package de.bsvrz.dav.dav.util.accessControl;

import de.bsvrz.dav.daf.main.ClientDavInterface;
import de.bsvrz.dav.daf.main.DataState;
import de.bsvrz.dav.daf.main.config.SystemObject;
import de.bsvrz.dav.daf.util.HashBagMap;
import de.bsvrz.sys.funclib.debug.Debug;
import de.bsvrz.sys.funclib.operatingMessage.MessageGrade;
import de.bsvrz.sys.funclib.operatingMessage.MessageSender;
import de.bsvrz.sys.funclib.operatingMessage.MessageState;
import de.bsvrz.sys.funclib.operatingMessage.MessageType;
import de.bsvrz.sys.funclib.operatingMessage.OperatingMessage;
import de.bsvrz.sys.funclib.operatingMessage.PersistentOperatingMessage;
import java.io.Closeable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Timer;
import java.util.TimerTask;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.locks.ReentrantReadWriteLock;

/* loaded from: input_file:de/bsvrz/dav/dav/util/accessControl/AccessControlManager.class */
public final class AccessControlManager implements RegionManager, Closeable {
    public static final int MessageSenderInterval = 60000;
    private final HashMap<Long, UserInfoInternal> _userInfoHashMap;
    private final HashMap<SystemObject, AccessControlUnit> _authenticationClassHashMap;
    private final HashMap<SystemObject, Role> _roleHashMap;
    private final HashMap<SystemObject, Region> _regionHashMap;
    private final ClientDavInterface _connection;
    private final boolean _isUsingNewDataModel;
    private final UserRightsChangeHandler _userRightsChangeHandler;
    private final boolean _useImplicitUserManagement;
    private final Object _updateLock;
    private final ReentrantReadWriteLock _userMapLock;
    private HashBagMap<DataState, DataLoader> _oldObjectsWithMissingParameters;
    private final LinkedBlockingQueue<Long> _notifyUserChangedQueue;
    private Timer _parameterTimer;
    private PersistentOperatingMessage _operatingMessage;
    private static final Debug _debug = Debug.getLogger();
    private static final Long POISON = new Long(0);

    public AccessControlManager(ClientDavInterface clientDavInterface, UserRightsChangeHandler userRightsChangeHandler, boolean z) {
        this(clientDavInterface, userRightsChangeHandler, true, z);
    }

    public AccessControlManager(ClientDavInterface clientDavInterface, UserRightsChangeHandler userRightsChangeHandler, boolean z, boolean z2) {
        this._userInfoHashMap = new HashMap<>();
        this._authenticationClassHashMap = new HashMap<>();
        this._roleHashMap = new HashMap<>();
        this._regionHashMap = new HashMap<>();
        this._updateLock = new Object();
        this._userMapLock = new ReentrantReadWriteLock();
        this._notifyUserChangedQueue = new LinkedBlockingQueue<>();
        this._connection = clientDavInterface;
        this._userRightsChangeHandler = userRightsChangeHandler;
        this._useImplicitUserManagement = z;
        if (z2 && this._connection.getDataModel().getObject("atl.aktivitätObjekteNeu") == null) {
            _debug.error("Das neue Datenmodell der Zugriffsrechte-Prüfung sollte verwendet werden, wurde aber nicht gefunden. Stattdessen wird das alte Datenmodell benutzt.");
            this._isUsingNewDataModel = false;
        } else {
            this._isUsingNewDataModel = z2;
        }
        if (this._isUsingNewDataModel) {
            createParameterTimer();
        }
        Thread thread = new Thread("Aktualisierung Benutzerrechte") { // from class: de.bsvrz.dav.dav.util.accessControl.AccessControlManager.1
            @Override // java.lang.Thread, java.lang.Runnable
            public void run() {
                Long l;
                while (!interrupted()) {
                    try {
                        l = (Long) AccessControlManager.this._notifyUserChangedQueue.take();
                    } catch (Exception e) {
                        AccessControlManager._debug.error("Fehler beim Ändern von Benutzerrechten", e);
                    }
                    if (l == AccessControlManager.POISON) {
                        return;
                    } else {
                        AccessControlManager.this._userRightsChangeHandler.handleUserRightsChanged(l.longValue());
                    }
                }
            }
        };
        thread.setDaemon(true);
        thread.start();
    }

