package org.pentaho.platform.repository2.mt;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.EnumSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.jcr.ItemNotFoundException;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import org.pentaho.platform.api.engine.security.userroledao.IPentahoRole;
import org.pentaho.platform.api.engine.security.userroledao.IPentahoUser;
import org.pentaho.platform.api.engine.security.userroledao.IUserRoleDao;
import org.pentaho.platform.api.mt.ITenant;
import org.pentaho.platform.api.mt.ITenantManager;
import org.pentaho.platform.api.mt.ITenantedPrincipleNameResolver;
import org.pentaho.platform.api.repository2.unified.RepositoryFile;
import org.pentaho.platform.api.repository2.unified.RepositoryFileAcl;
import org.pentaho.platform.api.repository2.unified.RepositoryFilePermission;
import org.pentaho.platform.api.repository2.unified.RepositoryFileSid;
import org.pentaho.platform.core.mt.Tenant;
import org.pentaho.platform.repository2.unified.IRepositoryFileAclDao;
import org.pentaho.platform.repository2.unified.IRepositoryFileDao;
import org.pentaho.platform.repository2.unified.ServerRepositoryPaths;
import org.pentaho.platform.repository2.unified.jcr.DefaultPathConversionHelper;
import org.pentaho.platform.repository2.unified.jcr.IPathConversionHelper;
import org.pentaho.platform.repository2.unified.jcr.JcrRepositoryFileUtils;
import org.pentaho.platform.repository2.unified.jcr.JcrTenantUtils;
import org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants;
import org.pentaho.platform.security.policy.rolebased.IRoleAuthorizationPolicyRoleBindingDao;
import org.springframework.util.Assert;

/* loaded from: input_file:org/pentaho/platform/repository2/mt/AbstractRepositoryTenantManager.class */
public abstract class AbstractRepositoryTenantManager implements ITenantManager {
    public static final String FOLDER_NAME_AUTHZ = ".authz";
    public static final String FOLDER_NAME_ROLEBASED = "roleBased";
    public static final String FOLDER_NAME_RUNTIMEROLES = "runtimeRoles";
    protected IRepositoryFileAclDao repositoryFileAclDao;
    protected IRoleAuthorizationPolicyRoleBindingDao roleBindingDao;
    protected IUserRoleDao userRoleDao;
    protected IRepositoryFileDao repositoryFileDao;
    protected ITenantedPrincipleNameResolver tenantedRoleNameResolver;
    protected ITenantedPrincipleNameResolver tenantedUserNameResolver;
    protected String repositoryAdminUsername;
    protected String tenantAdminRoleName;
    protected String tenantAuthenticatedRoleName;
    protected List<String> singleTenantAuthenticatedAuthorityRoleBindingList;
    protected IPathConversionHelper pathConversionHelper = new DefaultPathConversionHelper();

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractRepositoryTenantManager(IRepositoryFileDao iRepositoryFileDao, IUserRoleDao iUserRoleDao, IRepositoryFileAclDao iRepositoryFileAclDao, IRoleAuthorizationPolicyRoleBindingDao iRoleAuthorizationPolicyRoleBindingDao, String str, String str2, ITenantedPrincipleNameResolver iTenantedPrincipleNameResolver, ITenantedPrincipleNameResolver iTenantedPrincipleNameResolver2, String str3, List<String> list) {
        Assert.notNull(iRepositoryFileDao);
        Assert.notNull(iRepositoryFileAclDao);
        Assert.notNull(iRoleAuthorizationPolicyRoleBindingDao);
        Assert.hasText(str);
        Assert.hasText(str2);
        this.repositoryFileDao = iRepositoryFileDao;
        this.repositoryFileAclDao = iRepositoryFileAclDao;
        this.userRoleDao = iUserRoleDao;
        this.roleBindingDao = iRoleAuthorizationPolicyRoleBindingDao;
        this.repositoryAdminUsername = str;
        this.tenantAdminRoleName = str3;
        this.tenantAuthenticatedRoleName = str2;
        this.tenantedRoleNameResolver = iTenantedPrincipleNameResolver2;
        this.tenantedUserNameResolver = iTenantedPrincipleNameResolver;
        this.singleTenantAuthenticatedAuthorityRoleBindingList = list;
    }

    public void deleteTenants(Session session, List<ITenant> list) throws RepositoryException {
        Iterator<ITenant> it = list.iterator();
        while (it.hasNext()) {
            deleteTenant(session, it.next());
        }
    }

    private void deleteUserRole(Session session, ITenant iTenant, List<ITenant> list) throws RepositoryException {
        for (ITenant iTenant2 : list) {
            deleteUserRole(session, iTenant2, getChildTenants(session, iTenant2));
        }
        Iterator it = this.userRoleDao.getRoles(iTenant).iterator();
        while (it.hasNext()) {
            this.userRoleDao.deleteRole((IPentahoRole) it.next());
        }
        Iterator it2 = this.userRoleDao.getUsers(iTenant).iterator();
        while (it2.hasNext()) {
            this.userRoleDao.deleteUser((IPentahoUser) it2.next());
        }
    }

