package be.rlab.tehanu.acl;

import be.rlab.tehanu.AccessDeniedException;
import be.rlab.tehanu.acl.model.AccessControlCondition;
import be.rlab.tehanu.acl.model.Role;
import be.rlab.tehanu.acl.model.UserRole;
import be.rlab.tehanu.clients.model.Chat;
import be.rlab.tehanu.clients.model.User;
import be.rlab.tehanu.config.SecurityConfig;
import be.rlab.tehanu.i18n.MessageSource;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* compiled from: HandlerSecurity.kt */
@Metadata(mv = {1, 7, 1}, k = 1, xi = 48, d1 = {"��H\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010 \n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\u0018�� \u00162\u00020\u0001:\u0001\u0016BA\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\f\u0010\b\u001a\b\u0012\u0004\u0012\u00020\n0\t\u0012\f\u0010\u000b\u001a\b\u0012\u0004\u0012\u00020\f0\t\u0012\u0006\u0010\r\u001a\u00020\u000e¢\u0006\u0002\u0010\u000fJ\u0016\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u0015R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\r\u001a\u00020\u000eX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0006\u001a\u00020\u0007X\u0082\u0004¢\u0006\u0002\n��R\u0014\u0010\b\u001a\b\u0012\u0004\u0012\u00020\n0\tX\u0082\u0004¢\u0006\u0002\n��R\u0014\u0010\u000b\u001a\b\u0012\u0004\u0012\u00020\f0\tX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0017"}, d2 = {"Lbe/rlab/tehanu/acl/HandlerSecurity;", "", "accessControl", "Lbe/rlab/tehanu/acl/AccessControl;", "securityConfig", "Lbe/rlab/tehanu/config/SecurityConfig;", "messageSource", "Lbe/rlab/tehanu/i18n/MessageSource;", "requiredPermissions", "", "", "requiredRoles", "Lbe/rlab/tehanu/acl/model/Role;", "condition", "Lbe/rlab/tehanu/acl/model/AccessControlCondition;", "(Lbe/rlab/tehanu/acl/AccessControl;Lbe/rlab/tehanu/config/SecurityConfig;Lbe/rlab/tehanu/i18n/MessageSource;Ljava/util/List;Ljava/util/List;Lbe/rlab/tehanu/acl/model/AccessControlCondition;)V", "checkPermissions", "", "chat", "Lbe/rlab/tehanu/clients/model/Chat;", "user", "Lbe/rlab/tehanu/clients/model/User;", "Companion", "tehanu-core"})
/* loaded from: input_file:be/rlab/tehanu/acl/HandlerSecurity.class */
public final class HandlerSecurity {

    @NotNull
    public static final Companion Companion = new Companion(null);

    @NotNull
    private final AccessControl accessControl;

    @NotNull
    private final SecurityConfig securityConfig;

    @NotNull
    private final MessageSource messageSource;

    @NotNull
    private final List<String> requiredPermissions;

    @NotNull
    private final List<Role> requiredRoles;

    @NotNull
    private final AccessControlCondition condition;

    @NotNull
    private static final Logger logger;

    /* compiled from: HandlerSecurity.kt */
    @Metadata(mv = {1, 7, 1}, k = 1, xi = 48, d1 = {"��\u0012\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0005"}, d2 = {"Lbe/rlab/tehanu/acl/HandlerSecurity$Companion;", "", "()V", "logger", "Lorg/slf4j/Logger;", "tehanu-core"})
    /* loaded from: input_file:be/rlab/tehanu/acl/HandlerSecurity$Companion.class */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* compiled from: HandlerSecurity.kt */
    @Metadata(mv = {1, 7, 1}, k = 3, xi = 48)
    /* loaded from: input_file:be/rlab/tehanu/acl/HandlerSecurity$WhenMappings.class */
    public /* synthetic */ class WhenMappings {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            int[] iArr = new int[AccessControlCondition.values().length];
            try {
                iArr[AccessControlCondition.ALL.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                iArr[AccessControlCondition.ANY.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            $EnumSwitchMapping$0 = iArr;
        }
    }

