package org.apache.archiva.redback.struts2.action.admin;

import com.opensymphony.xwork2.Action;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.model.SimplePermission;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.struts2.action.AbstractSecurityAction;
import org.apache.archiva.redback.struts2.action.AuditEvent;
import org.codehaus.plexus.util.StringUtils;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;

@Scope("prototype")
@Controller("redback-role-create")
/* loaded from: input_file:WEB-INF/lib/redback-struts2-integration-2.0.jar:org/apache/archiva/redback/struts2/action/admin/RoleCreateAction.class */
public class RoleCreateAction extends AbstractSecurityAction {

    @Inject
    @Named("rBACManager#cached")
    private RBACManager manager;
    private String principal;
    private String roleName;
    private String description;
    private List<SimplePermission> permissions;
    private List<String> childRoles;
    private SimplePermission addpermission;
    private String submitMode;
    protected static final String VALID_ROLENAME_CHARS = "[a-zA-Z_0-9\\-\\s.,]*";

    public String show() {
        if (this.permissions == null) {
            this.permissions = new ArrayList();
        }
        if (this.childRoles == null) {
            this.childRoles = new ArrayList();
        }
        if (this.addpermission != null) {
            return Action.INPUT;
        }
        this.addpermission = new SimplePermission();
        return Action.INPUT;
    }

    public String addpermission() {
        if (this.addpermission == null) {
            addActionError(getText("cannot.add.null.permission"));
            return Action.ERROR;
        }
        if (this.permissions == null) {
            this.permissions = new ArrayList();
        }
        this.permissions.add(this.addpermission);
        this.addpermission = new SimplePermission();
        return Action.INPUT;
    }

    public String submit() {
        if (StringUtils.equals(getSubmitMode(), "addPermission")) {
            return addpermission();
        }
        if (StringUtils.isEmpty(this.roleName)) {
            addActionError(getText("cannot.add.empty.role"));
            return Action.ERROR;
        }
        if (!this.roleName.matches(VALID_ROLENAME_CHARS)) {
            addActionError(getText("roleName.invalid.characters"));
            return Action.ERROR;
        }
        try {
            Role role = this.manager.roleExists(this.roleName) ? this.manager.getRole(this.roleName) : this.manager.createRole(this.roleName);
            role.setDescription(this.description);
            role.setChildRoleNames(this.childRoles);
            ArrayList arrayList = new ArrayList();
            for (SimplePermission simplePermission : this.permissions) {
                arrayList.add(this.manager.createPermission(simplePermission.getName(), simplePermission.getOperationName(), simplePermission.getResourceIdentifier()));
            }
            role.setPermissions(arrayList);
            this.manager.saveRole(role);
            addActionMessage(getText("save.role.success", Arrays.asList(this.roleName)));
            String currentUser = getCurrentUser();
            AuditEvent auditEvent = new AuditEvent(getText("log.role.create"));
            auditEvent.setRole(this.roleName);
            auditEvent.setCurrentUser(currentUser);
            auditEvent.log();
            return Action.SUCCESS;
        } catch (RbacManagerException e) {
            addActionError(getText("cannot.get.role", Arrays.asList(this.roleName, e.getMessage())));
            return Action.ERROR;
        }
    }

    public String getPrincipal() {
        return this.principal;
    }

    public void setPrincipal(String str) {
        this.principal = str;
    }

    public SimplePermission getAddpermission() {
        return this.addpermission;
    }

    public void setAddpermission(SimplePermission simplePermission) {
        this.addpermission = simplePermission;
    }

    public String getSubmitMode() {
        return this.submitMode;
    }

    public void setSubmitMode(String str) {
        this.submitMode = str;
    }

    @Override // org.apache.archiva.redback.struts2.action.AbstractSecurityAction
    public SecureActionBundle initSecureActionBundle() throws SecureActionException {
        SecureActionBundle secureActionBundle = new SecureActionBundle();
        secureActionBundle.setRequiresAuthentication(true);
        secureActionBundle.addRequiredAuthorization("user-management-rbac-admin", "*");
        return secureActionBundle;
    }
}
