package org.pentaho.platform.repository2.unified.lifecycle;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.pentaho.platform.api.engine.security.userroledao.IUserRoleDao;
import org.pentaho.platform.api.mt.ITenant;
import org.pentaho.platform.api.util.IPasswordService;
import org.pentaho.platform.api.util.PasswordServiceException;
import org.pentaho.platform.repository2.unified.jcr.IPathConversionHelper;
import org.pentaho.platform.repository2.unified.jcr.JcrTenantUtils;
import org.pentaho.platform.security.policy.rolebased.IRoleAuthorizationPolicyRoleBindingDao;
import org.springframework.extensions.jcr.JcrTemplate;
import org.springframework.transaction.support.TransactionTemplate;

/* loaded from: input_file:org/pentaho/platform/repository2/unified/lifecycle/DefaultUserRepositoryLifecycleManager.class */
public class DefaultUserRepositoryLifecycleManager extends AbstractBackingRepositoryLifecycleManager {
    private static final Log logger = LogFactory.getLog(DefaultUserRepositoryLifecycleManager.class);
    private static final ITenant DEFAULT_TENANT = JcrTenantUtils.getDefaultTenant();
    private static final String[] EMPTY_STRING_ARRAY = new String[0];
    private final IRoleAuthorizationPolicyRoleBindingDao roleBindingDao;
    private final IPasswordService passwordService;
    private final IUserRoleDao userRoleDao;
    private Map<String, List<String>> roleMappings;
    private Map<String, List<String>> userRoleMappings;
    private String singleTenantAdminPassword;
    private String nonAdminPassword;
    private String singleTenantAdminUserName;
    private List<String> systemRoles;
    public static final String DEFAULT_USERS_LOADED_METADATA = "defaultUsersLoaded";

    public DefaultUserRepositoryLifecycleManager(IRoleAuthorizationPolicyRoleBindingDao iRoleAuthorizationPolicyRoleBindingDao, IPasswordService iPasswordService, IUserRoleDao iUserRoleDao, String str, List<String> list, TransactionTemplate transactionTemplate, JcrTemplate jcrTemplate, IPathConversionHelper iPathConversionHelper) {
        super(transactionTemplate, jcrTemplate, iPathConversionHelper);
        this.roleBindingDao = iRoleAuthorizationPolicyRoleBindingDao;
        this.passwordService = iPasswordService;
        this.userRoleDao = iUserRoleDao;
        this.singleTenantAdminUserName = str;
        this.systemRoles = list;
    }

    public void newTenant() {
    }

    public void newTenant(ITenant iTenant) {
    }

    public void newUser() {
    }

    public void newUser(ITenant iTenant, String str) {
    }

    public void shutdown() {
    }

    public void startup() {
        if (doesMetadataExists(DEFAULT_USERS_LOADED_METADATA).booleanValue()) {
            return;
        }
        configureRoles();
        try {
            configureUsers();
        } catch (PasswordServiceException e) {
            logger.error("Failed configuring users.", e);
        }
        addMetadataToRepository(DEFAULT_USERS_LOADED_METADATA);
    }

    private void configureRoles() {
        if (logger.isDebugEnabled()) {
            logger.debug("Configuring default role mappings.");
        }
        for (String str : this.roleMappings.keySet()) {
            if (this.userRoleDao.getRole(DEFAULT_TENANT, str) == null) {
                if (logger.isDebugEnabled()) {
                    logger.debug("Creating user role: " + str);
                }
                this.userRoleDao.createRole(DEFAULT_TENANT, str, "", EMPTY_STRING_ARRAY);
                List<String> list = this.roleMappings.get(str);
                if (list.size() > 0) {
                    this.roleBindingDao.setRoleBindings(DEFAULT_TENANT, str, list);
                }
                if (logger.isDebugEnabled()) {
                    StringBuffer stringBuffer = new StringBuffer();
                    Iterator<String> it = list.iterator();
                    while (it.hasNext()) {
                        stringBuffer.append(it.next() + " ");
                    }
                    logger.debug("Create Role[" + str + "] with logical roles [ " + ((Object) stringBuffer) + " ]");
                }
            } else if (logger.isDebugEnabled()) {
                logger.debug("Skipping config. Role[" + str + "] already registered.");
            }
        }
    }

    private void configureUsers() throws PasswordServiceException {
        String decrypt = this.passwordService.decrypt(this.singleTenantAdminPassword);
        String decrypt2 = this.passwordService.decrypt(this.nonAdminPassword);
        for (String str : this.userRoleMappings.keySet()) {
            if (this.userRoleDao.getUser(DEFAULT_TENANT, str) == null) {
                StringBuffer stringBuffer = new StringBuffer();
                if (logger.isDebugEnabled()) {
                    logger.debug("Creating user: " + str);
                }
                ArrayList arrayList = new ArrayList();
                for (String str2 : this.userRoleMappings.get(str)) {
                    if (this.roleMappings.containsKey(str2) || this.systemRoles.contains(str2)) {
                        arrayList.add(str2);
                        stringBuffer.append(str2 + "  ");
                    } else {
                        logger.error("Unable to map undefined role to user. User[" + str + "] Role[" + str2 + "]");
                    }
                }
                if (this.singleTenantAdminUserName.equals(str)) {
                    this.userRoleDao.createUser(DEFAULT_TENANT, str, decrypt, "user", (String[]) arrayList.toArray(EMPTY_STRING_ARRAY));
                } else {
                    this.userRoleDao.createUser(DEFAULT_TENANT, str, decrypt2, "user", (String[]) arrayList.toArray(EMPTY_STRING_ARRAY));
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("Created user: " + str + "with role mappings [" + ((Object) stringBuffer) + "]");
                }
            }
        }
    }

    public Map<String, List<String>> getRoleMappings() {
        return this.roleMappings;
    }

    public void setRoleMappings(Map<String, List<String>> map) {
        this.roleMappings = map;
    }

    public Map<String, List<String>> getUserRoleMappings() {
        return this.userRoleMappings;
    }

    public void setUserRoleMappings(Map<String, List<String>> map) {
        this.userRoleMappings = map;
    }

    public String getNonAdminPassword() {
        return this.nonAdminPassword;
    }

    public void setNonAdminPassword(String str) {
        this.nonAdminPassword = str;
    }

    public String getSingleTenantAdminPassword() {
        return this.singleTenantAdminPassword;
    }

    public void setSingleTenantAdminPassword(String str) {
        this.singleTenantAdminPassword = str;
    }
}
