package org.apache.solr.handler.admin;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import org.apache.solr.common.SolrException;
import org.apache.solr.common.cloud.ZkStateReader;
import org.apache.solr.common.params.CommonParams;
import org.apache.solr.common.util.Utils;
import org.apache.solr.core.CoreContainer;
import org.apache.solr.handler.RequestHandlerBase;
import org.apache.solr.handler.SolrConfigHandler;
import org.apache.solr.request.SolrQueryRequest;
import org.apache.solr.response.SolrQueryResponse;
import org.apache.solr.security.AuthorizationContext;
import org.apache.solr.security.ConfigEditablePlugin;
import org.apache.solr.security.PermissionNameProvider;
import org.apache.solr.util.CommandOperation;
import org.apache.zookeeper.KeeperException;
import org.xwiki.security.authorization.script.SecurityAuthorizationScriptService;

/* loaded from: input_file:WEB-INF/lib/solr-core-6.2.1.jar:org/apache/solr/handler/admin/SecurityConfHandler.class */
public class SecurityConfHandler extends RequestHandlerBase implements PermissionNameProvider {
    private CoreContainer cores;

    public SecurityConfHandler(CoreContainer coreContainer) {
        this.cores = coreContainer;
    }

    @Override // org.apache.solr.security.PermissionNameProvider
    public PermissionNameProvider.Name getPermissionName(AuthorizationContext authorizationContext) {
        String httpMethod = authorizationContext.getHttpMethod();
        boolean z = -1;
        switch (httpMethod.hashCode()) {
            case 70454:
                if (httpMethod.equals("GET")) {
                    z = false;
                    break;
                }
                break;
            case 2461856:
                if (httpMethod.equals("POST")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return PermissionNameProvider.Name.SECURITY_READ_PERM;
            case true:
                return PermissionNameProvider.Name.SECURITY_EDIT_PERM;
            default:
                return null;
        }
    }

    @Override // org.apache.solr.handler.RequestHandlerBase
    public void handleRequestBody(SolrQueryRequest solrQueryRequest, SolrQueryResponse solrQueryResponse) throws Exception {
        SolrConfigHandler.setWt(solrQueryRequest, CommonParams.JSON);
        String str = (String) solrQueryRequest.getContext().get("httpMethod");
        String str2 = (String) solrQueryRequest.getContext().get("path");
        String substring = str2.substring(str2.lastIndexOf(47) + 1);
        if ("GET".equals(str)) {
            getConf(solrQueryResponse, substring);
        } else if ("POST".equals(str)) {
            doEdit(solrQueryRequest, solrQueryResponse, str2, substring, getPlugin(substring));
        }
    }

    private void doEdit(SolrQueryRequest solrQueryRequest, SolrQueryResponse solrQueryResponse, String str, String str2, Object obj) throws IOException {
        ZkStateReader.ConfigData securityProps;
        if (obj == null) {
            throw new SolrException(SolrException.ErrorCode.BAD_REQUEST, "No " + str2 + " plugin configured");
        }
        if (!(obj instanceof ConfigEditablePlugin)) {
            throw new SolrException(SolrException.ErrorCode.BAD_REQUEST, str2 + " plugin is not editable");
        }
        ConfigEditablePlugin configEditablePlugin = (ConfigEditablePlugin) obj;
        if (solrQueryRequest.getContentStreams() == null) {
            throw new SolrException(SolrException.ErrorCode.BAD_REQUEST, "No contentStream");
        }
        List<CommandOperation> readCommands = CommandOperation.readCommands(solrQueryRequest.getContentStreams(), solrQueryResponse);
        if (readCommands == null) {
            throw new SolrException(SolrException.ErrorCode.BAD_REQUEST, "No commands");
        }
        do {
            securityProps = getSecurityProps(true);
            Map map = (Map) securityProps.data.get(str2);
            if (map == null) {
                throw new SolrException(SolrException.ErrorCode.SERVER_ERROR, "No configuration present for " + str2);
            }
            List<CommandOperation> clone = CommandOperation.clone(readCommands);
            Map<String, Object> edit = configEditablePlugin.edit(Utils.getDeepCopy(map, 4), clone);
            if (edit == null) {
                List<Map> captureErrors = CommandOperation.captureErrors(clone);
                if (captureErrors.isEmpty()) {
                    return;
                }
                solrQueryResponse.add(CommandOperation.ERR_MSGS, captureErrors);
                return;
            }
            if (!Objects.equals(map.get("class"), edit.get("class"))) {
                throw new SolrException(SolrException.ErrorCode.SERVER_ERROR, "class cannot be modified");
            }
            getMapValue(edit, "").put("v", Integer.valueOf(securityProps.version + 1));
            securityProps.data.put(str2, edit);
        } while (!persistConf(ZkStateReader.SOLR_SECURITY_CONF_PATH, Utils.toJSON(securityProps.data), securityProps.version));
    }

    Object getPlugin(String str) {
        Object obj = null;
        if ("authentication".equals(str)) {
            obj = this.cores.getAuthenticationPlugin();
        }
        if (SecurityAuthorizationScriptService.ID.equals(str)) {
            obj = this.cores.getAuthorizationPlugin();
        }
        return obj;
    }

    ZkStateReader.ConfigData getSecurityProps(boolean z) {
        return this.cores.getZkController().getZkStateReader().getSecurityProps(z);
    }

    boolean persistConf(String str, byte[] bArr, int i) {
        try {
            this.cores.getZkController().getZkClient().setData(str, bArr, i, true);
            return true;
        } catch (KeeperException.BadVersionException e) {
            return false;
        } catch (Exception e2) {
            throw new SolrException(SolrException.ErrorCode.SERVER_ERROR, " Unable to persist conf", e2);
        }
    }

    private void getConf(SolrQueryResponse solrQueryResponse, String str) {
        ZkStateReader.ConfigData securityProps = this.cores.getZkController().getZkStateReader().getSecurityProps(false);
        Object obj = securityProps == null ? null : securityProps.data.get(str);
        if (obj == null) {
            solrQueryResponse.add(CommandOperation.ERR_MSGS, Collections.singletonList("No " + str + " configured"));
        } else {
            solrQueryResponse.add(str + ".enabled", Boolean.valueOf(getPlugin(str) != null));
            solrQueryResponse.add(str, obj);
        }
    }

    public static Map<String, Object> getMapValue(Map<String, Object> map, String str) {
        Map<String, Object> map2 = (Map) map.get(str);
        if (map2 == null) {
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            map2 = linkedHashMap;
            map.put(str, linkedHashMap);
        }
        return map2;
    }

    public static List getListValue(Map<String, Object> map, String str) {
        List list = (List) map.get(str);
        if (list == null) {
            ArrayList arrayList = new ArrayList();
            list = arrayList;
            map.put(str, arrayList);
        }
        return list;
    }

    @Override // org.apache.solr.handler.RequestHandlerBase, org.apache.solr.core.SolrInfoMBean
    public String getDescription() {
        return "Edit or read security configuration";
    }
}
