package ca.uhn.fhir.storage.interceptor.balp;

import ca.uhn.fhir.context.FhirContext;
import ca.uhn.fhir.context.RuntimeResourceDefinition;
import ca.uhn.fhir.interceptor.api.Hook;
import ca.uhn.fhir.interceptor.api.Pointcut;
import ca.uhn.fhir.rest.api.RestOperationTypeEnum;
import ca.uhn.fhir.rest.api.server.IPreResourceShowDetails;
import ca.uhn.fhir.rest.server.servlet.ServletRequestDetails;
import ca.uhn.fhir.util.UrlUtil;
import jakarta.annotation.Nonnull;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.TreeSet;
import java.util.stream.Stream;
import org.apache.commons.lang3.Validate;
import org.hl7.fhir.instance.model.api.IBaseResource;
import org.hl7.fhir.r4.model.AuditEvent;

/* loaded from: input_file:ca/uhn/fhir/storage/interceptor/balp/BalpAuditCaptureInterceptor.class */
public class BalpAuditCaptureInterceptor {
    private final IBalpAuditEventSink myAuditEventSink;
    private final IBalpAuditContextServices myContextServices;
    private Set<String> myAdditionalPatientCompartmentParamNames;

    /* renamed from: ca.uhn.fhir.storage.interceptor.balp.BalpAuditCaptureInterceptor$1, reason: invalid class name */
    /* loaded from: input_file:ca/uhn/fhir/storage/interceptor/balp/BalpAuditCaptureInterceptor$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$ca$uhn$fhir$rest$api$RestOperationTypeEnum = new int[RestOperationTypeEnum.values().length];

        static {
            try {
                $SwitchMap$ca$uhn$fhir$rest$api$RestOperationTypeEnum[RestOperationTypeEnum.SEARCH_TYPE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$ca$uhn$fhir$rest$api$RestOperationTypeEnum[RestOperationTypeEnum.SEARCH_SYSTEM.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$ca$uhn$fhir$rest$api$RestOperationTypeEnum[RestOperationTypeEnum.GET_PAGE.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$ca$uhn$fhir$rest$api$RestOperationTypeEnum[RestOperationTypeEnum.READ.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$ca$uhn$fhir$rest$api$RestOperationTypeEnum[RestOperationTypeEnum.VREAD.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    public BalpAuditCaptureInterceptor(@Nonnull IBalpAuditEventSink iBalpAuditEventSink, @Nonnull IBalpAuditContextServices iBalpAuditContextServices) {
        Validate.notNull(iBalpAuditEventSink);
        Validate.notNull(iBalpAuditContextServices);
        this.myAuditEventSink = iBalpAuditEventSink;
        this.myContextServices = iBalpAuditContextServices;
    }

    private static void addEntityPatient(AuditEvent auditEvent, String str) {
        AuditEvent.AuditEventEntityComponent addEntity = auditEvent.addEntity();
        addEntity.getType().setSystem(BalpConstants.CS_AUDIT_ENTITY_TYPE).setCode("1").setDisplay(BalpConstants.CS_AUDIT_ENTITY_TYPE_1_PERSON_DISPLAY);
        addEntity.getRole().setSystem(BalpConstants.CS_OBJECT_ROLE).setCode("1").setDisplay(BalpConstants.CS_OBJECT_ROLE_1_PATIENT_DISPLAY);
        addEntity.getWhat().setReference(str);
    }

    private static void addEntityData(AuditEvent auditEvent, String str) {
        AuditEvent.AuditEventEntityComponent addEntity = auditEvent.addEntity();
        addEntity.getType().setSystem(BalpConstants.CS_AUDIT_ENTITY_TYPE).setCode(BalpConstants.CS_AUDIT_ENTITY_TYPE_2_SYSTEM_OBJECT).setDisplay(BalpConstants.CS_AUDIT_ENTITY_TYPE_2_SYSTEM_OBJECT_DISPLAY);
        addEntity.getRole().setSystem(BalpConstants.CS_OBJECT_ROLE).setCode(BalpConstants.CS_OBJECT_ROLE_4_DOMAIN_RESOURCE).setDisplay(BalpConstants.CS_OBJECT_ROLE_4_DOMAIN_RESOURCE_DISPLAY);
        addEntity.getWhat().setReference(str);
    }

    public void setAdditionalPatientCompartmentParamNames(Set<String> set) {
        this.myAdditionalPatientCompartmentParamNames = set;
    }

