package org.wso2.carbon.device.mgt.jaxrs.service.impl;

import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javassist.compiler.TokenId;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.CharEncoding;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
import org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.FilteringUtil;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import org.wso2.carbon.device.mgt.jaxrs.util.SetReferenceTransformer;
import org.wso2.carbon.user.api.AuthorizationManager;
import org.wso2.carbon.user.api.Permission;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.mgt.UserRealmProxy;
import org.wso2.carbon.user.mgt.common.UIPermissionNode;
import org.wso2.carbon.user.mgt.common.UserAdminException;

@Produces({"application/json"})
@Path(RoleManagementServiceImpl.API_BASE_PATH)
@Consumes({"application/json"})
/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.class */
public class RoleManagementServiceImpl implements RoleManagementService {
    private static final String API_BASE_PATH = "/roles";
    private static final Log log = LogFactory.getLog(RoleManagementServiceImpl.class);

    @Override // org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService
    @GET
    public Response getRoles(@QueryParam("filter") String str, @QueryParam("user-store") String str2, @HeaderParam("If-Modified-Since") String str3, @QueryParam("offset") int i, @QueryParam("limit") int i2) {
        RequestValidationUtil.validatePaginationParameters(i, i2);
        if (i2 == 0) {
            i2 = 50;
        }
        RoleList roleList = new RoleList();
        if (str2 == null || "".equals(str2)) {
            str2 = Constants.PRIMARY_USER_STORE;
        }
        try {
            roleList.setCount(getRolesFromUserStore(str, str2).size());
            roleList.setList(FilteringUtil.getFilteredList(getRolesFromUserStore(str, str2), i, i2));
            return Response.ok().entity(roleList).build();
        } catch (UserStoreException e) {
            log.error("Error occurred while retrieving roles from the underlying user stores", e);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage("Error occurred while retrieving roles from the underlying user stores").build()).build();
        }
    }

    @Override // org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService
    @GET
    @Path("/filter/{prefix}")
    public Response getFilteredRoles(@PathParam("prefix") String str, @QueryParam("filter") String str2, @QueryParam("user-store") String str3, @HeaderParam("If-Modified-Since") String str4, @QueryParam("offset") int i, @QueryParam("limit") int i2) {
        RequestValidationUtil.validatePaginationParameters(i, i2);
        RoleList roleList = new RoleList();
        if (str3 == null || "".equals(str3)) {
            str3 = Constants.PRIMARY_USER_STORE;
        }
        try {
            getRolesFromUserStore(str2, str3);
            ArrayList arrayList = new ArrayList();
            for (String str5 : FilteringUtil.getFilteredList(getRolesFromUserStore(str2, str3), i, i2)) {
                if (str5.startsWith(str)) {
                    arrayList.add(str5);
                }
            }
            roleList.setCount(arrayList.size());
            roleList.setList(arrayList);
            return Response.ok().entity(roleList).build();
        } catch (UserStoreException e) {
            log.error("Error occurred while retrieving roles from the underlying user stores", e);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage("Error occurred while retrieving roles from the underlying user stores").build()).build();
        }
    }

    @Override // org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService
    @GET
    @Path("/{roleName}/permissions")
    public Response getPermissionsOfRole(@PathParam("roleName") String str, @QueryParam("user-store") String str2, @HeaderParam("If-Modified-Since") String str3) {
        if (str2 != null && !str2.isEmpty()) {
            str = str2 + "/" + str;
        }
        RequestValidationUtil.validateRoleName(str);
        try {
            UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
            if (!userRealm.getUserStoreManager().isExistingRole(str)) {
                return Response.status(TokenId.FloatConstant).entity(new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" + str + "'").build()).build();
            }
            UIPermissionNode uIPermissionNode = getUIPermissionNode(str, userRealm);
            if (uIPermissionNode == null && log.isDebugEnabled()) {
                log.debug("No permissions found for the role '" + str + "'");
            }
            return Response.status(Response.Status.OK).entity(uIPermissionNode).build();
        } catch (UserStoreException e) {
            log.error("Error occurred while retrieving the underlying user realm attached to the current logged in user", e);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage("Error occurred while retrieving the underlying user realm attached to the current logged in user").build()).build();
        } catch (UserAdminException e2) {
            String str4 = "Error occurred while retrieving the permissions of role '" + str + "'";
            log.error(str4, e2);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage(str4).build()).build();
        }
    }

