package com.vertexinc.common.fw.rba.domain;

import com.vertexinc.common.fw.rba.ipersist.AppRolePersister;
import com.vertexinc.common.fw.rba.ipersist.AppRolePersisterException;
import com.vertexinc.common.fw.sprt.ipersist.SourcePersister;
import com.vertexinc.util.error.VertexException;
import com.vertexinc.util.error.VertexInvalidParameterException;
import com.vertexinc.util.error.VertexRuntimeException;
import com.vertexinc.util.i18n.Message;
import com.vertexinc.util.log.Log;
import java.util.Map;
import java.util.Set;
import org.springframework.stereotype.Service;

/* JADX WARN: Classes with same name are omitted:
  input_file:com/vertexinc/common/fw/rba/domain/AppUserSourceRoleValidator.class
  input_file:patchedFiles.zip:lib/vertex-oseries-components-common.jar:com/vertexinc/common/fw/rba/domain/AppUserSourceRoleValidator.class
 */
@Service
/* loaded from: input_file:patchedFiles.zip:web/vertex-ws.war:WEB-INF/lib/vertex-oseries-components-common.jar:com/vertexinc/common/fw/rba/domain/AppUserSourceRoleValidator.class */
public class AppUserSourceRoleValidator {
    public static final String ROLE_IDS = "roleIds";
    public static final String CREATE_USER = "createUser";
    AppRolePersister appRolePersister = AppRolePersister.getInstance();
    SourcePersister sourcePersister = SourcePersister.getInstance();

    public void validate(Long l, Set<Long> set) {
        if (l == null && set != null && !set.isEmpty()) {
            throw new VertexInvalidParameterException(Message.format(AppUserSourceRoleValidator.class, "AppUserSourceRoleValidator.validate.invalidRole", "Roles cannot be specified for null partition Id")).target("partitionId");
        }
        if (l != null && l.longValue() > 0) {
            validateSourceId(l.longValue());
            if (set == null || set.size() <= 0) {
                throw new VertexInvalidParameterException(Message.format(AppUserSourceRoleValidator.class, "AppUserSourceRoleValidator.validate.missingRole", "Roles should be specified for partition Id " + l)).target(ROLE_IDS);
            }
            validateRoles(l.longValue(), set);
        } else if (l != null && l.longValue() < 0) {
            throw new VertexInvalidParameterException(Message.format(AppUserSourceRoleValidator.class, "AppUserSourceRoleValidator.validate.missingRole", "Partition Id should be greater than zero, {0}", l)).target(ROLE_IDS);
        }
        if (l == null || l.longValue() == 11) {
            return;
        }
        validateMasterAdministratorPermission(l, set);
    }

    public void validateMasterAdministratorPermission(Long l, Set<Long> set) {
        if (set.stream().map(l2 -> {
            try {
                return this.appRolePersister.findByPK(l2.longValue());
            } catch (AppRolePersisterException e) {
                Log.logException(this, Message.format(this, "AppUserSourceRoleValidator.validateMasterAdministratorPermission", "Unable to read role.  Contact system administrator if problem persists.  (role={0})", l2), e);
                return null;
            }
        }).anyMatch(appRole -> {
            return appRole.hasAccess("masteradministrator", AccessType.MODIFY);
        })) {
            throw new VertexInvalidParameterException(Message.format(this, "UserConfigService.validateMasterAdministratorPermission", "Unable to assign role for this partition. Master Administrator access not permitted in non-admin partition.  (partition={0})", l)).target(ROLE_IDS);
        }
    }

    private void validateRoles(long j, Set<Long> set) {
        try {
            Map<Long, AppRole> findAll = this.appRolePersister.findAll();
            if (findAll == null || findAll.isEmpty()) {
                throw new VertexRuntimeException(Message.format(AppUserSourceRoleValidator.class, "AppUserSourceRoleValidator.validateRoles.nonExistentRoles", "Cannot find roles")).target(CREATE_USER);
            }
            Set<Long> keySet = findAll.keySet();
            for (Long l : set) {
                if (!keySet.contains(l)) {
                    throw new VertexInvalidParameterException(Message.format(AppUserSourceRoleValidator.class, "AppUserSourceRoleValidator.validateRoles.nonExistentRoleId", "Role Id {0} does not exist", l)).target(CREATE_USER);
                }
            }
        } catch (VertexException e) {
            throw new VertexRuntimeException(Message.format(AppUserSourceRoleValidator.class, "AppUserSourceRoleValidator.validateRoles.findRoleError", "Error searching for roles"), e).target(CREATE_USER);
        }
    }

    private void validateSourceId(long j) {
        try {
            if (this.sourcePersister.findByPK(j) == null) {
                throw new VertexInvalidParameterException(Message.format(AppUserSourceRoleValidator.class, "AppUserSourceRoleValidator.validateSourceId.nonExistentSourceId", "Partition Id {0} does not exist", Long.valueOf(j))).target("partitionId");
            }
        } catch (VertexException e) {
            throw new VertexRuntimeException(Message.format(AppUserSourceRoleValidator.class, "AppUserSourceRoleValidator.validateSourceId.findPartitionError", "Error creating user for a partition Id {0}", Long.valueOf(j)), e).target(CREATE_USER);
        }
    }
}
