package com.hypersocket.permissions;

import com.hypersocket.properties.ResourceKeyRestriction;
import com.hypersocket.properties.ResourceUtils;
import com.hypersocket.realm.Principal;
import com.hypersocket.realm.PrincipalType;
import com.hypersocket.realm.Realm;
import com.hypersocket.realm.RealmRestriction;
import com.hypersocket.realm.RealmService;
import com.hypersocket.repository.CriteriaConfiguration;
import com.hypersocket.repository.DeletedCriteria;
import com.hypersocket.repository.DistinctRootEntity;
import com.hypersocket.resource.AbstractResourceRepositoryImpl;
import com.hypersocket.resource.AssignableResource;
import com.hypersocket.resource.Resource;
import com.hypersocket.resource.ResourceException;
import com.hypersocket.resource.TransactionOperation;
import com.hypersocket.tables.ColumnSort;
import com.hypersocket.util.EmptyIterator;
import com.hypersocket.util.PagedIterator;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.hibernate.Criteria;
import org.hibernate.FetchMode;
import org.hibernate.Query;
import org.hibernate.criterion.CriteriaSpecification;
import org.hibernate.criterion.Restrictions;
import org.springframework.stereotype.Repository;
import org.springframework.transaction.TransactionStatus;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.transaction.support.TransactionCallback;

@Repository
/* loaded from: input_file:com/hypersocket/permissions/PermissionRepositoryImpl.class */
public class PermissionRepositoryImpl extends AbstractResourceRepositoryImpl<Role> implements PermissionRepository {
    CriteriaConfiguration JOIN_PERMISSIONS = new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.1
        @Override // com.hypersocket.repository.CriteriaConfiguration
        public void configure(Criteria criteria) {
            criteria.setFetchMode("permissions", FetchMode.SELECT);
            criteria.setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY);
        }
    };
    CriteriaConfiguration JOIN_PRINCIPALS_PERMISSIONS = new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.2
        @Override // com.hypersocket.repository.CriteriaConfiguration
        public void configure(Criteria criteria) {
            criteria.setFetchMode("permissions", FetchMode.SELECT);
            criteria.setFetchMode("principals", FetchMode.SELECT);
            criteria.setFetchMode(RealmService.MODULE, FetchMode.SELECT);
            criteria.setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY);
        }
    };
    CriteriaConfiguration JOIN_ROLES = new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.3
        @Override // com.hypersocket.repository.CriteriaConfiguration
        public void configure(Criteria criteria) {
            criteria.setFetchMode("roles", FetchMode.SELECT);
            criteria.setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY);
        }
    };

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public PermissionCategory createCategory(String str, String str2) {
        PermissionCategory permissionCategory = new PermissionCategory();
        permissionCategory.setResourceBundle(str);
        permissionCategory.setResourceKey(str2);
        save(permissionCategory);
        flush();
        return permissionCategory;
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public Permission createPermission(String str, boolean z, PermissionCategory permissionCategory, boolean z2) {
        Permission permission = new Permission();
        permission.setResourceKey(str);
        permission.setCategory(permissionCategory);
        permission.setHidden(z2);
        permission.setSystem(z);
        save(permission);
        flush();
        refresh(permission);
        return permission;
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public Permission updatePermission(String str, boolean z, PermissionCategory permissionCategory, boolean z2) {
        Permission permission = (Permission) get("resourceKey", str, Permission.class, new CriteriaConfiguration[0]);
        permission.setResourceKey(str);
        permission.setCategory(permissionCategory);
        permission.setHidden(z2);
        permission.setSystem(z);
        save(permission);
        flush();
        refresh(permission);
        return permission;
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public Role createRole(String str, Realm realm, RoleType roleType) {
        return createRole(str, realm, false, false, false, false, roleType);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public Role createRole(String str, Realm realm, boolean z, boolean z2, boolean z3, boolean z4, RoleType roleType) {
        Role role = new Role();
        role.setName(str);
        role.setRealm(realm);
        role.setPermissionRealms(new HashSet(Arrays.asList(realm)));
        role.setResourceCategory("role");
        role.setPersonalRole(Boolean.valueOf(z));
        role.setAllUsers(z2);
        role.setAllPermissions(z3);
        role.setSystem(z4);
        role.setType(roleType);
        return (Role) save(role);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void updateRole(Role role, Set<Principal> set, Set<Principal> set2, Set<Permission> set3, Set<Permission> set4, Map<String, String> map, TransactionOperation<Role>... transactionOperationArr) throws ResourceException {
        if (StringUtils.isBlank(role.getResourceCategory())) {
            role.setResourceCategory("role");
        }
        saveResource(role, map, transactionOperationArr);
        unassignRole(role, (Principal[]) set.toArray(new Principal[0]));
        assignRole(role, (Principal[]) set2.toArray(new Principal[0]));
        revokePermission(role, set3);
