package org.wso2.carbon.security.caas.user.core.store;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.security.caas.internal.CarbonSecurityDataHolder;
import org.wso2.carbon.security.caas.user.core.bean.Group;
import org.wso2.carbon.security.caas.user.core.bean.Permission;
import org.wso2.carbon.security.caas.user.core.bean.Role;
import org.wso2.carbon.security.caas.user.core.bean.User;
import org.wso2.carbon.security.caas.user.core.config.AuthorizationStoreConfig;
import org.wso2.carbon.security.caas.user.core.exception.AuthorizationStoreException;
import org.wso2.carbon.security.caas.user.core.exception.IdentityStoreException;
import org.wso2.carbon.security.caas.user.core.exception.StoreException;
import org.wso2.carbon.security.caas.user.core.service.RealmService;
import org.wso2.carbon.security.caas.user.core.store.connector.AuthorizationStoreConnector;
import org.wso2.carbon.security.caas.user.core.store.connector.AuthorizationStoreConnectorFactory;
import sun.reflect.generics.reflectiveObjects.NotImplementedException;

/* loaded from: input_file:org/wso2/carbon/security/caas/user/core/store/AuthorizationStore.class */
public class AuthorizationStore {
    private static final Logger log = LoggerFactory.getLogger(AuthorizationStore.class);
    private RealmService realmService;
    private Map<String, AuthorizationStoreConnector> authorizationStoreConnectors = new HashMap();

    public void init(RealmService realmService, Map<String, AuthorizationStoreConfig> map) throws AuthorizationStoreException {
        this.realmService = realmService;
        if (map.isEmpty()) {
            throw new StoreException("At least one authorization store configuration must present.");
        }
        for (Map.Entry<String, AuthorizationStoreConfig> entry : map.entrySet()) {
            AuthorizationStoreConnectorFactory authorizationStoreConnectorFactory = CarbonSecurityDataHolder.getInstance().getAuthorizationStoreConnectorFactoryMap().get(entry.getValue().getConnectorType());
            if (authorizationStoreConnectorFactory == null) {
                throw new StoreException("No credential store connector factory found for given type.");
            }
            AuthorizationStoreConnector authorizationStoreConnectorFactory2 = authorizationStoreConnectorFactory.getInstance();
            authorizationStoreConnectorFactory2.init(entry.getKey(), entry.getValue());
            this.authorizationStoreConnectors.put(entry.getKey(), authorizationStoreConnectorFactory2);
        }
        if (log.isDebugEnabled()) {
            log.debug("Authorization store successfully initialized.");
        }
    }

    public boolean isUserAuthorized(String str, Permission permission, String str2) throws AuthorizationStoreException, IdentityStoreException {
        ArrayList<Role> arrayList = new ArrayList();
        Iterator<AuthorizationStoreConnector> it = this.authorizationStoreConnectors.values().iterator();
        while (it.hasNext()) {
            arrayList.addAll((Collection) it.next().getRolesForUser(str, str2).stream().map(roleBuilder -> {
                return roleBuilder.setAuthorizationStore(this.realmService.getAuthorizationStore()).build();
            }).collect(Collectors.toList()));
        }
        Iterator<Group> it2 = this.realmService.getIdentityStore().getGroupsOfUser(str, str2).iterator();
        while (it2.hasNext()) {
            arrayList.addAll(getRolesOfGroup(it2.next().getGroupId(), str2));
        }
        if (arrayList.isEmpty()) {
            throw new StoreException("No roles assigned for this user");
        }
        for (Role role : arrayList) {
            if (isRoleAuthorized(role.getRoleId(), role.getAuthorizationStoreId(), permission)) {
                return true;
            }
        }
        return false;
    }

    public boolean isGroupAuthorized(String str, String str2, Permission permission) throws AuthorizationStoreException {
        for (Role role : getRolesOfGroup(str, str2)) {
            if (isRoleAuthorized(role.getRoleId(), role.getAuthorizationStoreId(), permission)) {
                return true;
            }
        }
        return false;
    }

    public boolean isRoleAuthorized(String str, String str2, Permission permission) throws AuthorizationStoreException {
        List<Permission.PermissionBuilder> permissionsForRole = this.authorizationStoreConnectors.get(str2).getPermissionsForRole(str);
        if (permissionsForRole.isEmpty()) {
            throw new StoreException("No permissions assigned for this role");
        }
        Iterator<Permission.PermissionBuilder> it = permissionsForRole.iterator();
        while (it.hasNext()) {
            if (it.next().build().getPermissionString().equals(permission.getPermissionString())) {
                return true;
            }
        }
        return false;
    }

    public boolean isUserInRole(String str, String str2, String str3) throws AuthorizationStoreException {
        Iterator<AuthorizationStoreConnector> it = this.authorizationStoreConnectors.values().iterator();
        while (it.hasNext()) {
            if (it.next().isUserInRole(str, str2, str3)) {
                return true;
            }
        }
        return false;
    }

    public boolean isGroupInRole(String str, String str2, String str3) throws AuthorizationStoreException {
        Iterator<AuthorizationStoreConnector> it = this.authorizationStoreConnectors.values().iterator();
        while (it.hasNext()) {
            if (it.next().isGroupInRole(str, str2, str3)) {
                return true;
            }
        }
        return false;
    }

    public List<Role> getRolesOfUser(String str, String str2) throws AuthorizationStoreException {
        ArrayList arrayList = new ArrayList();
        Iterator<AuthorizationStoreConnector> it = this.authorizationStoreConnectors.values().iterator();
        while (it.hasNext()) {
            arrayList.addAll((Collection) it.next().getRolesForUser(str, str2).stream().map(roleBuilder -> {
                return roleBuilder.setAuthorizationStore(this.realmService.getAuthorizationStore()).build();
            }).collect(Collectors.toList()));
        }
        return arrayList;
    }

