package com.floragunn.searchguard.enterprise.dlsfls.legacy;

import com.floragunn.codova.validation.ValidationErrors;
import com.floragunn.codova.validation.errors.ValidationError;
import com.floragunn.searchguard.configuration.CType;
import com.floragunn.searchguard.configuration.ConfigMap;
import com.floragunn.searchguard.configuration.SgDynamicConfiguration;
import com.floragunn.searchguard.enterprise.dlsfls.DlsFlsConfig;
import com.floragunn.searchsupport.cstate.ComponentState;
import java.util.Collection;
import java.util.Collections;
import java.util.Map;
import java.util.Optional;
import java.util.UUID;
import java.util.stream.Collectors;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.elasticsearch.cluster.metadata.IndexNameExpressionResolver;
import org.elasticsearch.cluster.service.ClusterService;

/* loaded from: input_file:com/floragunn/searchguard/enterprise/dlsfls/legacy/DlsFlsProcessedConfig.class */
public class DlsFlsProcessedConfig {
    private static final Logger log = LogManager.getLogger(DlsFlsProcessedConfig.class);
    public static final DlsFlsProcessedConfig DEFAULT = new DlsFlsProcessedConfig(DlsFlsConfig.DEFAULT, null, null, null);
    private final DlsFlsConfig dlsFlsConfig;
    private final LegacyRoleBasedDocumentAuthorization documentAuthorization;
    private final boolean enabled;
    private final boolean validationErrorsPresent;
    private final String validationErrorDescription;
    private final String uniqueValidationErrorToken;

    DlsFlsProcessedConfig(DlsFlsConfig dlsFlsConfig, LegacyRoleBasedDocumentAuthorization legacyRoleBasedDocumentAuthorization, ValidationErrors validationErrors, ValidationErrors validationErrors2) {
        this.dlsFlsConfig = dlsFlsConfig;
        this.documentAuthorization = legacyRoleBasedDocumentAuthorization;
        this.enabled = dlsFlsConfig.getEnabledImpl() != DlsFlsConfig.Impl.FLX;
        this.validationErrorsPresent = (validationErrors != null && validationErrors.hasErrors()) || (validationErrors2 != null && validationErrors2.hasErrors());
        this.uniqueValidationErrorToken = UUID.randomUUID().toString();
        this.validationErrorDescription = describeValidationErrors(this.uniqueValidationErrorToken, validationErrors, validationErrors2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static DlsFlsProcessedConfig createFrom(ConfigMap configMap, ComponentState componentState, IndexNameExpressionResolver indexNameExpressionResolver, ClusterService clusterService) {
        try {
            SgDynamicConfiguration sgDynamicConfiguration = configMap.get(DlsFlsConfig.TYPE);
            LegacyRoleBasedDocumentAuthorization legacyRoleBasedDocumentAuthorization = null;
            DlsFlsConfig dlsFlsConfig = (sgDynamicConfiguration == null || sgDynamicConfiguration.getCEntry("default") == null) ? DlsFlsConfig.DEFAULT : (DlsFlsConfig) sgDynamicConfiguration.getCEntry("default");
            ValidationErrors validationErrors = null;
            if (dlsFlsConfig.getEnabledImpl() != DlsFlsConfig.Impl.FLX) {
                SgDynamicConfiguration sgDynamicConfiguration2 = configMap.get(CType.ROLES);
                validationErrors = sgDynamicConfiguration2.getValidationErrors();
                legacyRoleBasedDocumentAuthorization = new LegacyRoleBasedDocumentAuthorization(sgDynamicConfiguration2, indexNameExpressionResolver, clusterService);
                componentState.setState(ComponentState.State.INITIALIZED);
            } else {
                componentState.setState(ComponentState.State.DISABLED);
            }
            return new DlsFlsProcessedConfig(dlsFlsConfig, legacyRoleBasedDocumentAuthorization, validationErrors, (ValidationErrors) Optional.ofNullable(configMap.get(CType.ROLESMAPPING)).map(sgDynamicConfiguration3 -> {
                return sgDynamicConfiguration3.getValidationErrors();
            }).orElse(null));
        } catch (Exception e) {
            log.error("Error while updating DLS/FLS config", e);
            componentState.setFailed(e);
            return DEFAULT;
        }
    }

    public DlsFlsConfig getDlsFlsConfig() {
        return this.dlsFlsConfig;
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    public LegacyRoleBasedDocumentAuthorization getDocumentAuthorization() {
        return this.documentAuthorization;
    }

    private static String describeConfigurationErrors(Map<String, Collection<ValidationError>> map, String str) {
        if (map.isEmpty()) {
            return "";
        }
        StringBuilder append = new StringBuilder("The following validation errors found in SearchGuard ").append(str).append(" definitions. ");
        for (Map.Entry<String, Collection<ValidationError>> entry : map.entrySet()) {
            append.append("Incorrect value is pointed out by the expression '").append(entry.getKey()).append("' and is related to the following error message '").append((String) entry.getValue().stream().map((v0) -> {
                return v0.toValidationErrorsOverviewString();
            }).collect(Collectors.joining(", "))).append("'. ");
        }
        return append.toString();
    }

    private String describeValidationErrors(String str, ValidationErrors validationErrors, ValidationErrors validationErrors2) {
        Map map = (Map) Optional.ofNullable(validationErrors).filter((v0) -> {
            return v0.hasErrors();
        }).map((v0) -> {
            return v0.getErrors();
        }).orElseGet(Collections::emptyMap);
        Map map2 = (Map) Optional.ofNullable(validationErrors2).filter((v0) -> {
            return v0.hasErrors();
        }).map((v0) -> {
            return v0.getErrors();
        }).orElseGet(Collections::emptyMap);
        if (map.isEmpty() && map2.isEmpty()) {
            return null;
        }
        String str2 = describeConfigurationErrors(map, "roles") + describeConfigurationErrors(map2, "roles mapping") + "Please correct the configuration to unblock access to the system. (" + str + ")";
        log.error(str2);
        return str2;
    }

    public boolean containsValidationError() {
        return this.validationErrorsPresent;
    }

    public String getValidationErrorDescription() {
        return this.validationErrorDescription;
    }

    public String getUniqueValidationErrorToken() {
        return this.uniqueValidationErrorToken;
    }
}
