package org.dcache.webadmin.view;

import dmg.cells.nucleus.CellEndpoint;
import dmg.cells.nucleus.CellPath;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.apache.wicket.Component;
import org.apache.wicket.Page;
import org.apache.wicket.Session;
import org.apache.wicket.authorization.strategies.CompoundAuthorizationStrategy;
import org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy;
import org.apache.wicket.authroles.authorization.strategies.role.RoleAuthorizationStrategy;
import org.apache.wicket.authroles.authorization.strategies.role.metadata.MetaDataRoleAuthorizationStrategy;
import org.apache.wicket.core.request.mapper.CryptoMapper;
import org.apache.wicket.protocol.http.WebApplication;
import org.apache.wicket.protocol.https.HttpsConfig;
import org.apache.wicket.protocol.https.HttpsMapper;
import org.apache.wicket.request.Request;
import org.apache.wicket.request.Response;
import org.dcache.auth.LoginStrategy;
import org.dcache.cells.CellStub;
import org.dcache.services.login.RemoteLoginStrategy;
import org.dcache.webadmin.controller.ActiveTransfersService;
import org.dcache.webadmin.controller.AlarmDisplayService;
import org.dcache.webadmin.controller.CellAdminService;
import org.dcache.webadmin.controller.CellsService;
import org.dcache.webadmin.controller.IBillingService;
import org.dcache.webadmin.controller.InfoService;
import org.dcache.webadmin.controller.LinkGroupsService;
import org.dcache.webadmin.controller.LogInService;
import org.dcache.webadmin.controller.PoolAdminService;
import org.dcache.webadmin.controller.PoolGroupService;
import org.dcache.webadmin.controller.PoolQueuesService;
import org.dcache.webadmin.controller.PoolSelectionSetupService;
import org.dcache.webadmin.controller.PoolSpaceService;
import org.dcache.webadmin.controller.TapeTransfersService;
import org.dcache.webadmin.controller.exceptions.LogInServiceException;
import org.dcache.webadmin.controller.impl.AlwaysFailLoginService;
import org.dcache.webadmin.controller.impl.LoginStrategyLogInService;
import org.dcache.webadmin.controller.util.ThumbnailPanelProvider;
import org.dcache.webadmin.view.beans.WebAdminInterfaceSession;
import org.dcache.webadmin.view.pages.AuthenticatedWebPage;
import org.dcache.webadmin.view.pages.activetransfers.ActiveTransfersPage;
import org.dcache.webadmin.view.pages.alarms.AlarmsPage;
import org.dcache.webadmin.view.pages.billingplots.BillingPlots;
import org.dcache.webadmin.view.pages.celladmin.CellAdmin;
import org.dcache.webadmin.view.pages.cellservices.CellServices;
import org.dcache.webadmin.view.pages.dcacheservices.DCacheServices;
import org.dcache.webadmin.view.pages.login.LogIn;
import org.dcache.webadmin.view.pages.pooladmin.PoolAdmin;
import org.dcache.webadmin.view.pages.poolgroupview.PoolGroupView;
import org.dcache.webadmin.view.pages.poollist.PoolList;
import org.dcache.webadmin.view.pages.poolqueues.PoolQueuePlots;
import org.dcache.webadmin.view.pages.poolqueues.PoolQueues;
import org.dcache.webadmin.view.pages.poolselectionsetup.PoolSelectionSetup;
import org.dcache.webadmin.view.pages.tapetransferqueue.TapeTransferQueue;
import org.dcache.webadmin.view.panels.navigation.BasicNavigationPanel;
import org.dcache.webadmin.view.util.Role;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;

/* loaded from: input_file:WEB-INF/classes/org/dcache/webadmin/view/WebAdminInterface.class */
public class WebAdminInterface extends WebApplication {
    public static final String MISSING_RESOURCE_KEY = "missing.resource";
    private static final long LOGIN_CELLSTUB_TIMEOUT = 5000;
    private static final List<Class<? extends Component>> ADMIN_PAGES = new ArrayList(Arrays.asList(PoolAdmin.class, CellAdmin.class, AlarmsPage.class));
    private static final Logger _log = LoggerFactory.getLogger(WebAdminInterface.class);
    private CellEndpoint _cellEndpoint;
    private PoolSpaceService _poolSpaceService;
    private PoolQueuesService _poolQueuesService;
    private PoolGroupService _poolGroupService;
    private CellsService _cellsService;
    private InfoService _infoService;
    private PoolAdminService _poolAdminService;
    private CellAdminService _cellAdminService;
    private LinkGroupsService _linkGroupsService;
    private ActiveTransfersService _activeTransfersService;
    private PoolSelectionSetupService _poolSelectionSetupService;
    private TapeTransfersService _tapeTransfersService;
    private IBillingService _billingService;
    private AlarmDisplayService _alarmDisplayService;
    private ThumbnailPanelProvider _thumbnailPanelProvider;
    private String _dcacheName;
    private String _dcacheDescription;
    private String _authDestination;
    private int _adminGid;
    private int _httpsPort;
    private int _httpPort;
    private LogInService _logInService = new AlwaysFailLoginService();
    private boolean _generatePlots = false;
    private boolean _poolQueuePlotsEnabled = false;
    private boolean _authenticatedMode = false;