        grantPermissions(role, set4);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void saveRole(Role role, Realm realm, Principal[] principalArr, Collection<Permission> collection, Map<String, String> map, TransactionOperation<Role>... transactionOperationArr) throws ResourceException {
        if (StringUtils.isBlank(role.getResourceCategory())) {
            role.setResourceCategory("role");
        }
        saveResource(role, map, transactionOperationArr);
        assignRole(role, principalArr);
        grantPermissions(role, collection);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void createRole(String str, Realm realm, boolean z, boolean z2, boolean z3, boolean z4, Set<Permission> set, Map<String, String> map, RoleType roleType) throws ResourceException {
        Role createRole = createRole(str, realm, z, z2, z3, z4, roleType);
        createRole.setPermissions(set);
        saveResource(createRole, map, new TransactionOperation[0]);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public PermissionCategory getCategoryByKey(String str, String str2) {
        return (PermissionCategory) get("resourceBundle", str, PermissionCategory.class, new ResourceKeyRestriction(str2), new DistinctRootEntity());
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public PermissionCategory getCategoryById(Long l) {
        return getCategory("id", l);
    }

    protected PermissionCategory getCategory(String str, Object obj) {
        return (PermissionCategory) get(str, obj, PermissionCategory.class, this.JOIN_PERMISSIONS);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Permission getPermissionByResourceKey(String str) {
        return getPermission("resourceKey", str);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Permission getPermissionById(Long l) {
        return getPermission("id", l);
    }

    protected Permission getPermission(String str, Object obj) {
        return (Permission) get(str, obj, Permission.class, this.JOIN_ROLES);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Role getRoleByName(String str, Realm realm) {
        return (Role) get("name", str, Role.class, this.JOIN_PRINCIPALS_PERMISSIONS, new RealmRestriction(realm));
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Role getRoleById(Long l) {
        return (Role) get("id", l, Role.class, this.JOIN_PRINCIPALS_PERMISSIONS);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void grantPermission(Role role, Permission permission) {
        role.getPermissions().add(permission);
        save(role);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void revokePermission(Role role, Permission permission) {
        role.getPermissions().remove(permission);
        save(role);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void grantPermissions(Role role, Collection<Permission> collection) {
        role.getPermissions().addAll(collection);
        save(role);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void revokePermission(Role role, Collection<Permission> collection) {
        role.getPermissions().removeAll(collection);
        save(role);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void deleteCategory(PermissionCategory permissionCategory) {
        delete(permissionCategory);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void deletePermission(Permission permission) {
        delete(permission);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void deleteRole(Role role) {
        delete(role);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public List<PermissionCategory> getAllCatgories() {
        return allEntities(PermissionCategory.class, this.JOIN_PERMISSIONS);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public List<Permission> getAllPermissions(final Set<Long> set, final boolean z) {
        return allEntities(Permission.class, new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.4
            @Override // com.hypersocket.repository.CriteriaConfiguration
            public void configure(Criteria criteria) {
                if (z) {
                    criteria.add(Restrictions.in("id", set));
                } else {
                    criteria.add(Restrictions.and(Restrictions.eq(RealmService.SYSTEM_PRINCIPAL, false), Restrictions.in("id", set)));
                }
            }
        }, this.JOIN_ROLES);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void saveRole(Role role) {
        if (StringUtils.isBlank(role.getResourceCategory())) {
            role.setResourceCategory("role");
        }
        save(role);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void assignRole(Role role, Principal... principalArr) {
        for (Principal principal : principalArr) {
            role.getPrincipals().add(principal);
        }
        save(role);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public void unassignRole(Role role, Principal... principalArr) {
        for (Principal principal : principalArr) {
            role.getPrincipals().remove(principal);
        }
        save(role);
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Set<Permission> getDelegatedPrincipalPermissions(Realm realm, Collection<Principal> collection, PermissionType... permissionTypeArr) {
        if (collection == null) {
            return new HashSet();
        }
        Criteria resultTransformer = createCriteria(Permission.class).setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY);
        ArrayList arrayList = new ArrayList();
        for (PermissionType permissionType : permissionTypeArr) {
            arrayList.add(permissionType.getResourceKey());
        }
        if (arrayList.size() > 0) {
            resultTransformer = resultTransformer.add(Restrictions.in("resourceKey", arrayList));
