package ru.infotech24.apk23main.logic.user;

import com.google.common.collect.Lists;
import java.beans.ConstructorProperties;
import java.io.IOException;
import java.time.LocalDate;
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.multipart.MultipartFile;
import ru.infotech24.apk23main.ExceptionTranslator;
import ru.infotech24.apk23main.auxServices.TransactionalWrapper;
import ru.infotech24.apk23main.domain.common.LookupObject;
import ru.infotech24.apk23main.domain.institution.Institution;
import ru.infotech24.apk23main.domain.institution.InstitutionBranch;
import ru.infotech24.apk23main.domain.institution.InstitutionEmployee;
import ru.infotech24.apk23main.domain.institution.InstitutionType;
import ru.infotech24.apk23main.domain.institution.LegalForm;
import ru.infotech24.apk23main.domain.institution.ServiceRegionSecureRelation;
import ru.infotech24.apk23main.domain.person.Person;
import ru.infotech24.apk23main.domain.smev.SmevMessageKind;
import ru.infotech24.apk23main.domain.smev.SmevMessageSubtype;
import ru.infotech24.apk23main.domain.user.AccessRequest;
import ru.infotech24.apk23main.domain.user.AccessRequestDecisionType;
import ru.infotech24.apk23main.domain.user.AccessRequestState;
import ru.infotech24.apk23main.domain.user.NewInstitutionData;
import ru.infotech24.apk23main.filestorage.FileStorage;
import ru.infotech24.apk23main.filestorage.FilesSignatureService;
import ru.infotech24.apk23main.filestorage.SignedFileData;
import ru.infotech24.apk23main.filestorage.TempFileInfo;
import ru.infotech24.apk23main.logic.address.AddressDao;
import ru.infotech24.apk23main.logic.address.RegionDao;
import ru.infotech24.apk23main.logic.common.journal.JournalBl;
import ru.infotech24.apk23main.logic.docs.DocumentException;
import ru.infotech24.apk23main.logic.institution.dao.InstitutionBranchDao;
import ru.infotech24.apk23main.logic.institution.dao.InstitutionDao;
import ru.infotech24.apk23main.logic.institution.dao.InstitutionEmployeeDao;
import ru.infotech24.apk23main.logic.person.PersonDao;
import ru.infotech24.apk23main.logic.person.bl.PersonBl;
import ru.infotech24.apk23main.logic.smev.SmevMessagesBl;
import ru.infotech24.apk23main.logic.user.dto.AccessRequestDecisionDto;
import ru.infotech24.apk23main.logic.user.dto.AdminAccessRequestBatchFilter;
import ru.infotech24.apk23main.logic.user.dto.AdminAccessRequestBatchResult;
import ru.infotech24.apk23main.logic.user.dto.CurrentInstitutionAccessRequestDecisionDto;
import ru.infotech24.apk23main.logic.user.dto.NewAccessRequestDto;
import ru.infotech24.apk23main.logic.user.dto.UploadedSignedTempFileDto;
import ru.infotech24.apk23main.logic.user.dto.UploadedTempFileDto;
import ru.infotech24.apk23main.logic.user.dto.UserAccessRequestDto;
import ru.infotech24.apk23main.logic.user.dto.UserInstitutionAccessRequestDto;
import ru.infotech24.apk23main.logic.user.dto.ViewAccessRequestDecisionDto;
import ru.infotech24.apk23main.logic.user.dto.ViewAccessRequestDto;
import ru.infotech24.apk23main.logic.user.dto.ViewAccessRequestInstitutionDto;
import ru.infotech24.apk23main.resources.applogic.dto.SmevMessageForCreate;
import ru.infotech24.apk23main.security.AppSecurityException;
import ru.infotech24.apk23main.security.aop.AppSecuredContext;
import ru.infotech24.apk23main.security.domain.User;
import ru.infotech24.apk23main.security.user.UserService;
import ru.infotech24.common.exceptions.BusinessLogicException;
import ru.infotech24.common.exceptions.FileNameTooLongException;
import ru.infotech24.common.helpers.ObjectUtils;
import ru.infotech24.common.helpers.StringUtils;
import ru.infotech24.common.notification.NotificationMessage;
import ru.infotech24.common.notification.NotificationSeverity;
import ru.infotech24.common.types.FileRef;
import ru.infotech24.common.validation.BeanRuleViolation;
import ru.infotech24.common.validation.FieldRuleViolation;
import ru.infotech24.common.validation.RelationRuleViolation;
import ru.infotech24.common.validation.RuleViolation;

@Transactional
@Service
/* loaded from: input_file:BOOT-INF/classes/ru/infotech24/apk23main/logic/user/AccessRequestBl.class */
public class AccessRequestBl {

    @Value("${application-settings.requester-role-id}")
    private Integer requesterRoleId;

    @Value("${application-settings.requester-worker-role-id}")
    private Integer requesterWorkerRoleId;
    private final UserService userService;
    private final AccessRequestDao accessRequestDao;
    private final InstitutionDao institutionDao;
    private final InstitutionBranchDao institutionBranchDao;
    private final InstitutionEmployeeDao institutionEmployeeDao;
    private final JournalBl journalBl;
    private final FileStorage fileStorage;
    private final TransactionalWrapper transactionalWrapper;
    private final AddressDao addressDao;
    private final RegionDao regionDao;
    private final PersonDao personDao;
    private final FilesSignatureService filesSignatureVerifier;
    private final SmevMessagesBl smevMessagesBl;
    private final ExceptionTranslator exceptionTranslator;
    private final AppSecuredContext securedContext;
    private final PersonBl personBl;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/classes/ru/infotech24/apk23main/logic/user/AccessRequestBl$TargetInstitutionInfo.class */
    public static class TargetInstitutionInfo {
        private final String name;
        private final String inn;
        private static final TargetInstitutionInfo defaultValue = new TargetInstitutionInfo(null, null);

