package bootstrap.liftweb;

import bootstrap.liftweb.UserFileProcessing;
import com.normation.errors;
import com.normation.rudder.Role;
import com.normation.rudder.Role$Administrator$;
import com.normation.rudder.Role$NoRights$;
import com.normation.rudder.RudderAccount;
import com.normation.rudder.RudderRoles$;
import com.normation.rudder.UncheckedCustomRole;
import com.normation.rudder.domain.logger.ApplicationLogger$;
import com.normation.rudder.domain.logger.ApplicationLoggerPure$;
import com.normation.rudder.rest.RoleApiMapping;
import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import org.xml.sax.SAXParseException;
import scala.$less$colon$less$;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Some;
import scala.Tuple2;
import scala.Tuple3;
import scala.UninitializedFieldError;
import scala.collection.ArrayOps$;
import scala.collection.BuildFrom$;
import scala.collection.Seq;
import scala.collection.StringOps$;
import scala.collection.immutable.$colon;
import scala.collection.immutable.List;
import scala.collection.immutable.Nil$;
import scala.package$;
import scala.reflect.ClassTag$;
import scala.runtime.BoxesRunTime;
import scala.runtime.Nothing$;
import scala.util.Either;
import scala.xml.Elem;
import scala.xml.Node;
import scala.xml.XML$;
import zio.ZIO;
import zio.ZIO$;
import zio.syntax$;

/* compiled from: RudderUserDetailsFile.scala */
/* loaded from: input_file:bootstrap/liftweb/UserFileProcessing$.class */
public final class UserFileProcessing$ {
    public static final UserFileProcessing$ MODULE$ = new UserFileProcessing$();
    private static final String JVM_AUTH_FILE_KEY = "rudder.authFile";
    private static final String DEFAULT_AUTH_FILE_NAME = "demo-rudder-users.xml";
    private static volatile byte bitmap$init$0;

    static {
        bitmap$init$0 = (byte) (bitmap$init$0 | 1);
        bitmap$init$0 = (byte) (bitmap$init$0 | 2);
    }

    public String JVM_AUTH_FILE_KEY() {
        if (((byte) (bitmap$init$0 & 1)) == 0) {
            throw new UninitializedFieldError("Uninitialized field: /home/jenkins/workspace/rudder-release/rudder-build/webapp/sources/rudder/rudder-web/src/main/scala/bootstrap/liftweb/RudderUserDetailsFile.scala: 362");
        }
        String str = JVM_AUTH_FILE_KEY;
        return JVM_AUTH_FILE_KEY;
    }

    public String DEFAULT_AUTH_FILE_NAME() {
        if (((byte) (bitmap$init$0 & 2)) == 0) {
            throw new UninitializedFieldError("Uninitialized field: /home/jenkins/workspace/rudder-release/rudder-build/webapp/sources/rudder/rudder-web/src/main/scala/bootstrap/liftweb/RudderUserDetailsFile.scala: 363");
        }
        String str = DEFAULT_AUTH_FILE_NAME;
        return DEFAULT_AUTH_FILE_NAME;
    }

