package org.forgerock.openam.xacml.v3;

import com.sun.identity.entitlement.Application;
import com.sun.identity.entitlement.EntitlementException;
import com.sun.identity.entitlement.Privilege;
import com.sun.identity.entitlement.PrivilegeManager;
import com.sun.identity.entitlement.interfaces.ResourceName;
import com.sun.identity.entitlement.xacml3.PrivilegeSet;
import com.sun.identity.entitlement.xacml3.XACMLPrivilegeUtils;
import com.sun.identity.entitlement.xacml3.validation.PrivilegeValidator;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import org.forgerock.openam.entitlement.ResourceType;
import org.forgerock.openam.entitlement.service.ApplicationService;
import org.forgerock.openam.entitlement.service.ResourceTypeService;
import org.forgerock.openam.xacml.v3.XACMLApplicationUtils;
import org.forgerock.util.Reject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/forgerock/openam/xacml/v3/ImportStepGenerator.class */
public class ImportStepGenerator {
    private static final Logger logger = LoggerFactory.getLogger(ImportStepGenerator.class);
    private final ApplicationService applicationService;
    private final ResourceTypeService resourceTypeService;
    private final PrivilegeManager privilegeManager;
    private final PrivilegeValidator privilegeValidator;
    private final XACMLApplicationUtils.ApplicationTypeService applicationTypeService;
    private final String realm;
    private final Subject subject;
    private final PrivilegeSet privilegeSet;
    private final List<PersistableImportStep<Application>> importStepsApplication;
    private final List<PersistableImportStep<ResourceType>> importStepsResourceType;
    private final List<PersistableImportStep<Privilege>> importStepsPrivilege;
    private final Map<String, List<Application>> uuidResTypeVsApplicationFromFile;
    private final Map<String, Application> nameVsApplicationExisting;
    private final Map<String, ResourceType> uuidVsResourceTypeExisting;
    private final Map<String, ResourceType> uuidVsResourceTypeFromFile;
    private final Map<String, String> dummyIdVsActualUuids;
    private final Set<ResourceType> resourceTypesExisting;

    public ImportStepGenerator(ApplicationService applicationService, ResourceTypeService resourceTypeService, PrivilegeManager privilegeManager, PrivilegeValidator privilegeValidator, XACMLApplicationUtils.ApplicationTypeService applicationTypeService, String str, Subject subject, PrivilegeSet privilegeSet) {
        Reject.checkNotNull(privilegeSet, "privilegeSet cannot be empty");
        this.applicationService = applicationService;
        this.resourceTypeService = resourceTypeService;
        this.privilegeManager = privilegeManager;
        this.privilegeValidator = privilegeValidator;
        this.applicationTypeService = applicationTypeService;
        this.realm = str;
        this.subject = subject;
        this.privilegeSet = privilegeSet;
        this.importStepsApplication = new ArrayList();
        this.importStepsResourceType = new ArrayList();
        this.importStepsPrivilege = new ArrayList();
        this.uuidResTypeVsApplicationFromFile = new HashMap();
        this.nameVsApplicationExisting = new HashMap();
        this.uuidVsResourceTypeExisting = new HashMap();
        this.uuidVsResourceTypeFromFile = new HashMap();
        this.dummyIdVsActualUuids = new HashMap();
        this.resourceTypesExisting = new HashSet();
    }

    public List<PersistableImportStep<Application>> getImportStepsApplication() {
        return this.importStepsApplication;
    }

    public List<PersistableImportStep<ResourceType>> getImportStepsResourceType() {
        return this.importStepsResourceType;
    }

    public List<PersistableImportStep<Privilege>> getImportStepsPrivilege() {
        return this.importStepsPrivilege;
    }

    public List<PersistableImportStep> getAllImportSteps() {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(getImportStepsResourceType());
        arrayList.addAll(getImportStepsApplication());
        arrayList.addAll(getImportStepsPrivilege());
        return arrayList;
    }

    public void generateImportSteps() throws EntitlementException {
        indexingApplicationsExisting();
        indexingApplicationsReadFromFile();
        indexingResourceTypesReadFromFile();
        indexingResourceTypesExisting();
        assignApplicationTypeToApplication();
        generateResourceTypeImportSteps();
        resolveResourceTypeDependencies();
        generatePrivilegeImportSteps();
        generateApplicationImportSteps();
    }

