package org.sonatype.security.realms.tools;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.enterprise.inject.Typed;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.codehaus.plexus.util.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.sonatype.configuration.validation.InvalidConfigurationException;
import org.sonatype.security.authorization.NoSuchPrivilegeException;
import org.sonatype.security.authorization.NoSuchRoleException;
import org.sonatype.security.model.CPrivilege;
import org.sonatype.security.model.CRole;
import org.sonatype.security.model.CUser;
import org.sonatype.security.model.CUserRoleMapping;
import org.sonatype.security.model.Configuration;
import org.sonatype.security.realms.privileges.PrivilegeDescriptor;
import org.sonatype.security.realms.validator.SecurityValidationContext;
import org.sonatype.security.usermanagement.UserNotFoundException;

@Singleton
@Typed({ConfigurationManager.class})
@Named("resourceMerging")
/* loaded from: input_file:WEB-INF/lib/nexus-security-realms-2.6.3-01.jar:org/sonatype/security/realms/tools/ResourceMergingConfigurationManager.class */
public class ResourceMergingConfigurationManager extends AbstractConfigurationManager {
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private final ConfigurationManager manager;
    private final List<StaticSecurityResource> staticResources;
    private final List<DynamicSecurityResource> dynamicResources;

    @Inject
    public ResourceMergingConfigurationManager(List<DynamicSecurityResource> list, @Named("legacydefault") ConfigurationManager configurationManager, List<StaticSecurityResource> list2) {
        this.dynamicResources = list;
        this.manager = configurationManager;
        this.staticResources = list2;
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void runRead(ConfigurationManagerAction configurationManagerAction) throws Exception {
        throw new UnsupportedOperationException("Concurrent access not supported. ConcurrentConfigurationManager should be used instead");
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void runWrite(ConfigurationManagerAction configurationManagerAction) throws Exception {
        throw new UnsupportedOperationException("Concurrent access not supported. ConcurrentConfigurationManager should be used instead");
    }

    @Override // org.sonatype.security.realms.tools.AbstractConfigurationManager, org.sonatype.security.realms.tools.ConfigurationManager
    public void clearCache() {
        super.clearCache();
        this.manager.clearCache();
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void createPrivilege(CPrivilege cPrivilege) throws InvalidConfigurationException {
        this.manager.createPrivilege(cPrivilege, initializeContext());
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void createPrivilege(CPrivilege cPrivilege, SecurityValidationContext securityValidationContext) throws InvalidConfigurationException {
        if (securityValidationContext == null) {
            securityValidationContext = initializeContext();
        }
        this.manager.createPrivilege(cPrivilege, securityValidationContext);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void createRole(CRole cRole) throws InvalidConfigurationException {
        this.manager.createRole(cRole, initializeContext());
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void createRole(CRole cRole, SecurityValidationContext securityValidationContext) throws InvalidConfigurationException {
        if (securityValidationContext == null) {
            securityValidationContext = initializeContext();
        }
        this.manager.createRole(cRole, securityValidationContext);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void createUser(CUser cUser, Set<String> set) throws InvalidConfigurationException {
        this.manager.createUser(cUser, set, initializeContext());
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void createUser(CUser cUser, String str, Set<String> set) throws InvalidConfigurationException {
        this.manager.createUser(cUser, str, set, initializeContext());
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void createUser(CUser cUser, Set<String> set, SecurityValidationContext securityValidationContext) throws InvalidConfigurationException {
        createUser(cUser, null, set, securityValidationContext);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void createUser(CUser cUser, String str, Set<String> set, SecurityValidationContext securityValidationContext) throws InvalidConfigurationException {
        if (securityValidationContext == null) {
            securityValidationContext = initializeContext();
        }
        this.manager.createUser(cUser, str, set, securityValidationContext);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void deletePrivilege(String str) throws NoSuchPrivilegeException {
        this.manager.deletePrivilege(str);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void deleteRole(String str) throws NoSuchRoleException {
        this.manager.deleteRole(str);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void deleteUser(String str) throws UserNotFoundException {
        this.manager.deleteUser(str);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public String getPrivilegeProperty(CPrivilege cPrivilege, String str) {
        return this.manager.getPrivilegeProperty(cPrivilege, str);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public String getPrivilegeProperty(String str, String str2) throws NoSuchPrivilegeException {
        return this.manager.getPrivilegeProperty(str, str2);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public SecurityValidationContext initializeContext() {
        SecurityValidationContext securityValidationContext = new SecurityValidationContext();
        securityValidationContext.addExistingUserIds();
        securityValidationContext.addExistingRoleIds();
        securityValidationContext.addExistingPrivilegeIds();
        for (CUser cUser : new ArrayList(listUsers())) {
            securityValidationContext.getExistingUserIds().add(cUser.getId());
            securityValidationContext.getExistingEmailMap().put(cUser.getId(), cUser.getEmail());
        }
        for (CRole cRole : new ArrayList(listRoles())) {
            securityValidationContext.getExistingRoleIds().add(cRole.getId());
            ArrayList arrayList = new ArrayList();
            arrayList.addAll(cRole.getRoles());
            securityValidationContext.getRoleContainmentMap().put(cRole.getId(), arrayList);
            securityValidationContext.getExistingRoleNameMap().put(cRole.getId(), cRole.getName());
        }
        Iterator it = new ArrayList(listPrivileges()).iterator();
        while (it.hasNext()) {
            securityValidationContext.getExistingPrivilegeIds().add(((CPrivilege) it.next()).getId());
        }
        return securityValidationContext;
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public List<CPrivilege> listPrivileges() {
        ArrayList arrayList = new ArrayList(this.manager.listPrivileges());
        for (CPrivilege cPrivilege : getConfiguration().getPrivileges()) {
            cPrivilege.setReadOnly(true);
            arrayList.add(cPrivilege);
        }
        return arrayList;
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public List<CRole> listRoles() {
        ArrayList arrayList = new ArrayList(this.manager.listRoles());
        for (CRole cRole : getConfiguration().getRoles()) {
            cRole.setReadOnly(true);
            arrayList.add(cRole);
        }
        return arrayList;
    }

