package org.trustedanalytics.usermanagement.security.rest;

import com.google.common.base.Strings;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.UUID;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.trustedanalytics.usermanagement.orgs.mocks.OrgResourceMock;
import org.trustedanalytics.usermanagement.security.model.OrgPermission;
import org.trustedanalytics.usermanagement.security.service.UserDetailsFinder;
import org.trustedanalytics.usermanagement.users.model.UserRole;

@RestController
/* loaded from: input_file:org/trustedanalytics/usermanagement/security/rest/AuthorizationController.class */
public class AuthorizationController {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) AuthorizationController.class);
    private final UserDetailsFinder detailsFinder;
    private final OrgResourceMock orgResourceMock;

    @Autowired
    public AuthorizationController(UserDetailsFinder userDetailsFinder, OrgResourceMock orgResourceMock) {
        this.detailsFinder = userDetailsFinder;
        this.orgResourceMock = orgResourceMock;
    }

    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = OrgPermission.class, responseContainer = "List"), @ApiResponse(code = 500, message = "Internal server error")})
    @RequestMapping(value = {"/rest/orgs/permissions"}, method = {RequestMethod.GET})
    @ApiOperation(value = "Returns permissions for user within one organization", notes = "Privilege level: Any consumer of this endpoint must have a valid access token")
    public Collection<OrgPermission> getPermissions(@RequestParam(required = false) String str, Authentication authentication) {
        ArrayList arrayList = new ArrayList();
        if (!Strings.isNullOrEmpty(str)) {
            arrayList.addAll((Collection) Arrays.stream(str.split(",")).map(UUID::fromString).collect(Collectors.toList()));
        }
        return resolvePermissions(arrayList, authentication);
    }

    private Collection<OrgPermission> resolvePermissions(Collection<UUID> collection, Authentication authentication) {
        UUID findUserId = this.detailsFinder.findUserId(authentication);
        UserRole findUserRole = this.detailsFinder.findUserRole(authentication);
        LOGGER.info("Resolving permissions for user: {}", findUserId.toString());
        return UserRole.ADMIN.equals(findUserRole) ? resolveAdminPermissions(collection) : resolveUserPermissions(findUserId, collection);
    }

    private Collection<OrgPermission> resolveAdminPermissions(Collection<UUID> collection) {
        return (Collection) this.orgResourceMock.getOrganizations().stream().map(org2 -> {
            return new OrgPermission(org2, true, true);
        }).collect(Collectors.toList());
    }

    private Collection<OrgPermission> resolveUserPermissions(UUID uuid, Collection<UUID> collection) {
        return (Collection) this.orgResourceMock.getOrganizations().stream().map(org2 -> {
            return new OrgPermission(org2, true, false);
        }).collect(Collectors.toList());
    }
}
