package org.wso2.carbon.identity.entitlement;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.balana.AbstractPolicy;
import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.core.AbstractAdmin;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.entitlement.dto.AttributeValueDTO;
import org.wso2.carbon.identity.entitlement.dto.EntitledResultSetDTO;
import org.wso2.carbon.identity.entitlement.dto.PaginatedPolicySetDTO;
import org.wso2.carbon.identity.entitlement.dto.PolicyAttributeDTO;
import org.wso2.carbon.identity.entitlement.dto.PolicyDTO;
import org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent;
import org.wso2.carbon.identity.entitlement.pdp.EntitlementEngine;
import org.wso2.carbon.identity.entitlement.pip.AbstractPIPAttributeFinder;
import org.wso2.carbon.identity.entitlement.pip.CarbonAttributeFinder;
import org.wso2.carbon.identity.entitlement.pip.CarbonResourceFinder;
import org.wso2.carbon.identity.entitlement.pip.PIPAttributeFinder;
import org.wso2.carbon.identity.entitlement.pip.PIPResourceFinder;
import org.wso2.carbon.identity.entitlement.policy.PolicyAdmin;
import org.wso2.carbon.identity.entitlement.policy.PolicyReader;
import org.wso2.carbon.identity.entitlement.policy.PolicySearch;
import org.wso2.carbon.identity.entitlement.policy.PolicyStore;
import org.wso2.carbon.identity.entitlement.policy.PolicyStoreReader;
import org.wso2.carbon.identity.entitlement.policy.finder.RegistryBasedPolicyFinder;
import org.wso2.carbon.registry.core.exceptions.RegistryException;

/* loaded from: input_file:org/wso2/carbon/identity/entitlement/EntitlementPolicyAdminService.class */
public class EntitlementPolicyAdminService extends AbstractAdmin {
    private static Log log = LogFactory.getLog(EntitlementPolicyAdminService.class);

    public void addPolicy(PolicyDTO policyDTO) throws IdentityException {
        EntitlementEngine entitlementEngine = EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId());
        EntitlementUtil.validatePolicy(policyDTO);
        AbstractPolicy policy = PolicyReader.getInstance(null, null).getPolicy(policyDTO.getPolicy());
        if (policy == null) {
            throw new IdentityException("Invalid Entitlement Policy");
        }
        PolicyAdmin policyAdmin = new PolicyAdmin(new PolicyStore(getGovernanceUserRegistry()));
        policyDTO.setPolicyId(policy.getId().toASCIIString());
        policyDTO.setActive(policyDTO.isActive());
        if (getPolicy(policyDTO.getPolicyId()) != null) {
            throw new IdentityException("An Entitlement Policy with the given ID already exists");
        }
        policyAdmin.addOrUpdatePolicy(policyDTO);
        entitlementEngine.getRegistryModule().init(null);
        entitlementEngine.clearDecisionCache(true);
    }

    public void addPolicies(PolicyDTO[] policyDTOArr) throws IdentityException {
        if (policyDTOArr == null || policyDTOArr.length <= 0) {
            throw new IdentityException("No valid Entitlement policies provided.");
        }
        EntitlementEngine entitlementEngine = EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId());
        PolicyAdmin policyAdmin = new PolicyAdmin(new PolicyStore(getGovernanceUserRegistry()));
        for (PolicyDTO policyDTO : policyDTOArr) {
            EntitlementUtil.validatePolicy(policyDTO);
            AbstractPolicy policy = PolicyReader.getInstance(null, null).getPolicy(policyDTO.getPolicy());
            if (policy == null) {
                throw new IdentityException("Invalid Entitlement Policy");
            }
            policyDTO.setPolicyId(policy.getId().toASCIIString());
            policyDTO.setActive(policyDTO.isActive());
            if (getPolicy(policyDTO.getPolicyId()) != null) {
                throw new IdentityException("An Entitlement Policy with the given ID already exists");
            }
            policyAdmin.addOrUpdatePolicy(policyDTO);
            entitlementEngine.getRegistryModule().init(null);
            entitlementEngine.clearDecisionCache(true);
        }
    }

