package org.pentaho.platform.repository2.unified.lifecycle;

import java.util.Arrays;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.pentaho.platform.api.mt.ITenant;
import org.pentaho.platform.repository2.unified.jcr.IPathConversionHelper;
import org.pentaho.platform.repository2.unified.jcr.JcrTenantUtils;
import org.pentaho.platform.security.policy.rolebased.IRoleAuthorizationPolicyRoleBindingDao;
import org.springframework.extensions.jcr.JcrTemplate;
import org.springframework.transaction.support.TransactionTemplate;

/* loaded from: input_file:org/pentaho/platform/repository2/unified/lifecycle/ExecutePermissionRepositoryLifecycleManager.class */
public class ExecutePermissionRepositoryLifecycleManager extends AbstractBackingRepositoryLifecycleManager {
    private static final Log logger = LogFactory.getLog(DefaultUserRepositoryLifecycleManager.class);
    private static final ITenant DEFAULT_TENANT = JcrTenantUtils.getDefaultTenant();
    private final IRoleAuthorizationPolicyRoleBindingDao roleBindingDao;
    private List<String> rolesNeedingExecutePermission;
    public static final String EXECUTE_PERMISSION_ADDED_METADATA = "executePermissionAdded";
    public static final String EXECUTE_PERMISSION_NAME = "org.pentaho.repository.execute";

    public ExecutePermissionRepositoryLifecycleManager(IRoleAuthorizationPolicyRoleBindingDao iRoleAuthorizationPolicyRoleBindingDao, TransactionTemplate transactionTemplate, JcrTemplate jcrTemplate, IPathConversionHelper iPathConversionHelper) {
        super(transactionTemplate, jcrTemplate, iPathConversionHelper);
        this.roleBindingDao = iRoleAuthorizationPolicyRoleBindingDao;
    }

    public void newTenant() {
    }

    public void newTenant(ITenant iTenant) {
    }

    public void newUser() {
    }

    public void newUser(ITenant iTenant, String str) {
    }

    public void shutdown() {
    }

    public void startup() {
        if (doesMetadataExists(EXECUTE_PERMISSION_ADDED_METADATA).booleanValue()) {
            return;
        }
        addExecutePermissionToRoles();
        addMetadataToRepository(EXECUTE_PERMISSION_ADDED_METADATA);
    }

    private void addExecutePermissionToRoles() {
        if (logger.isDebugEnabled()) {
            logger.debug("Configuring execute permissions for specified roles.");
        }
        if (this.rolesNeedingExecutePermission != null) {
            for (String str : this.rolesNeedingExecutePermission) {
                List<String> boundLogicalRoleNames = this.roleBindingDao.getBoundLogicalRoleNames(DEFAULT_TENANT, Arrays.asList(str));
                if (boundLogicalRoleNames != null) {
                    boundLogicalRoleNames.add(EXECUTE_PERMISSION_NAME);
                    this.roleBindingDao.setRoleBindings(DEFAULT_TENANT, str, boundLogicalRoleNames);
                    if (logger.isDebugEnabled()) {
                        logger.debug("Adding Execute permission to role: " + str);
                    }
                }
            }
        }
    }

    public void setRolesNeedingExecutePermission(List<String> list) {
        this.rolesNeedingExecutePermission = list;
    }

    public List<String> getRolesNeedingExecutePermission() {
        return this.rolesNeedingExecutePermission;
    }
}
