package eu.etaxonomy.cdm.api.application;

import eu.etaxonomy.cdm.api.service.ICommonService;
import eu.etaxonomy.cdm.api.service.IGrantedAuthorityService;
import eu.etaxonomy.cdm.api.service.IGroupService;
import eu.etaxonomy.cdm.api.service.IUserService;
import eu.etaxonomy.cdm.common.monitor.IProgressMonitor;
import eu.etaxonomy.cdm.common.monitor.NullProgressMonitor;
import eu.etaxonomy.cdm.config.Configuration;
import eu.etaxonomy.cdm.model.metadata.CdmMetaData;
import eu.etaxonomy.cdm.model.permission.CRUD;
import eu.etaxonomy.cdm.model.permission.GrantedAuthorityImpl;
import eu.etaxonomy.cdm.model.permission.Group;
import eu.etaxonomy.cdm.model.permission.PermissionClass;
import eu.etaxonomy.cdm.model.permission.User;
import eu.etaxonomy.cdm.persistence.permission.CdmAuthority;
import eu.etaxonomy.cdm.persistence.permission.Role;
import eu.etaxonomy.cdm.persistence.query.OrderHint;
import java.util.Arrays;
import java.util.EnumSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.UUID;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.transaction.PlatformTransactionManager;
import org.springframework.transaction.TransactionStatus;
import org.springframework.transaction.support.DefaultTransactionDefinition;

/* loaded from: input_file:lib/cdmlib-services-5.42.0.jar:eu/etaxonomy/cdm/api/application/FirstDataInserter.class */
public class FirstDataInserter extends AbstractDataInserter {
    private static final Logger logger = LogManager.getLogger();
    private static final EnumSet<CRUD> CREATE_READ = EnumSet.of(CRUD.CREATE, CRUD.READ);
    private static final EnumSet<CRUD> UPDATE_DELETE = EnumSet.of(CRUD.UPDATE, CRUD.DELETE);
    private static final EnumSet<CRUD> CREATE_READ_UPDATE = EnumSet.of(CRUD.CREATE, CRUD.READ, CRUD.UPDATE);
    private static final EnumSet<CRUD> CREATE_READ_UPDATE_DELETE = EnumSet.of(CRUD.CREATE, CRUD.READ, CRUD.UPDATE, CRUD.DELETE);
    public static final GrantedAuthority[] EDITOR_GROUP_AUTHORITIES = {new CdmAuthority(PermissionClass.REFERENCE, CREATE_READ), new CdmAuthority(PermissionClass.TAXONNAME, CREATE_READ_UPDATE), new CdmAuthority(PermissionClass.TEAMORPERSONBASE, CREATE_READ), new CdmAuthority(PermissionClass.TAXONBASE, CREATE_READ_UPDATE_DELETE), new CdmAuthority(PermissionClass.DESCRIPTIONBASE, CREATE_READ_UPDATE_DELETE), new CdmAuthority(PermissionClass.DESCRIPTIONELEMENTBASE, CREATE_READ_UPDATE_DELETE), new CdmAuthority(PermissionClass.SPECIMENOROBSERVATIONBASE, CREATE_READ_UPDATE_DELETE), new CdmAuthority(PermissionClass.COLLECTION, CREATE_READ_UPDATE_DELETE)};
    public static final CdmAuthority[] EDITOR_GROUP_EXTENDED_CREATE_GROUP_AUTHORITIES = {new CdmAuthority(PermissionClass.REFERENCE, CREATE_READ), new CdmAuthority(PermissionClass.TAXONNAME, CREATE_READ), new CdmAuthority(PermissionClass.TEAMORPERSONBASE, CREATE_READ), new CdmAuthority(PermissionClass.TAXONBASE, CREATE_READ), new CdmAuthority(PermissionClass.DESCRIPTIONBASE, CREATE_READ), new CdmAuthority(PermissionClass.DESCRIPTIONELEMENTBASE, CREATE_READ), new CdmAuthority(PermissionClass.SPECIMENOROBSERVATIONBASE, CREATE_READ), new CdmAuthority(PermissionClass.COLLECTION, CREATE_READ)};
    public static final GrantedAuthority[] PROJECT_MANAGER_GROUP_AUTHORITIES = {new CdmAuthority(PermissionClass.REFERENCE, UPDATE_DELETE), new CdmAuthority(PermissionClass.TAXONNAME, (EnumSet<CRUD>) EnumSet.of(CRUD.DELETE)), new CdmAuthority(PermissionClass.TEAMORPERSONBASE, UPDATE_DELETE), Role.ROLE_PROJECT_MANAGER};
    public static final CdmAuthority[] EDITOR_REFERENCE_GROUP_AUTHORITIES = {new CdmAuthority(PermissionClass.REFERENCE, UPDATE_DELETE), new CdmAuthority(PermissionClass.TEAMORPERSONBASE, UPDATE_DELETE)};
    public static final Role[] PUBLISH_GROUP_ROLES = {Role.ROLE_PUBLISH};
    public static final CdmAuthority[] EDIT_ALL_TAXA_GROUP_AUTHORITIES = {new CdmAuthority(PermissionClass.TAXONNODE, CREATE_READ_UPDATE_DELETE)};
    public static final Role[] ADMIN_GROUP_ROLES = {Role.ROLE_ADMIN};
    public static final Role[] USER_MANAGER_ROLES = {Role.ROLE_USER_MANAGER};

