package io.confluent.rbacapi.resources.v2;

import io.confluent.cloud.rbac.CloudRoleBinding;
import io.confluent.cloud.rbac.V2CloudRbacStorageService;
import io.confluent.crn.ConfluentCloudCrnAuthority;
import io.confluent.crn.CrnSyntaxException;
import io.confluent.rbacapi.entities.V2ListRoleBindingResponse;
import io.confluent.rbacapi.entities.V2SingleRoleBindingResponse;
import io.confluent.rbacapi.utils.CloudRoleUtils;
import io.confluent.rbacapi.utils.RoleUtils;
import io.confluent.rbacapi.utils.RoleUtilsBase;
import io.confluent.rbacapi.utils.ScopeUtils;
import io.confluent.rest.annotations.PerformanceMetric;
import io.confluent.security.authorizer.Scope;
import io.confluent.security.rbac.RbacRoles;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.SecurityContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/internal/v1")
/* loaded from: input_file:io/confluent/rbacapi/resources/v2/AdminDashResource.class */
public class AdminDashResource {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AdminDashResource.class);
    private static final String API_VERSION = "iam/admindash";
    private static final String KIND_ROLEBINDING = "RoleBinding";
    private final V2CloudRbacStorageService storageService;
    private final ConfluentCloudCrnAuthority authority;
    private final Map<String, String> displayNamesByName;
    private final RoleUtilsBase roleUtils = new CloudRoleUtils();

    public AdminDashResource(V2CloudRbacStorageService v2CloudRbacStorageService, ConfluentCloudCrnAuthority confluentCloudCrnAuthority, RbacRoles rbacRoles) {
        this.storageService = v2CloudRbacStorageService;
        this.authority = confluentCloudCrnAuthority;
        this.displayNamesByName = RoleUtils.mapRoleDisplayNamesByName(rbacRoles.roles());
    }

    @GET
    @Path("rolebindings/organization/{organization:.*}")
    @Produces({"application/json"})
    @PerformanceMetric("internal.rolebindings.organization")
    public V2ListRoleBindingResponse internalListRoleBindings(@Context SecurityContext securityContext, @PathParam("organization") String str, @QueryParam("get_deleted_rolebindings") boolean z) throws CrnSyntaxException {
        log.debug("internalListRoleBindings organization={} getDeletedRolebindings={}", str, Boolean.valueOf(z));
        Set<Scope> allKnownContainedScopes = ScopeUtils.allKnownContainedScopes(new Scope(Arrays.asList("organization=" + str), null), this.storageService);
        ArrayList arrayList = new ArrayList();
        List<CloudRoleBinding> rbacCloudRoleBindings = this.storageService.rbacCloudRoleBindings(null, null, null, allKnownContainedScopes, z);
        RoleUtilsBase roleUtilsBase = this.roleUtils;
        Iterator<CloudRoleBinding> it = RoleUtilsBase.roleBindingsWithDisplayNames(this.displayNamesByName, rbacCloudRoleBindings).iterator();
        while (it.hasNext()) {
            arrayList.add(new V2SingleRoleBindingResponse(API_VERSION, V2CloudRbacRoleBindingResource.adaptMDStoCRN(it.next()), null, this.authority));
        }
        return new V2ListRoleBindingResponse(API_VERSION, "RoleBindingList", null, arrayList);
    }
}