    public void importPolicyFromRegistry(String str) throws IdentityException {
        PolicyDTO policyDTO = new PolicyDTO();
        BufferedReader bufferedReader = null;
        InputStream inputStream = null;
        try {
            try {
                inputStream = ("conf".equals(str.substring(0, str.lastIndexOf(58))) ? getConfigSystemRegistry() : getGovernanceUserRegistry()).get(str.substring(str.lastIndexOf(58) + 1)).getContentStream();
                bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                StringBuffer stringBuffer = new StringBuffer("");
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    } else {
                        stringBuffer.append(readLine);
                    }
                }
                policyDTO.setPolicy(stringBuffer.toString().replaceAll(">\\s+<", "><"));
                addPolicy(policyDTO);
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e) {
                        log.error("Error occurs while closing inputStream", e);
                    }
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e2) {
                        log.error("Error occurs while closing inputStream", e2);
                    }
                }
            } catch (Throwable th) {
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e3) {
                        log.error("Error occurs while closing inputStream", e3);
                    }
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e4) {
                        log.error("Error occurs while closing inputStream", e4);
                    }
                }
                throw th;
            }
        } catch (RegistryException e5) {
            throw new IdentityException("Registry Error occurs while reading policy from registry");
        } catch (IOException e6) {
            throw new IdentityException("I/O Error occurs while reading policy from registry");
        }
    }

    public PaginatedPolicySetDTO getAllPolicies(String str, String str2, int i) throws IdentityException {
        ArrayList arrayList = new ArrayList();
        EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId());
        PolicyStoreReader policyStoreReader = new PolicyStoreReader(new PolicyStore(getGovernanceUserRegistry()));
        for (PolicyDTO policyDTO : policyStoreReader.readAllLightPolicyDTOs()) {
            boolean z = false;
            if (str.equals("ALL") || str.equals(policyDTO.getPolicyType())) {
                if (str2 != null && str2.trim().length() > 0) {
                    AttributeValueDTO[] policyMetaData = policyStoreReader.readMetaDataPolicyDTO(policyDTO.getPolicyId()).getPolicyMetaData();
                    int length = policyMetaData.length;
                    int i2 = 0;
                    while (true) {
                        if (i2 >= length) {
                            break;
                        }
                        if (str2.equals(policyMetaData[i2].getAttribute())) {
                            z = true;
                            break;
                        }
                        i2++;
                    }
                    if (!z && str2 != null && str2.trim().length() > 0 && policyDTO.getPolicyId().toLowerCase().indexOf(str2.toLowerCase()) == -1) {
                    }
                }
                arrayList.add(policyDTO);
            }
        }
        return doPaging(i, (PolicyDTO[]) arrayList.toArray(new PolicyDTO[arrayList.size()]));
    }

    public PolicyDTO getPolicy(String str) throws IdentityException {
        EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId());
        return new PolicyStoreReader(new PolicyStore(getGovernanceUserRegistry())).readPolicyDTO(str);
    }

    public PolicyDTO getLightPolicy(String str) throws IdentityException {
        EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId());
        return new PolicyStoreReader(new PolicyStore(getGovernanceUserRegistry())).readLightPolicyDTO(str);
    }

    public PolicyDTO getMetaDataPolicy(String str) throws IdentityException {
        EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId());
        return new PolicyStoreReader(new PolicyStore(getGovernanceUserRegistry())).readMetaDataPolicyDTO(str);
    }

    public void removePolicy(PolicyDTO policyDTO) throws IdentityException {
        EntitlementEngine entitlementEngine = EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId());
        new PolicyAdmin(new PolicyStore(getGovernanceUserRegistry())).removePolicy(policyDTO);
        entitlementEngine.getRegistryModule().init(null);
        entitlementEngine.clearDecisionCache(true);
    }

    public void updatePolicy(PolicyDTO policyDTO) throws IdentityException {
        EntitlementEngine entitlementEngine = EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId());
        EntitlementUtil.validatePolicy(policyDTO);
        PolicyAdmin policyAdmin = new PolicyAdmin(new PolicyStore(getGovernanceUserRegistry()));
        if (policyDTO.getPolicyId() == null || policyDTO.getPolicy() != null) {
            AbstractPolicy policy = PolicyReader.getInstance(null, null).getPolicy(policyDTO.getPolicy());
            if (policy == null) {
                throw new IdentityException("Invalid Entitlement Policy");
            }
            policyDTO.setPolicyId(policy.getId().toASCIIString());
            policyAdmin.addOrUpdatePolicy(policyDTO);
        } else {
            policyAdmin.addOrUpdatePolicy(policyDTO);
        }
        entitlementEngine.getRegistryModule().init(null);
        entitlementEngine.clearDecisionCache(true);
    }

    public PolicyAttributeDTO[] getPolicyAttributeValues() throws IdentityException {
        Set<PolicyAttributeDTO> policyAttributeValues = EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId()).getMetaDataFinder().getPolicyAttributeValues();
        if (policyAttributeValues != null) {
            return (PolicyAttributeDTO[]) policyAttributeValues.toArray(new PolicyAttributeDTO[policyAttributeValues.size()]);
        }
        return null;
    }

