package com.helger.photon.basic.security.role;

import com.helger.commons.CGlobal;
import com.helger.commons.ValueEnforcer;
import com.helger.commons.annotation.Nonempty;
import com.helger.commons.annotation.ReturnsMutableCopy;
import com.helger.commons.annotation.ReturnsMutableObject;
import com.helger.commons.callback.CallbackList;
import com.helger.commons.collection.CollectionHelper;
import com.helger.commons.microdom.IMicroDocument;
import com.helger.commons.microdom.IMicroElement;
import com.helger.commons.microdom.MicroDocument;
import com.helger.commons.microdom.convert.MicroTypeConverter;
import com.helger.commons.state.EChange;
import com.helger.commons.string.StringHelper;
import com.helger.html.CHTMLAttributes;
import com.helger.photon.basic.app.dao.IReloadableDAO;
import com.helger.photon.basic.app.dao.impl.AbstractSimpleDAO;
import com.helger.photon.basic.app.dao.impl.DAOException;
import com.helger.photon.basic.security.CSecurity;
import com.helger.photon.basic.security.audit.AuditHelper;
import com.helger.photon.basic.security.role.callback.IRoleModificationCallback;
import com.helger.photon.bootstrap3.pages.security.BasePageSecurityUserGroupManagement;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.concurrent.GuardedBy;
import javax.annotation.concurrent.ThreadSafe;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ThreadSafe
/* loaded from: input_file:WEB-INF/lib/ph-oton-basic-6.1.0.jar:com/helger/photon/basic/security/role/RoleManager.class */
public final class RoleManager extends AbstractSimpleDAO implements IRoleManager, IReloadableDAO {
    public static final boolean DEFAULT_CREATE_DEFAULTS = true;
    private static final Logger s_aLogger = LoggerFactory.getLogger((Class<?>) RoleManager.class);
    private static final ReadWriteLock s_aRWLock = new ReentrantReadWriteLock();

    @GuardedBy("s_aRWLock")
    private static boolean s_bCreateDefaults = true;

    @GuardedBy("m_aRWLock")
    private final Map<String, Role> m_aRoles;
    private final CallbackList<IRoleModificationCallback> m_aRoleCallbacks;

    public static boolean isCreateDefaults() {
        s_aRWLock.readLock().lock();
        try {
            boolean z = s_bCreateDefaults;
            s_aRWLock.readLock().unlock();
            return z;
        } catch (Throwable th) {
            s_aRWLock.readLock().unlock();
            throw th;
        }
    }

    public static void setCreateDefaults(boolean z) {
        s_aRWLock.writeLock().lock();
        try {
            s_bCreateDefaults = z;
            s_aRWLock.writeLock().unlock();
        } catch (Throwable th) {
            s_aRWLock.writeLock().unlock();
            throw th;
        }
    }

    public RoleManager(@Nonnull @Nonempty String str) throws DAOException {
        super(str);
        this.m_aRoles = new HashMap();
        this.m_aRoleCallbacks = new CallbackList<>();
        initialRead();
    }

    @Override // com.helger.photon.basic.app.dao.IReloadableDAO
    public void reload() throws DAOException {
        this.m_aRWLock.writeLock().lock();
        try {
            this.m_aRoles.clear();
            initialRead();
        } finally {
            this.m_aRWLock.writeLock().unlock();
        }
    }

    @Override // com.helger.photon.basic.app.dao.impl.AbstractSimpleDAO
    @Nonnull
    protected EChange onInit() {
        if (!isCreateDefaults()) {
            return EChange.UNCHANGED;
        }
        _addRole(new Role(CSecurity.ROLE_ADMINISTRATOR_ID, "Administrator", (String) null, (Map) null));
        _addRole(new Role(CSecurity.ROLE_USER_ID, "User", (String) null, (Map) null));
        return EChange.CHANGED;
    }

    @Override // com.helger.photon.basic.app.dao.impl.AbstractSimpleDAO
    @Nonnull
    protected EChange onRead(@Nonnull IMicroDocument iMicroDocument) {
        Iterator<IMicroElement> it = iMicroDocument.getDocumentElement().getAllChildElements().iterator();
        while (it.hasNext()) {
            _addRole((Role) MicroTypeConverter.convertToNative(it.next(), Role.class));
        }
        return EChange.UNCHANGED;
    }

