package com.suncode.plugin.plusproject.core.security;

import com.suncode.plugin.plusproject.core.cfg.DBConstants;
import com.suncode.plugin.plusproject.core.cfg.SystemContext;
import com.suncode.plugin.plusproject.core.item.BaseItem;
import com.suncode.plugin.plusproject.core.model.security.Permission;
import com.suncode.plugin.plusproject.core.project.Project;
import com.suncode.plugin.plusproject.core.project.ProjectService;
import com.suncode.plugin.plusproject.core.search.sql.SQLProjectFilters;
import com.suncode.plugin.plusproject.core.task.Task;
import com.suncode.plugin.plusproject.core.task.TaskService;
import com.suncode.plugin.plusproject.core.user.Team;
import com.suncode.plugin.plusproject.core.user.TeamPermissionTransformer;
import com.suncode.plugin.plusproject.core.user.TeamService;
import com.suncode.plugin.plusproject.core.user.UserPermission;
import com.suncode.plugin.plusproject.core.user.UserPermissionTransformer;
import com.suncode.pwfl.administration.user.User;
import com.suncode.pwfl.administration.user.UserFinder;
import com.suncode.pwfl.administration.user.UserService;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.hibernate.SQLQuery;
import org.hibernate.SessionFactory;
import org.hibernate.criterion.DetachedCriteria;
import org.hibernate.criterion.Restrictions;
import org.hibernate.type.StandardBasicTypes;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.Assert;

@Transactional
@Service
/* loaded from: input_file:com/suncode/plugin/plusproject/core/security/PermissionServiceImpl.class */
public class PermissionServiceImpl implements PermissionService {

    @Autowired
    private UserService us;

    @Autowired
    private ProjectService ps;

    @Autowired
    private SQLProjectFilters pf;

    @Autowired
    private SessionFactory sf;

    @Autowired
    private TaskService ts;

    @Autowired
    private TeamService teamService;

    @Autowired
    private SystemContext ctx;

    @Autowired
    private UserFinder uf;

    private AclEntry getEntry(AclSid aclSid, AclObjectIdentity aclObjectIdentity, AclClass aclClass, Permission permission) {
        DetachedCriteria forClass = DetachedCriteria.forClass(AclEntry.class);
        forClass.add(Restrictions.eq("sid.id", aclSid.getId()));
        forClass.add(Restrictions.eq("objectIndentity.id", aclObjectIdentity.getId()));
        forClass.add(Restrictions.eqOrIsNull("mask", Integer.valueOf(permission.getPermission())));
        List list = forClass.getExecutableCriteria(this.sf.getCurrentSession()).list();
        if (list.isEmpty()) {
            return null;
        }
        return (AclEntry) list.get(0);
    }

    private AclSid checkSid(Long l, boolean z) {
        AclSid sid = getSid(l, z);
        if (sid == null) {
            sid = new AclSid();
            sid.setSid(l);
            sid.setSidUser(z);
            this.sf.getCurrentSession().save(sid);
        }
        return sid;
    }

    private AclSid getSid(Long l, boolean z) {
        DetachedCriteria forClass = DetachedCriteria.forClass(AclSid.class);
        forClass.add(Restrictions.eq("sid", l));
        forClass.add(Restrictions.eq("sidUser", Boolean.valueOf(z)));
        List list = forClass.getExecutableCriteria(this.sf.getCurrentSession()).list();
        if (list.isEmpty()) {
            return null;
        }
        return (AclSid) list.get(0);
    }

    private AclObjectIdentity checkObjectIdentity(Long l, AclClass aclClass) {
        AclObjectIdentity aclObjectIdentity = getAclObjectIdentity(l, aclClass);
        if (aclObjectIdentity == null) {
            aclObjectIdentity = new AclObjectIdentity();
            aclObjectIdentity.setAclClass(aclClass);
            aclObjectIdentity.setOid(l);
            this.sf.getCurrentSession().save(aclObjectIdentity);
        }
        return aclObjectIdentity;
    }

    private AclObjectIdentity getAclObjectIdentity(Long l, AclClass aclClass) {
        DetachedCriteria forClass = DetachedCriteria.forClass(AclObjectIdentity.class);
        forClass.add(Restrictions.eq("oid", l));
        forClass.add(Restrictions.eq("aclClass.id", aclClass.getId()));
        List list = forClass.getExecutableCriteria(this.sf.getCurrentSession()).list();
        if (list.isEmpty()) {
            return null;
        }
        return (AclObjectIdentity) list.get(0);
    }

