package org.pentaho.platform.plugin.services.security.userrole.ldap;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import java.util.TreeSet;
import org.pentaho.platform.api.engine.IUserRoleListService;
import org.pentaho.platform.api.engine.security.IAuthenticationRoleMapper;
import org.pentaho.platform.api.mt.ITenant;
import org.pentaho.platform.api.mt.ITenantedPrincipleNameResolver;
import org.pentaho.platform.engine.core.system.PentahoSessionHolder;
import org.pentaho.platform.engine.core.system.PentahoSystem;
import org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearch;
import org.pentaho.platform.repository2.unified.jcr.JcrTenantUtils;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.util.Assert;

/* loaded from: input_file:org/pentaho/platform/plugin/services/security/userrole/ldap/DefaultLdapUserRoleListService.class */
public class DefaultLdapUserRoleListService implements IUserRoleListService, InitializingBean {
    private LdapSearch allUsernamesSearch;
    private LdapSearch allAuthoritiesSearch;
    private LdapSearch usernamesInRoleSearch;
    private Comparator<String> roleComparator;
    private Comparator<String> usernameComparator;
    private UserDetailsService userDetailsService;
    private ITenantedPrincipleNameResolver userNameUtils;
    private ITenantedPrincipleNameResolver roleNameUtils;
    private List<String> systemRoles;
    private List<String> extraRoles;
    private IAuthenticationRoleMapper roleMapper;

    public DefaultLdapUserRoleListService() {
        this.extraRoles = (List) PentahoSystem.get(ArrayList.class, "extraSystemAuthorities", PentahoSessionHolder.getSession());
    }

    public DefaultLdapUserRoleListService(Comparator<String> comparator, Comparator<String> comparator2) {
        this.usernameComparator = comparator;
        this.roleComparator = comparator2;
    }

    public DefaultLdapUserRoleListService(Comparator<String> comparator, Comparator<String> comparator2, IAuthenticationRoleMapper iAuthenticationRoleMapper) {
        this(comparator, comparator2);
        this.roleMapper = iAuthenticationRoleMapper;
    }

    public void afterPropertiesSet() throws Exception {
    }

    public List<String> getAllRoles() {
        List<GrantedAuthority> search = this.allAuthoritiesSearch.search(new Object[0]);
        Set treeSet = this.roleComparator != null ? new TreeSet(this.roleComparator) : new LinkedHashSet(search.size());
        for (GrantedAuthority grantedAuthority : search) {
            String pentahoRole = this.roleMapper != null ? this.roleMapper.toPentahoRole(grantedAuthority.getAuthority()) : grantedAuthority.getAuthority();
            if (pentahoRole != null && this.extraRoles != null && !this.extraRoles.contains(pentahoRole)) {
                treeSet.add(pentahoRole);
            }
        }
        Iterator<String> it = this.extraRoles.iterator();
        while (it.hasNext()) {
            treeSet.add(it.next());
        }
        return new ArrayList(treeSet);
    }

    public List<String> getAllUsers() {
        List<String> search = this.allUsernamesSearch.search(new Object[0]);
        if (null != this.usernameComparator) {
            Collections.sort(search, this.usernameComparator);
        }
        return search;
    }

    public List<String> getUsersInRole(ITenant iTenant, String str) {
        if (iTenant != null && !iTenant.equals(JcrTenantUtils.getDefaultTenant())) {
            throw new UnsupportedOperationException("only allowed to access to default tenant");
        }
        List<String> search = this.usernamesInRoleSearch.search(new Object[]{this.roleMapper.fromPentahoRole(this.roleNameUtils.getPrincipleName(str))});
        if (null != this.usernameComparator) {
            Collections.sort(search, this.usernameComparator);
        }
        return search;
    }

    public List<String> getRolesForUser(ITenant iTenant, String str) {
        if (iTenant != null && !iTenant.equals(JcrTenantUtils.getDefaultTenant())) {
            throw new UnsupportedOperationException("only allowed to access to default tenant");
        }
        Collection authorities = this.userDetailsService.loadUserByUsername(this.userNameUtils.getPrincipleName(str)).getAuthorities();
        Set treeSet = this.roleComparator != null ? new TreeSet(this.roleComparator) : new LinkedHashSet(authorities.size());
        Iterator it = authorities.iterator();
        while (it.hasNext()) {
            treeSet.add(((GrantedAuthority) it.next()).getAuthority());
        }
        Iterator<String> it2 = this.extraRoles.iterator();
        while (it2.hasNext()) {
            treeSet.add(it2.next());
        }
        return new ArrayList(treeSet);
    }

    public void setAllUsernamesSearch(LdapSearch ldapSearch) {
        this.allUsernamesSearch = ldapSearch;
    }

    public void setAllAuthoritiesSearch(LdapSearch ldapSearch) {
        this.allAuthoritiesSearch = ldapSearch;
    }

    public void setUsernamesInRoleSearch(LdapSearch ldapSearch) {
        this.usernamesInRoleSearch = ldapSearch;
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    public void setRoleComparator(Comparator<String> comparator) {
        this.roleComparator = comparator;
    }

    public void setUsernameComparator(Comparator<String> comparator) {
        Assert.notNull(comparator);
        this.usernameComparator = comparator;
    }

    public ITenantedPrincipleNameResolver getUserNameUtils() {
        return this.userNameUtils;
    }

    public void setUserNameUtils(ITenantedPrincipleNameResolver iTenantedPrincipleNameResolver) {
        this.userNameUtils = iTenantedPrincipleNameResolver;
    }

    public ITenantedPrincipleNameResolver getRoleNameUtils() {
        return this.roleNameUtils;
    }

    public void setRoleNameUtils(ITenantedPrincipleNameResolver iTenantedPrincipleNameResolver) {
        this.roleNameUtils = iTenantedPrincipleNameResolver;
    }

    public List<String> getAllRoles(ITenant iTenant) {
        if (iTenant == null || iTenant.equals(JcrTenantUtils.getDefaultTenant())) {
            return getAllRoles();
        }
        throw new UnsupportedOperationException("only allowed to access to default tenant");
    }

    public List<String> getAllUsers(ITenant iTenant) {
        if (iTenant == null || iTenant.equals(JcrTenantUtils.getDefaultTenant())) {
            return getAllUsers();
        }
        throw new UnsupportedOperationException("only allowed to access to default tenant");
    }

    public List<String> getSystemRoles() {
        return this.systemRoles;
    }

    public void setSystemRoles(List<String> list) {
        this.systemRoles = list;
    }

    public void setExtraRoles(List<String> list) {
        this.extraRoles = list;
    }

    public List<String> getExtraRoles() {
        return this.extraRoles;
    }
}
