package org.sonatype.security.realms.privileges.application;

import java.util.ArrayList;
import java.util.List;
import javax.enterprise.inject.Typed;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.apache.tika.metadata.Metadata;
import org.codehaus.plexus.util.StringUtils;
import org.sonatype.configuration.validation.ValidationMessage;
import org.sonatype.configuration.validation.ValidationResponse;
import org.sonatype.security.model.CPrivilege;
import org.sonatype.security.model.CProperty;
import org.sonatype.security.realms.privileges.AbstractPrivilegeDescriptor;
import org.sonatype.security.realms.privileges.PrivilegeDescriptor;
import org.sonatype.security.realms.privileges.PrivilegePropertyDescriptor;
import org.sonatype.security.realms.validator.SecurityValidationContext;

@Singleton
@Typed({PrivilegeDescriptor.class})
@Named("ApplicationPrivilegeDescriptor")
/* loaded from: input_file:WEB-INF/lib/nexus-security-realms-2.14.10-01.jar:org/sonatype/security/realms/privileges/application/ApplicationPrivilegeDescriptor.class */
public class ApplicationPrivilegeDescriptor extends AbstractPrivilegeDescriptor implements PrivilegeDescriptor {
    public static final String TYPE = "method";
    private final PrivilegePropertyDescriptor methodProperty;
    private final PrivilegePropertyDescriptor permissionProperty;

    @Inject
    public ApplicationPrivilegeDescriptor(@Named("ApplicationPrivilegeMethodPropertyDescriptor") PrivilegePropertyDescriptor privilegePropertyDescriptor, @Named("ApplicationPrivilegePermissionPropertyDescriptor") PrivilegePropertyDescriptor privilegePropertyDescriptor2) {
        this.methodProperty = privilegePropertyDescriptor;
        this.permissionProperty = privilegePropertyDescriptor2;
    }

    @Override // org.sonatype.security.realms.privileges.PrivilegeDescriptor
    public String getName() {
        return "Application";
    }

    @Override // org.sonatype.security.realms.privileges.PrivilegeDescriptor
    public String getType() {
        return "method";
    }

    @Override // org.sonatype.security.realms.privileges.PrivilegeDescriptor
    public List<PrivilegePropertyDescriptor> getPropertyDescriptors() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.methodProperty);
        arrayList.add(this.permissionProperty);
        return arrayList;
    }

    @Override // org.sonatype.security.realms.privileges.PrivilegeDescriptor
    public String buildPermission(CPrivilege cPrivilege) {
        if (!"method".equals(cPrivilege.getType())) {
            return null;
        }
        String property = getProperty(cPrivilege, ApplicationPrivilegePermissionPropertyDescriptor.ID);
        String property2 = getProperty(cPrivilege, "method");
        if (StringUtils.isEmpty(property)) {
            property = "*:*";
        }
        if (StringUtils.isEmpty(property2)) {
            property2 = "*";
        }
        return property + Metadata.NAMESPACE_PREFIX_DELIMITER + property2;
    }

    @Override // org.sonatype.security.realms.privileges.AbstractPrivilegeDescriptor, org.sonatype.security.realms.privileges.PrivilegeDescriptor
    public ValidationResponse validatePrivilege(CPrivilege cPrivilege, SecurityValidationContext securityValidationContext, boolean z) {
        ValidationResponse validatePrivilege = super.validatePrivilege(cPrivilege, securityValidationContext, z);
        if (!"method".equals(cPrivilege.getType())) {
            return validatePrivilege;
        }
        String str = null;
        String str2 = null;
        for (CProperty cProperty : cPrivilege.getProperties()) {
            if (cProperty.getKey().equals("method")) {
                str = cProperty.getValue();
            } else if (cProperty.getKey().equals(ApplicationPrivilegePermissionPropertyDescriptor.ID)) {
                str2 = cProperty.getValue();
            }
        }
        if (StringUtils.isEmpty(str2)) {
            validatePrivilege.addValidationError("Permission cannot be empty on a privilege!");
        }
        if (StringUtils.isEmpty(str)) {
            validatePrivilege.addValidationError("Method cannot be empty on a privilege!");
        } else {
            boolean z2 = true;
            String[] split = str.contains(",") ? str.split(",") : new String[]{str};
            int length = split.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str3 = split[i];
                if (!org.sonatype.security.legacy.model.v1_0_0.CPrivilege.METHOD_CREATE.equals(str3) && !org.sonatype.security.legacy.model.v1_0_0.CPrivilege.METHOD_DELETE.equals(str3) && !org.sonatype.security.legacy.model.v1_0_0.CPrivilege.METHOD_READ.equals(str3) && !org.sonatype.security.legacy.model.v1_0_0.CPrivilege.METHOD_UPDATE.equals(str3) && !"*".equals(str3)) {
                    z2 = false;
                    break;
                }
                i++;
            }
            if (!z2) {
                validatePrivilege.addValidationError(new ValidationMessage("method", "Privilege ID '" + cPrivilege.getId() + "' Method is wrong! (Allowed methods are: create, delete, read and update)", "Invalid method selected."));
            }
        }
        return validatePrivilege;
    }
}
