package org.wso2.identity.apps.common.listner;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Collectors;
import org.wso2.carbon.identity.api.resource.collection.mgt.exception.APIResourceCollectionMgtException;
import org.wso2.carbon.identity.api.resource.collection.mgt.model.APIResourceCollection;
import org.wso2.carbon.identity.api.resource.mgt.APIResourceMgtException;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.ApplicationBasicInfo;
import org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementException;
import org.wso2.carbon.identity.role.v2.mgt.core.listener.AbstractRoleManagementListener;
import org.wso2.carbon.identity.role.v2.mgt.core.model.Permission;
import org.wso2.carbon.identity.role.v2.mgt.core.model.Role;
import org.wso2.carbon.identity.role.v2.mgt.core.model.RoleBasicInfo;
import org.wso2.identity.apps.common.internal.AppsCommonDataHolder;
import org.wso2.identity.apps.common.util.AppPortalConstants;

/* loaded from: input_file:org/wso2/identity/apps/common/listner/ConsoleRoleListener.class */
public class ConsoleRoleListener extends AbstractRoleManagementListener {
    public int getDefaultOrderId() {
        return 87;
    }

    public boolean isEnable() {
        return true;
    }

    public void preAddRole(String str, List<String> list, List<String> list2, List<Permission> list3, String str2, String str3, String str4) throws IdentityRoleManagementException {
        List<Permission> consoleFeaturePermissions;
        if (!isConsoleApp(str2, str3, str4) || "Administrator".equals(str) || (consoleFeaturePermissions = getConsoleFeaturePermissions(list3)) == null || consoleFeaturePermissions.isEmpty()) {
            return;
        }
        list3.retainAll(consoleFeaturePermissions);
    }

    public void postGetRole(Role role, String str, String str2) throws IdentityRoleManagementException {
        if ("Administrator".equals(role.getName()) || !role.getAudienceName().equals(AppPortalConstants.CONSOLE_APP)) {
            return;
        }
        role.setPermissions(getUpgradedPermissions(role.getPermissions(), str2));
    }

    public void postGetPermissionListOfRole(List<Permission> list, String str, String str2) throws IdentityRoleManagementException {
        if (isConsoleRole(str, str2)) {
            List<Permission> upgradedPermissions = getUpgradedPermissions(list, str2);
            list.clear();
            list.addAll(upgradedPermissions);
        }
    }

    public void postGetPermissionListOfRoles(List<String> list, List<String> list2, String str) throws IdentityRoleManagementException {
        boolean z = false;
        Iterator<String> it = list2.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            } else if (isConsoleRole(it.next(), str)) {
                z = true;
                break;
            }
        }
        if (z) {
            ArrayList arrayList = new ArrayList();
            List<Permission> systemPermission = getSystemPermission(str);
            list.forEach(str2 -> {
                Optional findFirst = systemPermission.stream().filter(permission -> {
                    return permission.getName().equals(str2);
                }).findFirst();
                Objects.requireNonNull(arrayList);
                findFirst.ifPresent((v1) -> {
                    r1.add(v1);
                });
            });
            List<Permission> upgradedPermissions = getUpgradedPermissions(arrayList, str);
            list.clear();
            list.addAll((Collection) upgradedPermissions.stream().map((v0) -> {
                return v0.getName();
            }).collect(Collectors.toList()));
        }
    }

    public void preUpdatePermissionsForRole(String str, List<Permission> list, List<Permission> list2, String str2, String str3, String str4) throws IdentityRoleManagementException {
        List<Permission> consoleFeaturePermissions;
        if (!isConsoleRole(str, str4) || (consoleFeaturePermissions = getConsoleFeaturePermissions(list)) == null || consoleFeaturePermissions.isEmpty()) {
            return;
        }
        list.retainAll(consoleFeaturePermissions);
    }

