package org.apache.maven.archiva.security;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.io.IOUtils;
import org.apache.maven.archiva.common.ArchivaException;
import org.apache.maven.archiva.configuration.ArchivaConfiguration;
import org.apache.maven.archiva.configuration.ConfigurationNames;
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.system.check.EnvironmentCheck;
import org.codehaus.plexus.registry.Registry;
import org.codehaus.plexus.registry.RegistryListener;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/archiva-security-1.1.1.jar:org/apache/maven/archiva/security/SecurityStartup.class */
public class SecurityStartup implements RegistryListener {
    private Logger log = LoggerFactory.getLogger(SecurityStartup.class);
    private UserRepositories userRepos;
    private RBACManager rbacManager;
    private Map<String, EnvironmentCheck> checkers;
    private ArchivaConfiguration archivaConfiguration;

    @Override // org.codehaus.plexus.registry.RegistryListener
    public void afterConfigurationChange(Registry registry, String str, Object obj) {
        if (ConfigurationNames.isManagedRepositories(str)) {
            createMissingManagedRepositoryRoles(this.archivaConfiguration.getConfiguration().getManagedRepositories());
        }
    }

    public void assignRepositoryObserverToGuestUser(List<ManagedRepositoryConfiguration> list) {
        Iterator<ManagedRepositoryConfiguration> it = list.iterator();
        while (it.hasNext()) {
            String id = it.next().getId();
            try {
                UserAssignment userAssignment = this.rbacManager.userAssignmentExists(ArchivaRoleConstants.PRINCIPAL_GUEST) ? this.rbacManager.getUserAssignment(ArchivaRoleConstants.PRINCIPAL_GUEST) : this.rbacManager.createUserAssignment(ArchivaRoleConstants.PRINCIPAL_GUEST);
                userAssignment.addRoleName(ArchivaRoleConstants.toRepositoryObserverRoleName(id));
                this.rbacManager.saveUserAssignment(userAssignment);
            } catch (RbacManagerException e) {
                this.log.warn("Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName(id) + "] to " + ArchivaRoleConstants.PRINCIPAL_GUEST + " user.", (Throwable) e);
            }
        }
    }

    @Override // org.codehaus.plexus.registry.RegistryListener
    public void beforeConfigurationChange(Registry registry, String str, Object obj) {
    }

    public void createMissingManagedRepositoryRoles(List<ManagedRepositoryConfiguration> list) {
        Iterator<ManagedRepositoryConfiguration> it = list.iterator();
        while (it.hasNext()) {
            try {
                this.userRepos.createMissingRepositoryRoles(it.next().getId());
            } catch (ArchivaSecurityException e) {
                this.log.warn(e.getMessage(), (Throwable) e);
            }
        }
    }

    public void createMissingRepositoryRoles(List<String> list) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            try {
                this.userRepos.createMissingRepositoryRoles(it.next());
            } catch (ArchivaSecurityException e) {
                this.log.warn(e.getMessage(), (Throwable) e);
            }
        }
    }

    public void executeEnvironmentChecks() throws ArchivaException {
        if (this.checkers == null || CollectionUtils.isEmpty(this.checkers.values())) {
            throw new ArchivaException("Unable to initialize the Redback Security Environment, no Environment Check components found.");
        }
        ArrayList arrayList = new ArrayList();
        for (Map.Entry<String, EnvironmentCheck> entry : this.checkers.entrySet()) {
            EnvironmentCheck value = entry.getValue();
            this.log.info("Running Environment Check: " + entry.getKey());
            value.validateEnvironment(arrayList);
        }
        if (CollectionUtils.isNotEmpty(arrayList)) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("EnvironmentCheck Failure.\n");
            stringBuffer.append("======================================================================\n");
            stringBuffer.append(" ENVIRONMENT FAILURE !! \n");
            stringBuffer.append(IOUtils.LINE_SEPARATOR_UNIX);
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                stringBuffer.append((String) it.next()).append(IOUtils.LINE_SEPARATOR_UNIX);
            }
            stringBuffer.append(IOUtils.LINE_SEPARATOR_UNIX);
            stringBuffer.append("======================================================================");
            this.log.error(stringBuffer.toString());
            throw new ArchivaException("Unable to initialize Redback Security Environment, [" + arrayList.size() + "] violation(s) encountered, See log for details.");
        }
    }

    public void startup() throws ArchivaException {
        executeEnvironmentChecks();
        createMissingManagedRepositoryRoles(this.archivaConfiguration.getConfiguration().getManagedRepositories());
        this.archivaConfiguration.addChangeListener(this);
        if (this.archivaConfiguration.isDefaulted()) {
            assignRepositoryObserverToGuestUser(this.archivaConfiguration.getConfiguration().getManagedRepositories());
        }
    }
}
