package org.molgenis.security.acl;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import org.molgenis.data.security.permission.EntityHelper;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
import org.springframework.security.acls.domain.GrantedAuthoritySid;
import org.springframework.security.acls.domain.PrincipalSid;
import org.springframework.security.acls.model.ObjectIdentity;
import org.springframework.security.acls.model.Sid;

/* loaded from: input_file:org/molgenis/security/acl/ObjectIdentityServiceImpl.class */
public class ObjectIdentityServiceImpl implements ObjectIdentityService {
    private static final String SQL_COUNT_OBJECT_IDENTITIES = "SELECT COUNT( DISTINCT acl_object_identity.object_id_identity) FROM acl_object_identity LEFT JOIN acl_class ON acl_object_identity.object_id_class = acl_class.id LEFT JOIN acl_entry ON acl_entry.acl_object_identity = acl_object_identity.id LEFT JOIN acl_sid ON acl_entry.sid = acl_sid.id";
    private static final String SQL_SELECT_OBJECT_IDENTITIES = "SELECT DISTINCT acl_object_identity.object_id_identity, acl_class.class FROM acl_object_identity LEFT JOIN acl_class ON acl_object_identity.object_id_class = acl_class.id LEFT JOIN acl_entry ON acl_entry.acl_object_identity = acl_object_identity.id LEFT JOIN acl_sid ON acl_entry.sid = acl_sid.id";
    private static final String WHERE_CLASS = " WHERE acl_class.class = :classId";
    private static final String AND_SID = " AND acl_sid.sid IN (:sids)";
    private static final String ORDER_BY = " ORDER BY acl_object_identity.object_id_identity ASC";
    private static final String PAGE = " LIMIT :limit OFFSET :offset";
    public static final Integer MAX_RESULTS = 10000;
    public static final String OBJECT_ID_IDENTITY = "object_id_identity";
    public static final String CLASS = "class";
    public static final String CLASS_ID = "classId";
    public static final String LIMIT = "limit";
    public static final String OFFSET = "offset";
    public static final String SIDS = "sids";
    private JdbcTemplate jdbcTemplate;
    private EntityHelper entityHelper;
    private NamedParameterJdbcTemplate namedJdbcTemplate;

    public ObjectIdentityServiceImpl(JdbcTemplate jdbcTemplate, EntityHelper entityHelper) {
        this.jdbcTemplate = (JdbcTemplate) Objects.requireNonNull(jdbcTemplate);
        this.entityHelper = (EntityHelper) Objects.requireNonNull(entityHelper);
    }

    ObjectIdentityServiceImpl(NamedParameterJdbcTemplate namedParameterJdbcTemplate, EntityHelper entityHelper) {
        this.namedJdbcTemplate = (NamedParameterJdbcTemplate) Objects.requireNonNull(namedParameterJdbcTemplate);
        this.entityHelper = (EntityHelper) Objects.requireNonNull(entityHelper);
    }

    private NamedParameterJdbcTemplate getTemplate() {
        if (this.namedJdbcTemplate == null) {
            this.namedJdbcTemplate = new NamedParameterJdbcTemplate(this.jdbcTemplate);
        }
        return this.namedJdbcTemplate;
    }

    public List<ObjectIdentity> getObjectIdentities(String str) {
        if (getNrOfObjectIdentities(str).intValue() > MAX_RESULTS.intValue()) {
            throw new UnsupportedOperationException("Unfiltered select on object identities not supported for classes with more than '" + MAX_RESULTS + "' rows.");
        }
        HashMap hashMap = new HashMap();
        hashMap.put(CLASS_ID, str);
        return parseToStringList(getTemplate().queryForList("SELECT DISTINCT acl_object_identity.object_id_identity, acl_class.class FROM acl_object_identity LEFT JOIN acl_class ON acl_object_identity.object_id_class = acl_class.id LEFT JOIN acl_entry ON acl_entry.acl_object_identity = acl_object_identity.id LEFT JOIN acl_sid ON acl_entry.sid = acl_sid.id WHERE acl_class.class = :classId ORDER BY acl_object_identity.object_id_identity ASC", hashMap));
    }

    public Integer getNrOfObjectIdentities(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(CLASS_ID, str);
        return (Integer) getTemplate().queryForObject("SELECT COUNT( DISTINCT acl_object_identity.object_id_identity) FROM acl_object_identity LEFT JOIN acl_class ON acl_object_identity.object_id_class = acl_class.id LEFT JOIN acl_entry ON acl_entry.acl_object_identity = acl_object_identity.id LEFT JOIN acl_sid ON acl_entry.sid = acl_sid.id WHERE acl_class.class = :classId", hashMap, Integer.class);
    }

    public Integer getNrOfObjectIdentities(String str, Set<Sid> set) {
        List<String> sidIdentifiers = getSidIdentifiers(set);
        HashMap hashMap = new HashMap();
        hashMap.put(SIDS, sidIdentifiers);
        hashMap.put(CLASS_ID, str);
        return (Integer) getTemplate().queryForObject("SELECT COUNT( DISTINCT acl_object_identity.object_id_identity) FROM acl_object_identity LEFT JOIN acl_class ON acl_object_identity.object_id_class = acl_class.id LEFT JOIN acl_entry ON acl_entry.acl_object_identity = acl_object_identity.id LEFT JOIN acl_sid ON acl_entry.sid = acl_sid.id WHERE acl_class.class = :classId AND acl_sid.sid IN (:sids)", hashMap, Integer.class);
    }

