package org.glassfish.connectors.admin.cli;

import com.fasterxml.jackson.core.util.MinimalPrettyPrinter;
import com.sun.enterprise.config.serverbeans.Domain;
import com.sun.enterprise.util.LocalStringManagerImpl;
import java.beans.PropertyVetoException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.inject.Inject;
import org.glassfish.api.ActionReport;
import org.glassfish.api.I18n;
import org.glassfish.api.Param;
import org.glassfish.api.admin.AdminCommand;
import org.glassfish.api.admin.AdminCommandContext;
import org.glassfish.api.admin.RestEndpoint;
import org.glassfish.api.admin.RestEndpoints;
import org.glassfish.api.admin.RestParam;
import org.glassfish.connectors.config.GroupMap;
import org.glassfish.connectors.config.PrincipalMap;
import org.glassfish.connectors.config.WorkSecurityMap;
import org.glassfish.hk2.api.PerLookup;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.config.ConfigSupport;
import org.jvnet.hk2.config.SingleConfigCode;
import org.jvnet.hk2.config.TransactionFailure;

@Service(name = "update-connector-work-security-map")
@I18n("update.connector.work.security.map")
@PerLookup
@RestEndpoints({@RestEndpoint(configBean = WorkSecurityMap.class, opType = RestEndpoint.OpType.POST, path = "update-connector-work-security-map", description = "Update", params = {@RestParam(name = "id", value = "$parent")})})
/* loaded from: input_file:MICRO-INF/runtime/connectors-admin.jar:org/glassfish/connectors/admin/cli/UpdateConnectorWorkSecurityMap.class */
public class UpdateConnectorWorkSecurityMap implements AdminCommand {
    private static final LocalStringManagerImpl localStrings = new LocalStringManagerImpl(UpdateConnectorSecurityMap.class);

    @Param(name = "raname")
    String raName;

    @Param(name = "addprincipals", optional = true)
    Properties addPrincipals;

    @Param(name = "addgroups", optional = true)
    Properties addGroups;

    @Param(name = "removeprincipals", optional = true)
    List<String> removePrincipals;

    @Param(name = "removegroups", optional = true)
    List<String> removeGroups;

    @Param(name = "mapname", primary = true)
    String securityMapName;

    @Inject
    Domain domain;

