package io.camunda.zeebe.engine.processing.identity;

import io.camunda.zeebe.engine.processing.Rejection;
import io.camunda.zeebe.engine.processing.distribution.CommandDistributionBehavior;
import io.camunda.zeebe.engine.processing.identity.AuthorizationCheckBehavior;
import io.camunda.zeebe.engine.processing.streamprocessor.DistributedTypedRecordProcessor;
import io.camunda.zeebe.engine.processing.streamprocessor.writers.StateWriter;
import io.camunda.zeebe.engine.processing.streamprocessor.writers.TypedRejectionWriter;
import io.camunda.zeebe.engine.processing.streamprocessor.writers.TypedResponseWriter;
import io.camunda.zeebe.engine.processing.streamprocessor.writers.Writers;
import io.camunda.zeebe.engine.state.authorization.PersistedRole;
import io.camunda.zeebe.engine.state.distribution.DistributionQueue;
import io.camunda.zeebe.engine.state.immutable.MappingState;
import io.camunda.zeebe.engine.state.immutable.RoleState;
import io.camunda.zeebe.engine.state.immutable.UserState;
import io.camunda.zeebe.protocol.impl.record.value.authorization.RoleRecord;
import io.camunda.zeebe.protocol.record.RejectionType;
import io.camunda.zeebe.protocol.record.intent.RoleIntent;
import io.camunda.zeebe.protocol.record.value.AuthorizationResourceType;
import io.camunda.zeebe.protocol.record.value.EntityType;
import io.camunda.zeebe.protocol.record.value.PermissionType;
import io.camunda.zeebe.stream.api.records.TypedRecord;
import io.camunda.zeebe.stream.api.state.KeyGenerator;
import io.camunda.zeebe.util.Either;
import java.util.Optional;

/* loaded from: input_file:io/camunda/zeebe/engine/processing/identity/RoleAddEntityProcessor.class */
public class RoleAddEntityProcessor implements DistributedTypedRecordProcessor<RoleRecord> {
    private static final String ENTITY_ALREADY_ASSIGNED_ERROR_MESSAGE = "Expected to add entity with key '%s' to role with key '%s', but the entity is already assigned to this role.";
    private final RoleState roleState;
    private final UserState userState;
    private final MappingState mappingState;
    private final AuthorizationCheckBehavior authCheckBehavior;
    private final KeyGenerator keyGenerator;
    private final StateWriter stateWriter;
    private final TypedRejectionWriter rejectionWriter;
    private final TypedResponseWriter responseWriter;
    private final CommandDistributionBehavior commandDistributionBehavior;

    public RoleAddEntityProcessor(RoleState roleState, UserState userState, MappingState mappingState, AuthorizationCheckBehavior authorizationCheckBehavior, KeyGenerator keyGenerator, Writers writers, CommandDistributionBehavior commandDistributionBehavior) {
        this.roleState = roleState;
        this.userState = userState;
        this.mappingState = mappingState;
        this.authCheckBehavior = authorizationCheckBehavior;
        this.keyGenerator = keyGenerator;
        this.stateWriter = writers.state();
        this.rejectionWriter = writers.rejection();
        this.responseWriter = writers.response();
        this.commandDistributionBehavior = commandDistributionBehavior;
    }

    @Override // io.camunda.zeebe.engine.processing.streamprocessor.DistributedTypedRecordProcessor
    public void processNewCommand(TypedRecord<RoleRecord> typedRecord) {
        RoleRecord value = typedRecord.getValue();
        Optional<PersistedRole> role = this.roleState.getRole(value.getRoleKey());
        if (role.isEmpty()) {
            String formatted = "Expected to update role with key '%s', but a role with this key does not exist.".formatted(Long.valueOf(value.getRoleKey()));
            this.rejectionWriter.appendRejection(typedRecord, RejectionType.NOT_FOUND, formatted);
            this.responseWriter.writeRejectionOnCommand(typedRecord, RejectionType.NOT_FOUND, formatted);
            return;
        }
        Either<Rejection, Void> isAuthorized = this.authCheckBehavior.isAuthorized(new AuthorizationCheckBehavior.AuthorizationRequest(typedRecord, AuthorizationResourceType.ROLE, PermissionType.UPDATE).addResourceId(role.get().getName()));
        if (isAuthorized.isLeft()) {
            Rejection left = isAuthorized.getLeft();
            this.rejectionWriter.appendRejection(typedRecord, left.type(), left.reason());
            this.responseWriter.writeRejectionOnCommand(typedRecord, left.type(), left.reason());
            return;
        }
        long entityKey = value.getEntityKey();
        EntityType entityType = value.getEntityType();
        if (!isEntityPresent(entityKey, entityType)) {
            String formatted2 = "Expected to add an entity with key '%s' and type '%s' to role with key '%s', but the entity doesn't exist.".formatted(Long.valueOf(entityKey), entityType, Long.valueOf(value.getRoleKey()));
            this.rejectionWriter.appendRejection(typedRecord, RejectionType.NOT_FOUND, formatted2);
            this.responseWriter.writeRejectionOnCommand(typedRecord, RejectionType.NOT_FOUND, formatted2);
        } else if (isEntityAssigned(value)) {
            String formatted3 = ENTITY_ALREADY_ASSIGNED_ERROR_MESSAGE.formatted(Long.valueOf(value.getEntityKey()), Long.valueOf(value.getRoleKey()));
            this.rejectionWriter.appendRejection(typedRecord, RejectionType.ALREADY_EXISTS, formatted3);
            this.responseWriter.writeRejectionOnCommand(typedRecord, RejectionType.ALREADY_EXISTS, formatted3);
        } else {
            this.stateWriter.appendFollowUpEvent(value.getRoleKey(), RoleIntent.ENTITY_ADDED, value);
            this.responseWriter.writeEventOnCommand(value.getRoleKey(), RoleIntent.ENTITY_ADDED, value, typedRecord);
            this.commandDistributionBehavior.withKey(this.keyGenerator.nextKey()).inQueue(DistributionQueue.IDENTITY.getQueueId()).distribute(typedRecord);
        }
    }

    @Override // io.camunda.zeebe.engine.processing.streamprocessor.DistributedTypedRecordProcessor
    public void processDistributedCommand(TypedRecord<RoleRecord> typedRecord) {
        RoleRecord value = typedRecord.getValue();
        if (isEntityAssigned(value)) {
            this.rejectionWriter.appendRejection(typedRecord, RejectionType.ALREADY_EXISTS, ENTITY_ALREADY_ASSIGNED_ERROR_MESSAGE.formatted(Long.valueOf(value.getEntityKey()), Long.valueOf(value.getRoleKey())));
        } else {
            this.stateWriter.appendFollowUpEvent(typedRecord.getKey(), RoleIntent.ENTITY_ADDED, value);
        }
        this.commandDistributionBehavior.acknowledgeCommand(typedRecord);
    }

    private boolean isEntityPresent(long j, EntityType entityType) {
        if (EntityType.USER == entityType) {
            return this.userState.getUser(j).isPresent();
        }
        if (EntityType.MAPPING == entityType) {
            return this.mappingState.get(j).isPresent();
        }
        return false;
    }

    private boolean isEntityAssigned(RoleRecord roleRecord) {
        return this.roleState.getEntityType(roleRecord.getRoleKey(), roleRecord.getEntityKey()).isPresent();
    }
}
