package com.mware.core.model.role;

import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.google.common.collect.Sets;
import com.google.inject.Inject;
import com.mware.core.config.Configuration;
import com.mware.core.exception.BcResourceNotFoundException;
import com.mware.core.model.clientapi.dto.Privilege;
import com.mware.core.model.lock.LockRepository;
import com.mware.core.model.notification.UserNotificationRepository;
import com.mware.core.model.properties.RoleSchema;
import com.mware.core.model.user.AuthorizationContext;
import com.mware.core.model.user.GraphAuthorizationRepository;
import com.mware.core.model.user.UserRepository;
import com.mware.core.model.workQueue.WebQueueRepository;
import com.mware.core.security.BcVisibility;
import com.mware.core.trace.Traced;
import com.mware.core.user.SystemUser;
import com.mware.core.user.User;
import com.mware.core.util.BcLogger;
import com.mware.core.util.BcLoggerFactory;
import com.mware.core.util.StreamUtil;
import com.mware.ge.Authorizations;
import com.mware.ge.Direction;
import com.mware.ge.Edge;
import com.mware.ge.Element;
import com.mware.ge.FetchHints;
import com.mware.ge.GeException;
import com.mware.ge.Graph;
import com.mware.ge.Vertex;
import com.mware.ge.VertexBuilder;
import com.mware.ge.query.QueryResultsIterable;
import com.mware.ge.util.ConvertingIterable;
import com.mware.ge.util.IterableUtils;
import com.mware.ge.values.storable.Values;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;

/* loaded from: input_file:com/mware/core/model/role/GeAuthorizationRepository.class */
public class GeAuthorizationRepository extends AuthorizationRepositoryBase {
    private static final String GRAPH_ROLE_ID_PREFIX = "ROLE_";
    private Authorizations authorizations;
    private final GraphAuthorizationRepository graphAuthorizationRepository;
    private final LockRepository lockRepository;
    private final WebQueueRepository webQueueRepository;
    private String roleConceptId;
    private final Cache<String, Vertex> roleVertexCache;
    private static final BcLogger LOGGER = BcLoggerFactory.getLogger(GeAuthorizationRepository.class);
    public static final String VISIBILITY_STRING = "role";
    public static final BcVisibility VISIBILITY = new BcVisibility(VISIBILITY_STRING);

    @Inject
    public GeAuthorizationRepository(Graph graph, GraphAuthorizationRepository graphAuthorizationRepository, Configuration configuration, UserNotificationRepository userNotificationRepository, WebQueueRepository webQueueRepository, LockRepository lockRepository) {
        super(graph, userNotificationRepository, webQueueRepository, configuration);
        this.roleConceptId = AuthorizationRepository.ROLE_CONCEPT_NAME;
        this.roleVertexCache = CacheBuilder.newBuilder().expireAfterWrite(15L, TimeUnit.SECONDS).build();
        this.webQueueRepository = webQueueRepository;
        this.graphAuthorizationRepository = graphAuthorizationRepository;
        this.graphAuthorizationRepository.addAuthorizationToGraph(VISIBILITY_STRING);
        this.graphAuthorizationRepository.addAuthorizationToGraph(UserRepository.VISIBILITY_STRING);
        this.graphAuthorizationRepository.addAuthorizationToGraph("administrator");
        this.lockRepository = lockRepository;
        HashSet hashSet = new HashSet();
        hashSet.add(VISIBILITY_STRING);
        hashSet.add(UserRepository.VISIBILITY_STRING);
        hashSet.add("administrator");
        this.authorizations = graph.createAuthorizations(hashSet);
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public void updateUser(User user, AuthorizationContext authorizationContext) {
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public Set<Role> getRoles(User user) {
        return user instanceof SystemUser ? Sets.newHashSet(new Role[]{getAdministratorRole()}) : (Set) StreamUtil.stream(getGraph().getVertex(user.getUserId(), FetchHints.ALL, this.authorizations).getVertices(Direction.IN, RoleSchema.ROLE_TO_USER_RELATIONSHIP_NAME, this.authorizations)).map(GeRole::new).collect(Collectors.toSet());
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public Set<String> getRoleNames(User user) {
        return (Set) getRoles(user).stream().map((v0) -> {
            return v0.getRoleName();
        }).collect(Collectors.toSet());
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public Iterable<Role> getAllRoles() {
        try {
            QueryResultsIterable<Vertex> vertices = getGraph().query(this.authorizations).hasConceptType(this.roleConceptId).vertices();
            Throwable th = null;
            try {
                ConvertingIterable<Vertex, Role> convertingIterable = new ConvertingIterable<Vertex, Role>(vertices) { // from class: com.mware.core.model.role.GeAuthorizationRepository.1
                    /* JADX INFO: Access modifiers changed from: protected */
                    @Override // com.mware.ge.util.ConvertingIterable
                    public Role convert(Vertex vertex) {
                        return GeAuthorizationRepository.this.createFromVertex(vertex);
                    }
                };
                if (vertices != null) {
                    if (0 != 0) {
                        try {
                            vertices.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        vertices.close();
                    }
                }
                return convertingIterable;
            } finally {
            }
        } catch (Exception e) {
            throw new GeException("Could not close scroll iterable: ", e);
        }
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public Role findById(String str) {
        return createFromVertex(findByIdRoleVertex(str, getGraph().getDefaultFetchHints()));
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public Role findByName(String str) {
        Vertex vertex = (Vertex) IterableUtils.singleOrDefault(getGraph().query(this.authorizations).has(RoleSchema.ROLE_NAME.getPropertyName(), Values.stringValue(formatRole(str))).hasConceptType(this.roleConceptId).vertices(), (Object) null);
        if (vertex == null) {
            return null;
        }
        this.roleVertexCache.put(vertex.getId(), vertex);
        return createFromVertex(vertex);
    }

