package pl.edu.icm.yadda.aas.usercatalog.service.impl;

import java.util.Arrays;
import java.util.List;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.edu.icm.yadda.aas.usercatalog.model.AbstractSecurityObjectBase;
import pl.edu.icm.yadda.aas.usercatalog.model.Group;
import pl.edu.icm.yadda.aas.usercatalog.model.NamedObject;
import pl.edu.icm.yadda.aas.usercatalog.model.Role;
import pl.edu.icm.yadda.aas.usercatalog.model.User;
import pl.edu.icm.yadda.aas.usercatalog.service.IUserCatalogService;
import pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorService;
import pl.edu.icm.yadda.aas.usercatalog.service.LoadSecurityObjectsRequest;
import pl.edu.icm.yadda.aas.usercatalog.service.LoadSecurityObjectsResponse;
import pl.edu.icm.yadda.aas.usercatalog.service.SecurityObjectType;
import pl.edu.icm.yadda.aas.usercatalog.service.StoreSecurityObjectRequest;
import pl.edu.icm.yadda.aas.usercatalog.service.StoreSecurityObjectResponse;
import pl.edu.icm.yadda.tools.encoding2.PasswordEncoder;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-4.1.3-SNAPSHOT.jar:pl/edu/icm/yadda/aas/usercatalog/service/impl/MultipleUsersCatalogInitializer.class */
public class MultipleUsersCatalogInitializer {
    protected final Logger log = LoggerFactory.getLogger(getClass());
    protected List<NamedObject> securityObjects = null;
    protected boolean overwriteExistingObjects = false;
    protected IUserEditorService userEditorService;
    protected IUserCatalogService userCatalogService;
    private PasswordEncoder passwordEncoder;

    public void init() {
        if (this.securityObjects == null || this.securityObjects.size() <= 0) {
            this.log.info("no users to be registered");
            return;
        }
        for (NamedObject namedObject : this.securityObjects) {
            if (!alreadyCreated(namedObject.getName(), inferObjectType(namedObject))) {
                this.log.info("creating entry for security object " + namedObject.getName() + "...");
                storeSecurityObject(namedObject);
                this.log.info("security object " + namedObject.getName() + " registered!");
            } else if (this.overwriteExistingObjects) {
                this.log.info("overwriting entry for security object " + namedObject.getName() + "...");
                storeSecurityObject(namedObject);
                this.log.info("security object " + namedObject.getName() + " registered!");
            } else {
                this.log.debug("security object " + namedObject.getName() + " already created");
            }
        }
    }

    SecurityObjectType inferObjectType(NamedObject namedObject) {
        if (namedObject instanceof User) {
            return SecurityObjectType.USER;
        }
        if (namedObject instanceof Group) {
            return SecurityObjectType.GROUP;
        }
        if (namedObject instanceof Role) {
            return SecurityObjectType.ROLE;
        }
        throw new RuntimeException("unsupported security object type: " + namedObject.getClass().getName());
    }

    protected boolean alreadyCreated(String str, SecurityObjectType securityObjectType) {
        LoadSecurityObjectsResponse loadSecurityObjects = this.userCatalogService.loadSecurityObjects(new LoadSecurityObjectsRequest((List<String>) Arrays.asList(str), securityObjectType));
        return loadSecurityObjects.isOK() && loadSecurityObjects.getResult() != null && loadSecurityObjects.getResult().size() > 0 && loadSecurityObjects.getResult().get(0) != null;
    }

    protected void storeSecurityObject(NamedObject namedObject) {
        if (namedObject instanceof User) {
            storeUser((User) namedObject);
        } else {
            storeGenericSecurityObject(namedObject);
        }
    }

    protected void storeUser(User user) {
        if (user.getPassword() == null || user.getPassword().trim().length() <= 0) {
            throw new RuntimeException("unable to register profile for user: '" + user.getName() + "' reason: undefined password, try to override empty password property!");
        }
        user.setPassword(this.passwordEncoder.encodePassword(user.getPassword()));
        storeGenericSecurityObject(user);
    }

    protected void storeGenericSecurityObject(NamedObject namedObject) {
        StoreSecurityObjectResponse storeObject = this.userEditorService.storeObject(new StoreSecurityObjectRequest(namedObject, this.overwriteExistingObjects));
        if (!storeObject.isOK()) {
            this.log.error("error occured when registering object: " + namedObject.getName() + ": " + storeObject.getError());
        } else if (namedObject instanceof AbstractSecurityObjectBase) {
            addMissingRoles(((AbstractSecurityObjectBase) namedObject).getRoles());
        }
    }

    protected void addMissingRoles(Set<String> set) {
        if (set == null || set.isEmpty()) {
            return;
        }
        for (String str : set) {
            if (alreadyCreated(str, SecurityObjectType.ROLE)) {
                this.log.debug("role " + str + " already created");
            } else {
                this.log.info("creating entry for role " + str + "...");
                storeSecurityObject(new Role(str));
                this.log.info("role " + str + " registered!");
            }
        }
    }

    public void setUserEditorService(IUserEditorService iUserEditorService) {
        this.userEditorService = iUserEditorService;
    }

    public void setUserCatalogService(IUserCatalogService iUserCatalogService) {
        this.userCatalogService = iUserCatalogService;
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    public void setSecurityObjects(List<NamedObject> list) {
        this.securityObjects = list;
    }

    public void setOverwriteExistingObjects(boolean z) {
        this.overwriteExistingObjects = z;
    }
}
