package org.geoserver.geofence.web;

import com.vividsolutions.jts.geom.Geometry;
import com.vividsolutions.jts.geom.GeometryFactory;
import com.vividsolutions.jts.geom.MultiPolygon;
import com.vividsolutions.jts.geom.Polygon;
import com.vividsolutions.jts.io.WKTReader;
import java.io.IOException;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.TreeSet;
import java.util.logging.Level;
import org.apache.wicket.Component;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.ajax.form.OnChangeAjaxBehavior;
import org.apache.wicket.behavior.Behavior;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.html.form.ChoiceRenderer;
import org.apache.wicket.markup.html.form.DropDownChoice;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.markup.html.form.SubmitLink;
import org.apache.wicket.markup.html.form.TextArea;
import org.apache.wicket.markup.html.form.TextField;
import org.apache.wicket.markup.html.link.BookmarkablePageLink;
import org.apache.wicket.model.CompoundPropertyModel;
import org.apache.wicket.model.ResourceModel;
import org.geoserver.catalog.Predicates;
import org.geoserver.catalog.ResourceInfo;
import org.geoserver.catalog.WorkspaceInfo;
import org.geoserver.catalog.util.CloseableIterator;
import org.geoserver.geofence.core.model.RuleLimits;
import org.geoserver.geofence.core.model.enums.GrantType;
import org.geoserver.geofence.services.dto.ShortRule;
import org.geoserver.platform.GeoServerExtensions;
import org.geoserver.platform.Service;
import org.geoserver.platform.exception.GeoServerRuntimException;
import org.geoserver.security.GeoServerRoleService;
import org.geoserver.security.GeoServerSecurityManager;
import org.geoserver.security.impl.GeoServerRole;
import org.geoserver.security.impl.GeoServerUser;
import org.geoserver.web.GeoServerApplication;
import org.geoserver.web.GeoServerSecuredPage;
import org.geoserver.web.wicket.ParamResourceModel;
import org.geotools.factory.CommonFactoryFinder;
import org.opengis.filter.sort.SortOrder;
import org.springframework.dao.DuplicateKeyException;

/* loaded from: input_file:org/geoserver/geofence/web/GeofenceRulePage.class */
public class GeofenceRulePage extends GeoServerSecuredPage {
    private static final long serialVersionUID = -3986495664060319256L;
    protected DropDownChoice<String> userChoice;
    protected DropDownChoice<String> roleChoice;
    protected DropDownChoice<String> serviceChoice;
    protected DropDownChoice<String> requestChoice;
    protected DropDownChoice<String> workspaceChoice;
    protected DropDownChoice<String> layerChoice;
    protected DropDownChoice<String> accessChoice;
    protected DropDownChoice<GrantType> grantTypeChoice;
    protected TextArea<String> allowedArea;
    protected Label allowedAreaLabel;

    /* loaded from: input_file:org/geoserver/geofence/web/GeofenceRulePage$CaseConversionRenderer.class */
    protected class CaseConversionRenderer extends ChoiceRenderer<String> {
        private static final long serialVersionUID = 4238195087731806209L;

        protected CaseConversionRenderer() {
        }

        public Object getDisplayValue(String str) {
            return str;
        }

        public String getIdValue(String str, int i) {
            return str.toUpperCase();
        }
    }

    /* loaded from: input_file:org/geoserver/geofence/web/GeofenceRulePage$GrantTypeRenderer.class */
    protected class GrantTypeRenderer extends ChoiceRenderer<GrantType> {
        private static final long serialVersionUID = -7478943956804313995L;

        protected GrantTypeRenderer() {
        }

        public Object getDisplayValue(GrantType grantType) {
            return (String) new ParamResourceModel(grantType.name(), GeofenceRulePage.this.getPage(), new Object[0]).getObject();
        }

        public String getIdValue(GrantType grantType, int i) {
            return grantType.name();
        }
    }

    /* loaded from: input_file:org/geoserver/geofence/web/GeofenceRulePage$RuleFormData.class */
    private class RuleFormData implements Serializable {
        private static final long serialVersionUID = 3045099348340468123L;
        ShortRule rule;
        RuleLimits ruleLimits;
        String allowedArea;