    private String formatRole(String str) {
        return str.trim().toLowerCase();
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public Role addRole(String str, String str2, boolean z, Set<Privilege> set) {
        String formatRole = formatRole(str);
        String trim = str2.trim();
        VertexBuilder prepareVertex = getGraph().prepareVertex(GRAPH_ROLE_ID_PREFIX + getGraph().getIdGenerator().nextId(), VISIBILITY.getVisibility(), this.roleConceptId);
        RoleSchema.ROLE_NAME.setProperty(prepareVertex, formatRole, VISIBILITY.getVisibility());
        RoleSchema.DESCRIPTION.setProperty(prepareVertex, trim, VISIBILITY.getVisibility());
        RoleSchema.GLOBAL.setProperty(prepareVertex, Boolean.valueOf(z), VISIBILITY.getVisibility());
        RoleSchema.PRIVILEGES.setProperty(prepareVertex, Privilege.toStringPrivileges(set), VISIBILITY.getVisibility());
        GeRole createFromVertex = createFromVertex(prepareVertex.save(this.authorizations));
        getGraph().flush();
        fireNewRoleAddedEvent(createFromVertex);
        return createFromVertex;
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public void deleteRole(Role role) {
        getGraph().softDeleteVertex(findByIdRoleVertex(role.getRoleId(), getGraph().getDefaultFetchHints()), this.authorizations);
        getGraph().flush();
        fireRoleDeletedEvent(role);
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public void setRoleName(Role role, String str) {
        RoleSchema.ROLE_NAME.setProperty((Element) findByIdRoleVertex(role.getRoleId(), getGraph().getDefaultFetchHints()), (Vertex) str, VISIBILITY.getVisibility(), this.authorizations);
        getGraph().flush();
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public void setDescription(Role role, String str) {
        RoleSchema.DESCRIPTION.setProperty((Element) findByIdRoleVertex(role.getRoleId(), getGraph().getDefaultFetchHints()), (Vertex) str, VISIBILITY.getVisibility(), this.authorizations);
        getGraph().flush();
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public void setPrivileges(Role role, Set<Privilege> set) {
        RoleSchema.PRIVILEGES.setProperty((Element) findByIdRoleVertex(role.getRoleId(), getGraph().getDefaultFetchHints()), (Vertex) Privilege.toStringPrivileges(set), VISIBILITY.getVisibility(), this.authorizations);
        getGraph().flush();
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public void setGlobal(Role role, boolean z) {
        RoleSchema.GLOBAL.setProperty((Element) findByIdRoleVertex(role.getRoleId(), getGraph().getDefaultFetchHints()), (Vertex) Boolean.valueOf(z), VISIBILITY.getVisibility(), this.authorizations);
        getGraph().flush();
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public void addRoleToUser(User user, String str, User user2) {
        Role findByName = findByName(str);
        if (findByName == null) {
            findByName = addRole(str, "", true, Collections.emptySet());
        }
        addRoleToUser(user, findByName, user2);
        getGraph().flush();
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public void addRoleToUser(User user, Role role, User user2) {
        if (getRoles(user).contains(role)) {
            return;
        }
        LOGGER.info("Adding role '%s' to user '%s' by '%s'", role.getRoleName(), user.getUsername(), user2.getUsername());
        getGraph().prepareEdge(findByIdRoleVertex(role.getRoleId(), FetchHints.ALL), getGraph().getVertex(user.getUserId(), FetchHints.ALL, this.authorizations), RoleSchema.ROLE_TO_USER_RELATIONSHIP_NAME, VISIBILITY.getVisibility()).save(this.authorizations);
        this.graphAuthorizationRepository.addAuthorizationToGraph(role.getRoleName());
        sendNotificationToUserAboutAddRole(user, role, user2);
        this.webQueueRepository.pushUserAccessChange(user);
        fireUserAddRoleEvent(user, role);
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public void addRolesToUser(User user, Set<Role> set, User user2) {
        Set<Role> roles = getRoles(user);
        set.stream().filter(role -> {
            return !roles.contains(role);
        }).forEach(role2 -> {
            addRoleToUser(user, role2, user2);
        });
        getGraph().flush();
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public void setRolesForUser(User user, Set<Role> set, User user2) {
        removeAllRolesFromUser(user);
        Iterator<Role> it = set.iterator();
        while (it.hasNext()) {
            addRoleToUser(user, it.next(), user2);
        }
        getGraph().flush();
        this.webQueueRepository.pushUserAccessChange(user);
    }

