package org.opennms.upgrade.implementations;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.FileWriter;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.xerces.parsers.DOMParser;
import org.opennms.core.utils.BundleLists;
import org.opennms.core.utils.ConfigFileConstants;
import org.opennms.netmgt.config.UserFactory;
import org.opennms.netmgt.config.UserManager;
import org.opennms.netmgt.model.OnmsUser;
import org.opennms.upgrade.api.AbstractOnmsUpgrade;
import org.opennms.upgrade.api.OnmsUpgradeException;
import org.opennms.web.api.Authentication;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:org/opennms/upgrade/implementations/MagicUsersMigratorOffline.class */
public class MagicUsersMigratorOffline extends AbstractOnmsUpgrade {
    private File magicUsersFile;
    private File magicUsersFileRPM;
    private File magicUsersFileDEB;
    private File usersFile;

    public MagicUsersMigratorOffline() throws OnmsUpgradeException {
        try {
            this.magicUsersFile = new File(ConfigFileConstants.getHome(), "etc" + File.separator + "magic-users.properties");
            this.magicUsersFileRPM = new File(this.magicUsersFile.getAbsolutePath() + ".rpmsave");
            this.magicUsersFileDEB = new File(this.magicUsersFile.getAbsolutePath() + ".dpkg-remove");
            this.usersFile = ConfigFileConstants.getFile(ConfigFileConstants.USERS_CONF_FILE_NAME);
        } catch (Exception e) {
        }
    }

    @Override // org.opennms.upgrade.api.OnmsUpgrade
    public int getOrder() {
        return 12;
    }

    @Override // org.opennms.upgrade.api.OnmsUpgrade
    public String getDescription() {
        return "Moves security roles from magic-users.properties into the users.xml file: HZN-871";
    }

    @Override // org.opennms.upgrade.api.OnmsUpgrade
    public boolean requiresOnmsRunning() {
        return false;
    }

    @Override // org.opennms.upgrade.api.OnmsUpgrade
    public void preExecute() throws OnmsUpgradeException {
        if (canRun()) {
            try {
                for (File file : new File[]{this.magicUsersFile, this.magicUsersFileRPM, this.magicUsersFileDEB, this.usersFile}) {
                    if (file.exists()) {
                        log("Backing up %s\n", file);
                        zipFile(file);
                    }
                }
            } catch (Exception e) {
                throw new OnmsUpgradeException("Can't backup files because " + e.getMessage());
            }
        }
    }

    @Override // org.opennms.upgrade.api.OnmsUpgrade
    public void postExecute() throws OnmsUpgradeException {
        if (canRun()) {
            if (this.magicUsersFile.exists()) {
                log("Removing original config file %s\n", this.magicUsersFile);
                FileUtils.deleteQuietly(this.magicUsersFile);
            }
            if (this.magicUsersFileRPM.exists()) {
                log("Removing config file (RPM version) %s\n", this.magicUsersFileRPM);
                FileUtils.deleteQuietly(this.magicUsersFileRPM);
            }
            if (this.magicUsersFileDEB.exists()) {
                log("Removing config file (DEB version) %s\n", this.magicUsersFileDEB);
                FileUtils.deleteQuietly(this.magicUsersFileDEB);
            }
        }
    }

    @Override // org.opennms.upgrade.api.OnmsUpgrade
    public void rollback() throws OnmsUpgradeException {
        if (canRun()) {
            for (File file : new File[]{this.magicUsersFile, this.magicUsersFileRPM, this.magicUsersFileDEB, this.usersFile}) {
                File file2 = new File(file.getAbsolutePath() + AbstractOnmsUpgrade.ZIP_EXT);
                if (file2.exists()) {
                    log("Restoring backup %s\n", file2);
                    FileUtils.deleteQuietly(file);
                    unzipFile(file2, file2.getParentFile());
                }
            }
        }
    }