    @Override // org.glassfish.api.admin.AdminCommand
    public void execute(AdminCommandContext adminCommandContext) {
        ActionReport actionReport = adminCommandContext.getActionReport();
        if (this.addPrincipals == null && this.addGroups == null && this.removeGroups == null && this.removePrincipals == null) {
            actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.noargs", "update-connector-work-security-map should be executed with atleast one optional argument of either add(principals/usergroups) or remove(principals/usergroups)"));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        if (!WorkSecurityMapHelper.doesResourceAdapterNameExist(this.raName, this.domain.getResources())) {
            actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.noSuchRAFound", "Resource Adapter {0} does not exist. Please specify a resource adapter name.", this.raName));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        if (!WorkSecurityMapHelper.doesMapNameExist(this.raName, this.securityMapName, this.domain.getResources())) {
            actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.mapNotExist", "WorkSecurity map {0} does not exist for resource adapter {1}. Please give a valid map name.", this.securityMapName, this.raName));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        if (this.addPrincipals != null && this.removePrincipals != null) {
            Iterator it = this.addPrincipals.entrySet().iterator();
            while (it.hasNext()) {
                String obj = ((Map.Entry) it.next()).getKey().toString();
                Iterator<String> it2 = this.removePrincipals.iterator();
                while (it2.hasNext()) {
                    if (it2.next().equals(obj)) {
                        actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.samePrincipalValues", "This value {0} is given in both --addprincipals and --removeprincipals. The same value cannot given for these options.", obj));
                        actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                        return;
                    }
                }
            }
        }
        if (this.addGroups != null && this.removeGroups != null) {
            Iterator it3 = this.addGroups.entrySet().iterator();
            while (it3.hasNext()) {
                String obj2 = ((Map.Entry) it3.next()).getKey().toString();
                Iterator<String> it4 = this.removeGroups.iterator();
                while (it4.hasNext()) {
                    if (it4.next().equals(obj2)) {
                        actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.sameUsergroupValues", "This value {0} is given in both --addusergroups and --removeusergroups. The same value cannot given for these options.", obj2));
                        actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                        return;
                    }
                }
            }
        }
        WorkSecurityMap securityMap = WorkSecurityMapHelper.getSecurityMap(this.securityMapName, this.raName, this.domain.getResources());
        final ArrayList arrayList = new ArrayList(securityMap.getPrincipalMap());
        final ArrayList arrayList2 = new ArrayList(securityMap.getGroupMap());
        if (arrayList.isEmpty() && this.addPrincipals != null) {
            actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.addPrincipalToExistingUserGroupsWorkSecurityMap", "Failed to add principals to a security map with user groups."));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        if (arrayList2.isEmpty() && this.addGroups != null) {
            actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.addUserGroupsToExistingPrincipalsWorkSecurityMap", "Failed to add user groups to a security map with principals."));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        if (this.addPrincipals == null && this.addGroups == null) {
            boolean z = false;
            boolean z2 = false;
            if (this.removePrincipals != null && this.removePrincipals.size() == arrayList.size()) {
                z = true;
            }
            if (this.removeGroups != null && this.removeGroups.size() == arrayList2.size()) {
                z2 = true;
            }
            if (z2 || z) {
                actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.principals_usergroups_will_be_null", "The values in your command will delete all principals and usergroups. You cannot delete all principals and usergroups. Atleast one of them must exist."));
                actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                return;
            }
        }
        if (this.removePrincipals != null) {
            for (String str : this.removePrincipals) {
                boolean z3 = false;
                Iterator it5 = arrayList.iterator();
                while (true) {
                    if (it5.hasNext()) {
                        if (((PrincipalMap) it5.next()).getEisPrincipal().equals(str)) {
                            z3 = true;
                            break;
                        }
                    } else {
                        break;
                    }
                }
                if (!z3) {
                    actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.principalNotExists", "The principal {0} that you want to delete does not exist in security map {1}. Please give a valid principal name.", str, this.securityMapName));
                    actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                    return;
                }
            }
        }
        if (this.removeGroups != null) {
            for (String str2 : this.removeGroups) {
                boolean z4 = false;
                Iterator it6 = arrayList2.iterator();
                while (true) {
                    if (it6.hasNext()) {
                        if (((GroupMap) it6.next()).getEisGroup().equals(str2)) {
                            z4 = true;
                            break;
                        }
                    } else {
                        break;
                    }
                }
                if (!z4) {
                    actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.usergroupNotExists", "The usergroup {0} that you want to delete does not exist in security map {1}. Please give a valid user-group name.", str2, this.securityMapName));
                    actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                    return;
                }
            }
        }
        if (this.addPrincipals != null) {
            for (Map.Entry entry : this.addPrincipals.entrySet()) {
                Iterator it7 = arrayList.iterator();
                while (it7.hasNext()) {
                    if (((PrincipalMap) it7.next()).getEisPrincipal().equals(entry.getKey())) {
                        actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.principalExists", "The principal {0} already exists in security map {1}. Please give a different principal name.", entry.getKey(), this.securityMapName));
                        actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                        return;
                    }
                }
            }
        }
        if (this.addGroups != null) {
            for (Map.Entry entry2 : this.addGroups.entrySet()) {
                Iterator it8 = arrayList2.iterator();
                while (it8.hasNext()) {
                    if (((GroupMap) it8.next()).getEisGroup().equals(entry2.getKey())) {
                        actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.groupExists", "The Group {0} already exists in security map {1}. Please give a different group name.", entry2.getKey(), this.securityMapName));
                        actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                        return;
                    }
                }
            }
        }
        try {
            ConfigSupport.apply(new SingleConfigCode<WorkSecurityMap>() { // from class: org.glassfish.connectors.admin.cli.UpdateConnectorWorkSecurityMap.1
                @Override // org.jvnet.hk2.config.SingleConfigCode
                public Object run(WorkSecurityMap workSecurityMap) throws PropertyVetoException, TransactionFailure {
                    if (UpdateConnectorWorkSecurityMap.this.addGroups != null) {
                        for (Map.Entry entry3 : UpdateConnectorWorkSecurityMap.this.addGroups.entrySet()) {
                            GroupMap groupMap = (GroupMap) workSecurityMap.createChild(GroupMap.class);
                            groupMap.setEisGroup((String) entry3.getKey());
                            groupMap.setMappedGroup((String) entry3.getValue());
                            workSecurityMap.getGroupMap().add(groupMap);
                        }
                    } else if (UpdateConnectorWorkSecurityMap.this.addPrincipals != null) {
                        for (Map.Entry entry4 : UpdateConnectorWorkSecurityMap.this.addPrincipals.entrySet()) {
                            PrincipalMap principalMap = (PrincipalMap) workSecurityMap.createChild(PrincipalMap.class);
                            principalMap.setEisPrincipal((String) entry4.getKey());
                            principalMap.setMappedPrincipal((String) entry4.getValue());
                            workSecurityMap.getPrincipalMap().add(principalMap);
                        }
                    }
                    if (UpdateConnectorWorkSecurityMap.this.removeGroups != null) {
                        for (String str3 : UpdateConnectorWorkSecurityMap.this.removeGroups) {
                            for (GroupMap groupMap2 : arrayList2) {
                                if (groupMap2.getEisGroup().equals(str3)) {
                                    workSecurityMap.getGroupMap().remove(groupMap2);
                                }
                            }
                        }
                    } else if (UpdateConnectorWorkSecurityMap.this.removePrincipals != null) {
                        for (String str4 : UpdateConnectorWorkSecurityMap.this.removePrincipals) {
                            for (PrincipalMap principalMap2 : arrayList) {
                                if (principalMap2.getEisPrincipal().equals(str4)) {
                                    workSecurityMap.getPrincipalMap().remove(principalMap2);
                                }
                            }
                        }
                    }
                    return workSecurityMap;
                }
            }, securityMap);
            actionReport.setActionExitCode(ActionReport.ExitCode.SUCCESS);
        } catch (TransactionFailure e) {
            actionReport.setMessage(localStrings.getLocalString("update.connector.work.security.map.fail", "Unable to update security map {0} for resource adapter {1}.", this.securityMapName, this.raName) + MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR + e.getLocalizedMessage());
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            actionReport.setFailureCause(e);
        }
    }
}