    private void removeAllRolesFromUser(User user) {
        for (Role role : getRoles(user)) {
            this.lockRepository.lock(GRAPH_ROLE_ID_PREFIX + role.getRoleId(), () -> {
                Vertex vertex = getGraph().getVertex(user.getUserId(), FetchHints.ALL, this.authorizations);
                if (vertex == null) {
                    throw new BcResourceNotFoundException("Could not find user: " + user.getUserId(), user.getUserId());
                }
                Vertex findByIdRoleVertex = findByIdRoleVertex(role.getRoleId(), FetchHints.ALL);
                if (findByIdRoleVertex == null) {
                    throw new BcResourceNotFoundException("Could not find role: " + role.getRoleId(), role.getRoleId());
                }
                Iterator it = ((List) StreamUtil.stream(findByIdRoleVertex.getEdges(vertex, Direction.BOTH, RoleSchema.ROLE_TO_USER_RELATIONSHIP_NAME, this.authorizations)).collect(Collectors.toList())).iterator();
                while (it.hasNext()) {
                    getGraph().softDeleteEdge((Edge) it.next(), this.authorizations);
                }
            });
        }
        getGraph().flush();
    }

    @Override // com.mware.core.model.role.AuthorizationRepository
    public void removeRoleFromUser(User user, Role role, User user2) {
        if (getRoles(user).contains(role)) {
            LOGGER.info("Removing role '%s' to user '%s' by '%s'", role.getRoleName(), user.getUsername(), user2.getUsername());
            this.lockRepository.lock(GRAPH_ROLE_ID_PREFIX + role.getRoleId(), () -> {
                Vertex vertex = getGraph().getVertex(user.getUserId(), FetchHints.ALL, this.authorizations);
                if (vertex == null) {
                    throw new BcResourceNotFoundException("Could not find user: " + user.getUserId(), user.getUserId());
                }
                Vertex findByIdRoleVertex = findByIdRoleVertex(role.getRoleId(), FetchHints.ALL);
                if (findByIdRoleVertex == null) {
                    throw new BcResourceNotFoundException("Could not find role: " + role.getRoleId(), role.getRoleId());
                }
                Iterator it = ((List) StreamUtil.stream(findByIdRoleVertex.getEdges(vertex, Direction.BOTH, RoleSchema.ROLE_TO_USER_RELATIONSHIP_NAME, this.authorizations)).collect(Collectors.toList())).iterator();
                while (it.hasNext()) {
                    getGraph().softDeleteEdge((Edge) it.next(), this.authorizations);
                }
                getGraph().flush();
            });
            sendNotificationToUserAboutRemoveRole(user, role, user2);
            this.webQueueRepository.pushUserAccessChange(user);
            fireUserRemoveRoleEvent(user, role);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public GeRole createFromVertex(Vertex vertex) {
        if (vertex == null) {
            return null;
        }
        return new GeRole(vertex);
    }

    @Traced
    private Vertex findByIdRoleVertex(String str, FetchHints fetchHints) {
        Vertex vertex = (Vertex) this.roleVertexCache.getIfPresent(str);
        if (vertex != null) {
            return vertex;
        }
        Vertex vertex2 = getGraph().getVertex(str, fetchHints, this.authorizations);
        if (vertex2 != null) {
            this.roleVertexCache.put(str, vertex2);
        }
        return vertex2;
    }
}
