package com.atlassian.servicedesk.internal.permission.misconfiguration;

import com.atlassian.jira.permission.ProjectPermissions;
import com.atlassian.jira.project.Project;
import com.atlassian.jira.security.PermissionManager;
import com.atlassian.jira.security.plugin.ProjectPermissionKey;
import com.atlassian.jira.security.roles.ProjectRole;
import com.atlassian.jira.util.I18nHelper;
import com.atlassian.servicedesk.internal.feature.gettingstarted.InitialSDPermissionSchemeManager;
import com.atlassian.servicedesk.internal.permission.ServiceDeskProjectPermissionKeys;
import com.atlassian.servicedesk.internal.permission.misconfiguration.error.MisconfigurationInformation;
import com.atlassian.servicedesk.internal.permission.misconfiguration.error.TeamRoleAssignedIllegalPermissionsError;
import com.atlassian.servicedesk.internal.permission.misconfiguration.error.TeamRoleMissingError;
import com.atlassian.servicedesk.internal.permission.misconfiguration.error.TeamRoleMissingRecommendedPermissionsWarning;
import com.atlassian.servicedesk.internal.permission.misconfiguration.error.TeamRoleMissingRequiredPermissionsError;
import com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskJiraRoleManager;
import com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskProjectRole;
import com.google.common.collect.ImmutableList;
import io.atlassian.fugue.Option;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/atlassian/servicedesk/internal/permission/misconfiguration/TeamRolePermissionConfigurationChecker.class */
public class TeamRolePermissionConfigurationChecker implements PermissionConfigurationChecker {
    public static final List<ProjectPermissionKey> FORBIDDEN_TEAM_MEMBER_PERMISSIONS = ImmutableList.of(ProjectPermissions.ADMINISTER_PROJECTS);
    public static final List<ProjectPermissionKey> REQUIRED_TEAM_MEMBER_PERMISSIONS = ImmutableList.of(ProjectPermissions.BROWSE_PROJECTS, ServiceDeskProjectPermissionKeys.SERVICEDESK_AGENT);
    private final PermissionSchemeUtil permissionSchemeUtil;
    private final ServiceDeskJiraRoleManager serviceDeskRoleManager;
    private final InitialSDPermissionSchemeManager initialSDPermissionSchemeManager;
    private final PermissionManager permissionManager;
    private final I18nHelper i18nHelper;

    @Autowired
    public TeamRolePermissionConfigurationChecker(PermissionSchemeUtil permissionSchemeUtil, ServiceDeskJiraRoleManager serviceDeskJiraRoleManager, InitialSDPermissionSchemeManager initialSDPermissionSchemeManager, PermissionManager permissionManager, I18nHelper i18nHelper) {
        this.permissionSchemeUtil = permissionSchemeUtil;
        this.serviceDeskRoleManager = serviceDeskJiraRoleManager;
        this.initialSDPermissionSchemeManager = initialSDPermissionSchemeManager;
        this.permissionManager = permissionManager;
        this.i18nHelper = i18nHelper;
    }

    @Override // com.atlassian.servicedesk.internal.permission.misconfiguration.PermissionConfigurationChecker
    public List<MisconfigurationInformation> apply(Project project) {
        Option<ProjectRole> role = this.serviceDeskRoleManager.getRole(ServiceDeskProjectRole.TEAM);
        if (role.isEmpty()) {
            return ImmutableList.of(new TeamRoleMissingError());
        }
        ImmutableList.Builder builder = ImmutableList.builder();
        List<ProjectPermissionKey> permissionsForRoleAndProject = this.permissionSchemeUtil.getPermissionsForRoleAndProject(project, (ProjectRole) role.get());
        Stream<ProjectPermissionKey> stream = FORBIDDEN_TEAM_MEMBER_PERMISSIONS.stream();
        permissionsForRoleAndProject.getClass();
        Set set = (Set) stream.filter((v1) -> {
            return r1.contains(v1);
        }).collect(Collectors.toSet());
        if (!set.isEmpty()) {
            builder.add(new TeamRoleAssignedIllegalPermissionsError(permissionNames(set, this.i18nHelper, this.permissionManager), Severity.Critical, set));
        }
        Set set2 = (Set) REQUIRED_TEAM_MEMBER_PERMISSIONS.stream().filter(projectPermissionKey -> {
            return !permissionsForRoleAndProject.contains(projectPermissionKey);
        }).collect(Collectors.toSet());
        if (!set2.isEmpty()) {
            builder.add(new TeamRoleMissingRequiredPermissionsError(permissionNames(set2, this.i18nHelper, this.permissionManager), Severity.Critical, set2));
        }
        Set set3 = (Set) this.initialSDPermissionSchemeManager.getTeamPermissions().stream().filter(projectPermissionKey2 -> {
            return !REQUIRED_TEAM_MEMBER_PERMISSIONS.contains(projectPermissionKey2);
        }).filter(projectPermissionKey3 -> {
            return !permissionsForRoleAndProject.contains(projectPermissionKey3);
        }).collect(Collectors.toSet());
        if (!set3.isEmpty()) {
            builder.add(new TeamRoleMissingRecommendedPermissionsWarning(permissionNames(set3, this.i18nHelper, this.permissionManager), Severity.Warning, set3));
        }
        return builder.build();
    }
}