        @ConstructorProperties({"name", "inn"})
        public TargetInstitutionInfo(String str, String str2) {
            this.name = str;
            this.inn = str2;
        }
    }

    public AccessRequestBl(UserService userService, AccessRequestDao accessRequestDao, InstitutionDao institutionDao, InstitutionBranchDao institutionBranchDao, InstitutionEmployeeDao institutionEmployeeDao, JournalBl journalBl, FileStorage fileStorage, TransactionalWrapper transactionalWrapper, AddressDao addressDao, RegionDao regionDao, PersonDao personDao, FilesSignatureService filesSignatureService, SmevMessagesBl smevMessagesBl, ExceptionTranslator exceptionTranslator, AppSecuredContext appSecuredContext, PersonBl personBl) {
        this.userService = userService;
        this.accessRequestDao = accessRequestDao;
        this.institutionDao = institutionDao;
        this.institutionBranchDao = institutionBranchDao;
        this.institutionEmployeeDao = institutionEmployeeDao;
        this.journalBl = journalBl;
        this.fileStorage = fileStorage;
        this.transactionalWrapper = transactionalWrapper;
        this.addressDao = addressDao;
        this.regionDao = regionDao;
        this.personDao = personDao;
        this.filesSignatureVerifier = filesSignatureService;
        this.smevMessagesBl = smevMessagesBl;
        this.exceptionTranslator = exceptionTranslator;
        this.securedContext = appSecuredContext;
        this.personBl = personBl;
    }

    public List<UserAccessRequestDto> readCurrentUserSent() {
        Optional<Integer> currentUserPersonId = this.userService.getCurrentUserPersonId();
        return currentUserPersonId.isPresent() ? (List) this.accessRequestDao.readByPersonId(currentUserPersonId.get().intValue()).stream().map(accessRequest -> {
            TargetInstitutionInfo targetInstitutionNameForRequest = getTargetInstitutionNameForRequest(accessRequest);
            return UserAccessRequestDto.builder().id(accessRequest.getId()).createdTime(accessRequest.getCreatedTime()).state(accessRequest.getState()).regionId(accessRequest.getRegionId()).institutionId(accessRequest.getTargetInstitutionId()).institutionName(targetInstitutionNameForRequest.name).institutionInn(targetInstitutionNameForRequest.inn).institutionTypeId(accessRequest.getInstitutionTypeId()).build();
        }).collect(Collectors.toList()) : new ArrayList();
    }

    public AdminAccessRequestBatchResult readAdminRequestsList(AdminAccessRequestBatchFilter adminAccessRequestBatchFilter) {
        Objects.requireNonNull(adminAccessRequestBatchFilter);
        if ((this.userService.getCurrentUser() == null || this.securedContext.hasMetaRights(50, LookupObject.META_CODE_SECURE_REGION_RELATED, Integer.valueOf(ServiceRegionSecureRelation.NOMATTER.getValue()), null, null, null, null)) ? false : true) {
            User currentUser = this.userService.getCurrentUser();
            if (currentUser.getServiceRegionIds() == null || currentUser.getServiceRegionIds().isEmpty()) {
                throw new BusinessLogicException(null, "У организации #%s не заполнен перечень регионов", currentUser.getInstitutionId());
            }
            if (adminAccessRequestBatchFilter.getRegionId() == null) {
                adminAccessRequestBatchFilter.setRegionIds(new ArrayList(currentUser.getServiceRegionIds()));
            } else {
                if (!currentUser.getServiceRegionIds().stream().anyMatch(num -> {
                    return Objects.equals(num, adminAccessRequestBatchFilter.getRegionId());
                })) {
                    return AdminAccessRequestBatchResult.builder().success(true).rows(Lists.newArrayList()).lastRow(0).build();
                }
                adminAccessRequestBatchFilter.setRegionIds(Lists.newArrayList(adminAccessRequestBatchFilter.getRegionId()));
            }
        } else if (adminAccessRequestBatchFilter.getRegionId() != null) {
            adminAccessRequestBatchFilter.setRegionIds(Lists.newArrayList(adminAccessRequestBatchFilter.getRegionId()));
        }
        return this.accessRequestDao.readByFilter(adminAccessRequestBatchFilter);
    }

    public List<UserInstitutionAccessRequestDto> readCurrentInstitutionRequestsList() {
        User currentUser = this.userService.getCurrentUser();
        Objects.requireNonNull(currentUser, "Нет информации о текущем пользователе");
        return (List) this.accessRequestDao.readByTargetInstitutionId(currentUser.getInstitutionId().intValue()).stream().map(accessRequest -> {
            return UserInstitutionAccessRequestDto.builder().id(accessRequest.getId()).createdTime(accessRequest.getCreatedTime()).state(accessRequest.getState()).authorPersonId(accessRequest.getUserPersonId()).authorName((String) this.personDao.byId(accessRequest.getUserPersonId()).map((v0) -> {
                return v0.getFullFio();
            }).orElse("")).hasAttorney(accessRequest.hasAttorneyData()).build();
        }).collect(Collectors.toList());
    }

    public boolean isCurrentInstitutionAccessRequest(Integer num) {
        return Objects.equals(this.userService.getCurrentUser().getInstitutionId(), this.accessRequestDao.byIdStashed(num).getTargetInstitutionId());
    }

    public boolean isCurrentInstitutionAccessDecisionAvailable(Integer num) {
        return isCurrentInstitutionAccessDecisionAvailable(this.userService.getCurrentUser(), this.accessRequestDao.byIdStashed(num));
    }

    public boolean isCurrentInstitutionAccessDecisionAvailable(User user, AccessRequest accessRequest) {
        return user.isAdministrator() || (Objects.equals(user.getInstitutionId(), accessRequest.getTargetInstitutionId()) && Objects.equals(accessRequest.getInstitutionTypeId(), 1) && !accessRequest.hasAttorneyData().booleanValue());
    }

