package org.wso2.carbon.registry.core.utils;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.registry.core.ActionConstants;
import org.wso2.carbon.registry.core.RegistryConstants;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.registry.core.session.CurrentSession;
import org.wso2.carbon.user.core.AccessControlAdmin;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreAdmin;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreReader;

/* loaded from: input_file:org/wso2/carbon/registry/core/utils/AuthorizationUtils.class */
public class AuthorizationUtils {
    public static final Log log = LogFactory.getLog(AuthorizationUtils.class);

    public static boolean authorize(String str, String str2) throws RegistryException {
        try {
            return CurrentSession.getRealm().getAuthorizer().isUserAuthorized(CurrentSession.getUser(), str, str2);
        } catch (UserStoreException e) {
            String str3 = "Could not check authorization. \nCaused by " + e.getMessage();
            log.error(str3, e);
            throw new RegistryException(str3, e);
        }
    }

    public static void copyAuthorizations(String str, String str2) throws RegistryException {
        try {
            CurrentSession.getRealm().getAccessControlAdmin().copyAuthorizations(str, str2);
        } catch (UserStoreException e) {
            String str3 = "Could not copy authorizations. " + e.getMessage();
            log.error(str3, e);
            throw new RegistryException(str3, e);
        }
    }

    public static void clearAuthorizations(String str) throws RegistryException {
        try {
            CurrentSession.getRealm().getAccessControlAdmin().clearResourceAuthorizations(str);
        } catch (UserStoreException e) {
            String str2 = "Could not clear authorizations. " + e.getMessage();
            log.error(str2, e);
            throw new RegistryException(str2, e);
        }
    }

    public static void setRootAuthorizations(String str, UserRealm userRealm) throws RegistryException {
        if (userRealm == null) {
            return;
        }
        try {
            AccessControlAdmin accessControlAdmin = userRealm.getAccessControlAdmin();
            accessControlAdmin.authorizeUser("system", str, ActionConstants.GET);
            accessControlAdmin.authorizeUser("system", str, ActionConstants.PUT);
            accessControlAdmin.authorizeUser("system", str, ActionConstants.DELETE);
            accessControlAdmin.authorizeUser("system", str, "authorize");
            accessControlAdmin.authorizeUser("admin", str, ActionConstants.GET);
            accessControlAdmin.authorizeUser("admin", str, ActionConstants.PUT);
            accessControlAdmin.authorizeUser("admin", str, ActionConstants.DELETE);
            accessControlAdmin.authorizeUser("admin", str, "authorize");
            accessControlAdmin.authorizeRole("admin", str, ActionConstants.GET);
            accessControlAdmin.authorizeRole("admin", str, ActionConstants.PUT);
            accessControlAdmin.authorizeRole("admin", str, ActionConstants.DELETE);
            accessControlAdmin.authorizeRole("admin", str, "authorize");
            accessControlAdmin.authorizeRole(RegistryConstants.EVERYONE_ROLE, str, ActionConstants.GET);
        } catch (UserStoreException e) {
            String str2 = "Could not set authorizations for the root. \nCaused by: " + e.getMessage();
            log.error(str2, e);
            throw new RegistryException(str2);
        }
    }

    public static void setAdminAuthorizations(String str, UserRealm userRealm) throws RegistryException {
        if (userRealm == null) {
            return;
        }
        try {
            AccessControlAdmin accessControlAdmin = userRealm.getAccessControlAdmin();
            accessControlAdmin.clearResourceAuthorizations(str);
            accessControlAdmin.authorizeUser("system", str, ActionConstants.GET);
            accessControlAdmin.authorizeUser("system", str, ActionConstants.PUT);
            accessControlAdmin.authorizeUser("system", str, ActionConstants.DELETE);
            accessControlAdmin.authorizeUser("system", str, "authorize");
            accessControlAdmin.authorizeUser("admin", str, ActionConstants.GET);
            accessControlAdmin.authorizeUser("admin", str, ActionConstants.PUT);
            accessControlAdmin.authorizeUser("admin", str, ActionConstants.DELETE);
            accessControlAdmin.authorizeUser("admin", str, "authorize");
            accessControlAdmin.authorizeRole("admin", str, ActionConstants.GET);
            accessControlAdmin.authorizeRole("admin", str, ActionConstants.PUT);
            accessControlAdmin.authorizeRole("admin", str, ActionConstants.DELETE);
            accessControlAdmin.authorizeRole("admin", str, "authorize");
        } catch (UserStoreException e) {
            String str2 = "Could not set authorizations for the resource " + str + ". Caused by: " + e.getMessage();
            log.error(str2, e);
            throw new RegistryException(str2);
        }
    }

