package net.lukemurphey.nsia.web;

import java.sql.SQLException;
import java.text.DecimalFormat;
import java.util.HashMap;
import java.util.Map;
import java.util.Vector;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.lukemurphey.nsia.AccessControl;
import net.lukemurphey.nsia.AccessControlDescriptor;
import net.lukemurphey.nsia.Application;
import net.lukemurphey.nsia.GeneralizedException;
import net.lukemurphey.nsia.InsufficientPermissionException;
import net.lukemurphey.nsia.NoDatabaseConnectionException;
import net.lukemurphey.nsia.NoSessionException;
import net.lukemurphey.nsia.NotFoundException;
import net.lukemurphey.nsia.ObjectPermissionDescriptor;
import net.lukemurphey.nsia.RightDescriptor;
import net.lukemurphey.nsia.SessionManagement;
import net.lukemurphey.nsia.SessionStatus;
import net.lukemurphey.nsia.UserManagement;
import net.lukemurphey.nsia.eventlog.EventLogField;
import net.lukemurphey.nsia.eventlog.EventLogMessage;
import net.lukemurphey.nsia.web.templates.TemplateLoader;
import net.lukemurphey.nsia.web.views.DashboardDefinitionErrorsPanel;
import net.lukemurphey.nsia.web.views.DashboardDefinitionsUpdate;
import net.lukemurphey.nsia.web.views.DashboardLicensePanel;
import net.lukemurphey.nsia.web.views.DashboardRefreshPanel;
import net.lukemurphey.nsia.web.views.DashboardStatusPanel;
import net.lukemurphey.nsia.web.views.DashboardTasksPanel;
import net.lukemurphey.nsia.web.views.DashboardVersionPanel;
import net.lukemurphey.nsia.web.views.LogoutView;
import net.lukemurphey.nsia.web.views.UserPasswordUpdateView;

/* loaded from: input_file:net/lukemurphey/nsia/web/Shortcuts.class */
public class Shortcuts {
    protected static final boolean DEFAULT_DENY = true;

    /* loaded from: input_file:net/lukemurphey/nsia/web/Shortcuts$RequestTemplateHelper.class */
    public static class RequestTemplateHelper {
        private HttpServletRequest request;

        public RequestTemplateHelper(HttpServletRequest httpServletRequest) {
            this.request = null;
            this.request = httpServletRequest;
        }

        public String getParameter(String str) {
            return this.request.getParameter(str);
        }

        public String[] getParameters(String str) {
            return this.request.getParameterValues(str);
        }

        public String getMethod() {
            return this.request.getMethod();
        }

        public String getThisURL() {
            return Shortcuts.getPath(this.request);
        }
    }

    public static void checkRight(SessionManagement.SessionInfo sessionInfo, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkRight(sessionInfo, str, null);
    }

    public static void checkRight(SessionManagement.SessionInfo sessionInfo, String str, String str2) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkRight(sessionInfo, str, false, null);
    }

    public static void checkRight(SessionManagement.SessionInfo sessionInfo, String str, boolean z, String str2) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        if (z && sessionInfo.getSessionStatus() != SessionStatus.SESSION_ACTIVE) {
            throw new NoSessionException(sessionInfo.getSessionStatus());
        }
        if (!hasRight(sessionInfo, str, str2)) {
            throw new InsufficientPermissionException();
        }
    }

    public static boolean hasRight(SessionManagement.SessionInfo sessionInfo, String str) throws GeneralizedException {
        return hasRight(sessionInfo, str, null, true);
    }

    public static boolean hasRight(SessionManagement.SessionInfo sessionInfo, String str, String str2) throws GeneralizedException {
        return hasRight(sessionInfo, str, str2, true);
    }

