package org.ametys.runtime.plugins.admin.rights;

import java.util.Collections;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.ametys.core.group.GroupIdentity;
import org.ametys.core.right.AccessController;
import org.ametys.core.right.RightsExtensionPoint;
import org.ametys.core.user.UserIdentity;
import org.ametys.core.user.UserManager;
import org.ametys.core.user.population.UserPopulationDAO;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.avalon.framework.service.Serviceable;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:org/ametys/runtime/plugins/admin/rights/AdminAccessController.class */
public class AdminAccessController implements AccessController, Serviceable {
    public static final String ADMIN_RIGHT_CONTEXT = "/admin";
    protected RightsExtensionPoint _rightsExtensionPoint;
    protected UserManager _userManager;

    public void service(ServiceManager serviceManager) throws ServiceException {
        this._rightsExtensionPoint = (RightsExtensionPoint) serviceManager.lookup(RightsExtensionPoint.ROLE);
        this._userManager = (UserManager) serviceManager.lookup(UserManager.ROLE);
    }

    @Override // org.ametys.core.right.AccessController
    public AccessController.AccessResult getPermission(UserIdentity userIdentity, Set<GroupIdentity> set, String str, Object obj) {
        return (userIdentity == null || !StringUtils.equals(userIdentity.getPopulationId(), UserPopulationDAO.ADMIN_POPULATION_ID)) ? AccessController.AccessResult.UNKNOWN : AccessController.AccessResult.USER_ALLOWED;
    }

    @Override // org.ametys.core.right.AccessController
    public AccessController.AccessResult getReadAccessPermission(UserIdentity userIdentity, Set<GroupIdentity> set, Object obj) {
        return getPermission(userIdentity, set, null, obj);
    }

    @Override // org.ametys.core.right.AccessController
    public Map<String, AccessController.AccessResult> getPermissionByRight(UserIdentity userIdentity, Set<GroupIdentity> set, Object obj) {
        return (userIdentity == null || !StringUtils.equals(userIdentity.getPopulationId(), UserPopulationDAO.ADMIN_POPULATION_ID)) ? Collections.EMPTY_MAP : (Map) this._rightsExtensionPoint.getExtensionsIds().stream().collect(Collectors.toMap(str -> {
            return str;
        }, str2 -> {
            return AccessController.AccessResult.USER_ALLOWED;
        }));
    }

    @Override // org.ametys.core.right.AccessController
    public AccessController.AccessResult getPermissionForAnonymous(String str, Object obj) {
        return AccessController.AccessResult.UNKNOWN;
    }

    @Override // org.ametys.core.right.AccessController
    public AccessController.AccessResult getReadAccessPermissionForAnonymous(Object obj) {
        return AccessController.AccessResult.UNKNOWN;
    }

    @Override // org.ametys.core.right.AccessController
    public AccessController.AccessResult getPermissionForAnyConnectedUser(String str, Object obj) {
        return AccessController.AccessResult.UNKNOWN;
    }

    @Override // org.ametys.core.right.AccessController
    public AccessController.AccessResult getReadAccessPermissionForAnyConnectedUser(Object obj) {
        return AccessController.AccessResult.UNKNOWN;
    }

    @Override // org.ametys.core.right.AccessController
    public Map<UserIdentity, AccessController.AccessResult> getPermissionByUser(String str, Object obj) {
        return (Map) this._userManager.getUsers(UserPopulationDAO.ADMIN_POPULATION_ID).stream().collect(Collectors.toMap(user -> {
            return user.getIdentity();
        }, user2 -> {
            return AccessController.AccessResult.USER_ALLOWED;
        }));
    }

    @Override // org.ametys.core.right.AccessController
    public Map<UserIdentity, AccessController.AccessResult> getReadAccessPermissionByUser(Object obj) {
        return getPermissionByUser(null, obj);
    }

    @Override // org.ametys.core.right.AccessController
    public Map<GroupIdentity, AccessController.AccessResult> getPermissionByGroup(String str, Object obj) {
        return Collections.EMPTY_MAP;
    }

    @Override // org.ametys.core.right.AccessController
    public Map<GroupIdentity, AccessController.AccessResult> getReadAccessPermissionByGroup(Object obj) {
        return Collections.EMPTY_MAP;
    }

    @Override // org.ametys.core.right.AccessController
    public boolean hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> set, UserIdentity userIdentity, Set<GroupIdentity> set2) {
        return hasUserAnyPermissionOnWorkspace(set, userIdentity, set2, null);
    }

    @Override // org.ametys.core.right.AccessController
    public boolean hasUserAnyPermissionOnWorkspace(Set<Object> set, UserIdentity userIdentity, Set<GroupIdentity> set2, String str) {
        return set.contains("/admin") && StringUtils.equals(userIdentity.getPopulationId(), UserPopulationDAO.ADMIN_POPULATION_ID);
    }

    @Override // org.ametys.core.right.AccessController
    public boolean hasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> set) {
        return false;
    }

    @Override // org.ametys.core.right.AccessController
    public boolean hasAnonymousAnyPermissionOnWorkspace(Set<Object> set, String str) {
        return false;
    }

    @Override // org.ametys.core.right.AccessController
    public boolean hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> set) {
        return false;
    }

    @Override // org.ametys.core.right.AccessController
    public boolean hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> set, String str) {
        return false;
    }

    @Override // org.ametys.core.right.AccessController
    public boolean isSupported(Object obj) {
        if (!(obj instanceof String)) {
            return false;
        }
        String str = (String) obj;
        return "/admin".equals(str) || str.startsWith("/admin/");
    }
}
