package com.appiancorp.object.action.security.warnings;

import com.appiancorp.core.expr.portable.PortableTypedValue;
import com.appiancorp.object.action.security.RoleMapDefinitionFacade;
import com.appiancorp.security.auth.SecurityContextProvider;
import com.appiancorp.services.spring.ServiceContextProvider;
import com.appiancorp.suiteapi.personalization.GroupService;
import com.google.common.collect.ImmutableMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:com/appiancorp/object/action/security/warnings/LoggedInUserMissingAdminPrivilegeWarning.class */
public class LoggedInUserMissingAdminPrivilegeWarning implements RoleMapSecurityWarning {
    public static final String LOGGED_IN_USER_MISSING_ADMIN_PRIVILEGE_WARNING_KEY = "sysrule.securityWarning.loggedInUserNotAdminWarning";
    private final GroupService groupService;
    private final SecurityContextProvider securityContextProvider;
    private final ServiceContextProvider serviceContextProvider;

    /* JADX INFO: Access modifiers changed from: package-private */
    public LoggedInUserMissingAdminPrivilegeWarning(GroupService groupService, SecurityContextProvider securityContextProvider, ServiceContextProvider serviceContextProvider) {
        this.groupService = groupService;
        this.securityContextProvider = securityContextProvider;
        this.serviceContextProvider = serviceContextProvider;
    }

    @Override // com.appiancorp.object.action.security.warnings.RoleMapSecurityWarning
    public Map<String, Set<String>> getWarnings(RoleMapDefinitionFacade roleMapDefinitionFacade, List<PortableTypedValue> list) {
        HashSet hashSet = new HashSet();
        if (roleMapDefinitionFacade == null || this.securityContextProvider.get().isSysAdmin() || hasDefaultAdmin(roleMapDefinitionFacade)) {
            return ImmutableMap.of();
        }
        String name = this.serviceContextProvider.get().getName();
        if (!isUserAdminUser(roleMapDefinitionFacade, name) && !isUserInAnyAdminGroups(roleMapDefinitionFacade, name)) {
            hashSet.add(LOGGED_IN_USER_MISSING_ADMIN_PRIVILEGE_WARNING_KEY);
        }
        return hashSet.size() == 0 ? ImmutableMap.of() : ImmutableMap.of("all", hashSet);
    }

    private boolean isUserAdminUser(RoleMapDefinitionFacade roleMapDefinitionFacade, String str) {
        List usersInRole = roleMapDefinitionFacade.getUsersInRole(RoleMapDefinitionFacade.RoleKey.ADMINISTRATOR);
        usersInRole.addAll(roleMapDefinitionFacade.getInheritedUsersInRole(RoleMapDefinitionFacade.RoleKey.ADMINISTRATOR));
        return usersInRole.stream().anyMatch(str2 -> {
            return str2.equals(str);
        });
    }

    private boolean isUserInAnyAdminGroups(RoleMapDefinitionFacade roleMapDefinitionFacade, String str) {
        List groupsInRole = roleMapDefinitionFacade.getGroupsInRole(RoleMapDefinitionFacade.RoleKey.ADMINISTRATOR);
        groupsInRole.addAll(roleMapDefinitionFacade.getInheritedGroupsInRole(RoleMapDefinitionFacade.RoleKey.ADMINISTRATOR));
        for (boolean z : this.groupService.isUserMemberOfGroups(str, (Long[]) groupsInRole.toArray(new Long[0]))) {
            if (z) {
                return true;
            }
        }
        return false;
    }
}
