package de.uni.freiburg.iig.telematik.seram.accesscontrol;

import de.invation.code.toval.misc.CollectionUtils;
import de.invation.code.toval.properties.PropertyException;
import de.invation.code.toval.types.DataUsage;
import de.invation.code.toval.types.HashList;
import de.invation.code.toval.validate.CompatibilityException;
import de.invation.code.toval.validate.ParameterException;
import de.invation.code.toval.validate.Validate;
import de.uni.freiburg.iig.telematik.seram.accesscontrol.properties.RBACModelProperties;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:de/uni/freiburg/iig/telematik/seram/accesscontrol/RBACModel.class */
public class RBACModel extends ACModel {
    protected RoleLattice roleLattice;
    protected HashMap<String, HashList<String>> roleMembershipRU;
    protected HashMap<String, HashList<String>> roleMembershipUR;
    protected ACLModel rolePermissions;
    private boolean rightPropagationAlongLattice;

    public RBACModel(RoleLattice roleLattice, Collection<String> collection) throws ParameterException {
        super(collection);
        this.roleLattice = null;
        this.roleMembershipRU = new HashMap<>();
        this.roleMembershipUR = new HashMap<>();
        this.rolePermissions = new ACLModel();
        this.rightPropagationAlongLattice = false;
        Validate.notNull(roleLattice);
        this.rolePermissions.setSubjects(roleLattice.getRoles());
        this.roleLattice = roleLattice;
    }

    public RBACModel(String str, RoleLattice roleLattice, Collection<String> collection) throws ParameterException {
        super(str, collection);
        this.roleLattice = null;
        this.roleMembershipRU = new HashMap<>();
        this.roleMembershipUR = new HashMap<>();
        this.rolePermissions = new ACLModel();
        this.rightPropagationAlongLattice = false;
        Validate.notNull(roleLattice);
        this.rolePermissions.setSubjects(roleLattice.getRoles());
        this.roleLattice = roleLattice;
    }

    public RBACModel(RBACModelProperties rBACModelProperties) throws ParameterException, PropertyException {
        this.roleLattice = null;
        this.roleMembershipRU = new HashMap<>();
        this.roleMembershipUR = new HashMap<>();
        this.rolePermissions = new ACLModel();
        this.rightPropagationAlongLattice = false;
        Validate.notNull(rBACModelProperties);
        setName(rBACModelProperties.getName());
        setSubjects(rBACModelProperties.getSubjects());
        RoleLattice roleLattice = new RoleLattice(rBACModelProperties.getRoles());
        Iterator<RoleRelation> it = rBACModelProperties.getRoleRelations().iterator();
        while (it.hasNext()) {
            roleLattice.addRelation(it.next());
        }
        this.roleLattice = roleLattice;
        this.rolePermissions.setSubjects(roleLattice.getRoles());
        setObjects(rBACModelProperties.getObjects());
        setTransactions(rBACModelProperties.getTransactions());
        setSubjectDescriptor(rBACModelProperties.getSubjectDescriptor());
        setRightsPropagation(rBACModelProperties.getRightsPropagation().booleanValue());
        for (String str : rBACModelProperties.getSubjects()) {
            addRoleMembership(str, rBACModelProperties.getRoleMembership(str));
        }
        for (String str2 : rBACModelProperties.getRoles()) {
            setTransactionPermission(str2, rBACModelProperties.getTransactionPermission(str2));
            setObjectPermission(str2, rBACModelProperties.getObjectPermission(str2));
        }
    }

    public ACLModel getRolePermissions() {
        return this.rolePermissions;
    }

    public RoleLattice getRoleLattice() {
        return this.roleLattice;
    }

    public void setRightsPropagation(boolean z) {
        this.rightPropagationAlongLattice = z;
    }

