package sernet.verinice.service.commands;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.log4j.Logger;
import sernet.gs.service.TimeFormatter;
import sernet.hui.common.connect.Entity;
import sernet.hui.common.connect.Property;
import sernet.hui.common.connect.PropertyList;
import sernet.verinice.interfaces.GenericCommand;
import sernet.verinice.interfaces.IAttachmentDao;
import sernet.verinice.interfaces.IAuthAwareCommand;
import sernet.verinice.interfaces.IAuthService;
import sernet.verinice.interfaces.IBaseDao;
import sernet.verinice.model.bsi.Addition;
import sernet.verinice.model.bsi.Attachment;

/* loaded from: input_file:sernet/verinice/service/commands/LoadAttachments.class */
public class LoadAttachments extends GenericCommand implements IAuthAwareCommand {
    private transient Logger log;
    private transient IAuthService authService;
    private Integer cnAElementId;
    private List<Attachment> attachmentList;
    private String[] roles;
    private boolean isAdmin;
    private boolean isScopeOnly;
    private Integer scopeId;
    private String hql;
    private Object[] params;
    private String[] paramNames;

    public Logger getLog() {
        if (this.log == null) {
            this.log = Logger.getLogger(LoadAttachments.class);
        }
        return this.log;
    }

    public List<Attachment> getAttachmentList() {
        return this.attachmentList;
    }

    public void setAttachmentList(List<Attachment> list) {
        this.attachmentList = list;
    }

    public LoadAttachments(Integer num) {
        this.log = Logger.getLogger(LoadAttachments.class);
        this.cnAElementId = num;
    }

    public LoadAttachments(Integer num, String[] strArr, boolean z, boolean z2, Integer num2) {
        this(num);
        this.roles = strArr;
        this.isAdmin = z;
        this.isScopeOnly = z2;
        this.scopeId = num2;
    }

    @Override // sernet.verinice.interfaces.ICommand
    public void execute() {
        if (getLog().isDebugEnabled()) {
            getLog().debug("executing, id is: " + getCnAElementId() + "...");
        }
        long currentTimeMillis = System.currentTimeMillis();
        fillAttachmentList();
        if (getLog().isDebugEnabled()) {
            getLog().debug("number of attachments found: " + this.attachmentList.size());
        }
        initializeAttachmentList();
        setAttachmentList(this.attachmentList);
        if (getLog().isDebugEnabled()) {
            getLog().debug("It takes :\t" + TimeFormatter.getHumanRedableTime(System.currentTimeMillis() - currentTimeMillis) + " to load " + this.attachmentList.size() + " attachments");
        }
    }

    private void fillAttachmentList() {
        String username = getAuthService().getUsername();
        IAttachmentDao attachmentDao = getDaoFactory().getAttachmentDao();
        if (getCnAElementId() == null && isPermissionHandlingNeeded(username)) {
            fillPermissonHandled();
        } else {
            this.attachmentList = attachmentDao.loadAttachmentList(getCnAElementId());
        }
    }

    private void initializeAttachmentList() {
        Iterator<Attachment> it = this.attachmentList.iterator();
        while (it.hasNext()) {
            Entity entity = it.next().getEntity();
            if (entity != null) {
                Iterator it2 = entity.getTypedPropertyLists().values().iterator();
                while (it2.hasNext()) {
                    Iterator it3 = ((PropertyList) it2.next()).getProperties().iterator();
                    while (it3.hasNext()) {
                        ((Property) it3.next()).setParent(entity);
                    }
                }
            }
        }
    }

    private void fillPermissonHandled() {
        IBaseDao dao = getDaoFactory().getDAO(Addition.TYPE_ID);
        this.hql = getQuery();
        this.attachmentList = new ArrayList();
        for (Object obj : dao.findByQuery(this.hql, this.paramNames, this.params)) {
            if (obj instanceof Attachment) {
                this.attachmentList.add((Attachment) obj);
            }
        }
    }

    private String getQuery() {
        StringBuilder sb = new StringBuilder();
        sb.append("from Addition addition ");
        sb.append("where addition.cnATreeElementId IN ( ");
        sb.append("select elmt.dbId from CnATreeElement elmt ");
        if (this.isScopeOnly && this.isAdmin) {
            sb.append(" where elmt.scopeId = :scopeId)");
            this.hql = sb.toString();
            this.params = new Object[]{this.scopeId};
            this.paramNames = new String[]{"scopeId"};
        } else {
            sb.append(getPermissionHandlingQueryPart());
        }
        return sb.toString();
    }

    private String getPermissionHandlingQueryPart() {
        StringBuilder sb = new StringBuilder();
        sb.append("inner join elmt.permissions as perm ");
        sb.append("where elmt.dbId IN ( ");
        sb.append("select ad.cnATreeElementId from Addition ad ) ");
        if (this.isScopeOnly) {
            sb.append(" and elmt.scopeId = :scopeId");
        }
        sb.append(" and perm.role IN (:roles) ");
        sb.append(" and perm.readAllowed = :readAllowed )");
        this.hql = sb.toString();
        if (this.isScopeOnly) {
            this.params = new Object[]{this.scopeId, this.roles, true};
            this.paramNames = new String[]{"scopeId", "roles", "readAllowed"};
        } else {
            this.paramNames = new String[]{"roles", "readAllowed"};
            this.params = new Object[]{this.roles, true};
        }
        return sb.toString();
    }

    private boolean isPermissionHandlingNeeded(String str) {
        return getAuthService().isPermissionHandlingNeeded() && !getAuthService().getAdminUsername().equals(str) && (!this.isAdmin || this.isScopeOnly);
    }

    public void setCnAElementId(Integer num) {
        this.cnAElementId = num;
    }

    public Integer getCnAElementId() {
        return this.cnAElementId;
    }

    @Override // sernet.verinice.interfaces.IAuthAwareCommand
    public IAuthService getAuthService() {
        return this.authService;
    }

    @Override // sernet.verinice.interfaces.IAuthAwareCommand
    public void setAuthService(IAuthService iAuthService) {
        this.authService = iAuthService;
    }
}
