package org.jgrapes.webconsole.rbac;

import java.util.Collections;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.jgrapes.core.Channel;
import org.jgrapes.core.Component;
import org.jgrapes.core.annotation.Handler;
import org.jgrapes.util.events.ConfigurationUpdate;
import org.jgrapes.webconsole.base.ConsoleConnection;
import org.jgrapes.webconsole.base.ConsoleRole;
import org.jgrapes.webconsole.base.ConsoleUser;
import org.jgrapes.webconsole.base.WebConsoleUtils;
import org.jgrapes.webconsole.base.events.AddConletRequest;
import org.jgrapes.webconsole.base.events.AddConletType;
import org.jgrapes.webconsole.base.events.ConsolePrepared;
import org.jgrapes.webconsole.base.events.DeleteConlet;
import org.jgrapes.webconsole.base.events.RenderConletRequest;
import org.jgrapes.webconsole.base.events.UpdateConletType;

/* loaded from: input_file:org/jgrapes/webconsole/rbac/RoleConletFilter.class */
public class RoleConletFilter extends Component {
    private final Map<String, List<String>> acl;
    private final Set<String> knownTypes;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jgrapes/webconsole/rbac/RoleConletFilter$Permission.class */
    public enum Permission {
        ADD,
        RENDER
    }

    public RoleConletFilter(Channel channel) {
        super(channel);
        this.acl = new HashMap();
        this.knownTypes = new HashSet();
    }

    public RoleConletFilter(Channel channel, Map<?, ?> map) {
        super(channel);
        this.acl = new HashMap();
        this.knownTypes = new HashSet();
        setConletTypesByRole((Map) map.get("conletTypesByRole"));
    }

    public RoleConletFilter setConletTypesByRole(Map<String, List<String>> map) {
        this.acl.clear();
        this.acl.putAll(map);
        for (Map.Entry<String, List<String>> entry : this.acl.entrySet()) {
            entry.setValue((List) entry.getValue().stream().map((v0) -> {
                return v0.trim();
            }).collect(Collectors.toList()));
        }
        return this;
    }

    @Handler
    public void onConfigUpdate(ConfigurationUpdate configurationUpdate) {
        configurationUpdate.structured(componentPath()).map(map -> {
            return (Map) map.get("conletTypesByRole");
        }).ifPresent(this::setConletTypesByRole);
    }

    @Handler
    public void onAddConletType(AddConletType addConletType) {
        this.knownTypes.add(addConletType.conletType());
    }

    @Handler(priority = 800)
    public void onConsolePrepared(ConsolePrepared consolePrepared, ConsoleConnection consoleConnection) {
        HashMap hashMap = new HashMap();
        for (String str : this.knownTypes) {
            EnumSet noneOf = EnumSet.noneOf(Permission.class);
            hashMap.put(str, noneOf);
            Iterator it = WebConsoleUtils.rolesFromSession(consoleConnection.session()).iterator();
            while (true) {
                if (it.hasNext()) {
                    ConsoleRole consoleRole = (ConsoleRole) it.next();
                    Set<Permission> permissionsFromRole = permissionsFromRole(str, consoleRole);
                    if (!permissionsFromRole.isEmpty()) {
                        this.logger.fine(() -> {
                            return "Role " + consoleRole.getName() + " allows user " + ((ConsoleUser) WebConsoleUtils.userFromSession(consoleConnection.session()).get()).getName() + " to " + String.valueOf(permissionsFromRole) + " " + str;
                        });
                        noneOf.addAll(permissionsFromRole);
                        if (noneOf.size() == Permission.values().length) {
                            this.logger.fine(() -> {
                                return "User " + ((ConsoleUser) WebConsoleUtils.userFromSession(consoleConnection.session()).get()).getName() + " has all possible permissions for " + str;
                            });
                            break;
                        }
                    }
                }
            }
        }
        for (Map.Entry entry : hashMap.entrySet()) {
            if (!((Set) entry.getValue()).contains(Permission.ADD)) {
                consoleConnection.respond(new UpdateConletType((String) entry.getKey()));
            }
        }
        consoleConnection.setAssociated(this, hashMap);
    }

    private Set<Permission> permissionsFromRole(String str, ConsoleRole consoleRole) {
        List<String> list = this.acl.get(consoleRole.getName());
        if (list == null) {
            return Collections.emptySet();
        }
        for (String str2 : list) {
            int i = 0;
            while (true) {
                if (str2.charAt(i) != '!' && str2.charAt(i) != '-') {
                    break;
                }
                i++;
            }
            if (str2.startsWith("*")) {
                return Set.of(Permission.ADD, Permission.RENDER);
            }
            if (str.equals(str2.substring(i).trim())) {
                return str2.startsWith("--") ? Collections.emptySet() : (str2.startsWith("!") || str2.startsWith("-")) ? Set.of(Permission.RENDER) : Set.of(Permission.ADD, Permission.RENDER);
            }
        }
        return Set.of(Permission.RENDER);
    }

    @Handler(priority = 1000)
    public void onAddConlet(AddConletRequest addConletRequest, ConsoleConnection consoleConnection) {
        consoleConnection.associated(this, Map.class).ifPresent(map -> {
            Set set = (Set) map.getOrDefault(addConletRequest.conletType(), Collections.emptySet());
            if (addConletRequest.isFrontendRequest()) {
                if (set.contains(Permission.ADD)) {
                    return;
                }
            } else if (set.contains(Permission.RENDER)) {
                return;
            }
            addConletRequest.cancel(true);
        });
    }

    @Handler(priority = 1000)
    public void onRenderConletRequest(RenderConletRequest renderConletRequest, ConsoleConnection consoleConnection) {
        consoleConnection.associated(this, Map.class).ifPresent(map -> {
            if (((Set) map.getOrDefault(renderConletRequest.conletType(), Collections.emptySet())).isEmpty()) {
                renderConletRequest.cancel(true);
                fire(new DeleteConlet(renderConletRequest.conletId(), Collections.emptySet()), new Channel[0]);
            }
        });
    }
}
