package org.craftercms.studio.impl.v1.service.security;

import com.google.common.cache.Cache;
import jakarta.validation.Valid;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.commons.validation.annotations.param.ValidateSecurePathParam;
import org.craftercms.commons.validation.annotations.param.ValidateStringParam;
import org.craftercms.engine.util.spring.cors.SiteAwareCorsConfigurationSource;
import org.craftercms.studio.api.v1.constant.SecurityConstants;
import org.craftercms.studio.api.v1.constant.StudioConstants;
import org.craftercms.studio.api.v1.constant.StudioXmlConstants;
import org.craftercms.studio.api.v1.exception.ServiceLayerException;
import org.craftercms.studio.api.v1.exception.security.UserNotFoundException;
import org.craftercms.studio.api.v1.job.CronJobContext;
import org.craftercms.studio.api.v1.service.GeneralLockService;
import org.craftercms.studio.api.v1.service.content.ContentService;
import org.craftercms.studio.api.v1.service.content.ContentTypeService;
import org.craftercms.studio.api.v1.service.security.SecurityService;
import org.craftercms.studio.api.v1.service.site.SiteService;
import org.craftercms.studio.api.v1.to.PermissionsConfigTO;
import org.craftercms.studio.api.v2.dal.Group;
import org.craftercms.studio.api.v2.dal.User;
import org.craftercms.studio.api.v2.dal.security.NormalizedGroup;
import org.craftercms.studio.api.v2.dal.security.NormalizedRole;
import org.craftercms.studio.api.v2.service.audit.internal.AuditServiceInternal;
import org.craftercms.studio.api.v2.service.config.ConfigurationService;
import org.craftercms.studio.api.v2.service.security.GroupService;
import org.craftercms.studio.api.v2.service.security.internal.UserServiceInternal;
import org.craftercms.studio.api.v2.utils.StudioConfiguration;
import org.craftercms.studio.impl.v2.utils.DateUtils;
import org.craftercms.studio.impl.v2.utils.cache.SuffixCacheInvalidator;
import org.craftercms.studio.permissions.StudioPermissionsConstants;
import org.dom4j.Document;
import org.dom4j.Element;
import org.dom4j.Node;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.ObjectFactory;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.servlet.view.freemarker.FreeMarkerConfig;

/* loaded from: input_file:org/craftercms/studio/impl/v1/service/security/SecurityServiceImpl.class */
public class SecurityServiceImpl implements SecurityService {
    private static final Logger logger = LoggerFactory.getLogger(SecurityServiceImpl.class);
    protected ContentTypeService contentTypeService;
    protected ContentService contentService;
    protected GeneralLockService generalLockService;
    protected StudioConfiguration studioConfiguration;
    protected JavaMailSender emailService;
    protected JavaMailSender emailServiceNoAuth;
    protected ObjectFactory<FreeMarkerConfig> freeMarkerConfig;
    protected GroupService groupService;
    protected UserServiceInternal userServiceInternal;
    protected ConfigurationService configurationService;
    protected AuditServiceInternal auditServiceInternal;
    protected SiteService siteService;
    protected Cache<String, PermissionsConfigTO> cache;

