package org.wso2.carbon.appfactory.tenant.roles;

import java.util.ArrayList;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.appfactory.common.AppFactoryConfiguration;
import org.wso2.carbon.appfactory.tenant.roles.util.Util;
import org.wso2.carbon.user.core.AuthorizationManager;
import org.wso2.carbon.user.core.Permission;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;

/* loaded from: input_file:org/wso2/carbon/appfactory/tenant/roles/DefaultRolesCreatorForSuperTenant.class */
public class DefaultRolesCreatorForSuperTenant {
    private static Log log = LogFactory.getLog(DefaultRolesCreatorForSuperTenant.class);
    private List<RoleBean> roleBeanList;

    public DefaultRolesCreatorForSuperTenant() throws Exception {
        this.roleBeanList = null;
        this.roleBeanList = new ArrayList();
        AppFactoryConfiguration configuration = Util.getConfiguration();
        try {
            String adminUserName = Util.getRealmService().getBootstrapRealm().getRealmConfiguration().getAdminUserName();
            loadPlatformDefaultRoleConfigurations(configuration, adminUserName);
            loadPlatformRoleConfigurations(configuration, adminUserName);
        } catch (UserStoreException e) {
            log.error("Failed to read default roles from appfactory configuration.");
            throw new Exception("Failed to read default roles from appfactory configuration.", e);
        }
    }

    private void loadPlatformDefaultRoleConfigurations(AppFactoryConfiguration appFactoryConfiguration, String str) {
        for (String str2 : appFactoryConfiguration.getProperties("PlatformRoles.DefaultUserRole")) {
            String[] split = appFactoryConfiguration.getFirstProperty("PlatformRoles.DefaultUserRole." + str2 + ".Permission").split(",");
            RoleBean roleBean = new RoleBean(str2.trim());
            roleBean.addUser(str);
            for (String str3 : split) {
                String[] split2 = str3.trim().split(":");
                if (split2.length == 2) {
                    roleBean.addPermission(new Permission(split2[0], split2[1]));
                } else if (split2.length == 1) {
                    roleBean.addPermission(new Permission(split2[0], "ui.execute"));
                }
            }
            this.roleBeanList.add(roleBean);
        }
    }

    private void loadPlatformRoleConfigurations(AppFactoryConfiguration appFactoryConfiguration, String str) {
        for (String str2 : appFactoryConfiguration.getProperties("PlatformRoles.Role")) {
            String[] split = appFactoryConfiguration.getFirstProperty("PlatformRoles.Role." + str2 + ".Permission").split(",");
            RoleBean roleBean = new RoleBean(str2.trim());
            roleBean.addUser(str);
            for (String str3 : split) {
                String[] split2 = str3.trim().split(":");
                if (split2.length == 2) {
                    roleBean.addPermission(new Permission(split2[0], split2[1]));
                } else if (split2.length == 1) {
                    roleBean.addPermission(new Permission(split2[0], "ui.execute"));
                }
            }
            this.roleBeanList.add(roleBean);
        }
    }

    public void createDefaultRoles() throws org.wso2.carbon.user.api.UserStoreException {
        UserStoreManager userStoreManager = Util.getRealmService().getBootstrapRealm().getUserStoreManager();
        AuthorizationManager authorizationManager = Util.getRealmService().getBootstrapRealm().getAuthorizationManager();
        for (RoleBean roleBean : this.roleBeanList) {
            if (userStoreManager.isExistingRole(roleBean.getRoleName())) {
                for (Permission permission : roleBean.getPermissions()) {
                    if (!authorizationManager.isRoleAuthorized(roleBean.getRoleName(), permission.getResourceId(), permission.getAction())) {
                        authorizationManager.authorizeRole(roleBean.getRoleName(), permission.getResourceId(), permission.getAction());
                    }
                }
            } else {
                userStoreManager.addRole(roleBean.getRoleName(), (String[]) roleBean.getUsers().toArray(new String[roleBean.getUsers().size()]), (org.wso2.carbon.user.api.Permission[]) roleBean.getPermissions().toArray(new Permission[roleBean.getPermissions().size()]));
            }
        }
    }
}