        }
        ArrayList arrayList2 = new ArrayList();
        Iterator<Principal> it = collection.iterator();
        while (it.hasNext()) {
            arrayList2.add(it.next().getId());
        }
        Criteria createCriteria = resultTransformer.createCriteria("roles");
        createCriteria.createCriteria(RealmService.MODULE).add(Restrictions.in("id", Arrays.asList(realm.getId())));
        return new HashSet(createCriteria.createCriteria("principals").add(Restrictions.in("id", arrayList2)).list());
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Set<Permission> getPrincipalPermissions(Collection<Principal> collection, PermissionType... permissionTypeArr) {
        if (collection == null) {
            return new HashSet();
        }
        Criteria resultTransformer = createCriteria(Permission.class).setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY);
        ArrayList arrayList = new ArrayList();
        for (PermissionType permissionType : permissionTypeArr) {
            arrayList.add(permissionType.getResourceKey());
        }
        if (arrayList.size() > 0) {
            resultTransformer = resultTransformer.add(Restrictions.in("resourceKey", arrayList));
        }
        ArrayList arrayList2 = new ArrayList();
        Iterator<Principal> it = collection.iterator();
        while (it.hasNext()) {
            arrayList2.add(it.next().getId());
        }
        Criteria createCriteria = resultTransformer.createCriteria("roles");
        createCriteria.add(Restrictions.isEmpty(RealmService.MODULE));
        return new HashSet(createCriteria.createCriteria("principals").add(Restrictions.in("id", arrayList2)).list());
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Set<Principal> getPrincipalsWithPermissions(PermissionType permissionType) {
        return new HashSet(createCriteria(Principal.class).add(Restrictions.eq("deleted", false)).setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY).createCriteria("roles").createCriteria("permissions").add(Restrictions.eq("resourceKey", permissionType.getResourceKey())).list());
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Set<Role> getRolesWithPermissions(PermissionType permissionType) {
        return new HashSet(createCriteria(Role.class).setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY).createCriteria("permissions").add(Restrictions.eq("resourceKey", permissionType.getResourceKey())).list());
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Set<Role> getRolesWithPermissions(Permission permission) {
        return new HashSet(createCriteria(Role.class).setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY).createCriteria("permissions").add(Restrictions.eq("resourceKey", permission.getResourceKey())).list());
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Set<Principal> getPrincipalsWithPermissions(Permission permission) {
        return new HashSet(createCriteria(Principal.class).setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY).createCriteria("roles").createCriteria("permissions").add(Restrictions.eq("resourceKey", permission.getResourceKey())).list());
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public List<Role> getRolesForRealm(Realm realm) {
        return allEntities(Role.class, this.JOIN_PRINCIPALS_PERMISSIONS, new RealmRestriction(realm), new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.5
            @Override // com.hypersocket.repository.CriteriaConfiguration
            public void configure(Criteria criteria) {
                criteria.add(Restrictions.eq("hidden", false));
            }
        });
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public List<Role> searchRoles(final Realm realm, String str, String str2, int i, int i2, ColumnSort[] columnSortArr, final boolean z, final RoleType... roleTypeArr) {
        return search(Role.class, str2, str, i, i2, columnSortArr, new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.6
            @Override // com.hypersocket.repository.CriteriaConfiguration
            public void configure(Criteria criteria) {
                criteria.add(Restrictions.eq("hidden", false));
                criteria.setFetchMode("permissions", FetchMode.SELECT);
                criteria.setFetchMode("principals", FetchMode.SELECT);
                criteria.setFetchMode("resources", FetchMode.SELECT);
                criteria.setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY);
                if (z) {
                    criteria.createAlias("realm", "r");
                    if (realm.isSystem()) {
                        criteria.add(Restrictions.or(Restrictions.eq("realm", realm), Restrictions.eq("r.publicRealm", Boolean.TRUE)));
                    } else {
                        criteria.add(Restrictions.or(Restrictions.eq("realm", realm), Restrictions.and(Restrictions.eq("r.parent", realm), Restrictions.eq("r.publicRealm", Boolean.TRUE))));
                    }
                } else {
                    criteria.add(Restrictions.eq("realm", realm));
                }
                criteria.add(Restrictions.or(Restrictions.isNull("type"), Restrictions.in("type", roleTypeArr)));
            }
        });
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Long countRoles(final Realm realm, String str, String str2, final boolean z, final RoleType... roleTypeArr) {
        return getCount(Role.class, str2, str, new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.7
            @Override // com.hypersocket.repository.CriteriaConfiguration
            public void configure(Criteria criteria) {
                criteria.setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY);
