package org.jasig.portal.security.provider;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jasig.portal.AuthorizationException;
import org.jasig.portal.ChannelRegistryStoreFactory;
import org.jasig.portal.EntityTypes;
import org.jasig.portal.IChannelRegistryStore;
import org.jasig.portal.channel.ChannelLifecycleState;
import org.jasig.portal.channel.IChannelDefinition;
import org.jasig.portal.concurrency.CachingException;
import org.jasig.portal.groups.GroupsException;
import org.jasig.portal.groups.IEntityGroup;
import org.jasig.portal.groups.IGroupMember;
import org.jasig.portal.properties.PropertiesManager;
import org.jasig.portal.security.IAuthorizationPrincipal;
import org.jasig.portal.security.IAuthorizationService;
import org.jasig.portal.security.IPermission;
import org.jasig.portal.security.IPermissionManager;
import org.jasig.portal.security.IPermissionPolicy;
import org.jasig.portal.security.IPermissionSet;
import org.jasig.portal.security.IPermissionStore;
import org.jasig.portal.security.IPerson;
import org.jasig.portal.security.IUpdatingPermissionManager;
import org.jasig.portal.services.EntityCachingService;
import org.jasig.portal.services.GroupService;
import org.jasig.portal.utils.cache.CacheFactory;
import org.jasig.portal.utils.cache.CacheFactoryLocator;

/* loaded from: input_file:WEB-INF/classes/org/jasig/portal/security/provider/AuthorizationImpl.class */
public class AuthorizationImpl implements IAuthorizationService {
    private static final String PRINCIPAL_SEPARATOR = ".";
    private static final IAuthorizationService singleton = new AuthorizationImpl();
    private IPermissionStore permissionStore;
    private IPermissionPolicy defaultPermissionPolicy;
    protected final IChannelRegistryStore channelRegistryStore;
    private Class PERMISSION_SET_TYPE;
    private boolean cachePermissions;
    protected final Log log = LogFactory.getLog(getClass());
    private Map<String, IAuthorizationPrincipal> principalCache = CacheFactoryLocator.getCacheFactory().getCache(CacheFactory.PRINCIPAL_CACHE);
    private Map<String, Set<String>> entityParentsCache = CacheFactoryLocator.getCacheFactory().getCache(CacheFactory.ENTITY_PARENTS_CACHE);

    protected AuthorizationImpl() {
        initialize();
        this.channelRegistryStore = ChannelRegistryStoreFactory.getChannelRegistryStoreImpl();
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public void addPermissions(IPermission[] iPermissionArr) throws AuthorizationException {
        if (iPermissionArr.length > 0) {
            getPermissionStore().add(iPermissionArr);
            if (this.cachePermissions) {
                removeFromPermissionsCache(iPermissionArr);
            }
        }
    }

    protected void cacheAdd(IPermissionSet iPermissionSet) throws AuthorizationException {
        try {
            EntityCachingService.getEntityCachingService().add(iPermissionSet);
        } catch (CachingException e) {
            throw new AuthorizationException("Problem adding permissions for " + iPermissionSet + " to cache", e);
        }
    }

    protected IPermissionSet cacheGet(IAuthorizationPrincipal iAuthorizationPrincipal) throws AuthorizationException {
        try {
            return (IPermissionSet) EntityCachingService.getEntityCachingService().get(this.PERMISSION_SET_TYPE, iAuthorizationPrincipal.getPrincipalString());
        } catch (CachingException e) {
            throw new AuthorizationException("Problem getting permissions for " + iAuthorizationPrincipal + " from cache", e);
        }
    }

    protected void cacheRemove(IAuthorizationPrincipal iAuthorizationPrincipal) throws AuthorizationException {
        try {
            EntityCachingService.getEntityCachingService().remove(this.PERMISSION_SET_TYPE, iAuthorizationPrincipal.getPrincipalString());
        } catch (CachingException e) {
            throw new AuthorizationException("Problem removing permissions for " + iAuthorizationPrincipal + " from cache", e);
        }
    }

