package pl.edu.icm.yadda.aas.proxy;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.opensaml.lite.xacml.policy.ObligationType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.edu.icm.ceon.search.model.filter.FilterDefinition;
import pl.edu.icm.ceon.search.model.query.SearchQuery;
import pl.edu.icm.yadda.aas.client.YaddaErrorAwareResult;
import pl.edu.icm.yadda.aas.handler.HeaderFieldBasedSecurityRequestHandler;
import pl.edu.icm.yadda.aas.handler.ISecurityRequestHandler;
import pl.edu.icm.yadda.aas.proxy.criterion.CriterionCreatorResponse;
import pl.edu.icm.yadda.aas.proxy.criterion.ICriterionCreatorManager;
import pl.edu.icm.yadda.aas.proxy.token.CacheEntry;
import pl.edu.icm.yadda.aas.proxy.token.TokenSecurityException;
import pl.edu.icm.yadda.service.search.query.additional.AdditionalSearchParameter;
import pl.edu.icm.yadda.service2.GenericResponse;
import pl.edu.icm.yadda.service2.GetFeaturesRequest;
import pl.edu.icm.yadda.service2.GetFeaturesResponse;
import pl.edu.icm.yadda.service2.YaddaError;
import pl.edu.icm.yadda.service2.YaddaErrorCodeConstants;
import pl.edu.icm.yadda.service2.common.ParameterRequest;
import pl.edu.icm.yadda.service2.filter.FilterConstants;
import pl.edu.icm.yadda.service2.filter.FilterProcessingContext;
import pl.edu.icm.yadda.service2.filter.FilterProcessingException;
import pl.edu.icm.yadda.service2.filter.IFilter;
import pl.edu.icm.yadda.service2.search.AddFilterDefinitionRequest;
import pl.edu.icm.yadda.service2.search.ISearchService;
import pl.edu.icm.yadda.service2.search.IndexTermsRequest;
import pl.edu.icm.yadda.service2.search.IndexTermsResponse;
import pl.edu.icm.yadda.service2.search.MoreLikeThisIndexRequest;
import pl.edu.icm.yadda.service2.search.QueryIndexesRequest;
import pl.edu.icm.yadda.service2.search.SearchIndexRequest;
import pl.edu.icm.yadda.service2.search.SearchResponse;
import pl.edu.icm.yadda.service2.search.SearchResultsResponse;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-4.0.2-SNAPSHOT.jar:pl/edu/icm/yadda/aas/proxy/FilterDefinitionBasedSecuredSearchService.class */
public class FilterDefinitionBasedSecuredSearchService extends AbstractSecuredSearchService<String, FilterDefinition> implements ISearchService {
    private ICriterionCreatorManager<FilterDefinition> criterionCreatorManager;
    private List<IFilter<QueryIndexesRequest, SearchResponse>> queryFilterEncapsulators;
    private List<IFilter<SearchIndexRequest, SearchResultsResponse>> searchFilterEncapsulators;
    protected final Logger log = LoggerFactory.getLogger(getClass());
    private final Set<String> auxQueryFilterEncapsulatorsIds = new HashSet();
    private final Set<String> auxSearchFilterEncapsulatorsIds = new HashSet();
    private ISecurityRequestHandler securityRequestHandler = new HeaderFieldBasedSecurityRequestHandler();

    public void init() {
        if (this.queryFilterEncapsulators != null) {
            Iterator<IFilter<QueryIndexesRequest, SearchResponse>> it = this.queryFilterEncapsulators.iterator();
            while (it.hasNext()) {
                this.auxQueryFilterEncapsulatorsIds.add(it.next().identify());
            }
        }
        if (this.searchFilterEncapsulators != null) {
            Iterator<IFilter<SearchIndexRequest, SearchResultsResponse>> it2 = this.searchFilterEncapsulators.iterator();
            while (it2.hasNext()) {
                this.auxSearchFilterEncapsulatorsIds.add(it2.next().identify());
            }
        }
    }

