package org.wso2.carbon.device.mgt.iot.raspberrypi.service.impl.listener;

import java.util.Hashtable;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.iot.raspberrypi.service.impl.constants.RaspberrypiConstants;
import org.wso2.carbon.user.api.AuthorizationManager;
import org.wso2.carbon.user.api.Permission;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.user.core.service.RealmService;

/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/device/mgt/iot/raspberrypi/service/impl/listener/RaspberryPIPermissionUpdateListener.class */
public class RaspberryPIPermissionUpdateListener implements ServletContextListener {
    private static Log log = LogFactory.getLog(RaspberryPIPermissionUpdateListener.class);

    public void contextInitialized(ServletContextEvent servletContextEvent) {
        UserStoreManager userStoreManager = getUserStoreManager();
        if (userStoreManager != null) {
            try {
                if (userStoreManager.isExistingRole(RaspberrypiConstants.ROLE_NAME)) {
                    getAuthorizationManager().authorizeRole(RaspberrypiConstants.ROLE_NAME, RaspberrypiConstants.PERM_ENROLL_RASPBERRYPI, "ui.execute");
                    getAuthorizationManager().authorizeRole(RaspberrypiConstants.ROLE_NAME, RaspberrypiConstants.PERM_OWNING_DEVICE_VIEW, "ui.execute");
                } else {
                    userStoreManager.addRole(RaspberrypiConstants.ROLE_NAME, (String[]) null, getPermissions());
                }
            } catch (UserStoreException e) {
                log.error("Error while creating a role and adding a user for Raspberry PI.", e);
            }
        }
    }

    public void contextDestroyed(ServletContextEvent servletContextEvent) {
    }

    public static UserStoreManager getUserStoreManager() {
        try {
            PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            RealmService realmService = (RealmService) threadLocalCarbonContext.getOSGiService(RealmService.class, (Hashtable) null);
            if (realmService == null) {
                log.error("Realm service has not initialized.");
                throw new IllegalStateException("Realm service has not initialized.");
            }
            int tenantId = threadLocalCarbonContext.getTenantId();
            UserStoreManager userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
            realmService.getTenantUserRealm(tenantId).getAuthorizationManager();
            return userStoreManager;
        } catch (UserStoreException e) {
            log.error("Error occurred while retrieving current user store manager", e);
            throw new IllegalStateException("Error occurred while retrieving current user store manager");
        }
    }

    public static AuthorizationManager getAuthorizationManager() {
        try {
            PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            RealmService realmService = (RealmService) threadLocalCarbonContext.getOSGiService(RealmService.class, (Hashtable) null);
            if (realmService != null) {
                return realmService.getTenantUserRealm(threadLocalCarbonContext.getTenantId()).getAuthorizationManager();
            }
            log.error("Realm service has not initialized.");
            throw new IllegalStateException("Realm service has not initialized.");
        } catch (UserStoreException e) {
            log.error("Error occurred while retrieving current user store manager", e);
            throw new IllegalStateException("Error occurred while retrieving current user store manager");
        }
    }

    private Permission[] getPermissions() {
        return new Permission[]{new Permission(RaspberrypiConstants.PERM_ENROLL_RASPBERRYPI, "ui.execute"), new Permission(RaspberrypiConstants.PERM_OWNING_DEVICE_VIEW, "ui.execute")};
    }
}