    public ViewAccessRequestDto getUserAccessRequest(Integer num, boolean z, boolean z2) {
        User currentUser = this.userService.getCurrentUser();
        Optional<Integer> currentUserPersonId = this.userService.getCurrentUserPersonId();
        if (currentUser == null) {
            throw new BusinessLogicException("Нет сведений о текущем пользователе");
        }
        AccessRequest byIdStashed = this.accessRequestDao.byIdStashed(num);
        validateHasRights(z2 | currentUser.isAdministrator(), currentUser, currentUserPersonId, byIdStashed);
        Optional<User> userByPersonId = this.userService.getUserByPersonId(byIdStashed.getUserPersonId().intValue());
        if (userByPersonId.isPresent()) {
            return ViewAccessRequestDto.builder().id(byIdStashed.getId()).createdTime(byIdStashed.getCreatedTime()).authorFio(userByPersonId.get().getFio()).userPersonId(byIdStashed.getUserPersonId()).files(byIdStashed.getFiles()).comment(byIdStashed.getComment()).institutionData(ViewAccessRequestInstitutionDto.of(byIdStashed, this.institutionDao, this.regionDao).orElse(null)).institutionTypeId(byIdStashed.getInstitutionTypeId()).state(byIdStashed.getState()).decisionData(ViewAccessRequestDecisionDto.of(byIdStashed, this.institutionEmployeeDao).orElse(null)).cancelAvailable(Objects.equals(byIdStashed.getUserPersonId(), currentUserPersonId.orElse(null)) && Objects.equals(byIdStashed.getState(), AccessRequestState.SENT)).decisionAvailable((z || currentUser.isAdministrator()) && Objects.equals(byIdStashed.getState(), AccessRequestState.SENT)).build();
        }
        throw new BusinessLogicException(null, "Нет данных об авторе запроса %s", byIdStashed.getId());
    }

    private void validateHasRights(boolean z, User user, Optional<Integer> optional, AccessRequest accessRequest) {
        if (!(Objects.equals(optional.orElse(null), accessRequest.getUserPersonId()) || user.isAdministrator() || z)) {
            throw new AppSecurityException("Нет доступа к объекту");
        }
    }

    public AccessRequest getAccessRequest(int i) {
        return this.accessRequestDao.byIdStrong(Integer.valueOf(i));
    }

    @Transactional
    public boolean cancelAccessRequest(int i) {
        Optional<AccessRequest> byId = this.accessRequestDao.byId(Integer.valueOf(i));
        if (!byId.isPresent()) {
            return false;
        }
        if (byId.get().getDecisionTypeId() != null) {
            throw new BusinessLogicException("По запросу на доступ уже вынесено решение");
        }
        if (Objects.equals(byId.get().getState(), AccessRequestState.CANCELlED)) {
            return false;
        }
        if (!this.userService.getCurrentUserPersonId().isPresent() || !Objects.equals(byId.get().getUserPersonId(), this.userService.getCurrentUserPersonId().get())) {
            throw new BusinessLogicException("Отменить запрос на доступ может только его автор");
        }
        byId.get().setState(AccessRequestState.CANCELlED);
        this.accessRequestDao.update(byId.get(), Integer.valueOf(i));
        this.journalBl.recordModifiedToJournal(12, Integer.valueOf(i), null, "Запрос на доступ отозван");
        return true;
    }

    @Transactional
    public Integer storeDecision(AccessRequestDecisionDto accessRequestDecisionDto) {
        Objects.requireNonNull(accessRequestDecisionDto);
        if (accessRequestDecisionDto.getDecisionTypeId() != AccessRequestDecisionType.DENIED && accessRequestDecisionDto.getDecisionTypeId() != AccessRequestDecisionType.ACCEPTED) {
            throw new BusinessLogicException(String.format("Тип решения: %s не поддерживается", accessRequestDecisionDto.getDecisionTypeId()));
        }
        User currentUser = this.userService.getCurrentUser();
        if (currentUser == null) {
            throw new BusinessLogicException("Нет данных о текущем пользователе");
        }
        AccessRequest byIdStrong = this.accessRequestDao.byIdStrong(accessRequestDecisionDto.getAccessRequestId());
        validateDecision(accessRequestDecisionDto, byIdStrong);
        byIdStrong.setDecisionTime(LocalDateTime.now());
        byIdStrong.setDecisionUserId(Integer.valueOf(currentUser.getId()));
        byIdStrong.setDecisionText(accessRequestDecisionDto.getDecisionText());
        byIdStrong.setDecisionTypeId(accessRequestDecisionDto.getDecisionTypeId());
        this.journalBl.recordModifiedToJournal(12, byIdStrong.getId(), null, String.format("Принято решение: %s", accessRequestDecisionDto.getDecisionTypeId().getCaption()));
        if (accessRequestDecisionDto.getDecisionTypeId() == AccessRequestDecisionType.DENIED) {
            byIdStrong.setState(AccessRequestState.DENIED);
            this.accessRequestDao.update(byIdStrong, byIdStrong.getId());
            return null;
        }
        if (Objects.equals(byIdStrong.getInstitutionTypeId(), 4)) {
            Person person = (Person) this.userService.getWithSystemUser(() -> {
                return this.personBl.ensureInstitutionPerson(accessRequestDecisionDto.getNewInstitutionData(), byIdStrong.getUserPersonId(), byIdStrong.getRegionId());
            });
            byIdStrong.setState(AccessRequestState.ACCEPTED);
            this.accessRequestDao.update(byIdStrong, byIdStrong.getId());
            return person.getId();
        }
        Integer valueOf = Integer.valueOf(accessRequestDecisionDto.getTargetInstitutionId() != null ? accessRequestDecisionDto.getTargetInstitutionId().intValue() : createInstitutionByRequest(accessRequestDecisionDto.getNewInstitutionData()));
        Optional<InstitutionBranch> findFirst = this.institutionBranchDao.readByInstitutionId(valueOf).stream().findFirst();
        if (!findFirst.isPresent()) {
            findFirst = Optional.of(this.institutionBranchDao.insert(InstitutionBranch.builder().institutionId(valueOf).caption("-").build()));
        }
        int intValue = findFirst.get().getId().intValue();
        List<Integer> determineAgriculturalUserRole = Objects.equals(byIdStrong.getInstitutionTypeId(), 1) ? determineAgriculturalUserRole(byIdStrong) : (List) ObjectUtils.isNull(accessRequestDecisionDto.getRoles(), new ArrayList());
        Person byIdStrong2 = this.personDao.byIdStrong(byIdStrong.getUserPersonId());
        InstitutionEmployee orElse = this.institutionEmployeeDao.readAllByUserPersonId(byIdStrong.getUserPersonId()).stream().filter(institutionEmployee -> {
            return Objects.equals(institutionEmployee.getInstitutionId(), valueOf);
        }).findAny().orElse(null);
        if (orElse == null) {
            orElse = this.institutionEmployeeDao.readByInstitutionId(valueOf, false).stream().filter(institutionEmployee2 -> {
                return (institutionEmployee2.getSnils() != null && Objects.equals(institutionEmployee2.getSnils(), byIdStrong2.getSnils())) || (institutionEmployee2.getInn() != null && Objects.equals(institutionEmployee2.getInn(), byIdStrong2.getInn())) || (Objects.equals(institutionEmployee2.getLastName(), byIdStrong2.getLastName()) && Objects.equals(institutionEmployee2.getFirstName(), byIdStrong2.getFirstName()) && Objects.equals(institutionEmployee2.getMiddleName(), byIdStrong2.getMiddleName()) && Objects.equals(institutionEmployee2.getBirthDate(), byIdStrong2.getBirthDate()));
            }).findFirst().orElse(null);
        }
        if (orElse != null && orElse.getRetireDate() == null) {
            throw new BusinessLogicException("Пользователю уже предоставлен доступ к требуемой организации. Текущий запрос на доступ подлежит отказу. При отказе ранее предоставленный пользователю доступ не будет урезан. Если требуется изменить уровень доступа пользователя, то следует воспользоваться средствами его редактирования.");
        }
        if (orElse != null) {
            orElse.setRetireDate(null);
            orElse.setAsoiRoles(determineAgriculturalUserRole);
            this.institutionEmployeeDao.update(orElse, orElse.getKey());
            this.journalBl.recordModifiedToJournal(7, valueOf, orElse.getId(), "Доступ пользователя был восстановлен");
            return valueOf;
        }
        this.journalBl.recordAddedToJournal(7, valueOf, this.institutionEmployeeDao.insert(InstitutionEmployee.builder().institutionId(valueOf).lastName(byIdStrong2.getLastName()).firstName(byIdStrong2.getFirstName()).middleName(byIdStrong2.getMiddleName()).birthDate(byIdStrong2.getBirthDate()).snils(byIdStrong2.getSnils()).inn(byIdStrong2.getInn()).postId(Integer.valueOf(Objects.equals(byIdStrong.getEmployeeRole(), AccessRequest.INSTITUTION_HEAD) ? 15 : -1)).branchId(Integer.valueOf(intValue)).asoiRoles(determineAgriculturalUserRole).personId(byIdStrong.getUserPersonId()).uniqueUserId(Integer.valueOf(this.institutionEmployeeDao.getMaxUserId().orElse(0).intValue() + 1)).build()).getId(), "Создан автоматически в рамках принятия решения по запросу доступа");
        if (!Objects.equals(byIdStrong.getTargetInstitutionId(), valueOf)) {
            byIdStrong.setDecisionText(String.format("Предоставлен доступ к #%s %s. \n%s", valueOf, this.institutionDao.byIdStrong(valueOf).getShortCaption(), ObjectUtils.isNull(byIdStrong.getDecisionText(), "")));
            byIdStrong.setDecisionText(StringUtils.prettify(byIdStrong.getDecisionText(), 5000));
        }
        byIdStrong.setState(AccessRequestState.ACCEPTED);
        this.accessRequestDao.update(byIdStrong, byIdStrong.getId());
        return valueOf;
    }