    public static boolean hasRight(SessionManagement.SessionInfo sessionInfo, String str, String str2, boolean z) throws GeneralizedException {
        RightDescriptor rightDescriptor;
        Application application = Application.getApplication();
        AccessControl accessControl = new AccessControl(application);
        UserManagement userManagement = new UserManagement(application);
        try {
            try {
                rightDescriptor = accessControl.getUserRight(sessionInfo.getUserId(), str, true);
            } catch (NotFoundException e) {
                rightDescriptor = null;
            }
            UserManagement.UserDescriptor userDescriptor = userManagement.getUserDescriptor(sessionInfo.getUserId());
            String str3 = null;
            if (userDescriptor != null) {
                str3 = userDescriptor.getUserName();
            }
            EventLogField[] eventLogFieldArr = str2 != null ? new EventLogField[]{new EventLogField(EventLogField.FieldName.MESSAGE, str2), new EventLogField(EventLogField.FieldName.RIGHT, str), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str3), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId())} : new EventLogField[]{new EventLogField(EventLogField.FieldName.RIGHT, str), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str3), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId())};
            if (userDescriptor.isUnrestricted()) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, eventLogFieldArr);
                return true;
            }
            if (rightDescriptor == null) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, eventLogFieldArr);
                return false;
            }
            if (rightDescriptor.getRight() == AccessControlDescriptor.Action.PERMIT) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, eventLogFieldArr);
                return true;
            }
            if (rightDescriptor.getRight() == AccessControlDescriptor.Action.DENY) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY, eventLogFieldArr);
                return false;
            }
            if (!z) {
                return false;
            }
            application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, eventLogFieldArr);
            return false;
        } catch (SQLException e2) {
            application.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e2);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e3) {
            application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e3);
            throw new GeneralizedException();
        } catch (NotFoundException e4) {
            application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e4);
            throw new GeneralizedException();
        }
    }

    public static void checkCreate(SessionManagement.SessionInfo sessionInfo, long j) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkCreate(sessionInfo, j, null);
    }

    public static void checkCreate(SessionManagement.SessionInfo sessionInfo, long j, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkCreate(sessionInfo, j, false, str);
    }

    public static void checkCreate(SessionManagement.SessionInfo sessionInfo, long j, boolean z, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        if (z && sessionInfo.getSessionStatus() != SessionStatus.SESSION_ACTIVE) {
            throw new NoSessionException(sessionInfo.getSessionStatus());
        }
        if (!canCreate(sessionInfo, j, str)) {
            throw new InsufficientPermissionException();
        }
    }

    public static boolean canCreate(SessionManagement.SessionInfo sessionInfo, long j) throws GeneralizedException {
        return canCreate(sessionInfo, j, null);
    }

    public static boolean canCreate(SessionManagement.SessionInfo sessionInfo, long j, String str) throws GeneralizedException {
        return canCreate(sessionInfo, j, str, true);
    }

    public static boolean canCreate(SessionManagement.SessionInfo sessionInfo, long j, String str, boolean z) throws GeneralizedException {
        Application application = Application.getApplication();
        AccessControl accessControl = new AccessControl(application);
        UserManagement userManagement = new UserManagement(application);
        try {
            ObjectPermissionDescriptor userPermissions = accessControl.getUserPermissions(sessionInfo.getUserId(), j, true);
            UserManagement.UserDescriptor userDescriptor = userManagement.getUserDescriptor(sessionInfo.getUserId());
            String str2 = null;
            if (userDescriptor != null) {
                str2 = userDescriptor.getUserName();
            }
            if (userDescriptor.isUnrestricted()) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Create"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions == null) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Create"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (userPermissions.getCreatePermission() == AccessControlDescriptor.Action.PERMIT) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Create"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions.getCreatePermission() == AccessControlDescriptor.Action.DENY) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Create"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (!z) {
                return false;
            }
            application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Create"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
            return false;
        } catch (SQLException e) {
            application.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e2);
            throw new GeneralizedException();
        } catch (NotFoundException e3) {
            return false;
        }
    }

    public static void checkExecute(SessionManagement.SessionInfo sessionInfo, long j) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkExecute(sessionInfo, j, null);
    }

    public static void checkExecute(SessionManagement.SessionInfo sessionInfo, long j, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkExecute(sessionInfo, j, false, str);
    }

    public static void checkExecute(SessionManagement.SessionInfo sessionInfo, long j, boolean z, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        if (z && sessionInfo.getSessionStatus() != SessionStatus.SESSION_ACTIVE) {
            throw new NoSessionException(sessionInfo.getSessionStatus());
        }
        if (!canExecute(sessionInfo, j, str)) {
            throw new InsufficientPermissionException();
        }
    }