    public void deleteTenant(Session session, ITenant iTenant) throws RepositoryException {
        deleteUserRole(session, iTenant, getChildTenants(session, iTenant));
        this.repositoryFileDao.permanentlyDeleteFile(getTenantRootFolder(session, iTenant).getId(), "tenant delete");
    }

    public void enableTenant(Session session, ITenant iTenant, boolean z) throws ItemNotFoundException, RepositoryException {
        Map<String, Serializable> fileMetadata = JcrRepositoryFileUtils.getFileMetadata(session, getTenantRootFolder(session, iTenant).getId());
        fileMetadata.put("isTenantEnabled", Boolean.valueOf(z));
        JcrRepositoryFileUtils.setFileMetadata(session, getTenantRootFolder(session, iTenant).getId(), fileMetadata);
    }

    public RepositoryFile getTenantRootFolder(ITenant iTenant) {
        RepositoryFile fileByAbsolutePath = this.repositoryFileDao.getFileByAbsolutePath(iTenant.getRootFolderAbsolutePath());
        if (fileByAbsolutePath != null) {
            Map<String, Serializable> fileMetadata = this.repositoryFileDao.getFileMetadata(fileByAbsolutePath.getId());
            if (!fileMetadata.containsKey("isTenantRoot") || !((Boolean) fileMetadata.get("isTenantRoot")).booleanValue()) {
                fileByAbsolutePath = null;
            }
        }
        return fileByAbsolutePath;
    }

    private RepositoryFile getTenantRootFolder(Session session, ITenant iTenant) throws RepositoryException {
        RepositoryFile fileByAbsolutePath = JcrRepositoryFileUtils.getFileByAbsolutePath(session, iTenant.getRootFolderAbsolutePath(), this.pathConversionHelper, null, false, null);
        if (fileByAbsolutePath != null) {
            Map<String, Serializable> fileMetadata = JcrRepositoryFileUtils.getFileMetadata(session, fileByAbsolutePath.getId());
            if (!fileMetadata.containsKey("isTenantRoot") || !((Boolean) fileMetadata.get("isTenantRoot")).booleanValue()) {
                fileByAbsolutePath = null;
            }
        }
        return fileByAbsolutePath;
    }

    public void enableTenants(Session session, List<ITenant> list, boolean z) throws ItemNotFoundException, RepositoryException {
        Iterator<ITenant> it = list.iterator();
        while (it.hasNext()) {
            enableTenant(session, it.next(), z);
        }
    }

    public List<ITenant> getChildTenants(Session session, ITenant iTenant, boolean z) throws RepositoryException {
        ArrayList arrayList = new ArrayList();
        for (RepositoryFile repositoryFile : JcrRepositoryFileUtils.getChildren(session, new PentahoJcrConstants(session), this.pathConversionHelper, null, getTenantRootFolder(session, iTenant).getId(), null)) {
            Map<String, Serializable> fileMetadata = JcrRepositoryFileUtils.getFileMetadata(session, repositoryFile.getId());
            if (fileMetadata.containsKey("isTenantRoot") && ((Boolean) fileMetadata.get("isTenantRoot")).booleanValue()) {
                Tenant tenant = new Tenant(repositoryFile.getPath(), Boolean.valueOf(isTenantEnabled(session, repositoryFile.getId())));
                if (z || tenant.isEnabled()) {
                    arrayList.add(new Tenant(this.pathConversionHelper.relToAbs(repositoryFile.getPath()), Boolean.valueOf(isTenantEnabled(session, repositoryFile.getId()))));
                }
            }
        }
        return arrayList;
    }

    public List<ITenant> getChildTenants(Session session, ITenant iTenant) throws RepositoryException {
        return getChildTenants(session, iTenant, false);
    }

    public void updateTentant(Session session, String str, Map<String, Serializable> map) {
    }

    protected void createInitialTenantFolders(Session session, RepositoryFile repositoryFile, RepositoryFileSid repositoryFileSid, RepositoryFileSid repositoryFileSid2) throws RepositoryException {
        this.repositoryFileDao.createFolder(repositoryFile.getId(), new RepositoryFile.Builder(ServerRepositoryPaths.getTenantPublicFolderName()).folder(true).build(), new RepositoryFileAcl.Builder(repositoryFileSid).build(), null);
        this.repositoryFileDao.createFolder(repositoryFile.getId(), new RepositoryFile.Builder(ServerRepositoryPaths.getTenantEtcFolderName()).folder(true).build(), new RepositoryFileAcl.Builder(repositoryFileSid).build(), null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setAsSystemFolder(Serializable serializable) {
        Map<String, Serializable> fileMetadata = this.repositoryFileDao.getFileMetadata(serializable);
        fileMetadata.put("system_folder", true);
        this.repositoryFileDao.setFileMetadata(serializable, fileMetadata);
    }

    private boolean isTenantEnabled(Session session, Serializable serializable) throws ItemNotFoundException, RepositoryException {
        Map<String, Serializable> fileMetadata = JcrRepositoryFileUtils.getFileMetadata(session, serializable);
        return fileMetadata.containsKey("isTenantEnabled") && ((Boolean) fileMetadata.get("isTenantEnabled")).booleanValue();
    }

