package com.nailabs.abac.trust;

import edu.stanford.peer.rbtm.credential.*;
import edu.stanford.peer.rbtm.util.*;
import com.nailabs.abac.process.*;

import java.util.*;

/**
 * A simple trust target node which contains a standard target of the form:
 * &lt;V: A.r <<-- S&gt;.
 *
 * @version $Id: SimpleTTNode.java,v 1.51 2003/02/28 01:04:31 jjacobs Exp $
 */
public class SimpleTTNode extends StandardTTNode {
    /** Child nodes which form control edges in the TTG */
    protected TTGNodeSet controlChildren = new TTGNodeSet();

    /** Linking goals to whoch this node is a solution */
    protected TTGNodeSet linkingSolutionParents = new TTGNodeSet();
    
    /** A flag to signal whether to complete step (4) in opponentSensProcess */
    protected boolean isSensFrontiered = false;

    /** Constructor which used a single trust target */
    public SimpleTTNode(TrustTarget target) {
	super(target);
	processor = new ProcessingState(false, false);
	subName = "StandardTarget";
    }

    /** Convenience constructor which also creates a trust target */
    public SimpleTTNode(Entity v, Role r, EntityExpression subject) 
	throws CredentialParsingException, TrustTargetParsingException
    {
	this(new TrustTarget(v, (EntityExpression)r, subject));
    }

    /** Convenience accessor method for the target role expression */
    public Role getRoleExpression() { 
	return (Role)((TrustTarget)getGoal()).getTargetRole(); 
    }

    /** Processing that occurs if this negotiation context is the verifier */
    public void verifierProcess(NegotiationContext context) {
	TTGNodeSet children = new TTGNodeSet();
	FrontierManager frontier = context.getFrontier();
	TTG graph = context.getGraph();
	Iterator subjects  = 
	    frontier.getCredentialsDefiningRole(getRoleExpression());
        debug("satisfaction", "found subjects for "+ getRoleExpression() + 
              " = " + (subjects.hasNext()));
	while(subjects.hasNext()) {
	    StaticCredential cred = (StaticCredential)subjects.next();
	    EntityExpression e = cred.getSubject();
        debug("satisfaction", "e = " + e);
	    ResultEvidenceMap map = frontier.getOppoFrontier(e);
	    if(map == null)break; // no e prime's so go to next e
	    Iterator oppoFrontier = map.resultSet().iterator();
	    while(oppoFrontier.hasNext()) {
		EntityExpression ePrime =(EntityExpression)oppoFrontier.next();
		//add edge not node
		TrustTarget childTarget = createTarget(context, ePrime);
		//TTGNode child = graph.getNode((Goal)childTarget);	
		//perform the operation on graph & add to message w/ evidence
		if(!implicationChildren.values().contains(childTarget)) { 
		    HashSet chain = frontier.getOppoChain(e, ePrime);
		    chain.add(cred);
		    debug("evidence", 
			  "chain(" + e + "," + ePrime + ") = " + chain);
		    graph.addImplicationEdge(getGoal(), childTarget, chain);
		    //add child to list of child for the worklist
		    children.add(graph.getNodeByHash(childTarget));
		}
	    }
	}
	graph.setVerifierProcessed(getGoal());
    }

    /** opponent process non-sensitive target or its subject isn't opponent */
    private void  opponentProcess(NegotiationContext context, 
					   ResultEvidenceMap frontier, boolean isSimp) 
	throws CredentialParsingException, TrustTargetParsingException  {
	TTGNodeSet children = new TTGNodeSet();
	Role aDotR = getRoleExpression();
	Entity s = (Entity)getSubject();
	Entity v = (Entity)getVerifier();
	Entity o = context.getOpponent();
	TTG graph = context.getGraph();
    
