package org.geoserver.security.impl;

import java.io.IOException;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Properties;
import java.util.SortedSet;
import java.util.TreeSet;
import org.geoserver.security.GeoServerRoleService;
import org.geoserver.security.GeoServerUserGroupService;

/* loaded from: input_file:WEB-INF/lib/main-2.4-SNAPSHOT.jar:org/geoserver/security/impl/RoleCalculator.class */
public class RoleCalculator {
    protected GeoServerRoleService roleService;
    protected GeoServerUserGroupService userGroupService;

    public RoleCalculator(GeoServerRoleService geoServerRoleService) {
        this(null, geoServerRoleService);
    }

    public RoleCalculator(GeoServerUserGroupService geoServerUserGroupService, GeoServerRoleService geoServerRoleService) {
        this.userGroupService = geoServerUserGroupService;
        this.roleService = geoServerRoleService;
        assertRoleServiceNotNull();
    }

    public void setRoleService(GeoServerRoleService geoServerRoleService) {
        this.roleService = geoServerRoleService;
        assertRoleServiceNotNull();
    }

    public GeoServerRoleService getRoleService() {
        return this.roleService;
    }

    public void setUserGroupService(GeoServerUserGroupService geoServerUserGroupService) {
        this.userGroupService = geoServerUserGroupService;
    }

    public GeoServerUserGroupService getUserGroupService() {
        return this.userGroupService;
    }

    protected void assertRoleServiceNotNull() {
        if (this.roleService == null) {
            throw new RuntimeException("role service Service is null");
        }
    }

    public SortedSet<GeoServerRole> calculateRoles(String str) throws IOException {
        return calculateRoles(new GeoServerUser(str));
    }

    public SortedSet<GeoServerRole> calculateRoles(GeoServerUser geoServerUser) throws IOException {
        HashSet hashSet = new HashSet();
        hashSet.addAll(getRoleService().getRolesForUser(geoServerUser.getUsername()));
        addInheritedRoles(hashSet);
        if (getUserGroupService() != null) {
            for (GeoServerUserGroup geoServerUserGroup : getUserGroupService().getGroupsForUser(geoServerUser)) {
                if (geoServerUserGroup.isEnabled()) {
                    hashSet.addAll(calculateRoles(geoServerUserGroup));
                }
            }
        }
        SortedSet<GeoServerRole> personalizeRoles = personalizeRoles(geoServerUser, hashSet);
        addMappedSystemRoles(personalizeRoles);
        return personalizeRoles;
    }

    public void addMappedSystemRoles(Collection<GeoServerRole> collection) {
        GeoServerRole adminRole = this.roleService.getAdminRole();
        if (adminRole != null && collection.contains(adminRole)) {
            collection.add(GeoServerRole.ADMIN_ROLE);
        }
        GeoServerRole groupAdminRole = this.roleService.getGroupAdminRole();
        if (groupAdminRole == null || !collection.contains(groupAdminRole)) {
            return;
        }
        collection.add(GeoServerRole.GROUP_ADMIN_ROLE);
    }

    protected void addParentRole(GeoServerRole geoServerRole, Collection<GeoServerRole> collection) throws IOException {
        GeoServerRole parentRole = getRoleService().getParentRole(geoServerRole);
        if (parentRole == null || collection.contains(parentRole)) {
            return;
        }
        collection.add(parentRole);
        addParentRole(parentRole, collection);
    }

    public SortedSet<GeoServerRole> calculateRoles(GeoServerUserGroup geoServerUserGroup) throws IOException {
        TreeSet treeSet = new TreeSet();
        treeSet.addAll(getRoleService().getRolesForGroup(geoServerUserGroup.getGroupname()));
        addInheritedRoles(treeSet);
        return treeSet;
    }

    public void addInheritedRoles(Collection<GeoServerRole> collection) throws IOException {
        HashSet hashSet = new HashSet();
        Iterator<GeoServerRole> it2 = collection.iterator();
        while (it2.hasNext()) {
            addParentRole(it2.next(), hashSet);
        }
        collection.addAll(hashSet);
    }

    public SortedSet<GeoServerRole> personalizeRoles(GeoServerUser geoServerUser, Collection<GeoServerRole> collection) throws IOException {
        TreeSet treeSet = new TreeSet();
        for (GeoServerRole geoServerRole : collection) {
            Properties personalizeRoleParams = getRoleService().personalizeRoleParams(geoServerRole.getAuthority(), geoServerRole.getProperties(), geoServerUser.getUsername(), geoServerUser.getProperties());
            if (personalizeRoleParams == null) {
                treeSet.add(geoServerRole);
            } else {
                GeoServerRole createRoleObject = getRoleService().createRoleObject(geoServerRole.getAuthority());
                createRoleObject.setUserName(geoServerUser.getUsername());
                for (Object obj : personalizeRoleParams.keySet()) {
                    createRoleObject.getProperties().put(obj, personalizeRoleParams.get(obj));
                }
                treeSet.add(createRoleObject);
            }
        }
        return treeSet;
    }
}