    public List<User> getUsersOfRole(String str, String str2) throws AuthorizationStoreException, IdentityStoreException {
        AuthorizationStoreConnector authorizationStoreConnector = this.authorizationStoreConnectors.get(str2);
        if (authorizationStoreConnector == null) {
            throw new StoreException("No authorization store connector found for the given name.");
        }
        ArrayList arrayList = new ArrayList();
        for (User.UserBuilder userBuilder : authorizationStoreConnector.getUsersOfRole(str)) {
            arrayList.add(this.realmService.getIdentityStore().getUserFromId(userBuilder.getUserId(), userBuilder.getIdentityStoreId()));
        }
        return arrayList;
    }

    public List<Group> getGroupsOfRole(String str, String str2) throws AuthorizationStoreException, IdentityStoreException {
        AuthorizationStoreConnector authorizationStoreConnector = this.authorizationStoreConnectors.get(str2);
        if (authorizationStoreConnector == null) {
            throw new StoreException("No authorization store connector found for the given name.");
        }
        ArrayList arrayList = new ArrayList();
        for (Group.GroupBuilder groupBuilder : authorizationStoreConnector.getGroupsOfRole(str)) {
            arrayList.add(this.realmService.getIdentityStore().getGroupFromId(groupBuilder.getGroupId(), groupBuilder.getIdentityStoreId()));
        }
        return arrayList;
    }

    public List<Role> getRolesOfGroup(String str, String str2) throws AuthorizationStoreException {
        ArrayList arrayList = new ArrayList();
        Iterator<AuthorizationStoreConnector> it = this.authorizationStoreConnectors.values().iterator();
        while (it.hasNext()) {
            arrayList.addAll((Collection) it.next().getRolesForGroup(str, str2).stream().map(roleBuilder -> {
                return roleBuilder.setAuthorizationStore(this.realmService.getAuthorizationStore()).build();
            }).collect(Collectors.toList()));
        }
        return arrayList;
    }

    public List<Permission> getPermissionsOfRole(String str, String str2) throws AuthorizationStoreException {
        return (List) this.authorizationStoreConnectors.get(str2).getPermissionsForRole(str).stream().map((v0) -> {
            return v0.build();
        }).collect(Collectors.toList());
    }

    public Role addRole(String str, List<Permission> list, String str2) throws AuthorizationStoreException {
        AuthorizationStoreConnector authorizationStoreConnector = this.authorizationStoreConnectors.get(str2);
        if (authorizationStoreConnector == null) {
            throw new StoreException("No authorization store found for given id.");
        }
        Role.RoleBuilder addRole = authorizationStoreConnector.addRole(str, list);
        if (addRole == null) {
            throw new AuthorizationStoreException("Role builder is null.");
        }
        return addRole.setAuthorizationStore(this.realmService.getAuthorizationStore()).build();
    }

    public void deleteRole(Role role) throws AuthorizationStoreException {
        this.authorizationStoreConnectors.get(role.getRoleId()).deleteRole(role.getRoleId());
    }

    public Permission addPermission(String str, String str2, String str3) throws AuthorizationStoreException {
        AuthorizationStoreConnector authorizationStoreConnector = this.authorizationStoreConnectors.get(str3);
        if (authorizationStoreConnector == null) {
            throw new StoreException("Invalid authorization store id.");
        }
        return authorizationStoreConnector.addPermission(str, str2).build();
    }

    public void deletePermission(Permission permission) throws AuthorizationStoreException {
        AuthorizationStoreConnector authorizationStoreConnector = this.authorizationStoreConnectors.get(permission.getAuthorizationStoreId());
        if (authorizationStoreConnector == null) {
            throw new StoreException("Invalid authorization store id.");
        }
        authorizationStoreConnector.deletePermission(permission.getPermissionId());
    }

    public void updateRolesInUser(String str, String str2, List<Role> list) throws AuthorizationStoreException, IdentityStoreException {
        for (Role role : list) {
            AuthorizationStoreConnector authorizationStoreConnector = this.authorizationStoreConnectors.get(role.getAuthorizationStoreId());
            if (authorizationStoreConnector == null) {
                throw new StoreException(String.format("No authorization store found for the given id %s.", role.getAuthorizationStoreId()));
            }
            authorizationStoreConnector.updateRolesInUser(str, str2, list);
        }
    }

    public void updateRolesInUser(String str, String str2, List<Role> list, List<Role> list2) throws AuthorizationStoreException {
        throw new NotImplementedException();
    }

    public void updateUsersInRole(String str, String str2, List<User> list) throws AuthorizationStoreException {
        throw new NotImplementedException();
    }

    public void updateUsersInRole(String str, String str2, List<User> list, List<User> list2) throws AuthorizationStoreException {
        throw new NotImplementedException();
    }

    public void updateRolesInGroup(String str, String str2, List<Role> list) throws AuthorizationStoreException {
        throw new NotImplementedException();
    }

    public void updateRolesInGroup(String str, String str2, List<Role> list, List<Role> list2) throws AuthorizationStoreException {
        throw new NotImplementedException();
    }

    public void updateGroupsInRole(String str, String str2, List<Group> list) throws AuthorizationStoreException {
        throw new NotImplementedException();
    }

    public void updateGroupsInRole(String str, String str2, List<Group> list, List<Group> list2) throws AuthorizationStoreException {
        throw new NotImplementedException();
    }

    public void updatePermissionsInRole(String str, String str2, List<Permission> list) throws AuthorizationStoreException {
        throw new NotImplementedException();
    }

    public void updatePermissionsInRole(String str, String str2, List<Permission> list, List<Permission> list2) throws AuthorizationStoreException {
        throw new NotImplementedException();
    }
}
