package io.datarouter.auth.web.service;

import io.datarouter.auth.role.RoleManager;
import io.datarouter.auth.service.deprovisioning.UserDeprovisioningStrategy;
import io.datarouter.auth.session.UserSessionService;
import io.datarouter.auth.storage.user.datarouteruser.DatarouterUser;
import io.datarouter.auth.storage.user.datarouteruser.DatarouterUserDao;
import io.datarouter.auth.storage.user.deprovisioneduser.DeprovisionedUser;
import io.datarouter.auth.storage.user.deprovisioneduser.DeprovisionedUserDao;
import io.datarouter.auth.storage.user.deprovisioneduser.DeprovisionedUserKey;
import io.datarouter.scanner.Scanner;
import io.datarouter.scanner.WarnOnModifyList;
import jakarta.inject.Inject;
import jakarta.inject.Singleton;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;

@Singleton
/* loaded from: input_file:io/datarouter/auth/web/service/DatarouterUserDeprovisioningStrategy.class */
public class DatarouterUserDeprovisioningStrategy implements UserDeprovisioningStrategy {

    @Inject
    private DatarouterUserDao datarouterUserDao;

    @Inject
    private DatarouterUserHistoryService datarouterUserHistoryService;

    @Inject
    private DeprovisionedUserDao deprovisionedUserDao;

    @Inject
    private RoleManager roleManager;

    @Inject
    private UserSessionService userSessionService;

    public List<String> flagUsers(List<String> list, Optional<String> optional) {
        return doFlagOrDeprovision(list, false, optional);
    }

    public List<String> deprovisionUsers(List<String> list, Optional<String> optional) {
        return doFlagOrDeprovision(list, true, optional);
    }

    private List<String> doFlagOrDeprovision(List<String> list, boolean z, Optional<String> optional) {
        this.userSessionService.deleteUserSessions(list);
        ArrayList arrayList = new ArrayList();
        Scanner map = Scanner.of(list).map(DatarouterUser.DatarouterUserByUsernameLookup::new);
        DatarouterUserDao datarouterUserDao = this.datarouterUserDao;
        datarouterUserDao.getClass();
        List<DatarouterUser> list2 = (List) map.listTo((v1) -> {
            return r1.getMultiByUsername(v1);
        });
        ArrayList arrayList2 = new ArrayList();
        list2.forEach(datarouterUser -> {
            arrayList.add(new DeprovisionedUser(datarouterUser.getUsername(), datarouterUser.getRolesIgnoreSaml(), z ? DeprovisionedUser.UserDeprovisioningStatus.DEPROVISIONED : DeprovisionedUser.UserDeprovisioningStatus.FLAGGED));
            datarouterUser.setRoles(List.of());
            datarouterUser.setEnabled(false);
            arrayList2.add(datarouterUser.getUsername());
        });
        this.deprovisionedUserDao.putMulti(arrayList);
        if (z) {
            Optional<U> map2 = optional.map(DatarouterUser.DatarouterUserByUsernameLookup::new);
            DatarouterUserDao datarouterUserDao2 = this.datarouterUserDao;
            datarouterUserDao2.getClass();
            Optional<DatarouterUser> map3 = map2.map(datarouterUserDao2::getByUsername);
            this.datarouterUserDao.putMulti(list2);
            this.datarouterUserHistoryService.recordDeprovisions(list2, map3);
        }
        return arrayList2;
    }

    public List<String> restoreUsers(List<String> list, Optional<String> optional) {
        Set allRoles = this.roleManager.getAllRoles();
        Scanner map = Scanner.of(list).map(DeprovisionedUserKey::new);
        DeprovisionedUserDao deprovisionedUserDao = this.deprovisionedUserDao;
        deprovisionedUserDao.getClass();
        Map map2 = ((Scanner) map.listTo((v1) -> {
            return r1.scanWithPrefixes(v1);
        })).include(deprovisionedUser -> {
            return deprovisionedUser.getStatus() == DeprovisionedUser.UserDeprovisioningStatus.DEPROVISIONED;
        }).toMap((v0) -> {
            return v0.getUsername();
        }, (v0) -> {
            return v0.getRoles();
        });
        Scanner map3 = Scanner.of(list).map(DatarouterUser.DatarouterUserByUsernameLookup::new);
        DatarouterUserDao datarouterUserDao = this.datarouterUserDao;
        datarouterUserDao.getClass();
        Map map4 = (Map) ((List) map3.listTo((v1) -> {
            return r1.getMultiByUsername(v1);
        })).stream().collect(Collectors.toMap((v0) -> {
            return v0.getUsername();
        }, Function.identity()));
        Scanner of = Scanner.of(list);
        map2.getClass();
        Scanner include = of.include((v1) -> {
            return r1.containsKey(v1);
        });
        map4.getClass();
        Scanner map5 = include.include((v1) -> {
            return r1.containsKey(v1);
        }).map(str -> {
            Stream stream = ((Set) map2.get(str)).stream();
            allRoles.getClass();
            List list2 = (List) stream.filter((v1) -> {
                return r1.contains(v1);
            }).collect(WarnOnModifyList.deprecatedCollector());
            DatarouterUser datarouterUser = (DatarouterUser) map4.get(str);
            datarouterUser.setRoles(list2);
            datarouterUser.setEnabled(true);
            return datarouterUser;
        });
        Scanner of2 = Scanner.of(list);
        map2.getClass();
        Scanner exclude = of2.exclude((v1) -> {
            return r1.containsKey(v1);
        });
        map4.getClass();
        Scanner append = map5.append(exclude.include((v1) -> {
            return r1.containsKey(v1);
        }).map(str2 -> {
            DatarouterUser datarouterUser = (DatarouterUser) map4.get(str2);
            HashSet hashSet = new HashSet(this.roleManager.getDefaultRoles());
            hashSet.addAll(datarouterUser.getRolesIgnoreSaml());
            datarouterUser.setRoles(hashSet);
            datarouterUser.setEnabled(true);
            return datarouterUser;
        }));
        DatarouterUserDao datarouterUserDao2 = this.datarouterUserDao;
        datarouterUserDao2.getClass();
        Scanner map6 = append.flush((v1) -> {
            r1.putMulti(v1);
        }).flush(buildRecordRestoreConsumer(optional)).map((v0) -> {
            return v0.getUsername();
        });
        DeprovisionedUserDao deprovisionedUserDao2 = this.deprovisionedUserDao;
        deprovisionedUserDao2.getClass();
        return map6.flush((v1) -> {
            r1.deleteMultiUsernames(v1);
        }).list();
    }

    private Consumer<List<DatarouterUser>> buildRecordRestoreConsumer(Optional<String> optional) {
        Optional<U> map = optional.map(DatarouterUser.DatarouterUserByUsernameLookup::new);
        DatarouterUserDao datarouterUserDao = this.datarouterUserDao;
        datarouterUserDao.getClass();
        Optional map2 = map.map(datarouterUserDao::getByUsername);
        return list -> {
            this.datarouterUserHistoryService.recordRestores(list, map2);
        };
    }
}
