package org.openmetadata.service.security.policyevaluator;

import java.util.ArrayDeque;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.NoSuchElementException;
import java.util.Objects;
import java.util.UUID;
import java.util.stream.Collectors;
import org.openmetadata.common.utils.CommonUtil;
import org.openmetadata.schema.entity.policies.Policy;
import org.openmetadata.schema.entity.policies.accessControl.Rule;
import org.openmetadata.schema.entity.teams.Role;
import org.openmetadata.schema.entity.teams.Team;
import org.openmetadata.schema.entity.teams.User;
import org.openmetadata.schema.type.EntityReference;
import org.openmetadata.schema.type.Include;
import org.openmetadata.service.Entity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/openmetadata/service/security/policyevaluator/SubjectContext.class */
public class SubjectContext {
    private static final Logger LOG = LoggerFactory.getLogger(SubjectContext.class);
    private static final String USER_FIELDS = "roles,teams,isAdmin,profile";
    public static final String TEAM_FIELDS = "defaultRoles, policies, parents, profile";
    protected final User user;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/openmetadata/service/security/policyevaluator/SubjectContext$PolicyContext.class */
    public static class PolicyContext {
        private final String entityType;
        private final String entityName;
        private final String roleName;
        private final String policyName;
        private final List<CompiledRule> rules;

        PolicyContext(String str, String str2, String str3, String str4, List<CompiledRule> list) {
            this.entityType = str;
            this.entityName = str2;
            this.roleName = str3;
            this.policyName = str4;
            this.rules = list;
        }

        public String getEntityType() {
            return this.entityType;
        }

        public String getEntityName() {
            return this.entityName;
        }

        public String getRoleName() {
            return this.roleName;
        }

        public String getPolicyName() {
            return this.policyName;
        }

        public List<CompiledRule> getRules() {
            return this.rules;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/openmetadata/service/security/policyevaluator/SubjectContext$PolicyIterator.class */
    public static class PolicyIterator implements Iterator<PolicyContext> {
        private final String entityType;
        private final String entityName;
        private final String roleName;
        private int policyIndex = 0;
        private final List<EntityReference> policies;

        /* JADX INFO: Access modifiers changed from: package-private */
        public PolicyIterator(String str, String str2, String str3, List<EntityReference> list) {
            this.entityType = str;
            this.entityName = str2;
            this.roleName = str3;
            this.policies = CommonUtil.listOrEmpty(list);
        }

        @Override // java.util.Iterator
        public boolean hasNext() {
            if (this.policyIndex >= this.policies.size()) {
                SubjectContext.LOG.debug("iteration over policy attached to entity {}:{} role {} is completed", new Object[]{this.entityType, this.entityName, this.roleName});
            }
            return this.policyIndex < this.policies.size();
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.Iterator
        public PolicyContext next() {
            if (!hasNext()) {
                throw new NoSuchElementException();
            }
            List<EntityReference> list = this.policies;
            int i = this.policyIndex;
            this.policyIndex = i + 1;
            EntityReference entityReference = list.get(i);
            return new PolicyContext(this.entityType, this.entityName, this.roleName, entityReference.getName(), getPolicyRules(entityReference.getId()));
        }

        private static List<CompiledRule> getPolicyRules(UUID uuid) {
            Policy policy = (Policy) Entity.getEntity(Entity.POLICY, uuid, "rules", Include.NON_DELETED);
            ArrayList arrayList = new ArrayList();
            Iterator it = policy.getRules().iterator();
            while (it.hasNext()) {
                arrayList.add(new CompiledRule((Rule) it.next()));
            }
            return arrayList;
        }
    }

    /* loaded from: input_file:org/openmetadata/service/security/policyevaluator/SubjectContext$RolePolicyIterator.class */
    static class RolePolicyIterator implements Iterator<PolicyContext> {
        private final String entityType;
        private final String entityName;
        private int iteratorIndex = 0;
        private final List<PolicyIterator> policyIterators = new ArrayList();

        RolePolicyIterator(String str, String str2, List<EntityReference> list) {
            this.entityType = str;
            this.entityName = str2;
            for (EntityReference entityReference : CommonUtil.listOrEmpty(list)) {
                this.policyIterators.add(new PolicyIterator(str, str2, entityReference.getName(), ((Role) Entity.getEntity(Entity.ROLE, entityReference.getId(), Entity.POLICIES, Include.NON_DELETED)).getPolicies()));
            }
        }

