package org.codehaus.plexus.redback.xwork.action.admin;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.codehaus.plexus.redback.rbac.Permission;
import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
import org.codehaus.plexus.redback.rbac.Role;
import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.role.model.ModelApplication;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.redback.users.UserNotFoundException;
import org.codehaus.plexus.redback.xwork.action.AbstractUserCredentialsAction;
import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.redback.xwork.model.AdminEditUserCredentials;
import org.codehaus.plexus.redback.xwork.model.ApplicationRoleDetails;
import org.codehaus.plexus.redback.xwork.role.RoleConstants;
import org.codehaus.plexus.util.StringUtils;

/* loaded from: input_file:org/codehaus/plexus/redback/xwork/action/admin/AssignmentsAction.class */
public class AssignmentsAction extends AbstractUserCredentialsAction {
    private RBACManager manager;
    private RoleManager rmanager;
    private String principal;
    private AdminEditUserCredentials user;
    private List assignedRoles;
    private List availableRoles;
    private List effectivelyAssignedRoles;
    private List addDSelectedRoles;
    private List addNDSelectedRoles;
    private List nondynamicroles;
    private List dynamicroles;
    private List templates;
    private List NDRoles;
    private List DRoles;
    private List applicationRoleDetails = new ArrayList();

    public List getApplicationRoleDetails() {
        return this.applicationRoleDetails;
    }

    public List getTemplates() {
        return this.templates;
    }

    public void setTemplates(List list) {
        this.templates = list;
    }

    public String show() throws RbacObjectNotFoundException, RbacManagerException {
        this.addNDSelectedRoles = new ArrayList();
        this.addDSelectedRoles = new ArrayList();
        if (StringUtils.isEmpty(this.principal)) {
            addActionError(getText("rbac.edit.user.empty.principal"));
            return "error";
        }
        UserManager userManager = this.securitySystem.getUserManager();
        if (!userManager.userExists(this.principal)) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(this.principal);
            addActionError(getText("user.does.not.exist", arrayList));
            return "error";
        }
        try {
            User findUser = userManager.findUser(this.principal);
            if (findUser == null) {
                addActionError(getText("cannot.operate.on.null.user"));
                return "error";
            }
            this.user = new AdminEditUserCredentials(findUser);
            if (!this.manager.userAssignmentExists(this.principal)) {
                this.manager.saveUserAssignment(this.manager.createUserAssignment(this.principal));
            }
            List filterRolesForCurrentUserAccess = filterRolesForCurrentUserAccess(this.manager.getAllRoles());
            Iterator it = this.rmanager.getModel().getApplications().iterator();
            while (it.hasNext()) {
                this.applicationRoleDetails.add(new ApplicationRoleDetails((ModelApplication) it.next(), this.manager.getEffectivelyAssignedRoles(this.principal), this.manager.getAssignedRoles(this.principal), filterRolesForCurrentUserAccess));
            }
            return "success";
        } catch (UserNotFoundException e) {
            ArrayList arrayList2 = new ArrayList();
            arrayList2.add(this.principal);
            arrayList2.add(e.getMessage());
            addActionError(getText("user.not.found.exception", arrayList2));
            return "error";
        }
    }

    public String edituser() {
        try {
            Collection<Role> assignedRoles = this.manager.getAssignedRoles(this.principal);
            List filterRolesForCurrentUserAccess = filterRolesForCurrentUserAccess(this.manager.getAllRoles());
            HashSet hashSet = new HashSet(assignedRoles);
            hashSet.addAll(filterRolesForCurrentUserAccess);
            List<String> arrayList = new ArrayList<>();
            addSelectedRoles(hashSet, arrayList, this.addNDSelectedRoles);
            addSelectedRoles(hashSet, arrayList, this.addDSelectedRoles);
            ArrayList arrayList2 = new ArrayList(arrayList);
            String currentUser = getCurrentUser();
            for (Role role : assignedRoles) {
                if (arrayList.contains(role.getName())) {
                    arrayList2.remove(role.getName());
                } else if (checkRoleName(filterRolesForCurrentUserAccess, role.getName())) {
                    logChange(currentUser, "removing role '" + role.getName() + "' from ");
                } else {
                    arrayList.add(role.getName());
                }
            }
            Iterator it = arrayList2.iterator();
            while (it.hasNext()) {
                logChange(currentUser, "adding role '" + ((String) it.next()) + "' to ");
            }
            UserAssignment userAssignment = this.manager.userAssignmentExists(this.principal) ? this.manager.getUserAssignment(this.principal) : this.manager.createUserAssignment(this.principal);
            userAssignment.setRoleNames(arrayList);
            this.manager.saveUserAssignment(userAssignment);
            return "success";
        } catch (RbacManagerException e) {
            List arrayList3 = new ArrayList();
            arrayList3.add(e.getMessage());
            addActionError(getText("error.removing.selected.roles", arrayList3));
            return "error";
        }
    }

