package com.marklogic.hub.deploy.commands;

import com.marklogic.appdeployer.command.Command;
import com.marklogic.appdeployer.command.CommandContext;
import com.marklogic.appdeployer.command.SortOrderConstants;
import com.marklogic.appdeployer.command.UndoableCommand;
import com.marklogic.hub.DatabaseKind;
import com.marklogic.hub.HubConfig;
import com.marklogic.mgmt.ManageClient;
import com.marklogic.mgmt.api.API;
import com.marklogic.mgmt.api.security.Privilege;
import com.marklogic.mgmt.mapper.DefaultResourceMapper;
import com.marklogic.mgmt.resource.security.PrivilegeManager;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

/* loaded from: input_file:com/marklogic/hub/deploy/commands/CreateGranularPrivilegesCommand.class */
public class CreateGranularPrivilegesCommand implements Command, UndoableCommand {
    private HubConfig hubConfig;
    private List<String> groupNames;

    public CreateGranularPrivilegesCommand(HubConfig hubConfig) {
        this.hubConfig = hubConfig;
    }

    public CreateGranularPrivilegesCommand(HubConfig hubConfig, List<String> list) {
        this.hubConfig = hubConfig;
        this.groupNames = list;
    }

    public Integer getExecuteSortOrder() {
        return Integer.MAX_VALUE;
    }

    public Integer getUndoSortOrder() {
        return SortOrderConstants.DELETE_PRIVILEGES;
    }

    public void execute(CommandContext commandContext) {
        String dbName = this.hubConfig.getDbName(DatabaseKind.FINAL);
        String dbName2 = this.hubConfig.getDbName(DatabaseKind.STAGING);
        String dbName3 = this.hubConfig.getDbName(DatabaseKind.FINAL_TRIGGERS);
        String dbName4 = this.hubConfig.getDbName(DatabaseKind.STAGING_TRIGGERS);
        PrivilegeManager privilegeManager = new PrivilegeManager(commandContext.getManageClient());
        buildPrivilegesThatDhsMayHaveCreated(commandContext.getManageClient()).forEach(privilege -> {
            privilegeManager.save(privilege.getJson());
        });
        Privilege privilege2 = new Privilege((API) null, "admin-database-triggers-" + dbName4);
        privilege2.setKind("execute");
        privilege2.setAction("http://marklogic.com/xdmp/privileges/admin/database/triggers/$$database-id(" + dbName4 + ")");
        privilege2.addRole("data-hub-developer");
        privilegeManager.save(privilege2.getJson());
        privilege2.setPrivilegeName("admin-database-triggers-" + dbName3);
        privilege2.setAction("http://marklogic.com/xdmp/privileges/admin/database/triggers/$$database-id(" + dbName3 + ")");
        privilegeManager.save(privilege2.getJson());
        privilege2.setPrivilegeName("admin-database-temporal-" + dbName2);
        privilege2.setAction("http://marklogic.com/xdmp/privileges/admin/database/temporal/$$database-id(" + dbName2 + ")");
        privilegeManager.save(privilege2.getJson());
        privilege2.setPrivilegeName("admin-database-temporal-" + dbName);
        privilege2.setAction("http://marklogic.com/xdmp/privileges/admin/database/temporal/$$database-id(" + dbName + ")");
        privilegeManager.save(privilege2.getJson());
        privilege2.setPrivilegeName("admin-database-alerts-" + dbName2);
        privilege2.setAction("http://marklogic.com/xdmp/privileges/admin/database/alerts/$$database-id(" + dbName2 + ")");
        privilegeManager.save(privilege2.getJson());
        privilege2.setPrivilegeName("admin-database-alerts-" + dbName);
        privilege2.setAction("http://marklogic.com/xdmp/privileges/admin/database/alerts/$$database-id(" + dbName + ")");
        privilegeManager.save(privilege2.getJson());
        buildScheduledTaskPrivileges().forEach(privilege3 -> {
            privilegeManager.save(privilege3.getJson());
        });
    }

