package org.glassfish.connectors.admin.cli;

import com.sun.enterprise.config.serverbeans.Domain;
import com.sun.enterprise.util.LocalStringManagerImpl;
import java.beans.PropertyVetoException;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;
import org.glassfish.api.ActionReport;
import org.glassfish.api.I18n;
import org.glassfish.api.Param;
import org.glassfish.api.admin.AdminCommand;
import org.glassfish.api.admin.AdminCommandContext;
import org.glassfish.api.admin.ExecuteOn;
import org.glassfish.api.admin.RuntimeType;
import org.glassfish.connectors.admin.cli.CLIConstants;
import org.glassfish.connectors.config.BackendPrincipal;
import org.glassfish.connectors.config.ConnectorConnectionPool;
import org.glassfish.connectors.config.SecurityMap;
import org.glassfish.hk2.api.PerLookup;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.config.ConfigSupport;
import org.jvnet.hk2.config.SingleConfigCode;
import org.jvnet.hk2.config.TransactionFailure;

@Service(name = CLIConstants.SM.SM_CREATE_COMMAND_NAME)
@I18n("create.connector.security.map")
@ExecuteOn({RuntimeType.ALL})
@PerLookup
/* loaded from: input_file:org/glassfish/connectors/admin/cli/CreateConnectorSecurityMap.class */
public class CreateConnectorSecurityMap extends ConnectorSecurityMap implements AdminCommand {
    private static final LocalStringManagerImpl localStrings = new LocalStringManagerImpl(CreateConnectorSecurityMap.class);

    @Param(optional = true, obsolete = true)
    private String target = "server";

    @Param(name = "poolname")
    private String poolName;

    @Param(name = "principals", optional = true)
    private List<String> principals;

    @Param(name = CLIConstants.SM.SM_USER_GROUPS, optional = true)
    private List<String> userGroups;

    @Param(name = CLIConstants.SM.SM_MAPPED_NAME)
    private String mappedusername;

    @Param(name = CLIConstants.SM.SM_MAPPED_PASSWORD, password = true, optional = true)
    private String mappedpassword;

    @Param(name = "mapname", primary = true)
    private String securityMapName;

    @Inject
    private Domain domain;

    @Override // org.glassfish.api.admin.AdminCommand
    public void execute(AdminCommandContext adminCommandContext) {
        ActionReport actionReport = adminCommandContext.getActionReport();
        if (this.securityMapName == null) {
            actionReport.setMessage(localStrings.getLocalString("create.connector.security.map.noSecurityMapName", "No security map name specified"));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        if (this.principals == null && this.userGroups == null) {
            actionReport.setMessage(localStrings.getLocalString("create.connector.security.map.noPrincipalsOrGroupsMap", "Either the principal or the user group has to be specified while creating a security map. Both cannot be null."));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        if (this.principals != null && this.userGroups != null) {
            actionReport.setMessage(localStrings.getLocalString("create.connector.security.map.specifyPrincipalsOrGroupsMap", "A work-security-map can have either (any number of) group mapping or (any number of) principals mapping but not both. Specify --principals or --usergroups."));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        Collection<ConnectorConnectionPool> resources = this.domain.getResources().getResources(ConnectorConnectionPool.class);
        if (!doesPoolNameExist(this.poolName, resources)) {
            actionReport.setMessage(localStrings.getLocalString("create.connector.security.map.noSuchPoolFound", "Connector connection pool {0} does not exist. Please specify a valid pool name.", this.poolName));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        if (doesMapNameExist(this.poolName, this.securityMapName, resources)) {
            actionReport.setMessage(localStrings.getLocalString("create.connector.security.map.duplicate", "A security map named {0} already exists for connector connection pool {1}. Please give a different map name.", this.securityMapName, this.poolName));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        List<SecurityMap> allSecurityMapsForPool = getAllSecurityMapsForPool(this.poolName, resources);
        if (this.principals != null) {
            for (String str : this.principals) {
                if (isPrincipalExisting(str, allSecurityMapsForPool)) {
                    actionReport.setMessage(localStrings.getLocalString("create.connector.security.map.principal_exists", "The principal {0} already exists in connector connection pool {1}. Please give a different principal name.", str, this.poolName));
                    actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                    return;
                }
            }
        }
        if (this.userGroups != null) {
            for (String str2 : this.userGroups) {
                if (isUserGroupExisting(str2, allSecurityMapsForPool)) {
                    actionReport.setMessage(localStrings.getLocalString("create.connector.security.map.usergroup_exists", "The user-group {0} already exists in connector connection pool {1}. Please give a different user-group name.", str2, this.poolName));
                    actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                    return;
                }
            }
        }
        ConnectorConnectionPool connectorConnectionPool = null;
        for (ConnectorConnectionPool connectorConnectionPool2 : resources) {
            if (connectorConnectionPool2.getName().equals(this.poolName)) {
                connectorConnectionPool = connectorConnectionPool2;
            }
        }
        try {
            ConfigSupport.apply(new SingleConfigCode<ConnectorConnectionPool>() { // from class: org.glassfish.connectors.admin.cli.CreateConnectorSecurityMap.1
                @Override // org.jvnet.hk2.config.SingleConfigCode
                public Object run(ConnectorConnectionPool connectorConnectionPool3) throws PropertyVetoException, TransactionFailure {
                    List<SecurityMap> securityMap = connectorConnectionPool3.getSecurityMap();
                    SecurityMap securityMap2 = (SecurityMap) connectorConnectionPool3.createChild(SecurityMap.class);
                    securityMap2.setName(CreateConnectorSecurityMap.this.securityMapName);
                    if (CreateConnectorSecurityMap.this.principals != null) {
                        Iterator it = CreateConnectorSecurityMap.this.principals.iterator();
                        while (it.hasNext()) {
                            securityMap2.getPrincipal().add((String) it.next());
                        }
                    }
                    if (CreateConnectorSecurityMap.this.userGroups != null) {
                        Iterator it2 = CreateConnectorSecurityMap.this.userGroups.iterator();
                        while (it2.hasNext()) {
                            securityMap2.getUserGroup().add((String) it2.next());
                        }
                    }
                    BackendPrincipal backendPrincipal = (BackendPrincipal) securityMap2.createChild(BackendPrincipal.class);
                    backendPrincipal.setUserName(CreateConnectorSecurityMap.this.mappedusername);
                    if (CreateConnectorSecurityMap.this.mappedpassword != null && !CreateConnectorSecurityMap.this.mappedpassword.isEmpty()) {
                        backendPrincipal.setPassword(CreateConnectorSecurityMap.this.mappedpassword);
                    }
                    securityMap2.setBackendPrincipal(backendPrincipal);
                    securityMap.add(securityMap2);
                    return securityMap2;
                }
            }, connectorConnectionPool);
            actionReport.setActionExitCode(ActionReport.ExitCode.SUCCESS);
        } catch (TransactionFailure e) {
            actionReport.setMessage(localStrings.getLocalString("create.connector.security.map.fail", "Unable to create connector security map {0} for connector connection pool {1} ", this.securityMapName, this.poolName) + " " + e.getLocalizedMessage());
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            actionReport.setFailureCause(e);
        }
    }
}