    public ZIO<Object, errors.RudderError, UserFile> getUserResourceFile() {
        String property = System.getProperty(JVM_AUTH_FILE_KEY());
        switch (property == null ? 0 : property.hashCode()) {
            case 0:
                if (property == null || "".equals(property)) {
                    return ApplicationLoggerPure$.MODULE$.info(() -> {
                        return "JVM property -D" + MODULE$.JVM_AUTH_FILE_KEY() + " is not defined, using configuration file '" + MODULE$.DEFAULT_AUTH_FILE_NAME() + "' in classpath";
                    }).$times$greater(() -> {
                        return syntax$.MODULE$.ToZio(new UserFile("classpath:" + MODULE$.DEFAULT_AUTH_FILE_NAME(), () -> {
                            return MODULE$.getClass().getClassLoader().getResourceAsStream(MODULE$.DEFAULT_AUTH_FILE_NAME());
                        })).succeed();
                    }, "bootstrap.liftweb.UserFileProcessing.getUserResourceFile(RudderUserDetailsFile.scala:380)");
                }
                break;
        }
        File file = new File(property);
        return (file.exists() && file.canRead()) ? ApplicationLoggerPure$.MODULE$.info(() -> {
            return "Using configuration file defined by JVM property -D" + MODULE$.JVM_AUTH_FILE_KEY() + " : " + file.getPath();
        }).$times$greater(() -> {
            return syntax$.MODULE$.ToZio(new UserFile(file.getAbsolutePath(), () -> {
                return new FileInputStream(file);
            })).succeed();
        }, "bootstrap.liftweb.UserFileProcessing.getUserResourceFile(RudderUserDetailsFile.scala:390)") : ApplicationLoggerPure$.MODULE$.error(() -> {
            return "Can not find configuration file specified by JVM property " + MODULE$.JVM_AUTH_FILE_KEY() + ": " + file.getPath() + "; aborting";
        }).$times$greater(() -> {
            return syntax$.MODULE$.ToZio(new errors.Unexpected("rudder-users configuration file not found at path: '" + file.getPath() + "'")).fail();
        }, "bootstrap.liftweb.UserFileProcessing.getUserResourceFile(RudderUserDetailsFile.scala:395)");
    }

    public ZIO<Object, errors.RudderError, ValidatedUserList> parseUsers(RoleApiMapping roleApiMapping, UserFile userFile, boolean z) {
        ZIO fail;
        try {
            fail = syntax$.MODULE$.ToZio(XML$.MODULE$.load((InputStream) userFile.inputStream().apply())).succeed();
        } catch (SAXParseException e) {
            fail = syntax$.MODULE$.ToZio(new errors.SystemError("User definitions: XML in file /opt/rudder/etc/rudder-users.xml is incorrect, error message is: " + e.getMessage() + " (line " + e.getLineNumber() + ", column " + e.getColumnNumber() + ")", e)).fail();
        } catch (Exception e2) {
            fail = syntax$.MODULE$.ToZio(new errors.SystemError("User definitions: An error occurred while parsing /opt/rudder/etc/rudder-users.xml. Logging in to the Rudder web interface will not be possible until this is fixed and the application restarted.", e2)).fail();
        }
        return fail.flatMap(elem -> {
            return MODULE$.parseXml(roleApiMapping, elem, userFile.name(), z).map(validatedUserList -> {
                return validatedUserList;
            }, "bootstrap.liftweb.UserFileProcessing.parseUsers(RudderUserDetailsFile.scala:425)");
        }, "bootstrap.liftweb.UserFileProcessing.parseUsers(RudderUserDetailsFile.scala:424)");
    }

    public ZIO<Object, errors.RudderError, ValidatedUserList> parseXml(RoleApiMapping roleApiMapping, Elem elem, String str, boolean z) {
        return parseXmlNoResolve(elem, str).flatMap(parsedUserFile -> {
            return MODULE$.resolveRoles(parsedUserFile.customRoles(), z).flatMap(list -> {
                return RudderRoles$.MODULE$.register(list).flatMap(boxedUnit -> {
                    return MODULE$.resolveUsers(parsedUserFile.users(), z, str).map(list -> {
                        return ValidatedUserList$.MODULE$.fromRudderAccountList(roleApiMapping, new UserDetailFileConfiguration(parsedUserFile.encoder(), parsedUserFile.isCaseSensitive(), list, list.map(tuple2 -> {
                            if (tuple2 == null) {
                                throw new MatchError(tuple2);
                            }
                            RudderAccount.User user = (RudderAccount.User) tuple2._1();
                            return new Tuple2(user.login(), new Tuple2(user, (List) tuple2._2()));
                        }).toMap($less$colon$less$.MODULE$.refl())));
                    }, "bootstrap.liftweb.UserFileProcessing.parseXml(RudderUserDetailsFile.scala:451)");
                }, "bootstrap.liftweb.UserFileProcessing.parseXml(RudderUserDetailsFile.scala:450)");
            }, "bootstrap.liftweb.UserFileProcessing.parseXml(RudderUserDetailsFile.scala:449)");
        }, "bootstrap.liftweb.UserFileProcessing.parseXml(RudderUserDetailsFile.scala:448)");
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Removed duplicated region for block: B:20:0x00cb  */
    /* JADX WARN: Removed duplicated region for block: B:22:0x00da  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public zio.ZIO<java.lang.Object, com.normation.errors.RudderError, bootstrap.liftweb.UserFileProcessing.ParsedUserFile> parseXmlNoResolve(scala.xml.Elem r7, java.lang.String r8) {
        /*
            Method dump skipped, instructions count: 324
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: bootstrap.liftweb.UserFileProcessing$.parseXmlNoResolve(scala.xml.Elem, java.lang.String):zio.ZIO");
    }

