package fi.vm.sade.generic.ui.app;

import fi.vm.sade.generic.ui.portlet.security.AccessRight;
import fi.vm.sade.generic.ui.portlet.security.User;
import fi.vm.sade.haku.virkailija.lomakkeenhallinta.util.OppijaConstants;
import fi.vm.sade.security.SadeUserDetailsWrapper;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.LocaleUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:WEB-INF/lib/generic-common-9.3-SNAPSHOT.jar:fi/vm/sade/generic/ui/app/UserLiferayImpl.class */
public class UserLiferayImpl implements User {
    private static final long serialVersionUID = 1;
    public static final String DEFAULT_LOCALE = "fi_FI";
    private HttpServletRequest servletRequest;
    private Authentication authentication;

    @Value("${auth.mode:cas}")
    private String authMode;
    protected final Logger log = LoggerFactory.getLogger(getClass());
    private List<AccessRight> rawAccessRights = new ArrayList();
    private Set<String> organisations = new HashSet();

    public UserLiferayImpl(HttpServletRequest httpServletRequest) {
        this.servletRequest = httpServletRequest;
        SecurityContext context = SecurityContextHolder.getContext();
        if (context != null && context.getAuthentication() != null) {
            this.authentication = context.getAuthentication();
            this.log.warn("building user from spring security authentication object: " + this.authentication);
            initSupportForOldAuthzFromSpringAuthentication();
        } else if ("dev".equals(this.authMode)) {
            Set<GrantedAuthority> buildMockAuthorities = buildMockAuthorities();
            this.log.warn("building mock user: 1.2.246.562.24.00000000001, authorities: " + buildMockAuthorities);
            this.authentication = new TestingAuthenticationToken("1.2.246.562.24.00000000001", "1.2.246.562.24.00000000001", new ArrayList(buildMockAuthorities));
            initSupportForOldAuthzFromSpringAuthentication();
        }
    }

    @Deprecated
    public static Set<GrantedAuthority> buildMockAuthorities() {
        HashSet hashSet = new HashSet();
        String[] strArr = {"READ", "READ_UPDATE", "CRUD"};
        for (String str : new String[]{"ANOMUSTENHALLINTA", "ORGANISAATIOHALLINTA", "HENKILONHALLINTA", "KOODISTO", "KOOSTEROOLIENHALLINTA", "OID", "OMATTIEDOT", "ORGANISAATIOHALLINTA", "TARJONTA", "SIJOITTELU", "VALINTAPERUSTEET", "VALINTOJENTOTEUTTAMINEN", "HAKEMUS"}) {
            for (String str2 : strArr) {
                SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority("ROLE_APP_" + str + "_" + str2);
                SimpleGrantedAuthority simpleGrantedAuthority2 = new SimpleGrantedAuthority("ROLE_APP_" + str + "_" + str2 + "_" + OppijaConstants.ROOT_ORGANIZATION_OID);
                hashSet.add(simpleGrantedAuthority);
                hashSet.add(simpleGrantedAuthority2);
            }
        }
        return hashSet;
    }

    private void initSupportForOldAuthzFromSpringAuthentication() {
        AccessRight accessRight;
        Iterator<? extends GrantedAuthority> it = this.authentication.getAuthorities().iterator();
        while (it.hasNext()) {
            String authority = it.next().getAuthority();
            String[] split = authority.split("_");
            if (split.length == 5 || split.length == 6) {
                if (split.length == 5) {
                    accessRight = new AccessRight(split[4], split[3].toUpperCase(), split[2].toUpperCase());
                } else {
                    if (split.length != 6) {
                        throw new RuntimeException("cannot parse usergroup to accessright: " + authority);
                    }
                    accessRight = new AccessRight(split[5], (split[3] + "_" + split[4]).toUpperCase(), split[2].toUpperCase());
                }
                if (!"UPDATE".equalsIgnoreCase(accessRight.getOrganizatioOid())) {
                    this.rawAccessRights.add(accessRight);
                    this.organisations.add(accessRight.getOrganizatioOid());
                }
            }
        }
    }

    @Override // fi.vm.sade.generic.ui.portlet.security.User
    @Deprecated
    public boolean isUserInRole(String str) {
        if (this.servletRequest != null) {
            return this.servletRequest.isUserInRole(str);
        }
        return false;
    }

    @Override // fi.vm.sade.generic.ui.portlet.security.User
    public String getOid() {
        return getAuthentication().getName();
    }

    @Override // fi.vm.sade.generic.ui.portlet.security.User
    public List<AccessRight> getRawAccessRights() {
        return this.rawAccessRights;
    }

    @Override // fi.vm.sade.generic.ui.portlet.security.User
    public Locale getLang() {
        String str = null;
        if (SecurityContextHolder.getContext().getAuthentication().getPrincipal() instanceof SadeUserDetailsWrapper) {
            str = ((SadeUserDetailsWrapper) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getLang();
        }
        return str != null ? LocaleUtils.toLocale(str) : LocaleUtils.toLocale("fi_FI");
    }

    @Override // fi.vm.sade.generic.ui.portlet.security.User
    public Set<String> getOrganisations() {
        return this.organisations;
    }

    @Override // fi.vm.sade.generic.ui.portlet.security.User
    public Set<String> getOrganisationsHierarchy() {
        return getOrganisations();
    }

    @Override // fi.vm.sade.generic.ui.portlet.security.User
    public Authentication getAuthentication() {
        return this.authentication;
    }

    public HttpServletRequest getServletRequest() {
        return this.servletRequest;
    }

    public Object getGlobalSessionAttribute(String str) {
        return this.servletRequest.getSession().getAttribute(str);
    }

    public Enumeration<String> getGlobalSessionAttributeNames() {
        return this.servletRequest.getSession().getAttributeNames();
    }
}
