package org.neo4j.cypher.internal.runtime.interpreted.commands.showcommands;

import java.util.List;
import java.util.Map;
import java.util.Optional;
import org.apache.shiro.realm.text.IniRealm;
import org.neo4j.cypher.internal.ast.CurrentUser$;
import org.neo4j.cypher.internal.ast.ExecutableBy;
import org.neo4j.cypher.internal.ast.User;
import org.neo4j.cypher.internal.runtime.interpreted.commands.showcommands.ShowProcFuncCommandHelper;
import org.neo4j.graphdb.GraphDatabaseService;
import org.neo4j.graphdb.ResourceIterator;
import org.neo4j.graphdb.Transaction;
import org.neo4j.internal.kernel.api.procs.DefaultParameterValue;
import org.neo4j.internal.kernel.api.procs.FieldSignature;
import org.neo4j.internal.kernel.api.security.AdminActionOnResource;
import org.neo4j.internal.kernel.api.security.AuthSubject;
import org.neo4j.internal.kernel.api.security.PermissionState;
import org.neo4j.internal.kernel.api.security.PrivilegeAction;
import org.neo4j.internal.kernel.api.security.SecurityAuthorizationHandler;
import org.neo4j.internal.kernel.api.security.SecurityContext;
import org.neo4j.internal.kernel.api.security.Segment;
import org.neo4j.values.AnyValue;
import org.neo4j.values.storable.Values;
import org.neo4j.values.virtual.ListValue;
import org.neo4j.values.virtual.VirtualValues;
import picocli.CommandLine;
import scala.Function0;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Some;
import scala.Tuple2;
import scala.Tuple3;
import scala.Tuple4;
import scala.collection.GenTraversableOnce;
import scala.collection.Iterator;
import scala.collection.JavaConverters$;
import scala.collection.TraversableOnce;
import scala.collection.immutable.List$;
import scala.collection.immutable.Set;
import scala.collection.mutable.ArrayOps;
import scala.math.Ordering$String$;
import scala.reflect.ClassTag;
import scala.reflect.ClassTag$;
import scala.runtime.BoxesRunTime;

/* compiled from: ShowProcFuncCommandHelper.scala */
/* loaded from: input_file:org/neo4j/cypher/internal/runtime/interpreted/commands/showcommands/ShowProcFuncCommandHelper$.class */
public final class ShowProcFuncCommandHelper$ {
    public static ShowProcFuncCommandHelper$ MODULE$;

    static {
        new ShowProcFuncCommandHelper$();
    }

    public Tuple2<Set<String>, Object> getRolesForExecutableByUser(SecurityContext securityContext, SecurityAuthorizationHandler securityAuthorizationHandler, Function0<GraphDatabaseService> function0, Option<ExecutableBy> option, String str) {
        Tuple2<Set<String>, Object> tuple2;
        boolean z = false;
        Some some = null;
        if (option instanceof Some) {
            z = true;
            some = (Some) option;
            if (CurrentUser$.MODULE$.equals((ExecutableBy) some.value()) && securityContext.subject().equals(AuthSubject.AUTH_DISABLED)) {
                tuple2 = new Tuple2<>(Predef$.MODULE$.Set().empty(), BoxesRunTime.boxToBoolean(true));
                return tuple2;
            }
        }
        if (z) {
            ExecutableBy executableBy = (ExecutableBy) some.value();
            if (executableBy instanceof User) {
                String name = ((User) executableBy).name();
                if (!securityContext.subject().hasUsername(name)) {
                    PermissionState allowsAdminAction = securityContext.allowsAdminAction(new AdminActionOnResource(PrivilegeAction.SHOW_USER, AdminActionOnResource.DatabaseScope.ALL, Segment.ALL));
                    if (!allowsAdminAction.allowsAccess()) {
                        PermissionState permissionState = PermissionState.EXPLICIT_DENY;
                        throw securityAuthorizationHandler.logAndGetAuthorizationException(securityContext, (allowsAdminAction != null ? !allowsAdminAction.equals(permissionState) : permissionState != null) ? new StringBuilder(198).append("Permission not granted for ").append(str).append(", requires SHOW USER privilege. ").append("Try executing SHOW USER PRIVILEGES to determine the missing privileges. ").append("In case of missing privileges, they need to be granted (See GRANT).").toString() : new StringBuilder(204).append("Permission denied for ").append(str).append(", requires SHOW USER privilege. ").append("Try executing SHOW USER PRIVILEGES to determine the denied privileges. ").append("In case of denied privileges, they need to be revoked (See REVOKE) and granted.").toString());
                    }
                    Transaction beginTx = function0.mo8042apply().beginTx();
                    ResourceIterator columnAs = beginTx.execute("SHOW USERS YIELD user, roles WHERE user = $name RETURN roles", (Map) JavaConverters$.MODULE$.mapAsJavaMapConverter((scala.collection.Map) Predef$.MODULE$.Map().apply(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("name"), name)}))).asJava()).columnAs(IniRealm.ROLES_SECTION_NAME);
                    Set set = columnAs.hasNext() ? ((TraversableOnce) JavaConverters$.MODULE$.asScalaBufferConverter((List) columnAs.next()).asScala()).toSet() : Predef$.MODULE$.Set().empty();
                    beginTx.commit();
                    tuple2 = new Tuple2<>(set, BoxesRunTime.boxToBoolean(false));
                    return tuple2;
                }
            }
        }
        if (z) {
            tuple2 = new Tuple2<>(((TraversableOnce) JavaConverters$.MODULE$.asScalaSetConverter(securityContext.roles()).asScala()).toSet(), BoxesRunTime.boxToBoolean(false));
        } else {
            if (!None$.MODULE$.equals(option)) {
                throw new MatchError(option);
            }
            tuple2 = new Tuple2<>(Predef$.MODULE$.Set().empty(), BoxesRunTime.boxToBoolean(false));
        }
        return tuple2;
    }