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    public String getCurrentUser() {
        String str = null;
        SecurityContext context = SecurityContextHolder.getContext();
        if (context != null) {
            Authentication authentication = context.getAuthentication();
            if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken)) {
                str = authentication.getName();
            }
        } else {
            CronJobContext current = CronJobContext.getCurrent();
            if (current != null) {
                str = current.getCurrentUser();
            }
        }
        return str;
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    @Valid
    public Map<String, Object> getUserProfile(@ValidateStringParam String str) throws ServiceLayerException, UserNotFoundException {
        HashMap hashMap = new HashMap();
        User userByIdOrUsername = this.userServiceInternal.getUserByIdOrUsername(-1L, str);
        if (userByIdOrUsername != null) {
            hashMap.put("username", str);
            hashMap.put(SecurityConstants.KEY_FIRSTNAME, userByIdOrUsername.getFirstName());
            hashMap.put(SecurityConstants.KEY_LASTNAME, userByIdOrUsername.getLastName());
            hashMap.put("email", userByIdOrUsername.getEmail());
            hashMap.put(SecurityConstants.KEY_EXTERNALLY_MANAGED, Boolean.valueOf(userByIdOrUsername.isExternallyManaged()));
        }
        return hashMap;
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    public Map<String, Object> getUserProfileByGitName(@ValidateStringParam String str) throws ServiceLayerException, UserNotFoundException {
        HashMap hashMap = new HashMap();
        User userByGitName = this.userServiceInternal.getUserByGitName(str);
        if (userByGitName == null) {
            throw new UserNotFoundException("User " + str + " not found");
        }
        hashMap.put("username", userByGitName.getUsername());
        hashMap.put(SecurityConstants.KEY_FIRSTNAME, userByGitName.getFirstName());
        hashMap.put(SecurityConstants.KEY_LASTNAME, userByGitName.getLastName());
        hashMap.put("email", userByGitName.getEmail());
        hashMap.put(SecurityConstants.KEY_EXTERNALLY_MANAGED, Boolean.valueOf(userByGitName.isExternallyManaged()));
        return hashMap;
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    @Valid
    public Set<String> getUserPermissions(@ValidateStringParam String str, @ValidateSecurePathParam String str2, @ValidateStringParam String str3) {
        Set<String> hashSet = new HashSet();
        if (StringUtils.isNotEmpty(str)) {
            PermissionsConfigTO loadConfiguration = loadConfiguration(str, getPermissionsFileName());
            HashSet hashSet2 = new HashSet();
            addUserRoles(hashSet2, str, str3);
            hashSet = populateUserPermissions(str, str2, hashSet2, loadConfiguration);
            logger.trace("Check if the user is allowed to edit the content in site '{}' path '{}' user '{}' ", new Object[]{str, str2, str3});
            if (str2.indexOf("/site") == 0) {
                try {
                    if (!this.contentTypeService.isUserAllowed(hashSet2, this.contentTypeService.getContentTypeForContent(str, str2))) {
                        logger.trace("User '{}' is not permitted to access site '{}' path '{}', add permission '{}'", new Object[]{str3, str, str2, StudioConstants.PERMISSION_VALUE_NOT_ALLOWED});
                        hashSet.add(StudioConstants.PERMISSION_VALUE_NOT_ALLOWED);
                        return hashSet;
                    }
                } catch (ServiceLayerException e) {
                    logger.debug("Failed to get content type in site '{}' path '{}'. Skip user role check for user '{}'", new Object[]{str, str2, str3, e});
                }
            }
        }
        PermissionsConfigTO loadGlobalRolesConfiguration = loadGlobalRolesConfiguration();
        PermissionsConfigTO loadGlobalPermissionsConfiguration = loadGlobalPermissionsConfiguration();
        HashSet hashSet3 = new HashSet();
        addGlobalUserRoles(str3, hashSet3, loadGlobalRolesConfiguration);
        hashSet.addAll(populateUserGlobalPermissions(str2, hashSet3, loadGlobalPermissionsConfiguration));
        return hashSet;
    }

    protected void addGlobalUserRoles(String str, Set<NormalizedRole> set, PermissionsConfigTO permissionsConfigTO) {
        try {
            List<Group> userGroups = this.userServiceInternal.getUserGroups(-1L, str);
            if (permissionsConfigTO != null && userGroups != null) {
                Map<NormalizedGroup, List<NormalizedRole>> roles = permissionsConfigTO.getRoles();
                Iterator<Group> it = userGroups.iterator();
                while (it.hasNext()) {
                    List<NormalizedRole> list = roles.get(new NormalizedGroup(it.next().getGroupName()));
                    if (set != null && list != null) {
                        set.addAll(list);
                    }
                }
            }
        } catch (ServiceLayerException | UserNotFoundException e) {
            logger.error("Failed to get user groups for user '{}'", str, e);
        }
    }

    protected void addGlobalGroupRoles(Set<NormalizedRole> set, List<String> list, PermissionsConfigTO permissionsConfigTO) {
        if (list != null) {
            Map<NormalizedGroup, List<NormalizedRole>> roles = permissionsConfigTO.getRoles();
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                NormalizedGroup normalizedGroup = new NormalizedGroup(it.next());
                List<NormalizedRole> list2 = roles.get(normalizedGroup);
                if (list2 != null) {
                    logger.debug("Add roles to group'{}':'{}'", normalizedGroup, set);
                    set.addAll(list2);
                }
            }
        }
    }

