package io.camunda.tasklist.webapp.security.se;

import io.camunda.authentication.entity.CamundaUser;
import io.camunda.tasklist.util.CollectionUtil;
import io.camunda.tasklist.webapp.graphql.entity.UserDTO;
import io.camunda.tasklist.webapp.security.UserReader;
import io.camunda.tasklist.webapp.security.se.store.UserStore;
import java.util.List;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Profile;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;

@Profile({"!sso-auth & !identity-auth"})
@Component
/* loaded from: input_file:io/camunda/tasklist/webapp/security/se/SearchEngineUserReader.class */
public class SearchEngineUserReader implements UserReader {

    @Autowired
    private UserStore userStore;

    @Autowired
    private RolePermissionService rolePermissionService;

    @Override // io.camunda.tasklist.webapp.security.UserReader
    public Optional<UserDTO> getCurrentUserBy(Authentication authentication) {
        Object principal = authentication.getPrincipal();
        if (!(principal instanceof CamundaUser)) {
            return Optional.empty();
        }
        CamundaUser camundaUser = (CamundaUser) principal;
        return Optional.of(new UserDTO().setUserId(camundaUser.getUserId()).setDisplayName(camundaUser.getDisplayName()).setPermissions(this.rolePermissionService.getPermissions(camundaUser.getRoles().stream().map(Role::fromString).toList())).setApiUser(false));
    }

    @Override // io.camunda.tasklist.webapp.security.UserReader
    public String getCurrentOrganizationId() {
        return UserReader.DEFAULT_ORGANIZATION;
    }

    @Override // io.camunda.tasklist.webapp.security.UserReader
    public List<UserDTO> getUsersByUsernames(List<String> list) {
        return CollectionUtil.map(this.userStore.getUsersByUserIds(list), userEntity -> {
            return new UserDTO().setUserId(userEntity.getUserId()).setDisplayName(userEntity.getDisplayName()).setApiUser(false);
        });
    }

    @Override // io.camunda.tasklist.webapp.security.UserReader
    public Optional<String> getUserToken(Authentication authentication) {
        throw new UnsupportedOperationException("Get token is not supported for Identity authentication");
    }
}