    @Override // com.helger.photon.basic.app.dao.impl.AbstractSimpleDAO
    @Nonnull
    protected IMicroDocument createWriteData() {
        MicroDocument microDocument = new MicroDocument();
        IMicroElement appendElement = microDocument.appendElement(BasePageSecurityUserGroupManagement.FIELD_ROLES);
        Iterator it = CollectionHelper.getSortedByKey(this.m_aRoles).values().iterator();
        while (it.hasNext()) {
            appendElement.appendChild(MicroTypeConverter.convertToMicroElement((Role) it.next(), CHTMLAttributes.ROLE));
        }
        return microDocument;
    }

    @Override // com.helger.photon.basic.security.role.IRoleManager
    @Nonnull
    @ReturnsMutableObject("design")
    public CallbackList<IRoleModificationCallback> getRoleModificationCallbacks() {
        return this.m_aRoleCallbacks;
    }

    private void _addRole(@Nonnull Role role) {
        ValueEnforcer.notNull(role, "Role");
        String id = role.getID();
        if (this.m_aRoles.containsKey(id)) {
            throw new IllegalArgumentException("Role ID " + id + " is already in use!");
        }
        this.m_aRoles.put(id, role);
    }

    @Override // com.helger.photon.basic.security.role.IRoleManager
    @Nonnull
    public IRole createNewRole(@Nonnull @Nonempty String str, @Nullable String str2, @Nullable Map<String, ?> map) {
        Role role = new Role(str, str2, map);
        this.m_aRWLock.writeLock().lock();
        try {
            _addRole(role);
            markAsChanged();
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditCreateSuccess(CSecurity.TYPE_ROLE, role.getID(), str);
            Iterator<IRoleModificationCallback> it = this.m_aRoleCallbacks.getAllCallbacks().iterator();
            while (it.hasNext()) {
                try {
                    it.next().onRoleCreated(role, false);
                } catch (Throwable th) {
                    s_aLogger.error("Failed to invoke onRoleCreated callback on " + role.toString(), th);
                }
            }
            return role;
        } catch (Throwable th2) {
            this.m_aRWLock.writeLock().unlock();
            throw th2;
        }
    }

    @Override // com.helger.photon.basic.security.role.IRoleManager
    @Nonnull
    public IRole createPredefinedRole(@Nonnull @Nonempty String str, @Nonnull @Nonempty String str2, @Nullable String str3, @Nullable Map<String, ?> map) {
        Role role = new Role(str, str2, str3, map);
        this.m_aRWLock.writeLock().lock();
        try {
            _addRole(role);
            markAsChanged();
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditCreateSuccess(CSecurity.TYPE_ROLE, role.getID(), "predefind-role", str2);
            Iterator<IRoleModificationCallback> it = this.m_aRoleCallbacks.getAllCallbacks().iterator();
            while (it.hasNext()) {
                try {
                    it.next().onRoleCreated(role, true);
                } catch (Throwable th) {
                    s_aLogger.error("Failed to invoke onRoleCreated callback on " + role.toString(), th);
                }
            }
            return role;
        } catch (Throwable th2) {
            this.m_aRWLock.writeLock().unlock();
            throw th2;
        }
    }

    @Override // com.helger.photon.basic.security.role.IRoleManager
    public boolean containsRoleWithID(@Nullable String str) {
        if (StringHelper.hasNoText(str)) {
            return false;
        }
        this.m_aRWLock.readLock().lock();
        try {
            return this.m_aRoles.containsKey(str);
        } finally {
            this.m_aRWLock.readLock().unlock();
        }
    }

    @Override // com.helger.photon.basic.security.role.IRoleManager
    public boolean containsAllRolesWithID(@Nullable Collection<String> collection) {
        if (CollectionHelper.isEmpty((Collection<?>) collection)) {
            return true;
        }
        this.m_aRWLock.readLock().lock();
        try {
            Iterator<String> it = collection.iterator();
            while (it.hasNext()) {
                if (!this.m_aRoles.containsKey(it.next())) {
                    return false;
                }
            }
            this.m_aRWLock.readLock().unlock();
            return true;
        } finally {
            this.m_aRWLock.readLock().unlock();
        }
    }

