package org.camunda.bpm.engine.impl.plugin;

import org.camunda.bpm.engine.AuthorizationService;
import org.camunda.bpm.engine.ProcessEngine;
import org.camunda.bpm.engine.authorization.Permissions;
import org.camunda.bpm.engine.authorization.Resources;
import org.camunda.bpm.engine.impl.ProcessEngineLogger;
import org.camunda.bpm.engine.impl.cfg.AbstractProcessEnginePlugin;
import org.camunda.bpm.engine.impl.cfg.ProcessEngineConfigurationImpl;
import org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity;

/* loaded from: input_file:BOOT-INF/lib/camunda-engine-7.18.0.jar:org/camunda/bpm/engine/impl/plugin/AdministratorAuthorizationPlugin.class */
public class AdministratorAuthorizationPlugin extends AbstractProcessEnginePlugin {
    private static final AdministratorAuthorizationPluginLogger LOG = ProcessEngineLogger.ADMIN_PLUGIN_LOGGER;
    protected String administratorGroupName;
    protected String administratorUserName;
    protected boolean authorizationEnabled;

    @Override // org.camunda.bpm.engine.impl.cfg.AbstractProcessEnginePlugin, org.camunda.bpm.engine.impl.cfg.ProcessEnginePlugin
    public void postInit(ProcessEngineConfigurationImpl processEngineConfigurationImpl) {
        this.authorizationEnabled = processEngineConfigurationImpl.isAuthorizationEnabled();
        if (this.administratorGroupName != null && this.administratorGroupName.length() > 0) {
            processEngineConfigurationImpl.getAdminGroups().add(this.administratorGroupName);
        }
        if (this.administratorUserName == null || this.administratorUserName.length() <= 0) {
            return;
        }
        processEngineConfigurationImpl.getAdminUsers().add(this.administratorUserName);
    }

    @Override // org.camunda.bpm.engine.impl.cfg.AbstractProcessEnginePlugin, org.camunda.bpm.engine.impl.cfg.ProcessEnginePlugin
    public void postProcessEngineBuild(ProcessEngine processEngine) {
        if (this.authorizationEnabled) {
            AuthorizationService authorizationService = processEngine.getAuthorizationService();
            if (this.administratorGroupName != null && this.administratorGroupName.length() > 0) {
                for (Resources resources : Resources.values()) {
                    if (authorizationService.createAuthorizationQuery().groupIdIn(this.administratorGroupName).resourceType(resources).resourceId("*").mo10500count() == 0) {
                        AuthorizationEntity authorizationEntity = new AuthorizationEntity(1);
                        authorizationEntity.setGroupId(this.administratorGroupName);
                        authorizationEntity.setResource(resources);
                        authorizationEntity.setResourceId("*");
                        authorizationEntity.addPermission(Permissions.ALL);
                        authorizationService.saveAuthorization(authorizationEntity);
                        LOG.grantGroupPermissions(this.administratorGroupName, resources.resourceName());
                    }
                }
            }
            if (this.administratorUserName == null || this.administratorUserName.length() <= 0) {
                return;
            }
            for (Resources resources2 : Resources.values()) {
                if (authorizationService.createAuthorizationQuery().userIdIn(this.administratorUserName).resourceType(resources2).resourceId("*").mo10500count() == 0) {
                    AuthorizationEntity authorizationEntity2 = new AuthorizationEntity(1);
                    authorizationEntity2.setUserId(this.administratorUserName);
                    authorizationEntity2.setResource(resources2);
                    authorizationEntity2.setResourceId("*");
                    authorizationEntity2.addPermission(Permissions.ALL);
                    authorizationService.saveAuthorization(authorizationEntity2);
                    LOG.grantUserPermissions(this.administratorUserName, resources2.resourceName());
                }
            }
        }
    }

    public String getAdministratorGroupName() {
        return this.administratorGroupName;
    }

    public void setAdministratorGroupName(String str) {
        this.administratorGroupName = str;
    }

    public String getAdministratorUserName() {
        return this.administratorUserName;
    }

    public void setAdministratorUserName(String str) {
        this.administratorUserName = str;
    }
}
