package org.wso2.registry.utils;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.registry.ActionConstants;
import org.wso2.registry.RegistryConstants;
import org.wso2.registry.RegistryException;
import org.wso2.usermanager.AccessControlAdmin;
import org.wso2.usermanager.Realm;
import org.wso2.usermanager.UserManagerConstants;
import org.wso2.usermanager.UserManagerException;
import org.wso2.usermanager.UserStoreAdmin;
import org.wso2.usermanager.UserStoreReader;

/* loaded from: input_file:WEB-INF/lib/wso2registry-core-0.2-SNAPSHOT.jar:org/wso2/registry/utils/AuthorizationUtil.class */
public class AuthorizationUtil {
    private static final Log log = LogFactory.getLog(AuthorizationUtil.class);

    public static void setDefaultAuthorizations(Realm realm, String str, String str2) throws RegistryException {
        if (realm == null) {
            return;
        }
        try {
            AccessControlAdmin accessControlAdmin = realm.getAccessControlAdmin();
            if (str.equals("/")) {
                accessControlAdmin.authorizeUser("system", str, ActionConstants.GET);
                accessControlAdmin.authorizeUser("system", str, ActionConstants.PUT);
                accessControlAdmin.authorizeUser("system", str, ActionConstants.DELETE);
                accessControlAdmin.authorizeUser("system", str, UserManagerConstants.AUTHORIZE);
                accessControlAdmin.authorizeUser("admin", str, ActionConstants.GET);
                accessControlAdmin.authorizeUser("admin", str, ActionConstants.PUT);
                accessControlAdmin.authorizeUser("admin", str, ActionConstants.DELETE);
                accessControlAdmin.authorizeUser("admin", str, UserManagerConstants.AUTHORIZE);
                accessControlAdmin.authorizeRole("admin", str, ActionConstants.GET);
                accessControlAdmin.authorizeRole("admin", str, ActionConstants.PUT);
                accessControlAdmin.authorizeRole("admin", str, ActionConstants.DELETE);
                accessControlAdmin.authorizeRole("admin", str, UserManagerConstants.AUTHORIZE);
                accessControlAdmin.authorizeRole(RegistryConstants.EVERYONE_ROLE, str, ActionConstants.GET);
            } else {
                accessControlAdmin.copyAuthorizations(getParentPath(str), str);
                accessControlAdmin.authorizeUser(str2, str, ActionConstants.GET);
                accessControlAdmin.authorizeUser(str2, str, ActionConstants.PUT);
                accessControlAdmin.authorizeUser(str2, str, ActionConstants.DELETE);
                accessControlAdmin.authorizeUser(str2, str, UserManagerConstants.AUTHORIZE);
            }
        } catch (UserManagerException e) {
            String str3 = "Could not default permissions. \nCaused by: " + e.getMessage();
            log.error(str3, e);
            throw new RegistryException(str3);
        }
    }