    private UIPermissionNode getAllRolePermissions(String str, UserRealm userRealm) throws UserAdminException {
        org.wso2.carbon.user.core.UserRealm userRealm2 = null;
        if (userRealm instanceof org.wso2.carbon.user.core.UserRealm) {
            userRealm2 = (org.wso2.carbon.user.core.UserRealm) userRealm;
        }
        return new UserRealmProxy(userRealm2).getRolePermissions(str, -1234);
    }

    private UIPermissionNode getUIPermissionNode(String str, UserRealm userRealm) throws UserAdminException {
        UIPermissionNode rolePermissions = new UserRealmProxy(userRealm instanceof org.wso2.carbon.user.core.UserRealm ? (org.wso2.carbon.user.core.UserRealm) userRealm : null).getRolePermissions(str, -1234);
        UIPermissionNode[] uIPermissionNodeArr = new UIPermissionNode[4];
        for (UIPermissionNode uIPermissionNode : rolePermissions.getNodeList()) {
            if (uIPermissionNode.getResourcePath().equals("/permission/admin")) {
                for (UIPermissionNode uIPermissionNode2 : uIPermissionNode.getNodeList()) {
                    if (uIPermissionNode2.getResourcePath().equals("/permission/admin/device-mgt")) {
                        uIPermissionNodeArr[0] = uIPermissionNode2;
                    } else if (uIPermissionNode2.getResourcePath().equals("/permission/admin/login")) {
                        uIPermissionNodeArr[1] = uIPermissionNode2;
                    } else if (uIPermissionNode2.getResourcePath().equals("/permission/admin/manage")) {
                        for (UIPermissionNode uIPermissionNode3 : uIPermissionNode2.getNodeList()) {
                            if (uIPermissionNode3.getResourcePath().equals("/permission/admin/manage/mobileapp")) {
                                uIPermissionNodeArr[2] = uIPermissionNode3;
                            } else if (uIPermissionNode3.getResourcePath().equals("/permission/admin/manage/webapp")) {
                                uIPermissionNodeArr[3] = uIPermissionNode3;
                            }
                        }
                    }
                }
            }
        }
        rolePermissions.setNodeList(uIPermissionNodeArr);
        return rolePermissions;
    }

    @Override // org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService
    @GET
    @Path("/{roleName}")
    public Response getRole(@PathParam("roleName") String str, @QueryParam("user-store") String str2, @HeaderParam("If-Modified-Since") String str3) {
        if (log.isDebugEnabled()) {
            log.debug("Getting the list of user roles");
        }
        if (str2 != null && !str2.isEmpty()) {
            str = str2 + "/" + str;
        }
        RequestValidationUtil.validateRoleName(str);
        RoleInfo roleInfo = new RoleInfo();
        try {
            UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
            UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
            if (!userStoreManager.isExistingRole(str)) {
                return Response.status(TokenId.FloatConstant).entity(new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" + str + "'").build()).build();
            }
            roleInfo.setRoleName(str);
            roleInfo.setUsers(userStoreManager.getUserListOfRole(str));
            UIPermissionNode uIPermissionNode = getUIPermissionNode(str, userRealm);
            ArrayList arrayList = new ArrayList();
            iteratePermissions(uIPermissionNode, arrayList);
            roleInfo.setPermissionList(uIPermissionNode);
            roleInfo.setPermissions((String[]) arrayList.toArray(new String[arrayList.size()]));
            return Response.status(Response.Status.OK).entity(roleInfo).build();
        } catch (UserStoreException | UserAdminException e) {
            String str4 = "Error occurred while retrieving the user role '" + str + "'";
            log.error(str4, e);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage(str4).build()).build();
        }
    }

    private List<String> iteratePermissions(UIPermissionNode uIPermissionNode, List<String> list) {
        for (UIPermissionNode uIPermissionNode2 : uIPermissionNode.getNodeList()) {
            list.add(uIPermissionNode2.getResourcePath());
            if (uIPermissionNode2.getNodeList() != null && uIPermissionNode2.getNodeList().length > 0) {
                iteratePermissions(uIPermissionNode2, list);
            }
        }
        return list;
    }

    private List<String> getAuthorizedPermissions(UIPermissionNode uIPermissionNode, List<String> list) {
        for (UIPermissionNode uIPermissionNode2 : uIPermissionNode.getNodeList()) {
            if (uIPermissionNode2.isSelected()) {
                list.add(uIPermissionNode2.getResourcePath());
            }
            if (uIPermissionNode2.getNodeList() != null && uIPermissionNode2.getNodeList().length > 0) {
                getAuthorizedPermissions(uIPermissionNode2, list);
            }
        }
        return list;
    }

