package io.graphenee.security.impl;

import io.graphenee.core.api.GxNamespaceService;
import io.graphenee.core.enums.AccessKeyType;
import io.graphenee.core.enums.AccessTypeStatus;
import io.graphenee.core.model.BeanCollectionFault;
import io.graphenee.core.model.BeanFault;
import io.graphenee.core.model.api.GxDataService;
import io.graphenee.core.model.bean.GxAccessKeyBean;
import io.graphenee.core.model.bean.GxNamespaceBean;
import io.graphenee.core.model.bean.GxResourceBean;
import io.graphenee.core.model.bean.GxSecurityGroupBean;
import io.graphenee.core.model.bean.GxSecurityPolicyBean;
import io.graphenee.core.model.bean.GxSecurityPolicyDocumentBean;
import io.graphenee.core.model.bean.GxUserAccountBean;
import io.graphenee.core.model.entity.GxAccessKey;
import io.graphenee.core.model.entity.GxNamespace;
import io.graphenee.core.model.entity.GxResource;
import io.graphenee.core.model.entity.GxSecurityGroup;
import io.graphenee.core.model.entity.GxSecurityPolicy;
import io.graphenee.core.model.entity.GxSecurityPolicyDocument;
import io.graphenee.core.model.entity.GxUserAccount;
import io.graphenee.core.model.jpa.repository.GxAccessKeyRepository;
import io.graphenee.core.model.jpa.repository.GxAccessLogRepository;
import io.graphenee.core.model.jpa.repository.GxNamespaceRepository;
import io.graphenee.core.model.jpa.repository.GxResourceRepository;
import io.graphenee.core.model.jpa.repository.GxSecurityGroupRepository;
import io.graphenee.core.model.jpa.repository.GxSecurityPolicyDocumentRepository;
import io.graphenee.core.model.jpa.repository.GxSecurityPolicyRepository;
import io.graphenee.core.model.jpa.repository.GxUserAccountRepository;
import io.graphenee.security.GrapheneeSecurityConfiguration;
import io.graphenee.security.api.GxSecurityDataService;
import io.graphenee.security.exception.GxPermissionException;
import io.graphenee.util.enums.GenderEnum;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import java.util.function.Function;
import java.util.stream.Collectors;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Transactional
@ConditionalOnClass({GrapheneeSecurityConfiguration.class})
@Service
/* loaded from: input_file:io/graphenee/security/impl/GxSecurityDataServiceImpl.class */
public class GxSecurityDataServiceImpl implements GxSecurityDataService {

    @Autowired
    GxDataService dataService;

    @Autowired
    GxAccessKeyRepository gxAccessKeyRepository;

    @Autowired
    GxResourceRepository gxResourceRepository;

    @Autowired
    GxUserAccountRepository gxUserAccountRepository;

    @Autowired
    GxSecurityGroupRepository securityGroupRepo;

    @Autowired
    GxSecurityPolicyRepository securityPolicyRepo;

    @Autowired
    GxNamespaceRepository namespaceRepo;

    @Autowired
    GxSecurityPolicyDocumentRepository securityPolicyDocumentRepo;

    @Autowired
    GxAccessLogRepository accessLogRepo;

    @Autowired
    GxResourceRepository resourceRepo;

    @Autowired
    GxNamespaceService namespaceService;

    @Override // io.graphenee.security.api.GxSecurityDataService
    public void access(GxNamespaceBean gxNamespaceBean, String str, String str2, Timestamp timestamp) throws GxPermissionException {
        if (canAccessResource(gxNamespaceBean, str, str2, timestamp)) {
            this.dataService.log(gxNamespaceBean, str, str2, timestamp, AccessTypeStatus.ACCESS.statusCode(), true);
        } else {
            this.dataService.log(gxNamespaceBean, str, str2, timestamp, AccessTypeStatus.ACCESS.statusCode(), false);
            throw new GxPermissionException("Access denied");
        }
    }

    @Override // io.graphenee.security.api.GxSecurityDataService
    public void checkIn(GxNamespaceBean gxNamespaceBean, String str, String str2, Timestamp timestamp) throws GxPermissionException {
        if (canAccessResource(gxNamespaceBean, str, str2, timestamp)) {
            this.dataService.log(gxNamespaceBean, str, str2, timestamp, AccessTypeStatus.CHECKIN.statusCode(), true);
        } else {
            this.dataService.log(gxNamespaceBean, str, str2, timestamp, AccessTypeStatus.CHECKIN.statusCode(), false);
            throw new GxPermissionException("Check-in denied");
        }
    }