    protected void cacheUpdate(IPermissionSet iPermissionSet) throws AuthorizationException {
        try {
            EntityCachingService.getEntityCachingService().update(iPermissionSet);
        } catch (CachingException e) {
            throw new AuthorizationException("Problem updating permissions for " + iPermissionSet + " in cache", e);
        }
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public boolean canPrincipalConfigure(IAuthorizationPrincipal iAuthorizationPrincipal, int i) throws AuthorizationException {
        String str = IPermission.CHANNEL_PREFIX + i;
        if (this.channelRegistryStore.getChannelDefinition(i) == null) {
            throw new AuthorizationException("Unable to locate channel " + i);
        }
        return doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.PORTLET_MODE_CONFIG, IPermission.ALL_CHANNELS_TARGET) || doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.PORTLET_MODE_CONFIG, str);
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public boolean canPrincipalManage(IAuthorizationPrincipal iAuthorizationPrincipal, int i) throws AuthorizationException {
        String str = IPermission.CHANNEL_PREFIX + i;
        IChannelDefinition channelDefinition = this.channelRegistryStore.getChannelDefinition(i);
        if (channelDefinition == null) {
            return doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_APPROVED_ACTIVITY, str);
        }
        int order = channelDefinition.getLifecycleState().getOrder();
        if ((order <= ChannelLifecycleState.EXPIRED.getOrder() || channelDefinition.getExpirationDate() != null) && (doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_EXPIRED_ACTIVITY, IPermission.ALL_CHANNELS_TARGET) || doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_EXPIRED_ACTIVITY, str))) {
            return true;
        }
        if ((order <= ChannelLifecycleState.PUBLISHED.getOrder() || channelDefinition.getPublishDate() != null) && (doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_ACTIVITY, IPermission.ALL_CHANNELS_TARGET) || doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_ACTIVITY, str))) {
            return true;
        }
        this.log.debug("order: " + order + ", approved order: " + ChannelLifecycleState.APPROVED.getOrder());
        if (order <= ChannelLifecycleState.APPROVED.getOrder() && (doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_APPROVED_ACTIVITY, IPermission.ALL_CHANNELS_TARGET) || doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_APPROVED_ACTIVITY, str))) {
            return true;
        }
        if (order <= ChannelLifecycleState.CREATED.getOrder()) {
            return doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_CREATED_ACTIVITY, IPermission.ALL_CHANNELS_TARGET) || doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_CREATED_ACTIVITY, str);
        }
        return false;
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public boolean canPrincipalManage(IAuthorizationPrincipal iAuthorizationPrincipal, ChannelLifecycleState channelLifecycleState, String str) throws AuthorizationException {
        if (this.channelRegistryStore.getChannelCategory(str) == null) {
            throw new AuthorizationException("Unable to locate category " + str);
        }
        int order = channelLifecycleState.getOrder();
        if (order <= ChannelLifecycleState.EXPIRED.getOrder() && (doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_EXPIRED_ACTIVITY, IPermission.ALL_CHANNELS_TARGET) || doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_EXPIRED_ACTIVITY, str))) {
            return true;
        }
        if (order <= ChannelLifecycleState.PUBLISHED.getOrder() && (doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_ACTIVITY, IPermission.ALL_CHANNELS_TARGET) || doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_ACTIVITY, str))) {
            return true;
        }
        if (order <= ChannelLifecycleState.APPROVED.getOrder() && (doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_APPROVED_ACTIVITY, IPermission.ALL_CHANNELS_TARGET) || doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_APPROVED_ACTIVITY, str))) {
