package org.neo4j.commandline.admin.security;

import java.nio.file.Path;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.Executor;
import java.util.concurrent.ThreadFactory;
import java.util.concurrent.TimeUnit;
import java.util.stream.Stream;
import org.neo4j.commandline.admin.AdminCommand;
import org.neo4j.commandline.admin.CommandFailed;
import org.neo4j.commandline.admin.IncorrectUsage;
import org.neo4j.commandline.admin.OutsideWorld;
import org.neo4j.dbms.DatabaseManagementSystemSettings;
import org.neo4j.graphdb.factory.GraphDatabaseSettings;
import org.neo4j.helpers.Args;
import org.neo4j.helpers.collection.Pair;
import org.neo4j.kernel.api.exceptions.InvalidArgumentsException;
import org.neo4j.kernel.configuration.Config;
import org.neo4j.kernel.impl.util.JobScheduler;
import org.neo4j.logging.Log;
import org.neo4j.logging.LogProvider;
import org.neo4j.logging.NullLog;
import org.neo4j.logging.NullLogProvider;
import org.neo4j.server.configuration.ConfigLoader;
import org.neo4j.server.security.enterprise.auth.EnterpriseAuthAndUserManager;
import org.neo4j.server.security.enterprise.auth.EnterpriseAuthManagerFactory;
import org.neo4j.server.security.enterprise.auth.RoleRepository;

/* loaded from: input_file:org/neo4j/commandline/admin/security/RolesCommand.class */
public class RolesCommand implements AdminCommand {
    private final Path homeDir;
    private final Path configDir;
    private OutsideWorld outsideWorld;
    private JobScheduler jobScheduler;
    private EnterpriseAuthAndUserManager authManager;

    /* loaded from: input_file:org/neo4j/commandline/admin/security/RolesCommand$NoOpJobScheduler.class */
    public static class NoOpJobScheduler implements JobScheduler {

        /* loaded from: input_file:org/neo4j/commandline/admin/security/RolesCommand$NoOpJobScheduler$NoOpJobHandle.class */
        public static class NoOpJobHandle implements JobScheduler.JobHandle {
            public void cancel(boolean z) {
            }

            public void waitTermination() throws InterruptedException, ExecutionException {
            }
        }

        public void init() throws Throwable {
        }

        public void start() throws Throwable {
        }

        public void stop() throws Throwable {
        }

        public void shutdown() throws Throwable {
        }

        public Executor executor(JobScheduler.Group group) {
            return null;
        }

        public ThreadFactory threadFactory(JobScheduler.Group group) {
            return null;
        }

        public JobScheduler.JobHandle schedule(JobScheduler.Group group, Runnable runnable) {
            return new NoOpJobHandle();
        }

        public JobScheduler.JobHandle schedule(JobScheduler.Group group, Runnable runnable, Map<String, String> map) {
            return new NoOpJobHandle();
        }

        public JobScheduler.JobHandle schedule(JobScheduler.Group group, Runnable runnable, long j, TimeUnit timeUnit) {
            return new NoOpJobHandle();
        }

        public JobScheduler.JobHandle scheduleRecurring(JobScheduler.Group group, Runnable runnable, long j, TimeUnit timeUnit) {
            return new NoOpJobHandle();
        }

        public JobScheduler.JobHandle scheduleRecurring(JobScheduler.Group group, Runnable runnable, long j, long j2, TimeUnit timeUnit) {
            return new NoOpJobHandle();
        }
    }

    /* loaded from: input_file:org/neo4j/commandline/admin/security/RolesCommand$Provider.class */
    public static class Provider extends AdminCommand.Provider {
        public Provider() {
            super("roles", new String[0]);
        }

        public Optional<String> arguments() {
            return Optional.of("<subcommand> [<roleName>] [<username>]");
        }

        public String description() {
            return "Runs several possible sub-commands for managing the native roles repository: 'list', 'create', 'delete', 'assign', 'remove', 'for' and 'users'. 'list' with no arguments lists all roles, and with an argument does a substring filter. 'create' and 'delete' simply create and delete the specified role. 'assign' and 'remove' take two arguments, the role name and the username and assign the role to the user, or unassign the role from the user. The 'for' command takes one argument, the username, and will list all roles for that user. The 'users' command takes one argument, the role name, and will list all users for that role.";
        }

