package nl.mirila.model.management.hooks;

import java.util.HashSet;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Stream;
import javax.inject.Inject;
import nl.mirila.model.core.references.Key;
import nl.mirila.model.core.references.Model;
import nl.mirila.model.management.descriptor.ModelDescriptor;
import nl.mirila.model.management.descriptor.ModelDescriptors;
import nl.mirila.model.management.exceptions.EntityNotFoundException;
import nl.mirila.model.management.exceptions.NoRightsException;
import nl.mirila.model.management.managers.EntityPersistenceManager;
import nl.mirila.model.management.parameters.ActionParameters;
import nl.mirila.model.management.parameters.CommonFlags;
import nl.mirila.model.management.parameters.Option;
import nl.mirila.model.management.parameters.RightSettingOption;
import nl.mirila.model.management.query.QueryParameters;
import nl.mirila.model.management.results.Result;
import nl.mirila.model.management.results.Results;
import nl.mirila.security.rights.CurrentRightsActorProvider;
import nl.mirila.security.rights.ObjectRight;
import nl.mirila.security.rights.RightsValidator;
import nl.mirila.security.rights.objects.RightsActor;
import nl.mirila.security.rights.objects.RightsObject;

/* loaded from: input_file:nl/mirila/model/management/hooks/RightsHook.class */
public class RightsHook implements PreHook, PostHook {
    private final ModelDescriptors modelDescriptors;
    private final RightsValidator validator;
    private final CurrentRightsActorProvider currentRightsActorProvider;
    private final EntityPersistenceManager persistenceManager;

    @Inject
    public RightsHook(ModelDescriptors modelDescriptors, RightsValidator rightsValidator, CurrentRightsActorProvider currentRightsActorProvider, EntityPersistenceManager entityPersistenceManager) {
        this.modelDescriptors = modelDescriptors;
        this.validator = rightsValidator;
        this.currentRightsActorProvider = currentRightsActorProvider;
        this.persistenceManager = entityPersistenceManager;
    }

    @Override // nl.mirila.model.management.hooks.PreHook
    public int getPreHookPriority() {
        return Integer.MAX_VALUE;
    }

    @Override // nl.mirila.model.management.hooks.PostHook
    public int getPostHookPriority() {
        return Integer.MIN_VALUE;
    }

    @Override // nl.mirila.model.management.hooks.PostHook
    public <E extends Model> void afterQuery(Results<E> results, QueryParameters<E> queryParameters) {
        if (this.persistenceManager.requiresRightsCheckAfterQuery()) {
            ifRightsEnabled(queryParameters, () -> {
                Set<String> settingKeys = getSettingKeys(queryParameters);
                results.removeIf(model -> {
                    return !this.validator.hasRight(getDescriptor(queryParameters).getRightsObjectForEntity(model), ObjectRight.READ, settingKeys);
                });
            });
        }
    }

    @Override // nl.mirila.model.management.hooks.PostHook
    public <E extends Model> void afterRead(Key<E> key, Result<E> result, ActionParameters<E> actionParameters) {
        result.ifPresent(model -> {
            ifRightsEnabled(actionParameters, () -> {
                if (!this.validator.hasRight(getDescriptor(actionParameters).getRightsObjectForEntity(model), ObjectRight.READ, getSettingKeys(actionParameters))) {
                    throw new NoRightsException(ObjectRight.READ);
                }
            });
        });
    }

