package org.georchestra.datafeeder.api;

import java.util.UUID;
import lombok.NonNull;
import org.georchestra.config.security.GeorchestraUserDetails;
import org.georchestra.datafeeder.model.DataUploadJob;
import org.georchestra.datafeeder.model.UserInfo;
import org.georchestra.datafeeder.service.DataUploadService;
import org.mapstruct.factory.Mappers;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.lang.Nullable;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:BOOT-INF/classes/org/georchestra/datafeeder/api/AuthorizationService.class */
public class AuthorizationService {

    @Autowired
    private DataUploadService uploadService;
    public static final UserInfoMapper userInfoMapper = (UserInfoMapper) Mappers.getMapper(UserInfoMapper.class);

    @NonNull
    public String getUserName() {
        return SecurityContextHolder.getContext().getAuthentication().getName();
    }

    @Nullable
    public String getUserOrgName() {
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        if (principal instanceof GeorchestraUserDetails) {
            return ((GeorchestraUserDetails) principal).getUser().getOrganization();
        }
        return null;
    }

    private DataUploadJob getOrNotFound(UUID uuid) {
        return this.uploadService.findJob(uuid).orElseThrow(() -> {
            return ApiException.notFound("upload %s does not exist", uuid);
        });
    }

    @NonNull
    private boolean isAdministrator() {
        String str = "ROLE_ADMINISTRATOR";
        return SecurityContextHolder.getContext().getAuthentication().getAuthorities().stream().map((v0) -> {
            return v0.getAuthority();
        }).anyMatch((v1) -> {
            return r1.equals(v1);
        });
    }

    public void checkAccessRights(UUID uuid) {
        DataUploadJob orNotFound = getOrNotFound(uuid);
        String userName = getUserName();
        if (!userName.equals(orNotFound.getUsername()) && !isAdministrator()) {
            throw ApiException.forbidden("User %s has no access rights to this upload", userName);
        }
    }

    @NonNull
    public UserInfo getUserInfo() {
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        UserInfo userInfo = new UserInfo();
        if (principal instanceof GeorchestraUserDetails) {
            GeorchestraUserDetails georchestraUserDetails = (GeorchestraUserDetails) principal;
            georchestraUserDetails.getOrganization().orElseThrow(() -> {
                return new IllegalStateException("User organization not provided through authentication headers");
            });
            userInfo = userInfoMapper.map(georchestraUserDetails);
        }
        return userInfo;
    }
}