    private void createParameterTimer() {
        this._parameterTimer = new Timer("Warnung über fehlende Parameter", true);
        this._parameterTimer.schedule(new TimerTask() { // from class: de.bsvrz.dav.dav.util.accessControl.AccessControlManager.2
            @Override // java.util.TimerTask, java.lang.Runnable
            public void run() {
                AccessControlManager.this.sendMessagesAboutMissingParameters();
            }
        }, 60000L, 60000L);
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() {
        this._notifyUserChangedQueue.add(POISON);
        this._parameterTimer.cancel();
        Iterator<Role> it = this._roleHashMap.values().iterator();
        while (it.hasNext()) {
            it.next().stopDataListener();
        }
        Iterator<Region> it2 = this._regionHashMap.values().iterator();
        while (it2.hasNext()) {
            it2.next().stopDataListener();
        }
        Iterator<AccessControlUnit> it3 = this._authenticationClassHashMap.values().iterator();
        while (it3.hasNext()) {
            it3.next().stopDataListener();
        }
        Iterator<UserInfoInternal> it4 = this._userInfoHashMap.values().iterator();
        while (it4.hasNext()) {
            it4.next().stopDataListener();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendMessagesAboutMissingParameters() {
        HashBagMap<DataState, DataLoader> hashBagMap = new HashBagMap<>();
        Collection<UserInfoInternal> values = this._userInfoHashMap.values();
        ArrayList arrayList = new ArrayList(values.size());
        Iterator<UserInfoInternal> it = values.iterator();
        while (it.hasNext()) {
            arrayList.add((ExtendedUserInfo) it.next());
        }
        hashBagMap.addAll(getObjectsWithMissingParameters(arrayList));
        hashBagMap.addAll(getObjectsWithMissingParameters(this._authenticationClassHashMap.values()));
        hashBagMap.addAll(getObjectsWithMissingParameters(this._regionHashMap.values()));
        hashBagMap.addAll(getObjectsWithMissingParameters(this._roleHashMap.values()));
        if (this._oldObjectsWithMissingParameters == null || this._oldObjectsWithMissingParameters.size() == 0) {
            if (hashBagMap.size() == 0) {
                return;
            }
            this._operatingMessage = OperatingMessage.warning(MessageType.SYSTEM_DOMAIN, "Der Rechteprüfung fehlen Parameterdaten:\n" + formatMap(hashBagMap), new Object[0]).newPersistentMessage("Zugriffsrechte");
        } else if (hashBagMap.size() == 0) {
            this._operatingMessage.setMessage("Alle derzeit berücksichtigten Objekte besitzen jetzt Parameter.");
            this._operatingMessage.sendGoodMessage();
            this._operatingMessage = null;
        } else {
            this._operatingMessage.setMessage("Der Rechteprüfung fehlen Parameterdaten:\n" + formatMap(hashBagMap));
            this._operatingMessage.sendRepeatMessage();
        }
        this._oldObjectsWithMissingParameters = hashBagMap;
    }

    private static String formatMap(HashBagMap<DataState, DataLoader> hashBagMap) {
        StringBuilder sb = new StringBuilder();
        for (Map.Entry entry : hashBagMap.entrySet()) {
            if (((Collection) entry.getValue()).size() != 0) {
                if (entry.getKey() == null) {
                    sb.append("Kein Datensatz");
                } else {
                    sb.append(((DataState) entry.getKey()).toString());
                }
                sb.append(" (");
                sb.append(((Collection) entry.getValue()).size());
                if (((Collection) entry.getValue()).size() == 1) {
                    sb.append(" Objekt):\n");
                } else {
                    sb.append(" Objekte):\n");
                }
                Iterator it = ((Collection) entry.getValue()).iterator();
                while (it.hasNext()) {
                    sb.append("\t").append(((DataLoader) it.next()).getSystemObject().getPidOrNameOrId()).append("\n");
                }
            }
        }
        return sb.toString();
    }

    private static HashBagMap<DataState, DataLoader> getObjectsWithMissingParameters(Collection<? extends DataLoader> collection) {
        HashBagMap<DataState, DataLoader> hashBagMap = new HashBagMap<>();
        for (DataLoader dataLoader : collection) {
            if (dataLoader.getDataState() != DataState.DATA && dataLoader.getNoDataTime() > 60000) {
                hashBagMap.add(dataLoader.getDataState(), dataLoader);
            }
        }
        return hashBagMap;
    }

    public String toString() {
        return "AccessControlManager{_useImplicitUserManagement=" + this._useImplicitUserManagement + ", _isUsingNewDataModel=" + this._isUsingNewDataModel + '}';
    }

    public final void addUser(long j) {
        if (this._useImplicitUserManagement) {
            return;
        }
        addUserInternal(j);
    }

    private UserInfo addUserInternal(long j) {
        this._userMapLock.writeLock().lock();
        try {
            UserInfoInternal userInfoInternal = this._userInfoHashMap.get(Long.valueOf(j));
            if (userInfoInternal == null) {
                userInfoInternal = createUserInfo(j);
                this._userInfoHashMap.put(Long.valueOf(j), userInfoInternal);
            } else {
                userInfoInternal.incrementReference();
            }
            return userInfoInternal;
        } finally {
            this._userMapLock.writeLock().unlock();
        }
    }

