package io.camunda.zeebe.engine.processing.tenant;

import io.camunda.zeebe.engine.processing.distribution.CommandDistributionBehavior;
import io.camunda.zeebe.engine.processing.identity.AuthorizationCheckBehavior;
import io.camunda.zeebe.engine.processing.streamprocessor.DistributedTypedRecordProcessor;
import io.camunda.zeebe.engine.processing.streamprocessor.writers.StateWriter;
import io.camunda.zeebe.engine.processing.streamprocessor.writers.TypedRejectionWriter;
import io.camunda.zeebe.engine.processing.streamprocessor.writers.TypedResponseWriter;
import io.camunda.zeebe.engine.processing.streamprocessor.writers.Writers;
import io.camunda.zeebe.engine.state.distribution.DistributionQueue;
import io.camunda.zeebe.engine.state.immutable.TenantState;
import io.camunda.zeebe.engine.state.immutable.UserState;
import io.camunda.zeebe.msgpack.UnpackedObject;
import io.camunda.zeebe.protocol.impl.record.value.tenant.TenantRecord;
import io.camunda.zeebe.protocol.record.RejectionType;
import io.camunda.zeebe.protocol.record.intent.TenantIntent;
import io.camunda.zeebe.protocol.record.value.AuthorizationResourceType;
import io.camunda.zeebe.protocol.record.value.EntityType;
import io.camunda.zeebe.protocol.record.value.PermissionType;
import io.camunda.zeebe.stream.api.records.TypedRecord;
import io.camunda.zeebe.stream.api.state.KeyGenerator;

/* loaded from: input_file:io/camunda/zeebe/engine/processing/tenant/TenantAddEntityProcessor.class */
public class TenantAddEntityProcessor implements DistributedTypedRecordProcessor<TenantRecord> {
    private final TenantState tenantState;
    private final UserState userState;
    private final AuthorizationCheckBehavior authCheckBehavior;
    private final KeyGenerator keyGenerator;
    private final StateWriter stateWriter;
    private final TypedRejectionWriter rejectionWriter;
    private final TypedResponseWriter responseWriter;
    private final CommandDistributionBehavior commandDistributionBehavior;

    public TenantAddEntityProcessor(TenantState tenantState, UserState userState, AuthorizationCheckBehavior authorizationCheckBehavior, KeyGenerator keyGenerator, Writers writers, CommandDistributionBehavior commandDistributionBehavior) {
        this.tenantState = tenantState;
        this.userState = userState;
        this.authCheckBehavior = authorizationCheckBehavior;
        this.keyGenerator = keyGenerator;
        this.stateWriter = writers.state();
        this.rejectionWriter = writers.rejection();
        this.responseWriter = writers.response();
        this.commandDistributionBehavior = commandDistributionBehavior;
    }

    @Override // io.camunda.zeebe.engine.processing.streamprocessor.DistributedTypedRecordProcessor
    public void processNewCommand(TypedRecord<TenantRecord> typedRecord) {
        UnpackedObject unpackedObject = (TenantRecord) typedRecord.getValue();
        long tenantKey = unpackedObject.getTenantKey();
        if (this.tenantState.getTenantByKey(tenantKey).isEmpty()) {
            rejectCommand(typedRecord, RejectionType.NOT_FOUND, "Expected to add entity to tenant with key '%s', but no tenant with this key exists.".formatted(Long.valueOf(tenantKey)));
            return;
        }
        AuthorizationCheckBehavior.AuthorizationRequest addResourceId = new AuthorizationCheckBehavior.AuthorizationRequest(typedRecord, AuthorizationResourceType.TENANT, PermissionType.UPDATE).addResourceId(unpackedObject.getTenantId());
        if (!this.authCheckBehavior.isAuthorized(addResourceId)) {
            rejectCommandWithUnauthorizedError(typedRecord, addResourceId);
            return;
        }
        long entityKey = unpackedObject.getEntityKey();
        if (!isEntityPresent(entityKey, unpackedObject)) {
            rejectCommand(typedRecord, RejectionType.NOT_FOUND, "Expected to add entity with key '%s' to tenant with key '%s', but the entity doesn't exist.".formatted(Long.valueOf(entityKey), Long.valueOf(tenantKey)));
            return;
        }
        this.stateWriter.appendFollowUpEvent(tenantKey, TenantIntent.ENTITY_ADDED, unpackedObject);
        this.responseWriter.writeEventOnCommand(tenantKey, TenantIntent.ENTITY_ADDED, unpackedObject, typedRecord);
        distributeCommand(typedRecord);
    }

    @Override // io.camunda.zeebe.engine.processing.streamprocessor.DistributedTypedRecordProcessor
    public void processDistributedCommand(TypedRecord<TenantRecord> typedRecord) {
        this.stateWriter.appendFollowUpEvent(typedRecord.getKey(), TenantIntent.ENTITY_ADDED, typedRecord.getValue());
        this.commandDistributionBehavior.acknowledgeCommand(typedRecord);
    }

    private boolean isEntityPresent(long j, TenantRecord tenantRecord) {
        if (!this.userState.getUser(j).isPresent()) {
            return false;
        }
        tenantRecord.setEntityType(EntityType.USER);
        return true;
    }

    private void rejectCommandWithUnauthorizedError(TypedRecord<TenantRecord> typedRecord, AuthorizationCheckBehavior.AuthorizationRequest authorizationRequest) {
        rejectCommand(typedRecord, RejectionType.UNAUTHORIZED, AuthorizationCheckBehavior.UNAUTHORIZED_ERROR_MESSAGE.formatted(authorizationRequest.getPermissionType(), authorizationRequest.getResourceType()));
    }

    private void rejectCommand(TypedRecord<TenantRecord> typedRecord, RejectionType rejectionType, String str) {
        this.rejectionWriter.appendRejection(typedRecord, rejectionType, str);
        this.responseWriter.writeRejectionOnCommand(typedRecord, rejectionType, str);
    }

    private void distributeCommand(TypedRecord<TenantRecord> typedRecord) {
        this.commandDistributionBehavior.withKey(this.keyGenerator.nextKey()).inQueue(DistributionQueue.IDENTITY.getQueueId()).distribute(typedRecord);
    }
}
