package org.wso2.carbon.analytics.permissions.internal.impl;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.analytics.idp.client.core.api.IdPClient;
import org.wso2.carbon.analytics.idp.client.core.exception.IdPClientException;
import org.wso2.carbon.analytics.permissions.PermissionProvider;
import org.wso2.carbon.analytics.permissions.bean.Permission;
import org.wso2.carbon.analytics.permissions.bean.PermissionConfig;
import org.wso2.carbon.analytics.permissions.bean.PermissionString;
import org.wso2.carbon.analytics.permissions.bean.Role;
import org.wso2.carbon.analytics.permissions.exceptions.PermissionException;
import org.wso2.carbon.analytics.permissions.internal.dao.PermissionsDAO;
import org.wso2.carbon.analytics.permissions.internal.util.PermissionUtil;
import org.wso2.carbon.config.ConfigurationException;
import org.wso2.carbon.config.provider.ConfigProvider;
import org.wso2.carbon.datasource.core.api.DataSourceService;

@Component(name = "DefaultPermissionProvider", service = {PermissionProvider.class}, immediate = true)
/* loaded from: input_file:org/wso2/carbon/analytics/permissions/internal/impl/DefaultPermissionProvider.class */
public class DefaultPermissionProvider implements PermissionProvider {
    private static final Logger log = LoggerFactory.getLogger(DefaultPermissionProvider.class);
    private DataSourceService dataSourceService;
    private IdPClient idPClient;
    private PermissionConfig permissionConfig;
    private PermissionsDAO permissionsDAO;

    private PermissionsDAO getPermissionsDAO() {
        if (this.permissionsDAO == null) {
            log.debug("Permission DAO is not initialized. Initializing the DAO.");
            this.permissionsDAO = new PermissionsDAO(this.dataSourceService, this.permissionConfig);
        }
        return this.permissionsDAO;
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public void addPermission(Permission permission) throws PermissionException {
        if (log.isDebugEnabled()) {
            log.debug("Add permission " + permission);
        }
        getPermissionsDAO().addPermission(permission);
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public String addPermissionAPI(Permission permission) throws PermissionException {
        String createPermissionID = PermissionUtil.createPermissionID(permission);
        addPermission(permission);
        return createPermissionID;
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public boolean isPermissionExists(Permission permission) throws PermissionException {
        return getPermissionsDAO().isPermissionExists(permission);
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public void deletePermission(Permission permission) throws PermissionException {
        if (log.isDebugEnabled()) {
            log.debug("Delete permission " + permission);
        }
        getPermissionsDAO().revokePermission(permission);
        getPermissionsDAO().deletePermission(permission);
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public void deletePermission(String str) throws PermissionException {
        if (log.isDebugEnabled()) {
            log.debug("Delete permission " + str);
        }
        getPermissionsDAO().revokePermission(str);
        getPermissionsDAO().deletePermission(str);
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public List<PermissionString> getPermissionStrings(String str) {
        if (log.isDebugEnabled()) {
            log.debug("Getting permissions for app: " + str);
        }
        return this.permissionsDAO.getPermissionStrings(str);
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public void grantPermission(Permission permission, Role role) throws PermissionException {
        if (log.isDebugEnabled()) {
            log.debug("Grant permission " + permission + " to " + role);
        }
        getPermissionsDAO().grantPermission(permission, role);
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public void revokePermission(Permission permission) throws PermissionException {
        if (log.isDebugEnabled()) {
            log.debug("Revoke permission " + permission);
        }
        getPermissionsDAO().revokePermission(permission);
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public void revokePermission(String str) throws PermissionException {
        if (log.isDebugEnabled()) {
            log.debug("Revoke permission " + str);
        }
        getPermissionsDAO().revokePermission(str);
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public void revokePermission(Permission permission, Role role) throws PermissionException {
        if (log.isDebugEnabled()) {
            log.debug("Revoke permission " + permission + " from " + role);
        }
        getPermissionsDAO().revokePermission(permission, role);
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public void revokePermission(Permission permission, String str) throws PermissionException {
        if (log.isDebugEnabled()) {
            log.debug("Revoke permission " + permission.toString() + " from " + str);
        }
        getPermissionsDAO().revokePermission(permission, str);
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public boolean hasPermission(String str, Permission permission) throws PermissionException {
        if (log.isDebugEnabled()) {
            log.debug("Check permission " + permission);
        }
        List<Role> roles = getRoles(str);
        try {
            org.wso2.carbon.analytics.idp.client.core.models.Role adminRole = this.idPClient.getAdminRole();
            if (roles.stream().anyMatch(role -> {
                return role.getId().equals(adminRole.getId());
            })) {
                return true;
            }
            if (roles.size() == 0) {
                log.debug("No roles retrieved for the user.");
                return false;
            }
            log.debug("Retrieved roles for the user.");
            return getPermissionsDAO().hasPermission(roles, permission);
        } catch (IdPClientException e) {
            throw new PermissionException("Failed getting admin role.");
        }
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public boolean hasPermission(String str, String str2) throws PermissionException {
        return false;
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public List<Role> getGrantedRoles(Permission permission) throws PermissionException {
        if (log.isDebugEnabled()) {
            log.debug("Get roles assigned for " + permission);
        }
        HashMap hashMap = new HashMap();
        try {
            for (org.wso2.carbon.analytics.idp.client.core.models.Role role : this.idPClient.getAllRoles()) {
                hashMap.put(role.getId(), role);
            }
            List<Role> grantedRoles = getPermissionsDAO().getGrantedRoles(permission);
            grantedRoles.forEach(role2 -> {
                role2.setName(((org.wso2.carbon.analytics.idp.client.core.models.Role) hashMap.get(role2.getId())).getDisplayName());
            });
            return grantedRoles;
        } catch (IdPClientException e) {
            throw new PermissionException("Failed getting roles for the permission " + permission + ".");
        }
    }

