package org.forgerock.openam.entitlement.rest;

import com.sun.identity.entitlement.Privilege;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.Map;
import org.apache.hc.core5.http.HttpStatus;
import org.forgerock.openam.core.realms.Realm;
import org.forgerock.openam.core.realms.RealmLookupException;
import org.forgerock.openam.entitlement.conditions.environment.ConditionConstants;
import org.forgerock.openam.entitlement.utils.EntitlementUtils;
import org.forgerock.openam.rest.RealmContext;
import org.forgerock.openam.sdk.javax.inject.Inject;
import org.forgerock.openam.sdk.javax.inject.Named;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Action;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.ApiError;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.CollectionProvider;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Create;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Delete;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Handler;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Operation;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Parameter;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Query;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Read;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Schema;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Update;
import org.forgerock.openam.sdk.org.forgerock.api.enums.QueryType;
import org.forgerock.openam.sdk.org.forgerock.json.JsonPointer;
import org.forgerock.openam.sdk.org.forgerock.json.JsonValue;
import org.forgerock.openam.sdk.org.forgerock.json.resource.ActionRequest;
import org.forgerock.openam.sdk.org.forgerock.json.resource.ActionResponse;
import org.forgerock.openam.sdk.org.forgerock.json.resource.BadRequestException;
import org.forgerock.openam.sdk.org.forgerock.json.resource.CollectionResourceProvider;
import org.forgerock.openam.sdk.org.forgerock.json.resource.CreateRequest;
import org.forgerock.openam.sdk.org.forgerock.json.resource.DeleteRequest;
import org.forgerock.openam.sdk.org.forgerock.json.resource.QueryRequest;
import org.forgerock.openam.sdk.org.forgerock.json.resource.QueryResourceHandler;
import org.forgerock.openam.sdk.org.forgerock.json.resource.QueryResponse;
import org.forgerock.openam.sdk.org.forgerock.json.resource.ReadRequest;
import org.forgerock.openam.sdk.org.forgerock.json.resource.Requests;
import org.forgerock.openam.sdk.org.forgerock.json.resource.ResourceException;
import org.forgerock.openam.sdk.org.forgerock.json.resource.ResourceResponse;
import org.forgerock.openam.sdk.org.forgerock.json.resource.Responses;
import org.forgerock.openam.sdk.org.forgerock.json.resource.Router;
import org.forgerock.openam.sdk.org.forgerock.json.resource.UpdateRequest;
import org.forgerock.openam.sdk.org.forgerock.services.context.Context;
import org.forgerock.openam.sdk.org.forgerock.util.Reject;
import org.forgerock.openam.sdk.org.forgerock.util.promise.Promise;
import org.forgerock.openam.sdk.org.forgerock.util.promise.Promises;
import org.forgerock.openam.sdk.org.forgerock.util.query.QueryFilter;

@CollectionProvider(details = @Handler(title = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#title", description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#description", mvccSupported = false, resourceSchema = @Schema(schemaResource = "PolicyResource.schema.json")), pathParam = @Parameter(name = "resourceId", type = "string", description = "i18n:api-descriptor/PolicyResource#pathparam.description"))
/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.2.jar:org/forgerock/openam/entitlement/rest/PolicyResourceWithCopyMoveSupport.class */
public final class PolicyResourceWithCopyMoveSupport {
    private final Router router;
    private final CollectionResourceProvider policyResource;

    @Inject
    PolicyResourceWithCopyMoveSupport(@Named("PolicyResource") CollectionResourceProvider collectionResourceProvider, @Named("CrestRealmRouter") Router router) {
        Reject.ifNull(router);
        this.router = router;
        this.policyResource = collectionResourceProvider;
    }

