package org.jboss.as.domain.management.access;

import java.util.Locale;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.access.AuthorizerConfiguration;
import org.jboss.as.controller.access.management.WritableAuthorizerConfiguration;
import org.jboss.as.domain.management.logging.DomainManagementLogger;
import org.jboss.dmr.ModelNode;

/* loaded from: input_file:m2repo/org/wildfly/core/wildfly-domain-management/3.0.8.Final/wildfly-domain-management-3.0.8.Final.jar:org/jboss/as/domain/management/access/PrincipalRemove.class */
public class PrincipalRemove implements OperationStepHandler {
    private final WritableAuthorizerConfiguration authorizerConfiguration;
    private final WritableAuthorizerConfiguration.MatchType matchType;

    private PrincipalRemove(WritableAuthorizerConfiguration writableAuthorizerConfiguration, WritableAuthorizerConfiguration.MatchType matchType) {
        this.authorizerConfiguration = writableAuthorizerConfiguration;
        this.matchType = matchType;
    }

    public static OperationStepHandler createForInclude(WritableAuthorizerConfiguration writableAuthorizerConfiguration) {
        return new PrincipalRemove(writableAuthorizerConfiguration, WritableAuthorizerConfiguration.MatchType.INCLUDE);
    }

    public static OperationStepHandler createForExclude(WritableAuthorizerConfiguration writableAuthorizerConfiguration) {
        return new PrincipalRemove(writableAuthorizerConfiguration, WritableAuthorizerConfiguration.MatchType.EXCLUDE);
    }

    @Override // org.jboss.as.controller.OperationStepHandler
    public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        ModelNode model = operationContext.readResource(PathAddress.EMPTY_ADDRESS).getModel();
        String roleName = RoleMappingResourceDefinition.getRoleName(modelNode);
        AuthorizerConfiguration.PrincipalType principalType = PrincipalResourceDefinition.getPrincipalType(operationContext, model);
        String realm = PrincipalResourceDefinition.getRealm(operationContext, model);
        String name = PrincipalResourceDefinition.getName(operationContext, model);
        operationContext.removeResource(PathAddress.EMPTY_ADDRESS);
        if (this.matchType == WritableAuthorizerConfiguration.MatchType.INCLUDE) {
            RbacSanityCheckOperation.addOperation(operationContext);
        }
        registerRuntimeRemove(operationContext, roleName.toUpperCase(Locale.ENGLISH), principalType, name, realm);
    }

    private void registerRuntimeRemove(OperationContext operationContext, final String str, final AuthorizerConfiguration.PrincipalType principalType, final String str2, final String str3) {
        operationContext.addStep(new OperationStepHandler() { // from class: org.jboss.as.domain.management.access.PrincipalRemove.1
            @Override // org.jboss.as.controller.OperationStepHandler
            public void execute(OperationContext operationContext2, ModelNode modelNode) throws OperationFailedException {
                if (PrincipalRemove.this.authorizerConfiguration.removeRoleMappingPrincipal(str, principalType, PrincipalRemove.this.matchType, str2, str3)) {
                    PrincipalRemove.this.registerRollbackHandler(operationContext2, str, principalType, str2, str3);
                } else {
                    operationContext2.restartRequired();
                    throw DomainManagementLogger.ROOT_LOGGER.inconsistentRbacRuntimeState();
                }
            }
        }, OperationContext.Stage.RUNTIME);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void registerRollbackHandler(OperationContext operationContext, final String str, final AuthorizerConfiguration.PrincipalType principalType, final String str2, final String str3) {
        operationContext.completeStep(new OperationContext.RollbackHandler() { // from class: org.jboss.as.domain.management.access.PrincipalRemove.2
            @Override // org.jboss.as.controller.OperationContext.RollbackHandler
            public void handleRollback(OperationContext operationContext2, ModelNode modelNode) {
                if (PrincipalRemove.this.authorizerConfiguration.addRoleMappingPrincipal(str, principalType, PrincipalRemove.this.matchType, str2, str3, false)) {
                    return;
                }
                operationContext2.restartRequired();
            }
        });
    }
}