    @Override // org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService
    @POST
    public Response addRole(RoleInfo roleInfo) {
        RequestValidationUtil.validateRoleDetails(roleInfo);
        RequestValidationUtil.validateRoleName(roleInfo.getRoleName());
        try {
            UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
            if (log.isDebugEnabled()) {
                log.debug("Persisting the role in the underlying user store");
            }
            Permission[] permissionArr = null;
            if (roleInfo.getPermissions() != null && roleInfo.getPermissions().length > 0) {
                permissionArr = new Permission[roleInfo.getPermissions().length];
                for (int i = 0; i < permissionArr.length; i++) {
                    permissionArr[i] = new Permission(roleInfo.getPermissions()[i], "ui.execute");
                }
            }
            userStoreManager.addRole(roleInfo.getRoleName(), roleInfo.getUsers(), permissionArr);
            authorizeRoleForAppmgt(roleInfo.getRoleName(), roleInfo.getPermissions());
            return Response.created(new URI("/roles/" + URLEncoder.encode(roleInfo.getRoleName(), CharEncoding.UTF_8))).entity("Role '" + roleInfo.getRoleName() + "' has successfully been added").build();
        } catch (UserStoreException e) {
            String str = "Error occurred while adding role '" + roleInfo.getRoleName() + "'";
            log.error(str, e);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage(str).build()).build();
        } catch (UnsupportedEncodingException e2) {
            log.error("Error occurred while encoding role name", e2);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage("Error occurred while encoding role name").build()).build();
        } catch (URISyntaxException e3) {
            log.error("Error occurred while composing the URI at which the information of the newly created role can be retrieved", e3);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage("Error occurred while composing the URI at which the information of the newly created role can be retrieved").build()).build();
        }
    }

    @Override // org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService
    @POST
    @Path("/create-combined-role/{roleName}")
    public Response addCombinedRole(List<String> list, @PathParam("roleName") String str, @QueryParam("user-store") String str2) {
        if (str2 != null && !str2.isEmpty()) {
            str = str2 + "/" + str;
        }
        if (list.size() < 2) {
            return Response.status(TokenId.Identifier).entity(new ErrorResponse.ErrorResponseBuilder().setMessage("Combining Roles requires at least two roles.").build()).build();
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            RequestValidationUtil.validateRoleName(it.next());
        }
        try {
            UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
            if (log.isDebugEnabled()) {
                log.debug("Persisting the role in the underlying user store");
            }
            HashSet hashSet = new HashSet();
            try {
                Iterator<String> it2 = list.iterator();
                while (it2.hasNext()) {
                    mergePermissions(new UIPermissionNode[]{getRolePermissions(it2.next())}, hashSet);
                }
                userStoreManager.addRole(str, new String[0], (Permission[]) hashSet.toArray(new Permission[hashSet.size()]));
                return Response.created(new URI("/roles/" + URLEncoder.encode(str, CharEncoding.UTF_8))).entity("Role '" + str + "' has successfully been added").build();
            } catch (IllegalArgumentException e) {
                return Response.status(TokenId.FloatConstant).entity(new ErrorResponse.ErrorResponseBuilder().setMessage(e.getMessage()).build()).build();
            }
        } catch (UnsupportedEncodingException e2) {
            log.error("Error occurred while encoding role name", e2);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage("Error occurred while encoding role name").build()).build();
        } catch (UserStoreException e3) {
            String str3 = "Error occurred while adding role '" + str + "'";
            log.error(str3, e3);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage(str3).build()).build();
        } catch (UserAdminException e4) {
            String str4 = "Error occurred while retrieving the permissions of role '" + str + "'";
            log.error(str4, e4);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage(str4).build()).build();
        } catch (URISyntaxException e5) {
            log.error("Error occurred while composing the URI at which the information of the newly created role can be retrieved", e5);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage("Error occurred while composing the URI at which the information of the newly created role can be retrieved").build()).build();
        }
    }