    @Override // io.graphenee.security.api.GxSecurityDataService
    public void checkOut(GxNamespaceBean gxNamespaceBean, String str, String str2, Timestamp timestamp) throws GxPermissionException {
        if (canAccessResource(gxNamespaceBean, str, str2, timestamp)) {
            this.dataService.log(gxNamespaceBean, str, str2, timestamp, AccessTypeStatus.CHECKOUT.statusCode(), true);
        } else {
            this.dataService.log(gxNamespaceBean, str, str2, timestamp, AccessTypeStatus.CHECKOUT.statusCode(), false);
            throw new GxPermissionException("Check-out denied");
        }
    }

    @Override // io.graphenee.security.api.GxSecurityDataService
    public boolean canAccessResource(GxNamespaceBean gxNamespaceBean, String str, String str2, Timestamp timestamp) throws GxPermissionException {
        GxAccessKeyBean makeAccessKeyBean = makeAccessKeyBean(this.gxAccessKeyRepository.findByAccessKey(UUID.fromString(str)));
        if (this.gxResourceRepository.findOneByResourceNameAndGxNamespaceNamespaceAndIsActiveTrue(str2, gxNamespaceBean.getNamespace()) == null) {
            throw new GxPermissionException("Rescource not found.");
        }
        return makeAccessKeyBean.canDoAction(str2, "access");
    }

    private GxNamespaceBean makeNamespaceBean(GxNamespace gxNamespace) {
        GxNamespaceBean gxNamespaceBean = new GxNamespaceBean();
        gxNamespaceBean.setOid(gxNamespace.getOid());
        gxNamespaceBean.setNamespace(gxNamespace.getNamespace());
        gxNamespaceBean.setNamespaceDescription(gxNamespace.getNamespaceDescription());
        gxNamespaceBean.setIsActive(gxNamespace.getIsActive());
        gxNamespaceBean.setIsProtected(gxNamespace.getIsProtected());
        return gxNamespaceBean;
    }

    private GxSecurityPolicyBean makeSecurityPolicyBean(GxSecurityPolicy gxSecurityPolicy) {
        GxSecurityPolicyBean gxSecurityPolicyBean = new GxSecurityPolicyBean();
        gxSecurityPolicyBean.setOid(gxSecurityPolicy.getOid());
        gxSecurityPolicyBean.setPriority(gxSecurityPolicy.getPriority());
        gxSecurityPolicyBean.setSecurityPolicyName(gxSecurityPolicy.getSecurityPolicyName());
        gxSecurityPolicyBean.setSecurityPolicyDescription(gxSecurityPolicy.getSecurityPolicyDescription());
        gxSecurityPolicyBean.setIsActive(gxSecurityPolicy.getIsActive());
        gxSecurityPolicyBean.setIsProtected(gxSecurityPolicy.getIsProtected());
        gxSecurityPolicyBean.setNamespaceFault(BeanFault.beanFault(gxSecurityPolicy.getGxNamespace().getOid(), (Function<Integer, T>) num -> {
            return makeNamespaceBean(this.namespaceRepo.findOne(num));
        }));
        gxSecurityPolicyBean.setSecurityGroupCollectionFault(BeanCollectionFault.collectionFault(() -> {
            return (Collection) this.securityGroupRepo.findAllByGxSecurityPoliciesOidEquals(gxSecurityPolicy.getOid()).stream().map(this::makeSecurityGroupBean).collect(Collectors.toList());
        }));
        gxSecurityPolicyBean.setAccessKeyCollectionFault(BeanCollectionFault.collectionFault(() -> {
            return (Collection) this.gxAccessKeyRepository.findAllByGxSecurityPolicysOidEquals(gxSecurityPolicy.getOid()).stream().map(this::makeAccessKeyBean).collect(Collectors.toList());
        }));
        gxSecurityPolicyBean.setSecurityPolicyDocumentCollectionFault(BeanCollectionFault.collectionFault(() -> {
            return (Collection) this.securityPolicyDocumentRepo.findAllByGxSecurityPolicyOidEquals(gxSecurityPolicy.getOid()).stream().map(this::makeSecurityPolicyDocumentBean).collect(Collectors.toList());
        }));
        return gxSecurityPolicyBean;
    }

