package io.confluent.rbacperf;

import io.confluent.rbacapi.entities.MdsScope;
import io.confluent.rbacapi.entities.ResourcesRequest;
import io.confluent.rbacapi.retrofit.v1.V1RbacRestApi;
import io.confluent.rbacperf.ClusterPod;
import io.confluent.rbacperf.RoleBindingTemplate;
import io.confluent.rbacperf.World;
import io.confluent.security.authorizer.ResourcePattern;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import org.apache.kafka.common.resource.PatternType;

/* loaded from: input_file:io/confluent/rbacperf/DefaultMdsPopulator.class */
public class DefaultMdsPopulator implements MdsPopulator {
    private V1RbacRestApi userAdminClient;
    private boolean flattenGroups;
    private boolean flattenResourceBuckets;
    private int roleBindingCount = 0;

    public DefaultMdsPopulator(V1RbacRestApi v1RbacRestApi, boolean z, boolean z2) {
        this.userAdminClient = v1RbacRestApi;
        this.flattenGroups = z;
        this.flattenResourceBuckets = z2;
    }

    public void addRole(RoleBindingTemplate.Grantee grantee, World.Role role, RoleBindingTemplate.Grantable grantable) throws IOException {
        if (!this.flattenGroups) {
            addRoleToIndividualPrincipal("Group:" + grantee.getName(), role, grantable);
            return;
        }
        Iterator it = grantee.getUsers().iterator();
        while (it.hasNext()) {
            addRoleToIndividualPrincipal(String.format("User:%s", (String) it.next()), role, grantable);
        }
    }

    public int getRoleBindingCount() {
        return this.roleBindingCount;
    }

    private void addRoleToIndividualPrincipal(String str, World.Role role, RoleBindingTemplate.Grantable grantable) throws IOException {
        String role2 = role.toString();
        if (grantable instanceof ClusterPod.Cluster) {
            this.userAdminClient.addClusterRoleForPrincipal(str, role2, ((ClusterPod.Cluster) grantable).getScope()).execute();
            this.roleBindingCount++;
            return;
        }
        MdsScope scope = ((ClusterPod.ResourceBucket) grantable).getCluster().getScope();
        ClusterPod.ResourceBucket resourceBucket = (ClusterPod.ResourceBucket) grantable;
        ArrayList arrayList = new ArrayList();
        for (String str2 : resourceBucket.getResourceTypes()) {
            if (this.flattenResourceBuckets) {
                Iterator it = resourceBucket.getResourcesOfType(str2).iterator();
                while (it.hasNext()) {
                    arrayList.add(new ResourcePattern(str2, (String) it.next(), PatternType.LITERAL));
                }
            } else {
                arrayList.add(new ResourcePattern(str2, resourceBucket.getName(), PatternType.PREFIXED));
            }
        }
        if (arrayList.isEmpty()) {
            return;
        }
        this.userAdminClient.addRoleResourcesForPrincipal(str, role2, new ResourcesRequest(scope, arrayList)).execute();
        this.roleBindingCount += arrayList.size();
    }
}