    @Hook(Pointcut.STORAGE_PRESHOW_RESOURCES)
    void hookStoragePreShowResources(IPreResourceShowDetails iPreResourceShowDetails, ServletRequestDetails servletRequestDetails) {
        switch (AnonymousClass1.$SwitchMap$ca$uhn$fhir$rest$api$RestOperationTypeEnum[servletRequestDetails.getRestOperationType().ordinal()]) {
            case 1:
            case 2:
            case 3:
                handleSearch(iPreResourceShowDetails, servletRequestDetails);
                return;
            case 4:
            case 5:
                handleReadOrVRead(iPreResourceShowDetails, servletRequestDetails);
                return;
            default:
                return;
        }
    }

    @Hook(Pointcut.STORAGE_PRECOMMIT_RESOURCE_CREATED)
    public void hookStoragePrecommitResourceCreated(IBaseResource iBaseResource, ServletRequestDetails servletRequestDetails) {
        handleCreateUpdateDelete(iBaseResource, servletRequestDetails, BalpProfileEnum.BASIC_CREATE, BalpProfileEnum.PATIENT_CREATE);
    }

    @Hook(Pointcut.STORAGE_PRECOMMIT_RESOURCE_DELETED)
    public void hookStoragePrecommitResourceDeleted(IBaseResource iBaseResource, ServletRequestDetails servletRequestDetails) {
        handleCreateUpdateDelete(iBaseResource, servletRequestDetails, BalpProfileEnum.BASIC_DELETE, BalpProfileEnum.PATIENT_DELETE);
    }

    @Hook(Pointcut.STORAGE_PRECOMMIT_RESOURCE_UPDATED)
    public void hookStoragePrecommitResourceUpdated(IBaseResource iBaseResource, IBaseResource iBaseResource2, ServletRequestDetails servletRequestDetails) {
        handleCreateUpdateDelete(iBaseResource2, servletRequestDetails, BalpProfileEnum.BASIC_UPDATE, BalpProfileEnum.PATIENT_UPDATE);
    }

    private void handleCreateUpdateDelete(IBaseResource iBaseResource, ServletRequestDetails servletRequestDetails, BalpProfileEnum balpProfileEnum, BalpProfileEnum balpProfileEnum2) {
        Set<String> determinePatientCompartmentOwnersForResources = determinePatientCompartmentOwnersForResources(List.of(iBaseResource), servletRequestDetails);
        if (determinePatientCompartmentOwnersForResources.isEmpty()) {
            this.myAuditEventSink.recordAuditEvent(createAuditEventBasicCreateUpdateDelete(servletRequestDetails, iBaseResource, balpProfileEnum));
        } else {
            this.myAuditEventSink.recordAuditEvent(createAuditEventPatientCreateUpdateDelete(servletRequestDetails, iBaseResource, determinePatientCompartmentOwnersForResources, balpProfileEnum2));
        }
    }

    private void handleReadOrVRead(IPreResourceShowDetails iPreResourceShowDetails, ServletRequestDetails servletRequestDetails) {
        Validate.isTrue(iPreResourceShowDetails.size() == 1, "Unexpected number of results for read: %d", iPreResourceShowDetails.size());
        IBaseResource resource = iPreResourceShowDetails.getResource(0);
        if (resource != null) {
            String massageResourceIdForStorage = this.myContextServices.massageResourceIdForStorage(servletRequestDetails, resource, resource.getIdElement());
            Set<String> determinePatientCompartmentOwnersForResources = determinePatientCompartmentOwnersForResources(List.of(resource), servletRequestDetails);
            Iterator<String> it = determinePatientCompartmentOwnersForResources.iterator();
            while (it.hasNext()) {
                this.myAuditEventSink.recordAuditEvent(createAuditEventPatientRead(servletRequestDetails, massageResourceIdForStorage, it.next()));
            }
            if (determinePatientCompartmentOwnersForResources.isEmpty()) {
                this.myAuditEventSink.recordAuditEvent(createAuditEventBasicRead(servletRequestDetails, massageResourceIdForStorage));
            }
        }
    }

    private void handleSearch(IPreResourceShowDetails iPreResourceShowDetails, ServletRequestDetails servletRequestDetails) {
        Set<String> determinePatientCompartmentOwnersForResources = determinePatientCompartmentOwnersForResources(iPreResourceShowDetails.getAllResources(), servletRequestDetails);
        if (determinePatientCompartmentOwnersForResources.isEmpty()) {
            this.myAuditEventSink.recordAuditEvent(createAuditEventBasicQuery(servletRequestDetails));
        } else {
            this.myAuditEventSink.recordAuditEvent(createAuditEventPatientQuery(servletRequestDetails, determinePatientCompartmentOwnersForResources));
        }
    }

