package net.bluemind.system.service.certificate.engine;

import java.util.Iterator;
import java.util.List;
import net.bluemind.core.api.fault.ServerFault;
import net.bluemind.core.container.model.ItemValue;
import net.bluemind.core.rest.BmContext;
import net.bluemind.domain.api.Domain;
import net.bluemind.node.api.INodeClient;
import net.bluemind.node.client.AHCNodeClientFactory;
import net.bluemind.server.api.Server;
import net.bluemind.system.api.CertData;
import net.bluemind.system.api.ISecurityMgmt;
import net.bluemind.system.hook.ISystemHook;
import net.bluemind.system.service.certificate.lets.encrypt.LetsEncryptCertificate;
import net.bluemind.system.service.helper.SecurityCertificateHelper;

/* loaded from: input_file:net/bluemind/system/service/certificate/engine/DisabledCertifEngine.class */
public class DisabledCertifEngine extends CertifEngine {
    public DisabledCertifEngine(String str) {
        super(str);
        this.certData = createDomainCertData(CertData.CertificateDomainEngine.DISABLED);
    }

    public DisabledCertifEngine(CertData certData, BmContext bmContext) {
        super(certData, bmContext);
    }

    @Override // net.bluemind.system.service.certificate.engine.CertifEngine, net.bluemind.system.service.certificate.engine.ICertifEngine
    public void externalUrlUpdated(boolean z) {
        if (z) {
            ((ISecurityMgmt) this.systemHelper.getSuProvider().instance(ISecurityMgmt.class, new String[0])).updateCertificate(CertData.createForDisable(this.domainUid));
        }
    }

    @Override // net.bluemind.system.service.certificate.engine.CertifEngine, net.bluemind.system.service.certificate.engine.ICertifEngine
    public boolean authorizeUpdate() {
        if (SecurityCertificateHelper.isGlobalVirtDomain(this.certData.domainUid)) {
            throw new ServerFault("Cannot disable 'global.virt' domain Certificate");
        }
        return true;
    }

    @Override // net.bluemind.system.service.certificate.engine.ICertifEngine
    public void authorizeLetsEncrypt() {
        throw new ServerFault("SSL certif engine must be 'LETS_ENCRYPT'");
    }

    @Override // net.bluemind.system.service.certificate.engine.ICertifEngine
    public void doBeforeUpdate() {
        new LetsEncryptCertificate(this.systemHelper).cleanLetsEncryptProperties(this.domainUid);
    }

    @Override // net.bluemind.system.service.certificate.engine.ICertifEngine
    public ItemValue<Domain> getDomain() {
        return this.domain;
    }

    @Override // net.bluemind.system.service.certificate.engine.ICertifEngine
    public CertData getCertData() {
        return this.certData;
    }

    @Override // net.bluemind.system.service.certificate.engine.CertifEngine, net.bluemind.system.service.certificate.engine.ICertifEngine
    public void certificateMgmt(List<ItemValue<Server>> list, List<ISystemHook> list2) {
        logger.info("disable certificate by {}", this.systemHelper.getContext().getSecurityContext().getSubject());
        boolean z = false;
        Iterator<ItemValue<Server>> it = list.iterator();
        while (it.hasNext()) {
            INodeClient create = new AHCNodeClientFactory().create(((Server) it.next().value).address());
            for (String str : getCertificateFilePaths()) {
                if (create.listFiles(str).size() > 0) {
                    z = true;
                    create.deleteFile(str);
                }
            }
        }
        updateDomainCertifEngine();
        if (z) {
            fireCertificateUpdated(list2);
        }
    }
}
