package org.eclipse.digitaltwin.basyx.authorization.rbac;

import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.eclipse.digitaltwin.basyx.authorization.rbac.TargetInformation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/basyx.authorization-2.0.0-milestone-03.jar:org/eclipse/digitaltwin/basyx/authorization/rbac/SimpleRbacPermissionResolver.class */
public class SimpleRbacPermissionResolver<T extends TargetInformation> implements RbacPermissionResolver<T> {
    private Logger logger = LoggerFactory.getLogger((Class<?>) SimpleRbacPermissionResolver.class);
    private RbacStorage rbacStorage;
    private RoleProvider roleAuthenticator;
    private TargetPermissionVerifier<T> targetPermissionVerifier;

    public SimpleRbacPermissionResolver(RbacStorage rbacStorage, RoleProvider roleProvider, TargetPermissionVerifier<T> targetPermissionVerifier) {
        this.rbacStorage = rbacStorage;
        this.roleAuthenticator = roleProvider;
        this.targetPermissionVerifier = targetPermissionVerifier;
    }

    public RbacStorage getRbacStorage() {
        return this.rbacStorage;
    }

    public RoleProvider getRoleProvider() {
        return this.roleAuthenticator;
    }

    @Override // org.eclipse.digitaltwin.basyx.authorization.rbac.RbacPermissionResolver
    public boolean hasPermission(Action action, T t) {
        Optional<RbacRule> findAny = getMatchingRules(this.roleAuthenticator.getRoles(), action, t).findAny();
        this.logger.info("roles: {}, action: {}, targetInfo: {} - matching-rule?: {}", this.roleAuthenticator.getRoles(), action, t, findAny);
        return findAny.isPresent();
    }

    private Stream<RbacRule> getMatchingRules(List<String> list, Action action, T t) {
        Stream<R> map = list.stream().map(str -> {
            return RbacRuleKeyGenerator.generateKey(str, action.toString(), t.getClass().getName());
        });
        RbacStorage rbacStorage = this.rbacStorage;
        Objects.requireNonNull(rbacStorage);
        Stream filter = map.filter(rbacStorage::exist);
        RbacStorage rbacStorage2 = this.rbacStorage;
        Objects.requireNonNull(rbacStorage2);
        return ((List) filter.map(rbacStorage2::getRbacRule).collect(Collectors.toList())).stream().filter(rbacRule -> {
            return checkRbacRuleMatchesTargetInfo(rbacRule, t);
        });
    }

    private boolean checkRbacRuleMatchesTargetInfo(RbacRule rbacRule, T t) {
        return this.targetPermissionVerifier.isVerified(rbacRule, t);
    }
}