    @Override // pl.edu.icm.yadda.aas.proxy.token.TokenAwareSecuredService
    public boolean equals(CriterionCreatorResponse<FilterDefinition> criterionCreatorResponse, CriterionCreatorResponse<FilterDefinition> criterionCreatorResponse2) {
        if (criterionCreatorResponse.isAllowAll()) {
            return criterionCreatorResponse2.isAllowAll();
        }
        if (criterionCreatorResponse2.isAllowAll()) {
            return false;
        }
        return SecurityCriterionComparatorHelper.equals(criterionCreatorResponse.getSecurityCriterion(), criterionCreatorResponse2.getSecurityCriterion());
    }

    protected QueryIndexesRequest processRequest(QueryIndexesRequest queryIndexesRequest, FilterProcessingContext filterProcessingContext) throws FilterProcessingException {
        if (queryIndexesRequest.getFilterIds() != null && !queryIndexesRequest.getFilterIds().isEmpty() && this.queryFilterEncapsulators != null) {
            for (IFilter<QueryIndexesRequest, SearchResponse> iFilter : this.queryFilterEncapsulators) {
                if (queryIndexesRequest.getFilterIds().contains(iFilter.identify())) {
                    queryIndexesRequest = iFilter.preprocess(queryIndexesRequest, filterProcessingContext);
                }
            }
        }
        return queryIndexesRequest;
    }

    protected SearchResponse processResponse(SearchResponse searchResponse, FilterProcessingContext filterProcessingContext, Set<String> set) throws FilterProcessingException {
        if (set != null && !set.isEmpty() && this.queryFilterEncapsulators != null) {
            for (int size = this.queryFilterEncapsulators.size() - 1; size >= 0; size--) {
                IFilter<QueryIndexesRequest, SearchResponse> iFilter = this.queryFilterEncapsulators.get(size);
                if (set.contains(iFilter.identify())) {
                    searchResponse = iFilter.postprocess(searchResponse, filterProcessingContext);
                }
            }
        }
        return searchResponse;
    }

    protected Set<String> getUnavailaibleQueryFilters(Collection<String> collection) {
        HashSet hashSet = null;
        if (collection != null && !collection.isEmpty()) {
            for (String str : collection) {
                if (!this.auxQueryFilterEncapsulatorsIds.contains(str)) {
                    if (hashSet == null) {
                        hashSet = new HashSet();
                    }
                    hashSet.add(str);
                }
            }
        }
        return hashSet;
    }

    protected SearchResponse query(QueryIndexesRequest queryIndexesRequest, FilterProcessingContext filterProcessingContext) throws FilterProcessingException {
        Set<String> unavailaibleQueryFilters = getUnavailaibleQueryFilters(queryIndexesRequest.getFilterIds());
        if (unavailaibleQueryFilters == null) {
            return processResponse(this.search.query(processRequest(queryIndexesRequest, filterProcessingContext)), filterProcessingContext, queryIndexesRequest.getFilterIds());
        }
        throw new FilterProcessingException("following filters are unavailable: " + toString(unavailaibleQueryFilters));
    }

    protected String toString(Set<String> set) {
        StringBuffer stringBuffer = new StringBuffer();
        int i = 0;
        for (String str : set) {
            if (i > 0) {
                stringBuffer.append(", ");
            }
            stringBuffer.append(str);
            i++;
        }
        return stringBuffer.toString();
    }

