package org.molgenis.data.security;

import com.google.common.collect.Lists;
import com.google.common.collect.Streams;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.molgenis.data.DataService;
import org.molgenis.data.UnknownEntityException;
import org.molgenis.data.meta.model.Package;
import org.molgenis.data.security.auth.Group;
import org.molgenis.data.security.auth.GroupFactory;
import org.molgenis.data.security.auth.GroupMetadata;
import org.molgenis.data.security.auth.GroupPackageService;
import org.molgenis.data.security.auth.GroupPermissionService;
import org.molgenis.data.security.auth.GroupService;
import org.molgenis.data.security.auth.Role;
import org.molgenis.data.security.auth.RoleFactory;
import org.molgenis.data.security.auth.RoleMembership;
import org.molgenis.data.security.auth.RoleMembershipMetadata;
import org.molgenis.data.security.auth.RoleMetadata;
import org.molgenis.data.security.permission.RoleMembershipService;
import org.molgenis.security.core.GroupValueFactory;
import org.molgenis.security.core.model.GroupValue;
import org.molgenis.security.core.utils.SecurityUtils;
import org.springframework.security.acls.model.MutableAclService;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:org/molgenis/data/security/GroupPackageServiceImpl.class */
public class GroupPackageServiceImpl implements GroupPackageService {
    private final GroupValueFactory groupValueFactory;
    private final RoleMembershipService roleMembershipService;
    private final GroupPermissionService groupPermissionService;
    private final RoleFactory roleFactory;
    private final DataService dataService;
    private final GroupFactory groupFactory;
    private final MutableAclService mutableAclService;

    GroupPackageServiceImpl(GroupValueFactory groupValueFactory, RoleMembershipService roleMembershipService, GroupPermissionService groupPermissionService, RoleFactory roleFactory, DataService dataService, GroupFactory groupFactory, MutableAclService mutableAclService) {
        this.groupValueFactory = (GroupValueFactory) Objects.requireNonNull(groupValueFactory);
        this.roleMembershipService = (RoleMembershipService) Objects.requireNonNull(roleMembershipService);
        this.groupPermissionService = (GroupPermissionService) Objects.requireNonNull(groupPermissionService);
        this.roleFactory = (RoleFactory) Objects.requireNonNull(roleFactory);
        this.dataService = (DataService) Objects.requireNonNull(dataService);
        this.groupFactory = (GroupFactory) Objects.requireNonNull(groupFactory);
        this.mutableAclService = (MutableAclService) Objects.requireNonNull(mutableAclService);
    }

    @Override // org.molgenis.data.security.auth.GroupPackageService
    public void createGroup(Package r7) {
        GroupValue createGroup = this.groupValueFactory.createGroup(r7.getId(), r7.getLabel(), GroupService.DEFAULT_ROLES, r7.getId());
        Stream stream = createGroup.getRoles().stream();
        RoleFactory roleFactory = this.roleFactory;
        Objects.requireNonNull(roleFactory);
        Map map = (Map) stream.map(roleFactory::create).collect(Collectors.toMap((v0) -> {
            return v0.getName();
        }, Function.identity()));
        map.values().forEach(role -> {
            addIncludedRolesBasedOnLabels(role, map, createGroup.getName());
        });
        Group create = this.groupFactory.create(createGroup);
        create.setRootPackage(r7);
        create.setRoles(map.values());
        this.dataService.add(GroupMetadata.GROUP, create);
        map.values().forEach(role2 -> {
            role2.setGroup(create);
        });
        this.dataService.add(RoleMetadata.ROLE, map.values().stream());
        this.groupPermissionService.grantDefaultPermissions(createGroup);
        this.roleMembershipService.addUserToRole(SecurityUtils.getCurrentUsername(), getManagerRoleName(createGroup));
    }

    @Override // org.molgenis.data.security.auth.GroupPackageService
    public void createGroups(List<Package> list) {
        list.forEach(this::createGroup);
    }

    @Override // org.molgenis.data.security.auth.GroupPackageService
    public void deleteGroup(Package r6) {
        Group group = getGroup(r6);
        if (group != null) {
            deleteRoles(group);
            this.dataService.delete(GroupMetadata.GROUP, group);
            this.mutableAclService.deleteAcl(new GroupIdentity(group.getName()), true);
        }
    }

    private Group getGroup(Package r5) {
        return this.dataService.query(GroupMetadata.GROUP, Group.class).eq(GroupMetadata.ROOT_PACKAGE, r5.getId()).findOne();
    }

    private void deleteRoles(Group group) {
        Iterable<Role> roles = group.getRoles();
        roles.forEach(this::deleteMembers);
        this.dataService.delete(RoleMetadata.ROLE, Streams.stream(roles));
    }

    private void deleteMembers(Role role) {
        this.dataService.delete(RoleMembershipMetadata.ROLE_MEMBERSHIP, this.dataService.query(RoleMembershipMetadata.ROLE_MEMBERSHIP, RoleMembership.class).eq("role", role.getId()).findAll());
    }

    private String getManagerRoleName(GroupValue groupValue) {
        return (String) groupValue.getRoles().stream().filter(roleValue -> {
            return roleValue.getLabel().equals(GroupService.MANAGER);
        }).map((v0) -> {
            return v0.getName();
        }).findFirst().orElseThrow(() -> {
            return new IllegalStateException("Manager role is missing");
        });
    }

    private void addIncludedRolesBasedOnLabels(Role role, Map<String, Role> map, String str) {
        ArrayList newArrayList = Lists.newArrayList();
        Role findRoleNamed = findRoleNamed(role.getLabel().toUpperCase());
        newArrayList.add(findRoleNamed);
        Stream map2 = Streams.stream(findRoleNamed.getIncludes()).map(role2 -> {
            return GroupValueFactory.createRoleName(str, role2.getLabel());
        });
        Objects.requireNonNull(map);
        Stream map3 = map2.map((v1) -> {
            return r1.get(v1);
        });
        Objects.requireNonNull(newArrayList);
        map3.forEach((v1) -> {
            r1.add(v1);
        });
        role.setIncludes(newArrayList);
    }

    private Role findRoleNamed(String str) {
        Role findOne = this.dataService.query(RoleMetadata.ROLE, Role.class).eq("name", str).findOne();
        if (findOne != null) {
            return findOne;
        }
        RoleMetadata roleMetadata = (RoleMetadata) this.roleFactory.getEntityType();
        throw new UnknownEntityException(roleMetadata, roleMetadata.getAttribute("name"), str);
    }
}