    public boolean propagatesRights() {
        return this.rightPropagationAlongLattice;
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public void setTransactions(Collection<String> collection) throws ParameterException {
        super.setTransactions(collection);
        this.rolePermissions.setTransactions(collection);
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public void addTransactions(Collection<String> collection) throws ParameterException {
        super.addTransactions(collection);
        this.rolePermissions.addTransactions(collection);
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public void removeTransactions(Collection<String> collection) throws ParameterException {
        super.removeTransactions(collection);
        this.rolePermissions.removeTransactions(collection);
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public void setObjects(Collection<String> collection) throws ParameterException {
        super.setObjects(collection);
        this.rolePermissions.setObjects(collection);
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public void addObjects(Collection<String> collection) throws ParameterException {
        super.addObjects(collection);
        this.rolePermissions.addObjects(collection);
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public void removeObjects(Collection<String> collection) throws ParameterException {
        super.removeObjects(collection);
        this.rolePermissions.removeObjects(collection);
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public void setSubjects(Collection<String> collection) throws ParameterException {
        super.setSubjects(collection);
        if (this.rolePermissions != null) {
            this.rolePermissions.setSubjects(collection);
        }
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public void addSubjects(Collection<String> collection) throws ParameterException {
        super.addSubjects(collection);
        this.rolePermissions.addSubjects(collection);
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public void removeSubjects(Collection<String> collection) throws ParameterException {
        super.removeSubjects(collection);
        Iterator<String> it = collection.iterator();
        while (it.hasNext()) {
            this.roleMembershipUR.remove(it.next());
        }
        Iterator<String> it2 = this.roleMembershipRU.keySet().iterator();
        while (it2.hasNext()) {
            this.roleMembershipRU.get(it2.next()).removeAll(collection);
        }
        this.rolePermissions.removeSubjects(collection);
    }

    public Set<String> getRoles() {
        return this.roleLattice.getRoles();
    }

    public Set<String> getRolesFor(String str, boolean z) throws CompatibilityException, ParameterException {
        validateSubject(str);
        HashSet hashSet = new HashSet();
        if (this.roleMembershipUR.containsKey(str)) {
            hashSet.addAll(this.roleMembershipUR.get(str));
            if (z && propagatesRights()) {
                Iterator it = this.roleMembershipUR.get(str).iterator();
                while (it.hasNext()) {
                    try {
                        hashSet.addAll(this.roleLattice.getDominatedRolesFor((String) it.next()));
                    } catch (Exception e) {
                    }
                }
            }
        }
        return hashSet;
    }

    public void setRoleMembership(String str, List<String> list) throws CompatibilityException, ParameterException {
        validateRole(str);
        validateSubjects(list);
        if (this.roleMembershipRU.containsKey(str)) {
            Iterator it = this.roleMembershipRU.get(str).iterator();
            while (it.hasNext()) {
                this.roleMembershipUR.get((String) it.next()).remove(str);
            }
        }
        this.roleMembershipRU.put(str, new HashList<>(list));
        for (String str2 : list) {
            if (!this.roleMembershipUR.containsKey(str2)) {
                this.roleMembershipUR.put(str2, new HashList<>());
            }
            this.roleMembershipUR.get(str2).add(str);
        }
    }

    public void addRoleMembership(String str, String... strArr) throws CompatibilityException, ParameterException {
        addRoleMembership(str, Arrays.asList(strArr));
    }

    public void addRoleMembership(String str, Collection<String> collection) throws CompatibilityException, ParameterException {
        validateSubject(str);
        validateRoles(collection);
        if (collection.isEmpty()) {
            return;
        }
        if (!this.roleMembershipUR.containsKey(str)) {
            this.roleMembershipUR.put(str, new HashList<>());
        }
        this.roleMembershipUR.get(str).addAll(collection);
        for (String str2 : collection) {
            if (!this.roleMembershipRU.containsKey(str2)) {
                this.roleMembershipRU.put(str2, new HashList<>());
            }
            this.roleMembershipRU.get(str2).add(str);
        }
    }

    public void removeRoleMembership(String str, String... strArr) throws CompatibilityException, ParameterException {
        removeRoleMembership(str, Arrays.asList(strArr));
    }

    public void removeRoleMembership(String str, Collection<String> collection) throws CompatibilityException, ParameterException {
        validateSubject(str);
        validateRoles(collection);
        if (this.roleMembershipUR.containsKey(str)) {
            this.roleMembershipUR.get(str).removeAll(collection);
            for (String str2 : collection) {
                if (!this.roleMembershipRU.containsKey(str2)) {
                    return;
                } else {
                    this.roleMembershipRU.get(str2).remove(str);
                }
            }
        }
    }