    private GxSecurityPolicyDocumentBean makeSecurityPolicyDocumentBean(GxSecurityPolicyDocument gxSecurityPolicyDocument) {
        GxSecurityPolicyDocumentBean gxSecurityPolicyDocumentBean = new GxSecurityPolicyDocumentBean();
        gxSecurityPolicyDocumentBean.setOid(gxSecurityPolicyDocument.getOid());
        gxSecurityPolicyDocumentBean.setDocumentJson(gxSecurityPolicyDocument.getDocumentJson());
        gxSecurityPolicyDocumentBean.setTag(gxSecurityPolicyDocument.getTag());
        gxSecurityPolicyDocumentBean.setIsDefault(gxSecurityPolicyDocument.getIsDefault());
        gxSecurityPolicyDocumentBean.setSecurityPolicyBeanFault(new BeanFault<>(gxSecurityPolicyDocument.getGxSecurityPolicy().getOid(), (Function<Integer, T>) num -> {
            return makeSecurityPolicyBean(this.securityPolicyRepo.findOne(num));
        }));
        return gxSecurityPolicyDocumentBean;
    }

    private GxSecurityGroupBean makeSecurityGroupBean(GxSecurityGroup gxSecurityGroup) {
        GxSecurityGroupBean gxSecurityGroupBean = new GxSecurityGroupBean();
        gxSecurityGroupBean.setOid(gxSecurityGroup.getOid());
        gxSecurityGroupBean.setSecurityGroupName(gxSecurityGroup.getSecurityGroupName());
        gxSecurityGroupBean.setSecurityGroupDescription(gxSecurityGroup.getSecurityGroupDescription());
        gxSecurityGroupBean.setPriority(gxSecurityGroup.getPriority());
        gxSecurityGroupBean.setIsActive(gxSecurityGroup.getIsActive());
        gxSecurityGroupBean.setIsProtected(gxSecurityGroup.getIsProtected());
        gxSecurityGroupBean.setNamespaceFault(BeanFault.beanFault(gxSecurityGroup.getGxNamespace().getOid(), (Function<Integer, T>) num -> {
            return makeNamespaceBean(this.namespaceRepo.findOne(num));
        }));
        gxSecurityGroupBean.setSecurityPolicyCollectionFault(BeanCollectionFault.collectionFault(() -> {
            return (Collection) this.securityPolicyRepo.findAllByGxSecurityGroupsOidEquals(gxSecurityGroup.getOid()).stream().map(this::makeSecurityPolicyBean).collect(Collectors.toList());
        }));
        gxSecurityGroupBean.setAccessKeyCollectionFault(BeanCollectionFault.collectionFault(() -> {
            return (Collection) this.gxAccessKeyRepository.findAllByGxSecurityPolicysOidEquals(gxSecurityGroup.getOid()).stream().map(this::makeAccessKeyBean).collect(Collectors.toList());
        }));
        return gxSecurityGroupBean;
    }

    private GxUserAccountBean makeUserAccountBean(GxUserAccount gxUserAccount) {
        GxUserAccountBean gxUserAccountBean = new GxUserAccountBean();
        gxUserAccountBean.setOid(gxUserAccount.getOid());
        gxUserAccountBean.setUsername(gxUserAccount.getUsername());
        gxUserAccountBean.setEmail(gxUserAccount.getEmail());
        gxUserAccountBean.setFirstName(gxUserAccount.getFirstName());
        gxUserAccountBean.setLastName(gxUserAccount.getLastName());
        gxUserAccountBean.setFullNameNative(gxUserAccount.getFullNameNative());
        gxUserAccountBean.setIsLocked(gxUserAccount.getIsLocked());
        gxUserAccountBean.setIsActive(gxUserAccount.getIsActive());
        gxUserAccountBean.setIsPasswordChangeRequired(gxUserAccount.getIsPasswordChangeRequired());
        gxUserAccountBean.setIsProtected(gxUserAccount.getIsProtected());
        gxUserAccountBean.setSecurityGroupCollectionFault(BeanCollectionFault.collectionFault(() -> {
            return (Collection) this.securityGroupRepo.findAllByGxUserAccountsOidEquals(gxUserAccount.getOid()).stream().map(this::makeSecurityGroupBean).collect(Collectors.toList());
        }));
        gxUserAccountBean.setSecurityPolicyCollectionFault(BeanCollectionFault.collectionFault(() -> {
            return (Collection) this.securityPolicyRepo.findAllByGxUserAccountsOidEquals(gxUserAccount.getOid()).stream().map(this::makeSecurityPolicyBean).collect(Collectors.toList());
        }));
        gxUserAccountBean.setAccessKeyCollectionFault(BeanCollectionFault.collectionFault(() -> {
            return (Collection) this.gxAccessKeyRepository.findAllByGxUserAccountOidEquals(gxUserAccount.getOid()).stream().map(this::makeAccessKeyBean).collect(Collectors.toList());
        }));
        if (gxUserAccount.getGxGender() != null) {
            gxUserAccountBean.setGender(GenderEnum.valueOf(gxUserAccount.getGxGender().getGenderCode()));
        }
        if (gxUserAccount.getGxNamespace() != null) {
            gxUserAccountBean.setNamespaceFault(BeanFault.beanFault(gxUserAccount.getGxNamespace().getOid(), (Function<Integer, T>) num -> {
                return makeNamespaceBean(this.namespaceRepo.findOne(num));
            }));
        }
        return gxUserAccountBean;
    }

