package org.wso2.carbon.identity.role.mgt.core.internal;

import java.util.List;
import java.util.Set;
import org.apache.commons.lang.NotImplementedException;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.role.mgt.core.GroupBasicInfo;
import org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException;
import org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException;
import org.wso2.carbon.identity.role.mgt.core.Role;
import org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo;
import org.wso2.carbon.identity.role.mgt.core.RoleConstants;
import org.wso2.carbon.identity.role.mgt.core.RoleManagementEventPublisherProxy;
import org.wso2.carbon.identity.role.mgt.core.RoleManagementService;
import org.wso2.carbon.identity.role.mgt.core.UserBasicInfo;
import org.wso2.carbon.identity.role.mgt.core.dao.RoleDAO;
import org.wso2.carbon.identity.role.mgt.core.dao.RoleMgtDAOFactory;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/role/mgt/core/internal/RoleManagementServiceImpl.class */
public class RoleManagementServiceImpl implements RoleManagementService {
    private static final String auditMessage = "Initiator : %s | Action : %s | Target : %s | Data : { %s } | Result : %s ";
    private static final Log log = LogFactory.getLog(RoleManagementServiceImpl.class);
    private static final Log audit = CarbonConstants.AUDIT_LOG;
    private final RoleDAO roleDAO = RoleMgtDAOFactory.getInstance().getRoleDAO();
    private final String success = "Success";

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public RoleBasicInfo addRole(String str, List<String> list, List<String> list2, List<String> list3, String str2) throws IdentityRoleManagementException {
        if (StringUtils.startsWithIgnoreCase(str, "system_")) {
            throw new IdentityRoleManagementClientException(RoleConstants.Error.INVALID_REQUEST.getCode(), String.format("Invalid role name: %s. Role names with the prefix: %s, is not allowed to be created from externally in the system.", str, "system_"));
        }
        if (isDomainSeparatorPresent(str)) {
            throw new IdentityRoleManagementClientException(RoleConstants.Error.INVALID_REQUEST.getCode(), "Invalid character: " + UserCoreConstants.DOMAIN_SEPARATOR + " contains in the role name: " + str + ".");
        }
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreAddRole(str, list, list2, list3, str2);
        RoleBasicInfo addRole = this.roleDAO.addRole(str, list, list2, list3, str2);
        roleManagementEventPublisherProxy.publishPostAddRole(str, list, list2, list3, str2);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s add role of name : %s successfully.", getUser(str2), str));
        }
        audit.info(String.format(auditMessage, getInitiator(str2), "Add Role", str, getAuditData(str2), "Success"));
        return addRole;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public List<RoleBasicInfo> getRoles(Integer num, Integer num2, String str, String str2, String str3) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreGetRoles(num, num2, str, str2, str3);
        List<RoleBasicInfo> roles = this.roleDAO.getRoles(num, num2, str, str2, str3);
        roleManagementEventPublisherProxy.publishPostGetRoles(num, num2, str, str2, str3);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s get roles successfully.", getUser(str3)));
        }
        return roles;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public List<RoleBasicInfo> getRoles(String str, Integer num, Integer num2, String str2, String str3, String str4) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreGetRoles(str, num, num2, str2, str3, str4);
        List<RoleBasicInfo> roles = this.roleDAO.getRoles(str, num, num2, str2, str3, str4);
        roleManagementEventPublisherProxy.publishPostGetRoles(str, num, num2, str2, str3, str4);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s get filtered roles successfully.", getUser(str4)));
        }
        return roles;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public int getRolesCount(String str) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreGetRolesCount(str);
        int rolesCount = this.roleDAO.getRolesCount(str);
        roleManagementEventPublisherProxy.publishPostGetRolesCount(str);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s get roles count successfully.", getUser(str)));
        }
        return rolesCount;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public Role getRole(String str, String str2) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreGetRole(str, str2);
        Role role = this.roleDAO.getRole(str, str2);
        roleManagementEventPublisherProxy.publishPostGetRole(str, str2);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s get role of id : %s successfully.", getUser(str2), str));
        }
        return role;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public Role getRoleWithoutUsers(String str, String str2) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreGetRole(str, str2);
        Role roleWithoutUsers = this.roleDAO.getRoleWithoutUsers(str, str2);
        roleManagementEventPublisherProxy.publishPostGetRole(str, str2);
        return roleWithoutUsers;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public String getRoleNameByRoleId(String str, String str2) throws IdentityRoleManagementException {
        return this.roleDAO.getRoleNameByID(str, str2);
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public RoleBasicInfo updateRoleName(String str, String str2, String str3) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreUpdateRoleName(str, str2, str3);
        if (isDomainSeparatorPresent(str2)) {
            throw new IdentityRoleManagementClientException(RoleConstants.Error.INVALID_REQUEST.getCode(), "Invalid character: " + UserCoreConstants.DOMAIN_SEPARATOR + " contains in the role name: " + str2 + ".");
        }
        RoleBasicInfo updateRoleName = this.roleDAO.updateRoleName(str, str2, str3);
        roleManagementEventPublisherProxy.publishPostUpdateRoleName(str, str2, str3);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s updated role name of role id : %s successfully.", getUser(str3), str));
        }
        audit.info(String.format(auditMessage, getInitiator(str3), "Update role name by ID", str, getAuditData(str3, str2), "Success"));
        return updateRoleName;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public void deleteRole(String str, String str2) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreDeleteRole(str, str2);
        this.roleDAO.deleteRole(str, str2);
        roleManagementEventPublisherProxy.publishPostDeleteRole(str, str2);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s deleted role of id : %s successfully.", getUser(str2), str));
        }
        audit.info(String.format(auditMessage, getInitiator(str2), "Delete role by id", str, getAuditData(str2), "Success"));
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public List<UserBasicInfo> getUserListOfRole(String str, String str2) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreGetGroupListOfRole(str, str2);
        List<UserBasicInfo> userListOfRole = this.roleDAO.getUserListOfRole(str, str2);
        roleManagementEventPublisherProxy.publishPostGetGroupListOfRole(str, str2);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s get list of users of role of id : %s successfully.", getUser(str2), str));
        }
        return userListOfRole;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public RoleBasicInfo updateUserListOfRole(String str, List<String> list, List<String> list2, String str2) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreUpdateUserListOfRole(str, list, list2, str2);
        RoleBasicInfo updateUserListOfRole = this.roleDAO.updateUserListOfRole(str, list, list2, str2);
        roleManagementEventPublisherProxy.publishPostUpdateUserListOfRole(str, list, list2, str2);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s updated list of users of role of id : %s successfully.", getUser(str2), str));
        }
        audit.info(String.format(auditMessage, getInitiator(str2), "Update users list of role by id", str, getAuditData(str2), "Success"));
        return updateUserListOfRole;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public List<GroupBasicInfo> getGroupListOfRole(String str, String str2) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreGetUserListOfRole(str, str2);
        List<GroupBasicInfo> groupListOfRole = this.roleDAO.getGroupListOfRole(str, str2);
        roleManagementEventPublisherProxy.publishPostGetUserListOfRole(str, str2);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s get list of groups of role of id : %s successfully.", getUser(str2), str));
        }
        return groupListOfRole;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public RoleBasicInfo updateGroupListOfRole(String str, List<String> list, List<String> list2, String str2) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreUpdateGroupListOfRole(str, list, list2, str2);
        RoleBasicInfo updateGroupListOfRole = this.roleDAO.updateGroupListOfRole(str, list, list2, str2);
        roleManagementEventPublisherProxy.publishPostUpdateGroupListOfRole(str, list, list2, str2);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s updated list of groups of role of id : %s successfully.", getUser(str2), str));
        }
        audit.info(String.format(auditMessage, getInitiator(str2), "Update group list of role by id", str, getAuditData(str2), "Success"));
        return updateGroupListOfRole;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public List<String> getPermissionListOfRole(String str, String str2) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreGetPermissionListOfRole(str, str2);
        List<String> permissionListOfRole = this.roleDAO.getPermissionListOfRole(str, str2);
        roleManagementEventPublisherProxy.publishPostGetPermissionListOfRole(str, str2);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s get list of permissions of role of id : %s successfully.", getUser(str2), str));
        }
        return permissionListOfRole;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public RoleBasicInfo setPermissionsForRole(String str, List<String> list, String str2) throws IdentityRoleManagementException {
        RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
        roleManagementEventPublisherProxy.publishPreSetPermissionsForRole(str, list, str2);
        RoleBasicInfo permissionsForRole = this.roleDAO.setPermissionsForRole(str, list, str2);
        roleManagementEventPublisherProxy.publishPostSetPermissionsForRole(str, list, str2);
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s set list of permissions of role of id : %s successfully.", getUser(str2), str));
        }
        audit.info(String.format(auditMessage, getInitiator(str2), "Set permission for role by id", str, getAuditData(str2), "Success"));
        return permissionsForRole;
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public boolean isExistingRole(String str, String str2) throws IdentityRoleManagementException {
        return this.roleDAO.isExistingRoleID(str, str2);
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public boolean isExistingRoleName(String str, String str2) throws IdentityRoleManagementException, NotImplementedException {
        return this.roleDAO.isExistingRoleName(str, str2);
    }

