package org.jboss.as.domain.management.security;

import java.util.HashSet;
import java.util.Set;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.ModelVersion;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
import org.jboss.as.controller.descriptions.common.ControllerResolver;
import org.jboss.as.controller.operations.common.Util;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.as.controller.registry.Resource;
import org.jboss.as.domain.management.logging.DomainManagementLogger;
import org.jboss.dmr.ModelNode;

/* loaded from: input_file:org/jboss/as/domain/management/security/LdapAuthorizationResourceDefinition.class */
public class LdapAuthorizationResourceDefinition extends LdapResourceDefinition {
    private static final AttributeDefinition[] ATTRIBUTE_DEFINITIONS;
    private static final LdapAuthorizationValidatingHandler VALIDATION_INSTANCE;
    static final LdapAuthorizationChildRemoveHandler REMOVE_INSTANCE;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/jboss/as/domain/management/security/LdapAuthorizationResourceDefinition$LdapAuthorizationChildAddHandler.class */
    public static class LdapAuthorizationChildAddHandler extends SecurityRealmChildAddHandler {
        public LdapAuthorizationChildAddHandler(boolean z, AttributeDefinition[] attributeDefinitionArr) {
            super(false, z, attributeDefinitionArr);
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.jboss.as.domain.management.security.SecurityRealmChildAddHandler, org.jboss.as.controller.RestartParentResourceHandlerBase
        public void updateModel(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            super.updateModel(operationContext, modelNode);
            operationContext.addStep(LdapAuthorizationResourceDefinition.createOperation(modelNode), LdapAuthorizationResourceDefinition.VALIDATION_INSTANCE, OperationContext.Stage.MODEL);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/jboss/as/domain/management/security/LdapAuthorizationResourceDefinition$LdapAuthorizationChildRemoveHandler.class */
    public static class LdapAuthorizationChildRemoveHandler implements OperationStepHandler {
        private LdapAuthorizationChildRemoveHandler() {
        }

        @Override // org.jboss.as.controller.OperationStepHandler
        public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            operationContext.removeResource(PathAddress.EMPTY_ADDRESS);
            operationContext.addStep(LdapAuthorizationResourceDefinition.createOperation(modelNode), LdapAuthorizationResourceDefinition.VALIDATION_INSTANCE, OperationContext.Stage.MODEL);
        }
    }

    /* loaded from: input_file:org/jboss/as/domain/management/security/LdapAuthorizationResourceDefinition$LdapAuthorizationValidatingHandler.class */
    private static class LdapAuthorizationValidatingHandler implements OperationStepHandler {
        private LdapAuthorizationValidatingHandler() {
        }

        @Override // org.jboss.as.controller.OperationStepHandler
        public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            Resource readResource = operationContext.readResource(PathAddress.EMPTY_ADDRESS);
            Set<String> childrenNames = readResource.getChildrenNames(ModelDescriptionConstants.USERNAME_TO_DN);
            if (childrenNames.size() > 1) {
                throw DomainManagementLogger.ROOT_LOGGER.multipleUsernameToDnConfigurationsDefined(ManagementUtil.getSecurityRealmName(modelNode), new HashSet(childrenNames));
            }
            Set<String> childrenNames2 = readResource.getChildrenNames(ModelDescriptionConstants.GROUP_SEARCH);
            if (childrenNames2.size() == 0) {
                throw DomainManagementLogger.ROOT_LOGGER.noGroupSearchDefined(ManagementUtil.getSecurityRealmName(modelNode));
            }
            if (childrenNames2.size() > 1) {
                throw DomainManagementLogger.ROOT_LOGGER.multipleGroupSearchConfigurationsDefined(ManagementUtil.getSecurityRealmName(modelNode), new HashSet(childrenNames2));
            }
        }
    }

    public LdapAuthorizationResourceDefinition() {
        super(PathElement.pathElement("authorization", "ldap"), ControllerResolver.getDeprecatedResolver("core.management.security-realm", "core.management.security-realm.authorization.ldap"), new LdapAuthorizationChildAddHandler(true, ATTRIBUTE_DEFINITIONS), new SecurityRealmChildRemoveHandler(true), OperationEntry.Flag.RESTART_RESOURCE_SERVICES, OperationEntry.Flag.RESTART_RESOURCE_SERVICES);
        setDeprecated(ModelVersion.create(1, 7));
    }

    @Override // org.jboss.as.controller.SimpleResourceDefinition, org.jboss.as.controller.ResourceDefinition
    public void registerChildren(ManagementResourceRegistration managementResourceRegistration) {
        managementResourceRegistration.registerSubModel(UserIsDnResourceDefintion.INSTANCE);
        managementResourceRegistration.registerSubModel(UserSearchResourceDefintion.INSTANCE);
        managementResourceRegistration.registerSubModel(AdvancedUserSearchResourceDefintion.INSTANCE);
        managementResourceRegistration.registerSubModel(GroupToPrincipalResourceDefinition.INSTANCE);
        managementResourceRegistration.registerSubModel(PrincipalToGroupResourceDefinition.INSTANCE);
    }

    @Override // org.jboss.as.controller.SimpleResourceDefinition, org.jboss.as.controller.ResourceDefinition
    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        new SecurityRealmChildWriteAttributeHandler(ATTRIBUTE_DEFINITIONS).registerAttributes(managementResourceRegistration);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static ModelNode createOperation(ModelNode modelNode) {
        PathAddress pathAddress = PathAddress.pathAddress(modelNode.require("address"));
        PathAddress pathAddress2 = null;
        int size = pathAddress.size() - 1;
        while (true) {
            if (size <= 0) {
                break;
            }
            PathElement element = pathAddress.getElement(size);
            if ("authorization".equals(element.getKey()) && "ldap".equals(element.getValue())) {
                pathAddress2 = pathAddress.subAddress(0, size + 1);
                break;
            }
            size--;
        }
        if ($assertionsDisabled || pathAddress2 != null) {
            return Util.getEmptyOperation("validate-authorization", pathAddress2.toModelNode());
        }
        throw new AssertionError("operationToValidate did not have an address that included a authorization=ldap");
    }

    static {
        $assertionsDisabled = !LdapAuthorizationResourceDefinition.class.desiredAssertionStatus();
        ATTRIBUTE_DEFINITIONS = new AttributeDefinition[]{CONNECTION};
        VALIDATION_INSTANCE = new LdapAuthorizationValidatingHandler();
        REMOVE_INSTANCE = new LdapAuthorizationChildRemoveHandler();
    }
}
