package com.sun.identity.cli.entitlement;

import com.iplanet.sso.SSOToken;
import com.sun.identity.cli.AuthenticatedCommand;
import com.sun.identity.cli.CLIException;
import com.sun.identity.cli.ExitCodes;
import com.sun.identity.cli.IArgument;
import com.sun.identity.cli.RequestContext;
import com.sun.identity.entitlement.EntitlementException;
import com.sun.identity.entitlement.PrivilegeManager;
import com.sun.identity.entitlement.opensso.SubjectUtils;
import com.sun.identity.entitlement.xacml3.SearchFilterFactory;
import com.sun.identity.entitlement.xacml3.XACMLExportImport;
import com.sun.identity.entitlement.xacml3.XACMLReaderWriter;
import com.sun.identity.entitlement.xacml3.validation.PrivilegeValidator;
import com.sun.identity.entitlement.xacml3.validation.RealmValidator;
import com.sun.identity.sm.OrganizationConfigManager;
import com.sun.identity.sm.SMSException;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.text.MessageFormat;
import java.util.List;
import java.util.logging.Level;
import javax.security.auth.Subject;
import org.forgerock.guice.core.InjectorHolder;
import org.forgerock.openam.cli.entitlement.XACMLUtils;
import org.forgerock.openam.entitlement.service.ApplicationServiceFactory;
import org.forgerock.openam.entitlement.service.ResourceTypeService;
import org.forgerock.openam.utils.IOUtils;
import org.forgerock.openam.xacml.v3.ImportStep;

/* loaded from: input_file:com/sun/identity/cli/entitlement/CreateXACML.class */
public class CreateXACML extends AuthenticatedCommand {
    @Override // com.sun.identity.cli.AuthenticatedCommand, com.sun.identity.cli.CLICommandBase, com.sun.identity.cli.CLICommand
    public void handleRequest(RequestContext requestContext) throws CLIException {
        super.handleRequest(requestContext);
        ldapLogin();
        SSOToken adminSSOToken = getAdminSSOToken();
        Subject createSubject = SubjectUtils.createSubject(adminSSOToken);
        String stringOptionValue = getStringOptionValue("realm");
        InputStream xacmlInputStream = getXacmlInputStream(stringOptionValue);
        logStart(stringOptionValue);
        if (!XACMLUtils.hasPermission(stringOptionValue, adminSSOToken, ApplicationPrivilegeBase.PARAM_ACTION_MODIFY)) {
            Exception cLIException = new CLIException(MessageFormat.format(getResourceString("permission-denied"), "create-xacml", getAdminID()), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
            logException(stringOptionValue, cLIException);
            throw cLIException;
        }
        try {
            List<ImportStep> importXacml = new XACMLExportImport(new XACMLExportImport.PrivilegeManagerFactory(), new XACMLReaderWriter(), new PrivilegeValidator(new RealmValidator(new OrganizationConfigManager(adminSSOToken, stringOptionValue))), new SearchFilterFactory(), PrivilegeManager.debug, (ApplicationServiceFactory) InjectorHolder.getInstance(ApplicationServiceFactory.class), (ResourceTypeService) InjectorHolder.getInstance(ResourceTypeService.class)).importXacml(stringOptionValue, xacmlInputStream, createSubject, isDryRun());
            if (importXacml.isEmpty()) {
                String resourceString = getResourceString("no-policies-provided");
                logNothingToImport(stringOptionValue, resourceString);
                getOutputWriter().printlnMessage(resourceString);
            } else {
                logSuccess(stringOptionValue);
                if (isDryRun()) {
                    outputDryRunResults(importXacml);
                } else {
                    getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("create-policy-in-realm-succeed"), stringOptionValue));
                }
            }
        } catch (SMSException e) {
            debugError("CreateXACML.handleRequest", e);
            logException(stringOptionValue, e);
            throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        } catch (EntitlementException e2) {
            debugError("CreateXACML.handleRequest", e2);
            logException(stringOptionValue, e2);
            throw new CLIException(e2, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
    }

    private void logStart(String str) throws CLIException {
        if (isDryRun()) {
            writeLog(0, Level.INFO, "ATTEMPT_TO_GET_POLICY_NAMES_IN_REALM", str);
        } else {
            writeLog(0, Level.INFO, "ATTEMPT_CREATE_POLICY_IN_REALM", str);
        }
    }

    private void logException(String str, Exception exc) throws CLIException {
        if (isDryRun()) {
            writeLog(1, Level.INFO, "FAILED_GET_POLICY_NAMES_IN_REALM", str);
        } else {
            writeLog(1, Level.INFO, "FAILED_CREATE_POLICY_IN_REALM", str, exc.getMessage());
        }
    }

    private void logNothingToImport(String str, String str2) throws CLIException {
        writeLog(1, Level.INFO, "FAILED_CREATE_POLICY_IN_REALM", str, str2);
    }

    private void logSuccess(String str) throws CLIException {
        if (isDryRun()) {
            writeLog(0, Level.INFO, "GOT_POLICY_NAMES_IN_REALM", str);
        } else {
            writeLog(0, Level.INFO, "SUCCEED_CREATE_POLICY_IN_REALM", str);
        }
    }

    private InputStream getXacmlInputStream(String str) throws CLIException {
        InputStream fileInputStream;
        String stringOptionValue = getStringOptionValue(IArgument.XML_FILE);
        String webEnabledURL = getCommandManager().getWebEnabledURL();
        if (webEnabledURL == null || webEnabledURL.length() <= 0) {
            try {
                fileInputStream = new FileInputStream(stringOptionValue);
            } catch (FileNotFoundException e) {
                debugError("CreateXACML.handleRequest", e);
                logException(str, e);
                throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
            }
        } else {
            fileInputStream = new ByteArrayInputStream(stringOptionValue.getBytes());
        }
        return fileInputStream;
    }

    private void outputDryRunResults(List<ImportStep> list) throws CLIException {
        StringBuffer stringBuffer = new StringBuffer();
        for (ImportStep importStep : list) {
            stringBuffer.append(MessageFormat.format("{0} {1} {2}\n", Character.valueOf(importStep.getDiffStatus().getCode()), importStep.getName(), importStep.getType()));
        }
        if (isOutfileSet()) {
            writeToOutputFile(stringBuffer.toString());
        } else {
            getOutputWriter().printlnMessage(stringBuffer.toString());
        }
    }

    private void writeToOutputFile(String str) throws CLIException {
        FileOutputStream fileOutputStream = null;
        try {
            fileOutputStream = new FileOutputStream(getOutfileName(), true);
            PrintWriter printWriter = new PrintWriter((OutputStream) fileOutputStream, true);
            printWriter.write(str);
            IOUtils.closeIfNotNull(printWriter);
            IOUtils.closeIfNotNull(fileOutputStream);
        } catch (FileNotFoundException e) {
            debugError("CreateXACML.writeToOutputFile", e);
            IOUtils.closeIfNotNull(fileOutputStream);
            throw new CLIException(e, 24);
        } catch (SecurityException e2) {
            debugError("CreateXACML.writeToOutputFile", e2);
            IOUtils.closeIfNotNull(fileOutputStream);
            throw new CLIException(e2, 24);
        }
    }

    private boolean isDryRun() {
        return isOptionSet(IArgument.DRY_RUN);
    }

    private boolean isOutfileSet() {
        return isOptionSet(IArgument.OUTPUT_FILE);
    }

    private String getOutfileName() {
        return getStringOptionValue(IArgument.OUTPUT_FILE);
    }
}
