package ca.uhn.fhir.rest.server.interceptor.auth;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.lang3.Validate;
import org.hl7.fhir.instance.model.api.IBaseResource;
import org.hl7.fhir.instance.model.api.IIdType;

/* loaded from: input_file:ca/uhn/fhir/rest/server/interceptor/auth/RuleBuilder.class */
public class RuleBuilder implements IAuthRuleBuilder {
    private ArrayList<IAuthRule> myRules = new ArrayList<>();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ca/uhn/fhir/rest/server/interceptor/auth/RuleBuilder$RuleBuilderFinished.class */
    public final class RuleBuilderFinished implements IAuthRuleBuilderRuleOpClassifierFinished {
        private RuleBuilderFinished() {
        }

        @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRuleOpClassifierFinished
        public IAuthRuleBuilder andThen() {
            return RuleBuilder.this;
        }

        @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRuleOpClassifierFinished
        public List<IAuthRule> build() {
            return RuleBuilder.this.myRules;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ca/uhn/fhir/rest/server/interceptor/auth/RuleBuilder$RuleBuilderRule.class */
    public class RuleBuilderRule implements IAuthRuleBuilderRule {
        private PolicyEnum myRuleMode;
        private String myRuleName;
        private RuleOpEnum myRuleOp;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:ca/uhn/fhir/rest/server/interceptor/auth/RuleBuilder$RuleBuilderRule$RuleBuilderRuleOp.class */
        public class RuleBuilderRuleOp implements IAuthRuleBuilderRuleOp {
            private AppliesTypeEnum myAppliesTo;
            private Set<?> myAppliesToTypes;

            /* loaded from: input_file:ca/uhn/fhir/rest/server/interceptor/auth/RuleBuilder$RuleBuilderRule$RuleBuilderRuleOp$RuleBuilderRuleOpClassifier.class */
            private class RuleBuilderRuleOpClassifier implements IAuthRuleBuilderRuleOpClassifier {
                private ClassifierTypeEnum myClassifierType;
                private String myInCompartmentName;
                private Collection<? extends IIdType> myInCompartmentOwners;

                private RuleBuilderRuleOpClassifier() {
                }

                private IAuthRuleBuilderRuleOpClassifierFinished finished() {
                    Rule rule = new Rule(RuleBuilderRule.this.myRuleName);
                    rule.setMode(RuleBuilderRule.this.myRuleMode);
                    rule.setOp(RuleBuilderRule.this.myRuleOp);
                    rule.setAppliesTo(RuleBuilderRuleOp.this.myAppliesTo);
                    rule.setAppliesToTypes(RuleBuilderRuleOp.this.myAppliesToTypes);
                    rule.setClassifierType(this.myClassifierType);
                    rule.setClassifierCompartmentName(this.myInCompartmentName);
                    rule.setClassifierCompartmentOwners(this.myInCompartmentOwners);
                    RuleBuilder.this.myRules.add(rule);
                    return new RuleBuilderFinished();
                }

                @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRuleOpClassifier
                public IAuthRuleBuilderRuleOpClassifierFinished inCompartment(String str, Collection<? extends IIdType> collection) {
                    Validate.notBlank(str, "theCompartmentName must not be null", new Object[0]);
                    Validate.notNull(collection, "theOwners must not be null", new Object[0]);
                    Validate.noNullElements(collection, "theOwners must not contain any null elements", new Object[0]);
                    Iterator<? extends IIdType> it = collection.iterator();
                    while (it.hasNext()) {
                        validateOwner(it.next());
                    }
                    this.myClassifierType = ClassifierTypeEnum.IN_COMPARTMENT;
                    return finished();
                }

                @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRuleOpClassifier
                public IAuthRuleBuilderRuleOpClassifierFinished inCompartment(String str, IIdType iIdType) {
                    Validate.notBlank(str, "theCompartmentName must not be null", new Object[0]);
                    Validate.notNull(iIdType, "theOwner must not be null", new Object[0]);
                    validateOwner(iIdType);
                    this.myInCompartmentName = str;
                    this.myInCompartmentOwners = Collections.singletonList(iIdType);
                    this.myClassifierType = ClassifierTypeEnum.IN_COMPARTMENT;
                    return finished();
                }

                private void validateOwner(IIdType iIdType) {
                    Validate.notBlank(iIdType.getIdPart(), "owner.getIdPart() must not be null or empty", new Object[0]);
                    Validate.notBlank(iIdType.getIdPart(), "owner.getResourceType() must not be null or empty", new Object[0]);
                }

