package org.codehaus.plexus.redback.role.processor;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import org.codehaus.plexus.redback.rbac.Operation;
import org.codehaus.plexus.redback.rbac.Permission;
import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.rbac.Role;
import org.codehaus.plexus.redback.role.RoleManagerException;
import org.codehaus.plexus.redback.role.model.ModelApplication;
import org.codehaus.plexus.redback.role.model.ModelOperation;
import org.codehaus.plexus.redback.role.model.ModelPermission;
import org.codehaus.plexus.redback.role.model.ModelResource;
import org.codehaus.plexus.redback.role.model.ModelRole;
import org.codehaus.plexus.redback.role.model.RedbackRoleModel;
import org.codehaus.plexus.redback.role.util.RoleModelUtils;
import org.codehaus.plexus.util.dag.CycleDetectedException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service("roleModelProcessor")
/* loaded from: input_file:org/codehaus/plexus/redback/role/processor/DefaultRoleModelProcessor.class */
public class DefaultRoleModelProcessor implements RoleModelProcessor {

    @Resource(name = "rBACManager#cached")
    private RBACManager rbacManager;
    private Logger log = LoggerFactory.getLogger(DefaultRoleModelProcessor.class);
    private Map<String, org.codehaus.plexus.redback.rbac.Resource> resourceMap = new HashMap();
    private Map<String, Operation> operationMap = new HashMap();

    @Override // org.codehaus.plexus.redback.role.processor.RoleModelProcessor
    public void process(RedbackRoleModel redbackRoleModel) throws RoleManagerException {
        processResources(redbackRoleModel);
        processOperations(redbackRoleModel);
        processRoles(redbackRoleModel);
    }

    private void processResources(RedbackRoleModel redbackRoleModel) throws RoleManagerException {
        Iterator it = redbackRoleModel.getApplications().iterator();
        while (it.hasNext()) {
            for (ModelResource modelResource : ((ModelApplication) it.next()).getResources()) {
                try {
                    if (this.rbacManager.resourceExists(modelResource.getName())) {
                        this.resourceMap.put(modelResource.getId(), this.rbacManager.getResource(modelResource.getName()));
                    } else {
                        org.codehaus.plexus.redback.rbac.Resource createResource = this.rbacManager.createResource(modelResource.getName());
                        createResource.setPermanent(modelResource.isPermanent());
                        this.resourceMap.put(modelResource.getId(), this.rbacManager.saveResource(createResource));
                    }
                } catch (RbacManagerException e) {
                    throw new RoleManagerException("error creating resource '" + modelResource.getName() + "'", e);
                }
            }
        }
    }

    private void processOperations(RedbackRoleModel redbackRoleModel) throws RoleManagerException {
        Iterator it = redbackRoleModel.getApplications().iterator();
        while (it.hasNext()) {
            for (ModelOperation modelOperation : ((ModelApplication) it.next()).getOperations()) {
                try {
                    if (this.rbacManager.operationExists(modelOperation.getName())) {
                        this.operationMap.put(modelOperation.getId(), this.rbacManager.getOperation(modelOperation.getName()));
                    } else {
                        Operation createOperation = this.rbacManager.createOperation(modelOperation.getName());
                        createOperation.setPermanent(modelOperation.isPermanent());
                        createOperation.setDescription(modelOperation.getDescription());
                        this.operationMap.put(modelOperation.getId(), this.rbacManager.saveOperation(createOperation));
                    }
                } catch (RbacManagerException e) {
                    throw new RoleManagerException("error creating operation '" + modelOperation.getName() + "'", e);
                }
            }
        }
    }

    private void processRoles(RedbackRoleModel redbackRoleModel) throws RoleManagerException {
        try {
            Iterator<String> it = RoleModelUtils.reverseTopologicalSortedRoleList(redbackRoleModel).iterator();
            while (it.hasNext()) {
                ModelRole modelRole = RoleModelUtils.getModelRole(redbackRoleModel, it.next());
                List<Permission> processPermissions = processPermissions(modelRole.getPermissions());
                if (this.rbacManager.roleExists(modelRole.getName())) {
                    try {
                        Role role = this.rbacManager.getRole(modelRole.getName());
                        boolean z = false;
                        for (Permission permission : processPermissions) {
                            if (!role.getPermissions().contains(permission)) {
                                this.log.info("Adding new permission '" + permission.getName() + "' to role '" + role.getName() + "'");
                                role.addPermission(permission);
                                z = true;
                            }
                        }
                        for (Permission permission2 : new ArrayList(role.getPermissions())) {
                            if (!processPermissions.contains(permission2)) {
                                this.log.info("Removing old permission '" + permission2.getName() + "' from role '" + role.getName() + "'");
                                role.removePermission(permission2);
                                z = true;
                            }
                        }
                        if (z) {
                            this.rbacManager.saveRole(role);
                        }
                    } catch (RbacManagerException e) {
                        throw new RoleManagerException("error updating role '" + modelRole.getName() + "'", e);
                    }
                } else {
                    try {
                        Role createRole = this.rbacManager.createRole(modelRole.getName());
                        createRole.setDescription(modelRole.getDescription());
                        createRole.setPermanent(modelRole.isPermanent());
                        createRole.setAssignable(modelRole.isAssignable());
                        Iterator<Permission> it2 = processPermissions.iterator();
                        while (it2.hasNext()) {
                            createRole.addPermission(it2.next());
                        }
                        if (modelRole.getChildRoles() != null) {
                            Iterator it3 = modelRole.getChildRoles().iterator();
                            while (it3.hasNext()) {
                                createRole.addChildRoleName(RoleModelUtils.getModelRole(redbackRoleModel, (String) it3.next()).getName());
                            }
                        }
                        this.rbacManager.saveRole(createRole);
                        if (modelRole.getParentRoles() != null) {
                            Iterator it4 = modelRole.getParentRoles().iterator();
                            while (it4.hasNext()) {
                                Role role2 = this.rbacManager.getRole(RoleModelUtils.getModelRole(redbackRoleModel, (String) it4.next()).getName());
                                role2.addChildRoleName(createRole.getName());
                                this.rbacManager.saveRole(role2);
                            }
                        }
                    } catch (RbacManagerException e2) {
                        throw new RoleManagerException("error creating role '" + modelRole.getName() + "'", e2);
                    }
                }
            }
        } catch (CycleDetectedException e3) {
            throw new RoleManagerException("cycle detected: this should have been caught in validation", e3);
        }
    }

    private List<Permission> processPermissions(List<ModelPermission> list) throws RoleManagerException {
        ArrayList arrayList = new ArrayList();
        for (ModelPermission modelPermission : list) {
            try {
                if (this.rbacManager.permissionExists(modelPermission.getName())) {
                    arrayList.add(this.rbacManager.getPermission(modelPermission.getName()));
                } else {
                    Permission createPermission = this.rbacManager.createPermission(modelPermission.getName());
                    Operation operation = this.operationMap.get(modelPermission.getOperation());
                    org.codehaus.plexus.redback.rbac.Resource resource = this.resourceMap.get(modelPermission.getResource());
                    createPermission.setOperation(operation);
                    createPermission.setResource(resource);
                    createPermission.setPermanent(modelPermission.isPermanent());
                    createPermission.setDescription(modelPermission.getDescription());
                    arrayList.add(this.rbacManager.savePermission(createPermission));
                }
            } catch (RbacManagerException e) {
                throw new RoleManagerException("error creating permission '" + modelPermission.getName() + "'", e);
            }
        }
        return arrayList;
    }
}
