ffsaf-site/src/main/java/fr/titionfire/ffsaf/domain/service/CompetPermService.java

package fr.titionfire.ffsaf.domain.service;

import fr.titionfire.ffsaf.data.model.CompetitionModel;
import fr.titionfire.ffsaf.data.repository.CompetitionRepository;
import fr.titionfire.ffsaf.net2.ServerCustom;
import fr.titionfire.ffsaf.net2.data.SimpleCompet;
import fr.titionfire.ffsaf.net2.request.SReqCompet;
import fr.titionfire.ffsaf.rest.exception.DForbiddenException;
import fr.titionfire.ffsaf.utils.CompetitionSystem;
import fr.titionfire.ffsaf.utils.SecurityCtx;
import io.quarkus.cache.Cache;
import io.quarkus.cache.CacheName;
import io.smallrye.mutiny.Uni;
import io.smallrye.mutiny.unchecked.Unchecked;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;

import java.util.HashMap;
import java.util.UUID;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;

@ApplicationScoped
public class CompetPermService {

    @Inject
    ServerCustom serverCustom;

    @Inject
    @CacheName("safca-config")
    Cache cache;

    @Inject
    @CacheName("safca-have-access")
    Cache cacheAccess;

    @Inject
    CompetitionRepository competitionRepository;

    public Uni<SimpleCompet> getSafcaConfig(long id) {
        return cache.get(id, k -> {
            CompletableFuture<SimpleCompet> f = new CompletableFuture<>();
            SReqCompet.getConfig(serverCustom.clients, id, f);
            System.out.println("get config");
            try {
                return f.get(1500, TimeUnit.MILLISECONDS);
            } catch (InterruptedException | ExecutionException | TimeoutException e) {
                throw new RuntimeException(e);
            }
        });
    }

    public Uni<HashMap<Long, String>> getAllHaveAccess(String subject) {
        return cacheAccess.get(subject, k -> {
            CompletableFuture<HashMap<Long, String>> f = new CompletableFuture<>();
            SReqCompet.getAllHaveAccess(serverCustom.clients, subject, f);
            System.out.println("get all have access");
            try {
                return f.get(1500, TimeUnit.MILLISECONDS);
            } catch (InterruptedException | ExecutionException | TimeoutException e) {
                throw new RuntimeException(e);
            }
        });
    }

    public Uni<CompetitionModel> hasViewPerm(SecurityCtx securityCtx, CompetitionModel competitionModel) {
        return hasViewPerm(securityCtx, Uni.createFrom().item(competitionModel));
    }

    public Uni<CompetitionModel> hasViewPerm(SecurityCtx securityCtx, long id) {
        return hasViewPerm(securityCtx, competitionRepository.findById(id));
    }

    private Uni<CompetitionModel> hasViewPerm(SecurityCtx securityCtx, Uni<CompetitionModel> in) {
        return in.call(o -> (
                securityCtx.getSubject().equals(o.getOwner()) || securityCtx.roleHas("federation_admin")) ?
                Uni.createFrom().nullItem()
                :
                o.getSystem() == CompetitionSystem.SAFCA ?
                        hasSafcaViewPerm(securityCtx, o.getId())
                        : Uni.createFrom().nullItem().invoke(Unchecked.consumer(__ -> {
                            if (!securityCtx.isInClubGroup(o.getClub().getId()))
                                throw new DForbiddenException();
                        })
                ));
    }

    public Uni<CompetitionModel> hasEditPerm(SecurityCtx securityCtx, CompetitionModel competitionModel) {
        return hasEditPerm(securityCtx, Uni.createFrom().item(competitionModel));
    }

    public Uni<CompetitionModel> hasEditPerm(SecurityCtx securityCtx, long id) {
        return hasEditPerm(securityCtx, competitionRepository.findById(id));
    }

    public Uni<CompetitionModel> hasEditPerm(SecurityCtx securityCtx, Uni<CompetitionModel> in) {
        return in.call(o -> (
                securityCtx.getSubject().equals(o.getOwner()) || securityCtx.roleHas("federation_admin")) ?
                Uni.createFrom().nullItem()
                :
                o.getSystem() == CompetitionSystem.SAFCA ?
                        hasSafcaEditPerm(securityCtx, o.getId())
                        : Uni.createFrom().nullItem().invoke(Unchecked.consumer(__ -> {
                            if (!securityCtx.isInClubGroup(o.getClub().getId()))
                                throw new DForbiddenException();
                        })
                ));
    }

    private Uni<?> hasSafcaViewPerm(SecurityCtx securityCtx, long id) {
        return securityCtx.roleHas("safca_super_admin") ?
                Uni.createFrom().nullItem()
                :
                getSafcaConfig(id).chain(Unchecked.function(o -> {
                    if (!o.admin().contains(UUID.fromString(securityCtx.getSubject())) && !o.table()
                            .contains(UUID.fromString(securityCtx.getSubject())))
                        throw new DForbiddenException();
                    return Uni.createFrom().nullItem();
                }));
    }

    private Uni<?> hasSafcaEditPerm(SecurityCtx securityCtx, long id) {
        return securityCtx.roleHas("safca_super_admin") ?
                Uni.createFrom().nullItem()
                :
                getSafcaConfig(id).chain(Unchecked.function(o -> {
                    if (!o.admin().contains(UUID.fromString(securityCtx.getSubject())))
                        throw new DForbiddenException();
                    return Uni.createFrom().nullItem();
                }));
    }
}