package com.digiwin.dap.middleware.iam.service.permission.impl;

import com.digiwin.dap.middleware.iam.domain.permission.PermissionUserOrg;
import com.digiwin.dap.middleware.iam.domain.permission.PermissionUserRole;
import com.digiwin.dap.middleware.iam.domain.permission.v2.StatementInfo;
import com.digiwin.dap.middleware.iam.domain.permission.v2.TargetType;
import com.digiwin.dap.middleware.iam.domain.policy.v2.TargetAction;
import com.digiwin.dap.middleware.iam.domain.policy.v2.TargetCondition;
import com.digiwin.dap.middleware.iam.entity.Org;
import com.digiwin.dap.middleware.iam.entity.Role;
import com.digiwin.dap.middleware.iam.mapper.AuthMapper;
import com.digiwin.dap.middleware.iam.mapper.OrgMapper;
import com.digiwin.dap.middleware.iam.mapper.PermissionMapper;
import com.digiwin.dap.middleware.iam.service.policy.PolicyConditionValueCrudService;
import com.digiwin.dap.middleware.iam.service.policy.PolicyCrudService;
import com.digiwin.dap.middleware.iam.service.role.RoleCrudService;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Service;

@Primary
@Service
/* loaded from: input_file:WEB-INF/lib/iam-business-4.37.4.0.jar:com/digiwin/dap/middleware/iam/service/permission/impl/AuthCalcServiceImpl.class */
public class AuthCalcServiceImpl extends AbstractAuthCalcService {

    @Autowired
    private OrgMapper orgMapper;

    @Autowired
    private AuthMapper authMapper;

    @Autowired
    private RoleCrudService roleCrudService;

    @Autowired
    private PermissionMapper permissionMapper;

    @Autowired
    private PolicyCrudService policyCrudService;

    @Autowired
    private PolicyConditionValueCrudService conditionValueCrudService;

    @Override // com.digiwin.dap.middleware.iam.service.permission.AuthCalcService
    public void bindPolicyActionCondition(long j, List<TargetAction> list) {
        Map map = (Map) this.conditionValueCrudService.findByPolicySids((List) list.stream().map((v0) -> {
            return v0.getPolicySid();
        }).distinct().collect(Collectors.toList())).stream().collect(Collectors.toMap(policyConditionValue -> {
            return policyConditionValue.getPolicySid() + "-" + policyConditionValue.getActionSid();
        }, policyConditionValue2 -> {
            return TargetCondition.parse(policyConditionValue2.getConditionValue());
        }));
        Map map2 = (Map) this.authMapper.findPolicyCondition(j).stream().collect(Collectors.groupingBy((v0) -> {
            return v0.getActionSid();
        }, Collectors.mapping((v0) -> {
            return v0.getKey();
        }, Collectors.toList())));
        list.forEach(targetAction -> {
            List list2 = (List) map.get(targetAction.getPolicySid() + "-" + targetAction.getActionSid());
            List list3 = (List) map2.get(Long.valueOf(targetAction.getActionSid()));
            if (list2 == null || list3 == null) {
                return;
            }
            targetAction.setConditions((List) list2.stream().filter(targetCondition -> {
                return list3.contains(targetCondition.getKey());
            }).collect(Collectors.toList()));
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.digiwin.dap.middleware.iam.service.permission.impl.AbstractAuthCalcService
    public List<TargetAction> findPolicyAction(long j, long j2, long j3, TargetType targetType, List<PermissionUserRole> list, List<PermissionUserOrg> list2) {
        Map<Long, Org> map = (Map) this.orgMapper.getOrgsByTenantSid(j).stream().collect(Collectors.toMap((v0) -> {
            return v0.getSid();
        }, org2 -> {
            return org2;
        }, (org3, org4) -> {
            return org3;
        }));
        HashSet hashSet = new HashSet();
        if (TargetType.user != targetType) {
            if (TargetType.role != targetType) {
                if (TargetType.org != targetType) {
                    return Collections.emptyList();
                }
                getParentOrg(j3, hashSet, map);
                return getPolicyAction(j, j2, new ArrayList(hashSet), TargetType.org);
            }
            List<TargetAction> policyAction = getPolicyAction(j, j2, j3, TargetType.role);
            Role findByTenantSidAndSid = this.roleCrudService.findByTenantSidAndSid(j, j3);
            if (findByTenantSidAndSid != null) {
                getParentOrg(findByTenantSidAndSid.getOrgSid(), hashSet, map);
            }
            return (List) Stream.of((Object[]) new List[]{policyAction, getPolicyAction(j, j2, new ArrayList(hashSet), TargetType.org)}).flatMap((v0) -> {
                return v0.stream();
            }).collect(Collectors.toList());
        }
        if (list == null) {
            list = this.permissionMapper.findUserRoles(j, j3);
        }
        if (list2 == null) {
            list2 = this.permissionMapper.findUserOrgs(j, j3);
        }
        List<TargetAction> policyAction2 = getPolicyAction(j, j2, j3, TargetType.user);
        List<TargetAction> policyAction3 = getPolicyAction(j, j2, (List<Long>) list.stream().map((v0) -> {
            return v0.getSid();
        }).collect(Collectors.toList()), TargetType.role);
        list.stream().filter(permissionUserRole -> {
            return permissionUserRole.getOrgSid() > 0;
        }).forEach(permissionUserRole2 -> {
            getParentOrg(permissionUserRole2.getOrgSid(), hashSet, map);
        });
        Iterator<PermissionUserOrg> it = list2.iterator();
        while (it.hasNext()) {
            getParentOrg(it.next().getSid(), hashSet, map);
        }
        return (List) Stream.of((Object[]) new List[]{policyAction2, policyAction3, getPolicyAction(j, j2, new ArrayList(hashSet), TargetType.org)}).flatMap((v0) -> {
            return v0.stream();
        }).collect(Collectors.toList());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.digiwin.dap.middleware.iam.service.permission.impl.AbstractAuthCalcService
    public List<TargetAction> mergePolicyActionCondition(long j, List<TargetAction> list) {
        bindPolicyActionCondition(j, list);
        return super.mergePolicyActionCondition(j, list);
    }

    private void getParentOrg(long j, Set<Long> set, Map<Long, Org> map) {
        if (j > 0) {
            set.add(Long.valueOf(j));
            Org org2 = map.get(Long.valueOf(j));
            if (org2 != null) {
                getParentOrg(org2.getParentSid(), set, map);
            }
        }
    }

    private List<TargetAction> getPolicyAction(long j, long j2, long j3, TargetType targetType) {
        return getPolicyAction(j, j2, Collections.singletonList(Long.valueOf(j3)), targetType);
    }

    private List<TargetAction> getPolicyAction(long j, long j2, List<Long> list, TargetType targetType) {
        return StatementInfo.getPolicyStatement(this.policyCrudService.findPolicy(j, j2, list, targetType.name()));
    }
}
