package org.wso2.carbon.identity.application.mgt.listener;

import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.identity.api.resource.mgt.APIResourceMgtException;
import org.wso2.carbon.identity.application.mgt.ApplicationConstants;
import org.wso2.carbon.identity.application.mgt.ApplicationMgtUtil;
import org.wso2.carbon.identity.application.mgt.internal.ApplicationManagementServiceComponentHolder;
import org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementException;
import org.wso2.carbon.identity.role.v2.mgt.core.listener.AbstractRoleManagementListener;
import org.wso2.carbon.identity.role.v2.mgt.core.model.Permission;
import org.wso2.carbon.identity.role.v2.mgt.core.model.Role;
import org.wso2.carbon.identity.role.v2.mgt.core.model.RoleBasicInfo;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;

/* loaded from: input_file:org/wso2/carbon/identity/application/mgt/listener/AdminRoleListener.class */
public class AdminRoleListener extends AbstractRoleManagementListener {
    public int getExecutionOrderId() {
        return 2;
    }

    public int getDefaultOrderId() {
        return 2;
    }

    public boolean isEnable() {
        return true;
    }

    public void postGetRole(Role role, String str, String str2) throws IdentityRoleManagementException {
        if (isAdminRole(str, str2)) {
            try {
                role.setPermissions((List) ApplicationManagementServiceComponentHolder.getInstance().getAPIResourceManager().getSystemAPIScopes(str2).stream().map(scope -> {
                    return new Permission(scope.getName(), scope.getDisplayName(), scope.getApiID());
                }).collect(Collectors.toList()));
            } catch (APIResourceMgtException e) {
                throw new IdentityRoleManagementException("Error while retrieving internal scopes for tenant domain : " + str2, e);
            }
        }
    }

    public void postGetPermissionListOfRole(List<Permission> list, String str, String str2) throws IdentityRoleManagementException {
        if (isAdminRole(str, str2)) {
            try {
                list.addAll((List) ApplicationManagementServiceComponentHolder.getInstance().getAPIResourceManager().getSystemAPIScopes(str2).stream().map(scope -> {
                    return new Permission(scope.getName(), scope.getDisplayName());
                }).collect(Collectors.toList()));
            } catch (APIResourceMgtException e) {
                throw new IdentityRoleManagementException("Error while retrieving internal scopes for tenant domain : " + str2, e);
            }
        }
    }

    public void postGetPermissionListOfRoles(List<String> list, List<String> list2, String str) throws IdentityRoleManagementException {
        boolean z = false;
        Iterator<String> it = list2.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            } else if (isAdminRole(it.next(), str)) {
                z = true;
                break;
            }
        }
        if (z) {
            try {
                list.addAll((Collection) ApplicationManagementServiceComponentHolder.getInstance().getAPIResourceManager().getSystemAPIScopes(str).stream().map((v0) -> {
                    return v0.getName();
                }).collect(Collectors.toList()));
            } catch (APIResourceMgtException e) {
                throw new IdentityRoleManagementException("Error while retrieving internal scopes for tenant domain : " + str, e);
            }
        }
    }

    private static String getOrgAdminRoleName() throws IdentityRoleManagementException {
        UserRealm userRealm = CarbonContext.getThreadLocalCarbonContext().getUserRealm();
        if (userRealm == null) {
            throw new IdentityRoleManagementException("Error while retrieving user realm");
        }
        try {
            String adminRoleName = userRealm.getRealmConfiguration().getAdminRoleName();
            if (StringUtils.isBlank(adminRoleName)) {
                throw new IdentityRoleManagementException("Admin role name not found");
            }
            if (adminRoleName.contains(ApplicationMgtUtil.PATH_CONSTANT)) {
                adminRoleName = adminRoleName.split(ApplicationMgtUtil.PATH_CONSTANT)[1];
            }
            return adminRoleName;
        } catch (UserStoreException e) {
            throw new IdentityRoleManagementException("Error while retrieving admin role name");
        }
    }

    private boolean isAdminRole(String str, String str2) throws IdentityRoleManagementException {
        RoleBasicInfo roleBasicInfoById = ApplicationManagementServiceComponentHolder.getInstance().getRoleManagementServiceV2().getRoleBasicInfoById(str, str2);
        if (StringUtils.equals(getOrgAdminRoleName(), roleBasicInfoById.getName())) {
            return roleBasicInfoById.getAudience().equals("organization");
        }
        if ("Administrator".equals(roleBasicInfoById.getName())) {
            return roleBasicInfoById.getAudienceName().equals(ApplicationConstants.CONSOLE_APPLICATION_NAME);
        }
        return false;
    }
}