    @Action(operationDescription = @Operation(errors = {@ApiError(code = 405, description = "i18n:api-descriptor/PolicyResource#error.405.description"), @ApiError(code = 500, description = "i18n:api-descriptor/PolicyResource#error.500.description"), @ApiError(code = HttpStatus.SC_NOT_IMPLEMENTED, description = "i18n:api-descriptor/PolicyResource#error.501.description")}, description = "i18n:api-descriptor/PolicyResource#evaluate.action.description"), request = @Schema(schemaResource = "PolicyResource.evaluate.action.request.schema.json"), response = @Schema(schemaResource = "PolicyResource.action.response.schema.json"))
    public Promise<ActionResponse, ResourceException> evaluate(Context context, ActionRequest actionRequest) {
        return this.policyResource.actionCollection(context, actionRequest);
    }

    @Action(operationDescription = @Operation(errors = {@ApiError(code = 405, description = "i18n:api-descriptor/PolicyResource#error.405.description"), @ApiError(code = 500, description = "i18n:api-descriptor/PolicyResource#error.500.description"), @ApiError(code = HttpStatus.SC_NOT_IMPLEMENTED, description = "i18n:api-descriptor/PolicyResource#error.501.description")}, description = "i18n:api-descriptor/PolicyResource#evaluatetree.action.description"), request = @Schema(schemaResource = "PolicyResource.evaluatetree.action.request.schema.json"), response = @Schema(schemaResource = "PolicyResource.action.response.schema.json"))
    public Promise<ActionResponse, ResourceException> evaluateTree(Context context, ActionRequest actionRequest) {
        return this.policyResource.actionCollection(context, actionRequest);
    }

    @Create(operationDescription = @Operation(errors = {@ApiError(code = 400, description = "i18n:api-descriptor/PolicyResource#error.400.description"), @ApiError(code = HttpStatus.SC_FORBIDDEN, description = "i18n:api-descriptor/PolicyResource#error.403.description")}, description = "i18n:api-descriptor/PolicyResource#create.description"))
    public Promise<ResourceResponse, ResourceException> createInstance(Context context, CreateRequest createRequest) {
        return this.policyResource.createInstance(context, createRequest);
    }

    @Delete(operationDescription = @Operation(errors = {@ApiError(code = 400, description = "i18n:api-descriptor/PolicyResource#error.400.description"), @ApiError(code = HttpStatus.SC_FORBIDDEN, description = "i18n:api-descriptor/PolicyResource#error.403.description")}, description = "i18n:api-descriptor/PolicyResource#delete.description"))
    public Promise<ResourceResponse, ResourceException> deleteInstance(Context context, String str, DeleteRequest deleteRequest) {
        return this.policyResource.deleteInstance(context, str, deleteRequest);
    }

    @Query(operationDescription = @Operation(errors = {@ApiError(code = 400, description = "i18n:api-descriptor/PolicyResource#error.400.description")}, description = "i18n:api-descriptor/PolicyResource#query.description"), type = QueryType.FILTER, queryableFields = {"*"})
    public Promise<QueryResponse, ResourceException> queryCollection(Context context, QueryRequest queryRequest, QueryResourceHandler queryResourceHandler) {
        return this.policyResource.queryCollection(context, queryRequest, queryResourceHandler);
    }

    @Read(operationDescription = @Operation(errors = {@ApiError(code = 400, description = "i18n:api-descriptor/PolicyResource#error.400.description")}, description = "i18n:api-descriptor/PolicyResource#read.description"))
    public Promise<ResourceResponse, ResourceException> readInstance(Context context, String str, ReadRequest readRequest) {
        return this.policyResource.readInstance(context, str, readRequest);
    }

    @Update(operationDescription = @Operation(errors = {@ApiError(code = 400, description = "i18n:api-descriptor/PolicyResource#error.400.description"), @ApiError(code = 404, description = "i18n:api-descriptor/PolicyResource#error.404.description")}, description = "i18n:api-descriptor/PolicyResource#update.description"))
    public Promise<ResourceResponse, ResourceException> updateInstance(Context context, String str, UpdateRequest updateRequest) {
        return this.policyResource.updateInstance(context, str, updateRequest);
    }