        @Override // java.util.Iterator
        public boolean hasNext() {
            while (this.iteratorIndex < this.policyIterators.size()) {
                if (this.policyIterators.get(this.iteratorIndex).hasNext()) {
                    return true;
                }
                this.iteratorIndex++;
            }
            SubjectContext.LOG.debug("iteration over roles attached to entity {}:{} is completed", this.entityType, this.entityName);
            return false;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.Iterator
        public PolicyContext next() {
            if (hasNext()) {
                return this.policyIterators.get(this.iteratorIndex).next();
            }
            throw new NoSuchElementException();
        }
    }

    /* loaded from: input_file:org/openmetadata/service/security/policyevaluator/SubjectContext$TeamPolicyIterator.class */
    static class TeamPolicyIterator implements Iterator<PolicyContext> {
        private int iteratorIndex = 0;
        private final List<Iterator<PolicyContext>> iterators = new ArrayList();

        TeamPolicyIterator(UUID uuid, List<UUID> list, boolean z) {
            Team team = (Team) Entity.getEntity("team", uuid, SubjectContext.TEAM_FIELDS, Include.NON_DELETED);
            if (list.contains(uuid)) {
                return;
            }
            list.add(uuid);
            if (!z && team.getDefaultRoles() != null) {
                this.iterators.add(new RolePolicyIterator("team", team.getName(), team.getDefaultRoles()));
            }
            if (team.getPolicies() != null) {
                this.iterators.add(new PolicyIterator("team", team.getName(), null, team.getPolicies()));
            }
            Iterator it = CommonUtil.listOrEmpty(team.getParents()).iterator();
            while (it.hasNext()) {
                this.iterators.add(new TeamPolicyIterator(((EntityReference) it.next()).getId(), list, z));
            }
        }

        @Override // java.util.Iterator
        public boolean hasNext() {
            while (this.iteratorIndex < this.iterators.size()) {
                if (this.iterators.get(this.iteratorIndex).hasNext()) {
                    return true;
                }
                this.iteratorIndex++;
            }
            return false;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.Iterator
        public PolicyContext next() {
            if (hasNext()) {
                return this.iterators.get(this.iteratorIndex).next();
            }
            throw new NoSuchElementException();
        }
    }

    /* loaded from: input_file:org/openmetadata/service/security/policyevaluator/SubjectContext$UserPolicyIterator.class */
    static class UserPolicyIterator implements Iterator<PolicyContext> {
        private final User user;
        private int iteratorIndex = 0;
        private final List<Iterator<PolicyContext>> iterators = new ArrayList();

        UserPolicyIterator(User user, EntityReference entityReference, List<UUID> list) {
            this.user = user;
            if (!CommonUtil.listOrEmpty(user.getRoles()).isEmpty()) {
                this.iterators.add(new RolePolicyIterator(Entity.USER, user.getName(), user.getRoles()));
            }
            if (!Boolean.TRUE.equals(user.getIsBot())) {
                Iterator it = user.getTeams().iterator();
                while (it.hasNext()) {
                    this.iterators.add(new TeamPolicyIterator(((EntityReference) it.next()).getId(), list, false));
                }
            }
            if (entityReference == null || !entityReference.getType().equals("team")) {
                return;
            }
            try {
                this.iterators.add(new TeamPolicyIterator(((Team) Entity.getEntity("team", entityReference.getId(), SubjectContext.TEAM_FIELDS, Include.NON_DELETED)).getId(), list, true));
            } catch (Exception e) {
            }
        }

        @Override // java.util.Iterator
        public boolean hasNext() {
            while (this.iteratorIndex < this.iterators.size()) {
                if (this.iterators.get(this.iteratorIndex).hasNext()) {
                    return true;
                }
                this.iteratorIndex++;
            }
            SubjectContext.LOG.debug("Subject {} policy iteration done", this.user.getName());
            return false;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.Iterator
        public PolicyContext next() {
            if (hasNext()) {
                return this.iterators.get(this.iteratorIndex).next();
            }
            throw new NoSuchElementException();
        }
    }

    protected SubjectContext(User user) {
        this.user = user;
    }

    public static SubjectContext getSubjectContext(String str) {
        return new SubjectContext((User) Entity.getEntityByName(Entity.USER, str, USER_FIELDS, Include.NON_DELETED));
    }

    public boolean isAdmin() {
        return Boolean.TRUE.equals(this.user.getIsAdmin());
    }

