package org.wildfly.extension.picketlink.idm.model;

import java.util.Iterator;
import java.util.List;
import java.util.function.Function;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.access.constraint.SensitivityClassification;
import org.jboss.as.controller.access.management.AccessConstraintDefinition;
import org.jboss.as.controller.access.management.SensitiveTargetAccessConstraintDefinition;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.Resource;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.dmr.Property;
import org.wildfly.extension.picketlink.common.model.ModelElement;
import org.wildfly.extension.picketlink.idm.IDMExtension;
import org.wildfly.extension.picketlink.logging.PicketLinkLogger;

/* loaded from: input_file:org/wildfly/extension/picketlink/idm/model/PartitionManagerResourceDefinition.class */
public class PartitionManagerResourceDefinition extends AbstractIDMResourceDefinition {
    private static final List<AccessConstraintDefinition> CONSTRAINTS = new SensitiveTargetAccessConstraintDefinition(new SensitivityClassification(IDMExtension.SUBSYSTEM_NAME, "partition-manager", false, true, true)).wrapAsList();
    public static final SimpleAttributeDefinition IDENTITY_MANAGEMENT_JNDI_URL = new SimpleAttributeDefinitionBuilder(ModelElement.IDENTITY_MANAGEMENT_JNDI_NAME.getName(), ModelType.STRING, false).setAllowExpression(true).build();
    public static final PartitionManagerResourceDefinition INSTANCE = new PartitionManagerResourceDefinition();

    private PartitionManagerResourceDefinition() {
        super(ModelElement.PARTITION_MANAGER, Function.identity(), IDENTITY_MANAGEMENT_JNDI_URL);
        setDeprecated(IDMExtension.DEPRECATED_SINCE);
    }

    public void registerChildren(ManagementResourceRegistration managementResourceRegistration) {
        addChildResourceDefinition(IdentityConfigurationResourceDefinition.INSTANCE, managementResourceRegistration);
    }

    public List<AccessConstraintDefinition> getAccessConstraints() {
        return CONSTRAINTS;
    }

    public static void validateModel(OperationContext operationContext, PathAddress pathAddress) throws OperationFailedException {
        ModelNode partitionManagerModel = getPartitionManagerModel(operationContext, pathAddress);
        if (partitionManagerModel == null) {
            return;
        }
        ModelNode modelNode = partitionManagerModel.get(ModelElement.IDENTITY_CONFIGURATION.getName());
        if (!modelNode.isDefined()) {
            throw PicketLinkLogger.ROOT_LOGGER.idmNoIdentityConfigurationProvided();
        }
        for (Property property : modelNode.asPropertyList()) {
            String name = property.getName();
            if (!property.getValue().isDefined()) {
                throw PicketLinkLogger.ROOT_LOGGER.idmNoIdentityStoreProvided(name);
            }
            Iterator it = property.getValue().asList().iterator();
            while (it.hasNext()) {
                configureIdentityStore(operationContext, (ModelNode) it.next());
            }
        }
    }

    private static ModelNode getPartitionManagerModel(OperationContext operationContext, PathAddress pathAddress) {
        try {
            return Resource.Tools.readModel(operationContext.readResourceFromRoot(pathAddress));
        } catch (Resource.NoSuchResourceException e) {
            return null;
        }
    }

    private static void configureIdentityStore(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        Property asProperty = modelNode.asProperty();
        String name = asProperty.getName();
        ModelNode value = asProperty.getValue().asProperty().getValue();
        if (name.equals(ModelElement.LDAP_STORE.getName()) && !value.hasDefined(ModelElement.LDAP_STORE_MAPPING.getName())) {
            throw PicketLinkLogger.ROOT_LOGGER.idmLdapNoMappingDefined();
        }
        validateSupportedTypes(operationContext, value);
    }

    private static void validateSupportedTypes(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        boolean hasDefined = modelNode.hasDefined(ModelElement.SUPPORTED_TYPES.getName());
        if (hasDefined) {
            ModelNode value = modelNode.get(ModelElement.SUPPORTED_TYPES.getName()).asProperty().getValue();
            try {
                hasDefined = SupportedTypesResourceDefinition.SUPPORTS_ALL.resolveModelAttribute(operationContext, value).asBoolean();
            } catch (OperationFailedException e) {
                if (value.get(SupportedTypesResourceDefinition.SUPPORTS_ALL.getName()).getType() != ModelType.EXPRESSION) {
                    throw e;
                }
                hasDefined = true;
            }
            if (value.hasDefined(ModelElement.SUPPORTED_TYPE.getName())) {
                Iterator it = value.get(ModelElement.SUPPORTED_TYPE.getName()).asPropertyList().iterator();
                while (it.hasNext()) {
                    ModelNode value2 = ((Property) it.next()).getValue();
                    if (!value2.hasDefined(SupportedTypeResourceDefinition.CLASS_NAME.getName()) && !value2.hasDefined(SupportedTypeResourceDefinition.CODE.getName())) {
                        throw PicketLinkLogger.ROOT_LOGGER.typeNotProvided(ModelElement.SUPPORTED_TYPE.getName());
                    }
                    hasDefined = true;
                }
            }
        }
        if (!hasDefined) {
            throw PicketLinkLogger.ROOT_LOGGER.idmNoSupportedTypesDefined();
        }
    }
}
