package org.neo4j.cypher.internal.runtime.interpreted.commands.showcommands;

import java.util.List;
import java.util.Optional;
import org.neo4j.cypher.internal.ast.CurrentUser$;
import org.neo4j.cypher.internal.ast.ExecutableBy;
import org.neo4j.cypher.internal.ast.User;
import org.neo4j.cypher.internal.runtime.interpreted.commands.showcommands.ShowProcFuncCommandHelper;
import org.neo4j.graphdb.GraphDatabaseService;
import org.neo4j.graphdb.ResourceIterator;
import org.neo4j.graphdb.Transaction;
import org.neo4j.internal.kernel.api.procs.DefaultParameterValue;
import org.neo4j.internal.kernel.api.procs.FieldSignature;
import org.neo4j.internal.kernel.api.security.AdminActionOnResource;
import org.neo4j.internal.kernel.api.security.AuthSubject;
import org.neo4j.internal.kernel.api.security.PermissionState;
import org.neo4j.internal.kernel.api.security.PrivilegeAction;
import org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler;
import org.neo4j.internal.kernel.api.security.SecurityContext;
import org.neo4j.internal.kernel.api.security.Segment;
import org.neo4j.kernel.impl.query.FunctionInformation;
import org.neo4j.values.AnyValue;
import org.neo4j.values.storable.Values;
import org.neo4j.values.virtual.ListValue;
import org.neo4j.values.virtual.VirtualValues;
import scala.$less$colon$less$;
import scala.Function0;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Some;
import scala.Tuple2;
import scala.Tuple3;
import scala.collection.ArrayOps$;
import scala.collection.Map;
import scala.collection.immutable.Set;
import scala.jdk.CollectionConverters$;
import scala.math.Ordering$String$;
import scala.package$;
import scala.reflect.ClassTag$;
import scala.runtime.BoxesRunTime;
import scala.runtime.ScalaRunTime$;

/* compiled from: ShowProcFuncCommandHelper.scala */
/* loaded from: input_file:org/neo4j/cypher/internal/runtime/interpreted/commands/showcommands/ShowProcFuncCommandHelper$.class */
public final class ShowProcFuncCommandHelper$ {
    public static final ShowProcFuncCommandHelper$ MODULE$ = new ShowProcFuncCommandHelper$();

    public Tuple2<Set<String>, Object> getRolesForExecutableByUser(SecurityContext securityContext, SecurityAuthorizationHandler securityAuthorizationHandler, Function0<GraphDatabaseService> function0, Option<ExecutableBy> option, String str) {
        boolean z = false;
        Some some = null;
        if (option instanceof Some) {
            z = true;
            some = (Some) option;
            if (CurrentUser$.MODULE$.equals((ExecutableBy) some.value()) && securityContext.subject().equals(AuthSubject.AUTH_DISABLED)) {
                return new Tuple2<>(Predef$.MODULE$.Set().empty(), BoxesRunTime.boxToBoolean(true));
            }
        }
        if (z) {
            User user = (ExecutableBy) some.value();
            if (user instanceof User) {
                String name = user.name();
                if (!securityContext.subject().hasUsername(name)) {
                    PermissionState allowsAdminAction = securityContext.allowsAdminAction(new AdminActionOnResource(PrivilegeAction.SHOW_USER, AdminActionOnResource.DatabaseScope.ALL, Segment.ALL));
                    if (!allowsAdminAction.allowsAccess()) {
                        PermissionState permissionState = PermissionState.EXPLICIT_DENY;
                        throw securityAuthorizationHandler.logAndGetAuthorizationException(securityContext, (allowsAdminAction != null ? !allowsAdminAction.equals(permissionState) : permissionState != null) ? "Permission not granted for " + str + ", requires SHOW USER privilege. Try executing SHOW USER PRIVILEGES to determine the missing privileges. In case of missing privileges, they need to be granted (See GRANT)." : "Permission denied for " + str + ", requires SHOW USER privilege. Try executing SHOW USER PRIVILEGES to determine the denied privileges. In case of denied privileges, they need to be revoked (See REVOKE) and granted.");
                    }
                    Transaction beginTx = ((GraphDatabaseService) function0.apply()).beginTx();
                    ResourceIterator columnAs = beginTx.execute("SHOW USERS YIELD user, roles WHERE user = $name RETURN roles", CollectionConverters$.MODULE$.MapHasAsJava((Map) Predef$.MODULE$.Map().apply(ScalaRunTime$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("name"), name)}))).asJava()).columnAs("roles");
                    Set set = columnAs.hasNext() ? CollectionConverters$.MODULE$.ListHasAsScala((List) columnAs.next()).asScala().toSet() : Predef$.MODULE$.Set().empty();
                    beginTx.commit();
                    return new Tuple2<>(set, BoxesRunTime.boxToBoolean(false));
                }
            }
        }
        if (z) {
            return new Tuple2<>(CollectionConverters$.MODULE$.SetHasAsScala(securityContext.roles()).asScala().toSet(), BoxesRunTime.boxToBoolean(false));
        }
        if (None$.MODULE$.equals(option)) {
            return new Tuple2<>(Predef$.MODULE$.Set().empty(), BoxesRunTime.boxToBoolean(false));
        }
        throw new MatchError(option);
    }

