package fish.payara.audit;

import com.sun.enterprise.admin.cli.ProgramOptions;
import fish.payara.nucleus.notification.NotificationService;
import fish.payara.nucleus.notification.configuration.Notifier;
import fish.payara.nucleus.notification.configuration.NotifierConfigurationType;
import fish.payara.nucleus.notification.domain.EventSource;
import fish.payara.nucleus.notification.domain.NotifierExecutionOptions;
import fish.payara.nucleus.notification.domain.NotifierExecutionOptionsFactory;
import fish.payara.nucleus.notification.domain.NotifierExecutionOptionsFactoryStore;
import fish.payara.nucleus.notification.log.LogNotifierExecutionOptions;
import fish.payara.nucleus.notification.service.NotificationEventFactoryStore;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.security.auth.Subject;
import org.glassfish.api.admin.ParameterMap;
import org.glassfish.hk2.runlevel.RunLevel;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.config.ConfigSupport;

@Service(name = "asadmin-audit")
@RunLevel(10)
/* loaded from: input_file:fish/payara/audit/AdminAuditService.class */
public class AdminAuditService {
    private static final String AUDIT_MESSAGE = "AUDIT";
    private static final List<String> ACCESSOR_COMMAND_START = Arrays.asList("_", "get", "list", ProgramOptions.HELP, "version");
    private boolean enabled;
    private AuditLevel auditLevel = AuditLevel.MODIFIERS;

    @Inject
    NotificationService notificationSevice;

    @Inject
    private NotificationEventFactoryStore eventFactoryStore;

    @Inject
    private NotifierExecutionOptionsFactoryStore executionOptionsFactoryStore;

    @Inject
    AdminAuditConfiguration configuration;
    private List<NotifierExecutionOptions> notifierExecutionOptionsList;

    @PostConstruct
    public void postConstruct() {
        this.enabled = Boolean.valueOf(this.configuration.getEnabled()).booleanValue();
        this.auditLevel = AuditLevel.valueOf(this.configuration.getAuditLevel());
        if (this.enabled) {
            bootstrapNotifierList();
        }
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    public void setEnabled(Boolean bool) {
        if (!this.enabled && bool.booleanValue()) {
            Logger.getLogger("fish.payara.audit").log(Level.INFO, "Admin Audit Service Started");
            bootstrapNotifierList();
        }
        this.enabled = bool.booleanValue();
    }

    public AuditLevel getAuditLevel() {
        return this.auditLevel;
    }

    public void setAuditLevel(AuditLevel auditLevel) {
        this.auditLevel = auditLevel;
    }

    public synchronized void bootstrapNotifierList() {
        this.notifierExecutionOptionsList = new ArrayList();
        if (this.configuration.getNotifierList() != null) {
            for (Notifier notifier : this.configuration.getNotifierList()) {
                NotifierExecutionOptionsFactory<Notifier> notifierExecutionOptionsFactory = this.executionOptionsFactoryStore.get(((NotifierConfigurationType) ConfigSupport.getImpl(notifier).getProxyType().getAnnotation(NotifierConfigurationType.class)).type());
                if (notifierExecutionOptionsFactory != null) {
                    this.notifierExecutionOptionsList.add(notifierExecutionOptionsFactory.build(notifier));
                }
            }
        }
        if (this.notifierExecutionOptionsList.isEmpty()) {
            LogNotifierExecutionOptions logNotifierExecutionOptions = new LogNotifierExecutionOptions();
            logNotifierExecutionOptions.setEnabled(true);
            this.notifierExecutionOptionsList.add(logNotifierExecutionOptions);
        }
    }

    public List<NotifierExecutionOptions> getNotifierExecutionOptionsList() {
        return this.notifierExecutionOptionsList;
    }

    public void recordAsadminCommand(String str, ParameterMap parameterMap, Subject subject) {
        if (this.enabled && this.notifierExecutionOptionsList != null && checkAuditLevel(str)) {
            String name = subject.getPrincipals().iterator().next().getName();
            for (NotifierExecutionOptions notifierExecutionOptions : this.notifierExecutionOptionsList) {
                if (notifierExecutionOptions.isEnabled()) {
                    this.notificationSevice.notify(EventSource.AUDIT, this.eventFactoryStore.get(notifierExecutionOptions.getNotifierType()).buildNotificationEvent(Level.WARNING, AUDIT_MESSAGE, name + " issued command " + str + " with parameters " + parameterMap.toString(), null));
                }
            }
        }
    }

    private boolean checkAuditLevel(String str) {
        switch (this.auditLevel) {
            case INTERNAL:
                return true;
            case ACCESSORS:
                return !str.startsWith("_");
            default:
                Iterator<String> it = ACCESSOR_COMMAND_START.iterator();
                while (it.hasNext()) {
                    if (str.startsWith(it.next())) {
                        return false;
                    }
                }
                return true;
        }
    }
}
