package org.mycore.frontend.cli;

import java.io.File;
import java.io.FileOutputStream;
import java.util.Iterator;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.jdom2.Document;
import org.jdom2.Element;
import org.jdom2.output.Format;
import org.jdom2.output.XMLOutputter;
import org.mycore.access.MCRAccessInterface;
import org.mycore.access.MCRAccessManager;
import org.mycore.common.MCRConstants;
import org.mycore.common.MCRException;
import org.mycore.common.config.MCRConfiguration2;
import org.mycore.common.content.MCRFileContent;
import org.mycore.common.xml.MCRXMLParserFactory;
import org.mycore.frontend.MCRWebsiteWriteProtection;
import org.mycore.frontend.cli.annotation.MCRCommandGroup;

@MCRCommandGroup(name = "Access Commands")
/* loaded from: input_file:org/mycore/frontend/cli/MCRAccessCommands.class */
public class MCRAccessCommands extends MCRAbstractCommands {
    private static Logger LOGGER = LogManager.getLogger(MCRAccessCommands.class.getName());

    private static boolean checkFilename(String str) {
        if (!str.endsWith(".xml")) {
            LOGGER.warn("{} ignored, does not end with *.xml", str);
            return false;
        }
        if (new File(str).isFile()) {
            return true;
        }
        LOGGER.warn("{} ignored, is not a file.", str);
        return false;
    }

    public static void createPermissionsFromFile(String str) throws Exception {
        MCRAccessInterface accessImpl = MCRAccessManager.getAccessImpl();
        if (checkFilename(str)) {
            LOGGER.info("Reading file {} ...", str);
            Element rootElement = MCRXMLParserFactory.getValidatingParser().parseXML(new MCRFileContent(str)).getRootElement();
            if (!rootElement.getName().equals("mcrpermissions")) {
                throw new MCRException("The data are not for mcrpermissions.");
            }
            for (Element element : rootElement.getChildren("mcrpermission")) {
                String trim = element.getAttributeValue("name").trim();
                String attributeValue = element.getAttributeValue("ruledescription");
                if (attributeValue == null) {
                    attributeValue = "";
                }
                Element clone = element.getChild("condition").clone();
                String attributeValue2 = element.getAttributeValue("objectid");
                if (attributeValue2 == null) {
                    accessImpl.addRule(trim, clone, attributeValue);
                } else {
                    accessImpl.addRule(attributeValue2, trim, clone, attributeValue);
                }
            }
        }
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "load permissions data from file {0}", help = "The command loads the permissions data of the access control system with data from the file {0}.", order = 10)
    public static void loadPermissionsFromFile(String str) throws Exception {
        createPermissionsFromFile(str);
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "delete all permissions", help = "Remove all permission entries from the Access Control System.", order = 40)
    public static void deleteAllPermissions() throws Exception {
        MCRAccessInterface accessImpl = MCRAccessManager.getAccessImpl();
        Iterator<String> it = accessImpl.getPermissions().iterator();
        while (it.hasNext()) {
            accessImpl.removeRule(it.next());
        }
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "delete permission {0}", help = "Remove a named permission entriy from the Access Control System.", order = 30)
    public static void deletePermission(String str) throws Exception {
        MCRAccessManager.getAccessImpl().removeRule(str);
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "list all permissions", help = "List all permission entries.", order = 20)
    public static void listAllPermissions() throws MCRException {
        MCRAccessInterface accessImpl = MCRAccessManager.getAccessImpl();
        boolean z = true;
        for (String str : accessImpl.getPermissions()) {
            z = false;
            String ruleDescription = accessImpl.getRuleDescription(str);
            if (ruleDescription.equals("")) {
                ruleDescription = "No description";
            }
            Element rule = accessImpl.getRule(str);
            LOGGER.info("       {}", str);
            LOGGER.info("           {}", ruleDescription);
            if (rule != null) {
                LOGGER.info("           {}", new XMLOutputter().outputString(rule));
            }
        }
        if (z) {
            LOGGER.warn("No permissions defined");
        }
        LOGGER.info("");
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "export all permissions to file {0}", help = "Export all permissions from the Access Control System to the file {0}.", order = 50)
    public static void exportAllPermissionsToFile(String str) throws Exception {
        MCRAccessInterface accessImpl = MCRAccessManager.getAccessImpl();
        Element element = new Element("mcrpermissions");
        element.addNamespaceDeclaration(MCRConstants.XSI_NAMESPACE);
        element.addNamespaceDeclaration(MCRConstants.XLINK_NAMESPACE);
        element.setAttribute("noNamespaceSchemaLocation", "MCRPermissions.xsd", MCRConstants.XSI_NAMESPACE);
        Document document = new Document(element);
        for (String str2 : accessImpl.getPermissions()) {
            Element element2 = new Element("mcrpermission");
            element2.setAttribute("name", str2);
            String ruleDescription = accessImpl.getRuleDescription(str2);
            if (!ruleDescription.equals("")) {
                element2.setAttribute("ruledescription", ruleDescription);
            }
            element2.addContent(accessImpl.getRule(str2));
            element.addContent(element2);
        }
        File file = new File(str);
        if (file.exists()) {
            LOGGER.warn("File {} yet exists, overwrite.", str);
        }
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        LOGGER.info("Writing to file {} ...", str);
        new XMLOutputter(Format.getPrettyFormat().setEncoding(MCRConfiguration2.getString("MCR.Metadata.DefaultEncoding").orElse(MCRConstants.DEFAULT_ENCODING))).output(document, fileOutputStream);
    }

