE_LIST, resourceTypeList);
        hashMap.put("token", SecurityTokenService.getInstance().getToken(httpServletRequest, TEMPLATE_VIEW_ROLE_DESCRIPTION));
        return getAdminPage(AppTemplateService.getTemplate(TEMPLATE_VIEW_ROLE_DESCRIPTION, getLocale(), hashMap).getHtml());
    }

    public String doConfirmRemoveControlFromRole(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(PARAMETER_RBAC_ID);
        HashMap hashMap = new HashMap(2);
        hashMap.put(PARAMETER_RBAC_ID, parameter);
        hashMap.put("token", SecurityTokenService.getInstance().getToken(httpServletRequest, JSP_URL_REMOVE_CONTROL_FROM_ROLE));
        return AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_CONFIRM_DELETE_CONTROL, JSP_URL_REMOVE_CONTROL_FROM_ROLE, 4, hashMap);
    }

    public String doRemoveControlFromRole(HttpServletRequest httpServletRequest) throws AccessDeniedException {
        if (!SecurityTokenService.getInstance().validate(httpServletRequest, JSP_URL_REMOVE_CONTROL_FROM_ROLE)) {
            throw new AccessDeniedException("Invalid security token");
        }
        int parseInt = Integer.parseInt(httpServletRequest.getParameter(PARAMETER_RBAC_ID));
        RBAC findByPrimaryKey = RBACHome.findByPrimaryKey(parseInt);
        RBACHome.remove(parseInt);
        return "ViewRoleDescription.jsp?role_key=" + findByPrimaryKey.getRoleKey();
    }

    public String getAddControlToRole(HttpServletRequest httpServletRequest) {
        setPageTitleProperty(PROPERTY_CHOOSE_RESOURCES_PAGETITLE);
        HashMap hashMap = new HashMap();
        String parameter = httpServletRequest.getParameter("role_key");
        String parameter2 = httpServletRequest.getParameter("resource_type");
        boolean z = true;
        if (CollectionUtils.isEmpty(ResourceTypeManager.getResourceType(parameter2).getResourceIdService().getResourceIdList(getLocale()))) {
            z = false;
        }
        hashMap.put("role_key", parameter);
        hashMap.put("resource_type", parameter2);
        hashMap.put(MARK_RESOURCE_LIST_AVAILABLE, Boolean.valueOf(z));
        return getAdminPage(AppTemplateService.getTemplate(TEMPLATE_ADD_CONTROL_TO_ROLE, getLocale(), hashMap).getHtml());
    }

    public String doSelectResources(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("role_key");
        String parameter2 = httpServletRequest.getParameter("resource_type");
        String parameter3 = httpServletRequest.getParameter("select_resources");
        return (parameter3 == null || parameter3.trim().equals(ICaptchaSecurityService.EMPTY_STRING)) ? AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_MESSAGE_NO_ID_SELECTION_METHOD, 5) : parameter3.equals("choose") ? "SelectSpecificIds.jsp?resource_type=" + parameter2 + "&role_key=" + parameter + "&select_resources=" + parameter3 : parameter3.equals("all") ? "SelectPermissions.jsp?resource_type=" + parameter2 + "&role_key=" + parameter + "&select_resources=" + parameter3 : AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_MESSAGE_NO_ID_SELECTION_METHOD, 5);
    }

    public String getSelectSpecificIds(HttpServletRequest httpServletRequest) {
        setPageTitleProperty(PROPERTY_SELECT_RESOURCES_IDS_PAGETITLE);
        String parameter = httpServletRequest.getParameter("role_key");
        String parameter2 = httpServletRequest.getParameter("resource_type");
        String parameter3 = httpServletRequest.getParameter("select_resources");
        ResourceType resourceType = ResourceTypeManager.getResourceType(parameter2);
        HashMap hashMap = new HashMap();
        hashMap.put(MARK_RESOURCE_ID_LIST, resourceType.getResourceIdService().getResourceIdList(getLocale()));
        hashMap.put("role_key", parameter);
        hashMap.put("resource_type", parameter2);
        hashMap.put("select_resources", parameter3);
        return getAdminPage(AppTemplateService.getTemplate(TEMPLATE_SELECT_RESOURCE_IDS, getLocale(), hashMap).getHtml());
    }