    protected void validateRole(String str) throws ParameterException {
        Validate.notNull(str);
        if (!this.roleLattice.containsRole(str)) {
            throw new IllegalArgumentException("Unknown role.");
        }
    }

    protected void validateRoles(Collection<String> collection) throws ParameterException {
        Validate.notNull(collection);
        Validate.noNullElements(collection);
        if (!this.roleLattice.containsRoles(collection)) {
            throw new CompatibilityException("Unknown roles.");
        }
    }

    public void setTransactionPermission(String str, Set<String> set) throws CompatibilityException, ParameterException {
        this.rolePermissions.setTransactionPermission(str, set);
    }

    public void setObjectPermission(String str, Set<String> set) throws CompatibilityException, ParameterException {
        this.rolePermissions.setObjectPermission(str, set);
    }

    public void setObjectPermission(String str, String str2, DataUsage... dataUsageArr) throws CompatibilityException, ParameterException {
        this.rolePermissions.setObjectPermission(str, str2, dataUsageArr);
    }

    public void setObjectPermission(String str, Collection<String> collection) throws CompatibilityException, ParameterException {
        this.rolePermissions.setObjectPermission(str, collection);
    }

    public void setObjectPermission(String str, String str2) throws CompatibilityException, ParameterException {
        this.rolePermissions.setObjectPermission(str, str2);
    }

    public void setObjectPermission(String str, String str2, Collection<DataUsage> collection) throws CompatibilityException, ParameterException {
        this.rolePermissions.setObjectPermission(str, str2, collection);
    }

    public void setObjectPermission(String str, Map<String, Set<DataUsage>> map) throws CompatibilityException, ParameterException {
        this.rolePermissions.setObjectPermission(str, map);
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public boolean isValid() {
        return true;
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public boolean isAuthorizedForTransaction(String str, String str2) throws CompatibilityException, ParameterException {
        validateSubject(str);
        validateTransaction(str2);
        if (!this.roleMembershipUR.containsKey(str)) {
            return false;
        }
        Iterator<String> it = getRolesFor(str, true).iterator();
        while (it.hasNext()) {
            if (this.rolePermissions.isAuthorizedForTransaction(it.next(), str2)) {
                return true;
            }
        }
        return false;
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public boolean isAuthorizedForObject(String str, String str2) throws CompatibilityException, ParameterException {
        validateSubject(str);
        validateObject(str2);
        if (!this.roleMembershipUR.containsKey(str)) {
            return false;
        }
        Iterator<String> it = getRolesFor(str, true).iterator();
        while (it.hasNext()) {
            if (this.rolePermissions.isAuthorizedForObject(it.next(), str2)) {
                return true;
            }
        }
        return false;
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public boolean isAuthorizedForObject(String str, String str2, DataUsage dataUsage) throws CompatibilityException, ParameterException {
        validateSubject(str);
        validateObject(str2);
        if (!this.roleMembershipUR.containsKey(str)) {
            return false;
        }
        Iterator<String> it = getRolesFor(str, true).iterator();
        while (it.hasNext()) {
            if (this.rolePermissions.isAuthorizedForObject(it.next(), str2, dataUsage)) {
                return true;
            }
        }
        return false;
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public List<String> getAuthorizedSubjectsForTransaction(String str) throws CompatibilityException, ParameterException {
        validateTransaction(str);
        HashList hashList = new HashList();
        try {
            hashList.addAll(this.rolePermissions.getAuthorizedSubjectsForTransaction(str));
        } catch (Exception e) {
        }
        if (propagatesRights()) {
            Iterator it = hashList.clone().iterator();
            while (it.hasNext()) {
                try {
                    hashList.addAll(this.roleLattice.getDominatingRolesFor((String) it.next()));
                } catch (Exception e2) {
                }
            }
        }
        return getUsersFor((Collection<String>) hashList);
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public List<String> getAuthorizedSubjectsForObject(String str) throws CompatibilityException, ParameterException {
        return getUsersFor(getAuthorizedRolesforObject(str));
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public Map<String, Set<DataUsage>> getAuthorizedSubjectsAndPermissionsForObject(String str) throws CompatibilityException, ParameterException {
        validateObject(str);
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        for (String str2 : getAuthorizedRolesforObject(str)) {
            hashMap2.put(str2, this.rolePermissions.getObjectPermissionsForSubject(str2, str));
        }
        for (String str3 : this.subjects) {
            hashMap.put(str3, new HashSet());
            for (String str4 : getRolesFor(str3, true)) {
                if (hashMap2.containsKey(str4)) {
                    if (!hashMap.containsKey(str3)) {
                        hashMap.put(str3, new HashSet());
                    }
                    ((Set) hashMap.get(str3)).addAll((Collection) hashMap2.get(str4));
                }
            }
        }
        return hashMap;
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public Set<DataUsage> getObjectPermissionsForSubject(String str, String str2) throws CompatibilityException, ParameterException {
        validateObject(str);
        validateObject(str2);
        HashSet hashSet = new HashSet();
        Iterator<String> it = getRolesFor(str, true).iterator();
        while (it.hasNext()) {
            hashSet.addAll(getObjectPermissionsForRole(it.next(), str2));
        }
        return hashSet;
    }