    public boolean isBot() {
        return Boolean.TRUE.equals(this.user.getIsBot());
    }

    public boolean isOwner(EntityReference entityReference) {
        if (entityReference == null) {
            return false;
        }
        if (entityReference.getType().equals(Entity.USER) && entityReference.getName().equals(this.user.getName())) {
            return true;
        }
        if (!entityReference.getType().equals("team")) {
            return false;
        }
        Iterator it = CommonUtil.listOrEmpty(this.user.getTeams()).iterator();
        while (it.hasNext()) {
            if (((EntityReference) it.next()).getName().equals(entityReference.getName())) {
                return true;
            }
        }
        return false;
    }

    public boolean isUserUnderTeam(String str) {
        Iterator it = CommonUtil.listOrEmpty(this.user.getTeams()).iterator();
        while (it.hasNext()) {
            if (isInTeam(str, (EntityReference) it.next())) {
                return true;
            }
        }
        return false;
    }

    public boolean isTeamAsset(String str, EntityReference entityReference) {
        if (entityReference.getType().equals(Entity.USER)) {
            return getSubjectContext(entityReference.getName()).isUserUnderTeam(str);
        }
        if (!entityReference.getType().equals("team")) {
            return false;
        }
        try {
            return isInTeam(str, ((Team) Entity.getEntity("team", entityReference.getId(), TEAM_FIELDS, Include.NON_DELETED)).getEntityReference());
        } catch (Exception e) {
            return false;
        }
    }

    public static boolean isInTeam(String str, EntityReference entityReference) {
        Team team;
        ArrayDeque arrayDeque = new ArrayDeque();
        arrayDeque.push(entityReference);
        while (!arrayDeque.isEmpty()) {
            try {
                team = (Team) Entity.getEntity("team", ((EntityReference) arrayDeque.pop()).getId(), "parents", Include.NON_DELETED);
            } catch (Exception e) {
            }
            if (team.getName().equals(str)) {
                return true;
            }
            List listOrEmpty = CommonUtil.listOrEmpty(team.getParents());
            Objects.requireNonNull(arrayDeque);
            listOrEmpty.forEach((v1) -> {
                r1.push(v1);
            });
        }
        return false;
    }

    public static List<EntityReference> getRolesForTeams(List<EntityReference> list) {
        ArrayList arrayList = new ArrayList();
        Iterator it = CommonUtil.listOrEmpty(list).iterator();
        while (it.hasNext()) {
            try {
                Team team = (Team) Entity.getEntity("team", ((EntityReference) it.next()).getId(), TEAM_FIELDS, Include.NON_DELETED);
                arrayList.addAll(team.getDefaultRoles());
                arrayList.addAll(getRolesForTeams(team.getParents()));
            } catch (Exception e) {
            }
        }
        return (List) arrayList.stream().distinct().collect(Collectors.toList());
    }

    public Iterator<PolicyContext> getPolicies(EntityReference entityReference) {
        return new UserPolicyIterator(this.user, entityReference, new ArrayList());
    }

    public List<EntityReference> getTeams() {
        return this.user.getTeams();
    }

    public boolean hasAnyRole(String str) {
        return hasRole(getUser(), str);
    }

    public static boolean hasRole(User user, String str) {
        Team team;
        ArrayDeque arrayDeque = new ArrayDeque();
        if (hasRole((List<EntityReference>) user.getRoles(), str)) {
            return true;
        }
        List listOrEmpty = CommonUtil.listOrEmpty(user.getTeams());
        Objects.requireNonNull(arrayDeque);
        listOrEmpty.forEach((v1) -> {
            r1.push(v1);
        });
        while (!arrayDeque.isEmpty()) {
            try {
                team = (Team) Entity.getEntity("team", ((EntityReference) arrayDeque.pop()).getId(), TEAM_FIELDS, Include.NON_DELETED);
            } catch (Exception e) {
            }
            if (hasRole((List<EntityReference>) team.getDefaultRoles(), str)) {
                return true;
            }
            List listOrEmpty2 = CommonUtil.listOrEmpty(team.getParents());
            Objects.requireNonNull(arrayDeque);
            listOrEmpty2.forEach((v1) -> {
                r1.push(v1);
            });
        }
        return false;
    }

    private static boolean hasRole(List<EntityReference> list, String str) {
        return CommonUtil.listOrEmpty(list).stream().anyMatch(entityReference -> {
            return entityReference.getName().equals(str);
        });
    }

    public User getUser() {
        return this.user;
    }
}