    public static boolean canExecute(SessionManagement.SessionInfo sessionInfo, long j) {
        return canExecute(sessionInfo, j, null);
    }

    public static boolean canExecute(SessionManagement.SessionInfo sessionInfo, long j, String str) {
        return canExecute(sessionInfo, j, str, true);
    }

    public static boolean canExecute(SessionManagement.SessionInfo sessionInfo, long j, String str, boolean z) {
        Application application = Application.getApplication();
        AccessControl accessControl = new AccessControl(application);
        UserManagement userManagement = new UserManagement(application);
        try {
            ObjectPermissionDescriptor userPermissions = accessControl.getUserPermissions(sessionInfo.getUserId(), j, true);
            UserManagement.UserDescriptor userDescriptor = userManagement.getUserDescriptor(sessionInfo.getUserId());
            String str2 = null;
            if (userDescriptor != null) {
                str2 = userDescriptor.getUserName();
            }
            if (userDescriptor.isUnrestricted()) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Execute"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions == null) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Execute"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (userPermissions.getExecutePermission() == AccessControlDescriptor.Action.PERMIT) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Execute"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions.getExecutePermission() == AccessControlDescriptor.Action.DENY) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Execute"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (!z) {
                return false;
            }
            application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Execute"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
            return false;
        } catch (SQLException e) {
            application.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            return false;
        } catch (NoDatabaseConnectionException e2) {
            application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e2);
            return false;
        } catch (NotFoundException e3) {
            return false;
        }
    }

    public static void checkModify(SessionManagement.SessionInfo sessionInfo, long j) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkModify(sessionInfo, j, null);
    }

    public static void checkModify(SessionManagement.SessionInfo sessionInfo, long j, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkModify(sessionInfo, j, false, str);
    }

    public static void checkModify(SessionManagement.SessionInfo sessionInfo, long j, boolean z, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        if (z && sessionInfo.getSessionStatus() != SessionStatus.SESSION_ACTIVE) {
            throw new NoSessionException(sessionInfo.getSessionStatus());
        }
        if (!canModify(sessionInfo, j, str)) {
            throw new InsufficientPermissionException();
        }
    }

    public static boolean canModify(SessionManagement.SessionInfo sessionInfo, long j) throws GeneralizedException {
        return canModify(sessionInfo, j, null);
    }

    public static boolean canModify(SessionManagement.SessionInfo sessionInfo, long j, String str) throws GeneralizedException {
        return canModify(sessionInfo, j, str, true);
    }

    public static boolean canModify(SessionManagement.SessionInfo sessionInfo, long j, String str, boolean z) throws GeneralizedException {
        Application application = Application.getApplication();
        AccessControl accessControl = new AccessControl(application);
        UserManagement userManagement = new UserManagement(application);
        try {
            ObjectPermissionDescriptor userPermissions = accessControl.getUserPermissions(sessionInfo.getUserId(), j, true);
            UserManagement.UserDescriptor userDescriptor = userManagement.getUserDescriptor(sessionInfo.getUserId());
            String str2 = null;
            if (userDescriptor != null) {
                str2 = userDescriptor.getUserName();
            }
            if (userDescriptor.isUnrestricted()) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Modify"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions == null) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Modify"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (userPermissions.getModifyPermission() == AccessControlDescriptor.Action.PERMIT) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Modify"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions.getModifyPermission() == AccessControlDescriptor.Action.DENY) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Modify"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (!z) {
                return false;
            }
            application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Modify"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
            return false;
        } catch (SQLException e) {
            application.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e2);
            throw new GeneralizedException();
        } catch (NotFoundException e3) {
            return false;
        }
    }

    public static void checkControl(SessionManagement.SessionInfo sessionInfo, long j) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkControl(sessionInfo, j, null);
    }

    public static void checkControl(SessionManagement.SessionInfo sessionInfo, long j, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkControl(sessionInfo, j, false, str);
    }