            return true;
        }
        if (order <= ChannelLifecycleState.CREATED.getOrder()) {
            return doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_CREATED_ACTIVITY, IPermission.ALL_CHANNELS_TARGET) || doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", IPermission.CHANNEL_MANAGER_CREATED_ACTIVITY, str);
        }
        return false;
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public boolean canPrincipalRender(IAuthorizationPrincipal iAuthorizationPrincipal, int i) throws AuthorizationException {
        return canPrincipalSubscribe(iAuthorizationPrincipal, i);
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public boolean canPrincipalSubscribe(IAuthorizationPrincipal iAuthorizationPrincipal, int i) throws AuthorizationException {
        String str;
        String str2 = IPermission.CHANNEL_PREFIX + i;
        IChannelDefinition channelDefinition = this.channelRegistryStore.getChannelDefinition(i);
        if (channelDefinition == null) {
            throw new AuthorizationException("Unable to locate channel " + i);
        }
        ChannelLifecycleState lifecycleState = channelDefinition.getLifecycleState();
        if (lifecycleState.equals(ChannelLifecycleState.PUBLISHED)) {
            str = "SUBSCRIBE";
        } else if (lifecycleState.equals(ChannelLifecycleState.APPROVED)) {
            str = IPermission.CHANNEL_SUBSCRIBER_APPROVED_ACTIVITY;
        } else if (lifecycleState.equals(ChannelLifecycleState.CREATED)) {
            str = IPermission.CHANNEL_SUBSCRIBER_CREATED_ACTIVITY;
        } else {
            if (!lifecycleState.equals(ChannelLifecycleState.EXPIRED)) {
                throw new AuthorizationException("Unrecognized lifecycle state for channel " + i);
            }
            str = IPermission.CHANNEL_SUBSCRIBER_EXPIRED_ACTIVITY;
        }
        return doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", str, IPermission.ALL_CHANNELS_TARGET) || doesPrincipalHavePermission(iAuthorizationPrincipal, "UP_FRAMEWORK", str, str2);
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public boolean doesPrincipalHavePermission(IAuthorizationPrincipal iAuthorizationPrincipal, String str, String str2, String str3) throws AuthorizationException {
        return doesPrincipalHavePermission(iAuthorizationPrincipal, str, str2, str3, getDefaultPermissionPolicy());
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public boolean doesPrincipalHavePermission(IAuthorizationPrincipal iAuthorizationPrincipal, String str, String str2, String str3, IPermissionPolicy iPermissionPolicy) throws AuthorizationException {
        return iPermissionPolicy.doesPrincipalHavePermission(this, iAuthorizationPrincipal, str, str2, str3);
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public IPermission[] getAllPermissionsForPrincipal(IAuthorizationPrincipal iAuthorizationPrincipal, String str, String str2, String str3) throws AuthorizationException {
        ArrayList arrayList = new ArrayList(Arrays.asList(getPermissionsForPrincipal(iAuthorizationPrincipal, str, str2, str3)));
        Iterator inheritedPrincipals = getInheritedPrincipals(iAuthorizationPrincipal);
        while (inheritedPrincipals.hasNext()) {
            arrayList.addAll(Arrays.asList(getPermissionsForPrincipal((IAuthorizationPrincipal) inheritedPrincipals.next(), str, str2, str3)));
        }
        if (this.log.isTraceEnabled()) {
            this.log.trace("query for all permissions for prcinipal=[" + iAuthorizationPrincipal + "], owner=[" + str + "], activity=[" + str2 + "], target=[" + str3 + "] returned permissions [" + arrayList + "]");
        }
        return (IPermission[]) arrayList.toArray(new IPermission[arrayList.size()]);
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public Vector getAuthorizedChannels(IAuthorizationPrincipal iAuthorizationPrincipal) throws AuthorizationException {
        return new Vector();
    }

