package org.wso2.carbon.status.dashboard.core.internal.services;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.osgi.framework.BundleContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.analytics.idp.client.core.api.IdPClient;
import org.wso2.carbon.analytics.idp.client.core.exception.IdPClientException;
import org.wso2.carbon.analytics.permissions.PermissionManager;
import org.wso2.carbon.analytics.permissions.PermissionProvider;
import org.wso2.carbon.analytics.permissions.bean.Permission;
import org.wso2.carbon.analytics.permissions.bean.Role;
import org.wso2.carbon.status.dashboard.core.exception.UnauthorizedException;
import org.wso2.carbon.status.dashboard.core.impl.utils.Constants;
import org.wso2.carbon.status.dashboard.core.internal.MonitoringDataHolder;
import org.wso2.carbon.status.dashboard.core.internal.roles.provider.RolesProvider;

@Component(name = "org.wso2.carbon.status.dashboard.core.internal.services.PermissionGrantServiceComponent", service = {PermissionGrantServiceComponent.class}, immediate = true)
/* loaded from: input_file:org/wso2/carbon/status/dashboard/core/internal/services/PermissionGrantServiceComponent.class */
public class PermissionGrantServiceComponent {
    private static final Logger logger = LoggerFactory.getLogger(PermissionGrantServiceComponent.class);
    private PermissionProvider permissionProvider;
    private IdPClient identityClient;

    @Activate
    protected void start(BundleContext bundleContext) {
        if (logger.isDebugEnabled()) {
            logger.debug("Status dashboard permission grant service component is activated.");
        }
        try {
            MonitoringDataHolder.getInstance().setRolesProvider(new RolesProvider(MonitoringDataHolder.getInstance().getStatusDashboardDeploymentConfigs()));
            initPermission();
        } catch (IdPClientException e) {
            logger.error("error in getting admin.", e);
        } catch (UnauthorizedException e2) {
            logger.error("Authorization error.", e2);
        }
    }

    @Deactivate
    protected void stop() throws Exception {
        if (logger.isDebugEnabled()) {
            logger.debug("Status dashboard permission grant service component is deactivated.");
        }
    }

    private void initPermission() throws UnauthorizedException, IdPClientException {
        for (Permission permission : getAllPermission()) {
            if (!this.permissionProvider.isPermissionExists(permission)) {
                this.permissionProvider.addPermission(permission);
            }
        }
        List<Role> sysAdminRolesList = MonitoringDataHolder.getInstance().getRolesProvider().getSysAdminRolesList(this.identityClient);
        if (sysAdminRolesList.isEmpty()) {
            Iterator<Permission> it = buildDashboardAdminPermissions(Constants.PERMISSION_APP_NAME).iterator();
            while (it.hasNext()) {
                this.permissionProvider.grantPermission(it.next(), new Role(this.identityClient.getAdminRole().getId(), this.identityClient.getAdminRole().getDisplayName()));
            }
        } else {
            for (Permission permission2 : buildDashboardAdminPermissions(Constants.PERMISSION_APP_NAME)) {
                Iterator<Role> it2 = sysAdminRolesList.iterator();
                while (it2.hasNext()) {
                    this.permissionProvider.grantPermission(permission2, it2.next());
                }
            }
        }
        List<Role> developerRolesList = MonitoringDataHolder.getInstance().getRolesProvider().getDeveloperRolesList(this.identityClient);
        if (!developerRolesList.isEmpty()) {
            for (Permission permission3 : buildDashboardDevPermissions(Constants.PERMISSION_APP_NAME)) {
                Iterator<Role> it3 = developerRolesList.iterator();
                while (it3.hasNext()) {
                    this.permissionProvider.grantPermission(permission3, it3.next());
                }
            }
        }
        List<Role> viewerRolesList = MonitoringDataHolder.getInstance().getRolesProvider().getViewerRolesList(this.identityClient);
        if (viewerRolesList.isEmpty()) {
            return;
        }
        for (Permission permission4 : buildDashboardViewPermissions(Constants.PERMISSION_APP_NAME)) {
            Iterator<Role> it4 = viewerRolesList.iterator();
            while (it4.hasNext()) {
                this.permissionProvider.grantPermission(permission4, it4.next());
            }
        }
    }

    private List<Permission> getAllPermission() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new Permission(Constants.PERMISSION_APP_NAME, "MON.metrics.manager"));
        arrayList.add(new Permission(Constants.PERMISSION_APP_NAME, "MON.manager"));
        arrayList.add(new Permission(Constants.PERMISSION_APP_NAME, "MON.viewer"));
        return arrayList;
    }

    private List<Permission> buildDashboardAdminPermissions(String str) {
        return getAllPermission();
    }

    private List<Permission> buildDashboardDevPermissions(String str) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new Permission(Constants.PERMISSION_APP_NAME, str + Constants.PERMISSION_SUFFIX_MANAGER));
        arrayList.add(new Permission(Constants.PERMISSION_APP_NAME, str + Constants.PERMISSION_SUFFIX_VIEWER));
        return arrayList;
    }

    private List<Permission> buildDashboardViewPermissions(String str) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new Permission(Constants.PERMISSION_APP_NAME, str + Constants.PERMISSION_SUFFIX_VIEWER));
        return arrayList;
    }

    @Reference(name = "org.wso2.carbon.analytics.idp.client.core.api.IdPClient", service = IdPClient.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, unbind = "unsetIdP")
    protected void setIdP(IdPClient idPClient) {
        this.identityClient = idPClient;
    }

    protected void unsetIdP(IdPClient idPClient) {
        this.identityClient = null;
    }

    @Reference(name = "permission-manager", service = PermissionManager.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, unbind = "unsetPermissionManager")
    protected void setPermissionManager(PermissionManager permissionManager) {
        this.permissionProvider = permissionManager.getProvider();
        MonitoringDataHolder.getInstance().setPermissionProvider(this.permissionProvider);
    }

    protected void unsetPermissionManager(PermissionManager permissionManager) {
        this.permissionProvider = null;
        MonitoringDataHolder.getInstance().setPermissionProvider(null);
    }

    @Reference(name = "org.wso2.carbon.status.dashboard.core.internal.services.DashboardInitConfigComponent", service = DashboardInitConfigComponent.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, unbind = "unregisterDashboardInitConfigComponent")
    public void regiterDashboardInitConfigComponent(DashboardInitConfigComponent dashboardInitConfigComponent) {
        if (logger.isDebugEnabled()) {
            logger.debug("@Reference(bind) DashboardInitConfigComponent");
        }
    }

    public void unregisterDashboardInitConfigComponent(DashboardInitConfigComponent dashboardInitConfigComponent) {
        if (logger.isDebugEnabled()) {
            logger.debug("@Reference(unbind) DashboardInitConfigComponent");
        }
    }
}
