package org.codehaus.plexus.redback.role;

import java.io.IOException;
import java.io.InputStreamReader;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.xml.stream.XMLStreamException;
import org.codehaus.plexus.PlexusContainer;
import org.codehaus.plexus.logging.AbstractLogEnabled;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializationException;
import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.rbac.Role;
import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.role.model.ModelApplication;
import org.codehaus.plexus.redback.role.model.ModelRole;
import org.codehaus.plexus.redback.role.model.ModelTemplate;
import org.codehaus.plexus.redback.role.model.RedbackRoleModel;
import org.codehaus.plexus.redback.role.model.io.stax.RedbackRoleModelStaxReader;
import org.codehaus.plexus.redback.role.processor.RoleModelProcessor;
import org.codehaus.plexus.redback.role.template.RoleTemplateProcessor;
import org.codehaus.plexus.redback.role.util.RoleModelUtils;
import org.codehaus.plexus.redback.role.validator.RoleModelValidator;

/* loaded from: input_file:WEB-INF/lib/redback-rbac-role-manager-1.1.jar:org/codehaus/plexus/redback/role/DefaultRoleManager.class */
public class DefaultRoleManager extends AbstractLogEnabled implements RoleManager, Initializable {
    private RedbackRoleModel blessedModel;
    private RedbackRoleModel unblessedModel;
    private Map knownResources = new HashMap();
    private RoleModelValidator modelValidator;
    private RoleModelProcessor modelProcessor;
    private RoleTemplateProcessor templateProcessor;
    private RBACManager rbacManager;
    private PlexusContainer container;

    @Override // org.codehaus.plexus.redback.role.RoleManager
    public void loadRoleModel(URL url) throws RoleManagerException {
        try {
            for (ModelApplication modelApplication : new RedbackRoleModelStaxReader().read(new InputStreamReader(url.openStream())).getApplications()) {
                if (!this.knownResources.containsKey(modelApplication.getId())) {
                    getLogger().info("loading " + modelApplication.getId());
                    loadApplication(modelApplication);
                }
            }
        } catch (MalformedURLException e) {
            throw new RoleManagerException("error locating redback profile", e);
        } catch (IOException e2) {
            throw new RoleManagerException("error reading redback profile", e2);
        } catch (XMLStreamException e3) {
            throw new RoleManagerException("error parsing redback profile", e3);
        }
    }

    @Override // org.codehaus.plexus.redback.role.RoleManager
    public void loadRoleModel(RedbackRoleModel redbackRoleModel) throws RoleManagerException {
        for (ModelApplication modelApplication : redbackRoleModel.getApplications()) {
            if (!this.knownResources.containsKey(modelApplication.getId())) {
                loadApplication(modelApplication);
            }
        }
    }

    public void loadApplication(ModelApplication modelApplication) throws RoleManagerException {
        if (this.unblessedModel == null) {
            this.unblessedModel = new RedbackRoleModel();
        }
        this.unblessedModel.addApplication(modelApplication);
        if (this.modelValidator.validate(this.unblessedModel)) {
            this.blessedModel = this.unblessedModel;
            this.modelProcessor.process(this.blessedModel);
            this.knownResources.put(modelApplication.getId(), modelApplication);
        } else {
            List validationErrors = this.modelValidator.getValidationErrors();
            getLogger().error("Role Model Validation Errors:");
            Iterator it = validationErrors.iterator();
            while (it.hasNext()) {
                getLogger().error((String) it.next());
            }
            throw new RoleManagerException("Role Model Validation Error");
        }
    }

    @Override // org.codehaus.plexus.redback.role.RoleManager
    public void createTemplatedRole(String str, String str2) throws RoleManagerException {
        this.templateProcessor.create(this.blessedModel, str, str2);
    }

    @Override // org.codehaus.plexus.redback.role.RoleManager
    public void removeTemplatedRole(String str, String str2) throws RoleManagerException {
        ModelTemplate modelTemplate = RoleModelUtils.getModelTemplate(this.blessedModel, str);
        try {
            Role role = this.rbacManager.getRole(modelTemplate.getNamePrefix() + modelTemplate.getDelimiter() + str2);
            ArrayList arrayList = new ArrayList();
            arrayList.add(role);
            for (UserAssignment userAssignment : this.rbacManager.getUserAssignmentsForRoles(arrayList)) {
                userAssignment.removeRoleName(role);
                this.rbacManager.saveUserAssignment(userAssignment);
            }
            this.templateProcessor.remove(this.blessedModel, str, str2);
        } catch (RbacManagerException e) {
            throw new RoleManagerException("unable to remove role", e);
        }
    }

