package org.jboss.as.domain.management.access;

import java.util.Iterator;
import java.util.Set;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.SimpleOperationDefinition;
import org.jboss.as.controller.SimpleOperationDefinitionBuilder;
import org.jboss.as.controller.access.Authorizer;
import org.jboss.as.controller.access.Caller;
import org.jboss.as.controller.access.Environment;
import org.jboss.as.controller.access.rbac.RunAsRoleMapper;
import org.jboss.as.domain.management.ModelDescriptionConstants;
import org.jboss.as.domain.management._private.DomainManagementResolver;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;

/* loaded from: input_file:m2repo/org/wildfly/core/wildfly-domain-management/7.0.0.Final/wildfly-domain-management-7.0.0.Final.jar:org/jboss/as/domain/management/access/IsCallerInRoleOperation.class */
public class IsCallerInRoleOperation implements OperationStepHandler {
    public static final SimpleOperationDefinition DEFINITION = new SimpleOperationDefinitionBuilder(ModelDescriptionConstants.IS_CALLER_IN_ROLE, DomainManagementResolver.getResolver("core", "management", org.jboss.as.controller.descriptions.ModelDescriptionConstants.ACCESS_CONTROL)).setReplyType(ModelType.BOOLEAN).setReadOnly().build();
    private final Authorizer authorizer;

    private IsCallerInRoleOperation(Authorizer authorizer) {
        this.authorizer = authorizer;
    }

    @Override // org.jboss.as.controller.OperationStepHandler
    public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        String roleName = RoleMappingResourceDefinition.getRoleName(modelNode);
        if (operationContext.getCurrentStage() == OperationContext.Stage.MODEL) {
            operationContext.addStep(this, OperationContext.Stage.RUNTIME);
            return;
        }
        operationContext.getResult().set(isCallerInRole(roleName, operationContext.getCaller(), operationContext.getCallEnvironment(), RunAsRoleMapper.getOperationHeaderRoles(modelNode)));
    }

    private boolean isCallerInRole(String str, Caller caller, Environment environment, Set<String> set) {
        Set<String> callerRoles = this.authorizer.getCallerRoles(caller, environment, set);
        if (callerRoles == null) {
            return false;
        }
        if (callerRoles.contains(str)) {
            return true;
        }
        Iterator<String> it = callerRoles.iterator();
        while (it.hasNext()) {
            if (it.next().equalsIgnoreCase(str)) {
                return true;
            }
        }
        return false;
    }

    public static OperationStepHandler create(Authorizer authorizer) {
        return new IsCallerInRoleOperation(authorizer);
    }
}