    public ActiveTransfersService getActiveTransfersService() {
        return this._activeTransfersService;
    }

    public List<Class<? extends Component>> getAdminOnlyPages() {
        return Collections.unmodifiableList(ADMIN_PAGES);
    }

    public AlarmDisplayService getAlarmDisplayService() {
        return this._alarmDisplayService;
    }

    public IBillingService getBillingService() {
        return this._billingService;
    }

    public CellAdminService getCellAdminService() {
        return this._cellAdminService;
    }

    public CellsService getCellsService() {
        return this._cellsService;
    }

    public String getDcacheName() {
        return this._dcacheName;
    }

    public String getDcacheDescription() {
        return this._dcacheDescription;
    }

    public Class<? extends Page> getHomePage() {
        return DCacheServices.class;
    }

    public InfoService getInfoService() {
        return this._infoService;
    }

    public LinkGroupsService getLinkGroupsService() {
        return this._linkGroupsService;
    }

    public LogInService getLogInService() {
        return this._logInService;
    }

    public PoolAdminService getPoolAdminService() {
        return this._poolAdminService;
    }

    public PoolGroupService getPoolGroupService() {
        return this._poolGroupService;
    }

    public PoolQueuesService getPoolQueuesService() {
        return this._poolQueuesService;
    }

    public PoolSelectionSetupService getPoolSelectionSetupService() {
        return this._poolSelectionSetupService;
    }

    public PoolSpaceService getPoolSpaceService() {
        return this._poolSpaceService;
    }

    public TapeTransfersService getTapeTransfersService() {
        return this._tapeTransfersService;
    }

    public ThumbnailPanelProvider getThumbnailPanelProvider() {
        return this._thumbnailPanelProvider;
    }

    public boolean getAuthenticatedMode() {
        return this._authenticatedMode;
    }

    public Session newSession(Request request, Response response) {
        return new WebAdminInterfaceSession(request);
    }

    @Required
    public void setActiveTransfersService(ActiveTransfersService activeTransfersService) {
        this._activeTransfersService = activeTransfersService;
    }

    @Required
    public void setAdminGid(int i) {
        this._adminGid = i;
    }

    @Required
    public void setAlarmDisplayService(AlarmDisplayService alarmDisplayService) {
        this._alarmDisplayService = alarmDisplayService;
    }

    @Required
    public void setAuthDestination(String str) {
        this._authDestination = str;
    }

    @Required
    public void setAuthenticatedMode(boolean z) {
        this._authenticatedMode = z;
    }

    @Required
    public void setBillingService(IBillingService iBillingService) {
        this._billingService = iBillingService;
    }

    @Required
    public void setCellAdminService(CellAdminService cellAdminService) {
        this._cellAdminService = cellAdminService;
    }

    @Required
    public void setHttpPort(int i) {
        this._httpPort = i;
    }

    @Required
    public void setHttpsPort(int i) {
        this._httpsPort = i;
    }

    @Required
    public void setCellEndpoint(CellEndpoint cellEndpoint) {
        this._cellEndpoint = cellEndpoint;
    }

    @Required
    public void setCellsService(CellsService cellsService) {
        this._cellsService = cellsService;
    }

    @Required
    public void setDcacheName(String str) {
        this._dcacheName = str;
    }

    @Required
    public void setDcacheDescription(String str) {
        this._dcacheDescription = str;
    }

    @Required
    public void setGeneratePlots(boolean z) {
        this._generatePlots = z;
    }

    @Required
    public void setInfoService(InfoService infoService) {
        this._infoService = infoService;
    }

    @Required
    public void setLinkGroupsService(LinkGroupsService linkGroupsService) {
        this._linkGroupsService = linkGroupsService;
    }

    @Required
    public void setPoolAdminService(PoolAdminService poolAdminService) {
        this._poolAdminService = poolAdminService;
    }

    @Required
    public void setPoolGroupService(PoolGroupService poolGroupService) {
        this._poolGroupService = poolGroupService;
    }

    @Required
    public void setPoolQueuePlotsEnabled(boolean z) {
        this._poolQueuePlotsEnabled = z;
    }

    @Required
    public void setPoolQueuesService(PoolQueuesService poolQueuesService) {
        this._poolQueuesService = poolQueuesService;
    }