    @Override // org.wso2.carbon.analytics.permissions.PermissionProvider
    public List<Role> getGrantedRoles(String str) throws PermissionException {
        if (log.isDebugEnabled()) {
            log.debug("Get roles assigned for " + str);
        }
        HashMap hashMap = new HashMap();
        try {
            for (org.wso2.carbon.analytics.idp.client.core.models.Role role : this.idPClient.getAllRoles()) {
                hashMap.put(role.getId(), role);
            }
            List<Role> grantedRoles = getPermissionsDAO().getGrantedRoles(str);
            grantedRoles.forEach(role2 -> {
                role2.setName(((org.wso2.carbon.analytics.idp.client.core.models.Role) hashMap.get(role2.getId())).getDisplayName());
            });
            return grantedRoles;
        } catch (IdPClientException e) {
            throw new PermissionException("Failed getting roles for the permission " + str + ".");
        }
    }

    private List<Role> getRoles(String str) {
        if (this.idPClient == null) {
            throw new RuntimeException("IdP client is not initialized properly. Unable to get user roles.");
        }
        ArrayList arrayList = new ArrayList();
        try {
            this.idPClient.getUserRoles(str).forEach(role -> {
                arrayList.add(new Role(role.getId(), role.getDisplayName()));
            });
            return arrayList;
        } catch (IdPClientException e) {
            throw new PermissionException("Failed getting roles of the user. Unable to check permissions.");
        }
    }

    @Reference(name = "org.wso2.carbon.datasource.DataSourceService", service = DataSourceService.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, unbind = "unregisterDataSourceService")
    protected void registerDataSourceService(DataSourceService dataSourceService) {
        this.dataSourceService = dataSourceService;
    }

    protected void unregisterDataSourceService(DataSourceService dataSourceService) {
        this.dataSourceService = null;
    }

    @Reference(name = "carbon.config.provider", service = ConfigProvider.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, unbind = "unregisterConfigProvider")
    protected void registerConfigProvider(ConfigProvider configProvider) {
        try {
            this.permissionConfig = (PermissionConfig) configProvider.getConfigurationObject(PermissionConfig.class);
        } catch (ConfigurationException e) {
            throw new PermissionException("Error occurred while fetching permission configuration.", e);
        }
    }

    protected void unregisterConfigProvider(ConfigProvider configProvider) {
    }

    @Reference(name = "org.wso2.carbon.analytics.idp.client.core.api.IdPClient", service = IdPClient.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, unbind = "unregisterIdPClient")
    protected void registerIdPClient(IdPClient idPClient) {
        this.idPClient = idPClient;
    }

    protected void unregisterIdPClient(IdPClient idPClient) {
        this.idPClient = null;
    }
}