    protected Set<String> populateUserGlobalPermissions(String str, Set<NormalizedRole> set, PermissionsConfigTO permissionsConfigTO) {
        HashSet hashSet = new HashSet();
        if (set == null || set.isEmpty()) {
            logger.debug("No user or group match found. Add the default permission '{}'", StudioConstants.PERMISSION_VALUE_READ);
            hashSet.add(StudioConstants.PERMISSION_VALUE_READ);
        } else {
            for (NormalizedRole normalizedRole : set) {
                Map<String, Map<NormalizedRole, List<Node>>> permissions = permissionsConfigTO.getPermissions();
                Map<NormalizedRole, List<Node>> map = permissions.get("###GLOBAL###");
                if (map == null || map.isEmpty()) {
                    map = permissions.get(SiteAwareCorsConfigurationSource.ALLOW_ORIGIN_DEFAULT);
                }
                if (map == null || map.isEmpty()) {
                    logger.debug("No default site is set. Add the default permission '{}'", StudioConstants.PERMISSION_VALUE_READ);
                    hashSet.add(StudioConstants.PERMISSION_VALUE_READ);
                } else {
                    List<Node> list = map.get(normalizedRole);
                    if (list == null || list.isEmpty()) {
                        list = map.get(new NormalizedRole(SiteAwareCorsConfigurationSource.ALLOW_ORIGIN_DEFAULT));
                    }
                    if (list == null || list.isEmpty()) {
                        logger.debug("No default role is set. Add the default permission '{}'", StudioConstants.PERMISSION_VALUE_READ);
                        hashSet.add(StudioConstants.PERMISSION_VALUE_READ);
                    } else {
                        for (Node node : list) {
                            String valueOf = node.valueOf(StudioXmlConstants.DOCUMENT_ATTR_REGEX);
                            if (str.matches(valueOf)) {
                                logger.trace("Global permissions found by matching regex '{}' in role '{}'", valueOf, normalizedRole);
                                Iterator it = node.selectNodes(StudioXmlConstants.DOCUMENT_ELM_ALLOWED_PERMISSIONS).iterator();
                                while (it.hasNext()) {
                                    String lowerCase = ((Node) it.next()).getText().toLowerCase();
                                    logger.debug("Add the global permissions '{}' to role '{}' path '{}'", new Object[]{lowerCase, normalizedRole, str});
                                    hashSet.add(lowerCase);
                                }
                            }
                        }
                    }
                }
            }
        }
        return hashSet;
    }

    protected String getPermissionsKey(String str, String str2) {
        return new StringBuffer(str).append(SuffixCacheInvalidator.DEFAULT_SEPARATOR).append(str2).toString();
    }

