package no.nav.apiapp.security;

import java.util.Optional;
import no.nav.apiapp.feil.IngenTilgang;
import no.nav.sbl.dialogarena.common.abac.pep.AbacPersonId;
import no.nav.sbl.dialogarena.common.abac.pep.Pep;
import no.nav.sbl.dialogarena.common.abac.pep.domain.ResourceType;
import no.nav.sbl.dialogarena.common.abac.pep.domain.request.Action;
import no.nav.sbl.dialogarena.common.abac.pep.domain.response.BiasedDecisionResponse;
import no.nav.sbl.dialogarena.common.abac.pep.domain.response.Decision;
import no.nav.sbl.dialogarena.common.abac.pep.exception.PepException;

/* loaded from: input_file:no/nav/apiapp/security/PepClient.class */
public class PepClient {
    private final Pep pep;
    private final String applicationDomain;
    private final ResourceType resourceType;

    @Deprecated
    public PepClient(Pep pep, String str) {
        this(pep, str, ResourceType.Person);
    }

    public PepClient(Pep pep, String str, ResourceType resourceType) {
        this.pep = pep;
        this.applicationDomain = str;
        this.resourceType = resourceType;
    }

    @Deprecated
    public String sjekkTilgangTilFnr(String str) {
        return sjekkLeseTilgangTilFnr(str);
    }

    public String sjekkLeseTilgangTilFnr(String str) {
        return sjekkTilgang(AbacPersonId.fnr(str), Action.ActionId.READ).getId();
    }

    public String sjekkSkriveTilgangTilFnr(String str) {
        return sjekkTilgang(AbacPersonId.fnr(str), Action.ActionId.WRITE).getId();
    }

    public void sjekkLesetilgang(AbacPersonId abacPersonId) {
        sjekkTilgang(abacPersonId, Action.ActionId.READ, this.resourceType);
    }

    public void sjekkSkrivetilgang(AbacPersonId abacPersonId) {
        sjekkTilgang(abacPersonId, Action.ActionId.WRITE, this.resourceType);
    }

    public void sjekkTilgangTilEnhet(String str) throws IngenTilgang, PepException {
        if (!harTilgangTilEnhet(str)) {
            throw new IngenTilgang(String.format("Ingen tilgang til enhet '%s'", str));
        }
    }

    public boolean harTilgangTilEnhet(String str) throws PepException {
        return erPermit(this.pep.harTilgang(this.pep.nyRequest().withResourceType(ResourceType.Enhet).withDomain(this.applicationDomain).withEnhet((String) Optional.ofNullable(str).orElse(""))));
    }

    public AbacPersonId sjekkTilgang(AbacPersonId abacPersonId, Action.ActionId actionId) throws PepException {
        return sjekkTilgang(abacPersonId, actionId, this.resourceType);
    }

    public AbacPersonId sjekkTilgang(AbacPersonId abacPersonId, Action.ActionId actionId, ResourceType resourceType) {
        return sjekkTilgang(abacPersonId, this.applicationDomain, actionId, resourceType);
    }

    public AbacPersonId sjekkTilgang(AbacPersonId abacPersonId, String str, Action.ActionId actionId, ResourceType resourceType) {
        if (erPermit(this.pep.harInnloggetBrukerTilgangTilPerson(abacPersonId, str, actionId, resourceType))) {
            return abacPersonId;
        }
        throw new IngenTilgang();
    }

    private boolean erPermit(BiasedDecisionResponse biasedDecisionResponse) {
        return ((Boolean) Optional.ofNullable(biasedDecisionResponse).map((v0) -> {
            return v0.getBiasedDecision();
        }).map(decision -> {
            return Boolean.valueOf(decision == Decision.Permit);
        }).orElse(false)).booleanValue();
    }
}
