package com.openblocks.domain.permission.service;

import com.google.common.collect.HashMultimap;
import com.google.common.collect.Multimap;
import com.openblocks.domain.permission.model.ResourceAction;
import com.openblocks.domain.permission.model.ResourceHolder;
import com.openblocks.domain.permission.model.ResourcePermission;
import com.openblocks.domain.permission.model.ResourceRole;
import com.openblocks.domain.permission.model.ResourceType;
import com.openblocks.domain.permission.model.UserPermissionOnResourceStatus;
import com.openblocks.infra.annotation.NonEmptyMono;
import com.openblocks.infra.annotation.PossibleEmptyMono;
import com.openblocks.sdk.exception.BizError;
import com.openblocks.sdk.exception.BizException;
import com.openblocks.sdk.util.ExceptionUtils;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.annotation.Nullable;
import javax.validation.constraints.NotNull;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.SetUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Service;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

@Service
/* loaded from: input_file:com/openblocks/domain/permission/service/ResourcePermissionService.class */
public class ResourcePermissionService {

    @Autowired
    private ResourcePermissionRepository repository;

    @Autowired
    @Lazy
    private ApplicationPermissionHandler applicationPermissionHandler;

    @Autowired
    @Lazy
    private DatasourcePermissionHandler datasourcePermissionHandler;

    public Mono<Map<String, Collection<ResourcePermission>>> getByResourceTypeAndResourceIds(ResourceType resourceType, Collection<String> collection) {
        return this.repository.getByResourceTypeAndResourceIds(resourceType, collection);
    }

    @NonEmptyMono
    public Mono<List<ResourcePermission>> getByResourceTypeAndResourceId(ResourceType resourceType, String str) {
        return this.repository.getByResourceTypeAndResourceId(resourceType, str);
    }

    @NonEmptyMono
    public Mono<List<ResourcePermission>> getByApplicationId(String str) {
        return getByResourceTypeAndResourceId(ResourceType.APPLICATION, str);
    }

    @NonEmptyMono
    public Mono<List<ResourcePermission>> getByDataSourceId(String str) {
        return getByResourceTypeAndResourceId(ResourceType.DATASOURCE, str);
    }

    public Mono<Void> insertBatchPermission(ResourceType resourceType, String str, @Nullable Set<String> set, @Nullable Set<String> set2, ResourceRole resourceRole) {
        return (CollectionUtils.isEmpty(set) && CollectionUtils.isEmpty(set2)) ? Mono.empty() : this.repository.insertBatchPermission(resourceType, str, buildResourceHolders(SetUtils.emptyIfNull(set), SetUtils.emptyIfNull(set2)), resourceRole);
    }

    private Multimap<ResourceHolder, String> buildResourceHolders(@NotNull Set<String> set, @NotNull Set<String> set2) {
        HashMultimap create = HashMultimap.create();
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            create.put(ResourceHolder.USER, it.next());
        }
        Iterator<String> it2 = set2.iterator();
        while (it2.hasNext()) {
            create.put(ResourceHolder.GROUP, it2.next());
        }
        return create;
    }

    Mono<Boolean> addPermission(ResourceType resourceType, String str, ResourceHolder resourceHolder, String str2, ResourceRole resourceRole) {
        return this.repository.addPermission(resourceType, str, resourceHolder, str2, resourceRole);
    }

    public Mono<Boolean> addDataSourcePermissionToUser(String str, String str2, ResourceRole resourceRole) {
        return addPermission(ResourceType.DATASOURCE, str, ResourceHolder.USER, str2, resourceRole);
    }

    public Mono<Boolean> addApplicationPermissionToUser(String str, String str2, ResourceRole resourceRole) {
        return addPermission(ResourceType.APPLICATION, str, ResourceHolder.USER, str2, resourceRole);
    }

    public Mono<Boolean> addApplicationPermissionToGroup(String str, String str2, ResourceRole resourceRole) {
        return addPermission(ResourceType.APPLICATION, str, ResourceHolder.GROUP, str2, resourceRole);
    }

    public Mono<ResourcePermission> getById(String str) {
        return this.repository.getById(str);
    }

    public Mono<Boolean> removeById(String str) {
        return this.repository.removePermissionById(str);
    }

    public Mono<Boolean> updateRoleById(String str, ResourceRole resourceRole) {
        return this.repository.updatePermissionRoleById(str, resourceRole);
    }

