package org.codehaus.plexus.redback.struts2.action.admin;

import com.opensymphony.xwork2.Action;
import edu.emory.mathcs.backport.java.util.Collections;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import org.codehaus.plexus.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
import org.codehaus.plexus.redback.rbac.Role;
import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.role.model.ModelApplication;
import org.codehaus.plexus.redback.struts2.action.AbstractUserCredentialsAction;
import org.codehaus.plexus.redback.struts2.action.AuditEvent;
import org.codehaus.plexus.redback.struts2.model.ApplicationRoleDetails;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.redback.users.UserNotFoundException;
import org.codehaus.plexus.util.StringUtils;
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import org.codehaus.redback.integration.interceptor.SecureActionException;
import org.codehaus.redback.integration.model.AdminEditUserCredentials;
import org.codehaus.redback.integration.role.RoleConstants;

/* loaded from: input_file:WEB-INF/lib/redback-struts2-integration-1.2.3.jar:org/codehaus/plexus/redback/struts2/action/admin/AssignmentsAction.class */
public class AssignmentsAction extends AbstractUserCredentialsAction {
    private RoleManager rmanager;
    private String principal;
    private AdminEditUserCredentials user;
    private List<Role> assignedRoles;
    private List<Role> availableRoles;
    private List<Role> effectivelyAssignedRoles;
    private List<String> addDSelectedRoles;
    private List<String> addNDSelectedRoles;
    private List<Role> nondynamicroles;
    private List<Role> dynamicroles;
    private List<String> NDRoles;
    private List<String> DRoles;
    private List<ApplicationRoleDetails> applicationRoleDetails = new ArrayList();

    public List<ApplicationRoleDetails> getApplicationRoleDetails() {
        return this.applicationRoleDetails;
    }

    public String show() throws RbacObjectNotFoundException, RbacManagerException {
        this.addNDSelectedRoles = new ArrayList();
        this.addDSelectedRoles = new ArrayList();
        if (StringUtils.isEmpty(this.principal)) {
            addActionError(getText("rbac.edit.user.empty.principal"));
            return "error";
        }
        UserManager userManager = this.securitySystem.getUserManager();
        if (!userManager.userExists(this.principal)) {
            addActionError(getText("user.does.not.exist", Collections.singletonList(this.principal)));
            return "error";
        }
        try {
            User findUser = userManager.findUser(this.principal);
            if (findUser == null) {
                addActionError(getText("cannot.operate.on.null.user"));
                return "error";
            }
            this.user = new AdminEditUserCredentials(findUser);
            if (!getManager().userAssignmentExists(this.principal)) {
                getManager().saveUserAssignment(getManager().createUserAssignment(this.principal));
            }
            List<Role> filteredRolesForCurrentUserAccess = getFilteredRolesForCurrentUserAccess();
            Iterator it = this.rmanager.getModel().getApplications().iterator();
            while (it.hasNext()) {
                this.applicationRoleDetails.add(new ApplicationRoleDetails((ModelApplication) it.next(), getManager().getEffectivelyAssignedRoles(this.principal), getManager().getAssignedRoles(this.principal), filteredRolesForCurrentUserAccess));
            }
            return Action.SUCCESS;
        } catch (UserNotFoundException e) {
            addActionError(getText("user.not.found.exception", Arrays.asList(this.principal, e.getMessage())));
            return "error";
        }
    }

