package org.apache.nifi.audit;

import java.text.Collator;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.action.Action;
import org.apache.nifi.action.Component;
import org.apache.nifi.action.FlowChangeAction;
import org.apache.nifi.action.Operation;
import org.apache.nifi.action.details.ActionDetails;
import org.apache.nifi.action.details.FlowChangeConfigureDetails;
import org.apache.nifi.authorization.Group;
import org.apache.nifi.authorization.user.NiFiUser;
import org.apache.nifi.authorization.user.NiFiUserUtils;
import org.apache.nifi.web.api.dto.UserGroupDTO;
import org.apache.nifi.web.dao.UserGroupDAO;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Aspect
/* loaded from: input_file:WEB-INF/classes/org/apache/nifi/audit/UserGroupAuditor.class */
public class UserGroupAuditor extends NiFiAuditor {
    private static final Logger logger = LoggerFactory.getLogger(UserGroupAuditor.class);
    private static final String NAME = "Name";
    private static final String USERS = "Users";

    @Around("within(org.apache.nifi.web.dao.UserGroupDAO+) && execution(org.apache.nifi.authorization.Group createUserGroup(org.apache.nifi.web.api.dto.UserGroupDTO))")
    public Group createUserGroupAdvice(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        Group group = (Group) proceedingJoinPoint.proceed();
        Action generateAuditRecord = generateAuditRecord(group, Operation.Add);
        if (generateAuditRecord != null) {
            saveAction(generateAuditRecord, logger);
        }
        return group;
    }

    @Around("within(org.apache.nifi.web.dao.UserGroupDAO+) && execution(org.apache.nifi.authorization.Group updateUserGroup(org.apache.nifi.web.api.dto.UserGroupDTO)) && args(userGroupDTO) && target(userGroupDAO)")
    public Group updateUserAdvice(ProceedingJoinPoint proceedingJoinPoint, UserGroupDTO userGroupDTO, UserGroupDAO userGroupDAO) throws Throwable {
        Map<String, String> extractConfiguredPropertyValues = extractConfiguredPropertyValues(userGroupDAO.getUserGroup(userGroupDTO.getId()), userGroupDTO);
        Group group = (Group) proceedingJoinPoint.proceed();
        Group userGroup = userGroupDAO.getUserGroup(group.getIdentifier());
        NiFiUser niFiUser = NiFiUserUtils.getNiFiUser();
        if (niFiUser != null) {
            Map<String, String> extractConfiguredPropertyValues2 = extractConfiguredPropertyValues(userGroup, userGroupDTO);
            Date date = new Date();
            ArrayList arrayList = new ArrayList();
            for (String str : extractConfiguredPropertyValues2.keySet()) {
                String str2 = extractConfiguredPropertyValues2.get(str);
                String str3 = extractConfiguredPropertyValues.get(str);
                Operation operation = (str3 == null || str2 == null || !str2.equals(str3)) ? Operation.Configure : null;
                if (operation != null) {
                    FlowChangeConfigureDetails flowChangeConfigureDetails = new FlowChangeConfigureDetails();
                    flowChangeConfigureDetails.setName(str);
                    flowChangeConfigureDetails.setValue(str2);
                    flowChangeConfigureDetails.setPreviousValue(str3);
                    FlowChangeAction flowChangeAction = new FlowChangeAction();
                    flowChangeAction.setUserIdentity(niFiUser.getIdentity());
                    flowChangeAction.setOperation(operation);
                    flowChangeAction.setTimestamp(date);
                    flowChangeAction.setSourceId(userGroup.getIdentifier());
                    flowChangeAction.setSourceName(userGroup.getName());
                    flowChangeAction.setSourceType(Component.UserGroup);
                    flowChangeAction.setActionDetails(flowChangeConfigureDetails);
                    arrayList.add(flowChangeAction);
                }
            }
            if (!arrayList.isEmpty()) {
                saveActions(arrayList, logger);
            }
        }
        return group;
    }

    @Around("within(org.apache.nifi.web.dao.UserGroupDAO+) && execution(org.apache.nifi.authorization.Group deleteUserGroup(java.lang.String)) && args(userGroupId) && target(userGroupDAO)")
    public Group removeUserAdvice(ProceedingJoinPoint proceedingJoinPoint, String str, UserGroupDAO userGroupDAO) throws Throwable {
        Group userGroup = userGroupDAO.getUserGroup(str);
        Group group = (Group) proceedingJoinPoint.proceed();
        Action generateAuditRecord = generateAuditRecord(userGroup, Operation.Remove);
        if (generateAuditRecord != null) {
            saveAction(generateAuditRecord, logger);
        }
        return group;
    }

    public Action generateAuditRecord(Group group, Operation operation) {
        return generateAuditRecord(group, operation, null);
    }

    public Action generateAuditRecord(Group group, Operation operation, ActionDetails actionDetails) {
        FlowChangeAction flowChangeAction = null;
        NiFiUser niFiUser = NiFiUserUtils.getNiFiUser();
        if (niFiUser != null) {
            flowChangeAction = new FlowChangeAction();
            flowChangeAction.setUserIdentity(niFiUser.getIdentity());
            flowChangeAction.setOperation(operation);
            flowChangeAction.setTimestamp(new Date());
            flowChangeAction.setSourceId(group.getIdentifier());
            flowChangeAction.setSourceName(group.getName());
            flowChangeAction.setSourceType(Component.UserGroup);
            if (actionDetails != null) {
                flowChangeAction.setActionDetails(actionDetails);
            }
        }
        return flowChangeAction;
    }

    private Map<String, String> extractConfiguredPropertyValues(Group group, UserGroupDTO userGroupDTO) {
        HashMap hashMap = new HashMap();
        if (userGroupDTO.getIdentity() != null) {
            hashMap.put(NAME, group.getName());
        }
        if (userGroupDTO.getUsers() != null) {
            ArrayList arrayList = new ArrayList(group.getUsers());
            Collections.sort(arrayList, Collator.getInstance(Locale.US));
            hashMap.put(USERS, StringUtils.join(arrayList, ", "));
        }
        return hashMap;
    }
}