    public scala.collection.immutable.List<FunctionInformation.InputInformation> getSignatureValues(List<FieldSignature> list) {
        return CollectionConverters$.MODULE$.ListHasAsScala(list).asScala().toList().map(fieldSignature -> {
            Optional defaultValue = fieldSignature.defaultValue();
            return new FunctionInformation.InputInformation(fieldSignature.name(), fieldSignature.neo4jType().toString(), fieldSignature.toString(), Predef$.MODULE$.boolean2Boolean(fieldSignature.isDeprecated()), defaultValue.isPresent() ? Optional.of(((DefaultParameterValue) defaultValue.get()).toString()) : Optional.empty());
        });
    }

    public ListValue fieldDescriptions(scala.collection.immutable.List<FunctionInformation.InputInformation> list) {
        return VirtualValues.fromList(CollectionConverters$.MODULE$.SeqHasAsJava(list.map(inputInformation -> {
            String[] strArr = {"name", "type", "description", "isDeprecated"};
            AnyValue[] anyValueArr = {Values.stringValue(inputInformation.name()), Values.stringValue(inputInformation.type()), Values.stringValue(inputInformation.description()), Values.booleanValue(Predef$.MODULE$.Boolean2boolean(inputInformation.isDeprecated()))};
            Optional defaultValue = inputInformation.defaultValue();
            return defaultValue.isPresent() ? VirtualValues.map((String[]) ArrayOps$.MODULE$.$colon$plus$extension(Predef$.MODULE$.refArrayOps(strArr), "default", ClassTag$.MODULE$.apply(String.class)), (AnyValue[]) ArrayOps$.MODULE$.$colon$plus$extension(Predef$.MODULE$.refArrayOps(anyValueArr), Values.stringValue((String) defaultValue.get()), ClassTag$.MODULE$.apply(AnyValue.class))) : VirtualValues.map(strArr, anyValueArr);
        })).asJava());
    }

    public ShowProcFuncCommandHelper.Privileges getPrivileges(GraphDatabaseService graphDatabaseService, String str) {
        Transaction beginTx = graphDatabaseService.beginTx();
        scala.collection.immutable.List list = CollectionConverters$.MODULE$.IteratorHasAsScala(beginTx.execute("SHOW ALL PRIVILEGES YIELD * WHERE action='execute' AND segment STARTS WITH $seg RETURN access, segment, collect(role) as roles", CollectionConverters$.MODULE$.MapHasAsJava((Map) Predef$.MODULE$.Map().apply(ScalaRunTime$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("seg"), str)}))).asJava())).asScala().map(map -> {
            return CollectionConverters$.MODULE$.MapHasAsScala(map).asScala().toMap($less$colon$less$.MODULE$.refl());
        }).toList();
        scala.collection.immutable.List list2 = CollectionConverters$.MODULE$.IteratorHasAsScala(beginTx.execute("SHOW ALL PRIVILEGES YIELD * WHERE action STARTS WITH 'execute_boosted' AND segment STARTS WITH $seg RETURN access, segment, collect(role) as roles", CollectionConverters$.MODULE$.MapHasAsJava((Map) Predef$.MODULE$.Map().apply(ScalaRunTime$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("seg"), str)}))).asJava())).asScala().map(map2 -> {
            return CollectionConverters$.MODULE$.MapHasAsScala(map2).asScala().toMap($less$colon$less$.MODULE$.refl());
        }).toList();
        scala.collection.immutable.List list3 = str.equals("PROCEDURE") ? CollectionConverters$.MODULE$.IteratorHasAsScala(beginTx.execute("SHOW ALL PRIVILEGES YIELD * WHERE action='execute_admin' RETURN access, collect(role) as roles")).asScala().map(map3 -> {
            return CollectionConverters$.MODULE$.MapHasAsScala(map3).asScala().toMap($less$colon$less$.MODULE$.refl());
        }).toList() : package$.MODULE$.List().empty();
        scala.collection.immutable.List list4 = CollectionConverters$.MODULE$.IteratorHasAsScala(beginTx.execute("SHOW ALL PRIVILEGES YIELD * WHERE action IN ['admin', 'dbms_actions'] RETURN access, collect(role) as roles")).asScala().map(map4 -> {
            return CollectionConverters$.MODULE$.MapHasAsScala(map4).asScala().toMap($less$colon$less$.MODULE$.refl());
        }).toList();
        beginTx.commit();
        return new ShowProcFuncCommandHelper.Privileges(list, list2, list4, list3);
    }