    public String edituser() {
        try {
            Collection<Role> assignedRoles = getManager().getAssignedRoles(this.principal);
            List<Role> filteredRolesForCurrentUserAccess = getFilteredRolesForCurrentUserAccess();
            HashSet hashSet = new HashSet(assignedRoles);
            hashSet.addAll(filteredRolesForCurrentUserAccess);
            List<String> arrayList = new ArrayList<>();
            addSelectedRoles(hashSet, arrayList, this.addNDSelectedRoles);
            addSelectedRoles(hashSet, arrayList, this.addDSelectedRoles);
            ArrayList<String> arrayList2 = new ArrayList(arrayList);
            String currentUser = getCurrentUser();
            for (Role role : assignedRoles) {
                if (arrayList.contains(role.getName())) {
                    arrayList2.remove(role.getName());
                } else if (checkRoleName(filteredRolesForCurrentUserAccess, role.getName())) {
                    String name = role.getName();
                    AuditEvent auditEvent = new AuditEvent(getText("log.revoke.role"));
                    auditEvent.setAffectedUser(this.principal);
                    auditEvent.setRole(name);
                    auditEvent.setCurrentUser(currentUser);
                    auditEvent.log();
                } else {
                    arrayList.add(role.getName());
                }
            }
            for (String str : arrayList2) {
                AuditEvent auditEvent2 = new AuditEvent(getText("log.assign.role"));
                auditEvent2.setAffectedUser(this.principal);
                auditEvent2.setRole(str);
                auditEvent2.setCurrentUser(currentUser);
                auditEvent2.log();
            }
            UserAssignment userAssignment = getManager().userAssignmentExists(this.principal) ? getManager().getUserAssignment(this.principal) : getManager().createUserAssignment(this.principal);
            userAssignment.setRoleNames(arrayList);
            getManager().saveUserAssignment(userAssignment);
            return Action.SUCCESS;
        } catch (RbacManagerException e) {
            addActionError(getText("error.removing.selected.roles", Arrays.asList(e.getMessage())));
            return "error";
        }
    }

    private void addSelectedRoles(Collection<Role> collection, List<String> list, List<String> list2) {
        if (list2 != null) {
            for (String str : list2) {
                if (checkRoleName(collection, str)) {
                    list.add(str);
                }
            }
        }
    }

    private boolean checkRoleName(Collection<Role> collection, String str) {
        Iterator<Role> it = collection.iterator();
        while (it.hasNext()) {
            if (it.next().getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    public List<Role> getAssignedRoles() {
        return this.assignedRoles;
    }

    public void setAssignedRoles(List<Role> list) {
        this.assignedRoles = list;
    }

    public List<Role> getAvailableRoles() {
        return this.availableRoles;
    }

    public void setAvailableRoles(List<Role> list) {
        this.availableRoles = list;
    }

    public List<Role> getEffectivelyAssignedRoles() {
        return this.effectivelyAssignedRoles;
    }

    public void setEffectivelyAssignedRoles(List<Role> list) {
        this.effectivelyAssignedRoles = list;
    }

    public String getPrincipal() {
        return this.principal;
    }

    public void setPrincipal(String str) {
        this.principal = str;
    }

    public void setUsername(String str) {
        this.principal = str;
    }

    public AdminEditUserCredentials getUser() {
        return this.user;
    }

    @Override // org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction
    public SecureActionBundle initSecureActionBundle() throws SecureActionException {
        SecureActionBundle secureActionBundle = new SecureActionBundle();
        secureActionBundle.setRequiresAuthentication(true);
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_USER_EDIT_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_ROLE_DROP_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_USER_ROLE_OPERATION, "*");
        return secureActionBundle;
    }

    public List<Role> getNondynamicroles() {
        return this.nondynamicroles;
    }

    public void setNondynamicroles(List<Role> list) {
        this.nondynamicroles = list;
    }

    public List<Role> getDynamicroles() {
        return this.dynamicroles;
    }

    public void setDynamicroles(List<Role> list) {
        this.dynamicroles = list;
    }

    public List<String> getNDRoles() {
        return this.NDRoles;
    }

    public void setNDRoles(List<String> list) {
        this.NDRoles = list;
    }

    public List<String> getDRoles() {
        return this.DRoles;
    }

    public void setDRoles(List<String> list) {
        this.DRoles = list;
    }

    public List<String> getAddDSelectedRoles() {
        return this.addDSelectedRoles;
    }

    public void setAddDSelectedRoles(List<String> list) {
        this.addDSelectedRoles = list;
    }

    public List<String> getAddNDSelectedRoles() {
        return this.addNDSelectedRoles;
    }

    public void setAddNDSelectedRoles(List<String> list) {
        this.addNDSelectedRoles = list;
    }
}