    public String doSelectResourcesFromIdsList(HttpServletRequest httpServletRequest) {
        String messageUrl;
        String parameter = httpServletRequest.getParameter("role_key");
        String parameter2 = httpServletRequest.getParameter("select_resources");
        String parameter3 = httpServletRequest.getParameter("resource_type");
        String[] parameterValues = httpServletRequest.getParameterValues("resource_id");
        if (parameter2 == null) {
            messageUrl = AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_MESSAGE_NO_ID_SELECTION_METHOD, 5);
        } else if (parameter2.equals("choose")) {
            if (parameterValues == null || parameterValues.length == 0) {
                messageUrl = AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_MESSAGE_ID_LIST_EMPTY, 5);
            } else {
                StringBuilder sb = new StringBuilder(JSP_URL_SELECT_PERMISSIONS);
                sb.append("?");
                sb.append("resource_type");
                sb.append("=");
                sb.append(parameter3);
                sb.append("&");
                sb.append("role_key");
                sb.append("=");
                sb.append(parameter);
                sb.append("&");
                sb.append("select_resources");
                sb.append("=");
                sb.append(parameter2);
                for (String str : parameterValues) {
                    sb.append("&");
                    sb.append("resource_id");
                    sb.append("=");
                    sb.append(str);
                }
                messageUrl = sb.toString();
            }
        } else if (parameter2.equals("all")) {
            messageUrl = JSP_URL_SELECT_PERMISSIONS + "?resource_type=" + parameter3 + "&role_key=" + parameter + "&select_resources=" + parameter2;
        } else {
            messageUrl = AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_MESSAGE_NO_ID_SELECTION_METHOD, 5);
        }
        return messageUrl;
    }

    public String getSelectPermissions(HttpServletRequest httpServletRequest) {
        setPageTitleProperty(PROPERTY_SELECT_PERMISSIONS_PAGETITLE);
        String parameter = httpServletRequest.getParameter("role_key");
        String parameter2 = httpServletRequest.getParameter("resource_type");
        String parameter3 = httpServletRequest.getParameter("select_resources");
        String[] parameterValues = httpServletRequest.getParameterValues("resource_id");
        ReferenceList permissionsList = ResourceTypeManager.getPermissionsList(parameter2, getLocale());
        HashMap hashMap = new HashMap();
        hashMap.put(MARK_RESOURCE_ID_LIST, parameterValues);
        hashMap.put(MARK_PERMISSIONS_LIST, permissionsList);
        hashMap.put("role_key", parameter);
        hashMap.put("resource_type", parameter2);
        hashMap.put("select_resources", parameter3);
        hashMap.put("token", SecurityTokenService.getInstance().getToken(httpServletRequest, TEMPLATE_SELECT_PERMISSIONS));
        return getAdminPage(AppTemplateService.getTemplate(TEMPLATE_SELECT_PERMISSIONS, getLocale(), hashMap).getHtml());
    }

