package org.isisaddons.module.security.facets;

import java.util.concurrent.Callable;
import org.apache.isis.applib.DomainObjectContainer;
import org.apache.isis.applib.events.UsabilityEvent;
import org.apache.isis.applib.events.VisibilityEvent;
import org.apache.isis.applib.services.queryresultscache.QueryResultsCache;
import org.apache.isis.core.metamodel.facetapi.Facet;
import org.apache.isis.core.metamodel.facetapi.FacetAbstract;
import org.apache.isis.core.metamodel.facetapi.FacetHolder;
import org.apache.isis.core.metamodel.interactions.InteractionContext;
import org.apache.isis.core.metamodel.interactions.UsabilityContext;
import org.apache.isis.core.metamodel.interactions.VisibilityContext;
import org.isisaddons.module.security.dom.tenancy.ApplicationTenancy;
import org.isisaddons.module.security.dom.tenancy.ApplicationTenancyPathEvaluator;
import org.isisaddons.module.security.dom.user.ApplicationUser;
import org.isisaddons.module.security.dom.user.ApplicationUserRepository;

/* loaded from: input_file:org/isisaddons/module/security/facets/TenantedAuthorizationFacetDefault.class */
public class TenantedAuthorizationFacetDefault extends FacetAbstract implements TenantedAuthorizationFacet {
    private final ApplicationUserRepository applicationUserRepository;
    private final QueryResultsCache queryResultsCache;
    private final ApplicationTenancyPathEvaluator evaluator;
    private final DomainObjectContainer container;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/isisaddons/module/security/facets/TenantedAuthorizationFacetDefault$Paths.class */
    public static class Paths {
        String objectTenancyPath;
        String userTenancyPath;
        String reason;

        Paths() {
        }
    }

    public static Class<? extends Facet> type() {
        return TenantedAuthorizationFacet.class;
    }

    public TenantedAuthorizationFacetDefault(ApplicationUserRepository applicationUserRepository, QueryResultsCache queryResultsCache, ApplicationTenancyPathEvaluator applicationTenancyPathEvaluator, DomainObjectContainer domainObjectContainer, FacetHolder facetHolder) {
        super(type(), facetHolder, FacetAbstract.Derivation.NOT_DERIVED);
        this.applicationUserRepository = applicationUserRepository;
        this.queryResultsCache = queryResultsCache;
        this.evaluator = applicationTenancyPathEvaluator;
        this.container = domainObjectContainer;
    }

    public String hides(VisibilityContext<? extends VisibilityEvent> visibilityContext) {
        Paths pathsFor = pathsFor(visibilityContext);
        if (pathsFor == null) {
            return null;
        }
        if (pathsFor.reason != null) {
            return pathsFor.reason;
        }
        if (pathsFor.objectTenancyPath.startsWith(pathsFor.userTenancyPath) || pathsFor.userTenancyPath.startsWith(pathsFor.objectTenancyPath)) {
            return null;
        }
        return String.format("User with tenancy '%s' is not permitted to view object with tenancy '%s'", pathsFor.userTenancyPath, pathsFor.objectTenancyPath);
    }

    public String disables(UsabilityContext<? extends UsabilityEvent> usabilityContext) {
        Paths pathsFor = pathsFor(usabilityContext);
        if (pathsFor == null) {
            return null;
        }
        if (pathsFor.reason != null) {
            return pathsFor.reason;
        }
        if (pathsFor.objectTenancyPath.startsWith(pathsFor.userTenancyPath)) {
            return null;
        }
        return String.format("User with tenancy '%s' is not permitted to edit object with tenancy '%s'", pathsFor.userTenancyPath, pathsFor.objectTenancyPath);
    }

    private Paths pathsFor(InteractionContext<?> interactionContext) {
        Paths paths = new Paths();
        String name = this.container.getUser().getName();
        ApplicationUser findApplicationUser = findApplicationUser(name);
        if (findApplicationUser == null) {
            paths.reason = "Could not locate application user for " + name;
            return paths;
        }
        paths.objectTenancyPath = applicationTenancyPathForCached(interactionContext.getTarget().getObject());
        paths.userTenancyPath = userTenancyPathForCached(findApplicationUser);
        if (paths.objectTenancyPath == null) {
            return null;
        }
        if (paths.userTenancyPath == null) {
            paths.reason = "User has no tenancy";
        }
        return paths;
    }

    protected String applicationTenancyPathForCached(final Object obj) {
        return (String) this.queryResultsCache.execute(new Callable<String>() { // from class: org.isisaddons.module.security.facets.TenantedAuthorizationFacetDefault.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.concurrent.Callable
            public String call() throws Exception {
                return TenantedAuthorizationFacetDefault.this.applicationTenancyPathFor(obj);
            }
        }, TenantedAuthorizationFacetDefault.class, "applicationTenancyPathFor", new Object[]{obj});
    }

    protected String applicationTenancyPathFor(Object obj) {
        return this.evaluator.applicationTenancyPathFor(obj);
    }

    protected String userTenancyPathForCached(final ApplicationUser applicationUser) {
        return (String) this.queryResultsCache.execute(new Callable<String>() { // from class: org.isisaddons.module.security.facets.TenantedAuthorizationFacetDefault.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.concurrent.Callable
            public String call() throws Exception {
                return TenantedAuthorizationFacetDefault.this.userTenancyPathFor(applicationUser);
            }
        }, TenantedAuthorizationFacetDefault.class, "userTenancyPathFor", new Object[]{applicationUser});
    }

    protected String userTenancyPathFor(ApplicationUser applicationUser) {
        if (this.evaluator.handles(applicationUser.getClass())) {
            return this.evaluator.applicationTenancyPathFor(applicationUser);
        }
        ApplicationTenancy tenancy = applicationUser.getTenancy();
        if (tenancy == null) {
            return null;
        }
        return tenancy.getPath();
    }

    protected ApplicationUser findApplicationUser(final String str) {
        return (ApplicationUser) this.queryResultsCache.execute(new Callable<ApplicationUser>() { // from class: org.isisaddons.module.security.facets.TenantedAuthorizationFacetDefault.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.concurrent.Callable
            public ApplicationUser call() throws Exception {
                return TenantedAuthorizationFacetDefault.this.findApplicationUserNoCache(str);
            }
        }, TenantedAuthorizationFacetDefault.class, "findApplicationUser", new Object[]{str});
    }

    protected ApplicationUser findApplicationUserNoCache(String str) {
        return this.applicationUserRepository.findByUsername(str);
    }
}
