package org.jboss.as.controller.access.rbac;

import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Locale;
import java.util.Set;
import org.jboss.as.controller.ControllerLogger;
import org.jboss.as.controller.access.Action;
import org.jboss.as.controller.access.Caller;
import org.jboss.as.controller.access.Environment;
import org.jboss.as.controller.access.JmxAction;
import org.jboss.as.controller.access.JmxTarget;
import org.jboss.as.controller.access.TargetAttribute;
import org.jboss.as.controller.access.TargetResource;
import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;

/* loaded from: input_file:org/jboss/as/controller/access/rbac/RunAsRoleMapper.class */
public class RunAsRoleMapper implements RoleMapper {
    private final RoleMapper realRoleMapper;

    public RunAsRoleMapper(RoleMapper roleMapper) {
        this.realRoleMapper = roleMapper;
    }

    @Override // org.jboss.as.controller.access.rbac.RoleMapper
    public Set<String> mapRoles(Caller caller, Environment environment, Action action, TargetAttribute targetAttribute) {
        return mapRoles(caller, this.realRoleMapper.mapRoles(caller, environment, action, targetAttribute), getOperationHeaderRoles(action.getOperation()), true);
    }

    @Override // org.jboss.as.controller.access.rbac.RoleMapper
    public Set<String> mapRoles(Caller caller, Environment environment, Action action, TargetResource targetResource) {
        return mapRoles(caller, this.realRoleMapper.mapRoles(caller, environment, action, targetResource), getOperationHeaderRoles(action.getOperation()), true);
    }

    @Override // org.jboss.as.controller.access.rbac.RoleMapper
    public Set<String> mapRoles(Caller caller, Environment environment, JmxAction jmxAction, JmxTarget jmxTarget) {
        return this.realRoleMapper.mapRoles(caller, environment, jmxAction, jmxTarget);
    }

    @Override // org.jboss.as.controller.access.rbac.RoleMapper
    public Set<String> mapRoles(Caller caller, Environment environment, Set<String> set) {
        return mapRoles(caller, this.realRoleMapper.mapRoles(caller, environment, null), set, false);
    }

    @Override // org.jboss.as.controller.access.rbac.RoleMapper
    public boolean canRunAs(Set<String> set, String str) {
        return false;
    }

    public static Set<String> getOperationHeaderRoles(ModelNode modelNode) {
        Set<String> set = null;
        if (modelNode.hasDefined(ModelDescriptionConstants.OPERATION_HEADERS)) {
            ModelNode modelNode2 = modelNode.get(ModelDescriptionConstants.OPERATION_HEADERS);
            if (modelNode2.hasDefined(ModelDescriptionConstants.ROLES)) {
                ModelNode modelNode3 = modelNode2.get(ModelDescriptionConstants.ROLES);
                if (modelNode3.getType() == ModelType.STRING) {
                    modelNode3 = parseRolesString(modelNode3.asString());
                }
                if (modelNode3.getType() == ModelType.STRING) {
                    set = Collections.singleton(getRoleFromText(modelNode3.asString()));
                } else {
                    set = new HashSet();
                    Iterator it = modelNode3.asList().iterator();
                    while (it.hasNext()) {
                        set.add(getRoleFromText(((ModelNode) it.next()).asString()));
                    }
                }
            }
        }
        return set;
    }

    private static ModelNode parseRolesString(String str) {
        String trim = str.trim();
        if (trim.startsWith("[") && trim.endsWith("]")) {
            try {
                return ModelNode.fromString(trim);
            } catch (Exception e) {
                trim = trim.substring(1, trim.length() - 1);
            }
        }
        if (!trim.contains(",")) {
            return new ModelNode(trim);
        }
        ModelNode emptyList = new ModelNode().setEmptyList();
        for (String str2 : trim.split(",")) {
            emptyList.add(str2.trim());
        }
        return emptyList;
    }

    private Set<String> mapRoles(Caller caller, Set<String> set, Set<String> set2, boolean z) {
        Set<String> set3 = set;
        if (set2 != null) {
            HashSet hashSet = new HashSet();
            for (String str : set2) {
                String roleFromText = z ? str : getRoleFromText(str);
                if (this.realRoleMapper.canRunAs(set, roleFromText)) {
                    hashSet.add(roleFromText);
                }
            }
            if (!hashSet.isEmpty()) {
                set3 = Collections.unmodifiableSet(hashSet);
                if (ControllerLogger.ACCESS_LOGGER.isTraceEnabled()) {
                    StringBuilder append = new StringBuilder("User '").append(caller.getName()).append("' Mapped to requested roles { ");
                    Iterator<String> it = set3.iterator();
                    while (it.hasNext()) {
                        append.append("'").append(it.next()).append("' ");
                    }
                    append.append("}");
                    ControllerLogger.ACCESS_LOGGER.trace(append.toString());
                }
            }
        }
        return set3;
    }

    private static String getRoleFromText(String str) {
        try {
            return StandardRole.valueOf(str.toUpperCase(Locale.ENGLISH)).toString();
        } catch (Exception e) {
            return str;
        }
    }
}