    @Override // org.codehaus.plexus.redback.role.RoleManager
    public void updateRole(String str, String str2, String str3) throws RoleManagerException {
        this.templateProcessor.create(this.blessedModel, str, str3);
        ModelTemplate modelTemplate = RoleModelUtils.getModelTemplate(this.blessedModel, str);
        String str4 = modelTemplate.getNamePrefix() + modelTemplate.getDelimiter() + str2;
        String str5 = modelTemplate.getNamePrefix() + modelTemplate.getDelimiter() + str3;
        try {
            Role role = this.rbacManager.getRole(str4);
            ArrayList arrayList = new ArrayList();
            arrayList.add(role.getName());
            for (UserAssignment userAssignment : this.rbacManager.getUserAssignmentsForRoles(arrayList)) {
                userAssignment.removeRoleName(str4);
                userAssignment.addRoleName(str5);
                this.rbacManager.saveUserAssignment(userAssignment);
            }
            this.templateProcessor.remove(this.blessedModel, str, str2);
        } catch (RbacManagerException e) {
            throw new RoleManagerException("unable to update role", e);
        }
    }

    @Override // org.codehaus.plexus.redback.role.RoleManager
    public void assignRole(String str, String str2) throws RoleManagerException {
        ModelRole modelRole = RoleModelUtils.getModelRole(this.blessedModel, str);
        if (modelRole == null) {
            throw new RoleManagerException("Unable to assign role: " + str + " does not exist.");
        }
        try {
            UserAssignment userAssignment = this.rbacManager.userAssignmentExists(str2) ? this.rbacManager.getUserAssignment(str2) : this.rbacManager.createUserAssignment(str2);
            userAssignment.addRoleName(modelRole.getName());
            this.rbacManager.saveUserAssignment(userAssignment);
        } catch (RbacManagerException e) {
            throw new RoleManagerException("Unable to assign role: unable to manage user assignment", e);
        }
    }

    @Override // org.codehaus.plexus.redback.role.RoleManager
    public void assignTemplatedRole(String str, String str2, String str3) throws RoleManagerException {
        ModelTemplate modelTemplate = RoleModelUtils.getModelTemplate(this.blessedModel, str);
        if (modelTemplate == null) {
            throw new RoleManagerException("Unable to assign role: " + str + " does not exist.");
        }
        try {
            if (!this.rbacManager.resourceExists(str2)) {
                this.rbacManager.saveResource(this.rbacManager.createResource(str2));
            }
            UserAssignment userAssignment = this.rbacManager.userAssignmentExists(str3) ? this.rbacManager.getUserAssignment(str3) : this.rbacManager.createUserAssignment(str3);
            userAssignment.addRoleName(modelTemplate.getNamePrefix() + modelTemplate.getDelimiter() + str2);
            this.rbacManager.saveUserAssignment(userAssignment);
        } catch (RbacManagerException e) {
            throw new RoleManagerException("Unable to assign role: unable to manage user assignment", e);
        }
    }

    @Override // org.codehaus.plexus.redback.role.RoleManager
    public void unassignRole(String str, String str2) throws RoleManagerException {
        ModelRole modelRole = RoleModelUtils.getModelRole(this.blessedModel, str);
        if (modelRole == null) {
            throw new RoleManagerException("Unable to assign role: " + str + " does not exist.");
        }
        try {
            if (!this.rbacManager.userAssignmentExists(str2)) {
                throw new RoleManagerException("UserAssignment for principal " + str2 + "does not exist, can't unassign role.");
            }
            UserAssignment userAssignment = this.rbacManager.getUserAssignment(str2);
            userAssignment.removeRoleName(modelRole.getName());
            this.rbacManager.saveUserAssignment(userAssignment);
        } catch (RbacManagerException e) {
            throw new RoleManagerException("Unable to assign role: unable to manage user assignment", e);
        }
    }

    @Override // org.codehaus.plexus.redback.role.RoleManager
    public boolean roleExists(String str) throws RoleManagerException {
        ModelRole modelRole = RoleModelUtils.getModelRole(this.blessedModel, str);
        if (modelRole == null) {
            return false;
        }
        if (this.rbacManager.roleExists(modelRole.getName())) {
            return true;
        }
        throw new RoleManagerException("breakdown in role management, role exists in configuration but was not created in underlying store");
    }

    @Override // org.codehaus.plexus.redback.role.RoleManager
    public boolean templatedRoleExists(String str, String str2) throws RoleManagerException {
        ModelTemplate modelTemplate = RoleModelUtils.getModelTemplate(this.blessedModel, str);
        return modelTemplate != null && this.rbacManager.roleExists(new StringBuilder().append(modelTemplate.getNamePrefix()).append(modelTemplate.getDelimiter()).append(str2).toString());
    }

    @Override // org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable
    public void initialize() throws InitializationException {
        try {
            URL resource = RoleManager.class.getResource("/META-INF/redback/redback-core.xml");
            if (resource == null) {
                throw new InitializationException("unable to initialize role manager, missing redback-core.xml");
            }
            loadRoleModel(resource);
            Enumeration<URL> resources = RoleManager.class.getClassLoader().getResources("META-INF/redback/redback.xml");
            while (resources.hasMoreElements()) {
                loadRoleModel(resources.nextElement());
            }
        } catch (IOException e) {
            throw new InitializationException("unable to initialize RoleManager, problem with redback.xml loading", e);
        } catch (RoleManagerException e2) {
            throw new InitializationException("unable to initialize RoleManager", e2);
        }
    }

    @Override // org.codehaus.plexus.redback.role.RoleManager
    public RedbackRoleModel getModel() {
        return this.blessedModel;
    }
}