    public String doSelectPermissions(HttpServletRequest httpServletRequest) throws AccessDeniedException {
        String[] strArr;
        String parameter = httpServletRequest.getParameter("role_key");
        String parameter2 = httpServletRequest.getParameter("resource_type");
        String parameter3 = httpServletRequest.getParameter("select_resources");
        String parameter4 = httpServletRequest.getParameter(PARAMETER_SELECT_PERMISSIONS_METHOD);
        String[] parameterValues = (parameter3 == null || !parameter3.equals("all")) ? httpServletRequest.getParameterValues("resource_id") : new String[]{"*"};
        if (parameter4 == null) {
            return AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_MESSAGE_NO_PERMISSION_SELECTION_METHOD, 5);
        }
        if (parameter4.equals("choose")) {
            strArr = httpServletRequest.getParameterValues(PARAMETER_PERMISSION_KEY);
            if (strArr == null || strArr.length == 0) {
                return AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_MESSAGE_PERMISSION_LIST_EMPTY, 5);
            }
        } else {
            if (!parameter4.equals("all")) {
                return AdminMessageService.getMessageUrl(httpServletRequest, PROPERTY_MESSAGE_NO_PERMISSION_SELECTION_METHOD, 5);
            }
            strArr = new String[]{"*"};
        }
        if (!SecurityTokenService.getInstance().validate(httpServletRequest, TEMPLATE_SELECT_PERMISSIONS)) {
            throw new AccessDeniedException("Invalid security token");
        }
        for (String str : parameterValues) {
            for (String str2 : strArr) {
                RBAC rbac = new RBAC();
                rbac.setRoleKey(parameter);
                rbac.setResourceTypeKey(parameter2);
                rbac.setResourceId(str);
                rbac.setPermissionKey(str2);
                RBACHome.create(rbac);
            }
        }
        return "ViewRoleDescription.jsp?role_key=" + parameter;
    }

    public String getAssignUsers(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        setPageTitleProperty(PROPERTY_ASSIGN_USERS_PAGETITLE);
        UrlItem urlItem = new UrlItem(AppPathService.getBaseUrl(httpServletRequest) + JSP_URL_ASSIGN_USERS_TO_ROLE);
        String parameter = httpServletRequest.getParameter("role_key");
        RBACRole findByPrimaryKey = RBACRoleHome.findByPrimaryKey(parameter);
        List list = (List) AdminUserHome.findByRole(parameter).stream().filter(this::isUserHigherThanConnectedUser).collect(Collectors.toList());
        List<AdminUser> filteredUsersInterface = AdminUserService.getFilteredUsersInterface(list, httpServletRequest, hashMap, urlItem);
        ReferenceList referenceList = new ReferenceList();
        for (AdminUser adminUser : AdminUserHome.findUserList()) {
            ReferenceItem referenceItem = new ReferenceItem();
            referenceItem.setCode(Integer.toString(adminUser.getUserId()));
            referenceItem.setName(adminUser.getLastName() + " " + adminUser.getFirstName() + " (" + adminUser.getAccessCode() + ")");
            if (!list.stream().anyMatch(adminUser2 -> {
                return Integer.toString(adminUser2.getUserId()).equals(referenceItem.getCode());
            }) && isUserHigherThanConnectedUser(adminUser)) {
                referenceList.add(referenceItem);
            }
        }
        String parameter2 = httpServletRequest.getParameter(Parameters.SORTED_ATTRIBUTE_NAME);
        String str = null;
        if (parameter2 != null) {
            urlItem.addParameter(Parameters.SORTED_ATTRIBUTE_NAME, parameter2);
            str = httpServletRequest.getParameter(Parameters.SORTED_ASC);
            Collections.sort(filteredUsersInterface, new AttributeComparator(parameter2, Boolean.parseBoolean(str)));
        }
        this._strCurrentPageIndex = AbstractPaginator.getPageIndex(httpServletRequest, "page_index", this._strCurrentPageIndex);
        this._nDefaultItemsPerPage = AppPropertiesService.getPropertyInt(PROPERTY_ROLES_PER_PAGE, 50);
        this._nItemsPerPage = AbstractPaginator.getItemsPerPage(httpServletRequest, "items_per_page", this._nItemsPerPage, this._nDefaultItemsPerPage);
        if (str != null) {
            urlItem.addParameter(Parameters.SORTED_ASC, str);
        }
        setItemNavigator(findByPrimaryKey.getKey(), urlItem.getUrl());
        urlItem.addParameter("role_key", findByPrimaryKey.getKey());
        LocalizedPaginator localizedPaginator = new LocalizedPaginator(filteredUsersInterface, this._nItemsPerPage, urlItem.getUrl(), "page_index", this._strCurrentPageIndex, getLocale());
        ArrayList arrayList = new ArrayList();
        for (Level level : LevelHome.getLevelsList()) {
            if (getUser().isAdmin() || getUser().hasRights(level.getId())) {
                arrayList.add(level);
            }
        }
        hashMap.put("role", findByPrimaryKey);
        hashMap.put(MARK_USER_LEVELS_LIST, arrayList);
        hashMap.put("available_users_list", referenceList);
        hashMap.put(MARK_ASSIGNED_USERS_LIST, localizedPaginator.getPageItems());
        hashMap.put(MARK_ASSIGNED_USERS_NUMBER, Integer.valueOf(list.size()));
        hashMap.put(MARK_ITEM_NAVIGATOR, this._itemNavigator);
        hashMap.put(MARK_PAGINATOR, localizedPaginator);
        hashMap.put(MARK_NB_ITEMS_PER_PAGE, Integer.toString(this._nItemsPerPage));
        hashMap.put("token", SecurityTokenService.getInstance().getToken(httpServletRequest, JSP_ASSIGN_USERS_TO_ROLE));
        return getAdminPage(AppTemplateService.getTemplate(TEMPLATE_ASSIGN_USERS, getLocale(), hashMap).getHtml());
    }

