package com.atlassian.bamboo.security.acegi.acls;

import com.atlassian.bamboo.user.Authority;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.acegisecurity.acls.AccessControlEntry;
import org.acegisecurity.acls.Acl;
import org.acegisecurity.acls.MutableAcl;
import org.acegisecurity.acls.Permission;
import org.acegisecurity.acls.sid.GrantedAuthoritySid;
import org.acegisecurity.acls.sid.PrincipalSid;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/atlassian/bamboo/security/acegi/acls/BambooAclHelper.class */
public class BambooAclHelper {
    private final HibernateMutableAclService aclService;

    @Autowired
    public BambooAclHelper(HibernateMutableAclService hibernateMutableAclService) {
        this.aclService = hibernateMutableAclService;
    }

    public Iterable<String> listUsersWithPermissions(@NotNull Acl acl, @NotNull Collection<BambooPermission> collection) {
        Stream map = Arrays.stream(acl.getEntries()).filter(BambooAclHelper::isAnyUserAccessControlEntry).filter(accessControlEntry -> {
            return isAceOfSupportedPermission(accessControlEntry, collection);
        }).map((v0) -> {
            return v0.getSid();
        });
        Class<PrincipalSid> cls = PrincipalSid.class;
        PrincipalSid.class.getClass();
        return (Iterable) map.map((v1) -> {
            return r1.cast(v1);
        }).map((v0) -> {
            return v0.getPrincipal();
        }).sorted().distinct().collect(Collectors.toList());
    }

    public List<BambooPermission> getUserPermissions(@NotNull Acl acl, @NotNull String str, @NotNull Collection<BambooPermission> collection) {
        Stream map = Arrays.stream(acl.getEntries()).filter(accessControlEntry -> {
            return isAUserAccessControlEntry(accessControlEntry, str);
        }).filter(accessControlEntry2 -> {
            return isAceOfSupportedPermission(accessControlEntry2, collection);
        }).map((v0) -> {
            return v0.getPermission();
        });
        Class<BambooPermission> cls = BambooPermission.class;
        BambooPermission.class.getClass();
        return (List) map.map((v1) -> {
            return r1.cast(v1);
        }).collect(Collectors.toList());
    }

    public Iterable<String> listGroupsWithPermissions(@NotNull Acl acl, @NotNull Collection<BambooPermission> collection) {
        Stream map = Arrays.stream(acl.getEntries()).filter(BambooAclHelper::isAnyGroupAccessControlEntry).filter(accessControlEntry -> {
            return isAceOfSupportedPermission(accessControlEntry, collection);
        }).map((v0) -> {
            return v0.getSid();
        });
        Class<GroupPrincipalSid> cls = GroupPrincipalSid.class;
        GroupPrincipalSid.class.getClass();
        return (Iterable) map.map((v1) -> {
            return r1.cast(v1);
        }).map((v0) -> {
            return v0.getPrincipal();
        }).sorted().distinct().collect(Collectors.toList());
    }

    public List<BambooPermission> getGroupPermissions(@NotNull Acl acl, @NotNull String str, @NotNull Collection<BambooPermission> collection) {
        Stream map = Arrays.stream(acl.getEntries()).filter(accessControlEntry -> {
            return isAGroupAccessControlEntry(accessControlEntry, str);
        }).filter(accessControlEntry2 -> {
            return isAceOfSupportedPermission(accessControlEntry2, collection);
        }).map((v0) -> {
            return v0.getPermission();
        });
        Class<BambooPermission> cls = BambooPermission.class;
        BambooPermission.class.getClass();
        return (List) map.map((v1) -> {
            return r1.cast(v1);
        }).collect(Collectors.toList());
    }

    public List<BambooPermission> getLoggedInPermissions(@NotNull Acl acl, @NotNull Collection<BambooPermission> collection) {
        Stream map = Arrays.stream(acl.getEntries()).filter(accessControlEntry -> {
            return isARoleAccessControlEntry(accessControlEntry, Authority.USER.getAuthority());
        }).filter(accessControlEntry2 -> {
            return isAceOfSupportedPermission(accessControlEntry2, collection);
        }).map((v0) -> {
            return v0.getPermission();
        });
        Class<BambooPermission> cls = BambooPermission.class;
        BambooPermission.class.getClass();
        return (List) map.map((v1) -> {
            return r1.cast(v1);
        }).collect(Collectors.toList());
    }