    private ArrayList<Integer> determineAgriculturalUserRole(AccessRequest accessRequest) {
        if (accessRequest.getEmployeeRole() == null) {
            throw new BusinessLogicException("Роль пользователя не может быть пустой");
        }
        return Objects.equals(accessRequest.getEmployeeRole(), AccessRequest.EMPLOYEE_WITHOUT_SIGN_RIGHTS) ? Lists.newArrayList(this.requesterWorkerRoleId) : Lists.newArrayList(this.requesterRoleId);
    }

    @Transactional
    public Integer storeCurrentInstitutionDecision(CurrentInstitutionAccessRequestDecisionDto currentInstitutionAccessRequestDecisionDto) {
        Objects.requireNonNull(currentInstitutionAccessRequestDecisionDto);
        AccessRequest byIdStrong = this.accessRequestDao.byIdStrong(currentInstitutionAccessRequestDecisionDto.getAccessRequestId());
        if (isCurrentInstitutionAccessDecisionAvailable(this.userService.getCurrentUser(), byIdStrong)) {
            return storeDecision(AccessRequestDecisionDto.builder().accessRequestId(currentInstitutionAccessRequestDecisionDto.getAccessRequestId()).decisionText(currentInstitutionAccessRequestDecisionDto.getDecisionText()).targetInstitutionId(byIdStrong.getTargetInstitutionId()).userPersonId(byIdStrong.getUserPersonId()).decisionTypeId(currentInstitutionAccessRequestDecisionDto.getDecisionTypeId()).roles(currentInstitutionAccessRequestDecisionDto.getStateRoles()).build());
        }
        throw new AppSecurityException("Нет прав для вынесения решения по запросу на доступ к текущему СХП по доверенности");
    }

    private int createInstitutionByRequest(NewInstitutionData newInstitutionData) {
        Objects.requireNonNull(newInstitutionData);
        String prettify = StringUtils.prettify(newInstitutionData.getName(), 256);
        if (this.institutionDao.search(newInstitutionData.getName(), null, null, false, InstitutionType.BUSINESS_INSTITUTION_TYPES).stream().anyMatch(institutionSearchResult -> {
            return (institutionSearchResult.getCaption() != null && institutionSearchResult.getCaption().equalsIgnoreCase(prettify)) || (institutionSearchResult.getShortCaption() != null && institutionSearchResult.getShortCaption().equalsIgnoreCase(prettify));
        })) {
            throw new BusinessLogicException("Уже есть учреждение с таким названием");
        }
        Institution insert = this.institutionDao.insert(Institution.builder().id(this.institutionDao.getNextInstitutionId()).createdTime(LocalDateTime.now()).createdUser(Integer.valueOf(this.userService.getCurrentUser().getId())).institutionTypeId(1).caption(prettify).shortCaption(prettify).inn(newInstitutionData.getInn()).stateServicesLimit(0).build());
        this.journalBl.recordAddedToJournal(4, insert.getId(), null, "Создано автоматически в рамках принятия решения по запросу доступа");
        return insert.getId().intValue();
    }