    public String doAssignUsers(HttpServletRequest httpServletRequest) throws AccessDeniedException {
        if (!SecurityTokenService.getInstance().validate(httpServletRequest, JSP_ASSIGN_USERS_TO_ROLE)) {
            throw new AccessDeniedException("Invalid security token");
        }
        String parameter = httpServletRequest.getParameter("role_key");
        String[] parameterValues = httpServletRequest.getParameterValues("available_users_list");
        if (parameterValues != null) {
            for (String str : parameterValues) {
                AdminUser findByPrimaryKey = AdminUserHome.findByPrimaryKey(Integer.parseInt(str));
                if (!AdminUserHome.hasRole(findByPrimaryKey, parameter)) {
                    AdminUserHome.createRoleForUser(findByPrimaryKey.getUserId(), parameter);
                }
            }
        }
        return "AssignUsersRole.jsp?role_key=" + parameter;
    }

    public String doUnAssignUser(HttpServletRequest httpServletRequest) throws AccessDeniedException {
        if (!SecurityTokenService.getInstance().validate(httpServletRequest, JSP_ASSIGN_USERS_TO_ROLE)) {
            throw new AccessDeniedException("Invalid security token");
        }
        String parameter = httpServletRequest.getParameter("role_key");
        int parseInt = Integer.parseInt(httpServletRequest.getParameter(PARAMETER_ID_USER));
        String parameter2 = httpServletRequest.getParameter(PARAMETER_ANCHOR);
        if (AdminUserHome.findByPrimaryKey(parseInt) != null) {
            AdminUserHome.removeRoleForUser(parseInt, parameter);
        }
        return "AssignUsersRole.jsp?role_key=" + parameter + "#" + parameter2;
    }

    private void setItemNavigator(String str, String str2) {
        if (this._itemNavigator != null) {
            this._itemNavigator.setCurrentItemId(str);
            return;
        }
        ArrayList arrayList = new ArrayList();
        int i = 0;
        int i2 = 0;
        for (RBACRole rBACRole : RBACRoleHome.findAll()) {
            if (rBACRole != null && StringUtils.isNotBlank(rBACRole.getKey())) {
                arrayList.add(rBACRole.getKey());
                if (rBACRole.getKey().equals(str)) {
                    i = i2;
                }
                i2++;
            }
        }
        this._itemNavigator = new ItemNavigator(arrayList, i, str2, "role_key");
    }

    private void reinitItemNavigator() {
        this._itemNavigator = null;
    }
}