    private AclClass checkAclClass(Class<?> cls) {
        AclClass aclClass = getAclClass(cls);
        if (aclClass == null) {
            aclClass = new AclClass();
            aclClass.setName(cls.getName());
            this.sf.getCurrentSession().save(aclClass);
        }
        return aclClass;
    }

    private AclClass getAclClass(Class<?> cls) {
        DetachedCriteria forClass = DetachedCriteria.forClass(AclClass.class);
        forClass.add(Restrictions.eq("name", cls.getName()));
        List list = forClass.getExecutableCriteria(this.sf.getCurrentSession()).list();
        if (list.isEmpty()) {
            return null;
        }
        return (AclClass) list.get(0);
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public List<AclClass> getAllClasses() {
        return this.sf.getCurrentSession().createCriteria(AclClass.class).list();
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public List<AclEntry> getAllEntries() {
        return this.sf.getCurrentSession().createCriteria(AclEntry.class).list();
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public List<AclSid> getAllSid() {
        return this.sf.getCurrentSession().createCriteria(AclSid.class).list();
    }

    public List<AclObjectIdentity> getAllObjectIdentity() {
        return this.sf.getCurrentSession().createCriteria(AclObjectIdentity.class).list();
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public void deleteAll() {
        Iterator<AclSid> it = getAllSid().iterator();
        while (it.hasNext()) {
            this.sf.getCurrentSession().delete(it.next());
        }
        Iterator<AclEntry> it2 = getAllEntries().iterator();
        while (it2.hasNext()) {
            this.sf.getCurrentSession().delete(it2.next());
        }
        Iterator<AclClass> it3 = getAllClasses().iterator();
        while (it3.hasNext()) {
            this.sf.getCurrentSession().delete(it3.next());
        }
        Iterator<AclObjectIdentity> it4 = getAllObjectIdentity().iterator();
        while (it4.hasNext()) {
            this.sf.getCurrentSession().delete(it4.next());
        }
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public void addPermission(Class<?> cls, Long l, Long l2, Long l3, Permission permission) {
        addPermission(cls, l, l2, l3, permission, null, false);
    }