    @Autowired
    private ICommonService commonService;

    @Autowired
    private IUserService userService;

    @Autowired
    private IGroupService groupService;

    @Autowired
    private IGrantedAuthorityService grantedAuthorityService;
    protected PlatformTransactionManager transactionManager;
    protected DefaultTransactionDefinition txDefinition = new DefaultTransactionDefinition();
    private IProgressMonitor progressMonitor = null;
    private boolean firstDataInserted = false;

    @Autowired
    public void setTransactionManager(PlatformTransactionManager platformTransactionManager) {
        this.transactionManager = platformTransactionManager;
    }

    public FirstDataInserter() {
        this.txDefinition.setName("FirstDataInserter.insertFirstData()");
        this.txDefinition.setPropagationBehavior(0);
    }

    @Override // org.springframework.context.ApplicationListener
    public void onApplicationEvent(ContextRefreshedEvent contextRefreshedEvent) {
        if (contextRefreshedEvent.getApplicationContext() instanceof MonitoredGenericApplicationContext) {
            this.progressMonitor = ((MonitoredGenericApplicationContext) contextRefreshedEvent.getApplicationContext()).getCurrentMonitor();
        } else {
            this.progressMonitor = new NullProgressMonitor();
        }
        insertFirstData();
    }

    private void insertFirstData() {
        if (this.firstDataInserted) {
            logger.debug("insertFirstData() already executed before, skipping this time");
            return;
        }
        runAsAuthentication(Role.ROLE_ADMIN);
        TransactionStatus transaction = this.transactionManager.getTransaction(this.txDefinition);
        logger.info("inserting first data");
        checkAdminUser();
        checkDefaultGroups();
        assureRole_REMOTING_forEditors();
        checkMetadata();
        this.firstDataInserted = true;
        this.transactionManager.commit(transaction);
        restoreAuthentication();
    }

    private void checkMetadata() {
        if (this.commonService.getCdmMetaData().size() == 0) {
            this.progressMonitor.subTask("Creating Meta Data");
            createMetadata();
        }
    }

    private void checkAdminUser() {
        User findFirstUser = findFirstUser();
        if (findFirstUser == null) {
            this.progressMonitor.subTask("Creating Admin User");
            findFirstUser = createAdminUser();
        } else {
            logger.info("Assuming first user '" + findFirstUser + "' is admin.");
        }
        checkAdminRole(findFirstUser);
        this.progressMonitor.worked(1);
    }

    private void checkDefaultGroups() {
        this.progressMonitor.subTask("Checking default groups");
        checkGroup(Group.GROUP_EDITOR_UUID, Group.GROUP_EDITOR_NAME, EDITOR_GROUP_AUTHORITIES);
        checkGroup(Group.GROUP_EDITOR_EXTENDED_CREATE_UUID, Group.GROUP_EDITOR_EXTENDED_CREATE_NAME, EDITOR_GROUP_EXTENDED_CREATE_GROUP_AUTHORITIES);
        checkGroup(Group.GROUP_PROJECT_MANAGER_UUID, Group.GROUP_PROJECT_MANAGER_NAME, PROJECT_MANAGER_GROUP_AUTHORITIES);
        checkGroup(Group.GROUP_ADMIN_UUID, Group.GROUP_ADMIN_NAME, ADMIN_GROUP_ROLES);
        checkGroup(Group.GROUP_EDITOR_REFERENCE_UUID, Group.GROUP_EDITOR_REFERENCE_NAME, EDITOR_REFERENCE_GROUP_AUTHORITIES);
        checkGroup(Group.GROUP_ALLOW_ALL_TAXA_UUID, Group.GROUP_ALLOW_ALL_TAXA_NAME, EDIT_ALL_TAXA_GROUP_AUTHORITIES);
        checkGroup(Group.GROUP_PUBLISH_UUID, Group.GROUP_PUBLISH_NAME, PUBLISH_GROUP_ROLES);
        checkGroup(Group.GROUP_USER_MANAGER_UUID, Group.GROUP_USER_MANAGER_NAME, USER_MANAGER_ROLES);
        this.progressMonitor.worked(1);
    }

