package org.flowable.rest.conf;

import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.flowable.common.engine.api.FlowableException;
import org.flowable.engine.RepositoryService;
import org.flowable.engine.repository.Deployment;
import org.flowable.idm.api.IdmIdentityService;
import org.flowable.idm.api.Privilege;
import org.flowable.idm.api.User;
import org.flowable.rest.app.properties.RestAppProperties;
import org.flowable.rest.security.SecurityConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.CommandLineRunner;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.EnvironmentAware;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;

@Configuration(proxyBeanMethods = false)
/* loaded from: input_file:WEB-INF/classes/org/flowable/rest/conf/BootstrapConfiguration.class */
public class BootstrapConfiguration implements EnvironmentAware {
    protected static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) BootstrapConfiguration.class);
    protected final RepositoryService repositoryService;
    protected final IdmIdentityService idmIdentityService;
    protected final RestAppProperties restAppProperties;
    protected Environment environment;

    public BootstrapConfiguration(RepositoryService repositoryService, IdmIdentityService idmIdentityService, RestAppProperties restAppProperties) {
        this.repositoryService = repositoryService;
        this.idmIdentityService = idmIdentityService;
        this.restAppProperties = restAppProperties;
    }

    @ConditionalOnProperty(prefix = "flowable.rest.app.admin", name = {"user-id"})
    @Bean
    public CommandLineRunner initDefaultAdminUserAndPrivilegesRunner() {
        return strArr -> {
            if (StringUtils.isNotEmpty(this.restAppProperties.getAdmin().getUserId())) {
                if (((Boolean) this.environment.getProperty("flowable.idm.ldap.enabled", Boolean.class, false)).booleanValue()) {
                    initializeDefaultPrivileges(this.restAppProperties.getAdmin().getUserId());
                } else {
                    createDefaultAdminUserAndPrivileges(this.restAppProperties.getAdmin().getUserId());
                }
            }
        };
    }

    @ConditionalOnProperty(prefix = "flowable.rest.app", name = {"create-demo-definitions"}, havingValue = "true")
    @Bean
    public CommandLineRunner initDemoProcessDefinitionsRunner() {
        return strArr -> {
            initDemoProcessDefinitions();
        };
    }

    protected void createDefaultAdminUserAndPrivileges(String str) {
        User user = (User) this.idmIdentityService.createUserQuery().userId(str).singleResult();
        if (user == null) {
            LOGGER.info("No rest admin user found, initializing default entities");
            user = initRestAdmin();
        }
        initializeDefaultPrivileges(user.getId());
    }

    protected User initRestAdmin() {
        RestAppProperties.Admin admin = this.restAppProperties.getAdmin();
        String userId = admin.getUserId();
        String password = admin.getPassword();
        String firstName = admin.getFirstName();
        String lastName = admin.getLastName();
        User newUser = this.idmIdentityService.newUser(userId);
        newUser.setFirstName(firstName);
        newUser.setLastName(lastName);
        newUser.setPassword(password);
        this.idmIdentityService.saveUser(newUser);
        return newUser;
    }

    protected void initializeDefaultPrivileges(String str) {
        initializePrivilege(str, SecurityConstants.PRIVILEGE_ACCESS_REST_API);
        initializePrivilege(str, SecurityConstants.ACCESS_ADMIN);
    }

    protected void initializePrivilege(String str, String str2) {
        boolean z = false;
        Privilege singleResult = this.idmIdentityService.createPrivilegeQuery().privilegeName(str2).singleResult();
        if (singleResult != null) {
            z = restApiPrivilegeMappingExists(str, singleResult);
        } else {
            try {
                singleResult = this.idmIdentityService.createPrivilege(str2);
            } catch (Exception e) {
                singleResult = this.idmIdentityService.createPrivilegeQuery().privilegeName(str2).singleResult();
            }
        }
        if (singleResult == null) {
            throw new FlowableException("Could not find or create " + str2 + " privilege");
        }
        if (z) {
            return;
        }
        this.idmIdentityService.addUserPrivilegeMapping(singleResult.getId(), str);
    }

    protected boolean restApiPrivilegeMappingExists(String str, Privilege privilege) {
        return this.idmIdentityService.createPrivilegeQuery().userId(str).privilegeId(privilege.getId()).singleResult() != null;
    }

    protected void initDemoProcessDefinitions() {
        List<Deployment> list = this.repositoryService.createDeploymentQuery().deploymentName("Demo processes").list();
        if (list == null || list.isEmpty()) {
            this.repositoryService.createDeployment().name("Demo processes").addClasspathResource("createTimersProcess.bpmn20.xml").addClasspathResource("oneTaskProcess.bpmn20.xml").addClasspathResource("VacationRequest.bpmn20.xml").addClasspathResource("VacationRequest.png").addClasspathResource("FixSystemFailureProcess.bpmn20.xml").addClasspathResource("FixSystemFailureProcess.png").addClasspathResource("Helpdesk.bpmn20.xml").addClasspathResource("Helpdesk.png").addClasspathResource("reviewSalesLead.bpmn20.xml").deploy();
        }
    }

    @Override // org.springframework.context.EnvironmentAware
    public void setEnvironment(Environment environment) {
        this.environment = environment;
    }
}