    @Override // pl.edu.icm.yadda.service2.search.ISearchService
    public SearchResponse query(QueryIndexesRequest queryIndexesRequest) {
        YaddaErrorAwareResult<Set<ObligationType>> retrieveLicenseObligations = this.licAuthzFacade.retrieveLicenseObligations(this.securityRequestHandler.extract(queryIndexesRequest));
        if (retrieveLicenseObligations.getError() != null) {
            this.log.error("got error from security client: " + retrieveLicenseObligations.getError().getCode() + ", " + retrieveLicenseObligations.getError().getMssg());
            return new SearchResponse(retrieveLicenseObligations.getError());
        }
        Set<ObligationType> data = retrieveLicenseObligations.getData();
        CriterionCreatorResponse<FilterDefinition> createCriteria = this.criterionCreatorManager.createCriteria(data);
        if (createCriteria.getSecurityCriterion() != null) {
            this.search.addFilterDefinition(new AddFilterDefinitionRequest(createCriteria.getSecurityCriterion(), false));
        }
        if (queryIndexesRequest.getResumptionToken() == null) {
            if (!shouldBeProcessed(createCriteria)) {
                return new SearchResponse(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to retrieve search results!"));
            }
            if (createCriteria.getSecurityCriterion() != null) {
                if (queryIndexesRequest.getQuery() != null) {
                    queryIndexesRequest.setQuery(FilterDefinitionBasedSecuredSearchServiceHelper.mergeFilters(queryIndexesRequest.getQuery(), createCriteria.getSecurityCriterion().getFilterName(), this.search));
                } else {
                    SearchQuery searchQuery = new SearchQuery();
                    searchQuery.setFilterName(createCriteria.getSecurityCriterion().getFilterName());
                    queryIndexesRequest.setQuery(searchQuery);
                }
            }
            try {
                FilterProcessingContext filterProcessingContext = new FilterProcessingContext();
                filterProcessingContext.storeAttribute(FilterProcessingContext.ATTR_OBLIGATIONS_COLLECTION, data);
                SearchResponse query = query(queryIndexesRequest, filterProcessingContext);
                query.setResumptionToken(storeEntry(query.getResumptionToken(), createCriteria));
                return query;
            } catch (FilterProcessingException e) {
                this.log.error("Exception occured when processing filters!", (Throwable) e);
                return new SearchResponse(new YaddaError(FilterConstants.ERROR_FILTER, "Exception occured when processing filters!", e));
            }
        }
        try {
            CacheEntry cachedEntryWithSecurityCriterionCheckAndRemoval = getCachedEntryWithSecurityCriterionCheckAndRemoval(queryIndexesRequest.getResumptionToken(), createCriteria);
            if (cachedEntryWithSecurityCriterionCheckAndRemoval == null) {
                String str = "invalid resumption token: " + queryIndexesRequest.getResumptionToken();
                this.log.warn(str);
                SearchResponse searchResponse = new SearchResponse();
                searchResponse.setError(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, str));
                return searchResponse;
            }
            queryIndexesRequest.setResumptionToken((String) cachedEntryWithSecurityCriterionCheckAndRemoval.getInternalToken());
            FilterProcessingContext filterProcessingContext2 = new FilterProcessingContext();
            filterProcessingContext2.storeAttribute(FilterProcessingContext.ATTR_OBLIGATIONS_COLLECTION, data);
            SearchResponse query2 = query(queryIndexesRequest, filterProcessingContext2);
            query2.setResumptionToken(storeEntry(query2.getResumptionToken(), cachedEntryWithSecurityCriterionCheckAndRemoval.getSecurityCriterion()));
            return query2;
        } catch (TokenSecurityException e2) {
            this.log.warn("Security constraints were violated: security criteria have changed!");
            return new SearchResponse(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Security constraints were violated: security criteria have changed!", e2));
        } catch (FilterProcessingException e3) {
            this.log.error("Exception occured when processing filters!", (Throwable) e3);
            return new SearchResponse(new YaddaError(FilterConstants.ERROR_FILTER, "Exception occured when processing filters!", e3));
        }
    }

    protected boolean shouldBeProcessed(CriterionCreatorResponse<FilterDefinition> criterionCreatorResponse) {
        return criterionCreatorResponse.isAllowAll() || criterionCreatorResponse.getSecurityCriterion() != null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // pl.edu.icm.yadda.aas.proxy.token.TokenAwareSecuredService
    public String generateExternalToken(String str) {
        return System.currentTimeMillis() + "-" + this.rand.nextInt(100);
    }

    @Override // pl.edu.icm.yadda.aas.proxy.AbstractSecuredSearchService
    protected Logger getLogger() {
        return this.log;
    }

    @Override // pl.edu.icm.yadda.service2.filter.IFilterDefinitionAwareService
    public GenericResponse addFilterDefinition(AddFilterDefinitionRequest addFilterDefinitionRequest) {
        return this.search.addFilterDefinition(addFilterDefinitionRequest);
    }

    @Override // pl.edu.icm.yadda.service2.filter.IFilterDefinitionAwareService
    public GenericResponse removeFilterDefinition(ParameterRequest<String> parameterRequest) {
        return this.search.removeFilterDefinition(parameterRequest);
    }