        private RuleFormData() {
        }
    }

    public GeofenceRulePage(ShortRule shortRule, final GeofenceRulesModel geofenceRulesModel) {
        RuleFormData ruleFormData = new RuleFormData();
        ruleFormData.rule = shortRule;
        RuleLimits rulesLimits = geofenceRulesModel.getRulesLimits(shortRule.getId());
        if (rulesLimits == null) {
            ruleFormData.ruleLimits = new RuleLimits();
        } else {
            ruleFormData.ruleLimits = rulesLimits;
            ruleFormData.allowedArea = getAllowedAreaAsString(rulesLimits);
        }
        CompoundPropertyModel compoundPropertyModel = new CompoundPropertyModel(ruleFormData);
        final Form form = new Form("form", compoundPropertyModel);
        add(new Component[]{form});
        form.add(new Component[]{new TextField("priority", compoundPropertyModel.bind("rule.priority")).setRequired(true)});
        DropDownChoice<String> dropDownChoice = new DropDownChoice<>("roleName", compoundPropertyModel.bind("rule.roleName"), getRoleNames());
        this.roleChoice = dropDownChoice;
        form.add(new Component[]{dropDownChoice});
        this.roleChoice.add(new Behavior[]{new OnChangeAjaxBehavior() { // from class: org.geoserver.geofence.web.GeofenceRulePage.1
            private static final long serialVersionUID = -2880886409750911044L;

            protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
                GeofenceRulePage.this.userChoice.setChoices(GeofenceRulePage.this.getUserNames((String) GeofenceRulePage.this.roleChoice.getConvertedInput()));
                ((RuleFormData) form.getModelObject()).rule.setUserName((String) null);
                GeofenceRulePage.this.userChoice.modelChanged();
                ajaxRequestTarget.add(new Component[]{GeofenceRulePage.this.userChoice});
            }
        }});
        this.roleChoice.setNullValid(true);
        DropDownChoice<String> dropDownChoice2 = new DropDownChoice<>("userName", compoundPropertyModel.bind("rule.userName"), getUserNames(shortRule.getRoleName()));
        this.userChoice = dropDownChoice2;
        form.add(new Component[]{dropDownChoice2});
        this.userChoice.setOutputMarkupId(true);
        this.userChoice.setNullValid(true);
        DropDownChoice<String> dropDownChoice3 = new DropDownChoice<>("service", compoundPropertyModel.bind("rule.service"), getServiceNames());
        this.serviceChoice = dropDownChoice3;
        form.add(new Component[]{dropDownChoice3});
        this.serviceChoice.add(new Behavior[]{new OnChangeAjaxBehavior() { // from class: org.geoserver.geofence.web.GeofenceRulePage.2
            private static final long serialVersionUID = -5925784823433092831L;

            protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
                GeofenceRulePage.this.requestChoice.setChoices(GeofenceRulePage.this.getOperationNames((String) GeofenceRulePage.this.serviceChoice.getConvertedInput()));
                ((RuleFormData) form.getModelObject()).rule.setRequest((String) null);
                GeofenceRulePage.this.requestChoice.modelChanged();
                ajaxRequestTarget.add(new Component[]{GeofenceRulePage.this.requestChoice});
            }
        }});
        this.serviceChoice.setNullValid(true);
        DropDownChoice<String> dropDownChoice4 = new DropDownChoice<>("request", compoundPropertyModel.bind("rule.request"), getOperationNames(shortRule.getService()), new CaseConversionRenderer());
        this.requestChoice = dropDownChoice4;
        form.add(new Component[]{dropDownChoice4});
        this.requestChoice.setOutputMarkupId(true);
        this.requestChoice.setNullValid(true);
        DropDownChoice<String> dropDownChoice5 = new DropDownChoice<>("workspace", compoundPropertyModel.bind("rule.workspace"), getWorkspaceNames());
        this.workspaceChoice = dropDownChoice5;
        form.add(new Component[]{dropDownChoice5});
        this.workspaceChoice.add(new Behavior[]{new OnChangeAjaxBehavior() { // from class: org.geoserver.geofence.web.GeofenceRulePage.3
            private static final long serialVersionUID = 732177308220189475L;

            protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
                GeofenceRulePage.this.layerChoice.setChoices(GeofenceRulePage.this.getLayerNames((String) GeofenceRulePage.this.workspaceChoice.getConvertedInput()));
                ((RuleFormData) form.getModelObject()).rule.setLayer((String) null);
                GeofenceRulePage.this.layerChoice.modelChanged();
                ajaxRequestTarget.add(new Component[]{GeofenceRulePage.this.layerChoice});
            }
        }});
        this.workspaceChoice.setNullValid(true);
        DropDownChoice<String> dropDownChoice6 = new DropDownChoice<>("layer", compoundPropertyModel.bind("rule.layer"), getLayerNames(shortRule.getWorkspace()));
        this.layerChoice = dropDownChoice6;
        form.add(new Component[]{dropDownChoice6});
        this.layerChoice.setOutputMarkupId(true);
        this.layerChoice.setNullValid(true);
        DropDownChoice<GrantType> dropDownChoice7 = new DropDownChoice<>("access", compoundPropertyModel.bind("rule.access"), Arrays.asList(GrantType.values()), new GrantTypeRenderer());
        this.grantTypeChoice = dropDownChoice7;
        form.add(new Component[]{dropDownChoice7});
        this.grantTypeChoice.setRequired(true);
        this.grantTypeChoice.add(new Behavior[]{new OnChangeAjaxBehavior() { // from class: org.geoserver.geofence.web.GeofenceRulePage.4
            private static final long serialVersionUID = -4302901248019983282L;

            protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
                if (((GrantType) GeofenceRulePage.this.grantTypeChoice.getConvertedInput()).equals(GrantType.LIMIT)) {
                    GeofenceRulePage.this.allowedAreaLabel.setVisible(true);
                    GeofenceRulePage.this.allowedArea.setVisible(true);
                } else {
                    GeofenceRulePage.this.allowedAreaLabel.setVisible(false);
                    GeofenceRulePage.this.allowedArea.setVisible(false);
                }
                ajaxRequestTarget.add(new Component[]{GeofenceRulePage.this.allowedAreaLabel});
                ajaxRequestTarget.add(new Component[]{GeofenceRulePage.this.allowedArea});
            }
        }});
        Label label = new Label("allowedAreaLabel", new ResourceModel("allowedArea", "Allow area"));
        this.allowedAreaLabel = label;
        form.add(new Component[]{label});
        this.allowedAreaLabel.setVisible(((RuleFormData) form.getModelObject()).rule.getAccess() != null && ((RuleFormData) form.getModelObject()).rule.getAccess().equals(GrantType.LIMIT));
        this.allowedAreaLabel.setOutputMarkupId(true);
        this.allowedAreaLabel.setOutputMarkupPlaceholderTag(true);
        TextArea<String> textArea = new TextArea<>("allowedArea", compoundPropertyModel.bind("allowedArea"));
        this.allowedArea = textArea;
        form.add(new Component[]{textArea});
        this.allowedArea.setConvertedInput(((RuleFormData) form.getModelObject()).allowedArea);
        this.allowedArea.setVisible(((RuleFormData) form.getModelObject()).rule.getAccess() != null && ((RuleFormData) form.getModelObject()).rule.getAccess().equals(GrantType.LIMIT));
        this.allowedArea.setOutputMarkupId(true);
        this.allowedArea.setOutputMarkupPlaceholderTag(true);
        form.add(new Component[]{new SubmitLink("save") { // from class: org.geoserver.geofence.web.GeofenceRulePage.5
            private static final long serialVersionUID = 3735176778941168701L;

            public void onSubmit() {
                RuleFormData ruleFormData2 = (RuleFormData) getForm().getModelObject();
                try {
                    geofenceRulesModel.save(ruleFormData2.rule);
                    if (ruleFormData2.rule.getAccess().equals(GrantType.LIMIT)) {
                        geofenceRulesModel.save(ruleFormData2.rule.getId(), GeofenceRulePage.this.parseAllowedArea(ruleFormData2.allowedArea));
                    }
                    GeofenceRulePage.this.doReturn(GeofenceServerPage.class);
                } catch (Exception e) {
                    error(e);
                } catch (DuplicateKeyException e2) {
                    error(new ResourceModel("GeofenceRulePage.duplicate").getObject());
                }
            }
        }});
        form.add(new Component[]{new BookmarkablePageLink("cancel", GeofenceServerPage.class)});
    }

    private String getAllowedAreaAsString(RuleLimits ruleLimits) {
        if (ruleLimits == null || ruleLimits.getAllowedArea() == null) {
            return "";
        }
        MultiPolygon allowedArea = ruleLimits.getAllowedArea();
        return "SRID=" + allowedArea.getSRID() + ";" + allowedArea.toText();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public MultiPolygon parseAllowedArea(String str) {
        if (str == null || str.isEmpty()) {
            return null;
        }
        String[] split = str.split(";");
        if (split.length != 2) {
            throw new GeoServerRuntimException(String.format("Invalid allowed area '%s' expecting SRID=<CODE>;<WKT>.", str));
        }
        try {
            Integer valueOf = Integer.valueOf(split[0].split("=")[1]);
            MultiPolygon castToMultiPolygon = castToMultiPolygon(new WKTReader().read(split[1]));
            castToMultiPolygon.setSRID(valueOf.intValue());
            return castToMultiPolygon;
        } catch (Exception e) {
            String format = String.format("Error parsing SRID '%s' or WKT geometry '%s' expecting SRID=<CODE>;<WKT>.", split[0], split[1]);
            LOGGER.log(Level.WARNING, format, (Throwable) e);
            throw new GeoServerRuntimException(format, e);
        }
    }

