package org.wso2.carbon.device.mgt.iot.androidsense.service.impl.listener;

import java.util.Hashtable;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.iot.androidsense.service.impl.constants.AndroidSenseConstants;
import org.wso2.carbon.user.api.AuthorizationManager;
import org.wso2.carbon.user.api.Permission;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.user.core.service.RealmService;

/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/device/mgt/iot/androidsense/service/impl/listener/AndroidSensePermissionUpdateListener.class */
public class AndroidSensePermissionUpdateListener implements ServletContextListener {
    private static Log log = LogFactory.getLog(AndroidSensePermissionUpdateListener.class);
    private static PrivilegedCarbonContext threadLocalCarbonContext;
    private static RealmService realmService;

    public void contextInitialized(ServletContextEvent servletContextEvent) {
        threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
        realmService = (RealmService) threadLocalCarbonContext.getOSGiService(RealmService.class, (Hashtable) null);
        UserStoreManager userStoreManager = getUserStoreManager();
        if (userStoreManager != null) {
            try {
                if (userStoreManager.isExistingRole(AndroidSenseConstants.ROLE_NAME)) {
                    getAuthorizationManager().authorizeRole(AndroidSenseConstants.ROLE_NAME, AndroidSenseConstants.PERM_ENROLL_ANDROID_SENSE, "ui.execute");
                    getAuthorizationManager().authorizeRole(AndroidSenseConstants.ROLE_NAME, AndroidSenseConstants.PERM_OWNING_DEVICE_VIEW, "ui.execute");
                } else {
                    userStoreManager.addRole(AndroidSenseConstants.ROLE_NAME, (String[]) null, getPermissions());
                }
            } catch (UserStoreException e) {
                log.error("Error while creating a role and adding a user for Android Sense.", e);
            }
        }
    }

    public void contextDestroyed(ServletContextEvent servletContextEvent) {
    }

    private UserStoreManager getUserStoreManager() {
        try {
            if (realmService == null) {
                throw new IllegalStateException("Realm service has not initialized.");
            }
            int tenantId = threadLocalCarbonContext.getTenantId();
            UserStoreManager userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
            realmService.getTenantUserRealm(tenantId).getAuthorizationManager();
            return userStoreManager;
        } catch (UserStoreException e) {
            throw new IllegalStateException("Error occurred while retrieving current user store manager");
        }
    }

    private AuthorizationManager getAuthorizationManager() {
        try {
            if (realmService == null) {
                throw new IllegalStateException("Realm service has not initialized.");
            }
            return realmService.getTenantUserRealm(threadLocalCarbonContext.getTenantId()).getAuthorizationManager();
        } catch (UserStoreException e) {
            throw new IllegalStateException("Error occurred while retrieving current user store manager");
        }
    }

    private Permission[] getPermissions() {
        return new Permission[]{new Permission(AndroidSenseConstants.PERM_ENROLL_ANDROID_SENSE, "ui.execute"), new Permission(AndroidSenseConstants.PERM_OWNING_DEVICE_VIEW, "ui.execute")};
    }
}