    public Set<DataUsage> getObjectPermissionsForRole(String str, String str2) throws ParameterException {
        validateRole(str);
        validateObject(str2);
        Set<DataUsage> objectPermissionsForSubject = this.rolePermissions.getObjectPermissionsForSubject(str, str2);
        if (propagatesRights()) {
            Iterator<String> it = getDominatedRoles(str).iterator();
            while (it.hasNext()) {
                objectPermissionsForSubject.addAll(this.rolePermissions.getObjectPermissionsForSubject(it.next(), str2));
            }
        }
        return objectPermissionsForSubject;
    }

    private Set<String> getAuthorizedRolesforObject(String str) throws CompatibilityException, ParameterException {
        validateObject(str);
        HashList hashList = new HashList();
        try {
            hashList.addAll(this.rolePermissions.getAuthorizedSubjectsForObject(str));
        } catch (Exception e) {
        }
        if (propagatesRights()) {
            Iterator it = hashList.clone().iterator();
            while (it.hasNext()) {
                try {
                    hashList.addAll(getDominatedRoles((String) it.next()));
                } catch (Exception e2) {
                }
            }
        }
        return hashList;
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public List<String> getAuthorizedTransactionsForSubject(String str) throws CompatibilityException, ParameterException {
        HashList hashList = new HashList();
        Iterator<String> it = getRolesFor(str, true).iterator();
        while (it.hasNext()) {
            try {
                hashList.addAll(this.rolePermissions.getAuthorizedTransactionsForSubject(it.next()));
            } catch (ParameterException e) {
                e.printStackTrace();
            }
        }
        return hashList;
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public List<String> getAuthorizedObjectsForSubject(String str) throws CompatibilityException, ParameterException {
        HashList hashList = new HashList();
        Iterator<String> it = getRolesFor(str, true).iterator();
        while (it.hasNext()) {
            try {
                hashList.addAll(this.rolePermissions.getAuthorizedObjectsForSubject(it.next()));
            } catch (ParameterException e) {
                e.printStackTrace();
            }
        }
        return hashList;
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public boolean hasTransactionPermissions() {
        return this.rolePermissions.hasTransactionPermissions();
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public boolean hasObjectPermissions() {
        return this.rolePermissions.hasObjectPermissions();
    }

    private List<String> getUsersFor(Collection<String> collection) {
        HashList hashList = new HashList();
        for (String str : collection) {
            if (this.roleMembershipRU.containsKey(str)) {
                hashList.addAll(this.roleMembershipRU.get(str));
            }
        }
        return hashList;
    }

    private List<String> getUsersFor(String... strArr) {
        HashList hashList = new HashList();
        for (String str : strArr) {
            if (this.roleMembershipRU.containsKey(str)) {
                hashList.addAll(this.roleMembershipRU.get(str));
            }
        }
        return hashList;
    }