    private CRole mergeRolesContents(CRole cRole, CRole cRole2) {
        HashSet hashSet = new HashSet();
        if (cRole.getRoles() != null) {
            hashSet.addAll(cRole.getRoles());
        }
        if (cRole2.getRoles() != null) {
            hashSet.addAll(cRole2.getRoles());
        }
        HashSet hashSet2 = new HashSet();
        if (cRole.getPrivileges() != null) {
            hashSet2.addAll(cRole.getPrivileges());
        }
        if (cRole2.getPrivileges() != null) {
            hashSet2.addAll(cRole2.getPrivileges());
        }
        CRole cRole3 = new CRole();
        cRole3.setId(cRole.getId());
        cRole3.setRoles(new ArrayList(hashSet));
        cRole3.setPrivileges(new ArrayList(hashSet2));
        if (StringUtils.isNotEmpty(cRole.getName())) {
            cRole3.setName(cRole.getName());
        } else {
            cRole3.setName(cRole2.getName());
        }
        if (StringUtils.isNotEmpty(cRole.getDescription())) {
            cRole3.setDescription(cRole.getDescription());
        } else {
            cRole3.setDescription(cRole2.getDescription());
        }
        if (cRole.getSessionTimeout() > cRole2.getSessionTimeout()) {
            cRole3.setSessionTimeout(cRole.getSessionTimeout());
        } else {
            cRole3.setSessionTimeout(cRole2.getSessionTimeout());
        }
        return cRole3;
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public List<CUser> listUsers() {
        return this.manager.listUsers();
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public CPrivilege readPrivilege(String str) throws NoSuchPrivilegeException {
        CPrivilege privilegeById = getConfiguration().getPrivilegeById(str);
        if (privilegeById == null) {
            return this.manager.readPrivilege(str);
        }
        privilegeById.setReadOnly(true);
        return privilegeById;
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public CRole readRole(String str) throws NoSuchRoleException {
        CRole roleById = getConfiguration().getRoleById(str);
        if (roleById == null) {
            return this.manager.readRole(str);
        }
        roleById.setReadOnly(true);
        return roleById;
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public CUser readUser(String str) throws UserNotFoundException {
        return this.manager.readUser(str);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void createUserRoleMapping(CUserRoleMapping cUserRoleMapping, SecurityValidationContext securityValidationContext) throws InvalidConfigurationException {
        if (securityValidationContext == null) {
            securityValidationContext = initializeContext();
        }
        this.manager.createUserRoleMapping(cUserRoleMapping, securityValidationContext);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void createUserRoleMapping(CUserRoleMapping cUserRoleMapping) throws InvalidConfigurationException {
        this.manager.createUserRoleMapping(cUserRoleMapping, initializeContext());
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void deleteUserRoleMapping(String str, String str2) throws NoSuchRoleMappingException {
        this.manager.deleteUserRoleMapping(str, str2);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public List<CUserRoleMapping> listUserRoleMappings() {
        return this.manager.listUserRoleMappings();
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public CUserRoleMapping readUserRoleMapping(String str, String str2) throws NoSuchRoleMappingException {
        return this.manager.readUserRoleMapping(str, str2);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void updateUserRoleMapping(CUserRoleMapping cUserRoleMapping, SecurityValidationContext securityValidationContext) throws InvalidConfigurationException, NoSuchRoleMappingException {
        if (securityValidationContext == null) {
            securityValidationContext = initializeContext();
        }
        this.manager.updateUserRoleMapping(cUserRoleMapping, securityValidationContext);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void updateUserRoleMapping(CUserRoleMapping cUserRoleMapping) throws InvalidConfigurationException, NoSuchRoleMappingException {
        updateUserRoleMapping(cUserRoleMapping, initializeContext());
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void updatePrivilege(CPrivilege cPrivilege) throws InvalidConfigurationException, NoSuchPrivilegeException {
        this.manager.updatePrivilege(cPrivilege, initializeContext());
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void updatePrivilege(CPrivilege cPrivilege, SecurityValidationContext securityValidationContext) throws InvalidConfigurationException, NoSuchPrivilegeException {
        if (securityValidationContext == null) {
            securityValidationContext = initializeContext();
        }
        this.manager.updatePrivilege(cPrivilege, securityValidationContext);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void updateRole(CRole cRole) throws InvalidConfigurationException, NoSuchRoleException {
        this.manager.updateRole(cRole, initializeContext());
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void updateRole(CRole cRole, SecurityValidationContext securityValidationContext) throws InvalidConfigurationException, NoSuchRoleException {
        if (securityValidationContext == null) {
            securityValidationContext = initializeContext();
        }
        this.manager.updateRole(cRole, securityValidationContext);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void updateUser(CUser cUser) throws InvalidConfigurationException, UserNotFoundException {
        HashSet hashSet = new HashSet();
        try {
            hashSet.addAll(readUserRoleMapping(cUser.getId(), "default").getRoles());
        } catch (NoSuchRoleMappingException e) {
            this.logger.debug("User: {} has no roles", cUser.getId());
        }
        updateUser(cUser, new HashSet(hashSet));
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void updateUser(CUser cUser, Set<String> set) throws InvalidConfigurationException, UserNotFoundException {
        this.manager.updateUser(cUser, set, initializeContext());
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void updateUser(CUser cUser, Set<String> set, SecurityValidationContext securityValidationContext) throws InvalidConfigurationException, UserNotFoundException {
        if (securityValidationContext == null) {
            securityValidationContext = initializeContext();
        }
        this.manager.updateUser(cUser, set, securityValidationContext);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public List<PrivilegeDescriptor> listPrivilegeDescriptors() {
        return this.manager.listPrivilegeDescriptors();
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void cleanRemovedPrivilege(String str) {
        this.manager.cleanRemovedPrivilege(str);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void cleanRemovedRole(String str) {
        this.manager.cleanRemovedRole(str);
    }

