package org.gcube.informationsystem.resourceregistry.dbinitialization;

import com.orientechnologies.orient.core.metadata.security.ORestrictedOperation;
import com.orientechnologies.orient.core.metadata.security.ORole;
import com.orientechnologies.orient.core.metadata.security.OSecurity;
import com.orientechnologies.orient.core.metadata.security.OSecurityRole;
import com.orientechnologies.orient.core.record.impl.ODocument;
import com.tinkerpop.blueprints.Direction;
import com.tinkerpop.blueprints.Edge;
import com.tinkerpop.blueprints.Vertex;
import com.tinkerpop.blueprints.impls.orient.OrientEdge;
import com.tinkerpop.blueprints.impls.orient.OrientGraph;
import com.tinkerpop.blueprints.impls.orient.OrientVertex;
import java.util.Iterator;
import org.gcube.informationsystem.resourceregistry.dbinitialization.SecurityContextMapper;

/* loaded from: input_file:WEB-INF/classes/org/gcube/informationsystem/resourceregistry/dbinitialization/SecurityContext.class */
public class SecurityContext {
    public static final String DEFAULT_WRITER_ROLE = "writer";
    public static final String DEFAULT_READER_ROLE = "reader";

    public static void addToSecurityContext(OrientGraph orientGraph, Vertex vertex, String str) {
        addToSecurityContext(orientGraph.getRawGraph().getMetadata().getSecurity(), vertex, str);
    }

    public static void addToSecurityContext(OSecurity oSecurity, Vertex vertex, String str) {
        allowSecurityContextRoles(oSecurity, ((OrientVertex) vertex).getRecord(), str);
        Iterator<Edge> it = vertex.getEdges(Direction.BOTH, new String[0]).iterator();
        while (it.hasNext()) {
            allowSecurityContextRoles(oSecurity, ((OrientEdge) it.next()).getRecord(), str);
        }
    }

    public static void addToSecurityContext(OrientGraph orientGraph, Edge edge, String str) {
        addToSecurityContext(orientGraph.getRawGraph().getMetadata().getSecurity(), edge, str);
    }

    public static void addToSecurityContext(OSecurity oSecurity, Edge edge, String str) {
        allowSecurityContextRoles(oSecurity, ((OrientEdge) edge).getRecord(), str);
    }

    protected static void allowSecurityContextRoles(OSecurity oSecurity, ODocument oDocument, String str) {
        oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_ALL, SecurityContextMapper.getSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.WRITER, SecurityContextMapper.SecurityType.ROLE, str));
        oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_READ, SecurityContextMapper.getSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.READER, SecurityContextMapper.SecurityType.ROLE, str));
        oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_ALL, DEFAULT_WRITER_ROLE);
        oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_READ, DEFAULT_READER_ROLE);
    }

    public static void createSecurityContext(OrientGraph orientGraph, String str) {
        OSecurity security = orientGraph.getRawGraph().getMetadata().getSecurity();
        ORole role = security.getRole(DEFAULT_WRITER_ROLE);
        ORole role2 = security.getRole(DEFAULT_READER_ROLE);
        ORole createRole = security.createRole(SecurityContextMapper.getSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.WRITER, SecurityContextMapper.SecurityType.ROLE, str), role, OSecurityRole.ALLOW_MODES.DENY_ALL_BUT);
        ORole createRole2 = security.createRole(SecurityContextMapper.getSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.READER, SecurityContextMapper.SecurityType.ROLE, str), role2, OSecurityRole.ALLOW_MODES.DENY_ALL_BUT);
        security.createUser(SecurityContextMapper.getSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.WRITER, SecurityContextMapper.SecurityType.USER, str), DatabaseEnvironment.DEFAULT_PASSWORDS.get(SecurityContextMapper.PermissionMode.WRITER), createRole);
        security.createUser(SecurityContextMapper.getSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.READER, SecurityContextMapper.SecurityType.USER, str), DatabaseEnvironment.DEFAULT_PASSWORDS.get(SecurityContextMapper.PermissionMode.READER), createRole2);
        orientGraph.commit();
    }

    public static void deleteSecurityContext(OrientGraph orientGraph, String str) {
        OSecurity security = orientGraph.getRawGraph().getMetadata().getSecurity();
        security.dropUser(SecurityContextMapper.getSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.READER, SecurityContextMapper.SecurityType.USER, str));
        security.dropUser(SecurityContextMapper.getSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.WRITER, SecurityContextMapper.SecurityType.USER, str));
        security.dropRole(SecurityContextMapper.getSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.READER, SecurityContextMapper.SecurityType.ROLE, str));
        security.dropRole(SecurityContextMapper.getSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.WRITER, SecurityContextMapper.SecurityType.ROLE, str));
    }
}