    public static void checkControl(SessionManagement.SessionInfo sessionInfo, long j, boolean z, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        if (z && sessionInfo.getSessionStatus() != SessionStatus.SESSION_ACTIVE) {
            throw new NoSessionException(sessionInfo.getSessionStatus());
        }
        if (!canControl(sessionInfo, j, str)) {
            throw new InsufficientPermissionException();
        }
    }

    public static boolean canControl(SessionManagement.SessionInfo sessionInfo, long j) throws GeneralizedException {
        return canControl(sessionInfo, j, null);
    }

    public static boolean canControl(SessionManagement.SessionInfo sessionInfo, long j, String str) throws GeneralizedException {
        return canControl(sessionInfo, j, str, true);
    }

    public static boolean canControl(SessionManagement.SessionInfo sessionInfo, long j, String str, boolean z) throws GeneralizedException {
        Application application = Application.getApplication();
        AccessControl accessControl = new AccessControl(application);
        UserManagement userManagement = new UserManagement(application);
        try {
            ObjectPermissionDescriptor userPermissions = accessControl.getUserPermissions(sessionInfo.getUserId(), j, true);
            UserManagement.UserDescriptor userDescriptor = userManagement.getUserDescriptor(sessionInfo.getUserId());
            String str2 = null;
            if (userDescriptor != null) {
                str2 = userDescriptor.getUserName();
            }
            if (userDescriptor.isUnrestricted()) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Control"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions == null) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Control"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (userPermissions.getControlPermission() == AccessControlDescriptor.Action.PERMIT) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Control"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions.getControlPermission() == AccessControlDescriptor.Action.DENY) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Control"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (!z) {
                return false;
            }
            application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Control"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
            return false;
        } catch (SQLException e) {
            application.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e2);
            throw new GeneralizedException();
        } catch (NotFoundException e3) {
            return false;
        }
    }

    public static void checkDelete(SessionManagement.SessionInfo sessionInfo, long j) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkDelete(sessionInfo, j, null);
    }

    public static void checkDelete(SessionManagement.SessionInfo sessionInfo, long j, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkDelete(sessionInfo, j, false, str);
    }

    public static void checkDelete(SessionManagement.SessionInfo sessionInfo, long j, boolean z, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        if (z && sessionInfo.getSessionStatus() != SessionStatus.SESSION_ACTIVE) {
            throw new NoSessionException(sessionInfo.getSessionStatus());
        }
        if (!canDelete(sessionInfo, j, str)) {
            throw new InsufficientPermissionException();
        }
    }

    public static boolean canDelete(SessionManagement.SessionInfo sessionInfo, long j) throws GeneralizedException {
        return canDelete(sessionInfo, j, null);
    }

    public static boolean canDelete(SessionManagement.SessionInfo sessionInfo, long j, String str) throws GeneralizedException {
        return canDelete(sessionInfo, j, str, true);
    }

    public static boolean canDelete(SessionManagement.SessionInfo sessionInfo, long j, String str, boolean z) throws GeneralizedException {
        Application application = Application.getApplication();
        AccessControl accessControl = new AccessControl(application);
        UserManagement userManagement = new UserManagement(application);
        try {
            ObjectPermissionDescriptor userPermissions = accessControl.getUserPermissions(sessionInfo.getUserId(), j, true);
            UserManagement.UserDescriptor userDescriptor = userManagement.getUserDescriptor(sessionInfo.getUserId());
            String str2 = null;
            if (userDescriptor != null) {
                str2 = userDescriptor.getUserName();
            }
            if (userDescriptor.isUnrestricted()) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Delete"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions == null) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Delete"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (userPermissions.getDeletePermission() == AccessControlDescriptor.Action.PERMIT) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Delete"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions.getDeletePermission() == AccessControlDescriptor.Action.DENY) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Delete"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (!z) {
                return false;
            }
            application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Delete"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
            return false;
        } catch (SQLException e) {
            application.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e2);
            throw new GeneralizedException();
        } catch (NotFoundException e3) {
            return false;
        }
    }

    public static void checkRead(SessionManagement.SessionInfo sessionInfo, long j) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkRead(sessionInfo, j, null);
    }

    public static void checkRead(SessionManagement.SessionInfo sessionInfo, long j, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        checkRead(sessionInfo, j, false, str);
    }