    protected void addUserRoles(Set<NormalizedRole> set, String str, String str2) {
        if (StringUtils.isEmpty(str2)) {
            return;
        }
        Set<NormalizedRole> userRoles = getUserRoles(str, str2);
        logger.debug("Add the roles '{}' to user '{}' in site '{}'", new Object[]{userRoles, str2, str});
        set.addAll(userRoles);
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    @Valid
    public Set<String> getUserRoles(@ValidateStringParam String str) {
        return (Set) getUserRoles(str, getCurrentUser()).stream().map((v0) -> {
            return v0.toString();
        }).collect(Collectors.toSet());
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    @Valid
    public Set<NormalizedRole> getUserRoles(@ValidateStringParam String str, @ValidateStringParam String str2) {
        return getUserRoles(str, str2, false);
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    @Valid
    public Set<NormalizedRole> getUserRoles(@ValidateStringParam String str, @ValidateStringParam String str2, boolean z) {
        List<Group> userGroups;
        try {
            userGroups = this.userServiceInternal.getUserGroups(-1L, str2);
        } catch (ServiceLayerException | UserNotFoundException e) {
            logger.error("Failed to get groups for user '{}' in site '{}'", new Object[]{str2, str, e});
        }
        if (userGroups == null || userGroups.isEmpty()) {
            logger.debug("No groups found for user '{}' in site '{}'", str2, str);
            return new HashSet(0);
        }
        logger.debug("Get groups for user '{}' in site '{}' groups '{}'", new Object[]{str2, str, userGroups});
        PermissionsConfigTO loadConfiguration = loadConfiguration(str, getRoleMappingsFileName());
        HashSet hashSet = new HashSet();
        if (loadConfiguration != null) {
            Map<NormalizedGroup, List<NormalizedRole>> roles = loadConfiguration.getRoles();
            Iterator<Group> it = userGroups.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Group next = it.next();
                if (isSystemAdmin(str2)) {
                    Collection<List<NormalizedRole>> values = roles.values();
                    Objects.requireNonNull(hashSet);
                    values.forEach((v1) -> {
                        r1.addAll(v1);
                    });
                    break;
                }
                List<NormalizedRole> list = roles.get(new NormalizedGroup(next.getGroupName()));
                if (list != null) {
                    hashSet.addAll(list);
                }
            }
        }
        if (z) {
            PermissionsConfigTO loadGlobalRolesConfiguration = loadGlobalRolesConfiguration();
            addGlobalUserRoles(str2, hashSet, loadGlobalRolesConfiguration);
            addGlobalGroupRoles(hashSet, (List) userGroups.stream().map((v0) -> {
                return v0.getGroupName();
            }).collect(Collectors.toList()), loadGlobalRolesConfiguration);
        }
        return hashSet;
    }

    protected Set<String> populateUserPermissions(String str, String str2, Set<NormalizedRole> set, PermissionsConfigTO permissionsConfigTO) {
        HashSet hashSet = new HashSet();
        if (CollectionUtils.isEmpty(set)) {
            return hashSet;
        }
        Map<String, Map<NormalizedRole, List<Node>>> permissions = permissionsConfigTO.getPermissions();
        Map<NormalizedRole, List<Node>> orDefault = permissions.getOrDefault(str, permissions.get(SiteAwareCorsConfigurationSource.ALLOW_ORIGIN_DEFAULT));
        if (MapUtils.isEmpty(orDefault)) {
            logger.debug("No default role is set site '{}' path '{}'. Add the default permission '{}'", new Object[]{str, str2, StudioPermissionsConstants.PERMISSION_CONTENT_READ});
            hashSet.add(StudioPermissionsConstants.PERMISSION_CONTENT_READ);
            return hashSet;
        }
        for (NormalizedRole normalizedRole : set) {
            List<Node> orDefault2 = orDefault.getOrDefault(normalizedRole, orDefault.get(new NormalizedRole(SiteAwareCorsConfigurationSource.ALLOW_ORIGIN_DEFAULT)));
            if (CollectionUtils.isEmpty(orDefault2)) {
                logger.debug("No default role is set site '{}' path '{}'. Add the default permission '{}'", new Object[]{str, str2, StudioPermissionsConstants.PERMISSION_CONTENT_READ});
                hashSet.add(StudioPermissionsConstants.PERMISSION_CONTENT_READ);
            }
            for (Node node : orDefault2) {
                String valueOf = node.valueOf(StudioXmlConstants.DOCUMENT_ATTR_REGEX);
                if (str2.matches(valueOf)) {
                    logger.debug("Permissions found in site '{}' matching regex '{}' for role '{}'", new Object[]{str, valueOf, normalizedRole});
                    Iterator it = node.selectNodes(StudioXmlConstants.DOCUMENT_ELM_ALLOWED_PERMISSIONS).iterator();
                    while (it.hasNext()) {
                        String lowerCase = ((Node) it.next()).getText().toLowerCase();
                        logger.trace("Add permission '{}' to site '{}' path '{}' role '{}'", new Object[]{lowerCase, str, str2, normalizedRole});
                        hashSet.add(lowerCase);
                    }
                }
            }
        }
        return hashSet;
    }