    public static void populateUserStore(Realm realm) throws UserManagerException {
        if (realm == null) {
            return;
        }
        UserStoreReader userStoreReader = realm.getUserStoreReader();
        UserStoreAdmin userStoreAdmin = realm.getUserStoreAdmin();
        AccessControlAdmin accessControlAdmin = realm.getAccessControlAdmin();
        String[] allRoleNames = userStoreReader.getAllRoleNames();
        if (!containsString("admin", allRoleNames)) {
            userStoreAdmin.addRole("admin");
            accessControlAdmin.authorizeRole("admin", UserManagerConstants.USER_RESOURCE, UserManagerConstants.ADD);
            accessControlAdmin.authorizeRole("admin", UserManagerConstants.USER_RESOURCE, UserManagerConstants.READ);
            accessControlAdmin.authorizeRole("admin", UserManagerConstants.USER_RESOURCE, "edit");
            accessControlAdmin.authorizeRole("admin", UserManagerConstants.USER_RESOURCE, UserManagerConstants.DELETE);
            accessControlAdmin.authorizeRole("admin", "role", UserManagerConstants.ADD);
            accessControlAdmin.authorizeRole("admin", "role", UserManagerConstants.READ);
            accessControlAdmin.authorizeRole("admin", "role", "edit");
            accessControlAdmin.authorizeRole("admin", "role", UserManagerConstants.DELETE);
            accessControlAdmin.authorizeRole("admin", UserManagerConstants.USER_PERMISSION_RESOURCE, UserManagerConstants.READ);
            accessControlAdmin.authorizeRole("admin", UserManagerConstants.USER_PERMISSION_RESOURCE, UserManagerConstants.ADD);
            accessControlAdmin.authorizeRole("admin", UserManagerConstants.USER_PERMISSION_RESOURCE, "edit");
            accessControlAdmin.authorizeRole("admin", UserManagerConstants.USER_PERMISSION_RESOURCE, UserManagerConstants.DELETE);
        }
        if (!containsString(RegistryConstants.GUESTS_ROLE, allRoleNames)) {
            userStoreAdmin.addRole(RegistryConstants.GUESTS_ROLE);
        }
        if (!containsString(RegistryConstants.EVERYONE_ROLE, allRoleNames)) {
            userStoreAdmin.addRole(RegistryConstants.EVERYONE_ROLE);
            accessControlAdmin.authorizeRole(RegistryConstants.EVERYONE_ROLE, UserManagerConstants.USER_RESOURCE, UserManagerConstants.READ);
            accessControlAdmin.authorizeRole(RegistryConstants.EVERYONE_ROLE, "role", UserManagerConstants.READ);
            accessControlAdmin.authorizeRole(RegistryConstants.EVERYONE_ROLE, UserManagerConstants.USER_PERMISSION_RESOURCE, UserManagerConstants.READ);
        }
        String[] allUserNames = userStoreReader.getAllUserNames();
        if (!containsString("system", allUserNames)) {
            userStoreAdmin.addUser("system", "system");
            accessControlAdmin.authorizeUser("system", UserManagerConstants.USER_RESOURCE, UserManagerConstants.ADD);
            accessControlAdmin.authorizeUser("system", UserManagerConstants.USER_RESOURCE, UserManagerConstants.READ);
            accessControlAdmin.authorizeUser("system", UserManagerConstants.USER_RESOURCE, "edit");
            accessControlAdmin.authorizeUser("system", UserManagerConstants.USER_RESOURCE, UserManagerConstants.DELETE);
            accessControlAdmin.authorizeUser("system", "role", UserManagerConstants.ADD);
            accessControlAdmin.authorizeUser("system", "role", UserManagerConstants.READ);
            accessControlAdmin.authorizeUser("system", "role", "edit");
            accessControlAdmin.authorizeUser("system", "role", UserManagerConstants.DELETE);
            accessControlAdmin.authorizeUser("system", UserManagerConstants.USER_PERMISSION_RESOURCE, UserManagerConstants.READ);
            accessControlAdmin.authorizeUser("system", UserManagerConstants.USER_PERMISSION_RESOURCE, UserManagerConstants.ADD);
            accessControlAdmin.authorizeUser("system", UserManagerConstants.USER_PERMISSION_RESOURCE, "edit");
            accessControlAdmin.authorizeUser("system", UserManagerConstants.USER_PERMISSION_RESOURCE, UserManagerConstants.DELETE);
        }
        if (!containsString("admin", allUserNames)) {
            userStoreAdmin.addUser("admin", "admin");
            accessControlAdmin.authorizeUser("admin", UserManagerConstants.USER_RESOURCE, UserManagerConstants.ADD);
            accessControlAdmin.authorizeUser("admin", UserManagerConstants.USER_RESOURCE, UserManagerConstants.READ);
            accessControlAdmin.authorizeUser("admin", UserManagerConstants.USER_RESOURCE, "edit");
            accessControlAdmin.authorizeUser("admin", UserManagerConstants.USER_RESOURCE, UserManagerConstants.DELETE);
            accessControlAdmin.authorizeUser("admin", "role", UserManagerConstants.ADD);
            accessControlAdmin.authorizeUser("admin", "role", UserManagerConstants.READ);
            accessControlAdmin.authorizeUser("admin", "role", "edit");
            accessControlAdmin.authorizeUser("admin", "role", UserManagerConstants.DELETE);
            accessControlAdmin.authorizeUser("admin", UserManagerConstants.USER_PERMISSION_RESOURCE, UserManagerConstants.READ);
            accessControlAdmin.authorizeUser("admin", UserManagerConstants.USER_PERMISSION_RESOURCE, UserManagerConstants.ADD);
            accessControlAdmin.authorizeUser("admin", UserManagerConstants.USER_PERMISSION_RESOURCE, "edit");
            accessControlAdmin.authorizeUser("admin", UserManagerConstants.USER_PERMISSION_RESOURCE, UserManagerConstants.DELETE);
        }
        if (containsString(RegistryConstants.ANONYMOUS_USER, allUserNames)) {
            return;
        }
        userStoreAdmin.addUser(RegistryConstants.ANONYMOUS_USER, RegistryConstants.ANONYMOUS_PASSWORD);
        userStoreAdmin.addUserToRole(RegistryConstants.ANONYMOUS_USER, RegistryConstants.EVERYONE_ROLE);
    }

    private static String getParentPath(String str) {
        if (str.equals("/")) {
            return null;
        }
        int lastIndexOf = str.lastIndexOf("/");
        return lastIndexOf == 0 ? "/" : str.substring(0, lastIndexOf);
    }

    private static boolean containsString(String str, String[] strArr) {
        for (String str2 : strArr) {
            if (str.equals(str2)) {
                return true;
            }
        }
        return false;
    }
}