    @Action(operationDescription = @Operation(errors = {@ApiError(code = 400, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.400.description"), @ApiError(code = HttpStatus.SC_FORBIDDEN, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.403.description"), @ApiError(code = 404, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.404.description")}, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#copy.action.description"), request = @Schema(schemaResource = "PolicyResourceWithCopyMoveSupport.copy.move.action.request.schema.json"), response = @Schema(schemaResource = "PolicyResource.schema.json"))
    public Promise<ActionResponse, ResourceException> copy(Context context, ActionRequest actionRequest) {
        try {
            return Promises.newResultPromise(copyOrMovePoliciesByApplication(context, actionRequest, PolicyAction.COPY));
        } catch (ResourceException e) {
            return e.asPromise();
        }
    }

    @Action(operationDescription = @Operation(errors = {@ApiError(code = 400, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.400.description"), @ApiError(code = HttpStatus.SC_FORBIDDEN, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.403.description"), @ApiError(code = 404, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.404.description")}, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#move.action.description"), request = @Schema(schemaResource = "PolicyResourceWithCopyMoveSupport.copy.move.action.request.schema.json"), response = @Schema(schemaResource = "PolicyResource.schema.json"))
    public Promise<ActionResponse, ResourceException> move(Context context, ActionRequest actionRequest) {
        try {
            return Promises.newResultPromise(copyOrMovePoliciesByApplication(context, actionRequest, PolicyAction.MOVE));
        } catch (ResourceException e) {
            return e.asPromise();
        }
    }

    private ActionResponse copyOrMovePoliciesByApplication(Context context, ActionRequest actionRequest, PolicyAction policyAction) throws ResourceException {
        JsonValue content = actionRequest.getContent();
        JsonValue jsonValue = content.get("from");
        JsonValue jsonValue2 = content.get("to");
        if (jsonValue.isNull()) {
            throw new BadRequestException("from definition is missing");
        }
        if (!jsonValue.isDefined("application")) {
            throw new BadRequestException("from application definition is missing");
        }
        String asString = jsonValue.get("application").asString();
        if (jsonValue2.isNull()) {
            throw new BadRequestException("to definition is missing");
        }
        String asString2 = jsonValue2.get("realm").defaultTo(RealmContext.getRealm(context).asPath()).asString();
        String asString3 = jsonValue2.get("application").defaultTo(asString).asString();
        JsonValue defaultTo = content.get("resourceTypeMapping").defaultTo(Collections.emptyMap());
        String asString4 = jsonValue2.get("namePostfix").defaultTo("").asString();
        QueryRequest newQueryRequest = Requests.newQueryRequest("policies");
        newQueryRequest.setQueryFilter(QueryFilter.equalTo(new JsonPointer(ConditionConstants.APPLICATION_NAME), asString));
        final ArrayList arrayList = new ArrayList();
        this.router.handleQuery(context, newQueryRequest, new QueryResourceHandler() { // from class: org.forgerock.openam.entitlement.rest.PolicyResourceWithCopyMoveSupport.1
            public boolean handleResource(ResourceResponse resourceResponse) {
                arrayList.add(resourceResponse.getContent());
                return true;
            }
        }).getOrThrowUninterruptibly();
        JsonValue json = JsonValue.json(JsonValue.array(new Object[0]));
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            json.add(copyOrMoveGivenPolicy(context, (JsonValue) it.next(), asString2, asString3, asString4, defaultTo, policyAction).getJsonContent().asMap());
        }
        return Responses.newActionResponse(json);
    }

    private ActionResponse copyOrMoveGivenPolicy(Context context, JsonValue jsonValue, String str, String str2, String str3, JsonValue jsonValue2, PolicyAction policyAction) throws ResourceException {
        String asString = jsonValue.get("name").asString();
        String str4 = asString + str3;
        String asString2 = jsonValue.get(Privilege.RESOURCE_TYPE_UUID_ATTRIBUTE).asString();
        JsonValue json = JsonValue.json(JsonValue.object((Map.Entry<String, Object>[]) new Map.Entry[]{JsonValue.field("to", JsonValue.object((Map.Entry<String, Object>[]) new Map.Entry[]{JsonValue.field("name", str4), JsonValue.field("realm", str), JsonValue.field("application", str2), JsonValue.field(EntitlementUtils.RESOURCE_TYPE, jsonValue2.get(asString2).defaultTo(asString2).asString())}))}));
        ActionRequest newActionRequest = Requests.newActionRequest("policies", asString, policyAction.name().toLowerCase());
        newActionRequest.setContent(json);
        return (ActionResponse) this.router.handleAction(context, newActionRequest).getOrThrowUninterruptibly();
    }

