package org.codehaus.plexus.redback.xwork.action.admin;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.codehaus.plexus.redback.rbac.Permission;
import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.rbac.Role;
import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.redback.users.UserNotFoundException;
import org.codehaus.plexus.redback.xwork.action.AbstractUserCredentialsAction;
import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.redback.xwork.model.AdminEditUserCredentials;
import org.codehaus.plexus.redback.xwork.role.RoleConstants;
import org.codehaus.plexus.util.StringUtils;

/* loaded from: input_file:org/codehaus/plexus/redback/xwork/action/admin/AssignmentsAction.class */
public class AssignmentsAction extends AbstractUserCredentialsAction {
    private RBACManager manager;
    private String principal;
    private AdminEditUserCredentials user;
    private List assignedRoles;
    private List availableRoles;
    private List effectivelyAssignedRoles;
    private List addSelectedRoles;
    private List removeSelectedRoles;
    private boolean addRolesButton;
    private boolean removeRolesButton;

    public String show() {
        if (StringUtils.isEmpty(this.principal)) {
            addActionError("Cannot use AssignmentsAction for RBAC Edit User with an empty principal.");
            return "error";
        }
        UserManager userManager = this.securitySystem.getUserManager();
        if (!userManager.userExists(this.principal)) {
            addActionError(new StringBuffer().append("User '").append(this.principal).append("' does not exist.").toString());
            return "error";
        }
        try {
            User findUser = userManager.findUser(this.principal);
            if (findUser == null) {
                addActionError("Unable to operate on null user.");
                return "error";
            }
            this.user = new AdminEditUserCredentials(findUser);
            this.addSelectedRoles = new ArrayList();
            this.removeSelectedRoles = new ArrayList();
            this.effectivelyAssignedRoles = new ArrayList();
            try {
                if (this.manager.userAssignmentExists(this.principal)) {
                    this.assignedRoles = new ArrayList(this.manager.getAssignedRoles(this.principal));
                    for (Role role : new ArrayList(this.manager.getEffectivelyAssignedRoles(this.principal))) {
                        if (role.isAssignable()) {
                            this.effectivelyAssignedRoles.add(role);
                        }
                    }
                } else {
                    this.assignedRoles = new ArrayList();
                }
                if (this.manager.userAssignmentExists(this.principal)) {
                    this.availableRoles = new ArrayList(this.manager.getEffectivelyUnassignedRoles(this.principal));
                } else {
                    this.availableRoles = new ArrayList(this.manager.getAllAssignableRoles());
                }
                this.assignedRoles = filterRolesForCurrentUserAccess(this.assignedRoles);
                this.availableRoles = filterRolesForCurrentUserAccess(this.availableRoles);
                return "success";
            } catch (RbacManagerException e) {
                addActionError(e.getMessage());
                return "error";
            }
        } catch (UserNotFoundException e2) {
            addActionError(new StringBuffer().append("Unable to get User '").append(this.principal).append("': ").append(e2.getMessage()).toString());
            return "error";
        }
    }

