package org.wildfly.extension.security.manager;

import java.security.AllPermission;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.as.controller.registry.Resource;
import org.jboss.as.server.AbstractDeploymentChainStep;
import org.jboss.as.server.DeploymentProcessorTarget;
import org.jboss.as.server.deployment.Phase;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.Property;
import org.jboss.modules.Module;
import org.jboss.modules.ModuleClassLoader;
import org.jboss.modules.ModuleIdentifier;
import org.jboss.modules.ModuleLoadException;
import org.jboss.modules.security.ImmediatePermissionFactory;
import org.jboss.modules.security.LoadedPermissionFactory;
import org.jboss.modules.security.PermissionFactory;
import org.jboss.msc.service.ServiceController;
import org.wildfly.extension.security.manager.deployment.PermissionsParseProcessor;
import org.wildfly.extension.security.manager.service.SecurityManagerService;
import org.wildfly.security.manager.WildFlySecurityManager;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/wildfly/extension/security/manager/SecurityManagerSubsystemAdd.class */
public class SecurityManagerSubsystemAdd extends AbstractAddStepHandler {
    static final SecurityManagerSubsystemAdd INSTANCE = new SecurityManagerSubsystemAdd();

    private SecurityManagerSubsystemAdd() {
    }

    protected void populateModel(ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
    }

    protected void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2, final ServiceVerificationHandler serviceVerificationHandler, final List<ServiceController<?>> list) throws OperationFailedException {
        operationContext.addStep(new OperationStepHandler() { // from class: org.wildfly.extension.security.manager.SecurityManagerSubsystemAdd.1
            public void execute(OperationContext operationContext2, ModelNode modelNode3) throws OperationFailedException {
                SecurityManagerSubsystemAdd.this.launchServices(operationContext2, Resource.Tools.readModel(operationContext2.readResource(PathAddress.EMPTY_ADDRESS)), serviceVerificationHandler, list);
                operationContext2.completeStep(OperationContext.RollbackHandler.NOOP_ROLLBACK_HANDLER);
            }
        }, OperationContext.Stage.RUNTIME);
    }

    protected void launchServices(OperationContext operationContext, ModelNode modelNode, ServiceVerificationHandler serviceVerificationHandler, List<ServiceController<?>> list) throws OperationFailedException {
        final List<PermissionFactory> retrievePermissionSet = retrievePermissionSet(operationContext, peek(modelNode, Constants.DEPLOYMENT_PERMISSIONS, Constants.DEFAULT_VALUE, Constants.MINIMUM_SET, Constants.DEFAULT_VALUE));
        final List<PermissionFactory> retrievePermissionSet2 = retrievePermissionSet(operationContext, peek(modelNode, Constants.DEPLOYMENT_PERMISSIONS, Constants.DEFAULT_VALUE, Constants.MAXIMUM_SET, Constants.DEFAULT_VALUE));
        if (retrievePermissionSet2.isEmpty()) {
            retrievePermissionSet2.add(new ImmediatePermissionFactory(new AllPermission()));
        }
        list.add(operationContext.getServiceTarget().addService(SecurityManagerService.SERVICE_NAME, new SecurityManagerService()).addListener(serviceVerificationHandler).setInitialMode(ServiceController.Mode.ACTIVE).install());
        operationContext.addStep(new AbstractDeploymentChainStep() { // from class: org.wildfly.extension.security.manager.SecurityManagerSubsystemAdd.2
            protected void execute(DeploymentProcessorTarget deploymentProcessorTarget) {
                deploymentProcessorTarget.addDeploymentProcessor(Constants.SUBSYSTEM_NAME, Phase.PARSE, 12544, new PermissionsParseProcessor(retrievePermissionSet, retrievePermissionSet2));
            }
        }, OperationContext.Stage.RUNTIME);
    }

    protected List<PermissionFactory> retrievePermissionSet(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        ArrayList arrayList = new ArrayList();
        if (modelNode != null && modelNode.hasDefined(Constants.PERMISSION)) {
            Iterator it = modelNode.get(Constants.PERMISSION).asPropertyList().iterator();
            while (it.hasNext()) {
                ModelNode value = ((Property) it.next()).getValue();
                String asString = PermissionResourceDefinition.CLASS.resolveModelAttribute(operationContext, value).asString();
                String str = null;
                if (value.hasDefined(Constants.PERMISSION_NAME)) {
                    str = PermissionResourceDefinition.NAME.resolveModelAttribute(operationContext, value).asString();
                }
                String str2 = null;
                if (value.hasDefined(Constants.PERMISSION_ACTIONS)) {
                    str2 = PermissionResourceDefinition.ACTIONS.resolveModelAttribute(operationContext, value).asString();
                }
                String str3 = null;
                if (value.hasDefined(Constants.PERMISSION_MODULE)) {
                    str3 = PermissionResourceDefinition.MODULE.resolveModelAttribute(operationContext, value).asString();
                }
                ModuleClassLoader classLoaderPrivileged = WildFlySecurityManager.getClassLoaderPrivileged(getClass());
                if (str3 != null) {
                    try {
                        classLoaderPrivileged = Module.getBootModuleLoader().loadModule(ModuleIdentifier.create(str3)).getClassLoader();
                    } catch (ModuleLoadException e) {
                        throw new OperationFailedException(e);
                    }
                }
                arrayList.add(new LoadedPermissionFactory(classLoaderPrivileged, asString, str, str2));
            }
        }
        return arrayList;
    }

    protected ModelNode peek(ModelNode modelNode, String... strArr) {
        for (String str : strArr) {
            if (!modelNode.hasDefined(str)) {
                return null;
            }
            modelNode = modelNode.get(str);
        }
        return modelNode;
    }
}