    protected PermissionsConfigTO loadConfiguration(String str, String str2) {
        String property = this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_ENVIRONMENT_ACTIVE);
        String cacheKey = this.configurationService.getCacheKey(str, "studio", str2, property, "object");
        PermissionsConfigTO permissionsConfigTO = (PermissionsConfigTO) this.cache.getIfPresent(cacheKey);
        if (permissionsConfigTO == null) {
            try {
                Document configurationAsDocument = this.configurationService.getConfigurationAsDocument(str, "studio", str2, property);
                if (configurationAsDocument != null) {
                    permissionsConfigTO = new PermissionsConfigTO();
                    permissionsConfigTO.setMapping(configurationAsDocument);
                    Element rootElement = configurationAsDocument.getRootElement();
                    loadRoles(rootElement, permissionsConfigTO);
                    loadPermissions(str, rootElement, permissionsConfigTO);
                    permissionsConfigTO.setKey(str + ":" + str2);
                    permissionsConfigTO.setLastUpdated(DateUtils.getCurrentTime());
                    this.cache.put(cacheKey, permissionsConfigTO);
                }
            } catch (ServiceLayerException e) {
                logger.error("Failed to load the permission mappings from site '{}' path '{}'", new Object[]{str, str2, e});
            }
        }
        return permissionsConfigTO;
    }

    protected void loadRoles(Element element, PermissionsConfigTO permissionsConfigTO) {
        if (element.getName().equals(StudioXmlConstants.DOCUMENT_ROLE_MAPPINGS)) {
            permissionsConfigTO.setRoles(getRoles(element.selectNodes(StudioXmlConstants.DOCUMENT_ELM_GROUPS_NODE), getRoles(element.selectNodes(StudioXmlConstants.DOCUMENT_ELM_USER_NODE), new HashMap())));
        }
    }

    protected Map<NormalizedGroup, List<NormalizedRole>> getRoles(List<Node> list, Map<NormalizedGroup, List<NormalizedRole>> map) {
        for (Node node : list) {
            String valueOf = node.valueOf(StudioXmlConstants.DOCUMENT_ATTR_NAME);
            if (!StringUtils.isEmpty(valueOf)) {
                List selectNodes = node.selectNodes("role");
                ArrayList arrayList = new ArrayList();
                Iterator it = selectNodes.iterator();
                while (it.hasNext()) {
                    arrayList.add(new NormalizedRole(((Node) it.next()).getText()));
                }
                map.put(new NormalizedGroup(valueOf), arrayList);
            }
        }
        return map;
    }

    protected void loadPermissions(String str, Element element, PermissionsConfigTO permissionsConfigTO) {
        if (element.getName().equals("permissions")) {
            HashMap hashMap = new HashMap();
            Element element2 = element;
            Element element3 = (Element) element2.selectSingleNode("site");
            if (element3 != null) {
                element2 = element3;
            }
            List<Node> selectNodes = element2.selectNodes("role");
            HashMap hashMap2 = new HashMap();
            for (Node node : selectNodes) {
                String valueOf = node.valueOf(StudioXmlConstants.DOCUMENT_ATTR_NAME);
                hashMap2.put(new NormalizedRole(valueOf), node.selectNodes(StudioXmlConstants.DOCUMENT_ELM_PERMISSION_RULE));
            }
            hashMap.put(str, hashMap2);
            permissionsConfigTO.setPermissions(hashMap);
        }
    }

    protected PermissionsConfigTO loadGlobalPermissionsConfiguration() {
        String str = getGlobalConfigPath() + "/" + getGlobalPermissionsFileName();
        String cacheKey = this.configurationService.getCacheKey(null, null, str, null, "object");
        PermissionsConfigTO permissionsConfigTO = (PermissionsConfigTO) this.cache.getIfPresent(cacheKey);
        if (permissionsConfigTO == null) {
            try {
                Document globalConfigurationAsDocument = this.configurationService.getGlobalConfigurationAsDocument(str);
                if (globalConfigurationAsDocument != null) {
                    permissionsConfigTO = new PermissionsConfigTO();
                    permissionsConfigTO.setMapping(globalConfigurationAsDocument);
                    loadPermissions("###GLOBAL###", globalConfigurationAsDocument.getRootElement(), permissionsConfigTO);
                    permissionsConfigTO.setKey("###GLOBAL###:" + getGlobalPermissionsFileName());
                    permissionsConfigTO.setLastUpdated(DateUtils.getCurrentTime());
                    this.cache.put(cacheKey, permissionsConfigTO);
                }
            } catch (ServiceLayerException e) {
                logger.error("Failed to load the global permission mapping path '{}'", str, e);
            }
        }
        return permissionsConfigTO;
    }