    @Override // org.opennms.upgrade.api.OnmsUpgrade
    public void execute() throws OnmsUpgradeException {
        if (!canRun()) {
            log("Error: ignoring the execution of the task because the file magic-users.properties was not found. Maybe the task was already successfully executed before.\n", new Object[0]);
            return;
        }
        boolean z = false;
        ArrayList arrayList = new ArrayList();
        try {
            DOMParser dOMParser = new DOMParser();
            dOMParser.parse(new InputSource(new FileReader(this.usersFile)));
            NodeList elementsByTagName = dOMParser.getDocument().getElementsByTagName("user");
            for (int i = 0; i < elementsByTagName.getLength(); i++) {
                String str = null;
                Node item = elementsByTagName.item(i);
                NamedNodeMap attributes = item.getAttributes();
                NodeList childNodes = item.getChildNodes();
                int i2 = 0;
                while (true) {
                    if (i2 >= childNodes.getLength()) {
                        break;
                    }
                    Node item2 = childNodes.item(i2);
                    if ("user-id".equals(item2.getLocalName())) {
                        str = item2.getTextContent();
                        break;
                    }
                    i2++;
                }
                Node namedItem = attributes.getNamedItem("read-only");
                if (namedItem != null) {
                    if (str == null) {
                        log("Warning: found a read-only tag but unable to determine username: " + item + "\n", new Object[0]);
                    } else {
                        z = true;
                        if (Boolean.valueOf(namedItem.getTextContent()).booleanValue()) {
                            log(str + " is read-only\n", new Object[0]);
                            arrayList.add(str);
                        }
                    }
                }
            }
            if (z) {
                log("Removing the read-only flags from users.xml\n", new Object[0]);
                Files.write(this.usersFile.toPath(), new String(Files.readAllBytes(this.usersFile.toPath()), StandardCharsets.UTF_8).replaceAll("\\s+read-only=\".+\"", "").getBytes(StandardCharsets.UTF_8), new OpenOption[0]);
            }
            log("Moving security roles into users.xml...\n", new Object[0]);
            try {
                UserFactory.init();
                UserManager userFactory = UserFactory.getInstance();
                List<OnmsUser> arrayList2 = new ArrayList<>();
                for (String str2 : userFactory.getUserNames()) {
                    log("Loading configured user: %s...\n", str2);
                    arrayList2.add(userFactory.getOnmsUser(str2));
                }
                Properties properties = new Properties();
                if (this.magicUsersFile.exists()) {
                    properties.load(new FileInputStream(this.magicUsersFile));
                } else if (this.magicUsersFileRPM.exists()) {
                    properties.load(new FileInputStream(this.magicUsersFileRPM));
                } else {
                    if (!this.magicUsersFileDEB.exists()) {
                        throw new IllegalArgumentException("Can't find magic-users.properties, or any RPM/DEB backup of it");
                    }
                    properties.load(new FileInputStream(this.magicUsersFileDEB));
                }
                for (String str3 : BundleLists.parseBundleList(properties.getProperty("users"))) {
                    String property = properties.getProperty("user." + str3 + ".username");
                    String property2 = properties.getProperty("user." + str3 + ".password");
                    OnmsUser onmsUser = new OnmsUser();
                    onmsUser.setUsername(property);
                    onmsUser.setFullName(str3);
                    onmsUser.setComments("This is a system user, do not delete");
                    onmsUser.setPassword(userFactory.encryptedPassword(property2, true));
                    onmsUser.setPasswordSalted(true);
                    arrayList2.add(0, onmsUser);
                }
                for (String str4 : BundleLists.parseBundleList(properties.getProperty("roles"))) {
                    String property3 = properties.getProperty("role." + str4 + ".users");
                    if (property3 == null) {
                        log("Warning: Role configuration for '%s' does not have 'users' parameter.  Expecting a 'role.%s.users' property. The role will not be usable.\n", str4, str4);
                    } else {
                        String[] parseBundleList = BundleLists.parseBundleList(property3);
                        boolean equals = "true".equals(properties.getProperty("role." + str4 + ".notInDefaultGroup"));
                        String str5 = "ROLE_" + str4.toUpperCase();
                        ArrayList arrayList3 = new ArrayList();
                        for (String str6 : parseBundleList) {
                            OnmsUser user = getUser(arrayList2, str6);
                            if (user == null) {
                                log("Warning: User %s doesn't exist on users.xml, Ignoring.\n", str6);
                            } else {
                                addRole(user, str5);
                                if (!equals && !str5.equals("ROLE_ADMIN")) {
                                    addRole(user, "ROLE_USER");
                                }
                                if (!Authentication.isValidRole(str5)) {
                                    log("Warning: %s is a custom role.\n", str5);
                                    arrayList3.add(str4);
                                }
                            }
                        }
                        if (!arrayList3.isEmpty()) {
                            String join = StringUtils.join(arrayList3, ',');
                            log("Creating %s with roles: %s\n", "security-roles.properties", join);
                            Properties properties2 = new Properties();
                            properties2.put("roles", join);
                            properties2.store(new FileWriter(new File(ConfigFileConstants.getHome(), "etc" + File.separator + "security-roles.properties")), "Custom Roles");
                        }
                    }
                }
                for (OnmsUser onmsUser2 : arrayList2) {
                    if (arrayList.contains(onmsUser2.getUsername())) {
                        addRole(onmsUser2, "ROLE_READONLY");
                        if (!onmsUser2.getRoles().contains("ROLE_USER")) {
                            addRole(onmsUser2, "ROLE_USER");
                        }
                    }
                    userFactory.save(onmsUser2);
                }
            } catch (Throwable th) {
                throw new OnmsUpgradeException("Can't fix configuration because " + th.getMessage(), th);
            }
        } catch (Exception e) {
            throw new OnmsUpgradeException("Can't fix configuration because " + e.getMessage(), e);
        }
    }

    private OnmsUser getUser(List<OnmsUser> list, String str) {
        for (OnmsUser onmsUser : list) {
            if (onmsUser.getUsername().equals(str)) {
                return onmsUser;
            }
        }
        return null;
    }

    private void addRole(OnmsUser onmsUser, String str) {
        log("Adding role %s to user %s\n", str, onmsUser.getUsername());
        onmsUser.addRole(str);
    }

    private boolean canRun() {
        return (this.magicUsersFile != null && this.magicUsersFile.exists()) || (this.magicUsersFileRPM != null && this.magicUsersFileRPM.exists()) || (this.magicUsersFileDEB != null && this.magicUsersFileDEB.exists());
    }
}
