package io.gravitee.am.management.handlers.management.api.resources;

import io.gravitee.am.identityprovider.api.User;
import io.gravitee.am.management.service.PermissionService;
import io.gravitee.am.management.service.permissions.PermissionAcls;
import io.gravitee.am.management.service.permissions.Permissions;
import io.gravitee.am.model.Acl;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.permissions.Permission;
import io.reactivex.rxjava3.core.Completable;
import io.reactivex.rxjava3.core.Single;
import jakarta.ws.rs.ForbiddenException;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.SecurityContext;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:io/gravitee/am/management/handlers/management/api/resources/AbstractResource.class */
public abstract class AbstractResource {

    @Context
    protected SecurityContext securityContext;

    @Autowired
    protected PermissionService permissionService;

    /* JADX INFO: Access modifiers changed from: protected */
    public User getAuthenticatedUser() {
        if (isAuthenticated()) {
            return (User) this.securityContext.getUserPrincipal().getPrincipal();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isAuthenticated() {
        return this.securityContext.getUserPrincipal() != null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Completable checkPermission(ReferenceType referenceType, String str, Permission permission, Acl... aclArr) {
        return checkPermissions(getAuthenticatedUser(), Permissions.of(referenceType, str, permission, aclArr));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Completable checkAnyPermission(String str, String str2, String str3, String str4, Permission permission, Acl... aclArr) {
        return checkPermissions(getAuthenticatedUser(), Permissions.or(new PermissionAcls[]{Permissions.of(ReferenceType.APPLICATION, str4, permission, aclArr), Permissions.of(ReferenceType.DOMAIN, str3, permission, aclArr), Permissions.of(ReferenceType.ENVIRONMENT, str2, permission, aclArr), Permissions.of(ReferenceType.ORGANIZATION, str, permission, aclArr)}));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Completable checkAnyPermission(User user, String str, String str2, String str3, Permission permission, Acl... aclArr) {
        return checkPermissions(user, Permissions.or(new PermissionAcls[]{Permissions.of(ReferenceType.DOMAIN, str3, permission, aclArr), Permissions.of(ReferenceType.ENVIRONMENT, str2, permission, aclArr), Permissions.of(ReferenceType.ORGANIZATION, str, permission, aclArr)}));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Completable checkAnyPermission(String str, String str2, String str3, Permission permission, Acl... aclArr) {
        return checkPermissions(getAuthenticatedUser(), Permissions.or(new PermissionAcls[]{Permissions.of(ReferenceType.DOMAIN, str3, permission, aclArr), Permissions.of(ReferenceType.ENVIRONMENT, str2, permission, aclArr), Permissions.of(ReferenceType.ORGANIZATION, str, permission, aclArr)}));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Completable checkAnyPermission(String str, String str2, Permission permission, Acl... aclArr) {
        return checkPermissions(getAuthenticatedUser(), Permissions.or(new PermissionAcls[]{Permissions.of(ReferenceType.ENVIRONMENT, str2, permission, aclArr), Permissions.of(ReferenceType.ORGANIZATION, str, permission, aclArr)}));
    }

    private Completable checkPermissions(User user, PermissionAcls permissionAcls) {
        return hasPermission(user, permissionAcls).flatMapCompletable(this::checkPermission);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Single<Boolean> hasPermission(User user, ReferenceType referenceType, String str, Permission permission, Acl... aclArr) {
        return hasPermission(user, Permissions.of(referenceType, str, permission, aclArr));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Single<Boolean> hasAnyPermission(User user, String str, String str2, String str3, String str4, Permission permission, Acl... aclArr) {
        return hasPermission(user, Permissions.or(new PermissionAcls[]{Permissions.of(ReferenceType.APPLICATION, str4, permission, aclArr), Permissions.of(ReferenceType.DOMAIN, str3, permission, aclArr), Permissions.of(ReferenceType.ENVIRONMENT, str2, permission, aclArr), Permissions.of(ReferenceType.ORGANIZATION, str, permission, aclArr)}));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Single<Boolean> hasAnyPermission(User user, String str, String str2, String str3, Permission permission, Acl... aclArr) {
        return hasPermission(user, Permissions.or(new PermissionAcls[]{Permissions.of(ReferenceType.DOMAIN, str3, permission, aclArr), Permissions.of(ReferenceType.ENVIRONMENT, str2, permission, aclArr), Permissions.of(ReferenceType.ORGANIZATION, str, permission, aclArr)}));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Single<Boolean> hasPermission(User user, PermissionAcls permissionAcls) {
        return this.permissionService.hasPermission(user, permissionAcls);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Boolean hasPermission(Map<Permission, Set<Acl>> map, Permission permission, Acl acl) {
        return Boolean.valueOf(map.getOrDefault(permission, Collections.emptySet()).contains(acl));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Boolean hasAnyPermission(Map<ReferenceType, Map<Permission, Set<Acl>>> map, Permission permission, Acl acl) {
        return Boolean.valueOf(hasPermission(map.getOrDefault(ReferenceType.APPLICATION, Collections.emptyMap()), permission, acl).booleanValue() || hasPermission(map.getOrDefault(ReferenceType.DOMAIN, Collections.emptyMap()), permission, acl).booleanValue() || hasPermission(map.getOrDefault(ReferenceType.ENVIRONMENT, Collections.emptyMap()), permission, acl).booleanValue() || hasPermission(map.getOrDefault(ReferenceType.ORGANIZATION, Collections.emptyMap()), permission, acl).booleanValue());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Completable checkPermission(Map<Permission, Set<Acl>> map, Permission permission, Acl acl) {
        return checkPermission(Boolean.valueOf(map.getOrDefault(permission, Collections.emptySet()).contains(acl)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Single<Map<ReferenceType, Map<Permission, Set<Acl>>>> findAllPermissions(User user, String str, String str2, String str3) {
        return findAllPermissions(user, str, str2, str3, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Single<Map<ReferenceType, Map<Permission, Set<Acl>>>> findAllPermissions(User user, String str, String str2, String str3, String str4) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(str4 != null ? this.permissionService.findAllPermissions(user, ReferenceType.APPLICATION, str4) : Single.just(Collections.emptyMap()));
        arrayList.add(str3 != null ? this.permissionService.findAllPermissions(user, ReferenceType.DOMAIN, str3) : Single.just(Collections.emptyMap()));
        arrayList.add(str2 != null ? this.permissionService.findAllPermissions(user, ReferenceType.ENVIRONMENT, str2) : Single.just(Collections.emptyMap()));
        arrayList.add(str != null ? this.permissionService.findAllPermissions(user, ReferenceType.ORGANIZATION, str) : Single.just(Collections.emptyMap()));
        return Single.zip(arrayList, objArr -> {
            HashMap hashMap = new HashMap();
            hashMap.put(ReferenceType.APPLICATION, (Map) objArr[0]);
            hashMap.put(ReferenceType.DOMAIN, (Map) objArr[1]);
            hashMap.put(ReferenceType.ENVIRONMENT, (Map) objArr[2]);
            hashMap.put(ReferenceType.ORGANIZATION, (Map) objArr[3]);
            return hashMap;
        });
    }

    private Completable checkPermission(Boolean bool) {
        return !bool.booleanValue() ? Completable.error(new ForbiddenException("Permission denied")) : Completable.complete();
    }
}
