package org.squashtest.tm.service.internal.profile;

import java.util.List;
import java.util.Set;
import javax.persistence.EntityNotFoundException;
import javax.validation.constraints.NotNull;
import org.jooq.DSLContext;
import org.jooq.Field;
import org.jooq.TableField;
import org.jooq.impl.DSL;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.squashtest.tm.aspect.validation.NotNullValidatorAspect;
import org.squashtest.tm.core.foundation.feature.ExperimentalFeature;
import org.squashtest.tm.domain.acl.AclGroup;
import org.squashtest.tm.domain.actionword.ActionWordLibrary;
import org.squashtest.tm.domain.project.Project;
import org.squashtest.tm.domain.requirement.RequirementLibrary;
import org.squashtest.tm.domain.testcase.TestCaseLibrary;
import org.squashtest.tm.exception.NameAlreadyInUseException;
import org.squashtest.tm.exception.profile.CannotDeleteProfileException;
import org.squashtest.tm.jooq.domain.Tables;
import org.squashtest.tm.jooq.domain.tables.records.AclGroupPermissionRecord;
import org.squashtest.tm.jooq.domain.tables.records.AclGroupRecord;
import org.squashtest.tm.jooq.domain.tables.records.AclResponsibilityScopeEntryRecord;
import org.squashtest.tm.service.annotation.IsUltimateLicenseAvailable;
import org.squashtest.tm.service.audit.AuditModificationService;
import org.squashtest.tm.service.feature.experimental.ExperimentalFeatureManager;
import org.squashtest.tm.service.internal.display.dto.NewProfileDto;
import org.squashtest.tm.service.internal.display.dto.ProfileActivePermissionsRecord;
import org.squashtest.tm.service.internal.repository.ProfileDao;
import org.squashtest.tm.service.profile.ProfileManagerService;
import org.squashtest.tm.service.security.Authorizations;
import org.squashtest.tm.service.security.acls.model.ObjectAclService;

@Transactional
@Service
/* loaded from: input_file:WEB-INF/lib/tm.service-9.0.0.RC3.jar:org/squashtest/tm/service/internal/profile/ProfileManagerServiceImpl.class */
public class ProfileManagerServiceImpl implements ProfileManagerService {
    private static final String PROFILE_WITH_ID = "Profile with id";
    private final ProfileDao profileDao;
    private final DSLContext dslContext;
    private final ObjectAclService aclService;
    private final AuditModificationService auditModificationService;
    private final ExperimentalFeatureManager experimentalFeatureManager;

    public ProfileManagerServiceImpl(ProfileDao profileDao, DSLContext dSLContext, ObjectAclService objectAclService, AuditModificationService auditModificationService, ExperimentalFeatureManager experimentalFeatureManager) {
        this.profileDao = profileDao;
        this.dslContext = dSLContext;
        this.aclService = objectAclService;
        this.auditModificationService = auditModificationService;
        this.experimentalFeatureManager = experimentalFeatureManager;
    }

    @Override // org.squashtest.tm.service.profile.ProfileManagerService
    @PreAuthorize(Authorizations.HAS_ROLE_ADMIN)
    @IsUltimateLicenseAvailable
    public long persist(NewProfileDto newProfileDto) {
        String qualifiedName = newProfileDto.getQualifiedName();
        if (nameInUse(qualifiedName)) {
            throw new NameAlreadyInUseException(AclGroup.class.getSimpleName(), qualifiedName);
        }
        AclGroup profile = newProfileDto.toProfile();
        this.profileDao.save(profile);
        insertPermissionsFromReferenceProfile(profile.getId().longValue(), newProfileDto.getReferenceProfileId());
        return profile.getId().longValue();
    }

    private void insertPermissionsFromReferenceProfile(long j, long j2) {
        this.dslContext.insertInto(Tables.ACL_GROUP_PERMISSION, Tables.ACL_GROUP_PERMISSION.ACL_GROUP_ID, Tables.ACL_GROUP_PERMISSION.PERMISSION_MASK, Tables.ACL_GROUP_PERMISSION.CLASS_ID).select(this.dslContext.select(DSL.val(j), Tables.ACL_GROUP_PERMISSION.PERMISSION_MASK, Tables.ACL_GROUP_PERMISSION.CLASS_ID).from(Tables.ACL_GROUP_PERMISSION).where(Tables.ACL_GROUP_PERMISSION.ACL_GROUP_ID.eq((TableField<AclGroupPermissionRecord, Long>) Long.valueOf(j2)))).execute();
    }