    @Required
    public void setPoolSelectionSetupService(PoolSelectionSetupService poolSelectionSetupService) {
        this._poolSelectionSetupService = poolSelectionSetupService;
    }

    @Required
    public void setPoolSpaceService(PoolSpaceService poolSpaceService) {
        this._poolSpaceService = poolSpaceService;
    }

    @Required
    public void setTapeTransfersService(TapeTransfersService tapeTransfersService) {
        this._tapeTransfersService = tapeTransfersService;
    }

    @Required
    public void setThumbnailPanelProvider(ThumbnailPanelProvider thumbnailPanelProvider) {
        this._thumbnailPanelProvider = thumbnailPanelProvider;
    }

    protected void init() {
        super.init();
        setAuthorizationStrategies();
        getApplicationSettings().setPageExpiredErrorPage(LogIn.class);
        setRootRequestMapper(new CryptoMapper(getRootRequestMapper(), this));
        mountBookmarkablePages();
        markAdminOnlyPages();
        if (getAuthenticatedMode()) {
            setRootRequestMapper(new HttpsMapper(getRootRequestMapper(), new HttpsConfig(this._httpPort, this._httpsPort)));
        }
    }

    private void markAdminOnlyPages() {
        Iterator<Class<? extends Component>> it = ADMIN_PAGES.iterator();
        while (it.hasNext()) {
            MetaDataRoleAuthorizationStrategy.authorize(it.next(), Role.ADMIN);
        }
    }

    private void mountBookmarkablePages() {
        mountPage("login", LogIn.class);
        mountPage("cellinfo", CellServices.class);
        mountPage("queueinfo", PoolQueues.class);
        mountPage("usageinfo", PoolList.class);
        mountPage("poolgroups", PoolGroupView.class);
        mountPage("pooladmin", PoolAdmin.class);
        mountPage("celladmin", CellAdmin.class);
        mountPage("transfers", ActiveTransfersPage.class);
        mountPage("poolinfo", PoolSelectionSetup.class);
        mountPage("tapetransfers", TapeTransferQueue.class);
        mountPage("alarms", AlarmsPage.class);
        if (this._generatePlots) {
            this._billingService.initialize();
            mountPage("billingplots", BillingPlots.class);
        } else {
            BasicNavigationPanel.removeBillingPage("The httpd.enable.plots.billing property is false");
        }
        if (this._poolQueuePlotsEnabled) {
            mountPage("poolqueueplots", PoolQueuePlots.class);
        } else {
            BasicNavigationPanel.removePoolQueuePlotsPage("The httpd.enable.plots.pool-queue property is false");
        }
    }

    private void setAuthorizationStrategies() {
        if (getAuthenticatedMode()) {
            LoginStrategy remoteLoginStrategy = new RemoteLoginStrategy(new CellStub(this._cellEndpoint, new CellPath(this._authDestination), LOGIN_CELLSTUB_TIMEOUT));
            LoginStrategyLogInService loginStrategyLogInService = new LoginStrategyLogInService();
            loginStrategyLogInService.setLoginStrategy(remoteLoginStrategy);
            loginStrategyLogInService.setAdminGid(this._adminGid);
            this._logInService = loginStrategyLogInService;
        }
        SimplePageAuthorizationStrategy simplePageAuthorizationStrategy = new SimplePageAuthorizationStrategy(AuthenticatedWebPage.class, LogIn.class) { // from class: org.dcache.webadmin.view.WebAdminInterface.1
            protected boolean isAuthorized() {
                boolean isSignedIn = Session.get().isSignedIn();
                if (!isSignedIn) {
                    try {
                        LogIn.signInWithCert(WebAdminInterface.this._logInService);
                        isSignedIn = true;
                    } catch (IllegalArgumentException | LogInServiceException e) {
                        WebAdminInterface._log.debug("could not automatically authorize using browser certificate: {}", e.toString());
                    }
                }
                return isSignedIn;
            }
        };
        RoleAuthorizationStrategy roleAuthorizationStrategy = new RoleAuthorizationStrategy(roles -> {
            _log.debug("checking {}", roles.toString());
            boolean hasAnyRole = Session.get().hasAnyRole(roles);
            _log.debug("results in: {}", Boolean.valueOf(hasAnyRole));
            return hasAnyRole;
        });
        CompoundAuthorizationStrategy compoundAuthorizationStrategy = new CompoundAuthorizationStrategy();
        compoundAuthorizationStrategy.add(simplePageAuthorizationStrategy);
        compoundAuthorizationStrategy.add(roleAuthorizationStrategy);
        getSecuritySettings().setAuthorizationStrategy(compoundAuthorizationStrategy);
    }
}