    private static Element getRuleFromFile(String str) throws Exception {
        if (!checkFilename(str)) {
            LOGGER.warn("Wrong file format or file doesn't exist");
            return null;
        }
        Element rootElement = MCRXMLParserFactory.getParser().parseXML(new MCRFileContent(str)).getRootElement();
        if (rootElement.getName().equals("condition")) {
            return rootElement;
        }
        LOGGER.warn("ROOT element is not valid, a valid rule would be for example:");
        LOGGER.warn("<condition format=\"xml\"><boolean operator=\"true\" /></condition>");
        return null;
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "update permission {0} for id {1} with rulefile {2}", help = "The command updates access rule for a given id of a given permission with a given special rule", order = 70)
    public static void permissionUpdateForID(String str, String str2, String str3) throws Exception {
        permissionUpdateForID(str, str2, str3, "");
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "update permission {0} for id {1} with rulefile {2} described by {3}", help = "The command updates access rule for a given id of a given permission with a given special rule", order = 60)
    public static void permissionUpdateForID(String str, String str2, String str3, String str4) throws Exception {
        MCRAccessInterface accessImpl = MCRAccessManager.getAccessImpl();
        Element ruleFromFile = getRuleFromFile(str3);
        if (ruleFromFile == null) {
            return;
        }
        accessImpl.addRule(str2, str, ruleFromFile, str4);
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "update permission {0} for selected with rulefile {1}", help = "The command updates access rule for a given permission and all ids of a given MCRObject-Type with a given special rule", order = 90)
    public static void permissionUpdateForSelected(String str, String str2) throws Exception {
        permissionUpdateForSelected(str, str2, "");
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "update permission {0} for selected with rulefile {1} described by {2}", help = "The command updates access rule for a given permission and all ids of a given MCRObject-Type with a given special rule", order = 80)
    public static void permissionUpdateForSelected(String str, String str2, String str3) throws Exception {
        MCRAccessInterface accessImpl = MCRAccessManager.getAccessImpl();
        Element ruleFromFile = getRuleFromFile(str2);
        if (ruleFromFile == null) {
            return;
        }
        Iterator<String> it = MCRObjectCommands.getSelectedObjectIDs().iterator();
        while (it.hasNext()) {
            accessImpl.addRule(it.next(), str, ruleFromFile, str3);
        }
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "delete permission {0} for id {1}", help = "The command delete access rule for a given id of a given permission", order = 110)
    public static void permissionDeleteForID(String str, String str2) {
        MCRAccessManager.getAccessImpl().removeRule(str2, str);
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "delete all permissions for id {1}", help = "The command delete all access rules for a given id", order = 120)
    public static void permissionDeleteAllForID(String str) {
        MCRAccessManager.getAccessImpl().removeAllRules(str);
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "delete permission {0} for selected", help = "The command delete access rule for a query selected set of object ids of a given permission", order = 130)
    public static void permissionDeleteForSelected(String str) {
        MCRAccessInterface accessImpl = MCRAccessManager.getAccessImpl();
        Iterator<String> it = MCRObjectCommands.getSelectedObjectIDs().iterator();
        while (it.hasNext()) {
            accessImpl.removeRule(it.next(), str);
        }
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "delete all permissions for selected", help = "The command delete all access rules for a query selected set of object ids", order = 140)
    public static void permissionDeleteAllForSelected() {
        MCRAccessInterface accessImpl = MCRAccessManager.getAccessImpl();
        Iterator<String> it = MCRObjectCommands.getSelectedObjectIDs().iterator();
        while (it.hasNext()) {
            accessImpl.removeAllRules(it.next());
        }
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "set website read only {0}", help = "This command set the whole website into read only mode and provides the given message to users. Nobody, except super user can write on system, using web frontend. Parameter {0} specifies a message to be displayed", order = 150)
    public static void setWebsiteReadOnly(String str) {
        MCRWebsiteWriteProtection.activate(str);
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "set website read only", help = "This command set the whole website into read only mode. An already configurated message will be displayed to users. Nobody, except super user can write on system, using web frontend", order = 160)
    public static void setWebsiteReadOnly() {
        MCRWebsiteWriteProtection.activate();
    }

    @org.mycore.frontend.cli.annotation.MCRCommand(syntax = "unset website read only", help = "This command removes the write protection (read only) from website. After unsetting anybody can write as usual, using web frontend", order = 170)
    public static void unsetWebsiteReadOnly() {
        MCRWebsiteWriteProtection.deactivate();
    }
}
