package org.apache.nifi.toolkit.cli.impl.command.registry.policy;

import java.io.IOException;
import java.util.Properties;
import org.apache.commons.cli.ParseException;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.registry.authorization.AccessPolicy;
import org.apache.nifi.registry.client.NiFiRegistryClient;
import org.apache.nifi.registry.client.NiFiRegistryException;
import org.apache.nifi.toolkit.cli.api.Context;
import org.apache.nifi.toolkit.cli.impl.client.ExtendedNiFiRegistryClient;
import org.apache.nifi.toolkit.cli.impl.client.registry.PoliciesClient;
import org.apache.nifi.toolkit.cli.impl.client.registry.TenantsClient;
import org.apache.nifi.toolkit.cli.impl.command.CommandOption;
import org.apache.nifi.toolkit.cli.impl.command.registry.AbstractNiFiRegistryCommand;
import org.apache.nifi.toolkit.cli.impl.command.registry.tenant.TenantHelper;
import org.apache.nifi.toolkit.cli.impl.result.VoidResult;

/* loaded from: input_file:org/apache/nifi/toolkit/cli/impl/command/registry/policy/CreateOrUpdateAccessPolicy.class */
public class CreateOrUpdateAccessPolicy extends AbstractNiFiRegistryCommand<VoidResult> {
    public CreateOrUpdateAccessPolicy() {
        super("update-policy", VoidResult.class);
    }

    @Override // org.apache.nifi.toolkit.cli.api.Command
    public String getDescription() {
        return "Updates the access policy for the given resource and action, or creates the policy if it doesn't exist. In stand-alone mode this command will not produce all of the output seen in interactive mode unless the --verbose argument is specified.";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.nifi.toolkit.cli.impl.command.AbstractCommand
    public void doInitialize(Context context) {
        addOption(CommandOption.POLICY_RESOURCE.createOption());
        addOption(CommandOption.POLICY_ACTION.createOption());
        addOption(CommandOption.USER_NAME_LIST.createOption());
        addOption(CommandOption.USER_ID_LIST.createOption());
        addOption(CommandOption.GROUP_NAME_LIST.createOption());
        addOption(CommandOption.GROUP_ID_LIST.createOption());
        addOption(CommandOption.OVERWRITE_POLICY.createOption());
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.apache.nifi.toolkit.cli.impl.command.registry.AbstractNiFiRegistryCommand
    public VoidResult doExecute(NiFiRegistryClient niFiRegistryClient, Properties properties) throws IOException, NiFiRegistryException, ParseException {
        AccessPolicy accessPolicy;
        if (!(niFiRegistryClient instanceof ExtendedNiFiRegistryClient)) {
            throw new IllegalArgumentException("This command needs extended registry client!");
        }
        ExtendedNiFiRegistryClient extendedNiFiRegistryClient = (ExtendedNiFiRegistryClient) niFiRegistryClient;
        PoliciesClient policiesClient = extendedNiFiRegistryClient.getPoliciesClient();
        TenantsClient tenantsClient = extendedNiFiRegistryClient.getTenantsClient();
        String requiredArg = getRequiredArg(properties, CommandOption.POLICY_ACTION);
        String requiredArg2 = getRequiredArg(properties, CommandOption.POLICY_RESOURCE);
        try {
            accessPolicy = policiesClient.getAccessPolicy(requiredArg, requiredArg2);
        } catch (NiFiRegistryException e) {
            accessPolicy = null;
        }
        if (accessPolicy == null) {
            AccessPolicy accessPolicy2 = new AccessPolicy();
            accessPolicy2.setAction(requiredArg);
            accessPolicy2.setResource(requiredArg2);
            setUsers(accessPolicy2, properties, tenantsClient);
            setGroups(accessPolicy2, properties, tenantsClient);
            policiesClient.createAccessPolicy(accessPolicy2);
        } else {
            setUsers(accessPolicy, properties, tenantsClient);
            setGroups(accessPolicy, properties, tenantsClient);
            policiesClient.updateAccessPolicy(accessPolicy);
        }
        return VoidResult.getInstance();
    }

    private void setUsers(AccessPolicy accessPolicy, Properties properties, TenantsClient tenantsClient) throws IOException, NiFiRegistryException {
        String arg = getArg(properties, CommandOption.USER_NAME_LIST);
        String arg2 = getArg(properties, CommandOption.USER_ID_LIST);
        if (StringUtils.isNotBlank(arg) || StringUtils.isNotBlank(arg2)) {
            accessPolicy.setUsers(TenantHelper.selectExistingTenants(arg, arg2, tenantsClient.getUsers()));
        }
    }

    private void setGroups(AccessPolicy accessPolicy, Properties properties, TenantsClient tenantsClient) throws IOException, NiFiRegistryException {
        String arg = getArg(properties, CommandOption.GROUP_NAME_LIST);
        String arg2 = getArg(properties, CommandOption.GROUP_ID_LIST);
        if (StringUtils.isNotBlank(arg) || StringUtils.isNotBlank(arg2)) {
            accessPolicy.setUserGroups(TenantHelper.selectExistingTenants(arg, arg2, tenantsClient.getUserGroups()));
        }
    }
}
