package io.phasetwo.service.resource;

import io.phasetwo.service.model.OrganizationModel;
import jakarta.ws.rs.ForbiddenException;
import org.jboss.logging.Logger;
import org.keycloak.services.resources.admin.AdminAuth;
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
import org.keycloak.services.resources.admin.permissions.ClientPermissionEvaluator;
import org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluator;
import org.keycloak.services.resources.admin.permissions.RealmPermissionEvaluator;
import org.keycloak.services.resources.admin.permissions.RolePermissionEvaluator;
import org.keycloak.services.resources.admin.permissions.UserPermissionEvaluator;

/* loaded from: input_file:io/phasetwo/service/resource/OrganizationAdminPermissionEvaluator.class */
public class OrganizationAdminPermissionEvaluator implements AdminPermissionEvaluator {
    private static final Logger log = Logger.getLogger(OrganizationAdminPermissionEvaluator.class);
    private final AdminPermissionEvaluator permissions;
    private final OrganizationAdminAuth auth;
    private final OrganizationModel organization;

    public OrganizationAdminPermissionEvaluator(OrganizationModel organizationModel, OrganizationAdminAuth organizationAdminAuth, AdminPermissionEvaluator adminPermissionEvaluator) {
        this.organization = organizationModel;
        this.auth = organizationAdminAuth;
        this.permissions = adminPermissionEvaluator;
    }

    public AdminAuth adminAuth() {
        return this.permissions.adminAuth();
    }

    public void requireAnyAdminRole() {
        this.permissions.requireAnyAdminRole();
    }

    public ClientPermissionEvaluator clients() {
        return this.permissions.clients();
    }

    public GroupPermissionEvaluator groups() {
        return this.permissions.groups();
    }

    public RealmPermissionEvaluator realm() {
        final RealmPermissionEvaluator realm = this.permissions.realm();
        return new RealmPermissionEvaluator() { // from class: io.phasetwo.service.resource.OrganizationAdminPermissionEvaluator.1
            public boolean canListRealms() {
                return realm.canListRealms();
            }

            public boolean canManageAuthorization() {
                return realm.canManageAuthorization();
            }

            public boolean canManageEvents() {
                return realm.canManageEvents();
            }

            public boolean canManageIdentityProviders() {
                OrganizationAdminPermissionEvaluator.log.debugf("canManageIdentityProviders %b", Boolean.valueOf(realm.canManageIdentityProviders() || OrganizationAdminPermissionEvaluator.this.auth.hasOrgManageIdentityProviders(OrganizationAdminPermissionEvaluator.this.organization)));
                return realm.canManageIdentityProviders() || OrganizationAdminPermissionEvaluator.this.auth.hasOrgManageIdentityProviders(OrganizationAdminPermissionEvaluator.this.organization);
            }

            public boolean canManageRealm() {
                return realm.canManageRealm();
            }

            public boolean canViewAuthorization() {
                return realm.canViewAuthorization();
            }

            public boolean canViewEvents() {
                return realm.canViewEvents();
            }

            public boolean canViewIdentityProviders() {
                OrganizationAdminPermissionEvaluator.log.debugf("canViewIdentityProviders %b", Boolean.valueOf(realm.canViewIdentityProviders() || OrganizationAdminPermissionEvaluator.this.auth.hasOrgViewIdentityProviders(OrganizationAdminPermissionEvaluator.this.organization)));
                return realm.canViewIdentityProviders() || OrganizationAdminPermissionEvaluator.this.auth.hasOrgViewIdentityProviders(OrganizationAdminPermissionEvaluator.this.organization);
            }

            public boolean canViewRealm() {
                return realm.canViewRealm();
            }

            public void requireManageAuthorization() {
                realm.requireManageAuthorization();
            }

            public void requireManageEvents() {
                realm.requireManageEvents();
            }

            public void requireManageIdentityProviders() {
                if (!canManageIdentityProviders()) {
                    throw new ForbiddenException();
                }
            }

            public void requireManageRealm() {
                realm.requireManageRealm();
            }

            public void requireViewAuthenticationFlows() {
                realm.requireViewAuthenticationFlows();
            }

            public void requireViewAuthorization() {
                realm.requireViewAuthorization();
            }

            public void requireViewClientAuthenticatorProviders() {
                realm.requireViewClientAuthenticatorProviders();
            }

            public void requireViewEvents() {
                realm.requireViewEvents();
            }

            public void requireViewIdentityProviders() {
                if (!canViewIdentityProviders()) {
                    throw new ForbiddenException();
                }
            }

            public void requireViewRealm() {
                realm.requireViewRealm();
            }

            public void requireViewRealmNameList() {
                realm.requireViewRealmNameList();
            }

            public void requireViewRequiredActions() {
                realm.requireViewRequiredActions();
            }
        };
    }

    public RolePermissionEvaluator roles() {
        return this.permissions.roles();
    }

    public UserPermissionEvaluator users() {
        return this.permissions.users();
    }
}