    public static void checkRead(SessionManagement.SessionInfo sessionInfo, long j, boolean z, String str) throws InsufficientPermissionException, GeneralizedException, NoSessionException {
        if (z && sessionInfo.getSessionStatus() != SessionStatus.SESSION_ACTIVE) {
            throw new NoSessionException(sessionInfo.getSessionStatus());
        }
        if (!canRead(sessionInfo, j, str)) {
            throw new InsufficientPermissionException();
        }
    }

    public static boolean canRead(SessionManagement.SessionInfo sessionInfo, long j) throws GeneralizedException {
        return canRead(sessionInfo, j, null);
    }

    public static boolean canRead(SessionManagement.SessionInfo sessionInfo, long j, String str) throws GeneralizedException {
        return canRead(sessionInfo, j, str, true);
    }

    public static boolean canRead(SessionManagement.SessionInfo sessionInfo, long j, String str, boolean z) throws GeneralizedException {
        Application application = Application.getApplication();
        AccessControl accessControl = new AccessControl(application);
        UserManagement userManagement = new UserManagement(application);
        try {
            ObjectPermissionDescriptor userPermissions = accessControl.getUserPermissions(sessionInfo.getUserId(), j, true);
            UserManagement.UserDescriptor userDescriptor = userManagement.getUserDescriptor(sessionInfo.getUserId());
            String str2 = null;
            if (userDescriptor != null) {
                str2 = userDescriptor.getUserName();
            }
            if (userDescriptor.isUnrestricted()) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Read"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions == null) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Read"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (userPermissions.getReadPermission() == AccessControlDescriptor.Action.PERMIT) {
                if (!z) {
                    return true;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_PERMIT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Read"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return true;
            }
            if (userPermissions.getReadPermission() == AccessControlDescriptor.Action.DENY) {
                if (!z) {
                    return false;
                }
                application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Read"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
                return false;
            }
            if (!z) {
                return false;
            }
            application.logEvent(EventLogMessage.EventType.ACCESS_CONTROL_DENY_DEFAULT, new EventLogField(EventLogField.FieldName.MESSAGE, str), new EventLogField(EventLogField.FieldName.OPERATION, "Read"), new EventLogField(EventLogField.FieldName.OBJECT_ID, j), new EventLogField(EventLogField.FieldName.SOURCE_USER_NAME, str2), new EventLogField(EventLogField.FieldName.SOURCE_USER_ID, sessionInfo.getUserId()));
            return false;
        } catch (SQLException e) {
            application.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e);
            throw new GeneralizedException();
        } catch (NoDatabaseConnectionException e2) {
            application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e2);
            throw new GeneralizedException();
        } catch (NotFoundException e3) {
            return false;
        }
    }

    public static void addDashboardHeaders(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws ViewFailedException {
        addDashboardHeaders(httpServletRequest, httpServletResponse, map, null);
    }

    public static void addDashboardHeaders(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map, String str) throws ViewFailedException {
        Vector vector = new Vector();
        vector.add(new DashboardStatusPanel().getPanel(httpServletRequest, map, Application.getApplication()));
        if (str != null) {
            vector.add(new DashboardRefreshPanel().getPanel(httpServletRequest, map, str, httpServletResponse));
        }
        String panel = new DashboardDefinitionErrorsPanel().getPanel(httpServletRequest, map, Application.getApplication());
        if (panel != null) {
            vector.add(panel);
        }
        String panel2 = new DashboardTasksPanel().getPanel(httpServletRequest, map, Application.getApplication());
        if (panel2 != null) {
            vector.add(panel2);
        }
        String panel3 = new DashboardLicensePanel().getPanel(httpServletRequest, map, Application.getApplication());
        if (panel3 != null) {
            vector.add(panel3);
        }
        String panel4 = new DashboardVersionPanel().getPanel(httpServletRequest, map, Application.getApplication());
        if (panel4 != null) {
            vector.add(panel4);
        }
        String panel5 = new DashboardDefinitionsUpdate().getPanel(httpServletRequest, map, Application.getApplication());
        if (panel5 != null) {
            vector.add(panel5);
        }
        map.put("dashboard_headers", vector);
    }

