package com.metamatrix.platform.security.api;

import com.metamatrix.common.log.LogManager;
import com.metamatrix.platform.PlatformPlugin;
import com.metamatrix.platform.admin.api.EntitlementMigrationReport;
import com.metamatrix.platform.admin.api.PermissionTreeView;
import com.metamatrix.platform.admin.apiimpl.PermissionDataNodeImpl;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

/* loaded from: input_file:com/metamatrix/platform/security/api/AuthorizationObjectEditor.class */
public class AuthorizationObjectEditor extends AbstractAuthorizationObjectEditor {
    public static final long serialVersionUID = 5799168432068176908L;

    public AuthorizationObjectEditor(boolean z) {
        super(z);
    }

    public AuthorizationObjectEditor() {
        super(true);
    }

    public AuthorizationPolicy clonePolicyPermissions(AuthorizationPolicy authorizationPolicy, AuthorizationPolicy authorizationPolicy2, AuthorizationRealm authorizationRealm, Set set, EntitlementMigrationReport entitlementMigrationReport) {
        if (authorizationPolicy2 == null) {
            throw new IllegalArgumentException(PlatformPlugin.Util.getString("ERR.014.107.0002"));
        }
        if (authorizationPolicy == null) {
            throw new IllegalArgumentException(PlatformPlugin.Util.getString("ERR.014.107.0006"));
        }
        if (authorizationRealm == null) {
            throw new IllegalArgumentException(PlatformPlugin.Util.getString("ERR.014.107.0004"));
        }
        HashSet hashSet = new HashSet();
        Iterator it = authorizationPolicy.iterator();
        while (it.hasNext()) {
            AuthorizationPermission authorizationPermission = (AuthorizationPermission) it.next();
            String resourceName = authorizationPermission.getResourceName();
            if (BasicAuthorizationPermission.isRecursiveResource(resourceName)) {
                resourceName = BasicAuthorizationPermission.removeRecursion(resourceName);
            }
            if (set.contains(resourceName)) {
                if (entitlementMigrationReport != null) {
                    entitlementMigrationReport.addResourceEntry(PlatformPlugin.Util.getString("AuthorizationServiceImpl.Succeeded_migration"), resourceName, authorizationPolicy.getAuthorizationPolicyID().getDisplayName(), authorizationPolicy2.getAuthorizationPolicyID().getDisplayName(), StandardAuthorizationActions.getActionsString(authorizationPermission.getActions().getValue()), PlatformPlugin.Util.getString("AuthorizationServiceImpl.Migrated"));
                }
                try {
                    AuthorizationPermission authorizationPermission2 = (AuthorizationPermission) authorizationPermission.clone();
                    authorizationPermission2.setRealm(authorizationRealm);
                    hashSet.add(authorizationPermission2);
                } catch (CloneNotSupportedException e) {
                    LogManager.logError("AUTHORIZATION", e, PlatformPlugin.Util.getString("ERR.014.107.0005", new Object[]{authorizationPermission}));
                }
            } else {
                if (entitlementMigrationReport != null) {
                    entitlementMigrationReport.addResourceEntry(PlatformPlugin.Util.getString("AuthorizationServiceImpl.Failed_migration"), resourceName, authorizationPolicy.getAuthorizationPolicyID().getDisplayName(), "", StandardAuthorizationActions.getActionsString(authorizationPermission.getActions().getValue()), PlatformPlugin.Util.getString("AuthorizationServiceImpl.The_resource_for_this_permission_does_not_exist_in_the_target_VDB."));
                }
                LogManager.logWarning("AUTHORIZATION", PlatformPlugin.Util.getString("ERR.014.107.0011", new Object[]{authorizationPermission}));
            }
        }
        return addAllPermissions(authorizationPolicy2, hashSet);
    }

    @Override // com.metamatrix.platform.security.api.AbstractAuthorizationObjectEditor
    public Collection modifyPermissions(PermissionTreeView permissionTreeView, AuthorizationPolicy authorizationPolicy) {
        if (authorizationPolicy == null) {
            throw new IllegalArgumentException(PlatformPlugin.Util.getString("ERR.014.107.0012"));
        }
        AuthorizationPolicyID authorizationPolicyID = authorizationPolicy.getAuthorizationPolicyID();
        AuthorizationRealm authorizationRealm = new AuthorizationRealm(authorizationPolicyID.getVDBName(), authorizationPolicyID.getVDBVersionString());
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        List<PermissionDataNodeImpl> modified = permissionTreeView.getModified();
        HashSet hashSet3 = new HashSet();
        AuthorizationPermissions authorizationPermissions = authorizationPolicy.getAuthorizationPermissions();
        BasicAuthorizationPermissionFactory basicAuthorizationPermissionFactory = new BasicAuthorizationPermissionFactory();
        LogManager.logTrace("AUTHORIZATION", "modifyPermissions: Starting...");
        for (PermissionDataNodeImpl permissionDataNodeImpl : modified) {
            LogManager.logTrace("AUTHORIZATION", "modifyPermissions: Effected node: " + permissionDataNodeImpl);
            AuthorizationActions actions = permissionDataNodeImpl.getActions();
            String resourceName = permissionDataNodeImpl.getResourceName();
            boolean isGroupNode = permissionDataNodeImpl.isGroupNode();
            if (permissionDataNodeImpl.isLeafNode() || isGroupNode) {
                LogManager.logTrace("AUTHORIZATION", "modifyPermissions: LEAF or GROUP - actions <" + actions + ">");
                AuthorizationPermission existingPermission = getExistingPermission(permissionDataNodeImpl, authorizationPolicy);
                if (existingPermission != null) {
                    LogManager.logTrace("AUTHORIZATION", "modifyPermissions: Removing permission: " + existingPermission);
                    authorizationPermissions.remove(existingPermission);
                    hashSet2.add(existingPermission);
                    hashSet3.add(existingPermission);
                }
                if (!actions.equals(StandardAuthorizationActions.NONE)) {
                    if (permissionDataNodeImpl.isLeafNode()) {
                        LogManager.logTrace("AUTHORIZATION", "modifyPermissions: Creating LEAF permission.");
                        AuthorizationPermission create = basicAuthorizationPermissionFactory.create(resourceName, authorizationRealm, actions);
                        LogManager.logTrace("AUTHORIZATION", "modifyPermissions: Adding new ELEMENT perm: <" + create.getResourceName() + " - " + create.getActions() + ">");
                        hashSet.add(create);
                    } else if (isGroupNode) {
                        LogManager.logTrace("AUTHORIZATION", "modifyPermissions: Creating GROUP " + actions + " permission.");
                        AuthorizationPermission create2 = basicAuthorizationPermissionFactory.create(resourceName, authorizationRealm, actions);
                        LogManager.logTrace("AUTHORIZATION", "modifyPermissions: Adding new GROUP perm: <" + create2.getResourceName() + " - " + create2.getActions() + ">");
                        hashSet.add(create2);
                    }
                }
            }
            permissionDataNodeImpl.setModified(false, false);
        }
        removePermissions(authorizationPolicy, hashSet2);
        addAllPermissions(authorizationPolicy, hashSet);
        return hashSet3;
    }

    private AuthorizationPermission getExistingPermission(PermissionDataNodeImpl permissionDataNodeImpl, AuthorizationPolicy authorizationPolicy) {
        return authorizationPolicy.findPermissionWithResource(new DataAccessResource(permissionDataNodeImpl.getResourceName()));
    }
}