	debug("process", "frontier = " + frontier.toString());
	// (1) If S is a member of simpFrontier(A.r), or
	// (1) If O is a member of sensFrontier(A.r)
	if(frontier.resultSet().contains(s)) {
	    debug("process", "frontier contains subject");
	    // then O can add implication edge T <--< <V: S <<-- S>
	    // or O can add implication edge T <--< <V: O <<-- O>
	    TrustTarget child = new TrustTarget(v, s, s);
	    TrivialTTNode childNode =(TrivialTTNode)graph.getNodeByHash(child);
	    if(!implicationChildren.values().contains(childNode)) { 
            HashSet evidence = (isSimp)? 
                context.getFrontier().getSimpChain(aDotR, s):
                context.getFrontier().getSensChain(aDotR, s);
            // this case should always happen but possibly might not
            graph.addImplicationEdge(getGoal(), child, evidence);
            children.add(graph.getNodeByHash(child));
	    }
	}
	// (2) If S not a member of simpFrontier or
	//        O is not a member of sensFrontier
	else {
	    debug("process","fontier doesn't contain subject " + s);
	    // then for each e in sens- or simp-Frontier(A.r)
	    Iterator expressions = frontier.resultSet().iterator();
	    while(expressions.hasNext()) {
            EntityExpression e = (EntityExpression)expressions.next();
            // that is not an entity
            if(e instanceof Entity)continue;
            TrustTarget child = new TrustTarget(v, e, s);
            TargetNode childNode =  (TargetNode)graph.getNodeByHash(child);
            if(!implicationChildren.values().contains(childNode)) {
                // O can add an implication edge T <--< <V: e <-- S>
                // or an implication edge T <--< <V: e <-- O>
                HashSet evidence = (isSimp)? 
                    context.getFrontier().getSimpChain(aDotR, e):
                    context.getFrontier().getSensChain(aDotR, e);
                graph.addImplicationEdge(getGoal(), child, evidence);
                children.add(graph.getNodeByHash(child));
            }
	    }
	}
	// (3) If this node is satisfied or both (1) & (2) are done
	graph.setOpponentProcessed(getGoal());
    }

    /** opponent process a sensitive role */
    private void opponentSensProcess(NegotiationContext context) 
	throws CredentialParsingException, TrustTargetParsingException  {
	TTGNodeSet children = new TTGNodeSet();
	EntityExpression s = getSubject();
	// In the crrent case self is always the opponent of the verifier.
	Entity o = context.getSelf(); //context.getOpponent();
	Entity v = getVerifier();
	Role aDotR = getRoleExpression();
	EntityExpression self = context.getSelf();
	TTG graph = context.getGraph();
	TargetNode ackChild, acChild = null;
	FrontierManager frontier = context.getFrontier();

	debug("process", "------------Begin opponentSensProcess-------------");
	// (1) add control edge T <--< <O: eAck <<-- V>
	EntityExpression eAck = context.getAck(aDotR);
	
	TrustTarget ackTarget = new TrustTarget((Entity)self, eAck, v);
	ackChild = (TargetNode)graph.getNodeByHash(ackTarget);
	if(!controlChildren.values().contains(ackChild)) {
	    graph.addControlEdge(getGoal(), (Goal)ackTarget);
	    ackChild = (TargetNode)graph.getNodeByHash(ackTarget);
	    children.add(ackChild);
	}
	debug("process", "---------- Begin step 2-------------------------");
	// (2) If <O: eAck <<-- V) is satisfied and if O has the credential
	//     A.r <-- O  in its credential store
	StaticCredential cred = new StaticCredential(aDotR, o);
	EntityExpression eAC = context.getAC(cred);
	if(ackChild.getSatisfactionValue() == SatisfactionState.SATISFIED) {
        // Is A.r <-- O  in its credential store?
        debug("process", "eAC = " + eAC);
        debug("process", "cred = " + cred);
	// The importance here is that cred exists not that cred is self-
	// reachable. This is a sanity check.
        if(context.getFrontier().isSelfReachable(cred)) {
            // O can add the control edge T <--< <O: eAC <-- V>, where 
            // AC = AC(O)[A.r <- O]
            if(eAC != null) {
                Goal acTarget = (Goal)new TrustTarget(o, eAC, v);
                acChild = (TargetNode)graph.getNodeByHash(acTarget);
                debug("process", "acChild = " + acChild);
                if(!controlChildren.values().contains(acChild)) {
                    graph.addControlEdge(getGoal(), acTarget);
                    acChild = (TargetNode)graph.getNodeByHash(acTarget);
                    children.add(acChild);
                }
	    }
            debug("process", "---------- Begin step 3----------------------");
	       // (3) If <O: eAC <<-- V> is satisfied, O can add the 
	       //     implication edge T <-- <V: O <<-- O>
	       if(acChild == null || 
		  acChild.getSatisfactionValue()==SatisfactionState.SATISFIED){
		   TargetNode cnode = 
		     (TargetNode)graph.getNodeByHash(new TrustTarget(v, o, o));
		   TrustTarget child = new TrustTarget(v, o, o);
		   debug("process", "child = " + child);
		   if(!implicationChildren.values().contains(cnode)) { 
               //frontier.getSensChain(aDotR, o);
               HashSet chain = new HashSet();
               chain.add(cred);
		       graph.addImplicationEdge(getGoal(), child, chain);
		       children.add(graph.getNodeByHash(child));
		   }
           debug("process", "---------- Begin step 5-----------------------");
		   // (5) Mark T as opponent processed
		   graph.setOpponentProcessed(getGoal());
		   return;
	       }
	   }
	   else {
	       // (5) Mark T as opponent procressed (because there is no AC policy)
	       graph.setOpponentProcessed(getGoal());
	       return;
	   }
	}
	// (4) For e in sensFrontier(A.r) that is not an entity,
	//     O can add an implication edge T <--< <V: e <<-- O>
	// TBD: this needs to be modified to be the frontiers of all
	//      the children credentials of A.r
	debug("process", "Entering Step 4");
	debug("process", "A.r = " + aDotR + ", o = " + o + ", v = " + v);
	Iterator creds = frontier.getCredentialsDefiningRole(aDotR);

