package io.corbel.resources.rem.acl;

import com.google.common.collect.Lists;
import com.google.gson.JsonIOException;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.google.gson.JsonSyntaxException;
import com.google.gson.stream.JsonReader;
import io.corbel.lib.token.TokenInfo;
import io.corbel.lib.ws.api.error.ErrorResponseFactory;
import io.corbel.resources.rem.Rem;
import io.corbel.resources.rem.acl.exception.AclFieldNotPresentException;
import io.corbel.resources.rem.request.RequestParameters;
import io.corbel.resources.rem.request.ResourceId;
import io.corbel.resources.rem.request.ResourceParameters;
import io.corbel.resources.rem.request.builder.RequestParametersBuilder;
import io.corbel.resources.rem.service.AclResourcesService;
import io.corbel.resources.rem.service.DefaultAclResourcesService;
import io.corbel.resources.rem.utils.AclUtils;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.ws.rs.core.Response;
import org.springframework.http.HttpMethod;

/* loaded from: input_file:io/corbel/resources/rem/acl/SetUpAclPutRem.class */
public class SetUpAclPutRem extends AclBaseRem {
    private static final String PERMISSION = "permission";
    private static final String PROPERTIES = "properties";
    private final Pattern prefixPattern;

    public SetUpAclPutRem(AclResourcesService aclResourcesService, List<Rem> list) {
        super(aclResourcesService, list);
        this.prefixPattern = Pattern.compile("(?:(?:user:)|(?:group:))\\S+");
    }

    /* JADX WARN: Multi-variable type inference failed */
    public Response resource(String str, ResourceId resourceId, RequestParameters<ResourceParameters> requestParameters, Optional<InputStream> optional, Optional<List<Rem>> optional2) {
        TokenInfo tokenInfo = requestParameters.getTokenInfo();
        if (tokenInfo.getUserId() == null) {
            return ErrorResponseFactory.getInstance().methodNotAllowed();
        }
        if (AclUtils.entityIsEmpty(optional)) {
            return ErrorResponseFactory.getInstance().badRequest();
        }
        try {
            JsonObject asJsonObject = new JsonParser().parse(new JsonReader(new InputStreamReader(optional.get()))).getAsJsonObject();
            boolean z = false;
            ArrayList newArrayList = Lists.newArrayList(new Rem[]{this});
            newArrayList.getClass();
            optional2.ifPresent((v1) -> {
                r1.addAll(v1);
            });
            newArrayList.addAll(this.remsToExclude);
            try {
                z = this.aclResourcesService.isAuthorized(requestParameters.getRequestedDomain(), tokenInfo, str, resourceId, AclPermission.ADMIN);
            } catch (AclFieldNotPresentException e) {
            }
            if (!z) {
                return ErrorResponseFactory.getInstance().unauthorized(AclUtils.buildMessage(AclPermission.ADMIN));
            }
            JsonObject filteredAclObject = getFilteredAclObject(asJsonObject);
            if (!hasAdminPermission(tokenInfo, filteredAclObject)) {
                JsonObject jsonObject = new JsonObject();
                jsonObject.addProperty("permission", AclPermission.ADMIN.toString());
                jsonObject.add("properties", new JsonObject());
                filteredAclObject.add(DefaultAclResourcesService.USER_PREFIX + tokenInfo.getUserId(), jsonObject);
            }
            JsonObject jsonObject2 = new JsonObject();
            jsonObject2.add(DefaultAclResourcesService._ACL, filteredAclObject);
            return this.aclResourcesService.updateResource(this.remService.getRem(str, JSON_MEDIATYPE, HttpMethod.PUT, newArrayList), str, resourceId, new RequestParametersBuilder(requestParameters).build(), jsonObject2, newArrayList);
        } catch (JsonIOException | JsonSyntaxException | IllegalStateException e2) {
            return ErrorResponseFactory.getInstance().invalidEntity("Malformed acl object");
        }
    }

    private JsonObject getFilteredAclObject(JsonObject jsonObject) {
        List list = (List) jsonObject.entrySet().stream().map((v0) -> {
            return v0.getKey();
        }).filter(str -> {
            return str.equals(DefaultAclResourcesService.ALL) || this.prefixPattern.matcher(str).matches();
        }).collect(Collectors.toList());
        JsonObject jsonObject2 = new JsonObject();
        list.forEach(str2 -> {
            Optional.ofNullable(jsonObject.get(str2)).filter((v0) -> {
                return v0.isJsonObject();
            }).map((v0) -> {
                return v0.getAsJsonObject();
            }).flatMap(this::filterAclValue).ifPresent(jsonObject3 -> {
                jsonObject2.add(str2, jsonObject3);
            });
        });
        return jsonObject2;
    }

    private Optional<JsonObject> filterAclValue(JsonObject jsonObject) {
        Optional map = Optional.ofNullable(jsonObject.get("permission")).filter((v0) -> {
            return v0.isJsonPrimitive();
        }).map((v0) -> {
            return v0.getAsJsonPrimitive();
        }).filter((v0) -> {
            return v0.isString();
        }).map((v0) -> {
            return v0.getAsString();
        });
        try {
            map.map(AclPermission::valueOf);
            if (!map.isPresent()) {
                return Optional.empty();
            }
            String str = (String) map.get();
            JsonObject jsonObject2 = (JsonObject) Optional.ofNullable(jsonObject.get("properties")).filter((v0) -> {
                return v0.isJsonObject();
            }).map((v0) -> {
                return v0.getAsJsonObject();
            }).orElseGet(JsonObject::new);
            JsonObject jsonObject3 = new JsonObject();
            jsonObject3.addProperty("permission", str);
            jsonObject3.add("properties", jsonObject2);
            return Optional.of(jsonObject3);
        } catch (IllegalArgumentException e) {
            return Optional.empty();
        }
    }

    private boolean idHasAdminPermission(String str, JsonObject jsonObject) {
        return Optional.ofNullable(jsonObject.get(str)).map((v0) -> {
            return v0.getAsJsonObject();
        }).map(jsonObject2 -> {
            return jsonObject2.get("permission");
        }).map((v0) -> {
            return v0.getAsString();
        }).filter(str2 -> {
            return str2.equals(AclPermission.ADMIN.toString());
        }).isPresent();
    }

    private boolean hasAdminPermission(TokenInfo tokenInfo, JsonObject jsonObject) {
        return hasAdminPermission(Optional.ofNullable(tokenInfo.getUserId()), tokenInfo.getGroups(), jsonObject);
    }

    private boolean hasAdminPermission(Optional<String> optional, Collection<String> collection, JsonObject jsonObject) {
        return Stream.concat(((List) optional.map(str -> {
            return Arrays.asList(DefaultAclResourcesService.ALL, DefaultAclResourcesService.USER_PREFIX + str);
        }).orElseGet(() -> {
            return Collections.singletonList(DefaultAclResourcesService.ALL);
        })).stream(), collection.stream().map(str2 -> {
            return DefaultAclResourcesService.GROUP_PREFIX + str2;
        })).anyMatch(str3 -> {
            return idHasAdminPermission(str3, jsonObject);
        });
    }
}
