package ru.infotech24.apk23main.logic.request;

import java.time.LocalDateTime;
import java.util.List;
import java.util.Objects;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import ru.infotech24.apk23main.domain.common.LookupObject;
import ru.infotech24.apk23main.domain.institution.ServiceRegionSecureRelation;
import ru.infotech24.apk23main.domain.request.Request;
import ru.infotech24.apk23main.domain.request.RequestComment;
import ru.infotech24.apk23main.logic.common.journal.JournalBl;
import ru.infotech24.apk23main.logic.request.dao.RequestCommentDao;
import ru.infotech24.apk23main.logic.request.dao.RequestDao;
import ru.infotech24.apk23main.logic.request.dto.NewRequestComment;
import ru.infotech24.apk23main.security.AppSecurityException;
import ru.infotech24.apk23main.security.aop.AppSecuredContext;
import ru.infotech24.apk23main.security.domain.User;
import ru.infotech24.apk23main.security.user.UserService;
import ru.infotech24.common.exceptions.BusinessLogicException;

@Transactional
@Service
/* loaded from: input_file:BOOT-INF/classes/ru/infotech24/apk23main/logic/request/RequestCommentBl.class */
public class RequestCommentBl {
    private final RequestCommentDao requestCommentDao;
    private final JournalBl journalBl;
    private final AppSecuredContext securedContext;
    private final RequestDao requestDao;
    private final UserService userService;

    public RequestCommentBl(RequestCommentDao requestCommentDao, JournalBl journalBl, AppSecuredContext appSecuredContext, RequestDao requestDao, UserService userService) {
        this.requestCommentDao = requestCommentDao;
        this.journalBl = journalBl;
        this.securedContext = appSecuredContext;
        this.requestDao = requestDao;
        this.userService = userService;
    }

    public List<RequestComment> readForRequest(Request.Key key) {
        Objects.requireNonNull(key, "Ключ заявки не указан");
        validateRequestAccess(key);
        return this.requestCommentDao.readByRequestKey(key);
    }

    @Transactional
    public RequestComment createComment(NewRequestComment newRequestComment) {
        Objects.requireNonNull(newRequestComment, "Данные о комментарии к заявке не указаны");
        newRequestComment.prettify();
        validateCommentFields(newRequestComment);
        Request.Key key = new Request.Key(newRequestComment.getPersonId(), newRequestComment.getRequestId());
        validateRequestAccess(key);
        RequestComment insert = this.requestCommentDao.insert(RequestComment.builder().personId(newRequestComment.getPersonId()).requestId(newRequestComment.getRequestId()).createdTime(LocalDateTime.now()).createdUser(this.userService.getCurrentUserId()).institutionId(this.userService.getCurrentUser().getInstitutionId()).text(newRequestComment.getText()).version(1).build());
        this.journalBl.recordModifiedToJournal(3, key.getPersonId(), key.getId(), String.format("Создан комментарий #%s: %s", insert.getId(), newRequestComment.getText()));
        return insert;
    }

    @Transactional
    public void deleteComment(RequestComment.Key key) {
        Objects.requireNonNull(key, "Ключ комментария к заявке не указан");
        RequestComment byIdStrong = this.requestCommentDao.byIdStrong(key);
        validateRequestAccess(new Request.Key(key.getPersonId(), key.getRequestId()));
        if (!Objects.equals(byIdStrong.getInstitutionId(), this.userService.getCurrentUser().getInstitutionId()) && !this.userService.getCurrentUser().isAdministrator()) {
            throw new AppSecurityException("Нет доступа к удалению комментария к заявке");
        }
        this.requestCommentDao.delete(key);
        this.journalBl.recordModifiedToJournal(3, byIdStrong.getPersonId(), byIdStrong.getId(), String.format("Удален комментарий #%s: %s", byIdStrong.getId(), byIdStrong.getText()));
    }

    private void validateRequestAccess(Request.Key key) {
        Request byIdStrong = this.requestDao.byIdStrong(key);
        AppSecuredContext.UserScopeFilter calculateUserScopeFilter = this.securedContext.calculateUserScopeFilter();
        boolean z = true;
        if (calculateUserScopeFilter.getRelatedInstitutionIdFilter() != null && byIdStrong.getInstitutionId() != null && !Objects.equals(byIdStrong.getInstitutionId(), calculateUserScopeFilter.getRelatedInstitutionIdFilter())) {
            z = false;
        }
        if (calculateUserScopeFilter.getAuthorUserId() != null && byIdStrong.getCreatedUser() != null && !Objects.equals(byIdStrong.getCreatedUser(), calculateUserScopeFilter.getAuthorUserId())) {
            z = false;
        }
        User currentUser = this.userService.getCurrentUser();
        if ((currentUser == null || this.securedContext.hasMetaRights(50, LookupObject.META_CODE_SECURE_REGION_RELATED, Integer.valueOf(ServiceRegionSecureRelation.NOMATTER.getValue()), null, null, null, null)) ? false : true) {
            if (currentUser.getServiceRegionIds() == null || currentUser.getServiceRegionIds().isEmpty()) {
                throw new BusinessLogicException(null, "У организации #%s не заполнен перечень регионов", currentUser.getInstitutionId());
            }
            if (!currentUser.getServiceRegionIds().contains(byIdStrong.getRegionId()) && !Objects.equals(currentUser.getInstitutionRegRegionId(), byIdStrong.getRegionId())) {
                z = false;
            }
        }
        if (!z) {
            throw new AppSecurityException("Нет доступа к заявке");
        }
    }

    private void validateCommentFields(NewRequestComment newRequestComment) {
        if (newRequestComment.getRequestId() == null) {
            throw new BusinessLogicException("Не указан ид заявки");
        }
        if (newRequestComment.getPersonId() == null) {
            throw new BusinessLogicException("Не указан ид заявителя");
        }
        if (newRequestComment.getText() == null) {
            throw new BusinessLogicException("Не указан текст комментария");
        }
    }
}
