package de.mummeit.pmg.service;

import de.mummeit.pmg.api.PermissionManagerClient;
import de.mummeit.pmg.api.model.access.request.CheckAccessRequest;
import de.mummeit.pmg.api.model.access.request.ListPermittedScopesRequest;
import de.mummeit.pmg.api.model.access.request.Permit;
import de.mummeit.pmg.api.model.access.request.PermitRequest;
import de.mummeit.pmg.api.model.access.request.RevokeScopeAccessRequest;
import de.mummeit.pmg.api.model.access.request.RevokeUserAccessRequest;
import de.mummeit.pmg.api.model.access.request.SearchPermitRequest;
import de.mummeit.pmg.api.model.integration.Integration;
import de.mummeit.pmg.api.model.structure.Permission;
import de.mummeit.pmg.exception.IntegrationFailedException;
import de.mummeit.pmg.exception.InvalidPermissionRequestException;
import feign.FeignException;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:de/mummeit/pmg/service/PermissionManager.class */
public class PermissionManager {
    private final PermissionManagerClient client;

    public boolean hasAccess(String str, String str2, String str3, String str4) {
        validateParameters(str, str2, str3, str4);
        try {
            CheckAccessRequest checkAccessRequest = new CheckAccessRequest();
            checkAccessRequest.setUserId(str);
            checkAccessRequest.setDomain(str2);
            checkAccessRequest.setPermission(str3);
            checkAccessRequest.setScope(str4);
            return this.client.checkAccess(checkAccessRequest).isPermitted();
        } catch (FeignException e) {
            throw new InvalidPermissionRequestException("Technical error while checking access permissions", "Failed to communicate with permission service: " + e.getMessage(), e);
        }
    }

    public void grantAccess(String str, String str2, List<String> list, List<String> list2, String str3) {
        validateParameters(str, str2, str3);
        validatePermissionsAndRoles(list, list2);
        try {
            PermitRequest permitRequest = new PermitRequest();
            permitRequest.setUserId(str);
            permitRequest.setScope(str3);
            Permit permit = new Permit();
            permit.setDomain(str2);
            permit.setPermissions(list);
            permit.setRoles(list2);
            permitRequest.setPermits(Collections.singletonList(permit));
            this.client.permitAccess(permitRequest);
        } catch (FeignException e) {
            throw new InvalidPermissionRequestException("Failed to grant access", "Error occurred while granting permissions", e);
        }
    }

    public void revokeAccess(String str, String str2, List<String> list, List<String> list2, String str3) {
        validateParameters(str, str2, str3);
        validatePermissionsAndRoles(list, list2);
        try {
            PermitRequest permitRequest = new PermitRequest();
            permitRequest.setUserId(str);
            permitRequest.setScope(str3);
            Permit permit = new Permit();
            permit.setDomain(str2);
            permit.setPermissions(list);
            permit.setRoles(list2);
            permitRequest.setPermits(Collections.singletonList(permit));
            this.client.revokeAccess(permitRequest);
        } catch (FeignException e) {
            throw new InvalidPermissionRequestException("Failed to revoke access", "Error occurred while revoking permissions", e);
        }
    }

    public void revokeAllUserAccess(String str) {
        validateUserId(str);
        try {
            RevokeUserAccessRequest revokeUserAccessRequest = new RevokeUserAccessRequest();
            revokeUserAccessRequest.setUserId(str);
            this.client.revokeUserAccess(revokeUserAccessRequest);
        } catch (FeignException e) {
            throw new InvalidPermissionRequestException("Failed to revoke all user access", "Error occurred while revoking all user permissions", e);
        }
    }

    public void revokeAllScopeAccess(String str) {
        validateScope(str);
        try {
            RevokeScopeAccessRequest revokeScopeAccessRequest = new RevokeScopeAccessRequest();
            revokeScopeAccessRequest.setScope(str);
            this.client.revokeScopeAccess(revokeScopeAccessRequest);
        } catch (FeignException e) {
            throw new InvalidPermissionRequestException("Failed to revoke all scope access", "Error occurred while revoking all scope permissions", e);
        }
    }

    public List<Permission> findUserPermissions(String str, String str2) {
        validateParameters(str, str2);
        try {
            SearchPermitRequest searchPermitRequest = new SearchPermitRequest();
            searchPermitRequest.setUserId(str);
            searchPermitRequest.setScope(str2);
            return this.client.searchPermits(searchPermitRequest);
        } catch (FeignException e) {
            throw new InvalidPermissionRequestException("Failed to find user permissions", "Error occurred while searching for user permissions", e);
        }
    }