    public IAuthorizationPrincipal[] getAuthorizedPrincipals(String str, String str2, String str3) throws AuthorizationException {
        return getPrincipalsFromPermissions(getPermissionsForOwner(str, str2, str3));
    }

    protected IPermissionPolicy getDefaultPermissionPolicy() {
        return this.defaultPermissionPolicy;
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public IGroupMember getGroupMember(IAuthorizationPrincipal iAuthorizationPrincipal) throws GroupsException {
        return getGroupMemberForPrincipal(iAuthorizationPrincipal);
    }

    private IGroupMember getGroupMemberForPrincipal(IAuthorizationPrincipal iAuthorizationPrincipal) throws GroupsException {
        IGroupMember groupMember = GroupService.getGroupMember(iAuthorizationPrincipal.getKey(), iAuthorizationPrincipal.getType());
        if (this.log.isDebugEnabled()) {
            this.log.debug("AuthorizationImpl.getGroupMemberForPrincipal(): principal [" + iAuthorizationPrincipal + "] got group member [" + groupMember + "]");
        }
        return groupMember;
    }

    private Iterator getGroupsForPrincipal(IAuthorizationPrincipal iAuthorizationPrincipal) throws GroupsException {
        return getGroupMemberForPrincipal(iAuthorizationPrincipal).getAllContainingGroups();
    }

    private Iterator getInheritedPrincipals(IAuthorizationPrincipal iAuthorizationPrincipal) throws AuthorizationException {
        ArrayList arrayList = new ArrayList(5);
        try {
            Iterator groupsForPrincipal = getGroupsForPrincipal(iAuthorizationPrincipal);
            while (groupsForPrincipal.hasNext()) {
                arrayList.add(getPrincipalForGroup((IEntityGroup) groupsForPrincipal.next()));
            }
            return arrayList.iterator();
        } catch (GroupsException e) {
            throw new AuthorizationException("Could not retrieve Groups for " + iAuthorizationPrincipal, e);
        }
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public IPermission[] getPermissionsForOwner(String str, String str2, String str3) throws AuthorizationException {
        return primRetrievePermissions(str, null, str2, str3);
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public IPermission[] getPermissionsForPrincipal(IAuthorizationPrincipal iAuthorizationPrincipal, String str, String str2, String str3) throws AuthorizationException {
        return primGetPermissionsForPrincipal(iAuthorizationPrincipal, str, str2, str3);
    }

    private IPermissionStore getPermissionStore() {
        return this.permissionStore;
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public IAuthorizationPrincipal getPrincipal(IPermission iPermission) throws AuthorizationException {
        String principal = iPermission.getPrincipal();
        int indexOf = principal.indexOf(".");
        return newPrincipal(principal.substring(indexOf + 1), EntityTypes.getEntityType(new Integer(principal.substring(0, indexOf))));
    }

    private IAuthorizationPrincipal getPrincipalForGroup(IEntityGroup iEntityGroup) {
        return newPrincipal(iEntityGroup.getKey(), EntityTypes.GROUP_ENTITY_TYPE);
    }

    private IAuthorizationPrincipal[] getPrincipalsFromPermissions(IPermission[] iPermissionArr) throws AuthorizationException {
        HashSet hashSet = new HashSet();
        for (IPermission iPermission : iPermissionArr) {
            hashSet.add(getPrincipal(iPermission));
        }
        return (IAuthorizationPrincipal[]) hashSet.toArray(new IAuthorizationPrincipal[hashSet.size()]);
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public String getPrincipalString(IAuthorizationPrincipal iAuthorizationPrincipal) {
        return getPrincipalString(iAuthorizationPrincipal.getType(), iAuthorizationPrincipal.getKey());
    }

    private String getPrincipalString(Class cls, String str) {
        return EntityTypes.getEntityTypeID(cls) + "." + str;
    }

    public IPermission[] getUncachedPermissionsForPrincipal(IAuthorizationPrincipal iAuthorizationPrincipal, String str, String str2, String str3) throws AuthorizationException {
        return primRetrievePermissions(str, getPrincipalString(iAuthorizationPrincipal), str2, str3);
    }