    private List<Permission> getUpgradedPermissions(List<Permission> list, String str) throws IdentityRoleManagementException {
        List<Permission> systemPermission = getSystemPermission(str);
        List<APIResourceCollection> aPIResourceCollections = getAPIResourceCollections(str);
        List<Permission> consoleFeaturePermissions = getConsoleFeaturePermissions(list);
        if (consoleFeaturePermissions.isEmpty()) {
            HashSet hashSet = new HashSet(new ArrayList(list));
            getConsolePermissions(list).forEach(permission -> {
                aPIResourceCollections.forEach(aPIResourceCollection -> {
                    if (aPIResourceCollection.getReadScopes().contains(permission.getName())) {
                        aPIResourceCollection.getReadScopes().forEach(str2 -> {
                            Optional findFirst = systemPermission.stream().filter(permission -> {
                                return permission.getName().equals(str2);
                            }).findFirst();
                            Objects.requireNonNull(hashSet);
                            findFirst.ifPresent((v1) -> {
                                r1.add(v1);
                            });
                        });
                        List legacyWriteScopes = aPIResourceCollection.getLegacyWriteScopes();
                        if (list.stream().anyMatch(permission -> {
                            return legacyWriteScopes.contains(permission.getName());
                        })) {
                            aPIResourceCollection.getWriteScopes().forEach(str3 -> {
                                Optional findFirst = systemPermission.stream().filter(permission2 -> {
                                    return permission2.getName().equals(str3);
                                }).findFirst();
                                Objects.requireNonNull(hashSet);
                                findFirst.ifPresent((v1) -> {
                                    r1.add(v1);
                                });
                            });
                        }
                    }
                });
            });
            return new ArrayList(hashSet);
        }
        ArrayList arrayList = new ArrayList();
        consoleFeaturePermissions.forEach(permission2 -> {
            aPIResourceCollections.forEach(aPIResourceCollection -> {
                if (aPIResourceCollection.getEditFeatureScope() != null && aPIResourceCollection.getEditFeatureScope().equals(permission2.getName())) {
                    aPIResourceCollection.getWriteScopes().forEach(str2 -> {
                        Optional findFirst = systemPermission.stream().filter(permission2 -> {
                            return permission2.getName().equals(str2);
                        }).findFirst();
                        Objects.requireNonNull(arrayList);
                        findFirst.ifPresent((v1) -> {
                            r1.add(v1);
                        });
                    });
                }
                if (aPIResourceCollection.getViewFeatureScope() == null || !aPIResourceCollection.getViewFeatureScope().equals(permission2.getName())) {
                    return;
                }
                aPIResourceCollection.getReadScopes().forEach(str3 -> {
                    Optional findFirst = systemPermission.stream().filter(permission2 -> {
                        return permission2.getName().equals(str3);
                    }).findFirst();
                    Objects.requireNonNull(arrayList);
                    findFirst.ifPresent((v1) -> {
                        r1.add(v1);
                    });
                });
            });
        });
        return arrayList;
    }

    private boolean isConsoleRole(String str, String str2) throws IdentityRoleManagementException {
        RoleBasicInfo roleBasicInfoById = AppsCommonDataHolder.getInstance().getRoleManagementServiceV2().getRoleBasicInfoById(str, str2);
        return !"Administrator".equals(roleBasicInfoById.getName()) && roleBasicInfoById.getAudienceName().equals(AppPortalConstants.CONSOLE_APP);
    }

    private boolean isConsoleApp(String str, String str2, String str3) throws IdentityRoleManagementException {
        if (!"application".equalsIgnoreCase(str)) {
            return false;
        }
        try {
            ApplicationBasicInfo applicationBasicInfoByResourceId = AppsCommonDataHolder.getInstance().getApplicationManagementService().getApplicationBasicInfoByResourceId(str2, str3);
            if (applicationBasicInfoByResourceId != null) {
                if (AppPortalConstants.CONSOLE_APP.equals(applicationBasicInfoByResourceId.getApplicationName())) {
                    return true;
                }
            }
            return false;
        } catch (IdentityApplicationManagementException e) {
            throw new IdentityRoleManagementException("Error while retrieving application basic info for application id : " + str2, e);
        }
    }

    private List<APIResourceCollection> getAPIResourceCollections(String str) throws IdentityRoleManagementException {
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add("apiResources");
            return AppsCommonDataHolder.getInstance().getApiResourceCollectionManager().getAPIResourceCollections("", arrayList, str).getAPIResourceCollections();
        } catch (APIResourceCollectionMgtException e) {
            throw new IdentityRoleManagementException("Error while retrieving api collection for tenant : " + str, e);
        }
    }

    private List<Permission> getConsoleFeaturePermissions(List<Permission> list) {
        return (List) list.stream().filter(permission -> {
            return (permission == null || permission.getName() == null || (!permission.getName().startsWith("console:") && !permission.getName().startsWith("console:org:")) || (!permission.getName().endsWith("_view") && !permission.getName().endsWith("_edit"))) ? false : true;
        }).collect(Collectors.toList());
    }

    private List<Permission> getConsolePermissions(List<Permission> list) {
        return (List) list.stream().filter(permission -> {
            return (permission == null || permission.getName() == null || (!permission.getName().startsWith("console:") && !permission.getName().startsWith("console:org:")) || permission.getName().endsWith("_view") || permission.getName().endsWith("_edit")) ? false : true;
        }).collect(Collectors.toList());
    }

    private List<Permission> getSystemPermission(String str) throws IdentityRoleManagementException {
        try {
            return (List) AppsCommonDataHolder.getInstance().getAPIResourceManager().getSystemAPIScopes(str).stream().map(scope -> {
                return new Permission(scope.getName(), scope.getDisplayName(), scope.getApiID());
            }).collect(Collectors.toList());
        } catch (APIResourceMgtException e) {
            throw new IdentityRoleManagementException("Error while retrieving internal scopes for tenant domain : " + str, e);
        }
    }
}