    private Mono<Map<String, List<ResourcePermission>>> getAllMatchingPermissions(String str, Collection<String> collection, ResourceAction resourceAction) {
        return getResourcePermissionHandler(resourceAction.getResourceType()).getAllMatchingPermissions(str, collection, resourceAction);
    }

    private ResourcePermissionHandler getResourcePermissionHandler(ResourceType resourceType) {
        if (resourceType == ResourceType.DATASOURCE) {
            return this.datasourcePermissionHandler;
        }
        if (resourceType == ResourceType.APPLICATION) {
            return this.applicationPermissionHandler;
        }
        throw ExceptionUtils.ofException(BizError.INVALID_PERMISSION_OPERATION, "INVALID_PERMISSION_OPERATION", new Object[]{resourceType});
    }

    public Flux<String> filterResourceWithPermission(String str, Collection<String> collection, ResourceAction resourceAction) {
        return getAllMatchingPermissions(str, collection, resourceAction).flatMapIterable((v0) -> {
            return v0.entrySet();
        }).filter(entry -> {
            return CollectionUtils.isNotEmpty((Collection) entry.getValue());
        }).map((v0) -> {
            return v0.getKey();
        });
    }

    public Mono<Void> checkResourcePermissionWithError(String str, String str2, ResourceAction resourceAction) {
        return getAllMatchingPermissions(str, Collections.singleton(str2), resourceAction).flatMap(map -> {
            return CollectionUtils.isNotEmpty((List) map.get(str2)) ? Mono.empty() : Mono.error(new BizException(BizError.NOT_AUTHORIZED, "NOT_AUTHORIZED", new Object[0]));
        });
    }

    @PossibleEmptyMono
    public Mono<ResourcePermission> getMaxMatchingPermission(String str, String str2, ResourceAction resourceAction) {
        return getMaxMatchingPermission(str, Collections.singleton(str2), resourceAction).flatMap(map -> {
            ResourcePermission resourcePermission = (ResourcePermission) map.get(str2);
            return resourcePermission == null ? Mono.empty() : Mono.just(resourcePermission);
        });
    }

    public Mono<Boolean> haveAllEnoughPermissions(String str, Collection<String> collection, ResourceAction resourceAction) {
        return getMaxMatchingPermission(str, collection, resourceAction).map(map -> {
            return Boolean.valueOf(map.keySet().containsAll(collection));
        });
    }

    public Mono<Map<String, ResourcePermission>> getMaxMatchingPermission(String str, Collection<String> collection, ResourceAction resourceAction) {
        return getAllMatchingPermissions(str, collection, resourceAction).flatMapIterable((v0) -> {
            return v0.entrySet();
        }).filter(entry -> {
            return CollectionUtils.isNotEmpty((Collection) entry.getValue());
        }).collectMap((v0) -> {
            return v0.getKey();
        }, entry2 -> {
            return getMaxRole((List) entry2.getValue());
        });
    }

    private ResourcePermission getMaxRole(List<ResourcePermission> list) {
        return list.stream().max(Comparator.comparingInt(resourcePermission -> {
            return resourcePermission.getResourceRole().getRoleWeight();
        })).get();
    }

    public Mono<ResourcePermission> checkAndReturnMaxPermission(String str, String str2, ResourceAction resourceAction) {
        return getMaxMatchingPermission(str, Collections.singleton(str2), resourceAction).flatMap(map -> {
            return !map.containsKey(str2) ? ExceptionUtils.ofError(BizError.NOT_AUTHORIZED, "NOT_AUTHORIZED", new Object[0]) : Mono.just((ResourcePermission) map.get(str2));
        });
    }

    public Mono<UserPermissionOnResourceStatus> checkUserPermissionStatusOnResource(String str, String str2, ResourceAction resourceAction) {
        return getResourcePermissionHandler(resourceAction.getResourceType()).checkUserPermissionStatusOnResource(str, str2, resourceAction);
    }

    public Mono<Boolean> removeUserApplicationPermission(String str, String str2) {
        return this.repository.removePermissionBy(ResourceType.APPLICATION, str, ResourceHolder.USER, str2);
    }

    public Mono<Boolean> removeUserDatasourcePermission(String str, String str2) {
        return this.repository.removePermissionBy(ResourceType.APPLICATION, str, ResourceHolder.USER, str2);
    }

    public Mono<ResourcePermission> getUserAssignedPermissionForApplication(String str, String str2) {
        return this.repository.getByResourceTypeAndResourceIdAndTargetId(ResourceType.APPLICATION, str, ResourceHolder.USER, str2);
    }
}