    private void validateDecision(AccessRequestDecisionDto accessRequestDecisionDto, AccessRequest accessRequest) {
        if (accessRequest.getDecisionTypeId() != null) {
            throw new BusinessLogicException("По запросу на доступ уже принято решение");
        }
        if (Objects.equals(accessRequest.getState(), AccessRequestState.CANCELlED)) {
            throw new BusinessLogicException("Запрос на доступ к ИС был ранее отозван");
        }
        if (accessRequestDecisionDto.getTargetInstitutionId() != null && !Objects.equals(this.institutionDao.byIdStrong(accessRequestDecisionDto.getTargetInstitutionId()).getInstitutionTypeId(), 3) && accessRequestDecisionDto.getRoles() != null && !accessRequestDecisionDto.getRoles().isEmpty()) {
            throw new BusinessLogicException("Роли можно выделить только при запросе доступа к госучреждению");
        }
        if ((this.userService.getCurrentUser() == null || this.securedContext.hasMetaRights(50, LookupObject.META_CODE_SECURE_REGION_RELATED, Integer.valueOf(ServiceRegionSecureRelation.NOMATTER.getValue()), null, null, null, null)) ? false : true) {
            User currentUser = this.userService.getCurrentUser();
            if (currentUser.getServiceRegionIds() == null || currentUser.getServiceRegionIds().isEmpty()) {
                throw new BusinessLogicException(null, "У организации #%s не заполнен перечень регионов", currentUser.getInstitutionId());
            }
            if (currentUser.getServiceRegionIds().stream().noneMatch(num -> {
                return Objects.equals(num, accessRequest.getRegionId());
            })) {
                throw new AppSecurityException(String.format("У пользователя нет прав на вынесение решения по региону #%s", accessRequest.getRegionId()));
            }
        }
        ArrayList arrayList = new ArrayList();
        if (accessRequestDecisionDto.getDecisionTypeId() == null) {
            arrayList.add(new FieldRuleViolation("decisionTypeId", "accessRequest", "Поле не может быть пустым"));
        }
        if (accessRequestDecisionDto.getDecisionText() != null && accessRequestDecisionDto.getDecisionText().length() > 5000) {
            arrayList.add(new FieldRuleViolation("decisionText", "accessRequest", "Превышена максимальная длина"));
        }
        if (Objects.equals(accessRequestDecisionDto.getDecisionTypeId(), AccessRequestDecisionType.ACCEPTED) && accessRequestDecisionDto.getTargetInstitutionId() == null && !Objects.equals(accessRequestDecisionDto.getInstitutionTypeId(), 4)) {
            validateNewInstitutionData(accessRequestDecisionDto.getNewInstitutionData(), arrayList, "Поле не может быть пустым", accessRequest.getInstitutionTypeId());
        }
        if (Objects.equals(accessRequestDecisionDto.getDecisionTypeId(), AccessRequestDecisionType.ACCEPTED) && Objects.equals(accessRequestDecisionDto.getInstitutionTypeId(), 4)) {
            validatePersonData(accessRequestDecisionDto.getNewInstitutionData(), accessRequest.getUserPersonId(), arrayList, "Поле не может быть пустым");
        }
        if (!arrayList.isEmpty()) {
            throw new DocumentException("Имеются ошибки в данных нового запроса на доступ к ИС", (Integer) 0, (Collection<RuleViolation>) arrayList);
        }
    }

    @Transactional
    public AccessRequest createAccessRequest(NewAccessRequestDto newAccessRequestDto, List<NotificationMessage> list) {
        Objects.requireNonNull(newAccessRequestDto, "Object is missing");
        AccessRequest accessRequest = (AccessRequest) this.transactionalWrapper.getWithRequiredTransaction(() -> {
            User currentUser = this.userService.getCurrentUser();
            if (currentUser.getSnils() == null) {
                throw new BusinessLogicException("Нет информации о СНИЛС текущего пользователя");
            }
            if (currentUser.getInn() == null && Objects.equals(newAccessRequestDto.getInstitutionTypeId(), 1) && Objects.equals(newAccessRequestDto.getEmployeeRole(), AccessRequest.INSTITUTION_HEAD)) {
                throw new BusinessLogicException("Отправка запроса на доступ для главы СХП возможна только при наличии данных об ИНН пользователя. \nНеобходимо зарегистрировать сведения об ИНН на портале Госуслуг.");
            }
            Integer ensureCurrentUserPersonId = this.userService.ensureCurrentUserPersonId();
            if (ensureCurrentUserPersonId == null) {
                throw new BusinessLogicException("Не удалось сохранить информацию о пользователе");
            }
            prettifyNewObjectData(newAccessRequestDto);
            validateNewAccessRequest(newAccessRequestDto, ensureCurrentUserPersonId.intValue(), list);
            AccessRequest insert = this.accessRequestDao.insert(AccessRequest.builder().state(AccessRequestState.SENT).attorneyData(newAccessRequestDto.getAttorneyData()).newInstitutionData(newAccessRequestDto.getNewInstitutionData()).institutionTypeId(newAccessRequestDto.getInstitutionTypeId()).comment(newAccessRequestDto.getComment()).files(copyTempFilesToUserPerson(ensureCurrentUserPersonId, newAccessRequestDto.getFiles())).regionId(newAccessRequestDto.getRegionId()).userPersonId(ensureCurrentUserPersonId).targetInstitutionId(newAccessRequestDto.getTargetInstitutionId()).employeeRole(newAccessRequestDto.getEmployeeRole()).createdTime(LocalDateTime.now()).build());
            this.journalBl.recordAddedToJournal(12, insert.getId(), null, null);
            trySendSmevMessage(insert, list);
            return insert;
        });
        deleteTempFiles(newAccessRequestDto.getFiles());
        return accessRequest;
    }

    public Integer tryAcceptDecisionWithPerson(AccessRequest accessRequest, List<NotificationMessage> list) {
        if (!Objects.equals(accessRequest.getInstitutionTypeId(), 4)) {
            return null;
        }
        AccessRequestDecisionDto build = AccessRequestDecisionDto.builder().accessRequestId(accessRequest.getId()).userPersonId(accessRequest.getUserPersonId()).decisionText("Автоматическое решение для физ. лица на основе данных из ЕСИА после успешной авторизации").decisionTypeId(AccessRequestDecisionType.ACCEPTED).institutionTypeId(accessRequest.getInstitutionTypeId()).newInstitutionData(accessRequest.getNewInstitutionData()).build();
        Integer num = (Integer) this.userService.getWithSystemUser(() -> {
            return storeDecision(build);
        });
        list.add(new NotificationMessage(NotificationSeverity.Success, "Физ. лицо успешно сохранено"));
        return num;
    }