    public String[] getEntitlementPolicyDataFromRegistry(String str) throws IdentityException {
        ArrayList arrayList = new ArrayList();
        InputStream inputStream = null;
        BufferedReader bufferedReader = null;
        try {
            try {
                try {
                    inputStream = new PolicyStore(EntitlementServiceComponent.getRegistryService().getGovernanceSystemRegistry()).getEntitlementPolicyResources(str).getContentStream();
                    bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                    while (true) {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        }
                        arrayList.add(readLine.trim());
                    }
                    if (bufferedReader != null) {
                        try {
                            bufferedReader.close();
                        } catch (IOException e) {
                            log.error("Error occurs while closing inputStream", e);
                        }
                    }
                    if (inputStream != null) {
                        try {
                            inputStream.close();
                        } catch (IOException e2) {
                            log.error("Error occurs while closing inputStream", e2);
                        }
                    }
                    return (String[]) arrayList.toArray(new String[arrayList.size()]);
                } catch (RegistryException e3) {
                    throw new IdentityException("Error occurs while creating inputStream from registry resource", e3);
                }
            } catch (IdentityException e4) {
                throw new IdentityException("Error occurs while initializing PolicyStore", e4);
            } catch (IOException e5) {
                throw new IdentityException("Error occurs while reading resource content", e5);
            }
        } catch (Throwable th) {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e6) {
                    log.error("Error occurs while closing inputStream", e6);
                }
            }
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e7) {
                    log.error("Error occurs while closing inputStream", e7);
                }
            }
            throw th;
        }
    }

    public String[] getAllPolicyIds() throws IdentityException {
        ArrayList arrayList = new ArrayList();
        for (PolicyDTO policyDTO : new PolicyStoreReader(new PolicyStore(getGovernanceUserRegistry())).readAllLightPolicyDTOs()) {
            arrayList.add(policyDTO.getPolicyId());
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    public void clearDecisionCache() throws IdentityException {
        EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId()).clearDecisionCache(true);
    }

    public void clearAllAttributeCaches() throws IdentityException {
        CarbonAttributeFinder carbonAttributeFinder = EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId()).getCarbonAttributeFinder();
        if (carbonAttributeFinder == null) {
            throw new IdentityException("Can not clear all attribute caches - Carbon Attribute Finder is not initialized");
        }
        carbonAttributeFinder.clearAttributeCache();
        clearDecisionCache();
        Map<PIPAttributeFinder, Properties> designators = EntitlementServiceComponent.getEntitlementConfig().getDesignators();
        if (designators == null || designators.isEmpty()) {
            return;
        }
        Iterator<PIPAttributeFinder> it = designators.keySet().iterator();
        while (it.hasNext()) {
            it.next().clearCache();
        }
    }

    public void clearCarbonAttributeCache() throws IdentityException {
        CarbonAttributeFinder carbonAttributeFinder = EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId()).getCarbonAttributeFinder();
        if (carbonAttributeFinder == null) {
            throw new IdentityException("Can not clear attribute cache - Carbon Attribute Finder is not initialized");
        }
        carbonAttributeFinder.clearAttributeCache();
        clearDecisionCache();
        Map<PIPAttributeFinder, Properties> designators = EntitlementServiceComponent.getEntitlementConfig().getDesignators();
        if (designators == null || designators.isEmpty()) {
            return;
        }
        for (PIPAttributeFinder pIPAttributeFinder : designators.keySet()) {
            if (pIPAttributeFinder instanceof AbstractPIPAttributeFinder) {
                pIPAttributeFinder.clearCache();
            }
        }
    }

    public void clearAttributeFinderCache(String str) {
        Map<PIPAttributeFinder, Properties> designators = EntitlementServiceComponent.getEntitlementConfig().getDesignators();
        if (designators == null || designators.isEmpty()) {
            return;
        }
        for (PIPAttributeFinder pIPAttributeFinder : designators.keySet()) {
            if ((pIPAttributeFinder instanceof AbstractPIPAttributeFinder) && pIPAttributeFinder.getClass().getCanonicalName().equals(str)) {
                pIPAttributeFinder.clearCache();
                return;
            }
        }
    }

    public void clearAttributeFinderCacheByAttributes(String str, String[] strArr) {
        Map<PIPAttributeFinder, Properties> designators = EntitlementServiceComponent.getEntitlementConfig().getDesignators();
        if (designators == null || designators.isEmpty()) {
            return;
        }
        for (PIPAttributeFinder pIPAttributeFinder : designators.keySet()) {
            if (pIPAttributeFinder.getClass().getCanonicalName().equals(str)) {
                pIPAttributeFinder.clearCache(strArr);
                return;
            }
        }
    }