                criteria.add(Restrictions.eq("hidden", false));
                if (z) {
                    criteria.createAlias("realm", "r");
                    if (realm.isSystem()) {
                        criteria.add(Restrictions.or(Restrictions.eq("realm", realm), Restrictions.eq("r.publicRealm", Boolean.TRUE)));
                    } else {
                        criteria.add(Restrictions.or(Restrictions.eq("realm", realm), Restrictions.and(Restrictions.eq("r.parent", realm), Restrictions.eq("r.publicRealm", Boolean.TRUE))));
                    }
                } else {
                    criteria.add(Restrictions.eq("realm", realm));
                }
                criteria.add(Restrictions.or(Restrictions.isNull("type"), Restrictions.in("type", roleTypeArr)));
            }
        });
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public List<Permission> getPermissionsByCategory(final PermissionCategory permissionCategory) {
        return allEntities(Permission.class, this.JOIN_ROLES, new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.8
            @Override // com.hypersocket.repository.CriteriaConfiguration
            public void configure(Criteria criteria) {
                criteria.add(Restrictions.eq("category", permissionCategory));
            }
        });
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional
    public Role createPersonalRole(Principal principal) {
        Role createRole = createRole(principal.getRealm().getName() + "/" + principal.getPrincipalName(), principal.getRealm(), true, false, false, false, principal.getType() == PrincipalType.USER ? RoleType.USER : RoleType.GROUP);
        createRole.setPrincipalName(principal.getPrincipalName());
        assignRole(createRole, principal);
        return createRole;
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Role getPersonalRole(Principal principal) {
        HashSet hashSet = new HashSet(createCriteria(Role.class).setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY).add(Restrictions.eq("personalRole", true)).createCriteria("principals").add(Restrictions.in("id", Arrays.asList(principal.getId()))).list());
        if (hashSet.isEmpty()) {
            return null;
        }
        return (Role) hashSet.iterator().next();
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Set<Role> getPersonalRoles(Realm realm) {
        Criteria add = createCriteria(Role.class).setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY).add(Restrictions.eq("personalRole", true));
        add.createCriteria(RealmService.MODULE).add(Restrictions.in("id", Arrays.asList(realm.getId())));
        return new HashSet(add.list());
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    public long getAssignableResourceCount(final Principal principal) {
        return getCount(AssignableResource.class, new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.9
            @Override // com.hypersocket.repository.CriteriaConfiguration
            public void configure(Criteria criteria) {
                criteria.createCriteria("roles").createCriteria("principals").add(Restrictions.in("id", Arrays.asList(principal.getId())));
            }
        }).longValue();
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Set<Role> getRolesForPrincipal(List<Principal> list) {
        if (list == null) {
            return new HashSet();
        }
        Criteria resultTransformer = createCriteria(Role.class).setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY);
        ArrayList arrayList = new ArrayList();
        Iterator<Principal> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getId());
        }
        HashSet hashSet = new HashSet(resultTransformer.createCriteria("principals").add(Restrictions.in("id", arrayList)).list());
        hashSet.addAll(getAllUserRoles(list.get(0).getRealm()));
        return hashSet;
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Set<Role> getPrincipalRolesForRealm(List<Principal> list, Realm realm) {
        if (list == null) {
            return new HashSet();
        }
        Criteria resultTransformer = createCriteria(Role.class).setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY);
        ArrayList arrayList = new ArrayList();
        Iterator<Principal> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getId());
        }
        resultTransformer.createCriteria(RealmService.MODULE).add(Restrictions.in("id", Arrays.asList(realm.getId())));
        HashSet hashSet = new HashSet(resultTransformer.createCriteria("principals").add(Restrictions.in("id", arrayList)).list());
        if (list.get(0).getRealm().equals(realm)) {
            hashSet.addAll(getAllUserRoles(list.get(0).getRealm()));
        }
        return hashSet;
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Iterator<Principal> iteratePrincpalsByRole(final Realm realm, final Collection<Role> collection) {
        return collection.isEmpty() ? new EmptyIterator() : new PagedIterator<Principal>() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.10
            @Override // com.hypersocket.util.PagedIterator
            protected List<Principal> listItems(final int i, final int i2, ColumnSort[] columnSortArr) {
                try {
                    return (List) PermissionRepositoryImpl.this.doInTransaction(new TransactionCallback<List<Principal>>() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.10.1
                        /* renamed from: doInTransaction, reason: merged with bridge method [inline-methods] */
                        public List<Principal> m100doInTransaction(TransactionStatus transactionStatus) {
                            Criteria createCriteria = PermissionRepositoryImpl.this.createCriteria(Principal.class);
