package org.molgenis.security.user;

import com.google.common.base.Function;
import com.google.common.collect.Lists;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.stream.Collectors;
import org.molgenis.auth.Authority;
import org.molgenis.auth.GroupAuthority;
import org.molgenis.auth.MolgenisGroup;
import org.molgenis.auth.MolgenisGroupMember;
import org.molgenis.auth.MolgenisUser;
import org.molgenis.auth.UserAuthority;
import org.molgenis.data.DataService;
import org.molgenis.data.support.QueryImpl;
import org.molgenis.security.core.runas.RunAsSystem;
import org.molgenis.security.core.utils.SecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:org/molgenis/security/user/MolgenisUserDetailsService.class */
public class MolgenisUserDetailsService implements UserDetailsService {
    private final DataService dataService;
    private final GrantedAuthoritiesMapper grantedAuthoritiesMapper;

    @Autowired
    public MolgenisUserDetailsService(DataService dataService, GrantedAuthoritiesMapper grantedAuthoritiesMapper) {
        if (dataService == null) {
            throw new IllegalArgumentException("DataService is null");
        }
        if (grantedAuthoritiesMapper == null) {
            throw new IllegalArgumentException("Granted authorities mapper is null");
        }
        this.dataService = dataService;
        this.grantedAuthoritiesMapper = grantedAuthoritiesMapper;
    }

    @Override // org.springframework.security.core.userdetails.UserDetailsService
    @RunAsSystem
    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException {
        try {
            MolgenisUser molgenisUser = (MolgenisUser) this.dataService.findOne("molgenisUser", new QueryImpl().eq("username", str), MolgenisUser.class);
            if (molgenisUser == null) {
                throw new UsernameNotFoundException("unknown user '" + str + "'");
            }
            return new User(molgenisUser.getUsername(), molgenisUser.getPassword(), molgenisUser.isActive().booleanValue(), true, true, true, getAuthorities(molgenisUser));
        } catch (Throwable th) {
            throw new RuntimeException(th);
        }
    }

    public Collection<? extends GrantedAuthority> getAuthorities(MolgenisUser molgenisUser) {
        List<UserAuthority> userAuthorities = getUserAuthorities(molgenisUser);
        List transform = userAuthorities != null ? Lists.transform(userAuthorities, new Function<Authority, GrantedAuthority>() { // from class: org.molgenis.security.user.MolgenisUserDetailsService.1
            @Override // com.google.common.base.Function
            public GrantedAuthority apply(Authority authority) {
                return new SimpleGrantedAuthority(authority.getRole());
            }
        }) : null;
        List<GroupAuthority> groupAuthorities = getGroupAuthorities(molgenisUser);
        List transform2 = groupAuthorities != null ? Lists.transform(groupAuthorities, new Function<GroupAuthority, GrantedAuthority>() { // from class: org.molgenis.security.user.MolgenisUserDetailsService.2
            @Override // com.google.common.base.Function
            public GrantedAuthority apply(GroupAuthority groupAuthority) {
                return new SimpleGrantedAuthority(groupAuthority.getRole());
            }
        }) : null;
        HashSet hashSet = new HashSet();
        if (transform != null) {
            hashSet.addAll(transform);
        }
        if (transform2 != null) {
            hashSet.addAll(transform2);
        }
        if (molgenisUser.isSuperuser() != null && molgenisUser.isSuperuser().booleanValue()) {
            hashSet.add(new SimpleGrantedAuthority(SecurityUtils.AUTHORITY_SU));
        }
        return this.grantedAuthoritiesMapper.mapAuthorities(hashSet);
    }

    private List<UserAuthority> getUserAuthorities(MolgenisUser molgenisUser) {
        return (List) this.dataService.findAll("UserAuthority", new QueryImpl().eq("molgenisUser", molgenisUser), UserAuthority.class).collect(Collectors.toList());
    }

    private List<GroupAuthority> getGroupAuthorities(MolgenisUser molgenisUser) {
        List list = (List) this.dataService.findAll("MolgenisGroupMember", new QueryImpl().eq("molgenisUser", molgenisUser), MolgenisGroupMember.class).collect(Collectors.toList());
        if (list.isEmpty()) {
            return null;
        }
        return (List) this.dataService.findAll("GroupAuthority", new QueryImpl().in("molgenisGroup", Lists.transform(list, new Function<MolgenisGroupMember, MolgenisGroup>() { // from class: org.molgenis.security.user.MolgenisUserDetailsService.3
            @Override // com.google.common.base.Function
            public MolgenisGroup apply(MolgenisGroupMember molgenisGroupMember) {
                return molgenisGroupMember.getMolgenisGroup();
            }
        })), GroupAuthority.class).collect(Collectors.toList());
    }
}