    public List<BambooPermission> getAnonymousPermissions(@NotNull Acl acl, @NotNull Collection<BambooPermission> collection) {
        Stream map = Arrays.stream(acl.getEntries()).filter(accessControlEntry -> {
            return isARoleAccessControlEntry(accessControlEntry, Authority.ANONYMOUS.getAuthority());
        }).filter(accessControlEntry2 -> {
            return isAceOfSupportedPermission(accessControlEntry2, collection);
        }).map((v0) -> {
            return v0.getPermission();
        });
        Class<BambooPermission> cls = BambooPermission.class;
        BambooPermission.class.getClass();
        return (List) map.map((v1) -> {
            return r1.cast(v1);
        }).collect(Collectors.toList());
    }

    public boolean addPermissionKeys(@NotNull MutableAcl mutableAcl, @NotNull List<String> list) {
        Set set = (Set) Arrays.stream(mutableAcl.getEntries()).map(BambooAclUpdateHelper::getPermissionKeyFromAce).filter((v0) -> {
            return v0.isPresent();
        }).map((v0) -> {
            return v0.get();
        }).collect(Collectors.toSet());
        if (!set.addAll(list)) {
            return false;
        }
        this.aclService.updateAclAces(mutableAcl, new ArrayList(set));
        return true;
    }

    @NotNull
    public Set<String> calculatePermissionKeysAfterRemoval(@NotNull MutableAcl mutableAcl, @NotNull List<String> list) {
        Set<String> set = (Set) Arrays.stream(mutableAcl.getEntries()).map(BambooAclUpdateHelper::getPermissionKeyFromAce).filter((v0) -> {
            return v0.isPresent();
        }).map((v0) -> {
            return v0.get();
        }).collect(Collectors.toSet());
        set.removeAll(list);
        return set;
    }

    public boolean removePermissionKeys(@NotNull MutableAcl mutableAcl, @NotNull List<String> list) {
        Set set = (Set) Arrays.stream(mutableAcl.getEntries()).map(BambooAclUpdateHelper::getPermissionKeyFromAce).filter((v0) -> {
            return v0.isPresent();
        }).map((v0) -> {
            return v0.get();
        }).collect(Collectors.toSet());
        if (!set.removeAll(list)) {
            return false;
        }
        this.aclService.updateAclAces(mutableAcl, new ArrayList(set));
        return true;
    }

    private static boolean isAnyUserAccessControlEntry(AccessControlEntry accessControlEntry) {
        return PrincipalSid.class.isInstance(accessControlEntry.getSid());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isAUserAccessControlEntry(AccessControlEntry accessControlEntry, String str) {
        return PrincipalSid.class.isInstance(accessControlEntry.getSid()) && accessControlEntry.getSid().getPrincipal().equals(str);
    }

    private static boolean isAnyGroupAccessControlEntry(AccessControlEntry accessControlEntry) {
        return GroupPrincipalSid.class.isInstance(accessControlEntry.getSid());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isAGroupAccessControlEntry(AccessControlEntry accessControlEntry, String str) {
        return GroupPrincipalSid.class.isInstance(accessControlEntry.getSid()) && accessControlEntry.getSid().getPrincipal().equals(str);
    }

    private static boolean isAnyRoleAccessControlEntry(AccessControlEntry accessControlEntry) {
        return GrantedAuthoritySid.class.isInstance(accessControlEntry.getSid());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isARoleAccessControlEntry(AccessControlEntry accessControlEntry, String str) {
        return GrantedAuthoritySid.class.isInstance(accessControlEntry.getSid()) && accessControlEntry.getSid().getGrantedAuthority().equals(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isAceOfSupportedPermission(AccessControlEntry accessControlEntry, Collection<? extends Permission> collection) {
        return collection.contains(accessControlEntry.getPermission());
    }
}