    public static String getPath(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getPathInfo() == null ? httpServletRequest.getServletPath() : String.valueOf(httpServletRequest.getServletPath()) + httpServletRequest.getPathInfo();
    }

    public static Map<String, Object> getMapWithBasics(RequestContext requestContext, HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        if (httpServletRequest.getParameter("isajax") != null) {
            hashMap.put("isajax", true);
        } else {
            hashMap.put("isajax", false);
        }
        hashMap.put("version", Application.getVersion());
        if (Application.getBuildNumber() != null && !Application.getBuildNumber().isEmpty()) {
            hashMap.put("build_number", Application.getBuildNumber());
        }
        hashMap.put("request", new RequestTemplateHelper(httpServletRequest));
        if (requestContext != null && requestContext.getSessionInfo() != null) {
            hashMap.put("session", requestContext.getSessionInfo());
            if (requestContext.getSessionInfo().getSessionStatus() == SessionStatus.SESSION_ACTIVE) {
                hashMap.put("context", requestContext);
                Vector vector = new Vector();
                try {
                    vector.add(new Link("[Logout]", LogoutView.getURL()));
                    vector.add(new Link("[Change Password]", UserPasswordUpdateView.getURL(requestContext.getUser())));
                } catch (URLInvalidException e) {
                    Application.getApplication().getEventLog().logExceptionEvent(new EventLogMessage(EventLogMessage.EventType.WEB_ERROR), e);
                }
                hashMap.put("upperbar_options", vector);
            }
        }
        return hashMap;
    }

    public String trimSlashes(String str) {
        StringBuffer stringBuffer = new StringBuffer(str);
        if (stringBuffer.charAt(0) == '/' || stringBuffer.charAt(0) == '\\') {
            stringBuffer.deleteCharAt(0);
        }
        if (stringBuffer.charAt(str.length() - 1) == '/' || stringBuffer.charAt(str.length() - 1) == '\\') {
            stringBuffer.deleteCharAt(0);
        }
        return stringBuffer.toString();
    }

    public static void getPermissionDeniedDialog(HttpServletResponse httpServletResponse, Map<String, Object> map, String str, boolean z) throws ViewFailedException {
        getPermissionDeniedDialog(httpServletResponse, map, str, null, z);
    }

    public static void getPermissionDeniedDialog(HttpServletResponse httpServletResponse, Map<String, Object> map, String str) throws ViewFailedException {
        getPermissionDeniedDialog(httpServletResponse, map, str, (Link) null);
    }

    public static void getPermissionDeniedDialog(HttpServletResponse httpServletResponse, Map<String, Object> map, String str, Link link) throws ViewFailedException {
        getPermissionDeniedDialog(httpServletResponse, map, str, link, false);
    }

    public static void getPermissionDeniedDialog(HttpServletResponse httpServletResponse, Map<String, Object> map, String str, Link link, boolean z) throws ViewFailedException {
        map.put("permission_denied_message", str);
        map.put("permission_denied_link", link);
        map.put("show_simple", Boolean.valueOf(z));
        TemplateLoader.renderToResponse("PermissionDenied.ftl", map, httpServletResponse);
    }

    public static String getBytesDescription(long j) {
        double d = j;
        DecimalFormat decimalFormat = new DecimalFormat("0.00");
        return j < 1024 ? String.valueOf(j) + " Bytes" : j < 1048576 ? String.valueOf(decimalFormat.format(d / 1024.0d)) + " KB" : j < 1073741824 ? String.valueOf(decimalFormat.format(d / 1048576.0d)) + " MB" : String.valueOf(decimalFormat.format(d / 1.073741824E9d)) + " GB";
    }

    public static String getTimeDescription(long j) {
        double d = j;
        DecimalFormat decimalFormat = new DecimalFormat("0.00");
        return j < 60 ? String.valueOf(j) + " sec" : j < 3600 ? String.valueOf(decimalFormat.format(d / 60.0d)) + " min" : j < 86400 ? String.valueOf(decimalFormat.format(d / 3600.0d)) + " hours" : String.valueOf(decimalFormat.format(d / 86400.0d)) + " days";
    }
}
