package org.apache.archiva.redback.role.processor;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.archiva.redback.rbac.Operation;
import org.apache.archiva.redback.rbac.Permission;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.role.RoleManagerException;
import org.apache.archiva.redback.role.model.ModelApplication;
import org.apache.archiva.redback.role.model.ModelOperation;
import org.apache.archiva.redback.role.model.ModelPermission;
import org.apache.archiva.redback.role.model.ModelResource;
import org.apache.archiva.redback.role.model.ModelRole;
import org.apache.archiva.redback.role.model.RedbackRoleModel;
import org.apache.archiva.redback.role.util.RoleModelUtils;
import org.apache.commons.lang.time.StopWatch;
import org.codehaus.plexus.util.dag.CycleDetectedException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service("roleModelProcessor")
/* loaded from: input_file:org/apache/archiva/redback/role/processor/DefaultRoleModelProcessor.class */
public class DefaultRoleModelProcessor implements RoleModelProcessor {

    @Inject
    @Named("rbacManager#default")
    private RBACManager rbacManager;
    private Logger log = LoggerFactory.getLogger(DefaultRoleModelProcessor.class);
    private Map<String, Resource> resourceMap = new HashMap();
    private Map<String, Operation> operationMap = new HashMap();

    @Override // org.apache.archiva.redback.role.processor.RoleModelProcessor
    public void process(RedbackRoleModel redbackRoleModel) throws RoleManagerException {
        processResources(redbackRoleModel);
        processOperations(redbackRoleModel);
        processRoles(redbackRoleModel);
    }

    private void processResources(RedbackRoleModel redbackRoleModel) throws RoleManagerException {
        Iterator<ModelApplication> it = redbackRoleModel.getApplications().iterator();
        while (it.hasNext()) {
            for (ModelResource modelResource : it.next().getResources()) {
                try {
                    if (this.rbacManager.resourceExists(modelResource.getName())) {
                        this.resourceMap.put(modelResource.getId(), this.rbacManager.getResource(modelResource.getName()));
                    } else {
                        Resource createResource = this.rbacManager.createResource(modelResource.getName());
                        createResource.setPermanent(modelResource.isPermanent());
                        this.resourceMap.put(modelResource.getId(), this.rbacManager.saveResource(createResource));
                    }
                } catch (RbacManagerException e) {
                    throw new RoleManagerException("error creating resource '" + modelResource.getName() + "'", e);
                }
            }
        }
    }

    private void processOperations(RedbackRoleModel redbackRoleModel) throws RoleManagerException {
        Iterator<ModelApplication> it = redbackRoleModel.getApplications().iterator();
        while (it.hasNext()) {
            for (ModelOperation modelOperation : it.next().getOperations()) {
                try {
                    if (this.rbacManager.operationExists(modelOperation.getName())) {
                        this.operationMap.put(modelOperation.getId(), this.rbacManager.getOperation(modelOperation.getName()));
                    } else {
                        Operation createOperation = this.rbacManager.createOperation(modelOperation.getName());
                        createOperation.setPermanent(modelOperation.isPermanent());
                        createOperation.setDescription(modelOperation.getDescription());
                        this.operationMap.put(modelOperation.getId(), this.rbacManager.saveOperation(createOperation));
                    }
                } catch (RbacManagerException e) {
                    throw new RoleManagerException("error creating operation '" + modelOperation.getName() + "'", e);
                }
            }
        }
    }