    @Override // org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService
    @Path("/{roleName}")
    @PUT
    public Response updateRole(@PathParam("roleName") String str, RoleInfo roleInfo, @QueryParam("user-store") String str2) {
        if (str2 != null && !str2.isEmpty()) {
            str = str2 + "/" + str;
        }
        RequestValidationUtil.validateRoleName(str);
        RequestValidationUtil.validateRoleDetails(roleInfo);
        try {
            UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
            UserStoreManager userStoreManager = userRealm.getUserStoreManager();
            if (!userStoreManager.isExistingRole(str)) {
                return Response.status(TokenId.FloatConstant).entity(new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" + str + "'").build()).build();
            }
            AuthorizationManager authorizationManager = userRealm.getAuthorizationManager();
            if (log.isDebugEnabled()) {
                log.debug("Updating the role to user store");
            }
            String roleName = roleInfo.getRoleName();
            if (roleName != null && !str.equals(roleName)) {
                userStoreManager.updateRoleName(str, roleName);
            }
            if (roleInfo.getUsers() != null) {
                SetReferenceTransformer setReferenceTransformer = new SetReferenceTransformer();
                setReferenceTransformer.transform(Arrays.asList(userStoreManager.getUserListOfRole(roleName)), Arrays.asList(roleInfo.getUsers()));
                userStoreManager.updateUserListOfRole(roleName, (String[]) setReferenceTransformer.getObjectsToRemove().toArray(new String[setReferenceTransformer.getObjectsToRemove().size()]), (String[]) setReferenceTransformer.getObjectsToAdd().toArray(new String[setReferenceTransformer.getObjectsToAdd().size()]));
            }
            if (roleInfo.getPermissions() != null) {
                UIPermissionNode allRolePermissions = getAllRolePermissions(str, userRealm);
                ArrayList arrayList = new ArrayList();
                UIPermissionNode rolePermissions = getRolePermissions(str);
                ArrayList arrayList2 = new ArrayList();
                getAuthorizedPermissions(rolePermissions, arrayList2);
                arrayList2.removeAll(new ArrayList(Arrays.asList(roleInfo.getPermissions())));
                getAuthorizedPermissions(allRolePermissions, arrayList);
                for (String str3 : roleInfo.getPermissions()) {
                    arrayList.add(str3);
                }
                arrayList.removeAll(arrayList2);
                roleInfo.setPermissions((String[]) arrayList.toArray(new String[arrayList.size()]));
                authorizationManager.clearRoleAuthorization(str);
                if (roleInfo.getPermissions().length > 0) {
                    for (int i = 0; i < roleInfo.getPermissions().length; i++) {
                        authorizationManager.authorizeRole(str, roleInfo.getPermissions()[i], "ui.execute");
                    }
                }
                authorizeRoleForAppmgt(str, roleInfo.getPermissions());
            }
            return Response.status(Response.Status.OK).entity("Role '" + roleInfo.getRoleName() + "' has successfully been updated").build();
        } catch (UserStoreException e) {
            String str4 = "Error occurred while updating role '" + str + "'";
            log.error(str4, e);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage(str4).build()).build();
        } catch (UserAdminException e2) {
            String str5 = "Error occurred while updating permissions of the role '" + str + "'";
            log.error(str5, e2);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage(str5).build()).build();
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:19:0x0090  */
    /* JADX WARN: Removed duplicated region for block: B:22:0x0096  */
    /* JADX WARN: Removed duplicated region for block: B:24:0x009c  */
    /* JADX WARN: Removed duplicated region for block: B:26:0x009f A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private boolean authorizeRoleForAppmgt(java.lang.String r6, java.lang.String[] r7) {
        /*
            Method dump skipped, instructions count: 304
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.wso2.carbon.device.mgt.jaxrs.service.impl.RoleManagementServiceImpl.authorizeRoleForAppmgt(java.lang.String, java.lang.String[]):boolean");
    }