                            createCriteria.add(Restrictions.eq("realm", realm));
                            createCriteria.add(Restrictions.eq("deleted", false));
                            createCriteria.setFirstResult(i);
                            createCriteria.setMaxResults(i2);
                            boolean z = false;
                            Iterator it = collection.iterator();
                            while (true) {
                                if (!it.hasNext()) {
                                    break;
                                }
                                if (((Role) it.next()).isAllUsers()) {
                                    z = true;
                                    break;
                                }
                            }
                            if (!z) {
                                createCriteria.setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY).createCriteria("roles").add(Restrictions.in("id", ResourceUtils.createResourceIdArray((Collection<? extends Resource>) collection)));
                            }
                            return createCriteria.list();
                        }
                    });
                } catch (ResourceException e) {
                    throw new IllegalStateException(e.getMessage(), e);
                }
            }
        };
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Set<Principal> getPrincpalsByRole(Realm realm, int i, Collection<Role> collection) {
        if (collection.isEmpty()) {
            return new HashSet();
        }
        Criteria createCriteria = createCriteria(Principal.class);
        createCriteria.add(Restrictions.eq("realm", realm));
        createCriteria.add(Restrictions.eq("deleted", false));
        createCriteria.setMaxResults(i);
        boolean z = false;
        Iterator<Role> it = collection.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (it.next().isAllUsers()) {
                z = true;
                break;
            }
        }
        if (!z) {
            createCriteria.setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY).createCriteria("roles").add(Restrictions.in("id", ResourceUtils.createResourceIdArray(collection)));
        }
        return new HashSet(createCriteria.list());
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Set<Role> getAllUserRoles(Realm realm) {
        return new HashSet(allEntities(Role.class, this.JOIN_PRINCIPALS_PERMISSIONS, new RealmRestriction(realm), new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.11
            @Override // com.hypersocket.repository.CriteriaConfiguration
            public void configure(Criteria criteria) {
                criteria.add(Restrictions.eq("allUsers", true));
            }
        }));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.hypersocket.resource.AbstractSimpleResourceRepositoryImpl
    public Class<Role> getResourceClass() {
        return Role.class;
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public List<Permission> getPermissionsByResourceKeys(final String... strArr) {
        return allEntities(Permission.class, new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.12
            @Override // com.hypersocket.repository.CriteriaConfiguration
            public void configure(Criteria criteria) {
                criteria.add(Restrictions.in("resourceKey", strArr));
            }
        });
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public List<Role> searchNoPersonalNoAllUserRoles(final Realm realm, String str, int i, int i2, ColumnSort[] columnSortArr) {
        return search(Role.class, "name", str, i, i2, columnSortArr, new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.13
            @Override // com.hypersocket.repository.CriteriaConfiguration
            public void configure(Criteria criteria) {
                criteria.add(Restrictions.eq("hidden", false));
                criteria.add(Restrictions.eq("allUsers", false));
                criteria.add(Restrictions.eq("personalRole", false));
                criteria.setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY);
                criteria.add(Restrictions.eq("realm", realm));
            }
        });
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public List<Role> getPermissionsByIds(Long... lArr) {
        return getResourcesByIds(lArr);
    }

    @Override // com.hypersocket.resource.AbstractResourceRepositoryImpl, com.hypersocket.resource.AbstractSimpleResourceRepository, com.hypersocket.resource.FindableResourceRepository, com.hypersocket.resource.AbstractResourceRepository
    @Transactional
    public void deleteRealm(Realm realm) {
        Query createQuery = createQuery("delete from Role where realm = :r", true);
        createQuery.setParameter("r", realm);
        createQuery.executeUpdate();
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Role getRoleByResourceCategory(String str) {
        return (Role) get("resourceCategory", str, Role.class, new DeletedCriteria(false));
    }

    @Override // com.hypersocket.permissions.PermissionRepository
    @Transactional(readOnly = true)
    public Collection<Role> getAllPermissionsRoles(Realm realm) {
        return new HashSet(allEntities(Role.class, this.JOIN_PRINCIPALS_PERMISSIONS, new RealmRestriction(realm), new CriteriaConfiguration() { // from class: com.hypersocket.permissions.PermissionRepositoryImpl.14
            @Override // com.hypersocket.repository.CriteriaConfiguration
            public void configure(Criteria criteria) {
                criteria.add(Restrictions.eq("allPermissions", true));
            }
        }));
    }
}