    private void assignApplicationTypeToApplication() throws EntitlementException {
        for (Application application : this.privilegeSet.getApplication()) {
            application.setApplicationType(this.applicationTypeService.getApplicationType(this.subject, application.getName()));
        }
    }

    private void generateApplicationImportSteps() throws EntitlementException {
        Iterator<Application> it = this.privilegeSet.getApplication().iterator();
        while (it.hasNext()) {
            this.importStepsApplication.add(generateApplicationImportStep(it.next(), this.applicationService.getApplicationNames()));
        }
    }

    private PersistableImportStep generateApplicationImportStep(Application application, Set<String> set) throws EntitlementException {
        if (!set.contains(application.getName())) {
            return new ApplicationImportStep(DiffStatus.ADD, application, this.applicationService);
        }
        Application application2 = this.nameVsApplicationExisting.get(application.getName());
        XACMLApplicationUtils.copyAttributes(application, application2);
        return new ApplicationImportStep(DiffStatus.UPDATE, application2, this.applicationService);
    }

    private void indexingApplicationsExisting() throws EntitlementException {
        for (String str : this.applicationService.getApplicationNames()) {
            Application application = this.applicationService.getApplication(str);
            if (application != null) {
                this.nameVsApplicationExisting.put(str, application);
            }
        }
    }

    private void indexingApplicationsReadFromFile() {
        for (Application application : this.privilegeSet.getApplication()) {
            for (String str : application.getResourceTypeUuids()) {
                List<Application> list = this.uuidResTypeVsApplicationFromFile.get(str);
                if (list == null) {
                    list = new ArrayList();
                    this.uuidResTypeVsApplicationFromFile.put(str, list);
                }
                list.add(application);
            }
        }
    }

    private void indexingResourceTypesReadFromFile() {
        for (ResourceType resourceType : this.privilegeSet.getResourceTypes()) {
            this.uuidVsResourceTypeFromFile.put(resourceType.getUUID(), resourceType);
        }
    }

    private void indexingResourceTypesExisting() throws EntitlementException {
        this.resourceTypesExisting.addAll(XACMLResourceTypeUtils.getAllResourceTypes(this.resourceTypeService, this.subject, this.realm));
        for (ResourceType resourceType : this.resourceTypesExisting) {
            this.uuidVsResourceTypeExisting.put(resourceType.getUUID(), resourceType);
        }
    }

    private void generateResourceTypeImportSteps() {
        generateImportStepsForExistingResourceType();
        generateImportStepsForNewResourceTypes();
    }

    private void generateImportStepsForExistingResourceType() {
        HashMap hashMap = new HashMap();
        for (ResourceType resourceType : this.privilegeSet.getResourceTypes()) {
            Set<String> patterns = resourceType.getPatterns();
            List<Application> list = this.uuidResTypeVsApplicationFromFile.get(resourceType.getUUID());
            if (list != null && list.get(0) != null) {
                ResourceType findExistingResourceType = findExistingResourceType(patterns, list.get(0));
                if (findExistingResourceType != null) {
                    ResourceType resourceType2 = (ResourceType) hashMap.get(findExistingResourceType.getUUID());
                    hashMap.put(findExistingResourceType.getUUID(), resourceType2 == null ? XACMLResourceTypeUtils.mergeResourceType(resourceType, findExistingResourceType) : XACMLResourceTypeUtils.mergeResourceType(resourceType, resourceType2));
                    this.dummyIdVsActualUuids.put(resourceType.getUUID(), findExistingResourceType.getUUID());
                }
            } else if (logger.isDebugEnabled()) {
                logger.debug("Resource type with id " + resourceType.getUUID() + " is not associated with any applications and hence cannot be imported.");
            }
        }
        Iterator it = hashMap.entrySet().iterator();
        while (it.hasNext()) {
            this.importStepsResourceType.add(newResourceTypeImportStep((ResourceType) ((Map.Entry) it.next()).getValue(), DiffStatus.UPDATE));
        }
    }