    private void trySendSmevMessage(AccessRequest accessRequest, List<NotificationMessage> list) {
        this.userService.runWithSystemUser(() -> {
            Institution institutionForSmevMessage;
            if (!Objects.equals(accessRequest.getInstitutionTypeId(), 1) || accessRequest.getTargetInstitutionId() == null || !Objects.equals(accessRequest.getEmployeeRole(), AccessRequest.INSTITUTION_HEAD) || (institutionForSmevMessage = getInstitutionForSmevMessage(accessRequest, "Не удалось создать СМЭВ-запрос на получение выписки предприятия из ФНС для автоподтверждения заявки по причине: ", list)) == null || getPersonForSmevMessage(accessRequest, "Не удалось создать СМЭВ-запрос на получение выписки предприятия из ФНС для автоподтверждения заявки по причине: ", list) == null) {
                return;
            }
            SmevMessageSubtype.Key key = LegalForm.INDIV_ENTERPR_FORMS.contains(institutionForSmevMessage.getLegalFormId()) ? SmevMessageSubtype.FNS_EGRIP_WITH_DECISION_ACCESS : SmevMessageSubtype.FNS_EGRUL_WITH_DECISION_ACCESS;
            try {
                this.smevMessagesBl.create(SmevMessageForCreate.builder().objId1(accessRequest.getId()).kind(SmevMessageKind.ACCESS_REQUEST).smevMessageTypeId(key.getTypeId()).smevMessageSubtypeId(key.getId()).sendToSmev(true).build(), true, list);
            } catch (DocumentException | BusinessLogicException e) {
                accessRequest.setComment(String.format("%s\r\n Не удалось создать СМЭВ-запрос по причине: %s", accessRequest.getComment(), this.exceptionTranslator.translateToUser(e)));
                this.accessRequestDao.update(accessRequest, accessRequest.getId());
            }
        });
    }

    private Institution getInstitutionForSmevMessage(AccessRequest accessRequest, String str, List<NotificationMessage> list) {
        Institution orElse = this.institutionDao.byId(accessRequest.getTargetInstitutionId()).orElse(null);
        if (orElse == null) {
            list.add(new NotificationMessage(NotificationSeverity.Warning, str + "не найдено предприятие #" + accessRequest.getTargetInstitutionId()));
            return null;
        }
        if (StringUtils.isNullOrWhitespace(orElse.getInn())) {
            list.add(new NotificationMessage(NotificationSeverity.Warning, String.format("%s у предприятия #%s не указан ИНН", str, accessRequest.getTargetInstitutionId())));
            return null;
        }
        if (orElse.getLegalFormId() != null) {
            return orElse;
        }
        list.add(new NotificationMessage(NotificationSeverity.Warning, String.format("%s у предприятия #%s не указана организационно-правовая форма", str, accessRequest.getTargetInstitutionId())));
        return null;
    }

    private Person getPersonForSmevMessage(AccessRequest accessRequest, String str, List<NotificationMessage> list) {
        Person orElse = this.personDao.byId(accessRequest.getUserPersonId()).orElse(null);
        if (orElse != null) {
            return orElse;
        }
        list.add(new NotificationMessage(NotificationSeverity.Warning, str + "не найден заявитель #" + accessRequest.getUserPersonId()));
        return null;
    }

    public UploadedTempFileDto uploadTempFile(String str, MultipartFile multipartFile) {
        TempFileInfo writeTempFile = this.fileStorage.writeTempFile(str, multipartFile.getInputStream());
        return UploadedTempFileDto.builder().originalName(writeTempFile.getOriginalFileName()).uri(writeTempFile.getUri()).build();
    }

    private TargetInstitutionInfo getTargetInstitutionNameForRequest(AccessRequest accessRequest) {
        if (accessRequest.getTargetInstitutionId() == null) {
            return accessRequest.getNewInstitutionData() != null ? new TargetInstitutionInfo(accessRequest.getNewInstitutionData().getName(), accessRequest.getNewInstitutionData().getInn()) : TargetInstitutionInfo.defaultValue;
        }
        try {
            Institution byIdStashed = this.institutionDao.byIdStashed(accessRequest.getTargetInstitutionId());
            return new TargetInstitutionInfo(byIdStashed.getShortCaption(), byIdStashed.getInn());
        } catch (BusinessLogicException e) {
            return TargetInstitutionInfo.defaultValue;
        }
    }

    private void prettifyNewObjectData(NewAccessRequestDto newAccessRequestDto) {
        newAccessRequestDto.setComment(StringUtils.prettify(newAccessRequestDto.getComment()));
        if (newAccessRequestDto.getTargetInstitutionId() != null && newAccessRequestDto.getRegionId() == null) {
            Institution byIdStashed = this.institutionDao.byIdStashed(newAccessRequestDto.getTargetInstitutionId());
            if (byIdStashed.getServiceRegions() != null) {
                newAccessRequestDto.setRegionId(byIdStashed.getServiceRegions().stream().findFirst().orElse(null));
            }
            if (newAccessRequestDto.getRegionId() == null && byIdStashed.getAddressId() != null) {
                newAccessRequestDto.setRegionId(this.addressDao.byIdStrong(byIdStashed.getAddressId()).getRegionId());
            }
            if (newAccessRequestDto.getRegionId() == null) {
                throw new BusinessLogicException("Не удалось установить регион обслуживания для указанной организации");
            }
        }
        if (Objects.equals(newAccessRequestDto.getInstitutionTypeId(), 3) || Objects.equals(newAccessRequestDto.getEmployeeRole(), AccessRequest.INSTITUTION_HEAD)) {
            newAccessRequestDto.setAttorneyData(null);
        }
        if (newAccessRequestDto.getTargetInstitutionId() != null) {
            newAccessRequestDto.setNewInstitutionData(null);
        }
        if (newAccessRequestDto.getNewInstitutionData() != null && Objects.equals(newAccessRequestDto.getInstitutionTypeId(), 4) && newAccessRequestDto.getNewInstitutionData().getDocument() != null) {
            newAccessRequestDto.getNewInstitutionData().setName(newAccessRequestDto.getNewInstitutionData().getDocument().getFullFioBirth());
        }
        if (newAccessRequestDto.getNewInstitutionData() != null) {
            newAccessRequestDto.getNewInstitutionData().setName(StringUtils.prettify(newAccessRequestDto.getNewInstitutionData().getName(), 256));
            newAccessRequestDto.getNewInstitutionData().setInn(StringUtils.prettify(newAccessRequestDto.getNewInstitutionData().getInn(), 256));
        }
        if (newAccessRequestDto.getAttorneyData() != null) {
            newAccessRequestDto.getAttorneyData().setDetails(StringUtils.prettify(newAccessRequestDto.getAttorneyData().getDetails(), 5000));
        }
        newAccessRequestDto.setComment(StringUtils.prettify(newAccessRequestDto.getComment(), 5000));
        if (newAccessRequestDto.getFiles() != null) {
            for (UploadedSignedTempFileDto uploadedSignedTempFileDto : newAccessRequestDto.getFiles()) {
                uploadedSignedTempFileDto.setUri(StringUtils.prettify(uploadedSignedTempFileDto.getUri()));
                uploadedSignedTempFileDto.setOriginalName(StringUtils.prettify(uploadedSignedTempFileDto.getOriginalName()));
                uploadedSignedTempFileDto.setSigUri(StringUtils.prettify(uploadedSignedTempFileDto.getSigUri()));
                uploadedSignedTempFileDto.setSigOriginalName(StringUtils.prettify(uploadedSignedTempFileDto.getSigOriginalName()));
            }
        }
    }

