package com.axway.apim.actions.tasks;

import com.axway.apim.actions.rest.DELRequest;
import com.axway.apim.actions.rest.POSTRequest;
import com.axway.apim.actions.rest.Transaction;
import com.axway.apim.lib.AppException;
import com.axway.apim.lib.CommandParameters;
import com.axway.apim.lib.ErrorCode;
import com.axway.apim.lib.ErrorState;
import com.axway.apim.swagger.APIManagerAdapter;
import com.axway.apim.swagger.api.properties.organization.ApiAccess;
import com.axway.apim.swagger.api.state.AbstractAPI;
import com.axway.apim.swagger.api.state.DesiredAPI;
import com.axway.apim.swagger.api.state.IAPI;
import com.fasterxml.jackson.databind.JsonNode;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.http.HttpResponse;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.entity.StringEntity;
import org.apache.http.util.EntityUtils;

/* loaded from: input_file:com/axway/apim/actions/tasks/ManageClientOrgs.class */
public class ManageClientOrgs extends AbstractAPIMTask implements IResponseParser {
    private static String MODE = "MODE";
    private static String MODE_GRANT_ACCESS = "MODE_GRANT_ACCESS";
    private static String MODE_REMOVE_ACCESS = "MODE_REMOVE_ACCESS";

    public ManageClientOrgs(IAPI iapi, IAPI iapi2) {
        super(iapi, iapi2);
    }

    public void execute(boolean z) throws AppException {
        if (CommandParameters.getInstance().isIgnoreClientOrgs()) {
            LOG.info("Configured client organizations are ignored, as flag ignoreClientOrgs has been set.");
            return;
        }
        if (this.desiredState.getState().equals(IAPI.STATE_UNPUBLISHED)) {
            return;
        }
        if (this.desiredState.getClientOrganizations() != null || z) {
            if (((DesiredAPI) this.desiredState).isRequestForAllOrgs()) {
                LOG.info("Granting permission to all organizations");
                grantClientOrganization(getMissingOrgs(this.desiredState.getClientOrganizations(), this.actualState.getClientOrganizations()), this.actualState.getId(), true);
                return;
            }
            List<String> missingOrgs = getMissingOrgs(this.desiredState.getClientOrganizations(), this.actualState.getClientOrganizations());
            List<String> missingOrgs2 = getMissingOrgs(this.actualState.getClientOrganizations(), this.desiredState.getClientOrganizations());
            if (missingOrgs2.remove(((AbstractAPI) this.desiredState).getOrganization())) {
            }
            if (missingOrgs.size() == 0) {
                LOG.info("All desired organizations: " + this.desiredState.getClientOrganizations() + " have already access. Nothing to do.");
            } else {
                grantClientOrganization(missingOrgs, this.actualState.getId(), false);
            }
            if (missingOrgs2.size() > 0) {
                if (!CommandParameters.getInstance().getClientOrgsMode().equals(CommandParameters.MODE_REPLACE)) {
                    LOG.debug("NOT removing access for existing orgs: " + missingOrgs2 + " from API: " + this.actualState.getName() + " as clientOrgsMode NOT set to replace.");
                } else {
                    LOG.info("Removing access for orgs: " + missingOrgs2 + " from API: " + this.actualState.getName());
                    removeClientOrganization(missingOrgs2, this.actualState.getId());
                }
            }
        }
    }

    private void grantClientOrganization(List<String> list, String str, boolean z) throws AppException {
        String str2;
        Transaction.getInstance().put(MODE, MODE_GRANT_ACCESS);
        if (z) {
            str2 = "action=all_orgs&apiId=" + str;
            Transaction.getInstance().put("orgName", "ALL");
        } else {
            str2 = "action=orgs&apiId=" + str;
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                str2 = str2 + "&grantOrgId=" + APIManagerAdapter.getInstance().getOrgId(it.next());
            }
            Transaction.getInstance().put("orgName", list);
        }
        try {
            POSTRequest pOSTRequest = new POSTRequest(new StringEntity(str2), new URIBuilder(cmd.getAPIManagerURL()).setPath("/api/portal/v1.3/proxies/grantaccess").build(), this, true);
            pOSTRequest.setContentType("application/x-www-form-urlencoded");
            pOSTRequest.execute();
            this.actualState.getClientOrganizations().addAll(list);
        } catch (Exception e) {
            LOG.error("grantAccessToOrgs: '" + list + "'");
            LOG.error("allOrgs: '" + z + "'");
            throw new AppException("Can't grant access to organization.", ErrorCode.ACCESS_ORGANIZATION_ERR, e);
        }
    }

    private void removeClientOrganization(List<String> list, String str) throws AppException {
        Transaction.getInstance().put(MODE, MODE_REMOVE_ACCESS);
        for (String str2 : list) {
            String orgId = APIManagerAdapter.getInstance().getOrgId(str2);
            Transaction.getInstance().put("orgName", str2);
            for (ApiAccess apiAccess : APIManagerAdapter.getOrgsApiAccess(orgId, false)) {
                if (apiAccess.getApiId().equals(str)) {
                    try {
                        new DELRequest(new URIBuilder(cmd.getAPIManagerURL()).setPath("/api/portal/v1.3/organizations/" + orgId + "/apis/" + apiAccess.getId()).build(), this, true).execute();
                        this.actualState.getClientOrganizations().removeAll(list);
                    } catch (Exception e) {
                        LOG.error("Can't delete API-Access for organization. ");
                        throw new AppException("Can't delete API-Access for organization.", ErrorCode.ACCESS_ORGANIZATION_ERR, e);
                    }
                }
            }
        }
    }

    @Override // com.axway.apim.actions.tasks.IResponseParser
    public JsonNode parseResponse(HttpResponse httpResponse) throws AppException {
        Transaction transaction = Transaction.getInstance();
        if (httpResponse.getStatusLine().getStatusCode() == 204) {
            if (transaction.get(MODE).equals(MODE_GRANT_ACCESS)) {
                LOG.info("Granted permission to organization: '" + transaction.get("orgName") + "'");
                return null;
            }
            LOG.info("Removed permission from organization: '" + transaction.get("orgName") + "'");
            return null;
        }
        LOG.error("Received status code: " + httpResponse.getStatusLine().getStatusCode());
        try {
            LOG.error("Received response: " + EntityUtils.toString(httpResponse.getEntity()));
        } catch (Exception e) {
            LOG.error(e.getMessage(), e);
        }
        throw new AppException("Failure granting/deleting permission to/from organization: '" + transaction.get("orgName") + "'. Mode: '" + transaction.get(MODE) + "'", ErrorCode.ACCESS_ORGANIZATION_ERR);
    }

    private static List<String> getMissingOrgs(List<String> list, List<String> list2) throws AppException {
        ArrayList arrayList = new ArrayList();
        if (list == null || list2 == null) {
            return arrayList;
        }
        for (String str : list) {
            if (!list2.contains(str)) {
                if (APIManagerAdapter.getInstance().getOrgId(str) == null) {
                    LOG.error("Configured organizations: " + APIManagerAdapter.getInstance().getAllOrgs());
                    ErrorState.getInstance().setError("Unknown Org-Name: '" + str + "'", ErrorCode.UNKNOWN_ORGANIZATION, false);
                    throw new AppException("Unknown Org-Name: '" + str + "'", ErrorCode.UNKNOWN_ORGANIZATION);
                }
                arrayList.add(str);
            }
        }
        return arrayList;
    }
}
