package com.atlassian.bamboo.configuration.external.exporters;

import com.atlassian.bamboo.deployments.environments.Environment;
import com.atlassian.bamboo.deployments.projects.DeploymentProject;
import com.atlassian.bamboo.plan.cache.ImmutablePlan;
import com.atlassian.bamboo.security.acegi.acls.BambooPermission;
import com.atlassian.bamboo.security.acegi.acls.GroupPrincipalSid;
import com.atlassian.bamboo.security.acegi.acls.HibernateMutableAclService;
import com.atlassian.bamboo.security.acegi.acls.HibernateObjectIdentityImpl;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import org.acegisecurity.acls.AccessControlEntry;
import org.acegisecurity.acls.Acl;
import org.acegisecurity.acls.IdentityUnavailableException;
import org.acegisecurity.acls.NotFoundException;
import org.acegisecurity.acls.Permission;
import org.acegisecurity.acls.sid.GrantedAuthoritySid;
import org.acegisecurity.acls.sid.PrincipalSid;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/atlassian/bamboo/configuration/external/exporters/PermissionExporterImpl.class */
public class PermissionExporterImpl implements PermissionExporter {
    private static final int ROLES_PREFIX_LENGTH = "role_".length();
    private static final Logger log = Logger.getLogger(PermissionExporterImpl.class);

    @Autowired
    private HibernateMutableAclService aclService;

    @Override // com.atlassian.bamboo.configuration.external.exporters.PermissionExporter
    @NotNull
    public Map<String, Object> exportPermissions(@NotNull ImmutablePlan immutablePlan) {
        return getStringObjectMap(this.aclService.readAclById(new HibernateObjectIdentityImpl(immutablePlan)));
    }

    @Override // com.atlassian.bamboo.configuration.external.exporters.PermissionExporter
    @NotNull
    public Map<String, Object> exportPermissions(@NotNull DeploymentProject deploymentProject) {
        return getStringObjectMap(this.aclService.readMutableAclById(new HibernateObjectIdentityImpl(deploymentProject)));
    }

    @Override // com.atlassian.bamboo.configuration.external.exporters.PermissionExporter
    @NotNull
    public Map<String, Object> exportPermissions(@NotNull Environment environment) {
        try {
            return getStringObjectMap(this.aclService.readMutableAclById(new HibernateObjectIdentityImpl(environment)));
        } catch (NotFoundException e) {
            return Collections.emptyMap();
        } catch (IdentityUnavailableException e2) {
            log.error(e2.getMessage(), e2);
            return Collections.emptyMap();
        }
    }

    private void storePermissions(@NotNull String str, Permission permission, @NotNull Map<String, List<String>> map) {
        List<String> computeIfAbsent = map.computeIfAbsent(str, str2 -> {
            return new LinkedList();
        });
        String determineNameFromPermission = BambooPermission.determineNameFromPermission(permission);
        if (StringUtils.isNotEmpty(determineNameFromPermission)) {
            computeIfAbsent.add(determineNameFromPermission.toLowerCase());
            Collections.sort(computeIfAbsent);
        }
    }

    @NotNull
    private Map<String, Object> getStringObjectMap(Acl acl) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        LinkedHashMap linkedHashMap2 = new LinkedHashMap();
        LinkedHashMap linkedHashMap3 = new LinkedHashMap();
        LinkedHashMap linkedHashMap4 = new LinkedHashMap();
        linkedHashMap.put("users", linkedHashMap2);
        linkedHashMap.put("groups", linkedHashMap3);
        linkedHashMap.put("roles", linkedHashMap4);
        for (AccessControlEntry accessControlEntry : acl.getEntries()) {
            PrincipalSid sid = accessControlEntry.getSid();
            Permission permission = accessControlEntry.getPermission();
            if (sid instanceof PrincipalSid) {
                storePermissions(sid.getPrincipal(), permission, linkedHashMap2);
            } else if (sid instanceof GroupPrincipalSid) {
                storePermissions(((GroupPrincipalSid) sid).getPrincipal(), permission, linkedHashMap3);
            } else if (sid instanceof GrantedAuthoritySid) {
                storePermissions(((GrantedAuthoritySid) sid).getGrantedAuthority().substring(ROLES_PREFIX_LENGTH).toLowerCase(), permission, linkedHashMap4);
            }
        }
        return linkedHashMap;
    }
}
