/*
 * Copyright 2016 JBoss, by Red Hat, Inc
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *       http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.uberfire.backend.server.security;

import java.nio.file.Path;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;

import org.apache.commons.lang3.StringUtils;
import org.jdom.Document;
import org.jdom.Element;
import org.jdom.input.SAXBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.uberfire.backend.server.WebAppListener;
import org.uberfire.backend.server.WebAppSettings;
import org.uberfire.commons.services.cdi.Startup;
import org.uberfire.commons.services.cdi.StartupType;

/**
 * Startup class that read the roles declared in the webapp's web.xml and register them into the {@link RoleRegistry}.
 */
@Startup(StartupType.BOOTSTRAP)
@ApplicationScoped
public class RoleLoader {

    Logger logger = LoggerFactory.getLogger(RoleLoader.class);

    @PostConstruct
    public void init() {
        WebAppListener.registerOnStartupCommand(this::registerRolesFromwWebXml);
    }

    public void registerRolesFromwWebXml() {
        try {
            Set<String> roles = loadRolesFromwWebXml();
            for (String role : roles) {
                RoleRegistry.get().registerRole(role);
            }
            if (!roles.isEmpty()) {
                logger.info("Roles registered from web.xml \"" + StringUtils.join(roles.toArray(),
                                                                                  ",") + "\"");
            }
        } catch (Exception e) {
            logger.error("Error reading roles from web.xml",
                         e);
        }
    }

    protected Set<String> loadRolesFromwWebXml() throws Exception {
        Path webXml = WebAppSettings.get().getAbsolutePath("WEB-INF",
                                                           "web.xml");

        Set<String> result = new HashSet<>();
        SAXBuilder builder = new SAXBuilder();
        Document doc = builder.build(webXml.toFile());
        Element root = doc.getRootElement();

        // Look for <security-role> declarations.
        List bundleNodes = root.getChildren("security-role");
        if (bundleNodes.isEmpty()) {
            bundleNodes = root.getChildren("security-role",
                                           null);
        }
        for (Iterator iterator = bundleNodes.iterator(); iterator.hasNext(); ) {
            Element el_role = (Element) iterator.next();
            List ch_role = el_role.getChildren();
            for (int i = 0; i < ch_role.size(); i++) {
                Element el_child = (Element) ch_role.get(i);
                if (el_child.getName().equals("role-name")) {
                    String name = el_child.getValue().trim();
                    if (!StringUtils.isBlank(name)) {
                        result.add(name);
                    }
                }
            }
        }
        return result;
    }
}