package info.novatec.micronaut.camunda.bpm.feature;

import info.novatec.micronaut.camunda.bpm.feature.Configuration;
import io.micronaut.context.annotation.Requires;
import io.micronaut.context.event.BeanCreatedEvent;
import io.micronaut.context.event.BeanCreatedEventListener;
import io.micronaut.transaction.SynchronousTransactionManager;
import java.sql.Connection;
import java.util.Optional;
import javax.inject.Singleton;
import org.camunda.bpm.engine.AuthorizationService;
import org.camunda.bpm.engine.IdentityService;
import org.camunda.bpm.engine.ProcessEngine;
import org.camunda.bpm.engine.authorization.Permissions;
import org.camunda.bpm.engine.authorization.Resource;
import org.camunda.bpm.engine.authorization.Resources;
import org.camunda.bpm.engine.identity.Group;
import org.camunda.bpm.engine.identity.User;
import org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
@Requires(property = "camunda.bpm.admin-user.id")
/* loaded from: input_file:info/novatec/micronaut/camunda/bpm/feature/AdminUserCreator.class */
public class AdminUserCreator implements BeanCreatedEventListener<ProcessEngine> {
    private static final Logger log = LoggerFactory.getLogger(AdminUserCreator.class);
    protected final Configuration.AdminUser adminUser;
    protected final SynchronousTransactionManager<Connection> transactionManager;

    public AdminUserCreator(Configuration configuration, SynchronousTransactionManager<Connection> synchronousTransactionManager) {
        this.adminUser = configuration.getAdminUser();
        this.transactionManager = synchronousTransactionManager;
    }

    public ProcessEngine onCreated(BeanCreatedEvent<ProcessEngine> beanCreatedEvent) {
        ProcessEngine processEngine = (ProcessEngine) beanCreatedEvent.getBean();
        IdentityService identityService = processEngine.getIdentityService();
        AuthorizationService authorizationService = processEngine.getAuthorizationService();
        return (ProcessEngine) this.transactionManager.executeWrite(transactionStatus -> {
            if (!userAlreadyExists(identityService, this.adminUser.getId())) {
                createUser(identityService, this.adminUser);
                if (!groupAlreadyExists(identityService, "camunda-admin")) {
                    createAdminGroup(identityService, "camunda-admin");
                }
                createGroupAuthorizations(authorizationService, "camunda-admin");
                identityService.createMembership(this.adminUser.getId(), "camunda-admin");
                log.info("Created initial Admin User: {}", this.adminUser.getId());
            }
            return processEngine;
        });
    }

    protected static boolean userAlreadyExists(IdentityService identityService, String str) {
        return identityService.createUserQuery().userId(str).singleResult() != null;
    }

    protected static boolean groupAlreadyExists(IdentityService identityService, String str) {
        return identityService.createGroupQuery().groupId(str).count() > 0;
    }

    protected static User createUser(IdentityService identityService, Configuration.AdminUser adminUser) {
        User newUser = identityService.newUser(adminUser.getId());
        newUser.setPassword(adminUser.getPassword());
        newUser.setFirstName(adminUser.getFirstname());
        newUser.setLastName(adminUser.getLastname());
        Optional<String> email = adminUser.getEmail();
        newUser.getClass();
        email.ifPresent(newUser::setEmail);
        identityService.saveUser(newUser);
        return newUser;
    }

    protected static Group createAdminGroup(IdentityService identityService, String str) {
        Group newGroup = identityService.newGroup(str);
        newGroup.setName("Camunda BPM Administrators");
        newGroup.setType("SYSTEM");
        identityService.saveGroup(newGroup);
        return newGroup;
    }

    protected static void createGroupAuthorizations(AuthorizationService authorizationService, String str) {
        for (Resource resource : Resources.values()) {
            if (authorizationService.createAuthorizationQuery().groupIdIn(new String[]{str}).resourceType(resource).resourceId("*").count() == 0) {
                AuthorizationEntity authorizationEntity = new AuthorizationEntity(1);
                authorizationEntity.setGroupId(str);
                authorizationEntity.setResource(resource);
                authorizationEntity.setResourceId("*");
                authorizationEntity.addPermission(Permissions.ALL);
                authorizationService.saveAuthorization(authorizationEntity);
            }
        }
    }

    /* renamed from: onCreated, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ Object m41onCreated(BeanCreatedEvent beanCreatedEvent) {
        return onCreated((BeanCreatedEvent<ProcessEngine>) beanCreatedEvent);
    }
}
