package org.molgenis.data.security.owned;

import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.molgenis.data.AbstractRepositoryDecorator;
import org.molgenis.data.Entity;
import org.molgenis.data.Repository;
import org.molgenis.data.security.EntityIdentity;
import org.molgenis.security.core.PermissionSet;
import org.molgenis.security.core.SidUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.acls.model.MutableAcl;
import org.springframework.security.acls.model.MutableAclService;
import org.springframework.security.acls.model.Sid;

/* loaded from: input_file:org/molgenis/data/security/owned/OwnershipDecorator.class */
public class OwnershipDecorator extends AbstractRepositoryDecorator<Entity> {
    private final MutableAclService mutableAclService;
    private final String ownerAttributeName;
    private static final Logger LOG = LoggerFactory.getLogger(OwnershipDecorator.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    public OwnershipDecorator(Repository<Entity> repository, MutableAclService mutableAclService, String str) {
        super(repository);
        this.mutableAclService = (MutableAclService) Objects.requireNonNull(mutableAclService);
        this.ownerAttributeName = (String) Objects.requireNonNull(str);
    }

    public Integer add(Stream<Entity> stream) {
        List list = (List) stream.collect(Collectors.toList());
        Integer add = super.add(list.stream());
        list.forEach(this::assignToOwner);
        return add;
    }

    public void add(Entity entity) {
        super.add(entity);
        assignToOwner(entity);
    }

    private void assignToOwner(Entity entity) {
        EntityIdentity entityIdentity = new EntityIdentity(entity);
        String string = entity.getString(this.ownerAttributeName);
        LOG.debug("Assigning entity {} to owner {}...", entityIdentity, string);
        Sid createUserSid = SidUtils.createUserSid(string);
        MutableAcl mutableAcl = (MutableAcl) this.mutableAclService.readAclById(entityIdentity);
        mutableAcl.setOwner(createUserSid);
        removeAllEntries(mutableAcl);
        mutableAcl.insertAce(0, PermissionSet.WRITE, createUserSid, true);
        this.mutableAclService.updateAcl(mutableAcl);
        LOG.info("Assigned entity {} to owner {}.", entityIdentity, string);
    }

    private void removeAllEntries(MutableAcl mutableAcl) {
        while (!mutableAcl.getEntries().isEmpty()) {
            mutableAcl.deleteAce(0);
        }
    }
}
