package com.tencent.supersonic.auth.authorization.service;

import com.google.common.collect.Lists;
import com.google.gson.Gson;
import com.tencent.supersonic.auth.api.authentication.pojo.User;
import com.tencent.supersonic.auth.api.authentication.service.UserService;
import com.tencent.supersonic.auth.api.authorization.pojo.AuthGroup;
import com.tencent.supersonic.auth.api.authorization.pojo.AuthRes;
import com.tencent.supersonic.auth.api.authorization.pojo.AuthResGrp;
import com.tencent.supersonic.auth.api.authorization.pojo.DimensionFilter;
import com.tencent.supersonic.auth.api.authorization.request.QueryAuthResReq;
import com.tencent.supersonic.auth.api.authorization.response.AuthorizedResourceResp;
import com.tencent.supersonic.auth.api.authorization.service.AuthService;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;

@Service
/* loaded from: input_file:com/tencent/supersonic/auth/authorization/service/AuthServiceImpl.class */
public class AuthServiceImpl implements AuthService {
    private static final Logger log = LoggerFactory.getLogger(AuthServiceImpl.class);
    private JdbcTemplate jdbcTemplate;
    private UserService userService;

    public AuthServiceImpl(JdbcTemplate jdbcTemplate, UserService userService) {
        this.jdbcTemplate = jdbcTemplate;
        this.userService = userService;
    }

    private List<AuthGroup> load() {
        List queryForList = this.jdbcTemplate.queryForList("select config from s2_auth_groups", String.class);
        Gson gson = new Gson();
        return (List) queryForList.stream().map(str -> {
            return (AuthGroup) gson.fromJson(str, AuthGroup.class);
        }).collect(Collectors.toList());
    }

    public List<AuthGroup> queryAuthGroups(String str, Integer num) {
        return (List) load().stream().filter(authGroup -> {
            return (Objects.isNull(num) || num.equals(authGroup.getGroupId())) && str.equals(authGroup.getModelId().toString());
        }).collect(Collectors.toList());
    }

    public void addOrUpdateAuthGroup(AuthGroup authGroup) {
        Gson gson = new Gson();
        if (authGroup.getGroupId() != null) {
            this.jdbcTemplate.update("update s2_auth_groups set config = ? where group_id = ?;", new Object[]{gson.toJson(authGroup), authGroup.getGroupId()});
            return;
        }
        int i = 1;
        Integer num = (Integer) this.jdbcTemplate.queryForObject("select max(group_id) as group_id from s2_auth_groups", Integer.class);
        if (num != null) {
            i = num.intValue() + 1;
        }
        authGroup.setGroupId(Integer.valueOf(i));
        this.jdbcTemplate.update("insert into s2_auth_groups (group_id, config) values (?, ?);", new Object[]{Integer.valueOf(i), gson.toJson(authGroup)});
    }

    public void removeAuthGroup(AuthGroup authGroup) {
        this.jdbcTemplate.update("delete from s2_auth_groups where group_id = ?", new Object[]{authGroup.getGroupId()});
    }

    public AuthorizedResourceResp queryAuthorizedResources(QueryAuthResReq queryAuthResReq, User user) {
        List<AuthGroup> authGroups = getAuthGroups(queryAuthResReq.getModelIds(), user.getName(), new ArrayList(this.userService.getUserAllOrgId(user.getName())));
        AuthorizedResourceResp authorizedResourceResp = new AuthorizedResourceResp();
        Map map = (Map) authGroups.stream().collect(Collectors.groupingBy((v0) -> {
            return v0.getModelId();
        }));
        Map map2 = (Map) queryAuthResReq.getResources().stream().collect(Collectors.groupingBy((v0) -> {
            return v0.getModelId();
        }));
        for (Long l : map2.keySet()) {
            List<AuthRes> list = (List) map2.get(l);
            AuthResGrp authResGrp = new AuthResGrp();
            if (map.containsKey(l)) {
                List list2 = (List) map.get(l);
                for (AuthRes authRes : list) {
                    Iterator it = list2.iterator();
                    while (it.hasNext()) {
                        List authRules = ((AuthGroup) it.next()).getAuthRules();
                        ArrayList arrayList = new ArrayList();
                        authRules.forEach(authRule -> {
                            arrayList.addAll(authRule.resourceNames());
                        });
                        if (arrayList.contains(authRes.getName())) {
                            authResGrp.getGroup().add(authRes);
                        }
                    }
                }
            }
            if (!CollectionUtils.isEmpty(authResGrp.getGroup())) {
                authorizedResourceResp.getResources().add(authResGrp);
            }
        }
        if (!CollectionUtils.isEmpty(queryAuthResReq.getModelIds())) {
            ArrayList<AuthGroup> newArrayList = Lists.newArrayList();
            Iterator it2 = map.keySet().iterator();
            while (it2.hasNext()) {
                newArrayList.addAll((Collection) map.getOrDefault((Long) it2.next(), Lists.newArrayList()));
            }
            if (!CollectionUtils.isEmpty(newArrayList)) {
                for (AuthGroup authGroup : newArrayList) {
                    if (authGroup.getDimensionFilters() != null && authGroup.getDimensionFilters().stream().anyMatch(str -> {
                        return !StringUtils.isEmpty(str);
                    })) {
                        DimensionFilter dimensionFilter = new DimensionFilter();
                        dimensionFilter.setDescription(authGroup.getDimensionFilterDescription());
                        dimensionFilter.setExpressions(authGroup.getDimensionFilters());
                        authorizedResourceResp.getFilters().add(dimensionFilter);
                    }
                }
            }
        }
        return authorizedResourceResp;
    }

    private List<AuthGroup> getAuthGroups(List<Long> list, String str, List<String> list2) {
        List<AuthGroup> list3 = (List) load().stream().filter(authGroup -> {
            if (CollectionUtils.isEmpty(list) || !list.contains(authGroup.getModelId())) {
                return false;
            }
            if (!CollectionUtils.isEmpty(authGroup.getAuthorizedUsers()) && authGroup.getAuthorizedUsers().contains(str)) {
                return true;
            }
            Iterator it = list2.iterator();
            while (it.hasNext()) {
                String str2 = (String) it.next();
                if (!CollectionUtils.isEmpty(authGroup.getAuthorizedDepartmentIds()) && authGroup.getAuthorizedDepartmentIds().contains(str2)) {
                    return true;
                }
            }
            return false;
        }).collect(Collectors.toList());
        log.info("user:{} department:{} authGroups:{}", new Object[]{str, list2, list3});
        return list3;
    }
}