    private void validateNewAccessRequest(NewAccessRequestDto newAccessRequestDto, int i, List<NotificationMessage> list) {
        List<AccessRequest> readActiveByPersonId = this.accessRequestDao.readActiveByPersonId(i);
        if (readActiveByPersonId.size() > 3) {
            throw new BusinessLogicException("Слишком много активных запросов на доступ");
        }
        if (newAccessRequestDto.getTargetInstitutionId() != null && readActiveByPersonId.stream().anyMatch(accessRequest -> {
            return Objects.equals(accessRequest.getTargetInstitutionId(), newAccessRequestDto.getTargetInstitutionId());
        })) {
            throw new BusinessLogicException("Запрос на доступ к данной организации уже отправлен");
        }
        ArrayList arrayList = new ArrayList();
        if (newAccessRequestDto.getInstitutionTypeId() == null) {
            arrayList.add(new FieldRuleViolation("institutionTypeId", "accessRequest", "Поле не может быть пустым"));
        }
        if (Objects.equals(newAccessRequestDto.getInstitutionTypeId(), 1) && newAccessRequestDto.getEmployeeRole() == null) {
            arrayList.add(new FieldRuleViolation("employeeRole", "accessRequest", "Поле не может быть пустым"));
        }
        if (newAccessRequestDto.getRegionId() == null) {
            arrayList.add(new FieldRuleViolation("regionId", "accessRequest", "Поле не может быть пустым"));
        }
        if (!StringUtils.isNullOrWhitespace(newAccessRequestDto.getComment()) && newAccessRequestDto.getComment().length() > 5000) {
            arrayList.add(new FieldRuleViolation("comment", "accessRequest", "Длина превышает допустимую"));
        }
        if (newAccessRequestDto.getTargetInstitutionId() != null && !this.institutionDao.byId(newAccessRequestDto.getTargetInstitutionId()).isPresent()) {
            arrayList.add(new FieldRuleViolation("targetInstitutionId", "accessRequest", "Такой организации не зарегистрировано в ИС"));
        }
        if (Objects.equals(newAccessRequestDto.getInstitutionTypeId(), 3) && newAccessRequestDto.getTargetInstitutionId() == null) {
            arrayList.add(new FieldRuleViolation("targetInstitutionId", "accessRequest", "Поле не может быть пустым"));
        }
        if (newAccessRequestDto.getTargetInstitutionId() == null && Objects.equals(newAccessRequestDto.getInstitutionTypeId(), 1)) {
            validateNewInstitutionData(newAccessRequestDto.getNewInstitutionData(), arrayList, "Поле не может быть пустым", newAccessRequestDto.getInstitutionTypeId());
        }
        if (Objects.equals(newAccessRequestDto.getInstitutionTypeId(), 4)) {
            validatePersonData(newAccessRequestDto.getNewInstitutionData(), null, arrayList, "Поле не может быть пустым");
        }
        if ((Objects.equals(newAccessRequestDto.getEmployeeRole(), AccessRequest.EMPLOYEE_WITHOUT_SIGN_RIGHTS) || Objects.equals(newAccessRequestDto.getEmployeeRole(), AccessRequest.EMPLOYEE_WITH_SIGN_RIGHTS)) && Objects.equals(newAccessRequestDto.getInstitutionTypeId(), 1)) {
            if (newAccessRequestDto.getAttorneyData() == null) {
                arrayList.add(new FieldRuleViolation("attorneyData", "accessRequest", "Поле не может быть пустым"));
            } else {
                HashSet hashSet = new HashSet();
                if (newAccessRequestDto.getAttorneyData().getGivenDate() != null) {
                    if (newAccessRequestDto.getAttorneyData().getGivenDate().isAfter(LocalDate.now())) {
                        hashSet.add(new FieldRuleViolation("givenDate", "attorneyData", "Дата не может превышать сегодняшнюю"));
                    }
                    if (newAccessRequestDto.getAttorneyData().getExpirationDate() == null) {
                        hashSet.add(new FieldRuleViolation("expirationDate", "attorneyData", "Поле не может быть пустым"));
                    } else if (newAccessRequestDto.getAttorneyData().getExpirationDate().isBefore(LocalDate.now().plusDays(1L))) {
                        hashSet.add(new FieldRuleViolation("expirationDate", "attorneyData", "Дата не может быть меньше сегодняшней"));
                    }
                }
                if (!hashSet.isEmpty()) {
                    arrayList.add(new RelationRuleViolation("attorneyData", null, hashSet));
                }
            }
        }
        if (newAccessRequestDto.getFiles() != null) {
            for (UploadedSignedTempFileDto uploadedSignedTempFileDto : newAccessRequestDto.getFiles()) {
                if (uploadedSignedTempFileDto.getUri() == null || uploadedSignedTempFileDto.getOriginalName() == null) {
                    throw new BusinessLogicException("У всех файлов должны быть указаны имена и ссылки");
                }
                if (uploadedSignedTempFileDto.getSigOriginalName() != null && uploadedSignedTempFileDto.getSigUri() == null) {
                    throw new BusinessLogicException("У всех файлов-подписей должны быть указаны имена и ссылки");
                }
                if (uploadedSignedTempFileDto.getSigOriginalName() == null && uploadedSignedTempFileDto.getSigUri() != null) {
                    throw new BusinessLogicException("У всех файлов-подписей должны быть указаны имена");
                }
            }
        }
        if (!arrayList.isEmpty()) {
            throw new DocumentException("Имеются ошибки в данных нового запроса на доступ к ИС", (Integer) 0, (Collection<RuleViolation>) arrayList);
        }
        if (newAccessRequestDto.getFiles() != null) {
            newAccessRequestDto.getFiles().forEach(uploadedSignedTempFileDto2 -> {
                if (uploadedSignedTempFileDto2.getSigUri() == null) {
                    return;
                }
                this.filesSignatureVerifier.verifySignature(new FileRef(uploadedSignedTempFileDto2.getUri(), uploadedSignedTempFileDto2.getSigUri()), list, false);
            });
        }
    }

