package org.jimmutable.aws.s3;

import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.model.AbortIncompleteMultipartUpload;
import com.amazonaws.services.s3.model.BucketLifecycleConfiguration;
import com.amazonaws.services.s3.model.BucketPolicy;
import com.amazonaws.services.s3.model.BucketVersioningConfiguration;
import com.amazonaws.services.s3.model.CreateBucketRequest;
import com.amazonaws.services.s3.model.SetBucketVersioningConfigurationRequest;
import java.util.Arrays;
import org.apache.logging.log4j.LogManager;
import org.jimmutable.core.utils.Validator;

/* loaded from: input_file:org/jimmutable/aws/s3/BucketPuppet.class */
public class BucketPuppet {

    /* loaded from: input_file:org/jimmutable/aws/s3/BucketPuppet$BucketConfiguration.class */
    public static class BucketConfiguration {
        private S3BucketName bucket_name;
        private int retain_old_versions_in_days;
        private boolean is_web_accessible;

        public BucketConfiguration(S3BucketName s3BucketName, int i, boolean z) {
            Validator.notNull(s3BucketName);
            i = i < 0 ? 0 : i;
            this.bucket_name = s3BucketName;
            this.retain_old_versions_in_days = i;
            this.is_web_accessible = z;
        }

        public S3BucketName getSimpleS3BucketName() {
            return this.bucket_name;
        }

        public String getSimpleS3BucketNameString() {
            return this.bucket_name.toString();
        }

        public int getSimpleRetainOldVersionsInDays() {
            return this.retain_old_versions_in_days;
        }

        public boolean getSimpleIsWebAccessible() {
            return this.is_web_accessible;
        }

        public boolean getSimpleIsVersioningEnabled() {
            return this.retain_old_versions_in_days > 0;
        }

        public String createMakeWebAccessibleBucketPolicy() {
            return "{ \"Id\": \"web_bucket_policy\", \"Version\": \"2012-10-17\", \"Statement\": [ { \"Sid\": \"readonly policy\", \"Action\": [ \"s3:GetObject\" ], \"Effect\": \"Allow\", \"Resource\":\"arn:aws:s3:::" + getSimpleS3BucketNameString() + "/*\", \"Principal\": \"*\" } ] }";
        }
    }

    public static void execute(AmazonS3 amazonS3, BucketConfiguration bucketConfiguration) throws Exception {
        Validator.notNull(bucketConfiguration);
        if (!amazonS3.doesBucketExist(bucketConfiguration.getSimpleS3BucketNameString())) {
            LogManager.getRootLogger().debug(String.format("Creating bucket: %s", bucketConfiguration.getSimpleS3BucketNameString()));
            amazonS3.createBucket(new CreateBucketRequest(bucketConfiguration.getSimpleS3BucketNameString()));
        }
        if (bucketConfiguration.getSimpleIsVersioningEnabled()) {
            if (!amazonS3.getBucketVersioningConfiguration(bucketConfiguration.getSimpleS3BucketNameString()).getStatus().equalsIgnoreCase("Enabled")) {
                LogManager.getRootLogger().debug(String.format("Enabling versioning on bucket: %s ... ", bucketConfiguration.getSimpleS3BucketNameString()));
                amazonS3.setBucketVersioningConfiguration(new SetBucketVersioningConfigurationRequest(bucketConfiguration.getSimpleS3BucketNameString(), new BucketVersioningConfiguration("Enabled")));
            }
        } else if (amazonS3.getBucketVersioningConfiguration(bucketConfiguration.getSimpleS3BucketNameString()).getStatus().equalsIgnoreCase("Enabled")) {
            LogManager.getRootLogger().debug(String.format("Suspending versioning on bucket: %s", bucketConfiguration.getSimpleS3BucketNameString()));
            amazonS3.setBucketVersioningConfiguration(new SetBucketVersioningConfigurationRequest(bucketConfiguration.getSimpleS3BucketNameString(), new BucketVersioningConfiguration("Suspended")));
        }
        if (bucketConfiguration.getSimpleRetainOldVersionsInDays() != 0 && doesLifecyleConfigurationNeedModification(amazonS3, bucketConfiguration)) {
            LogManager.getRootLogger().debug(String.format("Updating lifecyle configuration on bucket %s to retain old versions for %d days", bucketConfiguration.getSimpleS3BucketNameString(), Integer.valueOf(bucketConfiguration.getSimpleRetainOldVersionsInDays())));
            amazonS3.setBucketLifecycleConfiguration(bucketConfiguration.getSimpleS3BucketNameString(), new BucketLifecycleConfiguration().withRules(Arrays.asList(new BucketLifecycleConfiguration.Rule().withId(String.format("Retain old versions for %d days", Integer.valueOf(bucketConfiguration.getSimpleRetainOldVersionsInDays()))).withNoncurrentVersionExpirationInDays(bucketConfiguration.getSimpleRetainOldVersionsInDays()).withStatus("Enabled".toString()).withExpiredObjectDeleteMarker(true).withAbortIncompleteMultipartUpload(new AbortIncompleteMultipartUpload().withDaysAfterInitiation(2)))));
        }
        if (bucketConfiguration.getSimpleIsWebAccessible() && !isBucketPolicyConfiguredAsWebAccessible(amazonS3, bucketConfiguration)) {
            LogManager.getRootLogger().debug(String.format("Modifying bucket %s to be web accessible", bucketConfiguration.getSimpleS3BucketNameString()));
            amazonS3.setBucketPolicy(bucketConfiguration.getSimpleS3BucketNameString(), bucketConfiguration.createMakeWebAccessibleBucketPolicy());
        }
        if (!bucketConfiguration.getSimpleIsWebAccessible() && isBucketPolicyConfiguredAsWebAccessible(amazonS3, bucketConfiguration)) {
            LogManager.getRootLogger().debug(String.format("Modifying bucket %s to be web *non* accessible", bucketConfiguration.getSimpleS3BucketNameString()));
            amazonS3.deleteBucketPolicy(bucketConfiguration.getSimpleS3BucketNameString());
        }
        LogManager.getRootLogger().debug(String.format("BucketPuppet: bucket configuration verified: %s", bucketConfiguration.getSimpleS3BucketName()));
    }

    private static boolean doesLifecyleConfigurationNeedModification(AmazonS3 amazonS3, BucketConfiguration bucketConfiguration) {
        if (bucketConfiguration.getSimpleRetainOldVersionsInDays() == 0) {
            return false;
        }
        BucketLifecycleConfiguration bucketLifecycleConfiguration = amazonS3.getBucketLifecycleConfiguration(bucketConfiguration.getSimpleS3BucketNameString());
        if (bucketLifecycleConfiguration.getRules().size() != 1) {
            return true;
        }
        BucketLifecycleConfiguration.Rule rule = (BucketLifecycleConfiguration.Rule) bucketLifecycleConfiguration.getRules().get(0);
        return (rule.getNoncurrentVersionExpirationInDays() == bucketConfiguration.getSimpleRetainOldVersionsInDays() && rule.getStatus().equals("Enabled".toString())) ? false : true;
    }

    private static boolean isBucketPolicyConfiguredAsWebAccessible(AmazonS3 amazonS3, BucketConfiguration bucketConfiguration) {
        BucketPolicy bucketPolicy = amazonS3.getBucketPolicy(bucketConfiguration.getSimpleS3BucketNameString());
        return bucketPolicy.getPolicyText() != null && bucketPolicy.getPolicyText().toLowerCase().contains("web_bucket_policy");
    }
}