    private void initialize() throws IllegalArgumentException {
        String property = PropertiesManager.getProperty("org.jasig.portal.security.IPermissionStore.implementation", null);
        String property2 = PropertiesManager.getProperty("org.jasig.portal.security.IPermissionPolicy.defaultImplementation", null);
        this.cachePermissions = PropertiesManager.getPropertyAsBoolean("org.jasig.portal.security.IAuthorizationService.cachePermissions", false);
        if (property == null) {
            this.log.error("AuthorizationImpl.initialize(): No entry for org.jasig.portal.security.IPermissionStore.implementation portal.properties.");
            throw new IllegalArgumentException("AuthorizationImpl.initialize(): No entry for org.jasig.portal.security.IPermissionStore.implementation portal.properties.");
        }
        if (property2 == null) {
            this.log.error("AuthorizationImpl.initialize(): No entry for org.jasig.portal.security.IPermissionPolicy.defaultImplementation portal.properties.");
            throw new IllegalArgumentException("AuthorizationImpl.initialize(): No entry for org.jasig.portal.security.IPermissionPolicy.defaultImplementation portal.properties.");
        }
        try {
            this.permissionStore = (IPermissionStore) Class.forName(property).newInstance();
            try {
                this.defaultPermissionPolicy = (IPermissionPolicy) Class.forName(property2).newInstance();
                try {
                    this.PERMISSION_SET_TYPE = Class.forName("org.jasig.portal.security.IPermissionSet");
                } catch (ClassNotFoundException e) {
                    this.log.error("AuthorizationImpl.initialize(): Problem initializing service. ", e);
                    throw new IllegalArgumentException("AuthorizationImpl.initialize(): Problem initializing service. ");
                }
            } catch (Exception e2) {
                this.log.error("AuthorizationImpl.initialize(): Problem creating default permission policy... ", e2);
                throw new IllegalArgumentException("AuthorizationImpl.initialize(): Problem creating default permission policy... ");
            }
        } catch (Exception e3) {
            this.log.error("AuthorizationImpl.initialize(): Problem creating permission store... ", e3);
            throw new IllegalArgumentException("AuthorizationImpl.initialize(): Problem creating permission store... ");
        }
    }

    public IPermission newPermission(String str) {
        return newPermission(str, null);
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public IPermission newPermission(String str, IAuthorizationPrincipal iAuthorizationPrincipal) {
        IPermission newInstance = getPermissionStore().newInstance(str);
        if (iAuthorizationPrincipal != null) {
            newInstance.setPrincipal(getPrincipalString(iAuthorizationPrincipal));
        }
        return newInstance;
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public IPermissionManager newPermissionManager(String str) {
        return new PermissionManagerImpl(str, this);
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public IAuthorizationPrincipal newPrincipal(String str, Class cls) {
        IAuthorizationPrincipal iAuthorizationPrincipal;
        String principalString = getPrincipalString(cls, str);
        synchronized (this.principalCache) {
            iAuthorizationPrincipal = this.principalCache.get(principalString);
            if (iAuthorizationPrincipal == null) {
                iAuthorizationPrincipal = primNewPrincipal(str, cls);
                this.principalCache.put(principalString, iAuthorizationPrincipal);
            }
        }
        return iAuthorizationPrincipal;
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public IAuthorizationPrincipal newPrincipal(IGroupMember iGroupMember) throws GroupsException {
        String key = iGroupMember.getKey();
        Class type = iGroupMember.getType();
        if (this.log.isDebugEnabled()) {
            this.log.debug("AuthorizationImpl.newPrincipal(): for " + type + "(" + key + ")");
        }
        return newPrincipal(key, type);
    }

    private IAuthorizationPrincipal primNewPrincipal(String str, Class cls) {
        return new AuthorizationPrincipalImpl(str, cls, this);
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public IUpdatingPermissionManager newUpdatingPermissionManager(String str) {
        return new UpdatingPermissionManagerImpl(str, this);
    }