    private UserInfoInternal createUserInfo(long j) {
        return isUsingNewDataModel() ? new ExtendedUserInfo(j, this._connection, this) : new OldUserInfo(j, this._connection, this._userRightsChangeHandler, this);
    }

    public boolean isUsingNewDataModel() {
        return this._isUsingNewDataModel;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void notifyInfiniteRecursion(DataLoader dataLoader, DataLoader dataLoader2, List<DataLoader> list) {
        String str = "Ungültige Rekursion in den Systemobjekten. Die problematische Vererbung wird deaktiviert bis das Problem behoben wird.\nObjekt referenziert sich selbst: " + dataLoader + "\nVererbungskette: " + list;
        MessageSender.getInstance().sendMessage("Zugriffsrechte", MessageType.SYSTEM_DOMAIN, "Rechteprüfung", MessageGrade.WARNING, MessageState.MESSAGE, str);
        _debug.warning(str);
        dataLoader2.deactivateInvalidChild(dataLoader);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AccessControlUnit getAuthenticationClass(SystemObject systemObject) {
        synchronized (this._authenticationClassHashMap) {
            AccessControlUnit accessControlUnit = this._authenticationClassHashMap.get(systemObject);
            if (null != accessControlUnit) {
                return accessControlUnit;
            }
            AccessControlUnit accessControlUnit2 = new AccessControlUnit(systemObject, this._connection, this);
            this._authenticationClassHashMap.put(systemObject, accessControlUnit2);
            return accessControlUnit2;
        }
    }

    @Override // de.bsvrz.dav.dav.util.accessControl.RegionManager
    public Region getRegion(SystemObject systemObject) {
        synchronized (this._regionHashMap) {
            Region region = this._regionHashMap.get(systemObject);
            if (null != region) {
                return region;
            }
            Region region2 = new Region(systemObject, this._connection, this);
            this._regionHashMap.put(systemObject, region2);
            return region2;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Role getRole(SystemObject systemObject) {
        synchronized (this._roleHashMap) {
            Role role = this._roleHashMap.get(systemObject);
            if (null != role) {
                return role;
            }
            Role role2 = new Role(systemObject, this._connection, this);
            this._roleHashMap.put(systemObject, role2);
            return role2;
        }
    }

    public UserInfo getUser(long j) {
        this._userMapLock.readLock().lock();
        try {
            UserInfoInternal userInfoInternal = this._userInfoHashMap.get(Long.valueOf(j));
            this._userMapLock.readLock().unlock();
            return (this._useImplicitUserManagement && userInfoInternal == null) ? addUserInternal(j) : userInfoInternal;
        } catch (Throwable th) {
            this._userMapLock.readLock().unlock();
            throw th;
        }
    }

    private boolean isChildOf(DataLoader dataLoader, DataLoader dataLoader2) {
        return enumerateChildren(dataLoader).contains(dataLoader2);
    }

    public final void removeUser(long j) {
        if (this._useImplicitUserManagement) {
            return;
        }
        this._userMapLock.writeLock().lock();
        try {
            UserInfoInternal userInfoInternal = this._userInfoHashMap.get(Long.valueOf(j));
            if (userInfoInternal != null) {
                userInfoInternal.decrementReference();
                if (userInfoInternal.canBeSafelyDeleted()) {
                    userInfoInternal.stopDataListener();
                    this._userInfoHashMap.remove(Long.valueOf(j));
                }
            }
        } finally {
            this._userMapLock.writeLock().unlock();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // de.bsvrz.dav.dav.util.accessControl.RegionManager
    public void objectChanged(DataLoader dataLoader) {
        ArrayList arrayList = new ArrayList();
        this._userMapLock.readLock().lock();
        try {
            for (UserInfoInternal userInfoInternal : this._userInfoHashMap.values()) {
                if ((userInfoInternal instanceof DataLoader) && isChildOf((DataLoader) userInfoInternal, dataLoader)) {
                    arrayList.add(Long.valueOf(userInfoInternal.getUserId()));
                }
            }
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                notifyUserRightsChangedAsync((Long) it.next());
            }
        } finally {
            this._userMapLock.readLock().unlock();
        }
    }

    private void notifyUserRightsChangedAsync(Long l) {
        this._notifyUserChangedQueue.add(l);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    public void userChanged(UserInfoInternal userInfoInternal) {
        if (userInfoInternal instanceof DataLoader) {
            enumerateChildren((DataLoader) userInfoInternal);
            notifyUserRightsChangedAsync(Long.valueOf(userInfoInternal.getUserId()));
        }
    }

    private List<DataLoader> enumerateChildren(DataLoader dataLoader) {
        return new ChildrenTreeEnumerator(this, dataLoader).enumerateChildren();
    }

    @Override // de.bsvrz.dav.dav.util.accessControl.RegionManager
    public Object getUpdateLock() {
        return this._updateLock;
    }
}
