uoa-repository-manager-service/src/main/java/eu/dnetlib/repo/manager/service/security/AaiRoleMappingService.java

package eu.dnetlib.repo.manager.service.security;

import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Service;

import java.net.URLEncoder;
import java.util.Collection;
import java.util.Objects;
import java.util.stream.Collectors;

@Service("roleMappingService")
public class AaiRoleMappingService implements RoleMappingService {

    private static final Logger logger = Logger.getLogger(AaiRoleMappingService.class);

    @Value("${services.provide.aai.registry.production:true}")
    private boolean production;


    private String createRepoRoleName(String prefix, String repoId) {
        return prefix + "." + repoId.replace(":", "$");
    }

    @Override
    public String getRepoNameWithoutType(String fullName, String prefix) {
        if (fullName != null && prefix != null && fullName.startsWith(prefix)) {
            return fullName.substring(prefix.length());
        }
        return null;
    }

    @Override
    public String getRepoIdByRoleId(String roleId) {
        if (!roleActive(roleId)) {
            return null;
        }
        return roleId.replaceFirst(".*datasource\\.", "").replace("$", ":");
    }

    @Override
    public Collection<String> getRepoIdsByRoleIds(Collection<String> roleIds) {
        return roleIds
                .stream()
                //.filter(this::roleActive) //  implicitly executed in the next statement
                .map(this::getRepoIdByRoleId)
                .filter(Objects::nonNull)
                .collect(Collectors.toList());
    }

    @Override
    public String getRoleIdByRepoId(String repoId) {
        String roleId = "";
        String prefix = (production ? "" : "beta.") + "datasource";
        if (repoId != null) {
            roleId = createRepoRoleName(prefix, repoId);
            return roleId;
        } else {
            return null;
        }

    }

    @Override
    public Collection<String> getRoleIdsByRepoIds(Collection<String> repoIds) {
        return repoIds
                .stream()
                .map(this::getRoleIdByRepoId)
                .filter(Objects::nonNull)
                .collect(Collectors.toList());
    }

    @Override
    public String convertAuthorityIdToRepoId(String authorityId) {
        String repo = "";
        if (authorityId != null && roleActive(authorityId)) {
            repo = authorityId
                    .replaceFirst(".*datasource\\.", "")
                    .replace("$", ":")
                    .toLowerCase();
        }
        return repo;
    }

    @Override
    public String convertAuthorityToRepoId(GrantedAuthority authority) {
        return convertAuthorityIdToRepoId(authority.toString());
    }

    @Override
    public String convertRepoIdToAuthorityId(String repoId) {
        StringBuilder roleBuilder = new StringBuilder();
        String role = "";
        if (repoId != null) {
            roleBuilder.append(production ? "" : "beta.");
            roleBuilder.append("datasource.");
            roleBuilder.append(repoId.replace(":", "$"));
            role = roleBuilder.toString().replace(".", "_").toUpperCase();
        }
        return role;
    }

    @Override
    public String convertRepoIdToEncodedAuthorityId(String repoId) {
        return URLEncoder.encode(convertRepoIdToAuthorityId(repoId));
    }

    @Override
    public SimpleGrantedAuthority convertRepoIdToAuthority(String repoId) {
        String role = convertRepoIdToEncodedAuthorityId(repoId);
        return new SimpleGrantedAuthority(role);
    }

    private boolean roleActive(String roleId) {
        return (production && !roleId.toLowerCase().startsWith("beta."))
                || (!production && roleId.toLowerCase().startsWith("beta."));
    }
}