    public void addPermission(Class<?> cls, Long l, Long l2, Long l3, Permission permission, Boolean bool, boolean z) {
        AclSid checkSid;
        AclClass checkAclClass = checkAclClass(cls);
        AclObjectIdentity checkObjectIdentity = checkObjectIdentity(l, checkAclClass);
        checkObjectIdentity.setTemplate(z);
        boolean z2 = false;
        if (l2 != null) {
            checkSid = checkSid(l2, true);
        } else {
            if (l3 == null) {
                throw new RuntimeException("error");
            }
            checkSid = checkSid(l3, false);
            z2 = true;
        }
        AclEntry entry = getEntry(checkSid, checkObjectIdentity, checkAclClass, permission);
        if (entry == null) {
            entry = new AclEntry();
            entry.setMask(permission.getPermission());
            entry.setObjectIndentity(checkObjectIdentity);
            entry.setSid(checkSid);
            this.sf.getCurrentSession().save(entry);
        }
        if (z2) {
            Iterator it = this.teamService.getUsersFromTeam(l3, null, null, 0, 999999).getData().iterator();
            while (it.hasNext()) {
                addPermission(cls, l, ((User) it.next()).getObjectId(), null, permission);
            }
        }
        if (cls != Project.class) {
            if (cls == Task.class) {
                Iterator it2 = this.ps.getTaskChildren(this.ts.get(l).getId()).getData().iterator();
                while (it2.hasNext()) {
                    addPermission(cls, ((BaseItem) it2.next()).getId(), l2, l3, permission);
                }
                return;
            }
            return;
        }
        Project project = this.ps.get(l);
        if (bool != null || l2 == null) {
            if (bool == null) {
                bool = false;
            }
            entry.setRoot(bool.booleanValue());
        } else {
            Project parent = project.getParent();
            boolean z3 = true;
            while (true) {
                if (parent == null) {
                    break;
                }
                if (hasPermission(Project.class, parent.getId(), l2, Permission.READ)) {
                    z3 = false;
                    break;
                }
                parent = parent.getParent();
            }
            entry.setRoot(z3);
        }
        this.sf.getCurrentSession().update(entry);
        for (BaseItem baseItem : this.ps.getProjectChildren(project.getId()).getData()) {
            addPermission(baseItem.getClass(), baseItem.getId(), l2, l3, permission, false, z);
        }
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public List<Team> getTeamsWithPermissions(Class<?> cls, Long l, String str, String str2) {
        Assert.notNull(cls, "Object type is required");
        Assert.notNull(l, "Object id is required");
        StringBuilder sb = new StringBuilder();
        sb.append("select distinct {t.*},mask from pm_mpp_acl_entry e ");
        sb.append("join pm_mpp_acl_oid oid on oid.id=e.acl_object ");
        sb.append(" join pm_mpp_acl_class c on c.id=oid.acl_class ");
        sb.append("join pm_mpp_acl_sid s on s.id=e.acl_sid ");
        sb.append("join pm_mpp_team t on t.id=s.sid ");
        if (StringUtils.isNotBlank(str2)) {
            sb.append("join pm_mpp_team_user tu on t.id=tu.team_id ");
            sb.append("join usertable ut on tu.user_id=ut." + DBConstants.getObjectId() + " ");
        }
        sb.append(" where oid.oid=:oid and c.name=:className ");
        if (StringUtils.isNotBlank(str)) {
            sb.append("and lower(t.name) like :teamQuery ");
        }
        if (StringUtils.isNotBlank(str2)) {
            sb.append("and lower(ut.lastname) like :userQuery ");
        }
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery(sb.toString());
        createSQLQuery.setParameter("className", cls.getName());
        createSQLQuery.setParameter("oid", l);
        createSQLQuery.addEntity("t", Team.class);
        createSQLQuery.addScalar("mask", StandardBasicTypes.INTEGER);
        if (StringUtils.isNotBlank(str)) {
            createSQLQuery.setParameter("teamQuery", "%" + str.toLowerCase() + "%");
        }
        if (StringUtils.isNotBlank(str2)) {
            createSQLQuery.setParameter("userQuery", "%" + str2.toLowerCase() + "%");
        }
        createSQLQuery.setResultTransformer(new TeamPermissionTransformer());
        return createSQLQuery.list();
    }

    private Long getEntryId(Class<?> cls, Long l, Long l2, Long l3, Permission permission) {
        Assert.notNull(l, "oid can't be null");
        StringBuilder sb = new StringBuilder();
        sb.append("select distinct e.id as id from pm_mpp_acl_entry e ");
        sb.append("join pm_mpp_acl_oid oid on oid.id=e.acl_object ");
        sb.append(" join pm_mpp_acl_class c on c.id=oid.acl_class ");
        sb.append("join pm_mpp_acl_sid s on s.id=e.acl_sid ");
        if (l3 != null) {
            sb.append("join pm_mpp_team t on t.id=s.sid ");
            sb.append(" where oid.oid=:oid and c.name=:className and t.id=:teamId and mask=:mask and s.siduser=:sidUser");
        } else {
            sb.append("join usertable ut on ut." + DBConstants.getObjectId() + "=s.sid ");
            sb.append(" where oid.oid=:oid and c.name=:className and ut." + DBConstants.getObjectId() + "=:userId and mask=:mask and s.siduser=:sidUser");
        }
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery(sb.toString());
        createSQLQuery.setParameter("className", cls.getName());
        createSQLQuery.setParameter("oid", l);
        if (l3 != null) {
            createSQLQuery.setParameter("teamId", l3);
            createSQLQuery.setParameter("sidUser", false);
        } else {
            createSQLQuery.setParameter("userId", l2);
            createSQLQuery.setParameter("sidUser", true);
        }
        createSQLQuery.setParameter("mask", Integer.valueOf(permission.getPermission()));
        createSQLQuery.addScalar("id", StandardBasicTypes.LONG);
        return (Long) createSQLQuery.uniqueResult();
    }