    private void generateImportStepsForNewResourceTypes() {
        Set<String> keySet = this.uuidResTypeVsApplicationFromFile.keySet();
        Set<String> keySet2 = this.dummyIdVsActualUuids.keySet();
        HashSet<String> hashSet = new HashSet(keySet);
        hashSet.removeAll(keySet2);
        HashMap hashMap = new HashMap();
        for (String str : hashSet) {
            for (Application application : this.uuidResTypeVsApplicationFromFile.get(str)) {
                ResourceType resourceType = this.uuidVsResourceTypeFromFile.get(str);
                ResourceType resourceType2 = (ResourceType) hashMap.get(application.getName());
                ResourceType createResourceType = resourceType2 == null ? XACMLResourceTypeUtils.createResourceType(application.getName(), resourceType.getName(), resourceType.getPatterns(), resourceType.getActions(), null) : XACMLResourceTypeUtils.mergeResourceType(resourceType, resourceType2);
                hashMap.put(application.getName(), createResourceType);
                this.dummyIdVsActualUuids.put(resourceType.getUUID(), createResourceType.getUUID());
            }
        }
        Iterator it = hashMap.entrySet().iterator();
        while (it.hasNext()) {
            this.importStepsResourceType.add(newResourceTypeImportStep((ResourceType) ((Map.Entry) it.next()).getValue(), DiffStatus.ADD));
        }
    }

    private ResourceType findExistingResourceType(Set<String> set, Application application) {
        ResourceType findExistingResourceTypeByApplication;
        Application application2 = this.nameVsApplicationExisting.get(application.getName());
        if (application2 != null && (findExistingResourceTypeByApplication = findExistingResourceTypeByApplication(application, application2, set)) != null) {
            return findExistingResourceTypeByApplication;
        }
        HashSet hashSet = new HashSet(this.uuidVsResourceTypeExisting.keySet());
        if (application2 != null) {
            hashSet.removeAll(application2.getResourceTypeUuids());
        }
        return findExistingResourceTypeByPattern(hashSet, set, application, application2);
    }

    private ResourceType findExistingResourceTypeByPattern(Set<String> set, Set<String> set2, Application application, Application application2) {
        return matchResourceTypeExisting(set, set2, chooseResourceComparator(application, application2));
    }

    private ResourceType findExistingResourceTypeByApplication(Application application, Application application2, Set<String> set) {
        return matchResourceTypeExisting(application2.getResourceTypeUuids(), set, chooseResourceComparator(application, application2));
    }

    private ResourceName chooseResourceComparator(Application application, Application application2) {
        return (application2 == null || application2.getResourceComparator() == null) ? application.getResourceComparator() : application2.getResourceComparator();
    }

    private ResourceType matchResourceTypeExisting(Set<String> set, Set<String> set2, ResourceName resourceName) {
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            ResourceType resourceType = this.uuidVsResourceTypeExisting.get(it.next());
            if (XACMLResourceTypeUtils.matchResources(set2, resourceType, resourceName)) {
                return resourceType;
            }
        }
        return null;
    }

    private PersistableImportStep newResourceTypeImportStep(ResourceType resourceType, DiffStatus diffStatus) {
        return new ResourceTypeImportStep(diffStatus, resourceType, this.resourceTypeService, this.realm, this.subject);
    }

    private void generatePrivilegeImportSteps() throws EntitlementException {
        for (Privilege privilege : this.privilegeSet.getPrivileges()) {
            XACMLPrivilegeUtils.validate(privilege, this.privilegeValidator);
            this.importStepsPrivilege.add(newPrivilegeImportStep(privilege, this.privilegeManager));
        }
    }

    private PersistableImportStep newPrivilegeImportStep(Privilege privilege, PrivilegeManager privilegeManager) throws EntitlementException {
        return privilegeManager.canFindByName(privilege.getName()) ? new PrivilegeImportStep(privilegeManager, DiffStatus.UPDATE, privilege) : new PrivilegeImportStep(privilegeManager, DiffStatus.ADD, privilege);
    }

    private void resolveResourceTypeDependencies() {
        for (Map.Entry<String, String> entry : this.dummyIdVsActualUuids.entrySet()) {
            String key = entry.getKey();
            String value = entry.getValue();
            for (Application application : this.privilegeSet.getApplication()) {
                if (application.getResourceTypeUuids().remove(key)) {
                    application.getResourceTypeUuids().add(value);
                }
            }
            for (Privilege privilege : this.privilegeSet.getPrivileges()) {
                if (key.equals(privilege.getResourceTypeUuid())) {
                    privilege.setResourceTypeUuid(value);
                }
            }
        }
    }

    Set<ResourceType> getResourceTypesExisting() {
        return this.resourceTypesExisting;
    }
}
