package org.gridgain.internal.rbac.assignments;

import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;
import java.util.function.Function;
import java.util.stream.Collectors;
import org.gridgain.internal.rbac.AssignmentOperationResult;
import org.gridgain.internal.rbac.assignments.exception.RoleAssignmentNotFoundException;
import org.gridgain.internal.rbac.authorization.Authorizer;
import org.gridgain.internal.rbac.privileges.Action;
import org.gridgain.internal.rbac.privileges.Privilege;
import org.gridgain.internal.rbac.privileges.Selector;
import org.gridgain.internal.rbac.roles.Role;
import org.gridgain.internal.rbac.roles.RoleStore;
import org.gridgain.internal.rbac.roles.RoleView;
import org.gridgain.internal.rbac.roles.exception.RoleNotFoundException;
import org.gridgain.internal.rbac.store.LowerCaseString;
import org.gridgain.internal.rbac.store.OperationResultContainer;
import org.gridgain.internal.rbac.users.User;
import org.gridgain.internal.rbac.users.UserStore;
import org.gridgain.internal.rbac.users.exception.UserNotFoundException;

/* loaded from: input_file:org/gridgain/internal/rbac/assignments/RoleAssignmentManagementImpl.class */
public class RoleAssignmentManagementImpl implements RoleAssignmentManagement {
    private final RoleAssignment roleAssignment;
    private final UserStore userStore;
    private final RoleStore roleStore;
    private final Authorizer authorizer;

    public RoleAssignmentManagementImpl(RoleAssignment roleAssignment, UserStore userStore, RoleStore roleStore, Authorizer authorizer) {
        this.roleAssignment = roleAssignment;
        this.authorizer = authorizer;
        this.userStore = userStore;
        this.roleStore = roleStore;
    }

    public CompletableFuture<Void> assignAsync(Set<String> set, Set<String> set2) {
        return this.authorizer.authorizeThenCompose(Action.GRANT_ROLE, () -> {
            return this.roleAssignment.assign(set, set2).thenAccept(RoleAssignmentManagementImpl::processOperationResult);
        });
    }

    public CompletableFuture<Void> revokeAsync(Set<String> set, Set<String> set2) {
        return this.authorizer.authorizeThenCompose(Action.REVOKE_ROLE, () -> {
            return this.roleAssignment.revoke(set, set2).thenAccept(RoleAssignmentManagementImpl::processOperationResult);
        });
    }

    private static void processOperationResult(OperationResultContainer<AssignmentOperationResult> operationResultContainer) {
        switch (operationResultContainer.result()) {
            case SUCCESS:
                return;
            case ROLE_NOT_FOUND:
                throw RoleNotFoundException.fromMessage(operationResultContainer.value().formatError());
            case USER_NOT_FOUND:
                throw UserNotFoundException.fromMessage(operationResultContainer.value().formatError());
            case RA_NOT_FOUND:
                throw RoleAssignmentNotFoundException.fromMessage(operationResultContainer.value().formatError());
            default:
                throw new IllegalStateException("Unexpected operation result type: " + operationResultContainer);
        }
    }

    public CompletableFuture<Set<User>> usersByRoleAsync(String str) {
        return this.authorizer.authorizeThenCompose(roleReadUserReadPrivileges(), () -> {
            return this.roleStore.get(str).thenCompose(role -> {
                return role == null ? CompletableFuture.failedFuture(new RoleNotFoundException(str)) : this.userStore.getAll().thenApply(collection -> {
                    return (Set) collection.stream().filter(user -> {
                        return user.roles().contains(str);
                    }).collect(Collectors.toSet());
                });
            });
        });
    }

    public CompletableFuture<Set<String>> usernamesByRoleAsync(String str) {
        return this.authorizer.authorizeThenCompose(Privilege.fromAction(Action.READ_ROLE), () -> {
            return this.roleStore.get(str).thenCompose(role -> {
                return role == null ? CompletableFuture.failedFuture(new RoleNotFoundException(str)) : this.userStore.getAll().thenApply(collection -> {
                    return (Set) collection.stream().filter(user -> {
                        return user.roles().contains(str);
                    }).map((v0) -> {
                        return v0.username();
                    }).collect(Collectors.toSet());
                });
            });
        });
    }

    public CompletableFuture<Map<User, Set<Role>>> usersViewsAsync() {
        return this.authorizer.authorizeThenCompose(roleReadUserReadPrivileges(), () -> {
            return userRole().thenApply(RoleAssignmentManagementImpl::toMap);
        });
    }

    private static Map<User, Set<Role>> toMap(UserRole userRole) {
        HashMap hashMap = new HashMap();
        for (User user : userRole.users().values()) {
            hashMap.put(user, (Set) user.roles().stream().map(str -> {
                return userRole.roles().get(LowerCaseString.from(str));
            }).collect(Collectors.toSet()));
        }
        return hashMap;
    }

    public CompletableFuture<Set<RoleView>> rolesViewsAsync() {
        return this.authorizer.authorizeThenCompose(roleReadUserReadPrivileges(), () -> {
            return userRole().thenApply(userRole -> {
                HashSet hashSet = new HashSet();
                for (Role role : userRole.roles().values()) {
                    hashSet.add(RoleView.builder().role(role).assignedUsers((Set) userRole.users().values().stream().filter(user -> {
                        return user.roles().contains(role.name());
                    }).collect(Collectors.toSet())).build());
                }
                return hashSet;
            });
        });
    }

    public CompletableFuture<Set<Role>> rolesByUserAsync(String str) {
        return this.authorizer.authorizeThenCompose(Privilege.builder().action(Action.READ_USER).selector(Selector.user(str)).build(), () -> {
            return this.userStore.get(str).thenApply(user -> {
                if (user == null) {
                    throw new UserNotFoundException(str);
                }
                return user.roles();
            }).thenCompose((Function<? super U, ? extends CompletionStage<U>>) set -> {
                return this.roleStore.get((String[]) set.toArray(new String[0]));
            });
        }).thenApply(roleArr -> {
            return (Set) Arrays.stream(roleArr).filter((v0) -> {
                return Objects.nonNull(v0);
            }).collect(Collectors.toSet());
        });
    }

    private CompletableFuture<UserRole> userRole() {
        return this.roleStore.getAllWithKeys().thenCompose(map -> {
            return this.userStore.getAllWithKeys().thenApply(map -> {
                return new UserRole(map, map);
            });
        });
    }

    private static Set<Privilege> roleReadUserReadPrivileges() {
        return Set.of(Privilege.fromAction(Action.READ_USER), Privilege.fromAction(Action.READ_ROLE));
    }
}