    public Tuple3<Set<String>, Set<String>, Object> roles(String str, boolean z, ShowProcFuncCommandHelper.Privileges privileges, Set<String> set) {
        if (!z) {
            Set<String> grantedExecuteRoles = privileges.grantedExecuteRoles(str);
            Set<String> grantedBoostedExecuteRoles = privileges.grantedBoostedExecuteRoles(str);
            Set<String> deniedExecuteRoles = privileges.deniedExecuteRoles(str);
            return new Tuple3<>(grantedExecuteRoles.$minus$minus(deniedExecuteRoles), grantedBoostedExecuteRoles.$minus$minus(privileges.deniedBoostedExecuteRoles(str)), BoxesRunTime.boxToBoolean(set.exists(str2 -> {
                return BoxesRunTime.boxToBoolean(grantedExecuteRoles.contains(str2));
            }) && set.forall(str3 -> {
                return BoxesRunTime.boxToBoolean($anonfun$roles$6(deniedExecuteRoles, str3));
            })));
        }
        Set<String> grantedBoostedExecuteRoles2 = privileges.grantedBoostedExecuteRoles(str);
        Set<String> grantedExecuteRoles2 = privileges.grantedExecuteRoles(str);
        Set $plus$plus = privileges.grantedAdminExecuteRoles().$plus$plus(grantedBoostedExecuteRoles2.intersect(grantedExecuteRoles2));
        Set $plus$plus2 = privileges.grantedAdminExecuteRoles().$plus$plus(grantedBoostedExecuteRoles2);
        Set $plus$plus3 = privileges.deniedAdminExecuteRoles().$plus$plus(privileges.deniedBoostedExecuteRoles(str));
        Set $plus$plus4 = privileges.deniedExecuteRoles(str).$plus$plus($plus$plus3);
        Set $minus$minus = $plus$plus2.$minus$minus($plus$plus3);
        Set $minus$minus2 = $plus$plus.$minus$minus($plus$plus4);
        return new Tuple3<>($minus$minus2, $minus$minus, BoxesRunTime.boxToBoolean(set.forall(str4 -> {
            return BoxesRunTime.boxToBoolean($anonfun$roles$1($plus$plus4, str4));
        }) && (set.exists(str5 -> {
            return BoxesRunTime.boxToBoolean($minus$minus2.contains(str5));
        }) || (set.exists(str6 -> {
            return BoxesRunTime.boxToBoolean(grantedExecuteRoles2.contains(str6));
        }) && set.exists(str7 -> {
            return BoxesRunTime.boxToBoolean($plus$plus2.contains(str7));
        })))));
    }

    public Tuple2<ListValue, ListValue> roleValues(Set<String> set, Set<String> set2) {
        return new Tuple2<>(VirtualValues.fromList(CollectionConverters$.MODULE$.SeqHasAsJava(((scala.collection.immutable.List) set.toList().sorted(Ordering$String$.MODULE$)).map(str -> {
            return Values.stringValue(str);
        })).asJava()), VirtualValues.fromList(CollectionConverters$.MODULE$.SeqHasAsJava(((scala.collection.immutable.List) set2.toList().sorted(Ordering$String$.MODULE$)).map(str2 -> {
            return Values.stringValue(str2);
        })).asJava()));
    }

    public static final /* synthetic */ boolean $anonfun$roles$1(Set set, String str) {
        return !set.contains(str);
    }

    public static final /* synthetic */ boolean $anonfun$roles$6(Set set, String str) {
        return !set.contains(str);
    }

    private ShowProcFuncCommandHelper$() {
    }
}
