package org.dataone.client.types;

import java.util.Arrays;
import java.util.List;
import java.util.Set;
import org.dataone.service.types.v1.AccessPolicy;
import org.dataone.service.types.v1.AccessRule;
import org.dataone.service.types.v1.Permission;
import org.dataone.service.types.v1.Subject;
import org.dataone.service.types.v1.util.AccessUtil;
import org.dataone.service.types.v1.util.AuthUtils;

/* loaded from: input_file:org/dataone/client/types/AccessPolicyEditor.class */
public class AccessPolicyEditor implements Cloneable {
    private AccessPolicy policy;

    public AccessPolicyEditor(AccessPolicy accessPolicy) {
        if (accessPolicy == null) {
            this.policy = new AccessPolicy();
        } else {
            this.policy = accessPolicy;
        }
    }

    public AccessPolicy getAccessPolicy() {
        return this.policy;
    }

    public void addAccess(Subject[] subjectArr, Permission permission) {
        AccessRule accessRule = null;
        for (Subject subject : subjectArr) {
            Set<Permission> set = AccessUtil.getPermissionMap(this.policy).get(subject);
            if (set == null) {
                if (accessRule == null) {
                    accessRule = new AccessRule();
                    accessRule.addPermission(permission);
                }
                accessRule.addSubject(subject);
            } else if (!AuthUtils.comparePermissions(permission, set)) {
                removeAccess(new Subject[]{subject});
                accessRule.addSubject(subject);
            }
        }
        this.policy.addAllow(accessRule);
    }

    public boolean removeAccess(Subject[] subjectArr) {
        List asList = Arrays.asList(subjectArr);
        boolean z = false;
        for (int i = 0; i < this.policy.sizeAllowList(); i++) {
            AccessRule allow = this.policy.getAllow(i);
            if (allow.getSubjectList().removeAll(asList)) {
                z = true;
                if (allow.getSubjectList().isEmpty()) {
                    this.policy.getAllowList().remove(i);
                }
            }
        }
        return z;
    }

    public void setAccess(Subject[] subjectArr, Permission permission) {
        removeAccess(subjectArr);
        this.policy.addAllow(AccessUtil.createAccessRule(subjectArr, new Permission[]{permission}));
    }

    public void clearAccessPolicy() {
        this.policy.clearAllowList();
    }

    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public AccessPolicy m2410clone() {
        return AccessUtil.cloneAccessPolicy(this.policy);
    }

    public boolean hasAccess(Subject subject, Permission permission) {
        return AuthUtils.comparePermissions(permission, AccessUtil.getPermissionMap(this.policy).get(subject));
    }

    public void setPublicAccess() {
        Subject subject = new Subject();
        subject.setValue("public");
        if (hasAccess(subject, Permission.READ)) {
            return;
        }
        AccessRule accessRule = new AccessRule();
        accessRule.addSubject(subject);
        accessRule.addPermission(Permission.READ);
        this.policy.addAllow(accessRule);
    }
}