    private void validatePersonData(NewInstitutionData newInstitutionData, Integer num, List<RuleViolation> list, String str) {
        if (num != null) {
            this.institutionEmployeeDao.readAllByUserPersonId(num).forEach(institutionEmployee -> {
                Institution byIdStrong = this.institutionDao.byIdStrong(institutionEmployee.getInstitutionId());
                if (Objects.equals(byIdStrong.getInstitutionTypeId(), 4)) {
                    list.add(new BeanRuleViolation(String.format("Пользователь уже добавлен как физ. лицо к учреждению [%s] %s", byIdStrong.getId(), byIdStrong.getShortCaption())));
                }
            });
        }
        if (newInstitutionData == null || newInstitutionData.getDocument() == null) {
            list.add(new BeanRuleViolation("Не заполнен документ удостоверяющий личность физ. лица"));
            return;
        }
        HashSet hashSet = new HashSet();
        if (newInstitutionData.getInn() == null) {
            hashSet.add(new FieldRuleViolation("inn", "newInstitutionData", str));
        }
        if (newInstitutionData.getSnils() == null) {
            hashSet.add(new FieldRuleViolation("snils", "newInstitutionData", str));
        }
        HashSet hashSet2 = new HashSet();
        Set<RuleViolation> validateDocument = this.personBl.validateDocument(newInstitutionData.getDocument());
        if (validateDocument.size() > 0) {
            hashSet.add(new RelationRuleViolation("document", null, validateDocument));
        }
        if (!hashSet2.isEmpty()) {
            hashSet.add(new RelationRuleViolation("document", null, hashSet2));
        }
        if (hashSet.isEmpty()) {
            return;
        }
        list.add(new RelationRuleViolation("newInstitutionData", null, hashSet));
    }

    private void validateNewInstitutionData(NewInstitutionData newInstitutionData, List<RuleViolation> list, String str, Integer num) {
        if (newInstitutionData == null) {
            list.add(new FieldRuleViolation("newInstitutionData", "accessRequest", str));
            return;
        }
        HashSet hashSet = new HashSet();
        if (StringUtils.isNullOrWhitespace(newInstitutionData.getInn())) {
            hashSet.add(new FieldRuleViolation("inn", "newInstitutionData", str));
        }
        if (!((List) this.institutionDao.findInstitutionIdByInnExtended(newInstitutionData.getInn()).stream().filter(institution -> {
            return (Objects.equals(num, 4) || Objects.equals(institution.getInstitutionTypeId(), 4)) ? false : true;
        }).collect(Collectors.toList())).isEmpty()) {
            hashSet.add(new FieldRuleViolation("inn", "newInstitutionData", "Указанный ИНН уже существует"));
        }
        if (StringUtils.isNullOrWhitespace(newInstitutionData.getName())) {
            hashSet.add(new FieldRuleViolation("name", "newInstitutionData", str));
        }
        if (hashSet.isEmpty()) {
            return;
        }
        list.add(new RelationRuleViolation("newInstitutionData", null, hashSet));
    }

    private List<SignedFileData> copyTempFilesToUserPerson(Integer num, List<UploadedSignedTempFileDto> list) {
        ArrayList arrayList = new ArrayList();
        if (list != null && !list.isEmpty()) {
            list.forEach(uploadedSignedTempFileDto -> {
                try {
                    if (!this.fileStorage.checkFileExists(uploadedSignedTempFileDto.getUri())) {
                        throw new BusinessLogicException(null, "Файл %s не найден", uploadedSignedTempFileDto.getOriginalName());
                    }
                    if (uploadedSignedTempFileDto.getSigUri() != null && !this.fileStorage.checkFileExists(uploadedSignedTempFileDto.getSigUri())) {
                        throw new BusinessLogicException(null, "Файл %s не найден", uploadedSignedTempFileDto.getSigOriginalName());
                    }
                    arrayList.add(new SignedFileData(this.fileStorage.copyTempFile(uploadedSignedTempFileDto.getUri(), uploadedSignedTempFileDto.getOriginalName(), this.fileStorage.getPersonStorageUri(num)), uploadedSignedTempFileDto.getSigUri() != null ? this.fileStorage.copyTempFile(uploadedSignedTempFileDto.getSigUri(), uploadedSignedTempFileDto.getSigOriginalName(), this.fileStorage.getPersonStorageUri(num)) : null));
                } catch (IOException | FileNameTooLongException e) {
                    throw new BusinessLogicException("Указано ошибочная информация о файле");
                }
            });
        }
        return arrayList;
    }

    private void deleteTempFiles(List<UploadedSignedTempFileDto> list) {
        if (list != null) {
            list.forEach(uploadedSignedTempFileDto -> {
                try {
                    this.fileStorage.deleteTempFile(uploadedSignedTempFileDto.getUri());
                } catch (Exception e) {
                }
                if (uploadedSignedTempFileDto.getSigUri() != null) {
                    try {
                        this.fileStorage.deleteTempFile(uploadedSignedTempFileDto.getSigUri());
                    } catch (Exception e2) {
                    }
                }
            });
        }
    }
}
