package ru.infotech24.apk23main.logic.request;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Objects;
import org.springframework.stereotype.Service;
import ru.infotech24.apk23main.domain.common.LookupObject;
import ru.infotech24.apk23main.domain.institution.ServiceRegionSecureRelation;
import ru.infotech24.apk23main.logic.request.dto.UserRequestSecurityFilter;
import ru.infotech24.apk23main.security.AppSecurityException;
import ru.infotech24.apk23main.security.aop.AppSecuredContext;
import ru.infotech24.apk23main.security.domain.User;
import ru.infotech24.apk23main.security.user.UserService;
import ru.infotech24.common.exceptions.BusinessLogicException;

@Service
/* loaded from: input_file:BOOT-INF/classes/ru/infotech24/apk23main/logic/request/UserRequestSecurityFilterApplier.class */
public class UserRequestSecurityFilterApplier {
    private final UserService userService;
    private final AppSecuredContext securedContext;

    public UserRequestSecurityFilterApplier(UserService userService, AppSecuredContext appSecuredContext) {
        this.userService = userService;
        this.securedContext = appSecuredContext;
    }

    public AppSecuredContext.UserScopeFilter applySecurityFilters(UserRequestSecurityFilter userRequestSecurityFilter, boolean z) throws AppSecurityException {
        ArrayList arrayList;
        AppSecuredContext.UserScopeFilter calculateUserScopeFilter = this.securedContext.calculateUserScopeFilter();
        if (userRequestSecurityFilter.getInstitutionId() == null) {
            userRequestSecurityFilter.setInstitutionId(calculateUserScopeFilter.getRelatedInstitutionIdFilter());
        } else if (calculateUserScopeFilter.getRelatedInstitutionIdFilter() != null && !Objects.equals(userRequestSecurityFilter.getInstitutionId(), calculateUserScopeFilter.getRelatedInstitutionIdFilter())) {
            throw new AppSecurityException();
        }
        if ((this.userService.getCurrentUser() == null || this.securedContext.hasMetaRights(50, LookupObject.META_CODE_SECURE_REGION_RELATED, Integer.valueOf(ServiceRegionSecureRelation.NOMATTER.getValue()), null, null, null, null)) ? false : true) {
            User currentUser = this.userService.getCurrentUser();
            if (currentUser.getServiceRegionIds() == null || currentUser.getServiceRegionIds().isEmpty()) {
                throw new BusinessLogicException(null, "У организации #%s не заполнен перечень регионов", currentUser.getInstitutionId());
            }
            if (userRequestSecurityFilter.getRequestRegionIds() == null || userRequestSecurityFilter.getRequestRegionIds().isEmpty()) {
                arrayList = new ArrayList(currentUser.getServiceRegionIds());
            } else {
                HashSet hashSet = new HashSet(userRequestSecurityFilter.getRequestRegionIds());
                HashSet hashSet2 = new HashSet(currentUser.getServiceRegionIds());
                hashSet2.removeIf(num -> {
                    return !hashSet.contains(num);
                });
                arrayList = new ArrayList(hashSet2);
            }
            if (z) {
                userRequestSecurityFilter.setInstitutionRegionIds(arrayList);
            } else {
                userRequestSecurityFilter.setRequestRegionIds(arrayList);
            }
        }
        return calculateUserScopeFilter;
    }
}