    public static RBACModel createRandomModel(Collection<String> collection, Collection<String> collection2, Collection<String> collection3) throws ParameterException {
        Validate.notNull(collection2);
        Validate.notEmpty(collection2);
        Validate.noNullElements(collection2);
        RBACModel rBACModel = new RBACModel(new RoleLattice(collection3), collection);
        rBACModel.setTransactions(collection2);
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(collection2);
        Collections.shuffle(arrayList);
        List exponentialPartition = CollectionUtils.exponentialPartition(collection, collection3.size());
        List exponentialPartition2 = CollectionUtils.exponentialPartition(arrayList, collection3.size());
        ArrayList arrayList2 = new ArrayList();
        arrayList2.addAll(rBACModel.getRoles());
        for (int i = 0; i < exponentialPartition.size(); i++) {
            try {
                rBACModel.setRoleMembership((String) arrayList2.get(i), (List) exponentialPartition.get(i));
                rBACModel.setTransactionPermission((String) arrayList2.get(i), new HashSet((Collection) exponentialPartition2.get(i)));
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        return rBACModel;
    }

    public Set<String> getAuthorizedTransactionsForRole(String str) throws ParameterException {
        HashSet hashSet = new HashSet();
        hashSet.add(str);
        if (this.rightPropagationAlongLattice) {
            hashSet.addAll(getDominatedRoles(str));
        }
        HashSet hashSet2 = new HashSet();
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            hashSet2.addAll(this.rolePermissions.getAuthorizedTransactionsForSubject((String) it.next()));
        }
        return hashSet2;
    }

    public Set<String> getAuthorizedObjectsForRole(String str) throws ParameterException {
        HashSet hashSet = new HashSet();
        hashSet.add(str);
        if (this.rightPropagationAlongLattice) {
            hashSet.addAll(getDominatedRoles(str));
        }
        HashSet hashSet2 = new HashSet();
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            hashSet2.addAll(this.rolePermissions.getAuthorizedObjectsForSubject((String) it.next()));
        }
        return hashSet2;
    }

    public Set<String> getDominatingRoles(String str) throws ParameterException {
        validateRole(str);
        return this.roleLattice.getDominatingRolesFor(str);
    }

    public Set<String> getDominatedRoles(String str) throws ParameterException {
        validateRole(str);
        return this.roleLattice.getDominatedRolesFor(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public String getStructureString() {
        StringBuilder sb = new StringBuilder();
        sb.append(super.getStructureString());
        sb.append("      Roles: " + getRoles());
        sb.append('\n');
        return sb.toString();
    }

    protected String getRoleTransactionPermissionsString() {
        StringBuilder sb = new StringBuilder();
        try {
            if (hasTransactionPermissions()) {
                sb.append('\n');
                sb.append("Role transaction permissions:");
                sb.append('\n');
                sb.append('\n');
                for (String str : getRoles()) {
                    Set<String> authorizedTransactionsForRole = getAuthorizedTransactionsForRole(str);
                    if (!authorizedTransactionsForRole.isEmpty()) {
                        sb.append(str);
                        sb.append(": ");
                        sb.append(authorizedTransactionsForRole);
                        sb.append('\n');
                    }
                }
            }
        } catch (ParameterException e) {
        }
        return sb.toString();
    }