    public void undo(CommandContext commandContext) {
        String dbName = this.hubConfig.getDbName(DatabaseKind.FINAL);
        String dbName2 = this.hubConfig.getDbName(DatabaseKind.STAGING);
        String dbName3 = this.hubConfig.getDbName(DatabaseKind.JOB);
        String dbName4 = this.hubConfig.getDbName(DatabaseKind.FINAL_TRIGGERS);
        String dbName5 = this.hubConfig.getDbName(DatabaseKind.STAGING_TRIGGERS);
        PrivilegeManager privilegeManager = new PrivilegeManager(commandContext.getManageClient());
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-clear-" + dbName + "?kind=execute");
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-clear-" + dbName2 + "?kind=execute");
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-clear-" + dbName3 + "?kind=execute");
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-index-" + dbName + "?kind=execute");
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-index-" + dbName2 + "?kind=execute");
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-index-" + dbName3 + "?kind=execute");
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-triggers-" + dbName4 + "?kind=execute");
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-triggers-" + dbName5 + "?kind=execute");
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-temporal-" + dbName + "?kind=execute");
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-temporal-" + dbName2 + "?kind=execute");
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-alerts-" + dbName + "?kind=execute");
        privilegeManager.deleteAtPath("/manage/v2/privileges/admin-database-alerts-" + dbName2 + "?kind=execute");
        getGroupNamesForScheduledTaskPrivileges().forEach(str -> {
            privilegeManager.deleteAtPath("/manage/v2/privileges/admin-group-scheduled-task-" + str + "?kind=execute");
        });
    }

    protected List<Privilege> buildPrivilegesThatDhsMayHaveCreated(ManageClient manageClient) {
        List<String> listItemNameRefs = new PrivilegeManager(manageClient).getAsXml().getListItemNameRefs();
        String dbName = this.hubConfig.getDbName(DatabaseKind.STAGING);
        String dbName2 = this.hubConfig.getDbName(DatabaseKind.FINAL);
        String dbName3 = this.hubConfig.getDbName(DatabaseKind.JOB);
        ArrayList arrayList = new ArrayList();
        arrayList.add(buildPrivilege(manageClient, "admin-database-clear-" + dbName, "http://marklogic.com/xdmp/privileges/admin/database/clear/$$database-id(" + dbName + ")", "clear-data-hub-STAGING", listItemNameRefs, "data-hub-admin"));
        arrayList.add(buildPrivilege(manageClient, "admin-database-clear-" + dbName2, "http://marklogic.com/xdmp/privileges/admin/database/clear/$$database-id(" + dbName2 + ")", "clear-data-hub-FINAL", listItemNameRefs, "data-hub-admin"));
        arrayList.add(buildPrivilege(manageClient, "admin-database-clear-" + dbName3, "http://marklogic.com/xdmp/privileges/admin/database/clear/$$database-id(" + dbName3 + ")", "clear-data-hub-JOBS", listItemNameRefs, "data-hub-admin"));
        arrayList.add(buildPrivilege(manageClient, "admin-database-index-" + dbName, "http://marklogic.com/xdmp/privileges/admin/database/index/$$database-id(" + dbName + ")", "STAGING-index-editor", listItemNameRefs, "data-hub-developer"));
        arrayList.add(buildPrivilege(manageClient, "admin-database-index-" + dbName2, "http://marklogic.com/xdmp/privileges/admin/database/index/$$database-id(" + dbName2 + ")", "FINAL-index-editor", listItemNameRefs, "data-hub-developer"));
        arrayList.add(buildPrivilege(manageClient, "admin-database-index-" + dbName3, "http://marklogic.com/xdmp/privileges/admin/database/index/$$database-id(" + dbName3 + ")", "JOBS-index-editor", listItemNameRefs, "data-hub-developer"));
        return arrayList;
    }

    protected Privilege buildPrivilege(ManageClient manageClient, String str, String str2, String str3, List<String> list, String str4) {
        Privilege privilege;
        if (list.contains(str3)) {
            privilege = (Privilege) new DefaultResourceMapper(new API(manageClient)).readResource(new PrivilegeManager(manageClient).getAsJson(str3, new String[]{"kind", "execute"}), Privilege.class);
        } else {
            privilege = new Privilege((API) null, str);
            privilege.setKind("execute");
            privilege.setAction(str2);
        }
        privilege.addRole(str4);
        return privilege;
    }

    protected List<Privilege> buildScheduledTaskPrivileges() {
        ArrayList arrayList = new ArrayList();
        getGroupNamesForScheduledTaskPrivileges().forEach(str -> {
            Privilege privilege = new Privilege((API) null, "admin-group-scheduled-task-" + str);
            privilege.setKind("execute");
            privilege.setAction("http://marklogic.com/xdmp/privileges/admin/group/scheduled-task/$$group-id(" + str + ")");
            privilege.addRole("data-hub-developer");
            arrayList.add(privilege);
        });
        return arrayList;
    }

    protected List<String> getGroupNamesForScheduledTaskPrivileges() {
        return (this.groupNames == null || this.groupNames.isEmpty()) ? Arrays.asList(this.hubConfig.getAppConfig().getGroupName()) : this.groupNames;
    }

    public List<String> getGroupNames() {
        return this.groupNames;
    }
}