    protected PermissionsConfigTO loadGlobalRolesConfiguration() {
        String str = getGlobalConfigPath() + "/" + getGlobalRoleMappingsFileName();
        Document document = null;
        PermissionsConfigTO permissionsConfigTO = null;
        try {
            document = this.configurationService.getGlobalConfigurationAsDocument(str);
        } catch (ServiceLayerException e) {
            logger.error("Failed to load the global roles mapping path '{}'", str, e);
        }
        if (document != null) {
            permissionsConfigTO = new PermissionsConfigTO();
            permissionsConfigTO.setMapping(document);
            loadRoles(document.getRootElement(), permissionsConfigTO);
            permissionsConfigTO.setKey("###GLOBAL###:" + getGlobalRoleMappingsFileName());
            permissionsConfigTO.setLastUpdated(DateUtils.getCurrentTime());
        } else {
            logger.error("The global roles mapping file was not found at path '{}'", str);
        }
        return permissionsConfigTO;
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    public int getAllUsersTotal() throws ServiceLayerException {
        return this.userServiceInternal.getAllUsersTotal(null);
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    @Valid
    public boolean isSystemAdmin(@ValidateStringParam String str) {
        try {
            List<NormalizedRole> userGlobalRoles = getUserGlobalRoles(-1L, str);
            boolean z = false;
            if (CollectionUtils.isNotEmpty(userGlobalRoles)) {
                Iterator<NormalizedRole> it = userGlobalRoles.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (it.next().equals(StudioConstants.SYSTEM_ADMIN_NORMALIZED_ROLE)) {
                        z = true;
                        break;
                    }
                }
            }
            return z;
        } catch (ServiceLayerException e) {
            logger.warn("Failed to get site membership for user '{}'", str, e);
            return false;
        } catch (UserNotFoundException e2) {
            logger.info("User '{}' is not a site member", str, e2);
            return false;
        }
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    @Valid
    public boolean isSiteAdmin(@ValidateStringParam String str, String str2) {
        boolean z = false;
        try {
        } catch (ServiceLayerException | UserNotFoundException e) {
            logger.warn("Failed to get user membership for username '{}' site '{}'", new Object[]{str, str2, e});
        }
        if (isSystemAdmin(str)) {
            return true;
        }
        List<Group> userGroups = this.userServiceInternal.getUserGroups(-1L, str);
        if (CollectionUtils.isNotEmpty(userGroups)) {
            Map<NormalizedGroup, List<NormalizedRole>> roleMappings = this.configurationService.getRoleMappings(str2);
            if (MapUtils.isNotEmpty(roleMappings)) {
                Iterator<Group> it = userGroups.iterator();
                while (it.hasNext()) {
                    List<NormalizedRole> list = roleMappings.get(new NormalizedGroup(it.next().getGroupName()));
                    if (list != null && list.contains(StudioConstants.ADMIN_NORMALIZED_ROLE)) {
                        z = true;
                    }
                }
            }
        }
        return z;
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    @Valid
    public boolean userExists(@ValidateStringParam String str) throws ServiceLayerException {
        return this.userServiceInternal.userExists(-1L, str);
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    public Authentication getAuthentication() {
        SecurityContext context = SecurityContextHolder.getContext();
        if (context != null) {
            return context.getAuthentication();
        }
        return null;
    }

