package net.bluemind.core.container.service.internal;

import com.google.common.collect.ImmutableSet;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import net.bluemind.core.container.model.acl.Verb;
import net.bluemind.core.rest.BmContext;
import net.bluemind.directory.api.BaseDirEntry;
import net.bluemind.directory.api.DirEntry;
import net.bluemind.directory.api.IDirectory;
import net.bluemind.directory.api.IOrgUnits;

/* loaded from: input_file:net/bluemind/core/container/service/internal/DirEntryPermissionResolver.class */
public class DirEntryPermissionResolver {
    private static final Map<String, Set<Permission>> selfRoles = new HashMap();
    private static final Map<String, Set<Permission>> permsForSameDomain = new HashMap();
    private final BmContext context;
    private final String dirEntryUid;
    private final String domainUid;
    private final String orgUnitUid;

    public DirEntryPermissionResolver(BmContext bmContext, String str, String str2, String str3) {
        this.context = bmContext;
        this.domainUid = str;
        this.dirEntryUid = str2;
        this.orgUnitUid = str3;
    }

    public Set<Permission> resolve() {
        DirEntry findByEntryUid;
        HashSet hashSet = new HashSet();
        if (this.domainUid.equals(this.context.getSecurityContext().getContainerUid()) && this.dirEntryUid != null && this.dirEntryUid.equals(this.context.getSecurityContext().getSubject())) {
            hashSet.add(new DirEntryPermission(BaseDirEntry.Kind.USER, "self"));
            hashSet.add(ContainerPermission.asPerm(Verb.All));
            Iterator it = this.context.getSecurityContext().getRoles().iterator();
            while (it.hasNext()) {
                hashSet.addAll(selfRoles.getOrDefault((String) it.next(), Collections.emptySet()));
            }
        }
        if (this.domainUid.equals(this.context.getSecurityContext().getContainerUid())) {
            if (this.dirEntryUid != null && (findByEntryUid = ((IDirectory) this.context.su().provider().instance(IDirectory.class, new String[]{this.domainUid})).findByEntryUid(this.dirEntryUid)) != null && findByEntryUid.orgUnitPath != null) {
                Iterator it2 = this.context.getSecurityContext().getRolesForOrgUnit(findByEntryUid.orgUnitPath.path()).iterator();
                while (it2.hasNext()) {
                    hashSet.addAll(permsForSameDomain.getOrDefault((String) it2.next(), Collections.emptySet()));
                }
            }
            if (this.orgUnitUid != null) {
                Iterator it3 = this.context.getSecurityContext().getRolesForOrgUnit(((IOrgUnits) this.context.su().provider().instance(IOrgUnits.class, new String[]{this.domainUid})).getPath(this.orgUnitUid).path()).iterator();
                while (it3.hasNext()) {
                    hashSet.addAll(permsForSameDomain.getOrDefault((String) it3.next(), Collections.emptySet()));
                }
            }
            Iterator it4 = this.context.getSecurityContext().getRoles().iterator();
            while (it4.hasNext()) {
                hashSet.addAll(permsForSameDomain.getOrDefault((String) it4.next(), Collections.emptySet()));
            }
        }
        return hashSet;
    }

    public static void registerSameDomainRole(String str, Permission permission) {
        registerSameDomainRole(str, (Set<Permission>) ImmutableSet.builder().add(permission).build());
    }

    public static void registerSameDomainRole(String str, Set<Permission> set) {
        permsForSameDomain.merge(str, set, (set2, set3) -> {
            return ImmutableSet.builder().addAll(set2).addAll(set3).build();
        });
    }

    public static void registerSelfRole(String str, Permission permission) {
        registerSelfRole(str, (Set<Permission>) ImmutableSet.builder().add(permission).build());
    }

    public static void registerSelfRole(String str, Set<Permission> set) {
        selfRoles.merge(str, set, (set2, set3) -> {
            return ImmutableSet.builder().addAll(set2).addAll(set3).build();
        });
    }
}