    private List<AclEntry> getEntriesForTeam(Class<?> cls, Long l) {
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery("select distinct {e.*} from pm_mpp_acl_entry e join pm_mpp_acl_oid oid on oid.id=e.acl_object  join pm_mpp_acl_class c on c.id=oid.acl_class join pm_mpp_acl_sid s on s.id=e.acl_sid join pm_mpp_team t on t.id=s.sid  where c.name=:className and t.id=:teamId and s.siduser=:sidUser and oid.template=:template");
        createSQLQuery.setParameter("className", cls.getName());
        createSQLQuery.setParameter("teamId", l);
        createSQLQuery.setParameter("sidUser", false);
        createSQLQuery.setParameter("template", false);
        createSQLQuery.addEntity("e", AclEntry.class);
        return createSQLQuery.list();
    }

    private List<AclEntry> getEntries(Class<?> cls, Long l) {
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery("select distinct {e.*} from pm_mpp_acl_entry e join pm_mpp_acl_oid oid on oid.id=e.acl_object  join pm_mpp_acl_class c on c.id=oid.acl_class  where c.name=:className and oid.oid=:oid");
        createSQLQuery.setParameter("className", cls.getName());
        createSQLQuery.setParameter("oid", l);
        createSQLQuery.addEntity("e", AclEntry.class);
        return createSQLQuery.list();
    }

    private String queryUsersWithPermissions() {
        StringBuilder sb = new StringBuilder();
        sb.append("select distinct {ut.*},mask from pm_mpp_acl_entry e ");
        sb.append("join pm_mpp_acl_oid oid on oid.id=e.acl_object ");
        sb.append(" join pm_mpp_acl_class c on c.id=oid.acl_class ");
        sb.append("join pm_mpp_acl_sid s on s.id=e.acl_sid ");
        sb.append("join usertable ut on ut." + DBConstants.getObjectId() + "=s.sid ");
        sb.append("join pm_mpp_team_user tu on tu.user_id=ut." + DBConstants.getObjectId() + " ");
        sb.append(" where oid.oid=:oid and c.name=:className and tu.team_id=:teamId and s.siduser=:sidUser ");
        return sb.toString();
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public List<UserPermission> getUsersWithPermissions(Class<?> cls, Long l, Long l2, String str) {
        String queryUsersWithPermissions = queryUsersWithPermissions();
        if (StringUtils.isNotBlank(str)) {
            queryUsersWithPermissions = queryUsersWithPermissions + "and lower(ut.lastname) like :userQuery ";
        }
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery(queryUsersWithPermissions);
        createSQLQuery.setParameter("className", cls.getName());
        createSQLQuery.setParameter("oid", l);
        createSQLQuery.setParameter("teamId", l2);
        createSQLQuery.setParameter("sidUser", true);
        if (StringUtils.isNotBlank(str)) {
            createSQLQuery.setParameter("userQuery", "%" + str.toLowerCase() + "%");
        }
        createSQLQuery.addEntity("ut", User.class);
        createSQLQuery.addScalar("mask", StandardBasicTypes.INTEGER);
        createSQLQuery.setResultTransformer(new UserPermissionTransformer());
        List<UserPermission> list = createSQLQuery.list();
        list.addAll(getUserWithoutPermissions(cls, l, l2));
        return list;
    }

    private List<UserPermission> getUserWithoutPermissions(Class<?> cls, Long l, Long l2) {
        String replace = queryUsersWithPermissions().replace("{ut.*},mask", "ut." + DBConstants.getObjectId());
        StringBuilder sb = new StringBuilder();
        sb.append("select distinct {u.*} from usertable u ");
        sb.append("join pm_mpp_team_user tu2 on tu2.user_id=u." + DBConstants.getObjectId());
        sb.append(" where u." + DBConstants.getObjectId() + " not in (");
        sb.append(replace);
        sb.append(") and tu2.team_id=:teamId ");
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery(sb.toString());
        createSQLQuery.setParameter("className", cls.getName());
        createSQLQuery.setParameter("oid", l);
        createSQLQuery.setParameter("teamId", l2);
        createSQLQuery.setParameter("sidUser", true);
        createSQLQuery.addEntity("u", User.class);
        List list = createSQLQuery.list();
        ArrayList arrayList = new ArrayList();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(new UserPermission((User) it.next()));
        }
        return arrayList;
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public void removeAllPermissionFor(Class<?> cls, Long l, List<Long> list, List<Long> list2) {
        if (CollectionUtils.isEmpty(list) && CollectionUtils.isEmpty(list2)) {
            throw new RuntimeException("Sid ids are required");
        }
        deleteFor(cls, l, list, list2);
    }