    private void processRoles(RedbackRoleModel redbackRoleModel) throws RoleManagerException {
        StopWatch stopWatch = new StopWatch();
        stopWatch.reset();
        stopWatch.start();
        try {
            List<String> reverseTopologicalSortedRoleList = RoleModelUtils.reverseTopologicalSortedRoleList(redbackRoleModel);
            try {
                List allRoles = this.rbacManager.getAllRoles();
                HashSet hashSet = new HashSet(allRoles.size());
                Iterator it = allRoles.iterator();
                while (it.hasNext()) {
                    hashSet.add(((Role) it.next()).getName());
                }
                Iterator<String> it2 = reverseTopologicalSortedRoleList.iterator();
                while (it2.hasNext()) {
                    ModelRole modelRole = RoleModelUtils.getModelRole(redbackRoleModel, it2.next());
                    List<Permission> processPermissions = processPermissions(modelRole.getPermissions());
                    if (hashSet.contains(modelRole.getName())) {
                        try {
                            Role role = this.rbacManager.getRole(modelRole.getName());
                            boolean z = false;
                            for (Permission permission : processPermissions) {
                                if (!role.getPermissions().contains(permission)) {
                                    this.log.info("Adding new permission '" + permission.getName() + "' to role '" + role.getName() + "'");
                                    role.addPermission(permission);
                                    z = true;
                                }
                            }
                            for (Permission permission2 : new ArrayList(role.getPermissions())) {
                                if (!processPermissions.contains(permission2)) {
                                    this.log.info("Removing old permission '" + permission2.getName() + "' from role '" + role.getName() + "'");
                                    role.removePermission(permission2);
                                    z = true;
                                }
                            }
                            if (z) {
                                this.rbacManager.saveRole(role);
                                hashSet.add(role.getName());
                            }
                        } catch (RbacManagerException e) {
                            throw new RoleManagerException("error updating role '" + modelRole.getName() + "'", e);
                        }
                    } else {
                        try {
                            Role createRole = this.rbacManager.createRole(modelRole.getName());
                            createRole.setDescription(modelRole.getDescription());
                            createRole.setPermanent(modelRole.isPermanent());
                            createRole.setAssignable(modelRole.isAssignable());
                            Iterator<Permission> it3 = processPermissions.iterator();
                            while (it3.hasNext()) {
                                createRole.addPermission(it3.next());
                            }
                            if (modelRole.getChildRoles() != null) {
                                Iterator<String> it4 = modelRole.getChildRoles().iterator();
                                while (it4.hasNext()) {
                                    createRole.addChildRoleName(RoleModelUtils.getModelRole(redbackRoleModel, it4.next()).getName());
                                }
                            }
                            this.rbacManager.saveRole(createRole);
                            hashSet.add(createRole.getName());
                            if (modelRole.getParentRoles() != null) {
                                Iterator<String> it5 = modelRole.getParentRoles().iterator();
                                while (it5.hasNext()) {
                                    Role role2 = this.rbacManager.getRole(RoleModelUtils.getModelRole(redbackRoleModel, it5.next()).getName());
                                    role2.addChildRoleName(createRole.getName());
                                    this.rbacManager.saveRole(role2);
                                    hashSet.add(role2.getName());
                                }
                            }
                        } catch (RbacManagerException e2) {
                            throw new RoleManagerException("error creating role '" + modelRole.getName() + "'", e2);
                        }
                    }
                }
                stopWatch.stop();
                this.log.info("time to process roles model: {} ms", Long.valueOf(stopWatch.getTime()));
            } catch (RbacManagerException e3) {
                throw new RoleManagerException(e3.getMessage(), e3);
            }
        } catch (CycleDetectedException e4) {
            throw new RoleManagerException("cycle detected: this should have been caught in validation", e4);
        }
    }

    private List<Permission> processPermissions(List<ModelPermission> list) throws RoleManagerException {
        ArrayList arrayList = new ArrayList(list.size());
        for (ModelPermission modelPermission : list) {
            try {
                if (this.rbacManager.permissionExists(modelPermission.getName())) {
                    arrayList.add(this.rbacManager.getPermission(modelPermission.getName()));
                } else {
                    Permission createPermission = this.rbacManager.createPermission(modelPermission.getName());
                    Operation operation = this.operationMap.get(modelPermission.getOperation());
                    Resource resource = this.resourceMap.get(modelPermission.getResource());
                    createPermission.setOperation(operation);
                    createPermission.setResource(resource);
                    createPermission.setPermanent(modelPermission.isPermanent());
                    createPermission.setDescription(modelPermission.getDescription());
                    arrayList.add(this.rbacManager.savePermission(createPermission));
                }
            } catch (RbacManagerException e) {
                throw new RoleManagerException("error creating permission '" + modelPermission.getName() + "'", e);
            }
        }
        return arrayList;
    }

    public RBACManager getRbacManager() {
        return this.rbacManager;
    }

    public void setRbacManager(RBACManager rBACManager) {
        this.rbacManager = rBACManager;
    }
}