    @Override // org.sonatype.security.realms.tools.ConfigurationManager
    public void save() {
        this.manager.save();
    }

    @Override // org.sonatype.security.realms.tools.AbstractConfigurationManager
    protected boolean shouldRebuildConifuguration() {
        Iterator<DynamicSecurityResource> it = this.dynamicResources.iterator();
        while (it.hasNext()) {
            if (it.next().isDirty()) {
                return true;
            }
        }
        return false;
    }

    @Override // org.sonatype.security.realms.tools.AbstractConfigurationManager
    protected Configuration doGetConfiguration() {
        Configuration configuration = new Configuration();
        Iterator<StaticSecurityResource> it = this.staticResources.iterator();
        while (it.hasNext()) {
            Configuration configuration2 = it.next().getConfiguration();
            if (configuration2 != null) {
                appendConfig(configuration, configuration2);
            }
        }
        Iterator<DynamicSecurityResource> it2 = this.dynamicResources.iterator();
        while (it2.hasNext()) {
            Configuration configuration3 = it2.next().getConfiguration();
            if (configuration3 != null) {
                appendConfig(configuration, configuration3);
            }
        }
        return configuration;
    }

    private Configuration appendConfig(Configuration configuration, Configuration configuration2) {
        Iterator<CPrivilege> it = configuration2.getPrivileges().iterator();
        while (it.hasNext()) {
            configuration.addPrivilege(it.next());
        }
        HashMap hashMap = new HashMap();
        for (CRole cRole : configuration.getRoles()) {
            hashMap.put(cRole.getId(), cRole);
        }
        for (CRole cRole2 : configuration2.getRoles()) {
            CRole cRole3 = (CRole) hashMap.get(cRole2.getId());
            if (cRole3 != null) {
                cRole2 = mergeRolesContents(cRole2, cRole3);
                configuration.removeRole(cRole3);
            }
            configuration.addRole(cRole2);
            hashMap.put(cRole2.getId(), cRole2);
        }
        Iterator<CUser> it2 = configuration2.getUsers().iterator();
        while (it2.hasNext()) {
            configuration.addUser(it2.next());
        }
        return configuration;
    }
}