    public String edituser() {
        getLogger().info("in edit user now");
        if (this.addRolesButton) {
            getLogger().info("add roles button was clicked");
            if (this.addSelectedRoles == null || this.addSelectedRoles.size() <= 0) {
                return "success";
            }
            getLogger().info(new StringBuffer().append("we selected some roles to grant ").append(this.addSelectedRoles.size()).toString());
            try {
                UserAssignment userAssignment = this.manager.userAssignmentExists(this.principal) ? this.manager.getUserAssignment(this.principal) : this.manager.createUserAssignment(this.principal);
                for (String str : this.addSelectedRoles) {
                    getLogger().info(new StringBuffer().append("adding ").append(str).append(" to ").append(this.principal).toString());
                    userAssignment.addRoleName(str);
                }
                this.manager.saveUserAssignment(userAssignment);
                return "success";
            } catch (RbacManagerException e) {
                addActionError(new StringBuffer().append("error adding the selected roles: ").append(e.getMessage()).toString());
                return "error";
            }
        }
        if (!this.removeRolesButton || this.removeSelectedRoles == null || this.removeSelectedRoles.size() <= 0) {
            return "success";
        }
        getLogger().info("we selected some roles to remove");
        try {
            UserAssignment userAssignment2 = this.manager.getUserAssignment(this.principal);
            List roleNames = userAssignment2.getRoleNames();
            Iterator it = this.removeSelectedRoles.iterator();
            while (it.hasNext()) {
                roleNames.remove((String) it.next());
            }
            userAssignment2.setRoleNames(roleNames);
            this.manager.saveUserAssignment(userAssignment2);
            return "success";
        } catch (RbacManagerException e2) {
            addActionError(new StringBuffer().append("error removing the selected roles: ").append(e2.getMessage()).toString());
            return "error";
        }
    }

    private List filterRolesForCurrentUserAccess(List list) throws RbacManagerException {
        String obj = ((SecuritySession) this.session.get("securitySession")).getUser().getPrincipal().toString();
        ArrayList arrayList = new ArrayList();
        Map assignedPermissionMap = this.manager.getAssignedPermissionMap(obj);
        ArrayList arrayList2 = new ArrayList();
        if (!assignedPermissionMap.containsKey(RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION)) {
            return Collections.EMPTY_LIST;
        }
        for (Permission permission : (List) assignedPermissionMap.get(RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION)) {
            if (permission.getResource().getIdentifier().equals("*")) {
                return list;
            }
            arrayList2.add(permission.getResource().getIdentifier());
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            Role role = (Role) it.next();
            Iterator it2 = arrayList2.iterator();
            while (it2.hasNext()) {
                if (role.getName().indexOf((String) it2.next()) != -1) {
                    arrayList.add(role);
                }
            }
        }
        return arrayList;
    }

    public boolean isAddRolesButton() {
        return this.addRolesButton;
    }

    public void setAddRolesButton(boolean z) {
        this.addRolesButton = z;
    }

    public List getAssignedRoles() {
        return this.assignedRoles;
    }

    public void setAssignedRoles(List list) {
        this.assignedRoles = list;
    }

    public List getAvailableRoles() {
        return this.availableRoles;
    }

    public void setAvailableRoles(List list) {
        this.availableRoles = list;
    }

    public List getEffectivelyAssignedRoles() {
        return this.effectivelyAssignedRoles;
    }

    public void setEffectivelyAssignedRoles(List list) {
        this.effectivelyAssignedRoles = list;
    }

    public boolean isRemoveRolesButton() {
        return this.removeRolesButton;
    }

    public void setRemoveRolesButton(boolean z) {
        this.removeRolesButton = z;
    }

    public List getAddSelectedRoles() {
        return this.addSelectedRoles;
    }

    public void setAddSelectedRoles(List list) {
        this.addSelectedRoles = list;
    }

    public String getPrincipal() {
        return this.principal;
    }

    public void setPrincipal(String str) {
        this.principal = str;
    }

    public void setUsername(String str) {
        this.principal = str;
    }

    public List getRemoveSelectedRoles() {
        return this.removeSelectedRoles;
    }

    public void setRemoveSelectedRoles(List list) {
        this.removeSelectedRoles = list;
    }

    public AdminEditUserCredentials getUser() {
        return this.user;
    }

    @Override // org.codehaus.plexus.redback.xwork.action.AbstractSecurityAction
    public SecureActionBundle initSecureActionBundle() throws SecureActionException {
        SecureActionBundle secureActionBundle = new SecureActionBundle();
        secureActionBundle.setRequiresAuthentication(true);
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_USER_EDIT_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_ROLE_DROP_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_USER_ROLE_OPERATION, "*");
        return secureActionBundle;
    }
}