                @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRuleOpClassifier
                public IAuthRuleBuilderRuleOpClassifierFinished withAnyId() {
                    this.myClassifierType = ClassifierTypeEnum.ANY_ID;
                    return finished();
                }
            }

            private RuleBuilderRuleOp() {
            }

            @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRuleOp
            public IAuthRuleBuilderRuleOpClassifier allResources() {
                this.myAppliesTo = AppliesTypeEnum.ALL_RESOURCES;
                return new RuleBuilderRuleOpClassifier();
            }

            @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRuleOp
            public IAuthRuleBuilderRuleOpClassifier resourcesOfType(Class<? extends IBaseResource> cls) {
                Validate.notNull(cls, "theType must not be null", new Object[0]);
                this.myAppliesTo = AppliesTypeEnum.TYPES;
                this.myAppliesToTypes = Collections.singleton(cls);
                return new RuleBuilderRuleOpClassifier();
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:ca/uhn/fhir/rest/server/interceptor/auth/RuleBuilder$RuleBuilderRule$RuleBuilderRuleTransaction.class */
        public class RuleBuilderRuleTransaction implements IAuthRuleBuilderRuleTransaction {

            /* loaded from: input_file:ca/uhn/fhir/rest/server/interceptor/auth/RuleBuilder$RuleBuilderRule$RuleBuilderRuleTransaction$RuleBuilderRuleTransactionOp.class */
            private class RuleBuilderRuleTransactionOp implements IAuthRuleBuilderRuleTransactionOp {
                private RuleBuilderRuleTransactionOp() {
                }

                @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRuleTransactionOp
                public IAuthRuleBuilderRuleOpClassifierFinished andApplyNormalRules() {
                    Rule rule = new Rule(RuleBuilderRule.this.myRuleName);
                    rule.setMode(RuleBuilderRule.this.myRuleMode);
                    rule.setOp(RuleBuilderRule.this.myRuleOp);
                    rule.setTransactionAppliesToOp(TransactionAppliesToEnum.ANY_OPERATION);
                    RuleBuilder.this.myRules.add(rule);
                    return new RuleBuilderFinished();
                }
            }

            private RuleBuilderRuleTransaction() {
            }

            @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRuleTransaction
            public IAuthRuleBuilderRuleTransactionOp withAnyOperation() {
                return new RuleBuilderRuleTransactionOp();
            }
        }

        public RuleBuilderRule(PolicyEnum policyEnum, String str) {
            this.myRuleMode = policyEnum;
            this.myRuleName = str;
        }

        @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRule
        public IAuthRuleBuilderRuleOp delete() {
            this.myRuleOp = RuleOpEnum.DELETE;
            return new RuleBuilderRuleOp();
        }

        @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRule
        public RuleBuilderFinished metadata() {
            Rule rule = new Rule(this.myRuleName);
            rule.setOp(RuleOpEnum.METADATA);
            rule.setMode(this.myRuleMode);
            RuleBuilder.this.myRules.add(rule);
            return new RuleBuilderFinished();
        }

        @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRule
        public IAuthRuleBuilderRuleOp read() {
            this.myRuleOp = RuleOpEnum.READ;
            return new RuleBuilderRuleOp();
        }

        @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRule
        public IAuthRuleBuilderRuleTransaction transaction() {
            this.myRuleOp = RuleOpEnum.TRANSACTION;
            return new RuleBuilderRuleTransaction();
        }

        @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRule
        public IAuthRuleBuilderRuleOp write() {
            this.myRuleOp = RuleOpEnum.WRITE;
            return new RuleBuilderRuleOp();
        }
    }

    @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilder
    public IAuthRuleBuilderRule allow() {
        return allow(null);
    }

    @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilder
    public IAuthRuleBuilderRule allow(String str) {
        return new RuleBuilderRule(PolicyEnum.ALLOW, str);
    }

    @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilder
    public IAuthRuleBuilderRuleOpClassifierFinished allowAll() {
        return allowAll(null);
    }

    @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilder
    public IAuthRuleBuilderRuleOpClassifierFinished allowAll(String str) {
        this.myRules.add(new Rule(str).setOp(RuleOpEnum.ALLOW_ALL));
        return new RuleBuilderFinished();
    }

    @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilder
    public List<IAuthRule> build() {
        return this.myRules;
    }

    @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilder
    public IAuthRuleBuilderRule deny() {
        return deny(null);
    }

    @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilder
    public IAuthRuleBuilderRule deny(String str) {
        return new RuleBuilderRule(PolicyEnum.DENY, str);
    }

    @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilder
    public IAuthRuleBuilderRuleOpClassifierFinished denyAll() {
        return denyAll(null);
    }

    @Override // ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilder
    public IAuthRuleBuilderRuleOpClassifierFinished denyAll(String str) {
        this.myRules.add(new Rule(str).setOp(RuleOpEnum.DENY_ALL));
        return new RuleBuilderFinished();
    }
}