    protected String getRoleObjectPermissionsString() {
        StringBuilder sb = new StringBuilder();
        try {
            if (hasObjectPermissions()) {
                sb.append('\n');
                sb.append("Role object permissions:");
                sb.append('\n');
                sb.append('\n');
                for (String str : getRoles()) {
                    Set<String> authorizedObjectsForRole = getAuthorizedObjectsForRole(str);
                    if (!authorizedObjectsForRole.isEmpty()) {
                        sb.append(str);
                        sb.append(": ");
                        sb.append(authorizedObjectsForRole);
                        sb.append('\n');
                    }
                }
            }
        } catch (ParameterException e) {
        }
        return sb.toString();
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append(getStructureString());
        sb.append(getRoleTransactionPermissionsString());
        sb.append(getRoleObjectPermissionsString());
        sb.append('\n');
        sb.append("Role assignments:");
        sb.append('\n');
        for (String str : this.roleLattice.getRoles()) {
            sb.append(str);
            sb.append(": ");
            sb.append(getUsersFor(str));
            sb.append('\n');
        }
        return sb.toString();
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public RBACModelProperties getProperties() throws ParameterException, PropertyException {
        RBACModelProperties rBACModelProperties = new RBACModelProperties();
        rBACModelProperties.setName(getName());
        rBACModelProperties.setSubjects(getSubjects());
        rBACModelProperties.setObjects(getObjects());
        rBACModelProperties.setTransactions(getTransactions());
        rBACModelProperties.setSubjectDescriptor(getSubjectDescriptor());
        rBACModelProperties.setRightsPropagation(Boolean.valueOf(propagatesRights()));
        rBACModelProperties.setRoles(this.roleLattice.getRoles());
        for (String str : this.roleLattice.getRoles()) {
            Set<String> transactionPermissionsForSubject = this.rolePermissions.getTransactionPermissionsForSubject(str);
            if (transactionPermissionsForSubject != null && !transactionPermissionsForSubject.isEmpty()) {
                rBACModelProperties.setTransactionPermission(str, transactionPermissionsForSubject);
            }
            Map<String, Set<DataUsage>> objectPermissionsForSubject = this.rolePermissions.getObjectPermissionsForSubject(str);
            if (objectPermissionsForSubject != null && !objectPermissionsForSubject.isEmpty()) {
                rBACModelProperties.setObjectPermission(str, objectPermissionsForSubject);
            }
        }
        for (RoleRelation roleRelation : getRoleLattice().getRoleRelations()) {
            rBACModelProperties.addRoleRelation(roleRelation.getDominatingRole(), roleRelation.getDominatedRole());
        }
        for (String str2 : getSubjects()) {
            rBACModelProperties.setRoleMembership(str2, getRolesFor(str2, false));
        }
        return rBACModelProperties;
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public Map<String, Set<DataUsage>> getObjectPermissionsForSubject(String str) throws CompatibilityException, ParameterException {
        validateSubject(str);
        HashMap hashMap = new HashMap();
        Iterator<String> it = getRolesFor(str, true).iterator();
        while (it.hasNext()) {
            Map<String, Set<DataUsage>> objectPermissionsForSubject = this.rolePermissions.getObjectPermissionsForSubject(it.next());
            for (String str2 : objectPermissionsForSubject.keySet()) {
                if (!hashMap.containsKey(str2)) {
                    hashMap.put(str2, new HashSet());
                }
                ((Set) hashMap.get(str2)).addAll(objectPermissionsForSubject.get(str2));
            }
        }
        return hashMap;
    }

    @Override // de.uni.freiburg.iig.telematik.seram.accesscontrol.ACModel
    public Set<String> getTransactionPermissionsForSubject(String str) throws CompatibilityException, ParameterException {
        validateSubject(str);
        HashSet hashSet = new HashSet();
        Iterator<String> it = getRolesFor(str, true).iterator();
        while (it.hasNext()) {
            hashSet.addAll(this.rolePermissions.getTransactionPermissionsForSubject(it.next()));
        }
        return hashSet;
    }

    public static void main(String[] strArr) throws Exception {
        RoleLattice roleLattice = new RoleLattice(Arrays.asList("role0", "role1", "role2", "role3"));
        roleLattice.addRelation("role0", "role1");
        roleLattice.addRelation("role0", "role2");
        roleLattice.addRelation("role1", "role3");
        roleLattice.addRelation("role2", "role3");
        RBACModel rBACModel = new RBACModel(roleLattice, Arrays.asList("U1", "U2", "U3", "U4", "U5", "U6", "U7", "U8", "U9", "U10"));
        rBACModel.setTransactions(Arrays.asList("T1", "T2", "T3", "T4", "T5"));
        rBACModel.setRoleMembership("role0", Arrays.asList("U8"));
        rBACModel.setRoleMembership("role1", Arrays.asList("U1", "U3"));
        rBACModel.setRoleMembership("role2", Arrays.asList("U5", "U7"));
        rBACModel.setRoleMembership("role3", Arrays.asList("U3", "U4"));
        System.out.println("roles for user U1: " + rBACModel.getRolesFor("U1", true) + "(with rights propagation)");
        rBACModel.setTransactionPermission("role0", new HashSet(Arrays.asList("T4")));
        rBACModel.setTransactionPermission("role1", new HashSet(Arrays.asList("T2")));
        rBACModel.setTransactionPermission("role2", new HashSet(Arrays.asList("T3")));
        rBACModel.setTransactionPermission("role3", new HashSet(Arrays.asList("T1", "T5")));
        System.out.println(rBACModel);
        RBACModelProperties properties = rBACModel.getProperties();
        properties.store("rbac");
        System.out.println(new RBACModel(properties));
    }
}
