package org.apache.isis.extensions.secman.delegated.shiro.realm;

import java.util.Collection;
import java.util.Collections;
import java.util.Set;
import java.util.TreeSet;
import java.util.stream.Collectors;
import lombok.NonNull;
import org.apache.isis.commons.internal.base._Lazy;
import org.apache.isis.extensions.secman.applib.permission.dom.ApplicationPermissionValueSet;
import org.apache.isis.extensions.secman.applib.user.dom.AccountType;
import org.apache.isis.extensions.secman.applib.user.dom.ApplicationUser;
import org.apache.isis.extensions.secman.applib.user.dom.ApplicationUserStatus;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.Permission;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/apache/isis/extensions/secman/delegated/shiro/realm/PrincipalForApplicationUser.class */
public class PrincipalForApplicationUser implements AuthorizationInfo {
    private static final long serialVersionUID = 1;
    private final String username;
    private final String encryptedPassword;
    private final AccountType accountType;
    private final ApplicationUserStatus status;
    private final Set<String> roles;
    private final ApplicationPermissionValueSet permissionSet;
    private final _Lazy<Collection<Permission>> objectPermissions = _Lazy.threadSafe(this::createObjectPermissions);

    /* loaded from: input_file:org/apache/isis/extensions/secman/delegated/shiro/realm/PrincipalForApplicationUser$Permission_backedByPermissionSet.class */
    private static class Permission_backedByPermissionSet implements Permission {

        @NonNull
        private final ApplicationPermissionValueSet permissionSet;

        public boolean implies(Permission permission) {
            if (!(permission instanceof PermissionForMember)) {
                return false;
            }
            PermissionForMember permissionForMember = (PermissionForMember) permission;
            return this.permissionSet.grants(permissionForMember.getFeatureId(), permissionForMember.getMode());
        }

        private Permission_backedByPermissionSet(@NonNull ApplicationPermissionValueSet applicationPermissionValueSet) {
            if (applicationPermissionValueSet == null) {
                throw new NullPointerException("permissionSet is marked non-null but is null");
            }
            this.permissionSet = applicationPermissionValueSet;
        }

        public static Permission_backedByPermissionSet of(@NonNull ApplicationPermissionValueSet applicationPermissionValueSet) {
            return new Permission_backedByPermissionSet(applicationPermissionValueSet);
        }
    }

    public static PrincipalForApplicationUser from(ApplicationUser applicationUser) {
        if (applicationUser == null) {
            return null;
        }
        return new PrincipalForApplicationUser(applicationUser.getUsername(), applicationUser.getEncryptedPassword(), applicationUser.getAccountType(), applicationUser.getStatus(), (TreeSet) applicationUser.getRoles().stream().map((v0) -> {
            return v0.getName();
        }).collect(Collectors.toCollection(TreeSet::new)), applicationUser.getPermissionSet());
    }

    public boolean isLocked() {
        return getStatus() == ApplicationUserStatus.LOCKED;
    }

    public Collection<String> getStringPermissions() {
        return Collections.emptyList();
    }

    public Collection<Permission> getObjectPermissions() {
        return (Collection) this.objectPermissions.get();
    }

    public String toString() {
        return getUsername();
    }

    private Collection<Permission> createObjectPermissions() {
        return Collections.singleton(Permission_backedByPermissionSet.of(getPermissionSet()));
    }

    private PrincipalForApplicationUser(String str, String str2, AccountType accountType, ApplicationUserStatus applicationUserStatus, Set<String> set, ApplicationPermissionValueSet applicationPermissionValueSet) {
        this.username = str;
        this.encryptedPassword = str2;
        this.accountType = accountType;
        this.status = applicationUserStatus;
        this.roles = set;
        this.permissionSet = applicationPermissionValueSet;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getUsername() {
        return this.username;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getEncryptedPassword() {
        return this.encryptedPassword;
    }

    public AccountType getAccountType() {
        return this.accountType;
    }

    ApplicationUserStatus getStatus() {
        return this.status;
    }

    /* renamed from: getRoles, reason: merged with bridge method [inline-methods] */
    public Set<String> m2getRoles() {
        return this.roles;
    }

    ApplicationPermissionValueSet getPermissionSet() {
        return this.permissionSet;
    }
}