    private void logChange(String str, String str2) {
        getLogger().info(str2 + this.principal + " (by " + str + ")");
    }

    private void addSelectedRoles(Collection<Role> collection, List<String> list, List list2) {
        if (list2 != null) {
            Iterator it = list2.iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                if (checkRoleName(collection, str)) {
                    list.add(str);
                }
            }
        }
    }

    private boolean checkRoleName(Collection<Role> collection, String str) {
        Iterator<Role> it = collection.iterator();
        while (it.hasNext()) {
            if (it.next().getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    private List filterRolesForCurrentUserAccess(List list) throws RbacManagerException {
        String currentUser = getCurrentUser();
        ArrayList arrayList = new ArrayList();
        Map assignedPermissionMap = this.manager.getAssignedPermissionMap(currentUser);
        ArrayList arrayList2 = new ArrayList();
        if (!assignedPermissionMap.containsKey(RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION)) {
            return Collections.EMPTY_LIST;
        }
        for (Permission permission : (List) assignedPermissionMap.get(RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION)) {
            if (permission.getResource().getIdentifier().equals("*")) {
                return list;
            }
            arrayList2.add(permission.getResource().getIdentifier());
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            Role role = (Role) it.next();
            Iterator it2 = arrayList2.iterator();
            while (it2.hasNext()) {
                if (role.getName().indexOf((String) it2.next()) != -1) {
                    arrayList.add(role);
                }
            }
        }
        return arrayList;
    }

    private String getCurrentUser() {
        return getSecuritySession().getUser().getPrincipal().toString();
    }

    public List getAssignedRoles() {
        return this.assignedRoles;
    }

    public void setAssignedRoles(List list) {
        this.assignedRoles = list;
    }

    public List getAvailableRoles() {
        return this.availableRoles;
    }

    public void setAvailableRoles(List list) {
        this.availableRoles = list;
    }

    public List getEffectivelyAssignedRoles() {
        return this.effectivelyAssignedRoles;
    }

    public void setEffectivelyAssignedRoles(List list) {
        this.effectivelyAssignedRoles = list;
    }

    public String getPrincipal() {
        return this.principal;
    }

    public void setPrincipal(String str) {
        this.principal = str;
    }

    public void setUsername(String str) {
        this.principal = str;
    }

    public AdminEditUserCredentials getUser() {
        return this.user;
    }

    @Override // org.codehaus.plexus.redback.xwork.action.AbstractSecurityAction
    public SecureActionBundle initSecureActionBundle() throws SecureActionException {
        SecureActionBundle secureActionBundle = new SecureActionBundle();
        secureActionBundle.setRequiresAuthentication(true);
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_USER_EDIT_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_ROLE_DROP_OPERATION, "*");
        secureActionBundle.addRequiredAuthorization(RoleConstants.USER_MANAGEMENT_USER_ROLE_OPERATION, "*");
        return secureActionBundle;
    }

    public List getNondynamicroles() {
        return this.nondynamicroles;
    }

    public void setNondynamicroles(List list) {
        this.nondynamicroles = list;
    }

    public List getDynamicroles() {
        return this.dynamicroles;
    }

    public void setDynamicroles(List list) {
        this.dynamicroles = list;
    }

    public List getNDRoles() {
        return this.NDRoles;
    }

    public void setNDRoles(List list) {
        this.NDRoles = list;
    }

    public List getDRoles() {
        return this.DRoles;
    }

    public void setDRoles(List list) {
        this.DRoles = list;
    }

    public List getAddDSelectedRoles() {
        return this.addDSelectedRoles;
    }

    public void setAddDSelectedRoles(List list) {
        this.addDSelectedRoles = list;
    }

    public List getAddNDSelectedRoles() {
        return this.addNDSelectedRoles;
    }

    public void setAddNDSelectedRoles(List list) {
        this.addNDSelectedRoles = list;
    }
}
