package org.jboss.as.console.client.rbac;

import com.allen_sauer.gwt.log.client.Log;
import com.google.gwt.user.client.rpc.AsyncCallback;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.inject.Inject;
import org.jboss.as.console.client.Console;
import org.jboss.as.console.client.core.BootstrapContext;
import org.jboss.as.console.client.domain.model.SimpleCallback;
import org.jboss.as.console.client.plugins.AccessControlRegistry;
import org.jboss.as.console.mbui.behaviour.CoreGUIContext;
import org.jboss.as.console.mbui.model.mapping.AddressMapping;
import org.jboss.ballroom.client.rbac.SecurityContext;
import org.jboss.dmr.client.ModelNode;
import org.jboss.dmr.client.ModelType;
import org.jboss.dmr.client.Property;
import org.jboss.dmr.client.dispatch.DispatchAsync;
import org.jboss.dmr.client.dispatch.impl.DMRAction;
import org.jboss.dmr.client.dispatch.impl.DMRResponse;
import org.useware.kernel.gui.behaviour.FilteringStatementContext;

/* loaded from: input_file:org/jboss/as/console/client/rbac/SecurityFrameworkImpl.class */
public class SecurityFrameworkImpl implements SecurityFramework {
    private static final String MODEL_DESCRIPTION = "model-description";
    private static final String DEFAULT = "default";
    private static final String ATTRIBUTES = "attributes";
    private static final String READ = "read";
    private static final String WRITE = "write";
    private static final String ADDRESS = "address";
    private static final String EXECUTE = "execute";
    private static final String EXCEPTIONS = "exceptions";
    private static final String ACCESS_CONTROL = "access-control";
    private static final String TRIM_DESCRIPTIONS = "trim-descriptions";
    protected final AccessControlRegistry accessControlMetaData;
    protected final DispatchAsync dispatcher;
    protected final CoreGUIContext statementContext;
    private final BootstrapContext bootstrap;
    private static final SecurityContext READ_ONLY = new ReadOnlyContext();
    protected Map<String, SecurityContext> contextMapping = new HashMap();
    protected final ContextKeyResolver keyResolver = new PlaceSecurityResolver();

    @Inject
    public SecurityFrameworkImpl(AccessControlRegistry accessControlRegistry, DispatchAsync dispatchAsync, CoreGUIContext coreGUIContext, BootstrapContext bootstrapContext) {
        this.accessControlMetaData = accessControlRegistry;
        this.dispatcher = dispatchAsync;
        this.statementContext = coreGUIContext;
        this.bootstrap = bootstrapContext;
    }

    public SecurityContext getSecurityContext() {
        return getSecurityContext(this.keyResolver.resolveKey());
    }

    @Override // org.jboss.as.console.client.rbac.SecurityFramework
    public boolean hasContext(String str) {
        return this.contextMapping.containsKey(str);
    }

    @Override // org.jboss.as.console.client.rbac.SecurityFramework
    public SecurityContext getSecurityContext(String str) {
        return this.contextMapping.get(str);
    }

    @Override // org.jboss.as.console.client.rbac.SecurityFramework
    public void createSecurityContext(String str, AsyncCallback<SecurityContext> asyncCallback) {
        createSecurityContext(str, this.accessControlMetaData.getResources(str), asyncCallback);
    }

    @Override // org.jboss.as.console.client.rbac.SecurityFramework
    public void createSecurityContext(final String str, final Set<String> set, final AsyncCallback<SecurityContext> asyncCallback) {
        ModelNode modelNode = new ModelNode();
        modelNode.get("operation").set("composite");
        modelNode.get(ADDRESS).setEmptyList();
        final LinkedList linkedList = new LinkedList();
        final HashMap hashMap = new HashMap();
        final HashSet<ResourceRef> hashSet = new HashSet(set.size());
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            hashSet.add(new ResourceRef(it.next()));
        }
        for (ResourceRef resourceRef : hashSet) {
            ModelNode asResource = AddressMapping.fromString(resourceRef.address).asResource(new FilteringStatementContext(this.statementContext, new FilteringStatementContext.Filter() { // from class: org.jboss.as.console.client.rbac.SecurityFrameworkImpl.1
                @Override // org.useware.kernel.gui.behaviour.FilteringStatementContext.Filter
                public String filter(String str2) {
                    if ("selected.entity".equals(str2)) {
                        return "*";
                    }
                    if ("addressable.group".equals(str2)) {
                        return SecurityFrameworkImpl.this.bootstrap.getAddressableGroups().isEmpty() ? "*" : SecurityFrameworkImpl.this.bootstrap.getAddressableGroups().iterator().next();
                    }
                    if ("addressable.host".equals(str2)) {
                        return SecurityFrameworkImpl.this.bootstrap.getAddressableHosts().isEmpty() ? "*" : SecurityFrameworkImpl.this.bootstrap.getAddressableHosts().iterator().next();
                    }
                    return null;
                }