    @Override // pl.edu.icm.yadda.service2.search.ISearchService
    public SearchResultsResponse search(SearchIndexRequest searchIndexRequest) {
        YaddaErrorAwareResult<Set<ObligationType>> retrieveLicenseObligations = this.licAuthzFacade.retrieveLicenseObligations(this.securityRequestHandler.extract(searchIndexRequest));
        if (retrieveLicenseObligations.getError() != null) {
            this.log.error("got error from security client: " + retrieveLicenseObligations.getError().getCode() + ", " + retrieveLicenseObligations.getError().getMssg());
            return new SearchResultsResponse(retrieveLicenseObligations.getError());
        }
        Set<ObligationType> data = retrieveLicenseObligations.getData();
        CriterionCreatorResponse<FilterDefinition> createCriteria = this.criterionCreatorManager.createCriteria(data);
        if (createCriteria.getSecurityCriterion() != null) {
            this.search.addFilterDefinition(new AddFilterDefinitionRequest(createCriteria.getSecurityCriterion(), false));
        }
        if (!shouldBeProcessed(createCriteria)) {
            return new SearchResultsResponse(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to retrieve search results!"));
        }
        if (createCriteria.getSecurityCriterion() != null) {
            if (searchIndexRequest.getQuery() != null) {
                searchIndexRequest.setQuery(FilterDefinitionBasedSecuredSearchServiceHelper.mergeFilters(searchIndexRequest.getQuery(), createCriteria.getSecurityCriterion().getFilterName(), this.search));
            } else {
                SearchQuery searchQuery = new SearchQuery();
                searchQuery.setFilterName(createCriteria.getSecurityCriterion().getFilterName());
                searchIndexRequest.setQuery(searchQuery);
            }
        }
        try {
            FilterProcessingContext filterProcessingContext = new FilterProcessingContext();
            filterProcessingContext.storeAttribute(FilterProcessingContext.ATTR_OBLIGATIONS_COLLECTION, data);
            return search(searchIndexRequest, filterProcessingContext);
        } catch (FilterProcessingException e) {
            this.log.error("Exception occured when processing filters!", (Throwable) e);
            return new SearchResultsResponse(new YaddaError(FilterConstants.ERROR_FILTER, "Exception occured when processing filters!", e));
        }
    }

    @Override // pl.edu.icm.yadda.service2.search.ISearchService
    public IndexTermsResponse terms(IndexTermsRequest indexTermsRequest) {
        return this.search.terms(indexTermsRequest);
    }

    protected SearchResultsResponse search(SearchIndexRequest searchIndexRequest, FilterProcessingContext filterProcessingContext) throws FilterProcessingException {
        Collection<String> extractFilterIdsAndConsume = extractFilterIdsAndConsume(searchIndexRequest);
        Set<String> unavailaibleSearchFilters = getUnavailaibleSearchFilters(extractFilterIdsAndConsume);
        if (unavailaibleSearchFilters == null) {
            return processResponse(this.search.search(processRequest(searchIndexRequest, filterProcessingContext, extractFilterIdsAndConsume)), filterProcessingContext, extractFilterIdsAndConsume);
        }
        throw new FilterProcessingException("following filters are unavailable: " + toString(unavailaibleSearchFilters));
    }

    Collection<String> extractFilterIdsAndConsume(SearchIndexRequest searchIndexRequest) {
        if (searchIndexRequest.getAdditionalParams() == null || searchIndexRequest.getAdditionalParams().length <= 0) {
            return null;
        }
        HashSet hashSet = null;
        int i = 0;
        for (int i2 = 0; i2 < searchIndexRequest.getAdditionalParams().length; i2++) {
            AdditionalSearchParameter additionalSearchParameter = searchIndexRequest.getAdditionalParams()[i2];
            if (additionalSearchParameter != null && SecurityConstants.INDEX_PARAM_SECURITY_FILTER.equals(additionalSearchParameter.getType())) {
                if (hashSet == null) {
                    hashSet = new HashSet();
                }
                hashSet.add(additionalSearchParameter.getValue());
                searchIndexRequest.getAdditionalParams()[i2] = null;
                i++;
            }
        }
        if (i > 0) {
            if (i == searchIndexRequest.getAdditionalParams().length) {
                searchIndexRequest.setAdditionalParams(null);
            } else {
                ArrayList arrayList = new ArrayList();
                for (int i3 = 0; i3 < searchIndexRequest.getAdditionalParams().length; i3++) {
                    if (searchIndexRequest.getAdditionalParams()[i3] != null) {
                        arrayList.add(searchIndexRequest.getAdditionalParams()[i3]);
                    }
                }
                searchIndexRequest.setAdditionalParams((AdditionalSearchParameter[]) arrayList.toArray(new AdditionalSearchParameter[arrayList.size()]));
            }
        }
        return hashSet;
    }