    private MultiPolygon castToMultiPolygon(Geometry geometry) {
        if (geometry instanceof MultiPolygon) {
            return (MultiPolygon) geometry;
        }
        if (geometry instanceof Polygon) {
            return new MultiPolygon(new Polygon[]{(Polygon) geometry}, new GeometryFactory());
        }
        throw new GeoServerRuntimException(String.format("Invalid geometry of type '%s' expect a Polygon or MultiPolygon.", geometry.getClass().getSimpleName()));
    }

    protected List<String> getWorkspaceNames() {
        TreeSet treeSet = new TreeSet();
        Iterator it = getCatalog().getFacade().getWorkspaces().iterator();
        while (it.hasNext()) {
            treeSet.add(((WorkspaceInfo) it.next()).getName());
        }
        return new ArrayList(treeSet);
    }

    protected List<String> getLayerNames(String str) {
        ArrayList arrayList = new ArrayList();
        if (str != null) {
            CloseableIterator list = getCatalog().getFacade().list(ResourceInfo.class, Predicates.equal("store.workspace.name", str), (Integer) null, (Integer) null, CommonFactoryFinder.getFilterFactory2().sort("name", SortOrder.ASCENDING));
            Throwable th = null;
            while (list.hasNext()) {
                try {
                    try {
                        arrayList.add(((ResourceInfo) list.next()).getName());
                    } finally {
                    }
                } catch (Throwable th2) {
                    if (list != null) {
                        if (th != null) {
                            try {
                                list.close();
                            } catch (Throwable th3) {
                                th.addSuppressed(th3);
                            }
                        } else {
                            list.close();
                        }
                    }
                    throw th2;
                }
            }
            if (list != null) {
                if (0 != 0) {
                    try {
                        list.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    list.close();
                }
            }
        }
        return arrayList;
    }

    protected List<String> getServiceNames() {
        TreeSet treeSet = new TreeSet();
        Iterator it = GeoServerExtensions.extensions(Service.class).iterator();
        while (it.hasNext()) {
            treeSet.add(((Service) it.next()).getId().toUpperCase());
        }
        return new ArrayList(treeSet);
    }

    protected List<String> getOperationNames(String str) {
        TreeSet treeSet = new TreeSet();
        boolean z = true;
        if (str != null) {
            for (Service service : GeoServerExtensions.extensions(Service.class)) {
                if (str.equalsIgnoreCase(service.getId()) && z) {
                    z = false;
                    treeSet.addAll(service.getOperations());
                }
            }
        }
        return new ArrayList(treeSet);
    }

    protected List<String> getRoleNames() {
        TreeSet treeSet = new TreeSet();
        try {
            Iterator it = securityManager().getRolesForAccessControl().iterator();
            while (it.hasNext()) {
                treeSet.add(((GeoServerRole) it.next()).getAuthority());
            }
        } catch (IOException e) {
            LOGGER.log(Level.WARNING, e.getLocalizedMessage(), (Throwable) e);
        }
        return new ArrayList(treeSet);
    }

    protected List<String> getUserNames(String str) {
        TreeSet treeSet = new TreeSet();
        GeoServerSecurityManager securityManager = securityManager();
        try {
            if (str == null) {
                Iterator it = securityManager.listUserGroupServices().iterator();
                while (it.hasNext()) {
                    Iterator it2 = securityManager.loadUserGroupService((String) it.next()).getUsers().iterator();
                    while (it2.hasNext()) {
                        treeSet.add(((GeoServerUser) it2.next()).getUsername());
                    }
                }
            } else {
                Iterator it3 = securityManager.listRoleServices().iterator();
                while (it3.hasNext()) {
                    GeoServerRoleService loadRoleService = securityManager.loadRoleService((String) it3.next());
                    GeoServerRole roleByName = loadRoleService.getRoleByName(str);
                    if (roleByName != null) {
                        treeSet.addAll(loadRoleService.getUserNamesForRole(roleByName));
                    }
                }
            }
        } catch (IOException e) {
            LOGGER.log(Level.WARNING, e.getLocalizedMessage(), (Throwable) e);
        }
        return new ArrayList(treeSet);
    }

    protected GeoServerSecurityManager securityManager() {
        return GeoServerApplication.get().getSecurityManager();
    }
}
