package org.rhq.enterprise.server.dashboard;

import java.util.List;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import javax.persistence.Query;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.rhq.core.domain.auth.Subject;
import org.rhq.core.domain.authz.Permission;
import org.rhq.core.domain.dashboard.Dashboard;
import org.rhq.enterprise.server.RHQConstants;
import org.rhq.enterprise.server.auth.SubjectManagerBean;
import org.rhq.enterprise.server.authz.AuthorizationManagerLocal;
import org.rhq.enterprise.server.authz.PermissionException;

@Stateless
/* loaded from: input_file:org/rhq/enterprise/server/dashboard/DashboardManagerBean.class */
public class DashboardManagerBean implements DashboardManagerLocal, DashboardManagerRemote {
    private final Log log = LogFactory.getLog(SubjectManagerBean.class);

    @PersistenceContext(unitName = RHQConstants.PERSISTENCE_UNIT_NAME)
    private EntityManager entityManager;

    @EJB
    private AuthorizationManagerLocal authorizationManager;

    @Override // org.rhq.enterprise.server.dashboard.DashboardManagerRemote
    public List<Dashboard> findDashboardsForSubject(Subject subject) {
        Query createQuery = this.entityManager.createQuery("SELECT d FROM Dashboard d WHERE d.owner.id = :subjectId");
        createQuery.setParameter("subjectId", Integer.valueOf(subject.getId()));
        return createQuery.getResultList();
    }

    @Override // org.rhq.enterprise.server.dashboard.DashboardManagerRemote
    public List<Dashboard> findSharedDashboards(Subject subject) {
        return this.entityManager.createQuery("SELECT d FROM Dashboard d WHERE d.shared = true").getResultList();
    }

    @Override // org.rhq.enterprise.server.dashboard.DashboardManagerRemote
    public Dashboard storeDashboard(Subject subject, Dashboard dashboard) {
        Dashboard dashboard2 = (Dashboard) this.entityManager.find(Dashboard.class, Integer.valueOf(dashboard.getId()));
        if (dashboard2 == null) {
            dashboard.setOwner(subject);
            this.entityManager.persist(dashboard);
            return dashboard;
        }
        if (this.authorizationManager.hasGlobalPermission(subject, Permission.MANAGE_SETTINGS) || dashboard2.getOwner().getId() == subject.getId()) {
            return (Dashboard) this.entityManager.merge(dashboard);
        }
        throw new PermissionException("You may only alter dashboards you own.");
    }

    @Override // org.rhq.enterprise.server.dashboard.DashboardManagerRemote
    public void removeDashboard(Subject subject, int i) {
        Dashboard dashboard = (Dashboard) this.entityManager.find(Dashboard.class, Integer.valueOf(i));
        if (!this.authorizationManager.hasGlobalPermission(subject, Permission.MANAGE_SETTINGS) && dashboard.getOwner().getId() != subject.getId()) {
            throw new PermissionException("You may only delete dashboards you own.");
        }
        this.entityManager.remove(dashboard);
    }
}