    public ZIO<Object, Nothing$, List<Role>> resolveRoles(List<UncheckedCustomRole> list, boolean z) {
        if (z || !list.nonEmpty()) {
            return RudderRoles$.MODULE$.getAllRoles().flatMap(sortedMap -> {
                return RudderRoles$.MODULE$.resolveCustomRoles(list, sortedMap).flatMap(customRoleResolverResult -> {
                    return ZIO$.MODULE$.foreach(customRoleResolverResult.invalid(), tuple2 -> {
                        if (tuple2 == null) {
                            throw new MatchError(tuple2);
                        }
                        UncheckedCustomRole uncheckedCustomRole = (UncheckedCustomRole) tuple2._1();
                        String str = (String) tuple2._2();
                        return ApplicationLoggerPure$.MODULE$.error(() -> {
                            return "Error with custom role definition: custom role '" + uncheckedCustomRole.name() + "' is invalid and will be ignored: " + str;
                        });
                    }, BuildFrom$.MODULE$.buildFromIterableOps(), "bootstrap.liftweb.UserFileProcessing.resolveRoles(RudderUserDetailsFile.scala:588)").map(list2 -> {
                        return customRoleResolverResult.validRoles();
                    }, "bootstrap.liftweb.UserFileProcessing.resolveRoles(RudderUserDetailsFile.scala:588)");
                }, "bootstrap.liftweb.UserFileProcessing.resolveRoles(RudderUserDetailsFile.scala:587)");
            }, "bootstrap.liftweb.UserFileProcessing.resolveRoles(RudderUserDetailsFile.scala:586)");
        }
        ApplicationLogger$.MODULE$.warn(() -> {
            return "Custom roles are defined which is not supported without the User management plugin. These custom roles will be ignored: " + list.map(uncheckedCustomRole -> {
                return uncheckedCustomRole.name();
            }).mkString(", ");
        });
        return syntax$.MODULE$.ToZio(Nil$.MODULE$).succeed();
    }

    public ZIO<Object, Nothing$, List<Tuple2<RudderAccount.User, List<Role>>>> resolveUsers(List<UserFileProcessing.ParsedUser> list, boolean z, String str) {
        return ZIO$.MODULE$.foreach(list, parsedUser -> {
            if (parsedUser == null) {
                throw new MatchError(parsedUser);
            }
            Tuple3 tuple3 = new Tuple3(parsedUser.name(), parsedUser.password(), parsedUser.roles());
            String str2 = (String) tuple3._1();
            String str3 = (String) tuple3._2();
            return RudderRoles$.MODULE$.parseRoles((List) tuple3._3()).flatMap(list2 -> {
                return Nil$.MODULE$.equals(list2) ? syntax$.MODULE$.ToZio(new $colon.colon(Role$NoRights$.MODULE$, Nil$.MODULE$)).succeed() : (z || !list2.exists(role -> {
                    return BoxesRunTime.boxToBoolean($anonfun$resolveUsers$3(role));
                })) ? ApplicationLoggerPure$.MODULE$.debug(() -> {
                    return "User '" + str2 + "' defined with authorizations: " + list2.map(role2 -> {
                        return role2.name();
                    }).mkString(", ");
                }).$times$greater(() -> {
                    return syntax$.MODULE$.ToZio(list2).succeed();
                }, "bootstrap.liftweb.UserFileProcessing.resolveUsers(RudderUserDetailsFile.scala:623)") : ApplicationLoggerPure$.MODULE$.warn(() -> {
                    return "User '" + str2 + "' defined with authorizations different from 'administrator', which is not supported without the User management plugin. To prevent problem, that user authorization is removed.";
                }).$times$greater(() -> {
                    return syntax$.MODULE$.ToZio(new $colon.colon(Role$NoRights$.MODULE$, Nil$.MODULE$)).succeed();
                }, "bootstrap.liftweb.UserFileProcessing.resolveUsers(RudderUserDetailsFile.scala:618)");
            }, "bootstrap.liftweb.UserFileProcessing.resolveUsers(RudderUserDetailsFile.scala:608)").map(list3 -> {
                return new Tuple2(new RudderAccount.User(str2, str3), list3);
            }, "bootstrap.liftweb.UserFileProcessing.resolveUsers(RudderUserDetailsFile.scala:627)");
        }, BuildFrom$.MODULE$.buildFromIterableOps(), "bootstrap.liftweb.UserFileProcessing.resolveUsers(RudderUserDetailsFile.scala:603)");
    }

