package org.wso2.carbon.identity.application.mgt.listener;

import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.identity.api.resource.mgt.APIResourceMgtException;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.mgt.ApplicationConstants;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.application.mgt.internal.ApplicationManagementServiceComponentHolder;
import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException;
import org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementService;
import org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementException;
import org.wso2.carbon.identity.role.v2.mgt.core.listener.AbstractRoleManagementListener;
import org.wso2.carbon.identity.role.v2.mgt.core.model.Permission;
import org.wso2.carbon.identity.role.v2.mgt.core.model.Role;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/application/mgt/listener/AdminRoleListener.class */
public class AdminRoleListener extends AbstractRoleManagementListener {
    public int getExecutionOrderId() {
        return 2;
    }

    public int getDefaultOrderId() {
        return 2;
    }

    public boolean isEnable() {
        return true;
    }

    public void postGetRole(Role role, String str, String str2) throws IdentityRoleManagementException {
        String consoleAdministratorRoleId = getConsoleAdministratorRoleId(str2);
        String orgAdminRoleId = getOrgAdminRoleId(str2);
        if (str.equals(consoleAdministratorRoleId) || str.equals(orgAdminRoleId)) {
            try {
                role.setPermissions((List) ApplicationManagementServiceComponentHolder.getInstance().getAPIResourceManager().getSystemAPIScopes(str2).stream().map(scope -> {
                    return new Permission(scope.getName(), scope.getDisplayName(), scope.getApiID());
                }).collect(Collectors.toList()));
            } catch (APIResourceMgtException e) {
                throw new IdentityRoleManagementException("Error while retrieving internal scopes for tenant domain : " + str2, e);
            }
        }
    }

    public void postGetPermissionListOfRole(List<Permission> list, String str, String str2) throws IdentityRoleManagementException {
        String consoleAdministratorRoleId = getConsoleAdministratorRoleId(ApplicationManagementServiceComponentHolder.getInstance().getRoleManagementServiceV2(), str2);
        String orgAdminRoleId = getOrgAdminRoleId(str2);
        if (str.equals(consoleAdministratorRoleId) || str.equals(orgAdminRoleId)) {
            try {
                list.addAll((List) ApplicationManagementServiceComponentHolder.getInstance().getAPIResourceManager().getSystemAPIScopes(str2).stream().map(scope -> {
                    return new Permission(scope.getName(), scope.getDisplayName());
                }).collect(Collectors.toList()));
            } catch (APIResourceMgtException e) {
                throw new IdentityRoleManagementException("Error while retrieving internal scopes for tenant domain : " + str2, e);
            }
        }
    }

    public void postGetPermissionListOfRoles(List<String> list, List<String> list2, String str) throws IdentityRoleManagementException {
        String consoleAdministratorRoleId = getConsoleAdministratorRoleId(ApplicationManagementServiceComponentHolder.getInstance().getRoleManagementServiceV2(), str);
        String orgAdminRoleId = getOrgAdminRoleId(str);
        if (list2.contains(consoleAdministratorRoleId) || list2.contains(orgAdminRoleId)) {
            try {
                list.addAll((Collection) ApplicationManagementServiceComponentHolder.getInstance().getAPIResourceManager().getSystemAPIScopes(str).stream().map((v0) -> {
                    return v0.getName();
                }).collect(Collectors.toList()));
            } catch (APIResourceMgtException e) {
                throw new IdentityRoleManagementException("Error while retrieving internal scopes for tenant domain : " + str, e);
            }
        }
    }

    private String getConsoleAdministratorRoleId(String str) throws IdentityRoleManagementException {
        return getConsoleAdministratorRoleId(ApplicationManagementServiceComponentHolder.getInstance().getRoleManagementServiceV2(), str);
    }

    private String getConsoleAdministratorRoleId(RoleManagementService roleManagementService, String str) throws IdentityRoleManagementException {
        try {
            return roleManagementService.getRoleIdByName("Administrator", "application", ApplicationManagementService.getInstance().getApplicationResourceIDByInboundKey(ApplicationConstants.CONSOLE_APPLICATION_CLIENT_ID, "oauth2", str), str);
        } catch (IdentityRoleManagementException e) {
            if (e.getMessage().contains("Administrator") && e.getMessage().contains("A role doesn't exist")) {
                return null;
            }
            throw new IdentityRoleManagementException("Error while retrieving role id for console Administrator role in tenant domain : " + str, e);
        } catch (IdentityApplicationManagementException e2) {
            throw new IdentityRoleManagementException("Error while retrieving Console application for tenant domain : " + str, e2);
        }
    }

    private String getOrgAdminRoleId(String str) throws IdentityRoleManagementException {
        try {
            String resolveOrganizationId = ApplicationManagementServiceComponentHolder.getInstance().getOrganizationManager().resolveOrganizationId(str);
            if (StringUtils.isBlank(resolveOrganizationId)) {
                throw new IdentityRoleManagementException("Error while retrieving organization id from tenant domain : " + str);
            }
            UserRealm userRealm = CarbonContext.getThreadLocalCarbonContext().getUserRealm();
            if (userRealm == null) {
                throw new IdentityRoleManagementException("Error while retrieving user realm");
            }
            String adminRoleName = userRealm.getRealmConfiguration().getAdminRoleName();
            if (StringUtils.isBlank(adminRoleName)) {
                throw new IdentityRoleManagementException("Admin role name not found");
            }
            return ApplicationManagementServiceComponentHolder.getInstance().getRoleManagementServiceV2().getRoleIdByName(UserCoreUtil.removeDomainFromName(adminRoleName), "organization", resolveOrganizationId, str);
        } catch (OrganizationManagementException e) {
            throw new IdentityRoleManagementException("Error while retrieving organization id from tenant domain : " + str, e);
        } catch (UserStoreException e2) {
            throw new IdentityRoleManagementException("Error while retrieving admin role name");
        } catch (IdentityRoleManagementException e3) {
            throw new IdentityRoleManagementException("Error while retrieving role id for admin role in tenant domain : " + str, e3);
        }
    }
}
