package com.xebialabs.deployit.cli.api;

import com.xebialabs.deployit.booter.remote.DeployitCommunicator;
import com.xebialabs.deployit.cli.CliObject;
import com.xebialabs.deployit.cli.help.ClassHelp;
import com.xebialabs.deployit.cli.help.MethodHelp;
import com.xebialabs.deployit.cli.help.ParameterHelp;
import com.xebialabs.deployit.engine.api.security.Permission;
import com.xebialabs.deployit.engine.api.security.RolePrincipals;
import com.xebialabs.deployit.engine.api.security.User;
import com.xebialabs.deployit.engine.api.security.UserProfile;
import jakarta.ws.rs.WebApplicationException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ClassHelp(description = "Access to the security settings of XL Deploy.")
@CliObject(name = "security")
/* loaded from: input_file:com/xebialabs/deployit/cli/api/SecurityClient.class */
public class SecurityClient extends DocumentedObject {
    private ProxiesInstance proxies;
    private DeployitCommunicator communicator;
    private static final Logger logger = LoggerFactory.getLogger(SecurityClient.class);

    public SecurityClient() {
    }

    public SecurityClient(ProxiesInstance proxiesInstance) {
        this.communicator = proxiesInstance.getCommunicator();
        this.proxies = proxiesInstance;
    }

    @MethodHelp(description = "Logout the currently logged in user, can only perform further actions after a login")
    public void logout() {
        try {
            this.proxies.getServer().logout();
        } catch (WebApplicationException e) {
            int status = e.getResponse().getStatus();
            if (status != 401 && status != 403) {
                throw e;
            }
        }
        this.communicator.getHttpClientHolder().logout();
    }

    @MethodHelp(description = "Login a user", parameters = {@ParameterHelp(name = "username", description = "The username"), @ParameterHelp(name = "password", description = "The password")})
    public void login(String str, String str2) {
        logger.info("Logging in as {}", str);
        this.communicator.getHttpClientHolder().loginAs(str, str2);
        try {
            this.proxies.getServer().getInfo();
        } catch (Exception e) {
            this.communicator.getHttpClientHolder().logout();
            throw new IllegalStateException("You're not authorized with these credentials. (" + str + ")", e);
        }
    }

    @MethodHelp(description = "Create a user with the specified name and password", parameters = {@ParameterHelp(name = "username", description = "The username"), @ParameterHelp(name = "password", description = "The password")}, returns = "The created user")
    public User createUser(String str, String str2) {
        return createUser(str, str2, false);
    }

    public User createUser(String str, String str2, boolean z) {
        User user = new User(str, z);
        user.setPassword(str2);
        return this.proxies.getUser().create(str, user);
    }

    @MethodHelp(description = "Create a user with the specified username, password, fullname and email", parameters = {@ParameterHelp(name = "username", description = "The username"), @ParameterHelp(name = "password", description = "The password"), @ParameterHelp(name = "fullName", description = "The full name of the user"), @ParameterHelp(name = "email", description = "The email of the user")}, returns = "The created user")
    public User createUser(String str, String str2, String str3, String str4) {
        User user = new User(str, false);
        user.setPassword(str2);
        UserProfile userProfile = new UserProfile();
        userProfile.setEmail(str4);
        userProfile.setFullName(str3);
        user.setUserProfile(userProfile);
        return this.proxies.getUser().create(str, user);
    }

    @MethodHelp(description = "Read a user so that he/she can be modified.", parameters = {@ParameterHelp(name = "username", description = "The username of the user to read")}, returns = "The read user")
    public User readUser(String str) {
        return this.proxies.getUser().read(str);
    }

    @MethodHelp(description = "Modify the (password of) the user.", parameters = {@ParameterHelp(name = "user", description = "The updated user object.")})
    public void modifyUser(User user) {
        this.proxies.getUser().modifyPassword(user.getUsername(), user);
    }

    @MethodHelp(description = "Delete a user.", parameters = {@ParameterHelp(name = "username", description = "the username of the user to be deleted")})
    public void deleteUser(String str) {
        this.proxies.getUser().delete(str);
    }

    @MethodHelp(description = "Grant a permission to a role", parameters = {@ParameterHelp(name = "permission", description = "The permission to grant"), @ParameterHelp(name = "roleName", description = "The role")})
    public void grant(String str, String str2) {
        doGrant(str, str2, "global");
    }

    @MethodHelp(description = "Grant a permission to a role on a group of configuration items", parameters = {@ParameterHelp(name = "permission", description = "The permission to grant"), @ParameterHelp(name = "roleName", description = "The role"), @ParameterHelp(name = "configurationItems", description = "A list of configuration items to which the permission should apply")})
    public void grant(String str, String str2, List<String> list) {
        Iterator<String> it = removeTrailingSlashes(list).iterator();
        while (it.hasNext()) {
            doGrant(str, str2, it.next());
        }
    }

