package prerna.auth.utils;

import java.sql.Clob;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import prerna.auth.AccessPermission;
import prerna.auth.User;
import prerna.ds.util.RdbmsQueryBuilder;
import prerna.engine.api.IRawSelectWrapper;
import prerna.query.querystruct.SelectQueryStruct;
import prerna.query.querystruct.filters.OrQueryFilter;
import prerna.query.querystruct.filters.SimpleQueryFilter;
import prerna.query.querystruct.selectors.QueryColumnOrderBySelector;
import prerna.query.querystruct.selectors.QueryColumnSelector;
import prerna.rdf.engine.wrappers.WrapperManager;
import prerna.sablecc2.om.PixelDataType;
import prerna.ui.components.MapComboBoxRenderer;
import prerna.util.Constants;
import prerna.util.sql.AbstractSqlQueryUtil;

/* loaded from: input_file:prerna/auth/utils/SecurityAppUtils.class */
public class SecurityAppUtils extends AbstractSecurityUtils {
    public static String getActualUserAppPermission(User user, String str) {
        SelectQueryStruct selectQueryStruct = new SelectQueryStruct();
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEPERMISSION__PERMISSION"));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__ENGINEID", "==", str));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__USERID", "==", getUserFiltersQs(user)));
        IRawSelectWrapper rawWrapper = WrapperManager.getInstance().getRawWrapper(securityDb, selectQueryStruct);
        while (rawWrapper.hasNext()) {
            Object obj = rawWrapper.next().getValues()[0];
            if (obj != null) {
                return AccessPermission.getPermissionValueById(((Number) obj).intValue());
            }
        }
        if (appIsGlobal(str)) {
            return AccessPermission.READ_ONLY.getPermission();
        }
        return null;
    }

    public static Integer getUserAppPermission(String str, String str2) {
        Object obj;
        SelectQueryStruct selectQueryStruct = new SelectQueryStruct();
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEPERMISSION__PERMISSION"));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__ENGINEID", "==", str2));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__USERID", "==", str));
        IRawSelectWrapper rawWrapper = WrapperManager.getInstance().getRawWrapper(securityDb, selectQueryStruct);
        try {
            if (!rawWrapper.hasNext() || (obj = rawWrapper.next().getValues()[0]) == null || !(obj instanceof Number)) {
                rawWrapper.cleanUp();
                return null;
            }
            Integer valueOf = Integer.valueOf(((Number) obj).intValue());
            rawWrapper.cleanUp();
            return valueOf;
        } catch (Throwable th) {
            rawWrapper.cleanUp();
            throw th;
        }
    }

    public static boolean appIsGlobal(String str) {
        SelectQueryStruct selectQueryStruct = new SelectQueryStruct();
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINE__ENGINEID"));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINE__GLOBAL", "==", (Object) true, PixelDataType.BOOLEAN));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINE__ENGINEID", "==", str));
        IRawSelectWrapper rawWrapper = WrapperManager.getInstance().getRawWrapper(securityDb, selectQueryStruct);
        try {
            if (rawWrapper.hasNext()) {
                return true;
            }
            rawWrapper.cleanUp();
            return false;
        } finally {
            rawWrapper.cleanUp();
        }
    }

    public static boolean userIsOwner(User user, String str) {
        return userIsOwner(getUserFiltersQs(user), str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean userIsOwner(Collection<String> collection, String str) {
        Object obj;
        SelectQueryStruct selectQueryStruct = new SelectQueryStruct();
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEPERMISSION__PERMISSION"));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__ENGINEID", "==", str));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__USERID", "==", collection));
        IRawSelectWrapper rawWrapper = WrapperManager.getInstance().getRawWrapper(securityDb, selectQueryStruct);
        while (rawWrapper.hasNext() && (obj = rawWrapper.next().getValues()[0]) != null) {
            if (AccessPermission.isOwner(((Number) obj).intValue())) {
                return true;
            }
        }
        return false;
    }

    public static boolean userCanViewEngine(User user, String str) {
        SelectQueryStruct selectQueryStruct = new SelectQueryStruct();
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINE__ENGINEID"));
        OrQueryFilter orQueryFilter = new OrQueryFilter();
        orQueryFilter.addFilter(SimpleQueryFilter.makeColToValFilter("ENGINE__GLOBAL", "==", (Object) true, PixelDataType.BOOLEAN));
        orQueryFilter.addFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__USERID", "==", getUserFiltersQs(user)));
        selectQueryStruct.addExplicitFilter(orQueryFilter);
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINE__ENGINEID", "==", str));
        selectQueryStruct.addRelation("ENGINE", "ENGINEPERMISSION", "left.outer.join");
        IRawSelectWrapper rawWrapper = WrapperManager.getInstance().getRawWrapper(securityDb, selectQueryStruct);
        try {
            if (rawWrapper.hasNext()) {
                return true;
            }
            rawWrapper.cleanUp();
            return false;
        } finally {
            rawWrapper.cleanUp();
        }
    }