    @Override // org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService
    @Path("/{roleName}")
    @DELETE
    public Response deleteRole(@PathParam("roleName") String str, @QueryParam("user-store") String str2) {
        if (str2 != null && !str2.isEmpty()) {
            str = str2 + "/" + str;
        }
        RequestValidationUtil.validateRoleName(str);
        try {
            UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
            UserStoreManager userStoreManager = userRealm.getUserStoreManager();
            if (!userStoreManager.isExistingRole(str)) {
                return Response.status(TokenId.FloatConstant).entity(new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" + str + "'").build()).build();
            }
            AuthorizationManager authorizationManager = userRealm.getAuthorizationManager();
            if (log.isDebugEnabled()) {
                log.debug("Deleting the role in user store");
            }
            userStoreManager.deleteRole(str);
            authorizationManager.clearRoleAuthorization(str);
            return Response.status(Response.Status.OK).build();
        } catch (UserStoreException e) {
            String str3 = "Error occurred while deleting the role '" + str + "'";
            log.error(str3, e);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage(str3).build()).build();
        }
    }

    @Override // org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService
    @Path("/{roleName}/users")
    @PUT
    public Response updateUsersOfRole(@PathParam("roleName") String str, @QueryParam("user-store") String str2, List<String> list) {
        if (str2 != null && !str2.isEmpty()) {
            str = str2 + "/" + str;
        }
        RequestValidationUtil.validateRoleName(str);
        RequestValidationUtil.validateUsers(list);
        try {
            UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
            if (log.isDebugEnabled()) {
                log.debug("Updating the users of a role");
            }
            SetReferenceTransformer setReferenceTransformer = new SetReferenceTransformer();
            setReferenceTransformer.transform(Arrays.asList(userStoreManager.getUserListOfRole(str)), list);
            userStoreManager.updateUserListOfRole(str, (String[]) setReferenceTransformer.getObjectsToRemove().toArray(new String[setReferenceTransformer.getObjectsToRemove().size()]), (String[]) setReferenceTransformer.getObjectsToAdd().toArray(new String[setReferenceTransformer.getObjectsToAdd().size()]));
            return Response.status(Response.Status.OK).entity("Role '" + str + "' has successfully been updated with the user list").build();
        } catch (UserStoreException e) {
            String str3 = "Error occurred while updating the users of the role '" + str + "'";
            log.error(str3, e);
            return Response.serverError().entity(new ErrorResponse.ErrorResponseBuilder().setMessage(str3).build()).build();
        }
    }

    private List<String> getRolesFromUserStore(String str, String str2) throws UserStoreException {
        AbstractUserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
        boolean z = (str == null || str.isEmpty()) ? false : true;
        if (log.isDebugEnabled()) {
            log.debug("Getting the list of user roles");
        }
        String[] roleNames = str2.equals("all") ? userStoreManager.getRoleNames(MediaType.MEDIA_TYPE_WILDCARD, -1, false, true, true) : userStoreManager.getRoleNames(str2 + "/*", -1, false, true, true);
        ArrayList arrayList = new ArrayList();
        for (String str3 : roleNames) {
            if (!str3.startsWith("Internal/") && !str3.startsWith("Authentication/") && !str3.startsWith("Application/")) {
                if (!z) {
                    arrayList.add(str3);
                } else if (str3.contains(str)) {
                    arrayList.add(str3);
                }
            }
        }
        return arrayList;
    }

    private Set<Permission> mergePermissions(UIPermissionNode[] uIPermissionNodeArr, Set<Permission> set) throws UserStoreException, UserAdminException {
        for (UIPermissionNode uIPermissionNode : uIPermissionNodeArr) {
            if (uIPermissionNode.getNodeList().length > 0) {
                mergePermissions(uIPermissionNode.getNodeList(), set);
            }
            if (uIPermissionNode.isSelected()) {
                set.add(new Permission(uIPermissionNode.getResourcePath(), "ui.execute"));
            }
        }
        return set;
    }

    private UIPermissionNode getRolePermissions(String str) throws UserStoreException, UserAdminException {
        UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
        if (!userRealm.getUserStoreManager().isExistingRole(str)) {
            throw new IllegalArgumentException("No role exists with the name '" + str + "'");
        }
        UIPermissionNode uIPermissionNode = getUIPermissionNode(str, userRealm);
        if (uIPermissionNode == null && log.isDebugEnabled()) {
            log.debug("No permissions found for the role '" + str + "'");
        }
        return uIPermissionNode;
    }
}