    @MethodHelp(description = "Revoke a permission from a role", parameters = {@ParameterHelp(name = "permission", description = "The permission to revoke"), @ParameterHelp(name = "roleName", description = "The role")})
    public void revoke(String str, String str2) {
        doRevoke(str, str2, "global");
    }

    @MethodHelp(description = "Revoke a permission from a role on a group of configuration items", parameters = {@ParameterHelp(name = "permission", description = "The permission to grant"), @ParameterHelp(name = "roleName", description = "The role"), @ParameterHelp(name = "configurationItems", description = "A list of configuration items from which the permission should be removed")})
    public void revoke(String str, String str2, List<String> list) {
        Iterator<String> it = removeTrailingSlashes(list).iterator();
        while (it.hasNext()) {
            doRevoke(str, str2, it.next());
        }
    }

    private void doGrant(String str, String str2, String str3) {
        this.proxies.getPermissions().grant(str, str3, str2);
    }

    private void doRevoke(String str, String str2, String str3) {
        this.proxies.getPermissions().revoke(str, str3, str2);
    }

    @MethodHelp(description = "Check whether a permission is granted to the logged in user on an id.", parameters = {@ParameterHelp(name = "permission", description = "The permission to check"), @ParameterHelp(name = "id", description = "The path of the CI to check the permission on.")}, returns = "true if the logged in user is granted the permission on the node.")
    public boolean hasPermission(String str, String str2) {
        return this.proxies.getPermissions().isGrantedToMe(str, str2);
    }

    @MethodHelp(description = "Check whether a permission is granted to a role on an id.", parameters = {@ParameterHelp(name = "role", description = "The role to check for"), @ParameterHelp(name = "permission", description = "The permission to check"), @ParameterHelp(name = "id", description = "The path of the CI to check the permission on.")}, returns = "true if the role has the permission on the node.")
    public boolean isGranted(String str, String str2, String str3) {
        return this.proxies.getPermissions().isGranted(str2, str3, str);
    }

    @MethodHelp(description = "Check whether a global permission is granted to a role.", parameters = {@ParameterHelp(name = "role", description = "The role to check for"), @ParameterHelp(name = "permission", description = "The permission to check")}, returns = "true if the role has the global permission granted.")
    public boolean isGranted(String str, String str2) {
        return this.proxies.getPermissions().isGranted(str2, "global", str);
    }

    @MethodHelp(description = "Get permissions granted to a role", parameters = {@ParameterHelp(name = "role", description = "The role whose permissions are to be retrieved")}, returns = "A Map containing the nodes that the role has permissions on with the associated granted permissions")
    public Map<String, Collection<String>> getPermissions(String str) {
        return this.proxies.getPermissions().getGrantedPermissions(str);
    }

    @MethodHelp(description = "Get permissions granted to the currently logged in user", parameters = {}, returns = "A Map containing the nodes that the logged in user has permissions on with the associated granted permissions")
    public Map<String, Collection<String>> getPermissions() {
        return this.proxies.getPermissions().getMyGrantedPermissions();
    }

    @MethodHelp(description = "List all the permissions available in XL Deploy")
    public void printPermissions() {
        System.out.println("Available permissions are:");
        Iterator it = this.proxies.getReferenceData().listPermissions().iterator();
        while (it.hasNext()) {
            System.out.println(((Permission) it.next()).getPermissionName());
        }
    }

    @MethodHelp(description = "Create or update a role with assigned principals.", parameters = {@ParameterHelp(name = "roleName", description = "The role name"), @ParameterHelp(name = "principals", description = "The assigned principals")})
    public void assignRole(String str, List<String> list) {
        if (list == null || list.isEmpty()) {
            this.proxies.getRoleService().create(str);
        } else {
            this.proxies.getRoleService().updatePrincipals(str, new ArrayList(list));
        }
    }

    @MethodHelp(description = "Remove a role.", parameters = {@ParameterHelp(name = "roleName", description = "The role name")})
    public void removeRole(String str) {
        this.proxies.getRoleService().delete(str);
    }

    @MethodHelp(description = "Get all existing roles in XL Deploy.", returns = "The list of role names")
    public List<String> getRoleNames() {
        return this.proxies.getRoleService().list();
    }

    @MethodHelp(description = "Rename an existing role.", parameters = {@ParameterHelp(name = "oldName", description = "The current role name"), @ParameterHelp(name = "newName", description = "The new role name")})
    public void renameRole(String str, String str2) {
        this.proxies.getRoleService().rename(str, str2);
    }

    @MethodHelp(description = "Get the principals assigned to a specific role.", parameters = {@ParameterHelp(name = "roleName", description = "The role name")}, returns = "A list of principals assigned to the role")
    public List<String> getRoleAssignments(String str) {
        for (RolePrincipals rolePrincipals : this.proxies.getRoleService().readRolePrincipals()) {
            if (rolePrincipals.getRole().getName().equals(str)) {
                return rolePrincipals.getPrincipals();
            }
        }
        return new ArrayList();
    }

    private static List<String> removeTrailingSlashes(List<String> list) {
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().replaceFirst("/*$", ""));
        }
        return arrayList;
    }
}