    public static boolean userCanEditEngine(User user, String str) {
        SelectQueryStruct selectQueryStruct = new SelectQueryStruct();
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEPERMISSION__PERMISSION"));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__ENGINEID", "==", str));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__USERID", "==", getUserFiltersQs(user)));
        IRawSelectWrapper rawWrapper = WrapperManager.getInstance().getRawWrapper(securityDb, selectQueryStruct);
        while (rawWrapper.hasNext()) {
            try {
                Object obj = rawWrapper.next().getValues()[0];
                if (obj == null) {
                    return false;
                }
                if (AccessPermission.isEditor(((Number) obj).intValue())) {
                    rawWrapper.cleanUp();
                    return true;
                }
            } finally {
                rawWrapper.cleanUp();
            }
        }
        rawWrapper.cleanUp();
        return false;
    }

    static int getMaxUserAppPermission(User user, String str) {
        SelectQueryStruct selectQueryStruct = new SelectQueryStruct();
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEPERMISSION__PERMISSION"));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__ENGINEID", "==", str));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__USERID", "==", getUserFiltersQs(user)));
        selectQueryStruct.addOrderBy(new QueryColumnOrderBySelector("ENGINEPERMISSION__PERMISSION"));
        IRawSelectWrapper rawWrapper = WrapperManager.getInstance().getRawWrapper(securityDb, selectQueryStruct);
        try {
            if (!rawWrapper.hasNext()) {
                rawWrapper.cleanUp();
                return AccessPermission.READ_ONLY.getId();
            }
            Object obj = rawWrapper.next().getValues()[0];
            if (obj == null) {
                int id = AccessPermission.READ_ONLY.getId();
                rawWrapper.cleanUp();
                return id;
            }
            int intValue = ((Number) obj).intValue();
            rawWrapper.cleanUp();
            return intValue;
        } catch (Throwable th) {
            rawWrapper.cleanUp();
            throw th;
        }
    }

    public static List<Map<String, Object>> getAppUsers(User user, String str) throws IllegalAccessException {
        if (!userCanViewEngine(user, str)) {
            throw new IllegalArgumentException("The user does not have access to view this app");
        }
        SelectQueryStruct selectQueryStruct = new SelectQueryStruct();
        selectQueryStruct.addSelector(new QueryColumnSelector("USER__ID", MapComboBoxRenderer.KEY));
        selectQueryStruct.addSelector(new QueryColumnSelector("USER__NAME", "name"));
        selectQueryStruct.addSelector(new QueryColumnSelector("PERMISSION__NAME", "permission"));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEPERMISSION__ENGINEID", "==", str));
        selectQueryStruct.addRelation("USER", "ENGINEPERMISSION", "inner.join");
        selectQueryStruct.addRelation("ENGINEPERMISSION", "PERMISSION", "inner.join");
        return flushRsToMap(WrapperManager.getInstance().getRawWrapper(securityDb, selectQueryStruct));
    }

    public static void addAppUser(User user, String str, String str2, String str3) {
        if (!userCanEditEngine(user, str2)) {
            throw new IllegalArgumentException("Insufficient privileges to modify this app's permissions.");
        }
        if (getUserAppPermission(str, str2) != null) {
            throw new IllegalArgumentException("This user already has access to this app. Please edit the existing permission level.");
        }
        try {
            securityDb.insertData("INSERT INTO ENGINEPERMISSION (USERID, ENGINEID, VISIBILITY, PERMISSION) VALUES('" + RdbmsQueryBuilder.escapeForSQLStatement(str) + "', '" + RdbmsQueryBuilder.escapeForSQLStatement(str2) + "', TRUE, " + AccessPermission.getIdByPermission(str3) + ");");
        } catch (SQLException e) {
            e.printStackTrace();
            throw new IllegalArgumentException("An error occured adding user permissions for this APP");
        }
    }