    private void removeAllPermissionFor(Long l) {
        StringBuilder sb = new StringBuilder();
        sb.append("delete from pm_mpp_acl_entry where pm_mpp_acl_entry.id in (select distinct e.id from pm_mpp_acl_entry e ");
        sb.append("join pm_mpp_acl_oid oid on oid.id=e.acl_object ");
        sb.append(" join pm_mpp_acl_class c on c.id=oid.acl_class ");
        sb.append("join pm_mpp_acl_sid s on s.id=e.acl_sid ");
        sb.append("join usertable ut on ut." + DBConstants.getObjectId() + "=s.sid ");
        sb.append(" where ut." + DBConstants.getObjectId() + " = :userId and s.siduser=:sidUser)");
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery(sb.toString());
        createSQLQuery.setParameter("userId", l);
        createSQLQuery.setParameter("sidUser", true);
        createSQLQuery.executeUpdate();
    }

    private void deleteFor(Class<?> cls, Long l, List<Long> list, List<Long> list2) {
        StringBuilder sb = new StringBuilder();
        sb.append("delete from pm_mpp_acl_entry where pm_mpp_acl_entry.id in (select distinct e.id from pm_mpp_acl_entry e ");
        sb.append("join pm_mpp_acl_oid oid on oid.id=e.acl_object ");
        sb.append(" join pm_mpp_acl_class c on c.id=oid.acl_class ");
        sb.append("join pm_mpp_acl_sid s on s.id=e.acl_sid ");
        if (CollectionUtils.isNotEmpty(list2)) {
            sb.append("join pm_mpp_team t on t.id=s.sid ");
            sb.append(" where oid.oid=:oid and c.name=:className and t.id in (:teamIds) and s.siduser=:sidUser)");
        } else {
            sb.append("join usertable ut on ut." + DBConstants.getObjectId() + "=s.sid ");
            sb.append(" where oid.oid=:oid and c.name=:className and ut." + DBConstants.getObjectId() + " in (:userIds) and s.siduser=:sidUser)");
        }
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery(sb.toString());
        createSQLQuery.setParameter("className", cls.getName());
        createSQLQuery.setParameter("oid", l);
        if (CollectionUtils.isNotEmpty(list2)) {
            createSQLQuery.setParameterList("teamIds", list2);
            createSQLQuery.setParameter("sidUser", false);
        } else {
            createSQLQuery.setParameterList("userIds", list);
            createSQLQuery.setParameter("sidUser", true);
        }
        createSQLQuery.executeUpdate();
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public void removePermission(Class<?> cls, Long l, Long l2, Long l3, Permission permission) {
        Assert.notNull(cls, "Type is required");
        Assert.notNull(l, "oid is required");
        Assert.notNull(permission, "Permission is required");
        Assert.isTrue((l2 == null && l3 == null) ? false : true, "TeamId or userId is required");
        Long entryId = getEntryId(cls, l, l2, l3, permission);
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery("delete from pm_mpp_acl_entry where id=:entryId");
        createSQLQuery.setParameter("entryId", entryId);
        createSQLQuery.executeUpdate();
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public void addTeamPermissions(Long l, List<Long> list) {
        for (Class<?> cls : PermissionConstants.getProtectedTypes()) {
            for (AclEntry aclEntry : getEntriesForTeam(cls, l)) {
                Iterator<Long> it = list.iterator();
                while (it.hasNext()) {
                    addPermission(cls, aclEntry.getObjectIndentity().getOid(), it.next(), null, Permission.getPermission(aclEntry.getMask()));
                }
            }
        }
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public void removeTeamPremissions(Long l, List<Long> list) {
        for (Long l2 : list) {
            if (!this.teamService.belongsToTeam(l2)) {
                removeAllPermissionFor(l2);
            }
        }
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public void rewritePermissions(Class<?> cls, Long l, Class<?> cls2, Long l2) {
        rewritePermissions(cls, l, cls2, l2, false);
    }