    public void performIntegration(List<Integration<?>> list) {
        if (list == null || list.isEmpty()) {
            throw new InvalidPermissionRequestException("Invalid integration request", "Integrations list cannot be null or empty");
        }
        try {
            this.client.performIntegration(list);
        } catch (FeignException e) {
            throw new IntegrationFailedException("Failed to perform integrations", list, e);
        }
    }

    public void grantMultiDomainAccess(String str, List<Permit> list, String str2) {
        validateParameters(str, str2);
        validatePermits(list);
        try {
            PermitRequest permitRequest = new PermitRequest();
            permitRequest.setUserId(str);
            permitRequest.setScope(str2);
            permitRequest.setPermits(list);
            this.client.permitAccess(permitRequest);
        } catch (FeignException e) {
            throw new InvalidPermissionRequestException("Failed to grant multi-domain access", "Error occurred while granting multi-domain permissions", e);
        }
    }

    public void revokeMultiDomainAccess(String str, List<Permit> list, String str2) {
        validateParameters(str, str2);
        validatePermits(list);
        try {
            PermitRequest permitRequest = new PermitRequest();
            permitRequest.setUserId(str);
            permitRequest.setScope(str2);
            permitRequest.setPermits(list);
            this.client.revokeAccess(permitRequest);
        } catch (FeignException e) {
            throw new InvalidPermissionRequestException("Failed to revoke multi-domain access", "Error occurred while revoking multi-domain permissions", e);
        }
    }

    public List<String> listPermittedScopes(String str, String str2, String str3) {
        validateParameters(str, str2, str3);
        try {
            ListPermittedScopesRequest listPermittedScopesRequest = new ListPermittedScopesRequest();
            listPermittedScopesRequest.setUserId(str);
            listPermittedScopesRequest.setDomain(str2);
            listPermittedScopesRequest.setPermission(str3);
            return this.client.listPermittedScopes(listPermittedScopesRequest).getScopes();
        } catch (FeignException e) {
            throw new InvalidPermissionRequestException("Failed to list permitted scopes", "Error occurred while listing permitted scopes", e);
        }
    }

    private void validateParameters(String str, String str2, String str3, String str4) {
        validateUserId(str);
        validateDomain(str2);
        validatePermission(str3);
        validateScope(str4);
    }

    private void validateParameters(String str, String str2, String str3) {
        validateUserId(str);
        validateDomain(str2);
        validateScope(str3);
    }

    private void validateParameters(String str, String str2) {
        validateUserId(str);
        validateScope(str2);
    }

    private void validateUserId(String str) {
        if (str == null || str.trim().isEmpty()) {
            throw new InvalidPermissionRequestException("Invalid user ID", "User ID cannot be null or empty");
        }
    }

    private void validateDomain(String str) {
        if (str == null || str.trim().isEmpty()) {
            throw new InvalidPermissionRequestException("Invalid domain", "Domain cannot be null or empty");
        }
    }

    private void validatePermission(String str) {
        if (str == null || str.trim().isEmpty()) {
            throw new InvalidPermissionRequestException("Invalid permission", "Permission cannot be null or empty");
        }
    }

    private void validateScope(String str) {
        if (str == null || str.trim().isEmpty()) {
            throw new InvalidPermissionRequestException("Invalid scope", "Scope cannot be null or empty");
        }
    }

    private void validatePermissionsAndRoles(List<String> list, List<String> list2) {
        if ((list == null || list.isEmpty()) && (list2 == null || list2.isEmpty())) {
            throw new InvalidPermissionRequestException("Invalid permissions and roles", "At least one permission or role must be specified");
        }
        if (list != null && list.stream().anyMatch(str -> {
            return str == null || str.trim().isEmpty();
        })) {
            throw new InvalidPermissionRequestException("Invalid permissions", "Permissions cannot contain null or empty values");
        }
        if (list2 != null && list2.stream().anyMatch(str2 -> {
            return str2 == null || str2.trim().isEmpty();
        })) {
            throw new InvalidPermissionRequestException("Invalid roles", "Roles cannot contain null or empty values");
        }
    }

    private void validatePermits(List<Permit> list) {
        if (list == null || list.isEmpty()) {
            throw new InvalidPermissionRequestException("Invalid permits", "Permits list cannot be null or empty");
        }
        if (list.stream().anyMatch((v0) -> {
            return Objects.isNull(v0);
        })) {
            throw new InvalidPermissionRequestException("Invalid permits", "Permits list cannot contain null values");
        }
        list.forEach(permit -> {
            validateDomain(permit.getDomain());
            validatePermissionsAndRoles(permit.getPermissions(), permit.getRoles());
        });
    }

    public PermissionManager(PermissionManagerClient permissionManagerClient) {
        this.client = permissionManagerClient;
    }
}