	while(creds.hasNext()) {
	    StaticCredential definingCred = (StaticCredential)creds.next();
        EntityExpression subjectRole = definingCred.getSubject();
	    ResultEvidenceMap sensFrontier = frontier.getSensFrontier(subjectRole);
	    Iterator sens = sensFrontier.resultSet().iterator();
	    debug("process", "sensfrontier = " + sensFrontier.resultSet());
	    debug("process", "subject role = " + subjectRole);
	
	    while(sens.hasNext() && !isSensFrontiered) {
		EntityExpression e = (EntityExpression)sens.next();
		debug("process", "found sensitive role = " + e);
		if(e instanceof Entity)continue; // skip entities
		TrustTarget tt = new TrustTarget(v, e, o);
		TargetNode frontierChild = (TargetNode)graph.getNodeByHash(tt);
		if(!implicationChildren.values().contains(frontierChild)) { 
            HashSet chain = frontier.getSensChain(subjectRole, e);
            chain.add(definingCred);
		    graph.addImplicationEdge(getGoal(), tt, chain);
		    children.add(graph.getNode(tt));
		}
	    }
	    isSensFrontiered = true;
	}
	debug("process", "------------End opponentSensProcess-------------");

    }

    /** 
     * Processing that occurs if the negotiation for this context is the
     * the opponent. This method matches the algorithm in section 5.4
     */
    public void opponentProcess(NegotiationContext context) {
	EntityExpression s = getSubject();
	//Entity o = context.getOpponent();
	Entity o = context.getSelf();
	Role aDotR = getRoleExpression();
	FrontierManager frontier = context.getFrontier();
	debug("process", "opponent processing -- " + toString());
	try {
	    if(!o.equals(s)) {
		debug("process", "opponent processing with simp frontier");
		opponentProcess(context, frontier.getSimpFrontier(aDotR), true);
	    }
	    else if(frontier.isSensitive(aDotR)) {
		debug("process", 
		      "opponent processing sensitive role: " + aDotR);
		opponentSensProcess(context);
	    }
	    else {
		debug("process", "opponent processing with sens frontier");
		opponentProcess(context, frontier.getSensFrontier(aDotR), false);
	    }
	} catch(Exception ex) {
	    debug("process", "WARNING ONLY!");
	    ex.printStackTrace();
	    debug("process", "WARNING ONLY!");
	}
    }


    private boolean addControlEdge(Entity v, 
				   EntityExpression e, 
				   EntityExpression s) {
	return false;
    }


    /**
     * Records the new state and then propagates it to the parent listeners.
     * @param state The new satisfaction state to be propagated. 
     */
    public  TTGNodeSet receive(TrustTarget source, SatisfactionState state) {
        TTGNodeSet results = super.receive(source, state);
        Iterator i = linkingSolutionParents.values().iterator();
        while(i.hasNext()) {
            try { // this will fail if the parent is a linking goal
                LinkingGoalNode parent = (LinkingGoalNode)i.next();
                TTGNodeSet branchResult = 
                    parent.receive((TrustTarget)getGoal(), state);
                if(branchResult == null && branchResult.size() > 0) {
                    results.addAll(branchResult);
                }
            }
            catch(Exception ex) { // to print out exception uncomment
                ex.printStackTrace();
            }
        }
        return results;
    }

    /** Add a linking solution parent to this node */
    public void addLinkingSolutionParent(LinkingGoalNode parent) {
        if(parent != null){ 
            debug("node", "adding implication parent");
            linkingSolutionParents.add(parent);
            parent.receive((TrustTarget)getGoal(), satisfier);
        }
    }

    /** Add a control child to this node */
    public void addControlChild(TargetNode child) {
	controlChildren.add(child);
    }

    /** 
     * Convenience method for creating a target and catching potential
     * exceptions that may occur. 
     */
    protected TrustTarget createTarget(NegotiationContext context, 
				       EntityExpression ex) {
	try {
	    return new TrustTarget(context.getSelf(), ex, getSubject());
	}
	catch(Exception x) {
	    x.printStackTrace();
	}
	return null;
    }
}