    @Override // org.wso2.carbon.identity.role.mgt.core.RoleManagementService
    public Set<String> getSystemRoles() {
        return this.roleDAO.getSystemRoles();
    }

    private boolean isDomainSeparatorPresent(String str) {
        return str.contains(UserCoreConstants.DOMAIN_SEPARATOR);
    }

    private String getUser(String str) {
        String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
        return StringUtils.isNotBlank(username) ? UserCoreUtil.addTenantDomainToEntry(username, str) : "wso2.system.user";
    }

    private String getAuditData(String str) {
        return String.format("Tenant Domain : %s", str);
    }

    private String getAuditData(String str, String str2) {
        return String.format("Tenant Domain : %s, New Role Name : %s", str, str2);
    }

    private static String getInitiator(String str) {
        String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
        if (!LoggerUtils.isLogMaskingEnable) {
            return StringUtils.isNotBlank(username) ? username + "@" + str : "wso2.system.user";
        }
        if (StringUtils.isNotBlank(username) && StringUtils.isNotBlank(str)) {
            String initiatorId = IdentityUtil.getInitiatorId(username, str);
            if (StringUtils.isNotBlank(initiatorId)) {
                return initiatorId;
            }
        }
        return StringUtils.isNotBlank(username) ? LoggerUtils.getMaskedContent(username + "@" + str) : LoggerUtils.getMaskedContent("wso2.system.user");
    }
}