    private GxAccessKeyBean makeAccessKeyBean(GxAccessKey gxAccessKey) {
        GxAccessKeyBean gxAccessKeyBean = new GxAccessKeyBean();
        gxAccessKeyBean.setOid(gxAccessKey.getOid());
        gxAccessKeyBean.setAccessKey(gxAccessKey.getAccessKey());
        gxAccessKeyBean.setSecret(gxAccessKey.getSecret());
        gxAccessKeyBean.setIsActive(gxAccessKey.getIsActive());
        if (gxAccessKey.getAccessKeyType() != null) {
            gxAccessKeyBean.setAccessKeyType(AccessKeyType.accessKeyType(gxAccessKey.getAccessKeyType()));
        } else {
            gxAccessKeyBean.setAccessKeyType(null);
        }
        gxAccessKeyBean.setSecurityGroupCollectionFault(BeanCollectionFault.collectionFault(() -> {
            return (Collection) this.securityGroupRepo.findAllByGxAccessKeysOidEquals(gxAccessKey.getOid()).stream().map(this::makeSecurityGroupBean).collect(Collectors.toList());
        }));
        gxAccessKeyBean.setSecurityPolicyCollectionFault(BeanCollectionFault.collectionFault(() -> {
            return (Collection) this.securityPolicyRepo.findAllByGxAccessKeysOidEquals(gxAccessKey.getOid()).stream().map(this::makeSecurityPolicyBean).collect(Collectors.toList());
        }));
        if (gxAccessKey.getGxUserAccount() != null) {
            gxAccessKeyBean.setUserAccountBeanFault(new BeanFault<>(gxAccessKey.getGxUserAccount().getOid(), (Function<Integer, T>) num -> {
                return makeUserAccountBean(this.gxUserAccountRepository.findOne(num));
            }));
        }
        return gxAccessKeyBean;
    }

    private GxResourceBean makeResourceBean(GxResource gxResource, GxNamespaceBean gxNamespaceBean) {
        GxResourceBean gxResourceBean = new GxResourceBean();
        gxResourceBean.setOid(gxResource.getOid());
        gxResourceBean.setResourceName(gxResource.getResourceName());
        gxResourceBean.setResourceDescription(gxResource.getResourceDescription());
        gxResourceBean.setIsActive(gxResource.getIsActive());
        gxResourceBean.setGxNamespaceBeanFault(BeanFault.beanFault(gxResource.getGxNamespace().getOid(), gxNamespaceBean));
        return gxResourceBean;
    }

    @Override // io.graphenee.security.api.GxSecurityDataService
    public List<GxResourceBean> findResources(GxNamespaceBean gxNamespaceBean, String str) throws GxPermissionException {
        GxAccessKey findByAccessKey = this.gxAccessKeyRepository.findByAccessKey(UUID.fromString(str));
        if (findByAccessKey == null) {
            throw new GxPermissionException("Access key is not valid");
        }
        if (!findByAccessKey.getIsActive().booleanValue()) {
            throw new GxPermissionException("Access key is not active");
        }
        if (findByAccessKey.getGxUserAccount() == null) {
            throw new GxPermissionException("Access key is not assigned to any user");
        }
        List<GxResource> findAllByGxNamespaceNamespace = this.gxResourceRepository.findAllByGxNamespaceNamespace(gxNamespaceBean.getNamespace());
        ArrayList arrayList = new ArrayList();
        Iterator<GxResource> it = findAllByGxNamespaceNamespace.iterator();
        while (it.hasNext()) {
            arrayList.add(makeResourceBean(it.next(), gxNamespaceBean));
        }
        return arrayList;
    }
}
