package org.molgenis.security.user;

import com.google.common.collect.Lists;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import org.molgenis.data.DataService;
import org.molgenis.data.security.auth.GroupAuthority;
import org.molgenis.data.security.auth.GroupAuthorityMetaData;
import org.molgenis.data.security.auth.GroupMember;
import org.molgenis.data.security.auth.GroupMemberMetaData;
import org.molgenis.data.security.auth.User;
import org.molgenis.data.security.auth.UserAuthority;
import org.molgenis.data.security.auth.UserAuthorityMetaData;
import org.molgenis.data.security.auth.UserMetaData;
import org.molgenis.data.support.QueryImpl;
import org.molgenis.security.core.runas.RunAsSystem;
import org.molgenis.security.core.utils.SecurityUtils;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:WEB-INF/lib/molgenis-security-6.1.0.jar:org/molgenis/security/user/UserDetailsService.class */
public class UserDetailsService implements org.springframework.security.core.userdetails.UserDetailsService {
    private final DataService dataService;
    private final GrantedAuthoritiesMapper grantedAuthoritiesMapper;

    public UserDetailsService(DataService dataService, GrantedAuthoritiesMapper grantedAuthoritiesMapper) {
        this.dataService = (DataService) Objects.requireNonNull(dataService, "DataService is null");
        this.grantedAuthoritiesMapper = (GrantedAuthoritiesMapper) Objects.requireNonNull(grantedAuthoritiesMapper, "Granted authorities mapper is null");
    }

    @Override // org.springframework.security.core.userdetails.UserDetailsService
    @RunAsSystem
    public UserDetails loadUserByUsername(String str) {
        try {
            User user = (User) this.dataService.findOne(UserMetaData.USER, new QueryImpl().eq("username", str), User.class);
            if (user == null) {
                throw new UsernameNotFoundException("unknown user '" + str + "'");
            }
            return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), user.isActive().booleanValue(), true, true, true, getAuthorities(user));
        } catch (Throwable th) {
            throw new RuntimeException(th);
        }
    }

    public Collection<? extends GrantedAuthority> getAuthorities(User user) {
        List<UserAuthority> userAuthorities = getUserAuthorities(user);
        List transform = userAuthorities != null ? Lists.transform(userAuthorities, authority -> {
            return new SimpleGrantedAuthority(authority.getRole());
        }) : null;
        List<GroupAuthority> groupAuthorities = getGroupAuthorities(user);
        List transform2 = groupAuthorities != null ? Lists.transform(groupAuthorities, groupAuthority -> {
            return new SimpleGrantedAuthority(groupAuthority.getRole());
        }) : null;
        HashSet hashSet = new HashSet();
        if (transform != null) {
            hashSet.addAll(transform);
        }
        if (transform2 != null) {
            hashSet.addAll(transform2);
        }
        if (user.isSuperuser() != null && user.isSuperuser().booleanValue()) {
            hashSet.add(new SimpleGrantedAuthority(SecurityUtils.AUTHORITY_SU));
        }
        return this.grantedAuthoritiesMapper.mapAuthorities(hashSet);
    }

    private List<UserAuthority> getUserAuthorities(User user) {
        return (List) this.dataService.findAll(UserAuthorityMetaData.USER_AUTHORITY, new QueryImpl().eq("User", user), UserAuthority.class).collect(Collectors.toList());
    }

    private List<GroupAuthority> getGroupAuthorities(User user) {
        List list = (List) this.dataService.findAll(GroupMemberMetaData.GROUP_MEMBER, new QueryImpl().eq("User", user), GroupMember.class).collect(Collectors.toList());
        if (list.isEmpty()) {
            return null;
        }
        return (List) this.dataService.findAll(GroupAuthorityMetaData.GROUP_AUTHORITY, new QueryImpl().in("Group", Lists.transform(list, (v0) -> {
            return v0.getGroup();
        })), GroupAuthority.class).collect(Collectors.toList());
    }
}