    @Action(operationDescription = @Operation(errors = {@ApiError(code = 400, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.400.description"), @ApiError(code = HttpStatus.SC_FORBIDDEN, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.403.description"), @ApiError(code = 404, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.404.description")}, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#copy.item.action.description"), request = @Schema(schemaResource = "PolicyResourceWithCopyMoveSupport.copy.move.item.action.request.schema.json"), response = @Schema(schemaResource = "PolicyResource.schema.json"))
    public Promise<ActionResponse, ResourceException> copy(Context context, String str, ActionRequest actionRequest) {
        try {
            return Promises.newResultPromise(copyPolicy(context, str, actionRequest));
        } catch (ResourceException e) {
            return e.asPromise();
        }
    }

    @Action(operationDescription = @Operation(errors = {@ApiError(code = 400, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.400.description"), @ApiError(code = HttpStatus.SC_FORBIDDEN, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.403.description"), @ApiError(code = 404, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#error.404.description")}, description = "i18n:api-descriptor/PolicyResourceWithCopyMoveSupport#move.item.action.description"), request = @Schema(schemaResource = "PolicyResourceWithCopyMoveSupport.copy.move.item.action.request.schema.json"), response = @Schema(schemaResource = "PolicyResource.schema.json"))
    public Promise<ActionResponse, ResourceException> move(Context context, String str, ActionRequest actionRequest) {
        try {
            return Promises.newResultPromise(movePolicy(context, str, actionRequest));
        } catch (ResourceException e) {
            return e.asPromise();
        }
    }

    private ActionResponse movePolicy(Context context, String str, ActionRequest actionRequest) throws ResourceException {
        ActionResponse copyPolicy = copyPolicy(context, str, actionRequest);
        this.router.handleDelete(context, Requests.newDeleteRequest("policies", str)).getOrThrowUninterruptibly();
        return copyPolicy;
    }

    private ActionResponse copyPolicy(Context context, String str, ActionRequest actionRequest) throws ResourceException {
        String asPath = RealmContext.getRealm(context).asPath();
        JsonValue jsonValue = actionRequest.getContent().get("to");
        if (jsonValue.isNull()) {
            throw new BadRequestException("to definition is missing");
        }
        String asString = jsonValue.get("realm").defaultTo(asPath).asString();
        JsonValue content = ((ResourceResponse) this.router.handleRead(context, Requests.newReadRequest("policies", str)).getOrThrowUninterruptibly()).getContent();
        String asString2 = content.get(ConditionConstants.APPLICATION_NAME).asString();
        String asString3 = content.get(Privilege.RESOURCE_TYPE_UUID_ATTRIBUTE).asString();
        String asString4 = jsonValue.get("application").defaultTo(asString2).asString();
        String asString5 = jsonValue.get(EntitlementUtils.RESOURCE_TYPE).defaultTo(asString3).asString();
        String asString6 = jsonValue.get("name").defaultTo(str).asString();
        if (asPath.equals(asString) && str.equals(asString6)) {
            throw new BadRequestException("policy name already exists within the realm");
        }
        content.put("name", asString6);
        content.put(ConditionConstants.APPLICATION_NAME, asString4);
        content.put(Privilege.RESOURCE_TYPE_UUID_ATTRIBUTE, asString5);
        try {
            return Responses.newActionResponse(((ResourceResponse) this.router.handleCreate(new RealmContext(context, Realm.of(asString)), Requests.newCreateRequest("policies", content)).getOrThrowUninterruptibly()).getContent());
        } catch (RealmLookupException e) {
            throw new BadRequestException("Invalid destination realm: " + e.getRealm(), e);
        }
    }
}