    private IPermission[] primGetPermissionsForPrincipal(IAuthorizationPrincipal iAuthorizationPrincipal) throws AuthorizationException {
        if (!this.cachePermissions) {
            return getUncachedPermissionsForPrincipal(iAuthorizationPrincipal, null, null, null);
        }
        IPermissionSet cacheGet = cacheGet(iAuthorizationPrincipal);
        if (cacheGet == null) {
            synchronized (iAuthorizationPrincipal) {
                cacheGet = cacheGet(iAuthorizationPrincipal);
                if (cacheGet == null) {
                    cacheGet = new PermissionSetImpl(getUncachedPermissionsForPrincipal(iAuthorizationPrincipal, null, null, null), iAuthorizationPrincipal);
                    cacheAdd(cacheGet);
                }
            }
        }
        return cacheGet.getPermissions();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v41, types: [java.util.Set] */
    /* JADX WARN: Type inference failed for: r0v60, types: [org.jasig.portal.groups.IGroupMember] */
    /* JADX WARN: Type inference failed for: r0v63, types: [org.jasig.portal.groups.IGroupMember] */
    private IPermission[] primGetPermissionsForPrincipal(IAuthorizationPrincipal iAuthorizationPrincipal, String str, String str2, String str3) throws AuthorizationException {
        HashSet hashSet;
        IPermission[] primGetPermissionsForPrincipal = primGetPermissionsForPrincipal(iAuthorizationPrincipal);
        if (str == null && str2 == null && str3 == null) {
            return primGetPermissionsForPrincipal;
        }
        if (str3 != null) {
            hashSet = (Set) this.entityParentsCache.get(str3);
            if (hashSet == null) {
                hashSet = new HashSet();
                IEntityGroup findGroup = GroupService.findGroup(str3);
                if (findGroup == null) {
                    findGroup = str3.startsWith(IPermission.CHANNEL_PREFIX) ? GroupService.getGroupMember(str3.replace(IPermission.CHANNEL_PREFIX, ""), IChannelDefinition.class) : GroupService.getGroupMember(str3, IPerson.class);
                }
                if (findGroup != null) {
                    Iterator allContainingGroups = findGroup.getAllContainingGroups();
                    while (allContainingGroups.hasNext()) {
                        hashSet.add(((IEntityGroup) allContainingGroups.next()).getKey());
                    }
                }
                this.entityParentsCache.put(str3, hashSet);
            }
        } else {
            hashSet = new HashSet();
        }
        ArrayList arrayList = new ArrayList(primGetPermissionsForPrincipal.length);
        for (int i = 0; i < primGetPermissionsForPrincipal.length; i++) {
            String target = primGetPermissionsForPrincipal[i].getTarget();
            if ((str == null || str.equals(primGetPermissionsForPrincipal[i].getOwner())) && ((str2 == null || str2.equals(primGetPermissionsForPrincipal[i].getActivity())) && (str3 == null || str3.equals(target) || hashSet.contains(target)))) {
                arrayList.add(primGetPermissionsForPrincipal[i]);
            }
        }
        if (this.log.isTraceEnabled()) {
            this.log.trace("AuthorizationImpl.primGetPermissionsForPrincipal(): Principal: " + iAuthorizationPrincipal + " owner: " + str + " activity: " + str2 + " target: " + str3 + " : permissions retrieved: " + arrayList);
        } else if (this.log.isDebugEnabled()) {
            this.log.debug("AuthorizationImpl.primGetPermissionsForPrincipal(): Principal: " + iAuthorizationPrincipal + " owner: " + str + " activity: " + str2 + " target: " + str3 + " : number of permissions retrieved: " + arrayList.size());
        }
        return (IPermission[]) arrayList.toArray(new IPermission[arrayList.size()]);
    }

    private IPermission[] primRetrievePermissions(String str, String str2, String str3, String str4) throws AuthorizationException {
        return getPermissionStore().select(str, str2, str3, str4, null);
    }

    private void removeFromPermissionsCache(IAuthorizationPrincipal[] iAuthorizationPrincipalArr) throws AuthorizationException {
        for (IAuthorizationPrincipal iAuthorizationPrincipal : iAuthorizationPrincipalArr) {
            cacheRemove(iAuthorizationPrincipal);
        }
    }

    private void removeFromPermissionsCache(IPermission[] iPermissionArr) throws AuthorizationException {
        removeFromPermissionsCache(getPrincipalsFromPermissions(iPermissionArr));
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public void removePermissions(IPermission[] iPermissionArr) throws AuthorizationException {
        if (iPermissionArr.length > 0) {
            getPermissionStore().delete(iPermissionArr);
            if (this.cachePermissions) {
                removeFromPermissionsCache(iPermissionArr);
            }
        }
    }

    protected void setDefaultPermissionPolicy(IPermissionPolicy iPermissionPolicy) {
        this.defaultPermissionPolicy = iPermissionPolicy;
    }

    public static IAuthorizationService singleton() {
        return singleton;
    }

    @Override // org.jasig.portal.security.IAuthorizationService
    public void updatePermissions(IPermission[] iPermissionArr) throws AuthorizationException {
        if (iPermissionArr.length > 0) {
            getPermissionStore().update(iPermissionArr);
            if (this.cachePermissions) {
                removeFromPermissionsCache(iPermissionArr);
            }
        }
    }
}