    @Override // org.craftercms.studio.api.v1.service.security.SecurityService
    @Valid
    public List<NormalizedRole> getUserGlobalRoles(long j, @ValidateStringParam String str) throws ServiceLayerException, UserNotFoundException {
        List<Group> userGroups = this.userServiceInternal.getUserGroups(j, str);
        if (CollectionUtils.isEmpty(userGroups)) {
            return Collections.emptyList();
        }
        Map<NormalizedGroup, List<NormalizedRole>> globalRoleMappings = this.configurationService.getGlobalRoleMappings();
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (MapUtils.isNotEmpty(globalRoleMappings)) {
            Iterator<Group> it = userGroups.iterator();
            while (it.hasNext()) {
                List<NormalizedRole> list = globalRoleMappings.get(new NormalizedGroup(it.next().getGroupName()));
                if (CollectionUtils.isNotEmpty(list)) {
                    linkedHashSet.addAll(list);
                }
            }
        }
        return new ArrayList(linkedHashSet);
    }

    public String getRoleMappingsFileName() {
        return this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_SITE_ROLE_MAPPINGS_FILE_NAME);
    }

    public String getPermissionsFileName() {
        return this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_SITE_PERMISSION_MAPPINGS_FILE_NAME);
    }

    public String getGlobalConfigPath() {
        return this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_CONFIG_BASE_PATH);
    }

    public String getGlobalRoleMappingsFileName() {
        return this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_ROLE_MAPPINGS_FILE_NAME);
    }

    public String getGlobalPermissionsFileName() {
        return this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_PERMISSION_MAPPINGS_FILE_NAME);
    }

    public int getSessionTimeout() {
        return Integer.parseInt(this.studioConfiguration.getProperty(StudioConfiguration.SECURITY_SESSION_TIMEOUT));
    }

    public boolean isAuthenticatedSMTP() {
        return Boolean.parseBoolean(this.studioConfiguration.getProperty(StudioConfiguration.MAIL_SMTP_AUTH));
    }

    public String getDefaultFromAddress() {
        return this.studioConfiguration.getProperty(StudioConfiguration.MAIL_FROM_DEFAULT);
    }

    public String getSystemSite() {
        return this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE);
    }

    public ContentTypeService getContentTypeService() {
        return this.contentTypeService;
    }

    public void setContentTypeService(ContentTypeService contentTypeService) {
        this.contentTypeService = contentTypeService;
    }

    public ContentService getContentService() {
        return this.contentService;
    }

    public void setContentService(ContentService contentService) {
        this.contentService = contentService;
    }

    public GeneralLockService getGeneralLockService() {
        return this.generalLockService;
    }

    public void setGeneralLockService(GeneralLockService generalLockService) {
        this.generalLockService = generalLockService;
    }

    public StudioConfiguration getStudioConfiguration() {
        return this.studioConfiguration;
    }

    public void setStudioConfiguration(StudioConfiguration studioConfiguration) {
        this.studioConfiguration = studioConfiguration;
    }

    public JavaMailSender getEmailService() {
        return this.emailService;
    }

    public void setEmailService(JavaMailSender javaMailSender) {
        this.emailService = javaMailSender;
    }

    public JavaMailSender getEmailServiceNoAuth() {
        return this.emailServiceNoAuth;
    }

    public void setEmailServiceNoAuth(JavaMailSender javaMailSender) {
        this.emailServiceNoAuth = javaMailSender;
    }

    public ObjectFactory<FreeMarkerConfig> getFreeMarkerConfig() {
        return this.freeMarkerConfig;
    }

    public void setFreeMarkerConfig(ObjectFactory<FreeMarkerConfig> objectFactory) {
        this.freeMarkerConfig = objectFactory;
    }

    public GroupService getGroupService() {
        return this.groupService;
    }

    public void setGroupService(GroupService groupService) {
        this.groupService = groupService;
    }

    public UserServiceInternal getUserServiceInternal() {
        return this.userServiceInternal;
    }

    public void setUserServiceInternal(UserServiceInternal userServiceInternal) {
        this.userServiceInternal = userServiceInternal;
    }

    public ConfigurationService getConfigurationService() {
        return this.configurationService;
    }

    public void setConfigurationService(ConfigurationService configurationService) {
        this.configurationService = configurationService;
    }

    public AuditServiceInternal getAuditServiceInternal() {
        return this.auditServiceInternal;
    }

    public void setAuditServiceInternal(AuditServiceInternal auditServiceInternal) {
        this.auditServiceInternal = auditServiceInternal;
    }

    public SiteService getSiteService() {
        return this.siteService;
    }

    public void setSiteService(SiteService siteService) {
        this.siteService = siteService;
    }

    public void setCache(Cache<String, PermissionsConfigTO> cache) {
        this.cache = cache;
    }
}