    public void clearAllResourceCaches() throws IdentityException {
        CarbonResourceFinder carbonResourceFinder = EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId()).getCarbonResourceFinder();
        if (carbonResourceFinder == null) {
            throw new IdentityException("Can not clear attribute cache - Carbon Attribute Finder is not initialized");
        }
        carbonResourceFinder.clearAttributeCache();
        clearDecisionCache();
    }

    public void clearCarbonResourceCache() throws IdentityException {
        CarbonResourceFinder carbonResourceFinder = EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId()).getCarbonResourceFinder();
        if (carbonResourceFinder == null) {
            throw new IdentityException("Can not clear attribute cache - Carbon Attribute Finder is not initialized");
        }
        carbonResourceFinder.clearAttributeCache();
        clearDecisionCache();
        Map<PIPResourceFinder, Properties> resourceFinders = EntitlementServiceComponent.getEntitlementConfig().getResourceFinders();
        if (resourceFinders == null || resourceFinders.isEmpty()) {
            return;
        }
        Iterator<PIPResourceFinder> it = resourceFinders.keySet().iterator();
        while (it.hasNext()) {
            it.next().clearCache();
        }
    }

    public void clearResourceFinderCache(String str) {
        Map<PIPResourceFinder, Properties> resourceFinders = EntitlementServiceComponent.getEntitlementConfig().getResourceFinders();
        if (resourceFinders == null || resourceFinders.isEmpty()) {
            return;
        }
        for (PIPResourceFinder pIPResourceFinder : resourceFinders.keySet()) {
            if (str.getClass().getCanonicalName().equals(str)) {
                pIPResourceFinder.clearCache();
                return;
            }
        }
    }

    public void refreshAttributeFinder(String str) throws IdentityException {
        Map<PIPAttributeFinder, Properties> designators = EntitlementServiceComponent.getEntitlementConfig().getDesignators();
        if (designators == null || designators.isEmpty()) {
            return;
        }
        for (Map.Entry<PIPAttributeFinder, Properties> entry : designators.entrySet()) {
            if (entry.getClass().getCanonicalName().equals(str)) {
                try {
                    entry.getKey().init(entry.getValue());
                    entry.getKey().clearCache();
                    EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId()).getCarbonAttributeFinder().init();
                    return;
                } catch (Exception e) {
                    throw new IdentityException("Error while refreshing attribute finder - " + str);
                }
            }
        }
    }

    public void setGlobalPolicyAlgorithm(String str) throws IdentityException {
        EntitlementEngine entitlementEngine = EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId());
        new PolicyStore(getGovernanceUserRegistry()).addPolicyCombiningAlgorithm(str);
        entitlementEngine.getRegistryModule().init(null);
        entitlementEngine.clearDecisionCache(true);
    }

    public String getGlobalPolicyAlgorithm() throws IdentityException {
        RegistryBasedPolicyFinder registryModule = EntitlementEngine.getInstance(getGovernanceUserRegistry(), CarbonContext.getCurrentContext().getTenantId()).getRegistryModule();
        if (registryModule != null) {
            return registryModule.getGlobalPolicyCombiningAlgorithm();
        }
        return null;
    }

    public EntitledResultSetDTO getEntitledAttributes(String str, String str2, String str3, String str4, boolean z, boolean z2) throws IdentityException {
        if (str == null) {
            throw new IdentityException("Invalid input data - either the userName or roleName should be non-null");
        }
        return new PolicySearch().getEntitledAttributes(str, str2, str3, str4, z, z2);
    }

    private PaginatedPolicySetDTO doPaging(int i, PolicyDTO[] policyDTOArr) {
        PaginatedPolicySetDTO paginatedPolicySetDTO = new PaginatedPolicySetDTO();
        if (policyDTOArr.length == 0) {
            paginatedPolicySetDTO.setPolicySet(new PolicyDTO[0]);
            return paginatedPolicySetDTO;
        }
        String firstProperty = ServerConfiguration.getInstance().getFirstProperty("ItemsPerPage");
        int i2 = 50;
        if (firstProperty != null) {
            i2 = Integer.parseInt(firstProperty);
        }
        int ceil = (int) Math.ceil(policyDTOArr.length / i2);
        if (i > ceil - 1) {
            i = ceil - 1;
        }
        int i3 = (i + 1) * i2;
        PolicyDTO[] policyDTOArr2 = new PolicyDTO[i2];
        int i4 = i * i2;
        int i5 = 0;
        while (i4 < i3 && i4 < policyDTOArr.length) {
            policyDTOArr2[i5] = policyDTOArr[i4];
            i4++;
            i5++;
        }
        paginatedPolicySetDTO.setPolicySet(policyDTOArr2);
        paginatedPolicySetDTO.setNumberOfPages(ceil);
        return paginatedPolicySetDTO;
    }
}