    public HandlerSecurity(@NotNull AccessControl accessControl, @NotNull SecurityConfig securityConfig, @NotNull MessageSource messageSource, @NotNull List<String> list, @NotNull List<Role> list2, @NotNull AccessControlCondition accessControlCondition) {
        Intrinsics.checkNotNullParameter(accessControl, "accessControl");
        Intrinsics.checkNotNullParameter(securityConfig, "securityConfig");
        Intrinsics.checkNotNullParameter(messageSource, "messageSource");
        Intrinsics.checkNotNullParameter(list, "requiredPermissions");
        Intrinsics.checkNotNullParameter(list2, "requiredRoles");
        Intrinsics.checkNotNullParameter(accessControlCondition, "condition");
        this.accessControl = accessControl;
        this.securityConfig = securityConfig;
        this.messageSource = messageSource;
        this.requiredPermissions = list;
        this.requiredRoles = list2;
        this.condition = accessControlCondition;
    }

    public final void checkPermissions(@NotNull Chat chat, @NotNull User user) {
        ArrayList emptyList;
        boolean z;
        boolean z2;
        boolean z3;
        Set<String> rolesNames;
        Intrinsics.checkNotNullParameter(chat, "chat");
        Intrinsics.checkNotNullParameter(user, "user");
        boolean isAdmin = this.securityConfig.isAdmin(String.valueOf(user.getId()));
        boolean z4 = this.requiredPermissions.isEmpty() && this.requiredRoles.isEmpty();
        if (isAdmin || z4) {
            logger.debug("admin user: " + isAdmin);
            logger.debug("default permissions: " + z4);
            return;
        }
        UserRole findUserRole = this.accessControl.findUserRole(chat, user);
        if (findUserRole == null || (rolesNames = findUserRole.getRolesNames()) == null) {
            emptyList = CollectionsKt.emptyList();
        } else {
            Set<String> set = rolesNames;
            ArrayList arrayList = new ArrayList();
            Iterator<T> it = set.iterator();
            while (it.hasNext()) {
                Role findRole = this.securityConfig.findRole((String) it.next());
                if (findRole != null) {
                    arrayList.add(findRole);
                }
            }
            emptyList = arrayList;
        }
        List list = emptyList;
        ArrayList arrayList2 = new ArrayList();
        Iterator it2 = list.iterator();
        while (it2.hasNext()) {
            CollectionsKt.addAll(arrayList2, ((Role) it2.next()).getPermissions());
        }
        ArrayList arrayList3 = arrayList2;
        logger.debug("User " + user + " on chat " + chat + " has permissions: " + arrayList3);
        switch (WhenMappings.$EnumSwitchMapping$0[this.condition.ordinal()]) {
            case 1:
                if (!arrayList3.containsAll(this.requiredPermissions) || !list.containsAll(this.requiredRoles)) {
                    z2 = false;
                    break;
                } else {
                    z2 = true;
                    break;
                }
                break;
            case 2:
                ArrayList arrayList4 = arrayList3;
                if ((arrayList4 instanceof Collection) && arrayList4.isEmpty()) {
                    z = false;
                } else {
                    Iterator it3 = arrayList4.iterator();
                    while (true) {
                        if (!it3.hasNext()) {
                            z = false;
                        } else if (this.requiredPermissions.contains((String) it3.next())) {
                            z = true;
                        }
                    }
                }
                if (!z) {
                    List list2 = list;
                    if ((list2 instanceof Collection) && list2.isEmpty()) {
                        z3 = false;
                    } else {
                        Iterator it4 = list2.iterator();
                        while (true) {
                            if (!it4.hasNext()) {
                                z3 = false;
                            } else if (this.requiredRoles.contains((Role) it4.next())) {
                                z3 = true;
                            }
                        }
                    }
                    if (!z3) {
                        z2 = false;
                        break;
                    }
                }
                z2 = true;
                break;
            default:
                throw new NoWhenBranchMatchedException();
        }
        if (!z2) {
            throw new AccessDeniedException(this.messageSource.get("handler-security-error-accessDenied"));
        }
    }

    static {
        Logger logger2 = LoggerFactory.getLogger(HandlerSecurity.class);
        Intrinsics.checkNotNullExpressionValue(logger2, "getLogger(HandlerSecurity::class.java)");
        logger = logger2;
    }
}