    protected Set<String> getUnavailaibleSearchFilters(Collection<String> collection) {
        HashSet hashSet = null;
        if (collection != null && !collection.isEmpty()) {
            for (String str : collection) {
                if (!this.auxSearchFilterEncapsulatorsIds.contains(str)) {
                    if (hashSet == null) {
                        hashSet = new HashSet();
                    }
                    hashSet.add(str);
                }
            }
        }
        return hashSet;
    }

    protected SearchIndexRequest processRequest(SearchIndexRequest searchIndexRequest, FilterProcessingContext filterProcessingContext, Collection<String> collection) throws FilterProcessingException {
        if (collection != null && !collection.isEmpty() && this.searchFilterEncapsulators != null) {
            for (IFilter<SearchIndexRequest, SearchResultsResponse> iFilter : this.searchFilterEncapsulators) {
                if (collection.contains(iFilter.identify())) {
                    searchIndexRequest = iFilter.preprocess(searchIndexRequest, filterProcessingContext);
                }
            }
        }
        return searchIndexRequest;
    }

    protected SearchResultsResponse processResponse(SearchResultsResponse searchResultsResponse, FilterProcessingContext filterProcessingContext, Collection<String> collection) throws FilterProcessingException {
        if (collection != null && !collection.isEmpty() && this.searchFilterEncapsulators != null) {
            for (int size = this.searchFilterEncapsulators.size() - 1; size >= 0; size--) {
                IFilter<SearchIndexRequest, SearchResultsResponse> iFilter = this.searchFilterEncapsulators.get(size);
                if (collection.contains(iFilter.identify())) {
                    searchResultsResponse = iFilter.postprocess(searchResultsResponse, filterProcessingContext);
                }
            }
        }
        return searchResultsResponse;
    }

    @Override // pl.edu.icm.yadda.aas.proxy.AbstractSecuredSearchService, pl.edu.icm.yadda.service2.IYaddaService
    public GetFeaturesResponse getFeatures(GetFeaturesRequest getFeaturesRequest) {
        GetFeaturesResponse features = super.getFeatures(getFeaturesRequest);
        if (this.queryFilterEncapsulators != null && this.queryFilterEncapsulators.size() > 0) {
            HashSet hashSet = new HashSet(this.queryFilterEncapsulators.size());
            Iterator<IFilter<QueryIndexesRequest, SearchResponse>> it = this.queryFilterEncapsulators.iterator();
            while (it.hasNext()) {
                hashSet.add(FilterConstants.FILTER_FEATURE_PREFIX + it.next().identify());
            }
            if (features == null) {
                features = new GetFeaturesResponse(hashSet);
            } else {
                features.getFeatures().addAll(hashSet);
            }
        }
        return features;
    }

    public void setCriterionCreatorManager(ICriterionCreatorManager<FilterDefinition> iCriterionCreatorManager) {
        this.criterionCreatorManager = iCriterionCreatorManager;
    }

    public void setQueryFilterEncapsulators(List<IFilter<QueryIndexesRequest, SearchResponse>> list) {
        this.queryFilterEncapsulators = list;
    }

    public void setSecurityRequestHandler(ISecurityRequestHandler iSecurityRequestHandler) {
        this.securityRequestHandler = iSecurityRequestHandler;
    }

    public void setSearchFilterEncapsulators(List<IFilter<SearchIndexRequest, SearchResultsResponse>> list) {
        this.searchFilterEncapsulators = list;
    }

    @Override // pl.edu.icm.yadda.service2.search.ISearchService
    public SearchResultsResponse search(MoreLikeThisIndexRequest moreLikeThisIndexRequest) {
        return this.search.search(moreLikeThisIndexRequest);
    }
}