    @Override // nl.mirila.model.management.hooks.PreHook
    public <E extends Model> void beforeCreate(E e, ActionParameters<E> actionParameters) {
        ifEntityRightsCheckNeeded(actionParameters, () -> {
            RightsActor rightsActor = this.currentRightsActorProvider.get();
            ModelDescriptor descriptor = getDescriptor(actionParameters);
            String str = descriptor.getRightsCategory() + ".create";
            Model createEmptyInstance = descriptor.getEntityFactory().createEmptyInstance();
            descriptor.getEntityFactory().setOwnerId(createEmptyInstance, rightsActor.getActorId());
            if (!this.validator.hasRight(descriptor.getRightsObjectForEntity(createEmptyInstance), ObjectRight.CREATE, Set.of(str))) {
                throw new NoRightsException(ObjectRight.CREATE);
            }
            RightsObject rightsObjectForEntity = descriptor.getRightsObjectForEntity(e);
            if (!rightsObjectForEntity.getOwnerIds().isEmpty() && !rightsObjectForEntity.getOwnerIds().contains(rightsActor.getActorId())) {
                throw new NoRightsException(ObjectRight.CREATE);
            }
            descriptor.getEntityFactory().setOwnerId(e, rightsActor.getActorId());
        });
    }

    @Override // nl.mirila.model.management.hooks.PreHook
    public <E extends Model> void beforeUpdate(E e, ActionParameters<E> actionParameters) {
        checkRightsOnCurrentEntityIfNeeded(getDescriptor(actionParameters).getPrimaryKeyForEntity(e), ObjectRight.UPDATE, actionParameters);
    }

    @Override // nl.mirila.model.management.hooks.PreHook
    public <E extends Model> void beforeDelete(Key<E> key, ActionParameters<E> actionParameters) {
        checkRightsOnCurrentEntityIfNeeded(key, ObjectRight.DELETE, actionParameters);
    }

    private <E extends Model> void ifRightsEnabled(ActionParameters<E> actionParameters, Runnable runnable) {
        if (actionParameters.hasFlag(CommonFlags.SKIP_RIGHTS_CHECK) || !getDescriptor(actionParameters).usesRights()) {
            return;
        }
        runnable.run();
    }

    private <E extends Model> ModelDescriptor<E> getDescriptor(ActionParameters<E> actionParameters) {
        return this.modelDescriptors.getDescriptorForModel(actionParameters.getModelClass());
    }

    private <E extends Model> void ifEntityRightsCheckNeeded(ActionParameters<E> actionParameters, Runnable runnable) {
        ifRightsEnabled(actionParameters, () -> {
            RightsActor rightsActor = this.currentRightsActorProvider.get();
            Set<String> settingKeys = getSettingKeys(actionParameters);
            if (rightsActor.isSuperUser() || this.validator.hasRight(settingKeys)) {
                return;
            }
            runnable.run();
        });
    }

    private <E extends Model> void checkRightsOnCurrentEntityIfNeeded(Key<E> key, ObjectRight objectRight, ActionParameters<E> actionParameters) {
        ifEntityRightsCheckNeeded(actionParameters, () -> {
            if (!this.validator.hasRight(this.modelDescriptors.getDescriptorForModel(actionParameters.getModelClass()).getRightsObjectForEntity(this.persistenceManager.read(key, actionParameters).orElseThrow(() -> {
                return new EntityNotFoundException(key);
            })), objectRight)) {
                throw new NoRightsException(objectRight);
            }
        });
    }

    private <E extends Model> Set<String> getSettingKeys(ActionParameters<E> actionParameters) {
        String rightsCategory = getDescriptor(actionParameters).getRightsCategory();
        HashSet hashSet = new HashSet();
        hashSet.add(rightsCategory + ".maintain");
        Stream<Option> stream = actionParameters.getOptions().stream();
        Class<RightSettingOption> cls = RightSettingOption.class;
        Objects.requireNonNull(RightSettingOption.class);
        Stream<Option> filter = stream.filter((v1) -> {
            return r1.isInstance(v1);
        });
        Class<RightSettingOption> cls2 = RightSettingOption.class;
        Objects.requireNonNull(RightSettingOption.class);
        Stream map = filter.map((v1) -> {
            return r1.cast(v1);
        }).map((v0) -> {
            return v0.getKeys();
        });
        Objects.requireNonNull(hashSet);
        map.forEach((v1) -> {
            r1.addAll(v1);
        });
        return hashSet;
    }
}