        public AdminCommand create(Path path, Path path2, OutsideWorld outsideWorld) {
            return new RolesCommand(path, path2, outsideWorld);
        }
    }

    public RolesCommand(Path path, Path path2, OutsideWorld outsideWorld) {
        this.homeDir = path;
        this.configDir = path2;
        this.outsideWorld = outsideWorld;
    }

    public void execute(String[] strArr) throws IncorrectUsage, CommandFailed {
        Args parse = Args.parse(strArr);
        if (parse.orphans().size() < 1) {
            throw new IncorrectUsage("Missing arguments: expected at least one sub-command as argument: 'list', 'create', 'delete', 'assign', 'remove', 'for' or 'users'.");
        }
        String str = parse.orphans().size() > 0 ? (String) parse.orphans().get(0) : null;
        String str2 = parse.orphans().size() > 1 ? (String) parse.orphans().get(1) : null;
        String str3 = parse.orphans().size() > 2 ? (String) parse.orphans().get(2) : null;
        try {
            String lowerCase = str.trim().toLowerCase();
            boolean z = -1;
            switch (lowerCase.hashCode()) {
                case -1408204561:
                    if (lowerCase.equals("assign")) {
                        z = 3;
                        break;
                    }
                    break;
                case -1352294148:
                    if (lowerCase.equals("create")) {
                        z = true;
                        break;
                    }
                    break;
                case -1335458389:
                    if (lowerCase.equals("delete")) {
                        z = 2;
                        break;
                    }
                    break;
                case -934610812:
                    if (lowerCase.equals("remove")) {
                        z = 4;
                        break;
                    }
                    break;
                case 101577:
                    if (lowerCase.equals("for")) {
                        z = 5;
                        break;
                    }
                    break;
                case 3322014:
                    if (lowerCase.equals("list")) {
                        z = false;
                        break;
                    }
                    break;
                case 111578632:
                    if (lowerCase.equals("users")) {
                        z = 6;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    listRoles(str2);
                    break;
                case true:
                    if (str2 != null) {
                        createRole(str2);
                        break;
                    } else {
                        throw new IncorrectUsage("Missing arguments: 'roles create' expects roleName argument");
                    }
                case true:
                    if (str2 != null) {
                        deleteRole(str2);
                        break;
                    } else {
                        throw new IncorrectUsage("Missing arguments: 'roles delete' expects roleName argument");
                    }
                case true:
                    if (str2 != null && str3 != null) {
                        assignRole(str2, str3);
                        break;
                    } else {
                        throw new IncorrectUsage("Missing arguments: 'roles assign' expects roleName and username arguments");
                    }
                    break;
                case true:
                    if (str2 != null && str3 != null) {
                        removeRole(str2, str3);
                        break;
                    } else {
                        throw new IncorrectUsage("Missing arguments: 'roles remove' expects roleName and username arguments");
                    }
                    break;
                case true:
                    if (str2 != null) {
                        rolesFor(str2);
                        break;
                    } else {
                        throw new IncorrectUsage("Missing arguments: 'roles for' expects username argument");
                    }
                case true:
                    if (str2 != null) {
                        usersFor(str2);
                        break;
                    } else {
                        throw new IncorrectUsage("Missing arguments: 'roles users' expects roleName argument");
                    }
                default:
                    throw new IncorrectUsage("Unknown roles command: " + str);
            }
        } catch (Exception e) {
            throw new CommandFailed("Failed to run 'roles " + str + "' on '" + str2 + "': " + e.getMessage(), e);
        } catch (IncorrectUsage e2) {
            throw e2;
        } catch (Throwable th) {
            throw new CommandFailed("Failed to run 'roles " + str + "' on '" + str2 + "': " + th.getMessage(), new RuntimeException(th.getMessage()));
        }
    }

    private void listRoles(String str) throws Throwable {
        getAuthManager();
        Stream<String> filter = getRoleRepository().getAllRoleNames().stream().filter(str2 -> {
            return str == null || str2.toLowerCase().contains(str);
        });
        OutsideWorld outsideWorld = this.outsideWorld;
        outsideWorld.getClass();
        filter.forEach(outsideWorld::stdOutLine);
    }

