package com.fitbank.ibanking.security;

import com.fitbank.common.ApplicationDates;
import com.fitbank.common.Helper;
import com.fitbank.common.exception.FitbankException;
import com.fitbank.common.hb.UtilHB;
import com.fitbank.dto.management.Detail;
import com.fitbank.dto.management.Field;
import com.fitbank.dto.management.Record;
import com.fitbank.dto.management.Table;
import com.fitbank.hb.persistence.safe.Tibankingroltransaction;
import com.fitbank.hb.persistence.safe.Tuser;
import com.fitbank.hb.persistence.safe.TuserKey;
import com.fitbank.hb.persistence.safe.Tusercompany;
import com.fitbank.hb.persistence.safe.TusercompanyKey;
import com.fitbank.hb.persistence.trans.Transactionid;
import com.fitbank.hb.persistence.trans.TransactionidKey;
import com.fitbank.processor.AbstractCommand;
import com.fitbank.security.VerifyChannel;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/fitbank/ibanking/security/AccountTransactionValidation.class */
public class AccountTransactionValidation extends AbstractCommand {
    private static final String HQL_ALLOWED_TRANSACTIONS = "from Tibankingroltransaction o where o.pk.crol=:crol and o.pk.cpersona_compania=:cia and o.pk.csubsistema=:subsystem and o.pk.ctransaccion=:transaction and o.pk.versiontransaccion=:version and o.pk.cusuario=:user and o.pk.cpersona=:cperson and o.pk.fhasta=:fhasta";
    private static final List<String> L_ACCOUNT_FIELDS = new ArrayList();
    private static final String[] ALLOWED_CHANNELS = {"WEB"};

    public Detail executeCommand(Detail detail) throws Exception {
        Tuser tuser;
        if (!Arrays.asList(ALLOWED_CHANNELS).contains(VerifyChannel.getRealChannel(detail))) {
            return detail;
        }
        String subsystem = detail.getSubsystem();
        String transaction = detail.getTransaction();
        String version = detail.getVersion();
        if (isLOV(detail)) {
            subsystem = getFieldValue(detail, "CSUBSISTEMA_PADRE");
            transaction = getFieldValue(detail, "CTRANSACCION_PADRE");
            version = getFieldValue(detail, "VERSIONTRANSACCION_PADRE");
        }
        if (!isInternalTransaction(subsystem, transaction, version) && (tuser = (Tuser) Helper.getBean(Tuser.class, new TuserKey(detail.getUser(), ApplicationDates.DEFAULT_EXPIRY_TIMESTAMP))) != null) {
            Integer cpersona = tuser.getCpersona();
            Tusercompany tusercompany = (Tusercompany) Helper.getBean(Tusercompany.class, new TusercompanyKey(detail.getCompany(), detail.getUser(), ApplicationDates.DEFAULT_EXPIRY_TIMESTAMP));
            if (tusercompany != null && tusercompany.getCrol().intValue() != 17 && tusercompany.getCrol().intValue() != 18) {
                return detail;
            }
            fillAccountFields();
            if (subsystem.equals("0") && transaction.equals("0") && version.equals("0")) {
                subsystem = detail.getSubsystem();
                transaction = detail.getTransaction();
                version = detail.getVersion();
            }
            UtilHB utilHB = new UtilHB(HQL_ALLOWED_TRANSACTIONS);
            utilHB.setInteger("crol", detail.getRole());
            utilHB.setInteger("cia", detail.getCompany());
            utilHB.setString("subsystem", subsystem);
            utilHB.setString("transaction", transaction);
            utilHB.setString("version", version);
            utilHB.setString("user", detail.getUser());
            utilHB.setInteger("cperson", cpersona);
            utilHB.setTimestamp("fhasta", ApplicationDates.DEFAULT_EXPIRY_TIMESTAMP);
            List list = utilHB.getList(false);
            if (list.isEmpty()) {
                throw new FitbankException("OBA-XXX", "TRANSACCION DE OFFICE BANKING NO PERMITIDA PARA EL USUARIO", new Object[0]);
            }
            HashSet hashSet = new HashSet();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                hashSet.add(((Tibankingroltransaction) it.next()).getPk().getCcuenta());
            }
            lookupAllowedAccounts(detail, hashSet);
            return detail;
        }
        return detail;
    }

    private void lookupAllowedAccounts(Detail detail, Set<String> set) {
        for (Table table : detail.getTables()) {
            boolean z = false;
            Iterator it = table.getRecords().iterator();
            while (it.hasNext()) {
                Iterator it2 = ((Record) it.next()).getFields().iterator();
                while (true) {
                    if (it2.hasNext()) {
                        Field field = (Field) it2.next();
                        if (fieldNotEmpty(field) && L_ACCOUNT_FIELDS.contains(field.getName()) && !set.contains(field.getStringValue())) {
                            it.remove();
                            z = true;
                            break;
                        }
                    }
                }
            }
            if (z) {
                table.clearEmptyRecords();
                table.reassignRecordNumbers();
            }
        }
    }

    private boolean fieldNotEmpty(Field field) {
        return (field == null || field.getValue() == null || !StringUtils.isNotBlank(field.getStringValue())) ? false : true;
    }

    private void fillAccountFields() {
        L_ACCOUNT_FIELDS.add("CCUENTA");
        L_ACCOUNT_FIELDS.add("CUENTAP");
        L_ACCOUNT_FIELDS.add("CUENTAPREST");
    }

    private String getFieldValue(Detail detail, String str) {
        Field findFieldByName = detail.findFieldByName(str);
        return (findFieldByName == null || findFieldByName.getValue() == null || !StringUtils.isNotBlank(findFieldByName.getStringValue())) ? "0" : findFieldByName.getStringValue();
    }

    private boolean isLOV(Detail detail) {
        Transactionid transactionid = (Transactionid) Helper.getBean(Transactionid.class, new TransactionidKey(detail.getSubsystem(), detail.getTransaction(), detail.getVersion()));
        return transactionid != null && "1".equals(transactionid.getListavalor());
    }

    private boolean isInternalTransaction(String str, String str2, String str3) {
        Transactionid transactionid = (Transactionid) Helper.getBean(Transactionid.class, new TransactionidKey(str, str2, str3));
        return transactionid != null && "1".equals(transactionid.getInterna());
    }
}
