package org.wso2.carbon.registry.resource.services.utils;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.registry.common.eventing.RegistryEvent;
import org.wso2.carbon.registry.core.Collection;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.registry.core.session.UserRegistry;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreException;

/* loaded from: input_file:org/wso2/carbon/registry/resource/services/utils/AddRolePermissionUtil.class */
public class AddRolePermissionUtil {
    private static final Log log = LogFactory.getLog(AddRolePermissionUtil.class);

    public static void addRolePermission(UserRegistry userRegistry, String str, String str2, String str3, String str4) throws Exception {
        boolean z;
        try {
            UserRealm userRealm = userRegistry.getUserRealm();
            userRealm.getAuthorizationManager();
            try {
                String str5 = "The following authorization has been added.";
                if (str3.equals("2")) {
                    if (str4.equals("1")) {
                        userRealm.getAuthorizationManager().authorizeRole(str2, str, "http://www.wso2.org/projects/registry/actions/get");
                        str5 = str5 + " READ: Allowed.";
                    } else {
                        userRealm.getAuthorizationManager().denyRole(str2, str, "http://www.wso2.org/projects/registry/actions/get");
                        str5 = str5 + " READ: Denied.";
                    }
                }
                if (str3.equals("3")) {
                    if (str4.equals("1")) {
                        userRealm.getAuthorizationManager().authorizeRole(str2, str, "http://www.wso2.org/projects/registry/actions/add");
                        str5 = str5 + " WRITE: Allowed.";
                    } else {
                        userRealm.getAuthorizationManager().denyRole(str2, str, "http://www.wso2.org/projects/registry/actions/add");
                        str5 = str5 + " WRITE: Denied.";
                    }
                }
                if (str3.equals("4")) {
                    if (str4.equals("1")) {
                        userRealm.getAuthorizationManager().authorizeRole(str2, str, "http://www.wso2.org/projects/registry/actions/delete");
                        str5 = str5 + " DELETE: Allowed.";
                    } else {
                        userRealm.getAuthorizationManager().denyRole(str2, str, "http://www.wso2.org/projects/registry/actions/delete");
                        str5 = str5 + " DELETE: Denied.";
                    }
                }
                if (str3.equals("5")) {
                    if (str4.equals("1")) {
                        userRealm.getAuthorizationManager().authorizeRole(str2, str, "authorize");
                        str5 = str5 + " AUTHORIZE: Allowed.";
                    } else {
                        userRealm.getAuthorizationManager().denyRole(str2, str, "authorize");
                        str5 = str5 + " AUTHORIZE: Denied.";
                    }
                }
                String str6 = "Permissions have been added for the role " + str2 + " on resource " + str + ". " + str5;
                try {
                    z = !(userRegistry.get(str) instanceof Collection);
                } catch (RegistryException e) {
                    z = true;
                }
                RegistryEvent registryEvent = new RegistryEvent(str6);
                if (z) {
                    registryEvent.setTopic("/ResourceUpdated" + str);
                } else {
                    registryEvent.setTopic("/CollectionUpdated" + str);
                }
                registryEvent.setTenantId(userRegistry.getTenantId());
                CommonUtil.notify(registryEvent, userRegistry, str);
                log.debug("Role authorization performed successfully.");
            } catch (UserStoreException e2) {
                String str7 = "Failed to add role permissions. " + e2.getMessage();
                log.error(str7, e2);
                throw new RegistryException(str7, e2);
            }
        } catch (Exception e3) {
            String str8 = "Couldn't get access control admin for changing authorizations. Caused by: " + e3.getMessage();
            log.error(str8, e3);
            throw new RegistryException(str8, e3);
        }
    }
}
