package org.forgerock.openam.upgrade.steps;

import com.iplanet.sso.SSOToken;
import com.sun.identity.entitlement.IPrivilege;
import com.sun.identity.entitlement.PrivilegeIndexStore;
import java.security.PrivilegedAction;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.inject.Inject;
import javax.security.auth.Subject;
import org.forgerock.openam.sm.datalayer.api.ConnectionFactory;
import org.forgerock.openam.sm.datalayer.api.ConnectionType;
import org.forgerock.openam.sm.datalayer.api.DataLayer;
import org.forgerock.openam.upgrade.UpgradeException;
import org.forgerock.openam.upgrade.UpgradeProgress;
import org.forgerock.openam.upgrade.UpgradeServices;
import org.forgerock.openam.upgrade.UpgradeStepInfo;
import org.forgerock.openam.upgrade.VersionUtils;
import org.forgerock.openam.utils.CollectionUtils;
import org.forgerock.util.Reject;

@UpgradeStepInfo(dependsOn = {"org.forgerock.openam.upgrade.steps.RemoveReferralsStep"})
/* loaded from: input_file:org/forgerock/openam/upgrade/steps/ResavePoliciesStep.class */
public class ResavePoliciesStep extends AbstractUpgradeStep {
    private static final int AM_14 = 1400;
    private static final String POLICY_DATA = "%POLICY_DATA%";
    private final Map<String, Set<String>> policyMap;

    @Inject
    public ResavePoliciesStep(PrivilegedAction<SSOToken> privilegedAction, @DataLayer(ConnectionType.DATA_LAYER) ConnectionFactory connectionFactory) {
        super(privilegedAction, connectionFactory);
        this.policyMap = new HashMap();
    }

    @Override // org.forgerock.openam.upgrade.steps.UpgradeStep
    public boolean isApplicable() {
        return !this.policyMap.isEmpty();
    }

    @Override // org.forgerock.openam.upgrade.steps.UpgradeStep
    public void initialize() throws UpgradeException {
        DEBUG.message("Initializing ResavePoliciesStep");
        if (VersionUtils.isCurrentVersionLessThan(AM_14, true)) {
            Subject adminSubject = getAdminSubject();
            try {
                for (String str : getRealmNames()) {
                    Set searchPrivilegeNames = getPolicyIndexStore(adminSubject, str).searchPrivilegeNames(Collections.emptySet(), true, 0, false, false);
                    if (CollectionUtils.isNotEmpty(searchPrivilegeNames)) {
                        this.policyMap.put(str, new HashSet(searchPrivilegeNames));
                    }
                }
                if (DEBUG.messageEnabled()) {
                    DEBUG.message("Discovered following policies:\n" + this.policyMap);
                }
            } catch (Exception e) {
                DEBUG.error("Error while trying to retrieve policy names", e);
                throw new UpgradeException(e);
            }
        }
    }

    @Override // org.forgerock.openam.upgrade.steps.UpgradeStep
    public void perform() throws UpgradeException {
        Subject adminSubject = getAdminSubject();
        try {
            for (Map.Entry<String, Set<String>> entry : this.policyMap.entrySet()) {
                String key = entry.getKey();
                Set<String> value = entry.getValue();
                PrivilegeIndexStore policyIndexStore = getPolicyIndexStore(adminSubject, key);
                for (String str : value) {
                    if (DEBUG.messageEnabled()) {
                        DEBUG.message("Resaving the following policy: " + str);
                    }
                    UpgradeProgress.reportStart("upgrade.policy.start", str);
                    IPrivilege privilege = policyIndexStore.getPrivilege(str);
                    policyIndexStore.delete(str);
                    policyIndexStore.add(Collections.singleton(privilege));
                    UpgradeProgress.reportEnd("upgrade.success", new Object[0]);
                }
            }
        } catch (Exception e) {
            UpgradeProgress.reportEnd("upgrade.failed", new Object[0]);
            DEBUG.error("An error occurred while trying to resave policies", e);
            throw new UpgradeException(e);
        }
    }

    @Override // org.forgerock.openam.upgrade.steps.UpgradeStep
    public String getShortReport(String str) {
        int i = 0;
        Iterator<Set<String>> it = this.policyMap.values().iterator();
        while (it.hasNext()) {
            i += it.next().size();
        }
        StringBuilder sb = new StringBuilder();
        if (i != 0) {
            sb.append(BUNDLE.getString("upgrade.policy.short")).append(" (").append(i).append(')').append(str);
        }
        return sb.toString();
    }

    @Override // org.forgerock.openam.upgrade.steps.UpgradeStep
    public String getDetailedReport(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(UpgradeServices.LF, str);
        StringBuilder sb = new StringBuilder();
        for (Map.Entry<String, Set<String>> entry : this.policyMap.entrySet()) {
            sb.append(BUNDLE.getString("upgrade.realm")).append(": ").append(entry.getKey()).append(str);
            Iterator<String> it = entry.getValue().iterator();
            while (it.hasNext()) {
                sb.append("\t").append(it.next()).append(str);
            }
        }
        hashMap.put(POLICY_DATA, sb.toString());
        return UpgradeServices.tagSwapReport(hashMap, "upgrade.policyreport");
    }

    private PrivilegeIndexStore getPolicyIndexStore(Subject subject, String str) {
        PrivilegeIndexStore privilegeIndexStore = PrivilegeIndexStore.getInstance(subject, str);
        Reject.ifNull(privilegeIndexStore);
        return privilegeIndexStore;
    }
}