    public boolean isSubTenant(Session session, ITenant iTenant, ITenant iTenant2) {
        return internalIsSubTenant(iTenant, iTenant2);
    }

    private boolean internalIsSubTenant(ITenant iTenant, List<ITenant> list) {
        for (ITenant iTenant2 : list) {
            if (iTenant2 != null && iTenant2.equals(list)) {
                return true;
            }
        }
        return false;
    }

    private boolean internalIsSubTenant(ITenant iTenant, ITenant iTenant2) {
        if (iTenant.equals(iTenant2)) {
            return true;
        }
        List childTenants = getChildTenants(iTenant);
        if (childTenants == null || childTenants.size() <= 0) {
            return false;
        }
        if (internalIsSubTenant(iTenant2, (List<ITenant>) childTenants)) {
            return true;
        }
        Iterator it = childTenants.iterator();
        while (it.hasNext()) {
            boolean internalIsSubTenant = internalIsSubTenant((ITenant) it.next(), iTenant2);
            if (internalIsSubTenant) {
                return internalIsSubTenant;
            }
        }
        return false;
    }

    public ITenant getTenant(Session session, String str) throws RepositoryException {
        Tenant tenant = null;
        RepositoryFile fileByAbsolutePath = JcrRepositoryFileUtils.getFileByAbsolutePath(session, str, this.pathConversionHelper, null, false, null);
        if (fileByAbsolutePath != null && isTenantRoot(session, fileByAbsolutePath.getId())) {
            tenant = new Tenant(str, Boolean.valueOf(isTenantEnabled(session, fileByAbsolutePath.getId())));
        }
        return tenant;
    }

    private boolean isTenantRoot(Session session, Serializable serializable) throws ItemNotFoundException, RepositoryException {
        Map<String, Serializable> fileMetadata = JcrRepositoryFileUtils.getFileMetadata(session, serializable);
        return fileMetadata.containsKey("isTenantRoot") && ((Boolean) fileMetadata.get("isTenantRoot")).booleanValue();
    }

    public RepositoryFile createUserHomeFolder(ITenant iTenant, String str) {
        RepositoryFileAcl.Builder ace;
        RepositoryFile repositoryFile = null;
        RepositoryFileSid repositoryFileSid = new RepositoryFileSid(this.tenantedUserNameResolver.getPrincipleId(iTenant, str));
        String principalName = JcrTenantUtils.getPrincipalName(str, true);
        if (iTenant == null) {
            iTenant = JcrTenantUtils.getTenant(principalName, true);
        }
        RepositoryFile fileByAbsolutePath = this.repositoryFileDao.getFileByAbsolutePath(ServerRepositoryPaths.getTenantRootFolderPath(iTenant));
        if (fileByAbsolutePath != null) {
            RepositoryFile fileByAbsolutePath2 = this.repositoryFileDao.getFileByAbsolutePath(ServerRepositoryPaths.getTenantHomeFolderPath(iTenant));
            if (fileByAbsolutePath2 == null) {
                RepositoryFileSid repositoryFileSid2 = new RepositoryFileSid(this.tenantedUserNameResolver.getPrincipleId(iTenant, principalName), RepositoryFileSid.Type.USER);
                RepositoryFileAcl.Builder ace2 = new RepositoryFileAcl.Builder(repositoryFileSid).ace(new RepositoryFileSid(this.tenantedRoleNameResolver.getPrincipleId(iTenant, this.tenantAuthenticatedRoleName), RepositoryFileSid.Type.ROLE), EnumSet.of(RepositoryFilePermission.READ));
                ace = new RepositoryFileAcl.Builder(repositoryFileSid).ace(repositoryFileSid2, EnumSet.of(RepositoryFilePermission.ALL));
                fileByAbsolutePath2 = this.repositoryFileDao.createFolder(fileByAbsolutePath.getId(), new RepositoryFile.Builder(ServerRepositoryPaths.getTenantHomeFolderName()).folder(true).build(), ace2.build(), "tenant home folder");
            } else {
                ace = new RepositoryFileAcl.Builder(repositoryFileSid).ace(new RepositoryFileSid(this.tenantedUserNameResolver.getPrincipleId(iTenant, principalName), RepositoryFileSid.Type.USER), EnumSet.of(RepositoryFilePermission.ALL));
            }
            repositoryFile = this.repositoryFileDao.getFileByAbsolutePath(ServerRepositoryPaths.getUserHomeFolderPath(iTenant, principalName));
            if (repositoryFile == null) {
                repositoryFile = this.repositoryFileDao.createFolder(fileByAbsolutePath2.getId(), new RepositoryFile.Builder(principalName).folder(true).build(), ace.build(), "user home folder");
            }
        }
        return repositoryFile;
    }

    public RepositoryFile getUserHomeFolder(ITenant iTenant, String str) {
        return this.repositoryFileDao.getFileByAbsolutePath(ServerRepositoryPaths.getUserHomeFolderPath(iTenant, str));
    }
}