                @Override // org.useware.kernel.gui.behaviour.FilteringStatementContext.Filter
                public String[] filterTuple(String str2) {
                    return null;
                }
            }) { // from class: org.jboss.as.console.client.rbac.SecurityFrameworkImpl.2
            }, new String[0]);
            hashMap.put("step-" + (linkedList.size() + 1), resourceRef);
            asResource.get("operation").set("read-resource-description");
            if (this.accessControlMetaData.isRecursive(str)) {
                asResource.get("recursive-depth").set(2);
            }
            asResource.get(ACCESS_CONTROL).set(TRIM_DESCRIPTIONS);
            asResource.get("operations").set(true);
            linkedList.add(asResource);
        }
        modelNode.get("steps").set(linkedList);
        final long currentTimeMillis = System.currentTimeMillis();
        this.dispatcher.execute(new DMRAction(modelNode), new SimpleCallback<DMRResponse>() { // from class: org.jboss.as.console.client.rbac.SecurityFrameworkImpl.3
            @Override // org.jboss.as.console.client.domain.model.SimpleCallback
            public void onFailure(Throwable th) {
                Console.warning("Failed to create security context for " + str + ", fallback to temporary read-only context", th.getMessage());
                SecurityFrameworkImpl.this.contextMapping.put(str, SecurityFrameworkImpl.READ_ONLY);
                asyncCallback.onSuccess(SecurityFrameworkImpl.READ_ONLY);
            }

            public void onSuccess(DMRResponse dMRResponse) {
                Log.info("Context http (" + str + "): " + (System.currentTimeMillis() - currentTimeMillis) + "ms");
                long currentTimeMillis2 = System.currentTimeMillis();
                ModelNode modelNode2 = dMRResponse.get();
                Log.info("Context decode (" + str + "): " + (System.currentTimeMillis() - currentTimeMillis2) + "ms");
                long currentTimeMillis3 = System.currentTimeMillis();
                if (modelNode2.isFailure()) {
                    Console.warning("Failed to retrieve access control meta data, fallback to temporary read-only context: ", modelNode2.getFailureDescription());
                    SecurityFrameworkImpl.this.contextMapping.put(str, SecurityFrameworkImpl.READ_ONLY);
                    asyncCallback.onSuccess(SecurityFrameworkImpl.READ_ONLY);
                    return;
                }
                try {
                    ModelNode modelNode3 = modelNode2.get("result");
                    SecurityContextImpl securityContextImpl = new SecurityContextImpl(str, hashSet);
                    for (int i = 1; i <= linkedList.size(); i++) {
                        String str2 = "step-" + i;
                        if (modelNode3.hasDefined(str2)) {
                            ResourceRef resourceRef2 = (ResourceRef) hashMap.get(str2);
                            ModelNode modelNode4 = modelNode3.get(str2).get("result");
                            ModelNode modelNode5 = null;
                            if (modelNode4.getType() == ModelType.LIST) {
                                List asList = modelNode4.asList();
                                boolean z = !asList.isEmpty();
                                Iterator it2 = asList.iterator();
                                while (true) {
                                    if (!it2.hasNext()) {
                                        break;
                                    }
                                    ModelNode modelNode6 = (ModelNode) it2.next();
                                    List asList2 = modelNode6.get(SecurityFrameworkImpl.ADDRESS).asList();
                                    if (!z) {
                                        if (((ModelNode) asList2.get(asList2.size() - 1)).asString().contains("*")) {
                                            modelNode5 = modelNode6;
                                            break;
                                        }
                                    } else {
                                        if (!((ModelNode) asList2.get(asList2.size() - 1)).asString().contains("*")) {
                                            modelNode5 = modelNode6;
                                            break;
                                        }
                                    }
                                }
                                if (modelNode5 == null) {
                                    modelNode5 = (ModelNode) asList.get(0);
                                }
                            } else {
                                modelNode5 = modelNode4;
                            }
                            SecurityFrameworkImpl.this.parseAccessControlChildren(resourceRef2, set, securityContextImpl, modelNode5);
                        }
                    }
                    securityContextImpl.seal();
                    SecurityFrameworkImpl.this.contextMapping.put(str, securityContextImpl);
                    Log.info("Context parse (" + str + "): " + (System.currentTimeMillis() - currentTimeMillis3) + "ms");
                    asyncCallback.onSuccess(securityContextImpl);
                } catch (Throwable th) {
                    asyncCallback.onFailure(new RuntimeException("Failed to parse access control meta data", th));
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void parseAccessControlChildren(ResourceRef resourceRef, Set<String> set, SecurityContextImpl securityContextImpl, ModelNode modelNode) {
        ModelNode modelNode2 = modelNode.hasDefined("result") ? modelNode.get("result") : modelNode;
        parseAccessControlMetaData(resourceRef, securityContextImpl, modelNode2);
        if (modelNode2.hasDefined("children")) {
            ModelNode modelNode3 = modelNode2.get("children");
            for (String str : modelNode3.keys()) {
                String str2 = resourceRef.address + "/" + str + "=*";
                if (!set.contains(str2)) {
                    ModelNode modelNode4 = modelNode3.get(str);
                    if (modelNode4.hasDefined(MODEL_DESCRIPTION)) {
                        ModelNode value = ((Property) modelNode4.get(MODEL_DESCRIPTION).asPropertyList().get(0)).getValue();
                        set.add(str2);
                        parseAccessControlChildren(new ResourceRef(resourceRef.address), set, securityContextImpl, value);
                    }
                }
            }
        }
    }