    public void rewritePermissions(Class<?> cls, Long l, Class<?> cls2, Long l2, boolean z) {
        for (AclEntry aclEntry : getEntries(cls, l)) {
            AclSid sid = aclEntry.getSid();
            if (sid.isSidUser()) {
                addPermission(cls2, l2, sid.getSid(), null, Permission.getPermission(aclEntry.getMask()), null, z);
            } else {
                addPermission(cls2, l2, null, sid.getSid(), Permission.getPermission(aclEntry.getMask()), null, z);
            }
        }
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public boolean hasConfigurationPermission() {
        DetachedCriteria forClass = DetachedCriteria.forClass(User.class);
        forClass.add(Restrictions.eq("userName", this.ctx.getLoggedUser()));
        forClass.createAlias("groups", "groups");
        forClass.add(Restrictions.eq("groups.name", PermissionConstants.adminGroupName));
        return this.uf.count(forClass) > 0;
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public boolean hasPermission(Class<?> cls, Long l, Permission permission) {
        return hasPermission(cls, l, this.us.getUser(this.ctx.getLoggedUser(), new String[0]).getObjectId(), permission);
    }

    private boolean hasPermission(Class<?> cls, Long l, Long l2, Permission permission) {
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery("select count(e.id) as cnt from pm_mpp_acl_entry e join pm_mpp_acl_oid oid on oid.id=e.acl_object  join pm_mpp_acl_class c on c.id=oid.acl_class join pm_mpp_acl_sid s on s.id=e.acl_sid  where c.name=:className and oid.oid=:oid and s.siduser=:sidUser and s.sid=:userId and e.mask=:mask");
        createSQLQuery.setParameter("className", cls.getName());
        createSQLQuery.setParameter("oid", l);
        createSQLQuery.setParameter("sidUser", true);
        createSQLQuery.setParameter("userId", l2);
        createSQLQuery.setParameter("mask", Integer.valueOf(permission.getPermission()));
        createSQLQuery.addScalar("cnt", StandardBasicTypes.LONG);
        return ((Long) createSQLQuery.uniqueResult()).longValue() > 0;
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public Map<Permission, Boolean> getPermissions(Class<?> cls, Long l) {
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery("select mask as mask from pm_mpp_acl_entry e join pm_mpp_acl_oid oid on oid.id=e.acl_object  join pm_mpp_acl_class c on c.id=oid.acl_class join pm_mpp_acl_sid s on s.id=e.acl_sid  where c.name=:className and oid.oid=:oid and s.siduser=:sidUser and s.sid=:userId ");
        createSQLQuery.setParameter("className", cls.getName());
        createSQLQuery.setParameter("oid", l);
        createSQLQuery.setParameter("sidUser", true);
        createSQLQuery.setParameter("userId", this.us.getUser(this.ctx.getLoggedUser(), new String[0]).getObjectId());
        createSQLQuery.addScalar("mask", StandardBasicTypes.INTEGER);
        List list = createSQLQuery.list();
        HashMap hashMap = new HashMap();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            hashMap.put(Permission.getPermission(((Integer) it.next()).intValue()), true);
        }
        for (Permission permission : Permission.values()) {
            if (!hashMap.containsKey(permission)) {
                hashMap.put(permission, false);
            }
        }
        if (this.ctx.getLoggedUser().equals("admin")) {
            Iterator it2 = hashMap.keySet().iterator();
            while (it2.hasNext()) {
                hashMap.put((Permission) it2.next(), true);
            }
        }
        return hashMap;
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public void clonePermissions(BaseItem baseItem, BaseItem baseItem2) {
        rewritePermissions(baseItem2.getClass(), baseItem2.getId(), baseItem.getClass(), baseItem.getId(), true);
    }

    @Override // com.suncode.plugin.plusproject.core.security.PermissionService
    public void removePermission(Class<?> cls, Long l) {
        Assert.notNull(cls, "Type is required");
        Assert.notNull(l, "oid is required");
        StringBuilder sb = new StringBuilder();
        AclObjectIdentity aclObjectIdentity = getAclObjectIdentity(l, getAclClass(cls));
        if (aclObjectIdentity == null) {
            return;
        }
        sb.append("delete from pm_mpp_acl_entry where acl_object=:oid");
        SQLQuery createSQLQuery = this.sf.getCurrentSession().createSQLQuery(sb.toString());
        createSQLQuery.setParameter("oid", aclObjectIdentity.getId());
        createSQLQuery.executeUpdate();
        this.sf.getCurrentSession().delete(aclObjectIdentity);
    }
}
