package org.sonatype.nexus.security.privilege;

import com.google.common.base.Joiner;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableList;
import java.util.List;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.apache.shiro.authz.Permission;
import org.sonatype.goodies.i18n.I18N;
import org.sonatype.goodies.i18n.MessageBundle;
import org.sonatype.nexus.formfields.FormField;
import org.sonatype.nexus.formfields.SetOfCheckboxesFormField;
import org.sonatype.nexus.formfields.StringTextFormField;
import org.sonatype.nexus.security.config.CPrivilege;
import org.sonatype.nexus.security.config.CPrivilegeBuilder;
import org.sonatype.nexus.security.privilege.rest.ApiPrivilegeApplication;
import org.sonatype.nexus.security.privilege.rest.ApiPrivilegeApplicationRequest;
import org.sonatype.nexus.security.privilege.rest.PrivilegeAction;

@Singleton
@Named("application")
/* loaded from: input_file:org/sonatype/nexus/security/privilege/ApplicationPrivilegeDescriptor.class */
public class ApplicationPrivilegeDescriptor extends PrivilegeDescriptorSupport<ApiPrivilegeApplication, ApiPrivilegeApplicationRequest> {
    public static final String TYPE = "application";
    public static final String P_DOMAIN = "domain";
    public static final String P_ACTIONS = "actions";
    private static final Messages messages = (Messages) I18N.create(Messages.class);
    private final List<FormField> formFields;
    private static final String P_OPTIONS = "options";

    /* loaded from: input_file:org/sonatype/nexus/security/privilege/ApplicationPrivilegeDescriptor$Messages.class */
    private interface Messages extends MessageBundle {
        @MessageBundle.DefaultMessage("Application")
        String name();

        @MessageBundle.DefaultMessage("Domain")
        String domain();

        @MessageBundle.DefaultMessage("The domain for the privilege")
        String domainHelp();

        @MessageBundle.DefaultMessage("Actions")
        String actions();

        @MessageBundle.DefaultMessage("A comma-delimited list (without whitespace) of actions allowed with this privilege; options include create, read, update, delete, start, stop, associate, disassociate, and a wildcard (*) <a href='https://links.sonatype.com/products/nxrm3/docs/privileges' target='_blank'>Help</a>")
        String actionsHelp();

        @MessageBundle.DefaultMessage("The actions you wish to allow")
        String actionsCheckboxesHelp();
    }

    @Inject
    public ApplicationPrivilegeDescriptor(@Named("${nexus.react.privileges:-true}") boolean z) {
        super("application");
        this.formFields = ImmutableList.of((Object) new StringTextFormField("domain", messages.domain(), messages.domainHelp(), true), z ? new SetOfCheckboxesFormField("actions", messages.actions(), messages.actionsCheckboxesHelp(), true).withAttribute(P_OPTIONS, PrivilegeAction.getCrudTaskActionStrings()) : new StringTextFormField("actions", messages.actions(), messages.actionsHelp(), true, "(^(create|read|update|delete|start|stop|associate|disassociate)(,(create|read|update|delete|start|stop|associate|disassociate)){0,3}$)|(^\\*$)"));
    }

    @Override // org.sonatype.nexus.security.privilege.PrivilegeDescriptor
    public Permission createPermission(CPrivilege cPrivilege) {
        Preconditions.checkNotNull(cPrivilege);
        return new ApplicationPermission(readProperty(cPrivilege, "domain", "*"), readListProperty(cPrivilege, "actions", "*"));
    }

    @Override // org.sonatype.nexus.security.privilege.PrivilegeDescriptor
    public List<FormField> getFormFields() {
        return this.formFields;
    }

    @Override // org.sonatype.nexus.security.privilege.PrivilegeDescriptor
    public String getName() {
        return messages.name();
    }

    public static String id(String str, String... strArr) {
        return String.format("%s-%s", str, Joiner.on(',').join(strArr));
    }

    public static CPrivilege privilege(String str, String... strArr) {
        return new CPrivilegeBuilder().type("application").id(id(str, strArr)).property("domain", str).property("actions", strArr).create();
    }

    @Override // org.sonatype.nexus.security.privilege.PrivilegeDescriptor
    public ApiPrivilegeApplication createApiPrivilegeImpl(Privilege privilege) {
        return new ApiPrivilegeApplication(privilege);
    }

    @Override // org.sonatype.nexus.security.privilege.PrivilegeDescriptor
    public void validate(ApiPrivilegeApplicationRequest apiPrivilegeApplicationRequest) {
        validateActions(apiPrivilegeApplicationRequest, PrivilegeAction.getCrudTaskAction());
    }
}