    @Nonnull
    private Set<String> determinePatientCompartmentOwnersForResources(List<IBaseResource> list, ServletRequestDetails servletRequestDetails) {
        TreeSet treeSet = new TreeSet();
        FhirContext fhirContext = servletRequestDetails.getFhirContext();
        for (IBaseResource iBaseResource : list) {
            RuntimeResourceDefinition resourceDefinition = fhirContext.getResourceDefinition(iBaseResource);
            if (resourceDefinition.getName().equals(BalpConstants.CS_OBJECT_ROLE_1_PATIENT_DISPLAY)) {
                treeSet.add(this.myContextServices.massageResourceIdForStorage(servletRequestDetails, iBaseResource, iBaseResource.getIdElement()));
            } else if (!resourceDefinition.getSearchParamsForCompartmentName(BalpConstants.CS_OBJECT_ROLE_1_PATIENT_DISPLAY).isEmpty()) {
                Stream map = fhirContext.newTerser().getCompartmentOwnersForResource(BalpConstants.CS_OBJECT_ROLE_1_PATIENT_DISPLAY, iBaseResource, this.myAdditionalPatientCompartmentParamNames).stream().map(iIdType -> {
                    return this.myContextServices.massageResourceIdForStorage(servletRequestDetails, iBaseResource, iIdType);
                });
                Objects.requireNonNull(treeSet);
                map.forEach((v1) -> {
                    r1.add(v1);
                });
            }
        }
        return treeSet;
    }

    @Nonnull
    private AuditEvent createAuditEventCommonCreate(ServletRequestDetails servletRequestDetails, IBaseResource iBaseResource, BalpProfileEnum balpProfileEnum) {
        AuditEvent createAuditEventCommon = createAuditEventCommon(servletRequestDetails, balpProfileEnum);
        addEntityData(createAuditEventCommon, this.myContextServices.massageResourceIdForStorage(servletRequestDetails, iBaseResource, iBaseResource.getIdElement()));
        return createAuditEventCommon;
    }

    @Nonnull
    private AuditEvent createAuditEventBasicCreateUpdateDelete(ServletRequestDetails servletRequestDetails, IBaseResource iBaseResource, BalpProfileEnum balpProfileEnum) {
        return createAuditEventCommonCreate(servletRequestDetails, iBaseResource, balpProfileEnum);
    }

    @Nonnull
    private AuditEvent createAuditEventBasicQuery(ServletRequestDetails servletRequestDetails) {
        return createAuditEventCommonQuery(servletRequestDetails, BalpProfileEnum.BASIC_QUERY);
    }

    @Nonnull
    private AuditEvent createAuditEventBasicRead(ServletRequestDetails servletRequestDetails, String str) {
        return createAuditEventCommonRead(servletRequestDetails, str, BalpProfileEnum.BASIC_READ);
    }

    @Nonnull
    private AuditEvent createAuditEventPatientCreateUpdateDelete(ServletRequestDetails servletRequestDetails, IBaseResource iBaseResource, Set<String> set, BalpProfileEnum balpProfileEnum) {
        AuditEvent createAuditEventCommonCreate = createAuditEventCommonCreate(servletRequestDetails, iBaseResource, balpProfileEnum);
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            addEntityPatient(createAuditEventCommonCreate, it.next());
        }
        return createAuditEventCommonCreate;
    }

    @Nonnull
    private AuditEvent createAuditEventPatientQuery(ServletRequestDetails servletRequestDetails, Set<String> set) {
        AuditEvent createAuditEventCommonQuery = createAuditEventCommonQuery(servletRequestDetails, BalpProfileEnum.PATIENT_QUERY);
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            addEntityPatient(createAuditEventCommonQuery, it.next());
        }
        return createAuditEventCommonQuery;
    }

    @Nonnull
    private AuditEvent createAuditEventPatientRead(ServletRequestDetails servletRequestDetails, String str, String str2) {
        AuditEvent createAuditEventCommonRead = createAuditEventCommonRead(servletRequestDetails, str, BalpProfileEnum.PATIENT_READ);
        addEntityPatient(createAuditEventCommonRead, str2);
        return createAuditEventCommonRead;
    }