    public scala.collection.immutable.List<scala.collection.immutable.Map<String, String>> getSignatureValues(List<FieldSignature> list) {
        return (scala.collection.immutable.List) ((TraversableOnce) JavaConverters$.MODULE$.asScalaBufferConverter(list).asScala()).toList().map(fieldSignature -> {
            scala.collection.immutable.Map map = (scala.collection.immutable.Map) Predef$.MODULE$.Map().apply(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("name"), fieldSignature.name()), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("type"), fieldSignature.neo4jType().toString()), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(CommandLine.Model.UsageMessageSpec.SECTION_KEY_DESCRIPTION), fieldSignature.toString())}));
            Optional<DefaultParameterValue> defaultValue = fieldSignature.defaultValue();
            return defaultValue.isPresent() ? map.$plus$plus((GenTraversableOnce) Predef$.MODULE$.Map().apply(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("default"), defaultValue.get().toString())}))) : map;
        }, List$.MODULE$.canBuildFrom());
    }

    public ListValue fieldDescriptions(scala.collection.immutable.List<scala.collection.immutable.Map<String, String>> list) {
        return VirtualValues.fromList((List) JavaConverters$.MODULE$.seqAsJavaListConverter((scala.collection.immutable.List) list.map(map -> {
            String[] strArr = {"name", "type", CommandLine.Model.UsageMessageSpec.SECTION_KEY_DESCRIPTION};
            AnyValue[] anyValueArr = {Values.stringValue((String) map.mo10262apply((scala.collection.immutable.Map) "name")), Values.stringValue((String) map.mo10262apply((scala.collection.immutable.Map) "type")), Values.stringValue((String) map.mo10262apply((scala.collection.immutable.Map) CommandLine.Model.UsageMessageSpec.SECTION_KEY_DESCRIPTION))};
            Option<V> option = map.get("default");
            return option.isDefined() ? VirtualValues.map((String[]) new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(strArr)).$colon$plus((ArrayOps.ofRef) "default", (ClassTag<ArrayOps.ofRef>) ClassTag$.MODULE$.apply(String.class)), (AnyValue[]) new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(anyValueArr)).$colon$plus((ArrayOps.ofRef) Values.stringValue((String) option.get()), (ClassTag<ArrayOps.ofRef>) ClassTag$.MODULE$.apply(AnyValue.class))) : VirtualValues.map(strArr, anyValueArr);
        }, List$.MODULE$.canBuildFrom())).asJava());
    }