    @Override // org.squashtest.tm.service.profile.ProfileManagerService
    @PreAuthorize(Authorizations.HAS_ROLE_ADMIN)
    public void deleteProfile(long j) {
        AclGroup orElseThrow = this.profileDao.findById(Long.valueOf(j)).orElseThrow(() -> {
            return new EntityNotFoundException(String.format("%S %d %S", PROFILE_WITH_ID, Long.valueOf(j), "doesn't exist."));
        });
        orElseThrow.checkAndForbidOperationForDefaultSystemProfile();
        if (this.profileDao.isProfileUsed(j)) {
            throw new CannotDeleteProfileException();
        }
        this.dslContext.deleteFrom(Tables.ACL_GROUP_PERMISSION).where(Tables.ACL_GROUP_PERMISSION.ACL_GROUP_ID.eq((TableField<AclGroupPermissionRecord, Long>) Long.valueOf(j))).execute();
        this.profileDao.delete(orElseThrow);
    }

    @Override // org.squashtest.tm.service.profile.ProfileManagerService
    @PreAuthorize(Authorizations.HAS_ROLE_ADMIN)
    @IsUltimateLicenseAvailable
    public void changeDescription(long j, String str) {
        findById(j).setDescription(str);
    }

    @Override // org.squashtest.tm.service.profile.ProfileManagerService
    @PreAuthorize(Authorizations.HAS_ROLE_ADMIN)
    @IsUltimateLicenseAvailable
    public void changeName(long j, @NotNull String str) {
        NotNullValidatorAspect.aspectOf().ajc$before$org_squashtest_tm_aspect_validation_NotNullValidatorAspect$2$7531eba5(str);
        AclGroup findById = findById(j);
        if (str.equals(findById.getQualifiedName())) {
            return;
        }
        if (nameInUse(str)) {
            throw new NameAlreadyInUseException(AclGroup.class.getSimpleName(), str);
        }
        findById.setQualifiedName(str);
    }

    @Override // org.squashtest.tm.service.profile.ProfileManagerService
    @PreAuthorize(Authorizations.HAS_ROLE_ADMIN)
    public void deactivateProfile(long j) {
        findById(j).setActive(false);
    }

    @Override // org.squashtest.tm.service.profile.ProfileManagerService
    @PreAuthorize(Authorizations.HAS_ROLE_ADMIN)
    public void activateProfile(long j) {
        findById(j).setActive(true);
    }

    @Override // org.squashtest.tm.service.profile.ProfileManagerService
    @PreAuthorize(Authorizations.HAS_ROLE_ADMIN)
    @IsUltimateLicenseAvailable
    public void changePermissions(long j, List<ProfileActivePermissionsRecord> list) {
        AclGroup findById = findById(j);
        findById.checkAndForbidOperationForDefaultSystemProfile();
        if (!this.experimentalFeatureManager.isEnabled(ExperimentalFeature.CONFIGURE_PROFILES)) {
            Set of = Set.of(Project.class.getName(), RequirementLibrary.class.getName(), TestCaseLibrary.class.getName(), ActionWordLibrary.class.getName());
            list = list.stream().filter(profileActivePermissionsRecord -> {
                return of.contains(profileActivePermissionsRecord.className());
            }).toList();
        }
        this.profileDao.updatePermissions(j, list);
        this.aclService.refreshAcls();
        this.auditModificationService.updateAuditable(findById);
    }

    private AclGroup findById(long j) {
        return this.profileDao.findById(Long.valueOf(j)).orElseThrow(() -> {
            return new EntityNotFoundException(String.format("%s %d %S", PROFILE_WITH_ID, Long.valueOf(j), "doesn't exist."));
        });
    }

    private boolean nameInUse(String str) {
        return this.dslContext.fetchExists(this.dslContext.select(Tables.ACL_GROUP.ID).from(Tables.ACL_GROUP).where(Tables.ACL_GROUP.QUALIFIED_NAME.eq((TableField<AclGroupRecord, String>) str)));
    }

    @Override // org.squashtest.tm.service.profile.ProfileManagerService
    @PreAuthorize(Authorizations.HAS_ROLE_ADMIN)
    @IsUltimateLicenseAvailable
    public void transferAuthorizations(long j, long j2) {
        this.dslContext.update(Tables.ACL_RESPONSIBILITY_SCOPE_ENTRY).set((Field<TableField<AclResponsibilityScopeEntryRecord, Long>>) Tables.ACL_RESPONSIBILITY_SCOPE_ENTRY.ACL_GROUP_ID, (TableField<AclResponsibilityScopeEntryRecord, Long>) Long.valueOf(j2)).where(Tables.ACL_RESPONSIBILITY_SCOPE_ENTRY.ACL_GROUP_ID.eq((TableField<AclResponsibilityScopeEntryRecord, Long>) Long.valueOf(j))).execute();
        this.aclService.refreshAcls();
    }
}