    private static final Either getName$1(Node node) {
        boolean z;
        boolean z2 = false;
        Some some = null;
        Some map = node.attribute("name").map(seq -> {
            return (Seq) seq.map(node2 -> {
                return node2.text().strip();
            });
        });
        if (None$.MODULE$.equals(map)) {
            z = true;
        } else {
            if (map instanceof Some) {
                if (Nil$.MODULE$.equals((Seq) map.value())) {
                    z = true;
                }
            }
            z = false;
        }
        if (z) {
            return package$.MODULE$.Left().apply(new errors.Inconsistency("Role can't have an empty `name` attribute: " + node));
        }
        if (map instanceof Some) {
            z2 = true;
            some = map;
            $colon.colon colonVar = (Seq) some.value();
            if (colonVar instanceof $colon.colon) {
                $colon.colon colonVar2 = colonVar;
                String str = (String) colonVar2.head();
                if (Nil$.MODULE$.equals(colonVar2.next$access$1()) && str.isEmpty()) {
                    return package$.MODULE$.Left().apply(new errors.Inconsistency("Role can't have an empty `name` attribute: " + node));
                }
            }
        }
        if (z2) {
            $colon.colon colonVar3 = (Seq) some.value();
            if (colonVar3 instanceof $colon.colon) {
                $colon.colon colonVar4 = colonVar3;
                String str2 = (String) colonVar4.head();
                if (Nil$.MODULE$.equals(colonVar4.next$access$1())) {
                    return package$.MODULE$.Right().apply(str2);
                }
            }
        }
        return package$.MODULE$.Left().apply(new errors.Inconsistency("Role must have an unique, non-empty `name` attribute: " + map));
    }

    private static final Either getRoles$1(Node node) {
        boolean z;
        Some attribute = node.attribute("roles");
        if (None$.MODULE$.equals(attribute)) {
            z = true;
        } else {
            if (attribute instanceof Some) {
                if (Nil$.MODULE$.equals((Seq) attribute.value())) {
                    z = true;
                }
            }
            z = false;
        }
        if (z) {
            return package$.MODULE$.Right().apply(package$.MODULE$.List().empty());
        }
        if (!(attribute instanceof Some)) {
            throw new MatchError(attribute);
        }
        return package$.MODULE$.Right().apply(((Seq) attribute.value()).toList().flatMap(node2 -> {
            return Predef$.MODULE$.wrapRefArray((Object[]) ArrayOps$.MODULE$.collect$extension(Predef$.MODULE$.refArrayOps((Object[]) ArrayOps$.MODULE$.map$extension(Predef$.MODULE$.refArrayOps(node2.text().split(",")), str -> {
                return str.strip();
            }, ClassTag$.MODULE$.apply(String.class))), new UserFileProcessing$$anonfun$$nestedInanonfun$parseXmlNoResolve$8$1(), ClassTag$.MODULE$.apply(String.class))).toList();
        }));
    }