    public ShowProcFuncCommandHelper.Privileges getPrivileges(GraphDatabaseService graphDatabaseService, String str) {
        Transaction beginTx = graphDatabaseService.beginTx();
        scala.collection.immutable.List<A> list = ((Iterator) JavaConverters$.MODULE$.asScalaIteratorConverter(beginTx.execute("SHOW ALL PRIVILEGES YIELD * WHERE action='execute' AND segment STARTS WITH $seg RETURN access, segment, collect(role) as roles", (Map) JavaConverters$.MODULE$.mapAsJavaMapConverter((scala.collection.Map) Predef$.MODULE$.Map().apply(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("seg"), str)}))).asJava())).asScala()).map(map -> {
            return ((TraversableOnce) JavaConverters$.MODULE$.mapAsScalaMapConverter(map).asScala()).toMap(Predef$.MODULE$.$conforms());
        }).toList();
        scala.collection.immutable.List<A> list2 = ((Iterator) JavaConverters$.MODULE$.asScalaIteratorConverter(beginTx.execute("SHOW ALL PRIVILEGES YIELD * WHERE action STARTS WITH 'execute_boosted' AND segment STARTS WITH $seg RETURN access, segment, collect(role) as roles", (Map) JavaConverters$.MODULE$.mapAsJavaMapConverter((scala.collection.Map) Predef$.MODULE$.Map().apply(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("seg"), str)}))).asJava())).asScala()).map(map2 -> {
            return ((TraversableOnce) JavaConverters$.MODULE$.mapAsScalaMapConverter(map2).asScala()).toMap(Predef$.MODULE$.$conforms());
        }).toList();
        scala.collection.immutable.List list3 = str.equals("PROCEDURE") ? ((Iterator) JavaConverters$.MODULE$.asScalaIteratorConverter(beginTx.execute("SHOW ALL PRIVILEGES YIELD * WHERE action='execute_admin' RETURN access, collect(role) as roles")).asScala()).map(map3 -> {
            return ((TraversableOnce) JavaConverters$.MODULE$.mapAsScalaMapConverter(map3).asScala()).toMap(Predef$.MODULE$.$conforms());
        }).toList() : List$.MODULE$.empty();
        scala.collection.immutable.List<A> list4 = ((Iterator) JavaConverters$.MODULE$.asScalaIteratorConverter(beginTx.execute("SHOW ALL PRIVILEGES YIELD * WHERE action IN ['admin', 'dbms_actions'] RETURN access, collect(role) as roles")).asScala()).map(map4 -> {
            return ((TraversableOnce) JavaConverters$.MODULE$.mapAsScalaMapConverter(map4).asScala()).toMap(Predef$.MODULE$.$conforms());
        }).toList();
        beginTx.commit();
        return new ShowProcFuncCommandHelper.Privileges(list, list2, list4, list3);
    }

    public Tuple3<Set<String>, Set<String>, Object> roles(String str, boolean z, ShowProcFuncCommandHelper.Privileges privileges, Set<String> set) {
        Tuple4 tuple4;
        if (z) {
            Set set2 = (Set) privileges.grantedAdminExecuteRoles().$plus$plus(privileges.grantedBoostedExecuteRoles(str));
            Set set3 = (Set) privileges.deniedAdminExecuteRoles().$plus$plus(privileges.deniedBoostedExecuteRoles(str));
            tuple4 = new Tuple4(set2, set2, (Set) privileges.deniedExecuteRoles(str).$plus$plus(set3), set3);
        } else {
            tuple4 = new Tuple4(privileges.grantedExecuteRoles(str), privileges.grantedBoostedExecuteRoles(str), privileges.deniedExecuteRoles(str), privileges.deniedBoostedExecuteRoles(str));
        }
        Tuple4 tuple42 = tuple4;
        if (tuple42 == null) {
            throw new MatchError(tuple42);
        }
        Tuple4 tuple43 = new Tuple4((Set) tuple42._1(), (Set) tuple42._2(), (Set) tuple42._3(), (Set) tuple42._4());
        Set set4 = (Set) tuple43._1();
        Set set5 = (Set) tuple43._2();
        Set set6 = (Set) tuple43._3();
        Set set7 = (Set) tuple43._4();
        Set set8 = (Set) set5.$minus$minus(set7);
        return new Tuple3<>((Set) set4.$plus$plus(set8).$minus$minus(set6), set8, BoxesRunTime.boxToBoolean((set.exists(str2 -> {
            return BoxesRunTime.boxToBoolean(set4.contains(str2));
        }) && set.forall(str3 -> {
            return BoxesRunTime.boxToBoolean($anonfun$roles$2(set6, str3));
        })) || (set.exists(str4 -> {
            return BoxesRunTime.boxToBoolean(set5.contains(str4));
        }) && set.forall(str5 -> {
            return BoxesRunTime.boxToBoolean($anonfun$roles$4(set7, set6, str5));
        }))));
    }

    public Tuple2<ListValue, ListValue> roleValues(Set<String> set, Set<String> set2) {
        return new Tuple2<>(VirtualValues.fromList((List) JavaConverters$.MODULE$.seqAsJavaListConverter((scala.collection.immutable.List) ((scala.collection.immutable.List) set.toList().sorted(Ordering$String$.MODULE$)).map(str -> {
            return Values.stringValue(str);
        }, List$.MODULE$.canBuildFrom())).asJava()), VirtualValues.fromList((List) JavaConverters$.MODULE$.seqAsJavaListConverter((scala.collection.immutable.List) ((scala.collection.immutable.List) set2.toList().sorted(Ordering$String$.MODULE$)).map(str2 -> {
            return Values.stringValue(str2);
        }, List$.MODULE$.canBuildFrom())).asJava()));
    }

    public static final /* synthetic */ boolean $anonfun$roles$2(Set set, String str) {
        return !set.contains(str);
    }

    public static final /* synthetic */ boolean $anonfun$roles$4(Set set, Set set2, String str) {
        return (set.contains(str) || set2.contains(str)) ? false : true;
    }

    private ShowProcFuncCommandHelper$() {
        MODULE$ = this;
    }
}
