package org.gridgain.internal.rbac.roles;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionException;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.ignite3.configuration.ConfigurationChangeException;
import org.apache.ignite3.configuration.ConfigurationNodeAlreadyExistException;
import org.apache.ignite3.configuration.NamedListView;
import org.apache.ignite3.internal.util.ExceptionUtils;
import org.gridgain.internal.rbac.configuration.AuthorizationConfiguration;
import org.gridgain.internal.rbac.configuration.PrivilegeNameGenerator;
import org.gridgain.internal.rbac.configuration.RoleConfiguration;
import org.gridgain.internal.rbac.privileges.Action;
import org.gridgain.internal.rbac.privileges.Privilege;
import org.gridgain.internal.rbac.privileges.Selector;
import org.gridgain.internal.rbac.store.LowerCaseString;
import org.gridgain.internal.rbac.store.OperationResult;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:org/gridgain/internal/rbac/roles/ConfigurationRoleStore.class */
public class ConfigurationRoleStore implements RoleStore {
    private final AuthorizationConfiguration authorizationConfiguration;

    public ConfigurationRoleStore(AuthorizationConfiguration authorizationConfiguration) {
        this.authorizationConfiguration = authorizationConfiguration;
    }

    @Override // org.gridgain.internal.rbac.store.Store
    public CompletableFuture<OperationResult> putIfNotExists(LowerCaseString lowerCaseString, Role role) {
        return this.authorizationConfiguration.roles().change(namedListChange -> {
            namedListChange.create(lowerCaseString.value(), roleChange -> {
                roleChange.changeDisplayName(role.name()).changePrivileges(namedListChange -> {
                    for (Privilege privilege : role.privileges()) {
                        namedListChange.create(PrivilegeNameGenerator.privilegeName(privilege), privilegeChange -> {
                            privilegeChange.changeOn(fromSelector(privilege.selector()));
                        });
                    }
                });
            });
        }).handle((r4, th) -> {
            if (th == null) {
                return OperationResult.SUCCESS;
            }
            Throwable unwrapCause = ExceptionUtils.unwrapCause(th);
            if ((!(unwrapCause instanceof ConfigurationChangeException) || !(unwrapCause.getCause() instanceof ConfigurationNodeAlreadyExistException)) && !(unwrapCause instanceof ConfigurationNodeAlreadyExistException)) {
                throw new CompletionException(th);
            }
            return OperationResult.ROLE_EXISTS;
        });
    }

    @Override // org.gridgain.internal.rbac.store.Store
    public CompletableFuture<OperationResult> updateIfExists(LowerCaseString lowerCaseString, Function<Role, Role> function) {
        RoleConfiguration roleConfiguration = this.authorizationConfiguration.roles().get(lowerCaseString.value());
        if (roleConfiguration == null) {
            return CompletableFuture.completedFuture(OperationResult.ROLE_NOT_FOUND);
        }
        Role apply = function.apply(toRole(roleConfiguration.value()));
        return roleConfiguration.change(roleChange -> {
            roleChange.changePrivileges(namedListChange -> {
                ArrayList arrayList = new ArrayList(namedListChange.namedListKeys());
                for (Privilege privilege : apply.privileges()) {
                    arrayList.remove(PrivilegeNameGenerator.privilegeName(privilege));
                    namedListChange.createOrUpdate(PrivilegeNameGenerator.privilegeName(privilege), privilegeChange -> {
                        privilegeChange.changeAction(privilege.action().name()).changeOn(fromSelector(privilege.selector()));
                    });
                }
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    namedListChange.delete((String) it.next());
                }
            });
        }).thenApply(r2 -> {
            return OperationResult.SUCCESS;
        });
    }

    private static String fromSelector(Selector selector) {
        String rawString = selector.toRawString();
        return rawString == null ? "" : rawString;
    }

    @Override // org.gridgain.internal.rbac.store.Store
    public CompletableFuture<OperationResult> removeIfExists(LowerCaseString lowerCaseString) {
        String value = lowerCaseString.value();
        return this.authorizationConfiguration.roles().get(value) == null ? CompletableFuture.completedFuture(OperationResult.ROLE_NOT_FOUND) : this.authorizationConfiguration.roles().change(namedListChange -> {
            namedListChange.delete(value);
        }).thenApply(r2 -> {
            return OperationResult.SUCCESS;
        });
    }

    @Override // org.gridgain.internal.rbac.store.Store
    public CompletableFuture<Collection<Role>> getAll() {
        return CompletableFuture.completedFuture((Collection) roleStream().collect(Collectors.toSet()));
    }

    @Override // org.gridgain.internal.rbac.store.Store
    public CompletableFuture<Role> get(LowerCaseString lowerCaseString) {
        return CompletableFuture.completedFuture(doGet(lowerCaseString));
    }

    @Override // org.gridgain.internal.rbac.store.Store
    public CompletableFuture<Role[]> get(LowerCaseString... lowerCaseStringArr) {
        Role[] roleArr = new Role[lowerCaseStringArr.length];
        for (int i = 0; i < lowerCaseStringArr.length; i++) {
            roleArr[i] = doGet(lowerCaseStringArr[i]);
        }
        return CompletableFuture.completedFuture(roleArr);
    }

    @Override // org.gridgain.internal.rbac.store.Store
    public CompletableFuture<Map<LowerCaseString, Role>> getAllWithKeys() {
        return CompletableFuture.completedFuture((Map) roleStream().collect(Collectors.toMap(role -> {
            return LowerCaseString.from(role.name());
        }, Function.identity())));
    }

    private Stream<Role> roleStream() {
        return ((NamedListView) this.authorizationConfiguration.roles().value()).stream().map(ConfigurationRoleStore::toRole);
    }

    @Nullable
    private Role doGet(LowerCaseString lowerCaseString) {
        RoleConfiguration roleConfiguration = this.authorizationConfiguration.roles().get(lowerCaseString.value());
        if (roleConfiguration == null) {
            return null;
        }
        return toRole(roleConfiguration.value());
    }

    private static Role toRole(org.gridgain.internal.rbac.configuration.RoleView roleView) {
        return Role.builder().name(roleView.displayName()).addPrivileges((Set) roleView.privileges().stream().map(privilegeView -> {
            Privilege.Builder action = Privilege.builder().action(Action.valueOf(privilegeView.action()));
            if (!privilegeView.on().isBlank()) {
                action.selector(privilegeView.on());
            }
            return action.build();
        }).collect(Collectors.toSet())).build();
    }
}