    private static final List userRoles$1(Option option) {
        return (List) option.map(seq -> {
            return seq.toList().flatMap(node -> {
                return Predef$.MODULE$.wrapRefArray(node.text().split(",")).toList().map(str -> {
                    return str.strip();
                });
            });
        }).getOrElse(() -> {
            return Nil$.MODULE$;
        });
    }

    private static final ZIO getUsers$1(Elem elem, String str) {
        return ZIO$.MODULE$.foreach(elem.$bslash("user").toList(), node -> {
            Tuple3 tuple3 = new Tuple3(node.attribute("name").map(seq -> {
                return seq.toList().map(node -> {
                    return node.text();
                });
            }), node.attribute("password").map(seq2 -> {
                return seq2.toList().map(node -> {
                    return node.text();
                });
            }), userRoles$1(node.attribute("role")).$plus$plus(userRoles$1(node.attribute("roles"))));
            if (tuple3 != null) {
                Some some = (Option) tuple3._1();
                Some some2 = (Option) tuple3._2();
                List list = (List) tuple3._3();
                if (some instanceof Some) {
                    $colon.colon colonVar = (List) some.value();
                    if (colonVar instanceof $colon.colon) {
                        $colon.colon colonVar2 = colonVar;
                        String str2 = (String) colonVar2.head();
                        if (Nil$.MODULE$.equals(colonVar2.next$access$1()) && (some2 instanceof Some)) {
                            $colon.colon colonVar3 = (List) some2.value();
                            if (colonVar3 instanceof $colon.colon) {
                                $colon.colon colonVar4 = colonVar3;
                                String str3 = (String) colonVar4.head();
                                if (Nil$.MODULE$.equals(colonVar4.next$access$1()) && StringOps$.MODULE$.size$extension(Predef$.MODULE$.augmentString(str2)) > 0) {
                                    return syntax$.MODULE$.ToZio(new Some(new UserFileProcessing.ParsedUser(str2, str3, list))).succeed();
                                }
                            }
                        }
                    }
                }
            }
            return ApplicationLoggerPure$.MODULE$.error(() -> {
                return "Ignore user line in authentication file '" + str + "', some required attribute is missing: " + node.toString();
            }).$times$greater(() -> {
                return syntax$.MODULE$.ToZio(None$.MODULE$).succeed();
            }, "bootstrap.liftweb.UserFileProcessing.parseXmlNoResolve.getUsers(RudderUserDetailsFile.scala:558)");
        }, BuildFrom$.MODULE$.buildFromIterableOps(), "bootstrap.liftweb.UserFileProcessing.parseXmlNoResolve.getUsers(RudderUserDetailsFile.scala:542)").map(list -> {
            return (List) list.flatten(Predef$.MODULE$.$conforms());
        }, "bootstrap.liftweb.UserFileProcessing.parseXmlNoResolve.getUsers(RudderUserDetailsFile.scala:561)");
    }

    public static final /* synthetic */ ZIO $anonfun$parseXmlNoResolve$27(ZIO zio, org.springframework.security.crypto.password.PasswordEncoder passwordEncoder, Elem elem, String str, boolean z) {
        return zio.flatMap(list -> {
            return getUsers$1(elem, str).map(list -> {
                return new UserFileProcessing.ParsedUserFile(passwordEncoder, z, list, list);
            }, "bootstrap.liftweb.UserFileProcessing.parseXmlNoResolve(RudderUserDetailsFile.scala:568)");
        }, "bootstrap.liftweb.UserFileProcessing.parseXmlNoResolve(RudderUserDetailsFile.scala:567)");
    }

    public static final /* synthetic */ boolean $anonfun$resolveUsers$3(Role role) {
        Role$Administrator$ role$Administrator$ = Role$Administrator$.MODULE$;
        return role != null ? !role.equals(role$Administrator$) : role$Administrator$ != null;
    }

    private UserFileProcessing$() {
    }
}