    @Nonnull
    private AuditEvent createAuditEventCommon(ServletRequestDetails servletRequestDetails, BalpProfileEnum balpProfileEnum) {
        RestOperationTypeEnum restOperationType = servletRequestDetails.getRestOperationType();
        if (restOperationType == RestOperationTypeEnum.GET_PAGE) {
            restOperationType = RestOperationTypeEnum.SEARCH_TYPE;
        }
        AuditEvent auditEvent = new AuditEvent();
        auditEvent.getMeta().addProfile(balpProfileEnum.getProfileUrl());
        auditEvent.getType().setSystem(BalpConstants.CS_AUDIT_EVENT_TYPE).setCode("rest").setDisplay("Restful Operation");
        auditEvent.addSubtype().setSystem(BalpConstants.CS_RESTFUL_INTERACTION).setCode(restOperationType.getCode()).setDisplay(restOperationType.getCode());
        auditEvent.setAction(balpProfileEnum.getAction());
        auditEvent.setOutcome(AuditEvent.AuditEventOutcome._0);
        auditEvent.setRecorded(new Date());
        auditEvent.getSource().getObserver().setDisplay(servletRequestDetails.getFhirServerBase());
        AuditEvent.AuditEventAgentComponent addAgent = auditEvent.addAgent();
        addAgent.setWho(this.myContextServices.getAgentClientWho(servletRequestDetails));
        addAgent.getType().addCoding(balpProfileEnum.getAgentClientTypeCoding());
        addAgent.getWho().setDisplay(this.myContextServices.getNetworkAddress(servletRequestDetails));
        addAgent.getNetwork().setAddress(this.myContextServices.getNetworkAddress(servletRequestDetails)).setType(this.myContextServices.getNetworkAddressType(servletRequestDetails));
        addAgent.setRequestor(false);
        AuditEvent.AuditEventAgentComponent addAgent2 = auditEvent.addAgent();
        addAgent2.getType().addCoding(balpProfileEnum.getAgentServerTypeCoding());
        addAgent2.getWho().setDisplay(servletRequestDetails.getFhirServerBase());
        addAgent2.getNetwork().setAddress(servletRequestDetails.getFhirServerBase());
        addAgent2.setRequestor(false);
        AuditEvent.AuditEventAgentComponent addAgent3 = auditEvent.addAgent();
        addAgent3.getType().addCoding().setSystem("http://terminology.hl7.org/CodeSystem/v3-ParticipationType").setCode("IRCP").setDisplay("information recipient");
        addAgent3.setWho(this.myContextServices.getAgentUserWho(servletRequestDetails));
        addAgent3.setRequestor(true);
        AuditEvent.AuditEventEntityComponent addEntity = auditEvent.addEntity();
        addEntity.getType().setSystem("https://profiles.ihe.net/ITI/BALP/CodeSystem/BasicAuditEntityType").setCode("XrequestId");
        addEntity.getWhat().getIdentifier().setValue(servletRequestDetails.getRequestId());
        return auditEvent;
    }

    @Nonnull
    private AuditEvent createAuditEventCommonQuery(ServletRequestDetails servletRequestDetails, BalpProfileEnum balpProfileEnum) {
        AuditEvent createAuditEventCommon = createAuditEventCommon(servletRequestDetails, balpProfileEnum);
        AuditEvent.AuditEventEntityComponent addEntity = createAuditEventCommon.addEntity();
        addEntity.getType().setSystem(BalpConstants.CS_AUDIT_ENTITY_TYPE).setCode(BalpConstants.CS_AUDIT_ENTITY_TYPE_2_SYSTEM_OBJECT).setDisplay(BalpConstants.CS_AUDIT_ENTITY_TYPE_2_SYSTEM_OBJECT_DISPLAY);
        addEntity.getRole().setSystem(BalpConstants.CS_OBJECT_ROLE).setCode(BalpConstants.CS_OBJECT_ROLE_24_QUERY).setDisplay("Query");
        addEntity.setDescription(servletRequestDetails.getRequestType().name() + " " + servletRequestDetails.getCompleteUrl());
        StringBuilder sb = new StringBuilder();
        sb.append(servletRequestDetails.getFhirServerBase());
        sb.append("/");
        sb.append(servletRequestDetails.getRequestPath());
        boolean z = true;
        for (Map.Entry entry : servletRequestDetails.getParameters().entrySet()) {
            for (String str : (String[]) entry.getValue()) {
                if (z) {
                    sb.append("?");
                    z = false;
                } else {
                    sb.append("&");
                }
                sb.append(UrlUtil.escapeUrlParam((String) entry.getKey()));
                sb.append("=");
                sb.append(UrlUtil.escapeUrlParam(str));
            }
        }
        addEntity.getQueryElement().setValue(sb.toString().getBytes(StandardCharsets.UTF_8));
        return createAuditEventCommon;
    }

    @Nonnull
    private AuditEvent createAuditEventCommonRead(ServletRequestDetails servletRequestDetails, String str, BalpProfileEnum balpProfileEnum) {
        AuditEvent createAuditEventCommon = createAuditEventCommon(servletRequestDetails, balpProfileEnum);
        addEntityData(createAuditEventCommon, str);
        return createAuditEventCommon;
    }
}