    private void createRole(String str) throws Throwable {
        getAuthManager().mo0getUserManager().newRole(str, new String[0]);
        this.outsideWorld.stdOutLine("Created new role '" + str + "'");
    }

    private void deleteRole(String str) throws Throwable {
        EnterpriseAuthAndUserManager authManager = getAuthManager();
        authManager.mo0getUserManager().getRole(str);
        if (authManager.mo0getUserManager().deleteRole(str)) {
            this.outsideWorld.stdOutLine("Deleted role '" + str + "'");
        } else {
            this.outsideWorld.stdErrLine("Failed to delete role '" + str + "'");
        }
    }

    private void assignRole(String str, String str2) throws Throwable {
        EnterpriseAuthAndUserManager authManager = getAuthManager();
        authManager.mo0getUserManager().getRole(str);
        authManager.mo0getUserManager().getUser(str2);
        Iterator<String> it = authManager.mo0getUserManager().getUsernamesForRole(str).iterator();
        while (it.hasNext()) {
            if (it.next().equals(str2)) {
                throw new InvalidArgumentsException("Role '" + str + "' was already assigned to user 'another'");
            }
        }
        authManager.mo0getUserManager().addRoleToUser(str, str2);
        this.outsideWorld.stdOutLine("Assigned role '" + str + "' to user '" + str2 + "'");
    }

    private void removeRole(String str, String str2) throws Throwable {
        EnterpriseAuthAndUserManager authManager = getAuthManager();
        authManager.mo0getUserManager().getRole(str);
        authManager.mo0getUserManager().getUser(str2);
        Iterator<String> it = authManager.mo0getUserManager().getUsernamesForRole(str).iterator();
        while (it.hasNext()) {
            if (it.next().equals(str2)) {
                authManager.mo0getUserManager().removeRoleFromUser(str, str2);
                this.outsideWorld.stdOutLine("Removed role '" + str + "' from user '" + str2 + "'");
                return;
            }
        }
        throw new InvalidArgumentsException("Role '" + str + "' was not assigned to user 'another'");
    }

    private void rolesFor(String str) throws Throwable {
        EnterpriseAuthAndUserManager authManager = getAuthManager();
        authManager.mo0getUserManager().getUser(str);
        Iterator<String> it = authManager.mo0getUserManager().getRoleNamesForUser(str).iterator();
        while (it.hasNext()) {
            this.outsideWorld.stdOutLine(it.next());
        }
    }

    private void usersFor(String str) throws Throwable {
        EnterpriseAuthAndUserManager authManager = getAuthManager();
        authManager.mo0getUserManager().getRole(str);
        Iterator<String> it = authManager.mo0getUserManager().getUsernamesForRole(str).iterator();
        while (it.hasNext()) {
            this.outsideWorld.stdOutLine(it.next());
        }
    }

    static Config loadNeo4jConfig(Path path, Path path2) {
        return new ConfigLoader(settings()).loadConfig(Optional.of(path.toFile()), Optional.of(path2.resolve("neo4j.conf").toFile()), new Pair[0]);
    }

    private static List<Class<?>> settings() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(GraphDatabaseSettings.class);
        arrayList.add(DatabaseManagementSystemSettings.class);
        return arrayList;
    }

    private RoleRepository getRoleRepository() throws Throwable {
        RoleRepository roleRepository = EnterpriseAuthManagerFactory.getRoleRepository(loadNeo4jConfig(this.homeDir, this.configDir), NullLogProvider.getInstance(), this.outsideWorld.fileSystem());
        roleRepository.start();
        return roleRepository;
    }

    private EnterpriseAuthAndUserManager getAuthManager() throws Throwable {
        if (this.authManager == null) {
            Config loadNeo4jConfig = loadNeo4jConfig(this.homeDir, this.configDir);
            this.jobScheduler = new NoOpJobScheduler();
            this.authManager = new EnterpriseAuthManagerFactory().m1newInstance(loadNeo4jConfig, (LogProvider) NullLogProvider.getInstance(), (Log) NullLog.getInstance(), this.outsideWorld.fileSystem(), this.jobScheduler);
            this.authManager.start();
        }
        return this.authManager;
    }
}