    public static void populateUserStore(UserRealm userRealm) throws UserStoreException {
        if (userRealm == null) {
            return;
        }
        UserStoreReader userStoreReader = userRealm.getUserStoreReader();
        UserStoreAdmin userStoreAdmin = userRealm.getUserStoreAdmin();
        AccessControlAdmin accessControlAdmin = userRealm.getAccessControlAdmin();
        if (!userStoreReader.isExistingRole("admin")) {
            userStoreAdmin.addRole("admin");
        }
        accessControlAdmin.authorizeRole("admin", "user", "add");
        accessControlAdmin.authorizeRole("admin", "user", "read");
        accessControlAdmin.authorizeRole("admin", "user", "edit");
        accessControlAdmin.authorizeRole("admin", "user", "delete");
        accessControlAdmin.authorizeRole("admin", "role", "add");
        accessControlAdmin.authorizeRole("admin", "role", "read");
        accessControlAdmin.authorizeRole("admin", "role", "edit");
        accessControlAdmin.authorizeRole("admin", "role", "delete");
        accessControlAdmin.authorizeRole("admin", "user_permission", "read");
        accessControlAdmin.authorizeRole("admin", "user_permission", "add");
        accessControlAdmin.authorizeRole("admin", "user_permission", "edit");
        accessControlAdmin.authorizeRole("admin", "user_permission", "delete");
        if (!userStoreReader.isExistingRole(RegistryConstants.EVERYONE_ROLE)) {
            userStoreAdmin.addRole(RegistryConstants.EVERYONE_ROLE);
        }
        accessControlAdmin.authorizeRole(RegistryConstants.EVERYONE_ROLE, "user", "read");
        accessControlAdmin.authorizeRole(RegistryConstants.EVERYONE_ROLE, "role", "read");
        accessControlAdmin.authorizeRole(RegistryConstants.EVERYONE_ROLE, "user_permission", "read");
        if (!userStoreReader.isExistingUser("system")) {
            userStoreAdmin.addUser("system", "system");
        }
        accessControlAdmin.authorizeUser("system", "user", "add");
        accessControlAdmin.authorizeUser("system", "user", "read");
        accessControlAdmin.authorizeUser("system", "user", "edit");
        accessControlAdmin.authorizeUser("system", "user", "delete");
        accessControlAdmin.authorizeUser("system", "role", "add");
        accessControlAdmin.authorizeUser("system", "role", "read");
        accessControlAdmin.authorizeUser("system", "role", "edit");
        accessControlAdmin.authorizeUser("system", "role", "delete");
        accessControlAdmin.authorizeUser("system", "user_permission", "read");
        accessControlAdmin.authorizeUser("system", "user_permission", "add");
        accessControlAdmin.authorizeUser("system", "user_permission", "edit");
        accessControlAdmin.authorizeUser("system", "user_permission", "delete");
        if (!userStoreReader.isExistingUser("admin")) {
            userStoreAdmin.addUser("admin", "admin");
        }
        accessControlAdmin.authorizeUser("admin", "user", "add");
        accessControlAdmin.authorizeUser("admin", "user", "read");
        accessControlAdmin.authorizeUser("admin", "user", "edit");
        accessControlAdmin.authorizeUser("admin", "user", "delete");
        accessControlAdmin.authorizeUser("admin", "role", "add");
        accessControlAdmin.authorizeUser("admin", "role", "read");
        accessControlAdmin.authorizeUser("admin", "role", "edit");
        accessControlAdmin.authorizeUser("admin", "role", "delete");
        accessControlAdmin.authorizeUser("admin", "user_permission", "read");
        accessControlAdmin.authorizeUser("admin", "user_permission", "add");
        accessControlAdmin.authorizeUser("admin", "user_permission", "edit");
        accessControlAdmin.authorizeUser("admin", "user_permission", "delete");
        if (userStoreReader.isExistingUser(RegistryConstants.ANONYMOUS_USER)) {
            return;
        }
        userStoreAdmin.addUser(RegistryConstants.ANONYMOUS_USER, RegistryConstants.ANONYMOUS_PASSWORD);
    }

    public static String getAuthorizationPath(String str) {
        String str2 = str;
        if (str.indexOf("?") > 0) {
            str2 = str.split("\\?")[0];
        } else if (str.indexOf(RegistryConstants.URL_SEPARATOR) > 0) {
            str2 = str.split("\\;")[0];
        }
        if (str2.equals("/")) {
            return str2;
        }
        if (!str2.startsWith("/")) {
            str2 = "/" + str2;
        }
        if (str2.endsWith("/")) {
            str2 = str2.substring(0, str2.length() - 1);
        }
        return str2;
    }
}