    public static void editAppUserPermission(User user, String str, String str2, String str3) {
        int maxUserAppPermission = getMaxUserAppPermission(user, str2);
        if (!AccessPermission.isEditor(maxUserAppPermission)) {
            throw new IllegalArgumentException("Insufficient privileges to modify this app's permissions.");
        }
        Integer userAppPermission = getUserAppPermission(str, str2);
        if (userAppPermission == null) {
            throw new IllegalArgumentException("Attempting to modify app permission for a user who does not currently have access to the app");
        }
        int idByPermission = AccessPermission.getIdByPermission(str3);
        if (!AccessPermission.isOwner(maxUserAppPermission)) {
            if (AccessPermission.OWNER.getId() == userAppPermission.intValue()) {
                throw new IllegalArgumentException("The user doesn't have the high enough permissions to modify this users app permission.");
            }
            if (AccessPermission.OWNER.getId() == idByPermission) {
                throw new IllegalArgumentException("Cannot give owner level access to this insight since you are not currently an owner.");
            }
        }
        try {
            securityDb.insertData("UPDATE ENGINEPERMISSION SET PERMISSION=" + idByPermission + " WHERE USERID='" + RdbmsQueryBuilder.escapeForSQLStatement(str) + "' AND ENGINEID='" + RdbmsQueryBuilder.escapeForSQLStatement(str2) + "';");
        } catch (SQLException e) {
            e.printStackTrace();
            throw new IllegalArgumentException("An error occured updating the user permissions for this insight");
        }
    }

    public static void removeAppUser(User user, String str, String str2) {
        int maxUserAppPermission = getMaxUserAppPermission(user, str2);
        if (!AccessPermission.isEditor(maxUserAppPermission)) {
            throw new IllegalArgumentException("Insufficient privileges to modify this app's permissions.");
        }
        Integer userAppPermission = getUserAppPermission(str, str2);
        if (userAppPermission == null) {
            throw new IllegalArgumentException("Attempting to modify user permission for a user who does not currently have access to the app");
        }
        if (!AccessPermission.isOwner(maxUserAppPermission) && AccessPermission.OWNER.getId() == userAppPermission.intValue()) {
            throw new IllegalArgumentException("The user doesn't have the high enough permissions to modify this users app permission.");
        }
        try {
            securityDb.insertData("DELETE FROM ENGINEPERMISSION WHERE USERID='" + RdbmsQueryBuilder.escapeForSQLStatement(str) + "' AND ENGINEID='" + RdbmsQueryBuilder.escapeForSQLStatement(str2) + "';");
            try {
                securityDb.insertData("DELETE FROM USERINSIGHTPERMISSION WHERE USERID='" + RdbmsQueryBuilder.escapeForSQLStatement(str) + "' AND ENGINEID='" + RdbmsQueryBuilder.escapeForSQLStatement(str2) + "';");
            } catch (SQLException e) {
                e.printStackTrace();
                throw new IllegalArgumentException("An error occured removing the user permissions for the insights of this app");
            }
        } catch (SQLException e2) {
            e2.printStackTrace();
            throw new IllegalArgumentException("An error occured removing the user permissions for this app");
        }
    }

    public static boolean setAppGlobal(User user, String str, boolean z) {
        if (!userIsOwner(user, str)) {
            throw new IllegalArgumentException("The user doesn't have the permission to set this database as global. Only the owner or an admin can perform this action.");
        }
        securityDb.execUpdateAndRetrieveStatement("UPDATE ENGINE SET GLOBAL = " + z + " WHERE ENGINEID ='" + str + "';", true);
        securityDb.commit();
        return true;
    }

    public static boolean setAppName(User user, String str, String str2) {
        if (!userIsOwner(user, str)) {
            throw new IllegalArgumentException("The user doesn't have the permission to change the database name. Only the owner or an admin can perform this action.");
        }
        securityDb.execUpdateAndRetrieveStatement("UPDATE ENGINE SET ENGINENAME = '" + str2 + "' WHERE ENGINEID ='" + str + "';", true);
        securityDb.commit();
        return true;
    }