    private static void parseAccessControlMetaData(ResourceRef resourceRef, SecurityContextImpl securityContextImpl, ModelNode modelNode) {
        ModelNode modelNode2 = modelNode.get(ACCESS_CONTROL);
        if (!modelNode2.isDefined() || !modelNode2.hasDefined(DEFAULT)) {
            Console.warning("Access-control meta data missing for " + resourceRef.address);
            return;
        }
        ModelNode modelNode3 = modelNode2.get(EXCEPTIONS);
        ModelNode value = modelNode3.keys().size() > 0 ? ((Property) modelNode3.asPropertyList().get(0)).getValue() : modelNode2.get(DEFAULT);
        Constraints constraints = new Constraints(resourceRef.address);
        if (!value.hasDefined(ADDRESS) || value.get(ADDRESS).asBoolean()) {
            constraints.setReadResource(value.get(READ).asBoolean());
            constraints.setWriteResource(value.get(WRITE).asBoolean());
        } else {
            constraints.setAddress(false);
        }
        if (value.hasDefined("operations")) {
            for (Property property : value.get("operations").asPropertyList()) {
                constraints.setOperationExec(resourceRef.address, property.getName(), property.getValue().get(EXECUTE).asBoolean());
            }
        }
        if (value.hasDefined(ATTRIBUTES)) {
            for (Property property2 : value.get(ATTRIBUTES).asPropertyList()) {
                ModelNode value2 = property2.getValue();
                constraints.setAttributeRead(property2.getName(), value2.get(READ).asBoolean());
                constraints.setAttributeWrite(property2.getName(), value2.get(WRITE).asBoolean());
            }
        }
        if (resourceRef.optional) {
            securityContextImpl.setOptionalConstraints(resourceRef.address, constraints);
        } else {
            securityContextImpl.setConstraints(resourceRef.address, constraints);
        }
    }

    @Override // org.jboss.as.console.client.rbac.SecurityFramework
    public void flushContext(String str) {
        this.contextMapping.remove(str);
    }

    public Set<String> getReadOnlyJavaNames(Class<?> cls, SecurityContext securityContext) {
        return (cls == Object.class || cls == null) ? Collections.EMPTY_SET : new MetaDataAdapter(Console.MODULES.getApplicationMetaData()).getReadOnlyJavaNames(cls, securityContext);
    }

    public Set<String> getReadOnlyJavaNames(Class<?> cls, String str, SecurityContext securityContext) {
        return (cls == Object.class || cls == null) ? Collections.EMPTY_SET : new MetaDataAdapter(Console.MODULES.getApplicationMetaData()).getReadOnlyJavaNames(cls, str, securityContext);
    }

    public Set<String> getReadOnlyDMRNames(String str, List<String> list, SecurityContext securityContext) {
        HashSet hashSet = new HashSet();
        for (String str2 : list) {
            if (!securityContext.getAttributeWritePriviledge(str2).isGranted()) {
                hashSet.add(str2);
            }
        }
        return hashSet;
    }
}