    public List<ObjectIdentity> getObjectIdentities(String str, int i, int i2) {
        HashMap hashMap = new HashMap();
        hashMap.put(CLASS_ID, str);
        hashMap.put(LIMIT, Integer.valueOf(i));
        hashMap.put(OFFSET, Integer.valueOf(i2));
        return parseToStringList(getTemplate().queryForList("SELECT DISTINCT acl_object_identity.object_id_identity, acl_class.class FROM acl_object_identity LEFT JOIN acl_class ON acl_object_identity.object_id_class = acl_class.id LEFT JOIN acl_entry ON acl_entry.acl_object_identity = acl_object_identity.id LEFT JOIN acl_sid ON acl_entry.sid = acl_sid.id WHERE acl_class.class = :classId ORDER BY acl_object_identity.object_id_identity ASC LIMIT :limit OFFSET :offset", hashMap));
    }

    public List<ObjectIdentity> getObjectIdentities(String str, Set<Sid> set, int i, int i2) {
        HashMap hashMap = new HashMap();
        hashMap.put(SIDS, getSidIdentifiers(set));
        hashMap.put(CLASS_ID, str);
        hashMap.put(LIMIT, Integer.valueOf(i));
        hashMap.put(OFFSET, Integer.valueOf(i2));
        return parseToStringList(getTemplate().queryForList("SELECT DISTINCT acl_object_identity.object_id_identity, acl_class.class FROM acl_object_identity LEFT JOIN acl_class ON acl_object_identity.object_id_class = acl_class.id LEFT JOIN acl_entry ON acl_entry.acl_object_identity = acl_object_identity.id LEFT JOIN acl_sid ON acl_entry.sid = acl_sid.id WHERE acl_class.class = :classId AND acl_sid.sid IN (:sids) ORDER BY acl_object_identity.object_id_identity ASC LIMIT :limit OFFSET :offset", hashMap));
    }

    public List<ObjectIdentity> getObjectIdentities(String str, Set<Sid> set) {
        List<Map<String, Object>> queryForList;
        if (getNrOfObjectIdentities(str, set).intValue() > MAX_RESULTS.intValue()) {
            throw new UnsupportedOperationException("Unfiltered select on object identities not supported for classes with more than '" + MAX_RESULTS + "' rows.");
        }
        if (set.isEmpty()) {
            HashMap hashMap = new HashMap();
            hashMap.put(CLASS_ID, str);
            queryForList = getTemplate().queryForList("SELECT DISTINCT acl_object_identity.object_id_identity, acl_class.class FROM acl_object_identity LEFT JOIN acl_class ON acl_object_identity.object_id_class = acl_class.id LEFT JOIN acl_entry ON acl_entry.acl_object_identity = acl_object_identity.id LEFT JOIN acl_sid ON acl_entry.sid = acl_sid.id WHERE acl_class.class = :classId ORDER BY acl_object_identity.object_id_identity ASC", hashMap);
        } else {
            HashMap hashMap2 = new HashMap();
            hashMap2.put(SIDS, getSidIdentifiers(set));
            hashMap2.put(CLASS_ID, str);
            queryForList = getTemplate().queryForList("SELECT DISTINCT acl_object_identity.object_id_identity, acl_class.class FROM acl_object_identity LEFT JOIN acl_class ON acl_object_identity.object_id_class = acl_class.id LEFT JOIN acl_entry ON acl_entry.acl_object_identity = acl_object_identity.id LEFT JOIN acl_sid ON acl_entry.sid = acl_sid.id WHERE acl_class.class = :classId AND acl_sid.sid IN (:sids) ORDER BY acl_object_identity.object_id_identity ASC", hashMap2);
        }
        return parseToStringList(queryForList);
    }

    private List<String> getSidIdentifiers(Set<Sid> set) {
        ArrayList arrayList = new ArrayList();
        Iterator<Sid> it = set.iterator();
        while (it.hasNext()) {
            arrayList.add(getSidString(it.next()));
        }
        return arrayList;
    }

    private List<ObjectIdentity> parseToStringList(List<Map<String, Object>> list) {
        return (List) list.stream().map(this::parseRow).collect(Collectors.toList());
    }

    private ObjectIdentity parseRow(Map<String, Object> map) {
        return this.entityHelper.getObjectIdentity(map.get(CLASS).toString(), map.get(OBJECT_ID_IDENTITY).toString());
    }

    private String getSidString(Sid sid) {
        if (sid instanceof PrincipalSid) {
            return ((PrincipalSid) sid).getPrincipal();
        }
        if (sid instanceof GrantedAuthoritySid) {
            return ((GrantedAuthoritySid) sid).getGrantedAuthority();
        }
        throw new IllegalArgumentException("Sid type should always be either PrincipalSid or GrantedAuthoritySid");
    }
}