    private void checkGroup(UUID uuid, String str, GrantedAuthority[] grantedAuthorityArr) {
        Group load = this.groupService.load(uuid);
        if (load == null) {
            load = Group.NewInstance();
            load.setUuid(uuid);
            logger.info("New Group '" + str + "' created");
        }
        load.setName(str);
        Set<GrantedAuthority> grantedAuthorities = load.getGrantedAuthorities();
        for (GrantedAuthority grantedAuthority : grantedAuthorityArr) {
            boolean z = true;
            Iterator<GrantedAuthority> it = grantedAuthorities.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (grantedAuthority.getAuthority().equals(it.next().getAuthority())) {
                    z = false;
                    break;
                }
            }
            if (z) {
                addMissingAuthority(str, load, grantedAuthority);
            }
        }
        this.groupService.saveOrUpdate((IGroupService) load);
        logger.info("Check of group  '" + str + "' done");
    }

    private void addMissingAuthority(String str, Group group, GrantedAuthority grantedAuthority) {
        GrantedAuthorityImpl findAuthorityString = this.grantedAuthorityService.findAuthorityString(grantedAuthority.getAuthority());
        if (findAuthorityString == null) {
            findAuthorityString = GrantedAuthorityImpl.NewInstance(grantedAuthority.toString());
            if (grantedAuthority instanceof Role) {
                findAuthorityString.setUuid(((Role) grantedAuthority).getUuid());
            }
        }
        group.addGrantedAuthority(findAuthorityString);
        logger.info("New GrantedAuthority '" + grantedAuthority + "' added  to '" + str + "'");
    }

    private User findFirstUser() {
        User user = null;
        List<S> list = this.userService.list(null, 1, null, Arrays.asList(new OrderHint("id", OrderHint.SortOrder.ASCENDING)), null);
        if (list.size() > 0) {
            user = (User) list.get(0);
        }
        return user;
    }

    private User createAdminUser() {
        User NewInstance = User.NewInstance(Configuration.adminLogin, Configuration.adminPassword);
        this.userService.save(NewInstance);
        logger.info("user '" + Configuration.adminLogin + "' created.");
        return NewInstance;
    }

    private void assureRole_REMOTING_forEditors() {
        if (roleExists(Role.ROLE_REMOTING)) {
            return;
        }
        GrantedAuthorityImpl assureRole = assureRole(Role.ROLE_REMOTING);
        Group load = this.groupService.load(Group.GROUP_EDITOR_UUID);
        load.addGrantedAuthority(assureRole);
        this.groupService.saveOrUpdate((IGroupService) load);
        Group load2 = this.groupService.load(Group.GROUP_EDITOR_EXTENDED_CREATE_UUID);
        load2.addGrantedAuthority(assureRole);
        this.groupService.saveOrUpdate((IGroupService) load2);
    }

    private void checkAdminRole(User user) {
        Set<GrantedAuthority> set = (Set) user.getAuthorities();
        boolean z = false;
        Iterator<GrantedAuthority> it = set.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            } else if (it.next().getAuthority().contentEquals(Role.ROLE_ADMIN.getAuthority())) {
                z = true;
                break;
            }
        }
        if (z) {
            return;
        }
        set.add(assureRole(Role.ROLE_ADMIN));
        user.setGrantedAuthorities(set);
        this.progressMonitor.subTask("Creating Admins Role");
        this.userService.saveOrUpdate((IUserService) user);
        logger.info("Role " + Role.ROLE_ADMIN.getAuthority() + " for user '" + Configuration.adminLogin + "' created and added");
    }

    private GrantedAuthorityImpl assureRole(Role role) {
        GrantedAuthorityImpl find = this.grantedAuthorityService.find(role.getUuid());
        if (find == null) {
            find = (GrantedAuthorityImpl) this.grantedAuthorityService.save(role.asNewGrantedAuthority());
        }
        return find;
    }

    private boolean roleExists(Role role) {
        return this.grantedAuthorityService.find(role.getUuid()) != null;
    }

    private void createMetadata() {
        this.commonService.saveAllMetaData(CdmMetaData.defaultMetaData());
        logger.info("Metadata created.");
    }
}