    public static void updateAppDescription(String str, String str2) {
        Statement statement = null;
        try {
            try {
                statement = securityDb.execUpdateAndRetrieveStatement("UPDATE ENGINEMETA SET METAVALUE='" + AbstractSqlQueryUtil.escapeForSQLStatement(str2) + "' WHERE METAKEY='description' AND ENGINEID='" + str + "'", false);
                if (statement.getUpdateCount() == 0) {
                    securityDb.insertData(securityDb.getQueryUtil().insertIntoTable("ENGINEMETA", new String[]{"ENGINEID", "METAKEY", "METAVALUE", "METAORDER"}, new String[]{"varchar(255)", "varchar(255)", "clob", "int"}, new Object[]{str, "description", str2, 0}));
                }
                if (statement != null) {
                    try {
                        statement.close();
                    } catch (SQLException e) {
                        e.printStackTrace();
                    }
                }
            } catch (SQLException e2) {
                e2.printStackTrace();
                if (statement != null) {
                    try {
                        statement.close();
                    } catch (SQLException e3) {
                        e3.printStackTrace();
                    }
                }
            }
        } catch (Throwable th) {
            if (statement != null) {
                try {
                    statement.close();
                } catch (SQLException e4) {
                    e4.printStackTrace();
                }
            }
            throw th;
        }
    }

    public static void updateAppTags(String str, List<String> list) {
        try {
            securityDb.insertData("DELETE FROM ENGINEMETA WHERE METAKEY='tag' AND ENGINEID='" + str + "'");
            securityDb.commit();
        } catch (SQLException e) {
            e.printStackTrace();
        }
        PreparedStatement bulkInsertPreparedStatement = securityDb.bulkInsertPreparedStatement(securityDb.getQueryUtil().createInsertPreparedStatementString("ENGINEMETA", new String[]{"ENGINEID", "METAKEY", "METAVALUE", "METAORDER"}));
        try {
            for (int i = 0; i < list.size(); i++) {
                try {
                    String str2 = list.get(i);
                    bulkInsertPreparedStatement.setString(1, str);
                    bulkInsertPreparedStatement.setString(2, Constants.TAG);
                    bulkInsertPreparedStatement.setString(3, str2);
                    bulkInsertPreparedStatement.setInt(4, i);
                    bulkInsertPreparedStatement.addBatch();
                } catch (Exception e2) {
                    e2.printStackTrace();
                    if (bulkInsertPreparedStatement != null) {
                        try {
                            bulkInsertPreparedStatement.close();
                            return;
                        } catch (SQLException e3) {
                            e3.printStackTrace();
                            return;
                        }
                    }
                    return;
                }
            }
            bulkInsertPreparedStatement.executeBatch();
            if (bulkInsertPreparedStatement != null) {
                try {
                    bulkInsertPreparedStatement.close();
                } catch (SQLException e4) {
                    e4.printStackTrace();
                }
            }
        } catch (Throwable th) {
            if (bulkInsertPreparedStatement != null) {
                try {
                    bulkInsertPreparedStatement.close();
                } catch (SQLException e5) {
                    e5.printStackTrace();
                }
            }
            throw th;
        }
    }

    public static IRawSelectWrapper getAppMetadataWrapper(Collection<String> collection, List<String> list) {
        SelectQueryStruct selectQueryStruct = new SelectQueryStruct();
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEMETA__ENGINEID"));
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEMETA__METAKEY"));
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEMETA__METAVALUE"));
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEMETA__METAORDER"));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEMETA__ENGINEID", "==", collection));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEMETA__METAKEY", "==", list));
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEMETA__METAORDER"));
        return WrapperManager.getInstance().getRawWrapper(securityDb, selectQueryStruct);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v33, types: [java.util.List] */
    public static Map<String, Object> getAggregateAppMetadata(String str) {
        Vector vector;
        SelectQueryStruct selectQueryStruct = new SelectQueryStruct();
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEMETA__METAKEY"));
        selectQueryStruct.addSelector(new QueryColumnSelector("ENGINEMETA__METAVALUE"));
        selectQueryStruct.addExplicitFilter(SimpleQueryFilter.makeColToValFilter("ENGINEMETA__ENGINEID", "==", str));
        IRawSelectWrapper rawWrapper = WrapperManager.getInstance().getRawWrapper(securityDb, selectQueryStruct);
        HashMap hashMap = new HashMap();
        while (rawWrapper.hasNext()) {
            Object[] values = rawWrapper.next().getValues();
            String obj = values[0].toString();
            String flushClobToString = AbstractSqlQueryUtil.flushClobToString((Clob) values[1]);
            if (obj.equals(Constants.TAG)) {
                if (hashMap.containsKey("tags")) {
                    vector = (List) hashMap.get("tags");
                } else {
                    vector = new Vector();
                    hashMap.put("tags", vector);
                }
                vector.add(flushClobToString);
            } else {
                hashMap.put(obj, flushClobToString);
            }
        }
        return hashMap;
    }
}