    @Override // com.helger.photon.basic.security.role.IRoleManager
    @Nullable
    public Role getRoleOfID(@Nullable String str) {
        if (StringHelper.hasNoText(str)) {
            return null;
        }
        this.m_aRWLock.readLock().lock();
        try {
            return this.m_aRoles.get(str);
        } finally {
            this.m_aRWLock.readLock().unlock();
        }
    }

    @Override // com.helger.photon.basic.security.role.IRoleManager
    @Nonnull
    @ReturnsMutableCopy
    public Collection<? extends IRole> getAllRoles() {
        this.m_aRWLock.readLock().lock();
        try {
            return CollectionHelper.newList((Collection) this.m_aRoles.values());
        } finally {
            this.m_aRWLock.readLock().unlock();
        }
    }

    @Override // com.helger.photon.basic.security.role.IRoleManager
    @Nonnull
    public EChange deleteRole(@Nullable String str) {
        this.m_aRWLock.writeLock().lock();
        try {
            Role remove = this.m_aRoles.remove(str);
            if (remove == null) {
                AuditHelper.onAuditDeleteFailure(CSecurity.TYPE_ROLE, "no-such-role-id", str);
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            markAsChanged();
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditDeleteSuccess(CSecurity.TYPE_ROLE, str);
            Iterator<IRoleModificationCallback> it = this.m_aRoleCallbacks.getAllCallbacks().iterator();
            while (it.hasNext()) {
                try {
                    it.next().onRoleDeleted(remove);
                } catch (Throwable th) {
                    s_aLogger.error("Failed to invoke onRoleDeleted callback on " + remove.toString(), th);
                }
            }
            return EChange.CHANGED;
        } catch (Throwable th2) {
            this.m_aRWLock.writeLock().unlock();
            throw th2;
        }
    }

    @Override // com.helger.photon.basic.security.role.IRoleManager
    @Nonnull
    public EChange renameRole(@Nullable String str, @Nonnull @Nonempty String str2) {
        Role roleOfID = getRoleOfID(str);
        if (roleOfID == null) {
            AuditHelper.onAuditModifyFailure(CSecurity.TYPE_ROLE, str, "no-such-id");
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            if (roleOfID.setName(str2).isUnchanged()) {
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            markAsChanged();
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditModifySuccess(CSecurity.TYPE_ROLE, "name", str, str2);
            Iterator<IRoleModificationCallback> it = this.m_aRoleCallbacks.getAllCallbacks().iterator();
            while (it.hasNext()) {
                try {
                    it.next().onRoleRenamed(roleOfID);
                } catch (Throwable th) {
                    s_aLogger.error("Failed to invoke onRoleRenamed callback on " + roleOfID.toString(), th);
                }
            }
            return EChange.CHANGED;
        } catch (Throwable th2) {
            this.m_aRWLock.writeLock().unlock();
            throw th2;
        }
    }

    @Override // com.helger.photon.basic.security.role.IRoleManager
    @Nonnull
    public EChange setRoleData(@Nullable String str, @Nonnull @Nonempty String str2, @Nullable String str3, @Nullable Map<String, ?> map) {
        Role roleOfID = getRoleOfID(str);
        if (roleOfID == null) {
            AuditHelper.onAuditModifyFailure(CSecurity.TYPE_ROLE, str, "no-such-role-id");
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            if (roleOfID.setName(str2).or(roleOfID.setDescription(str3)).or(roleOfID.setAttributes(map)).isUnchanged()) {
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            markAsChanged();
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditModifySuccess(CSecurity.TYPE_ROLE, CGlobal.STR_ALL, roleOfID.getID(), str2, str3, map);
            Iterator<IRoleModificationCallback> it = this.m_aRoleCallbacks.getAllCallbacks().iterator();
            while (it.hasNext()) {
                try {
                    it.next().onRoleUpdated(roleOfID);
                } catch (Throwable th) {
                    s_aLogger.error("Failed to invoke onRoleUpdated callback on " + roleOfID.toString(), th);
                }
            }
            return EChange.CHANGED;
        } catch (Throwable th2) {
            this.m_aRWLock.writeLock().unlock();
            throw th2;
        }
    }
}
