package org.guvnor.common.services.backend.migration;

import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.event.Observes;
import javax.inject.Inject;
import org.guvnor.structure.organizationalunit.OrganizationalUnit;
import org.guvnor.structure.organizationalunit.OrganizationalUnitService;
import org.guvnor.structure.repositories.Repository;
import org.guvnor.structure.repositories.RepositoryService;
import org.guvnor.structure.security.OrganizationalUnitAction;
import org.guvnor.structure.security.RepositoryAction;
import org.jboss.errai.security.shared.api.Group;
import org.jboss.errai.security.shared.api.GroupImpl;
import org.uberfire.backend.authz.AuthorizationPolicyStorage;
import org.uberfire.backend.events.AuthorizationPolicyDeployedEvent;
import org.uberfire.security.Resource;
import org.uberfire.security.authz.AuthorizationPolicy;
import org.uberfire.security.authz.Permission;
import org.uberfire.security.authz.PermissionManager;

@ApplicationScoped
/* loaded from: input_file:WEB-INF/lib/uberfire-services-backend-7.28.0-SNAPSHOT.jar:org/guvnor/common/services/backend/migration/ACLMigrationTool.class */
public class ACLMigrationTool {
    private OrganizationalUnitService organizationalUnitService;
    private RepositoryService repositoryService;
    private PermissionManager permissionManager;
    private AuthorizationPolicyStorage authorizationPolicyStorage;
    private Map<String, Group> groupMap = new HashMap();

    @Inject
    public ACLMigrationTool(OrganizationalUnitService organizationalUnitService, RepositoryService repositoryService, PermissionManager permissionManager, AuthorizationPolicyStorage authorizationPolicyStorage) {
        this.organizationalUnitService = organizationalUnitService;
        this.repositoryService = repositoryService;
        this.permissionManager = permissionManager;
        this.authorizationPolicyStorage = authorizationPolicyStorage;
    }

    public void onDeploy(@Observes AuthorizationPolicyDeployedEvent authorizationPolicyDeployedEvent) {
        AuthorizationPolicy policy = authorizationPolicyDeployedEvent.getPolicy();
        migrateOrgUnits(policy);
        migrateRepositories(policy);
        this.authorizationPolicyStorage.savePolicy(policy);
    }

    private Group getGroup(String str) {
        Group group = this.groupMap.get(str);
        if (group == null) {
            group = new GroupImpl(str);
            this.groupMap.put(str, group);
        }
        return group;
    }

    public void migrateOrgUnits(AuthorizationPolicy authorizationPolicy) {
        for (OrganizationalUnit organizationalUnit : this.organizationalUnitService.getAllOrganizationalUnits()) {
            Permission createPermission = this.permissionManager.createPermission((Resource) organizationalUnit, OrganizationalUnitAction.READ, true);
            Iterator<String> it = organizationalUnit.getGroups().iterator();
            while (it.hasNext()) {
                authorizationPolicy.getPermissions(getGroup(it.next())).add(createPermission);
            }
        }
    }

    public void migrateRepositories(AuthorizationPolicy authorizationPolicy) {
        for (Repository repository : this.repositoryService.getAllRepositoriesFromAllUserSpaces()) {
            Permission createPermission = this.permissionManager.createPermission((Resource) repository, RepositoryAction.READ, true);
            Iterator<String> it = repository.getGroups().iterator();
            while (it.hasNext()) {
                authorizationPolicy.getPermissions(getGroup(it.next())).add(createPermission);
            }
        }
    }
}
