package sirius.web.security;

import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import java.lang.reflect.AnnotatedElement;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import sirius.kernel.Sirius;
import sirius.kernel.commons.Value;
import sirius.kernel.di.std.ConfigValue;
import sirius.kernel.settings.Extension;

/* loaded from: input_file:sirius/web/security/Permissions.class */
public class Permissions {
    protected static Map<String, Set<String>> profilesCache;

    @ConfigValue("security.publicRoles")
    protected static List<String> publicRoles;

    private Permissions() {
    }

    private static Set<String> getProfile(String str) {
        if (profilesCache == null) {
            buildProfileCache();
        }
        return profilesCache.getOrDefault(str, Collections.emptySet());
    }

    private static void buildProfileCache() {
        HashMap newHashMap = Maps.newHashMap();
        for (Extension extension : Sirius.getSettings().getExtensions("security.profiles")) {
            newHashMap.put(extension.getId(), compileProfile(extension));
        }
        profilesCache = newHashMap;
    }

    private static Set<String> compileProfile(Extension extension) {
        TreeSet newTreeSet = Sets.newTreeSet();
        for (Map.Entry entry : extension.getContext().entrySet()) {
            if (Value.of(entry.getValue()).asBoolean()) {
                newTreeSet.add(entry.getKey());
            }
        }
        return newTreeSet;
    }

    private static void expand(String str, Set<String> set) {
        if (set.contains(str)) {
            return;
        }
        set.add(str);
        Iterator<String> it = getProfile(str).iterator();
        while (it.hasNext()) {
            expand(it.next(), set);
        }
    }

    public static Set<String> applyProfiles(Collection<String> collection) {
        TreeSet newTreeSet = Sets.newTreeSet();
        Iterator<String> it = collection.iterator();
        while (it.hasNext()) {
            expand(it.next(), newTreeSet);
        }
        return newTreeSet;
    }

    public static Set<String> applyProfilesAndPublicRoles(Collection<String> collection) {
        TreeSet newTreeSet = Sets.newTreeSet(collection);
        if (publicRoles != null) {
            newTreeSet.addAll(publicRoles);
        }
        return applyProfiles(newTreeSet);
    }

    public static Set<String> computePermissionsFromAnnotations(AnnotatedElement annotatedElement) {
        if (!wearsPermissionAnnotation(annotatedElement)) {
            return Collections.emptySet();
        }
        TreeSet newTreeSet = Sets.newTreeSet();
        for (Permission permission : (Permission[]) annotatedElement.getAnnotationsByType(Permission.class)) {
            newTreeSet.add(permission.value());
        }
        for (NotPermission notPermission : (NotPermission[]) annotatedElement.getAnnotationsByType(NotPermission.class)) {
            newTreeSet.add("!" + notPermission.value());
        }
        if (annotatedElement.isAnnotationPresent(LoginRequired.class)) {
            newTreeSet.add(UserInfo.PERMISSION_LOGGED_IN);
        }
        return newTreeSet;
    }

    public static boolean wearsPermissionAnnotation(AnnotatedElement annotatedElement) {
        if (annotatedElement.isAnnotationPresent(Permission.class) || annotatedElement.isAnnotationPresent(NotPermission.class) || annotatedElement.isAnnotationPresent(PermissionList.class) || annotatedElement.isAnnotationPresent(NotPermissionList.class)) {
            return true;
        }
        return annotatedElement.isAnnotationPresent(LoginRequired.class);
    }
}
