package com.atlassian.bamboo.migration.cloud.service;

import com.atlassian.annotations.Internal;
import com.atlassian.bamboo.migration.cloud.exception.CloudExportException;
import com.atlassian.bamboo.security.acegi.acls.GroupPrincipalSid;
import com.atlassian.bamboo.security.acegi.acls.HibernateMutableAclService;
import com.atlassian.bamboo.user.BambooUserConfiguration;
import com.atlassian.crowd.integration.atlassianuser.CrowdGroupManager;
import com.atlassian.crowd.integration.atlassianuser.CrowdUserManager;
import com.atlassian.struts.TextProvider;
import com.atlassian.user.EntityException;
import com.atlassian.user.Group;
import com.atlassian.user.GroupManager;
import com.atlassian.user.User;
import com.atlassian.user.UserManager;
import com.atlassian.user.configuration.RepositoryAccessor;
import com.atlassian.user.impl.cache.CachingGroupManager;
import com.atlassian.user.impl.cache.CachingUserManager;
import com.atlassian.user.impl.delegation.DelegatingGroupManager;
import com.atlassian.user.security.password.Credential;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableSet;
import java.security.SecureRandom;
import java.util.Iterator;
import java.util.Random;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.log4j.Logger;
import org.hibernate.FlushMode;
import org.hibernate.classic.Session;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.beans.factory.annotation.Autowired;

@Internal
/* loaded from: input_file:com/atlassian/bamboo/migration/cloud/service/CrowdMigrationServiceImpl.class */
public class CrowdMigrationServiceImpl implements CrowdMigrationService {

    @VisibleForTesting
    static final Set<String> FILTERED_GROUPS = ImmutableSet.of("_licensed-developers", "_licensed-jira", "_licensed-confluence", "_licensed-fecru", "_licensed-bamboo", "_no-one-at-all", new String[]{"atlassian-addons", "balsamiq-mockups-editors", "confluence-administrators", "jira-administrators", "jira-core-users", "jira-servicedesk-users", "jira-software-users", "site-admins", "system-administrators"});

    @VisibleForTesting
    static final Set<String> FILTERED_USERS = ImmutableSet.of("sysadmin", "_bamboo-svn-user", "addon_com.gliffy.integration.jira");
    private static final Logger log = Logger.getLogger(CrowdMigrationServiceImpl.class);

    @Autowired
    private BambooUserConfiguration bambooUserConfiguration;

    @Autowired
    private TextProvider textProvider;

    @Autowired
    private HibernateMutableAclService aclService;
    private Random random = new SecureRandom();

    @Override // com.atlassian.bamboo.migration.cloud.service.CrowdMigrationService
    public void mergeCrowdToHibernate(@NotNull CloudExportSettings cloudExportSettings) throws CloudExportException {
        CrowdUserManager crowdUserManager = (CrowdUserManager) getUserManager(CrowdUserManager.class);
        String text = this.textProvider.getText("admin.export.cloud.error.could.not.copy.users");
        if (crowdUserManager == null) {
            log.error("Can't find CrowdUserManager, skip merging");
            throw new CloudExportException(text);
        }
        CachingUserManager cachingUserManager = (CachingUserManager) getUserManager(CachingUserManager.class);
        if (cachingUserManager == null) {
            log.error("Can't find CachingUserManager, skip merging");
            throw new CloudExportException(text);
        }
        CachingGroupManager cachingGroupManager = (CachingGroupManager) getGroupManager(CachingGroupManager.class);
        if (cachingGroupManager == null) {
            log.error("Can't find CachingGroupManager, skip merging");
            throw new CloudExportException(text);
        }
        CrowdGroupManager crowdGroupManager = (CrowdGroupManager) getGroupManager(CrowdGroupManager.class);
        if (crowdGroupManager == null) {
            log.error("Can't find CrowdGroupManager, skip merging");
            throw new CloudExportException(text);
        }
        Session currentSession = this.bambooUserConfiguration.getSessionFactory().getCurrentSession();
        currentSession.setFlushMode(FlushMode.COMMIT);
        try {
            removeGroupsAndUsersFromHibernateUserRepository(cachingUserManager, cachingGroupManager);
            currentSession.flush();
            currentSession.setFlushMode(FlushMode.COMMIT);
            mergeGroups(cachingGroupManager, crowdGroupManager);
            currentSession.flush();
            currentSession.setFlushMode(FlushMode.COMMIT);
            mergeUsers(cachingUserManager, cachingGroupManager, crowdUserManager, crowdGroupManager, cloudExportSettings.getAdminUserName(), cloudExportSettings.getAdminPassword());
            currentSession.flush();
        } catch (EntityException e) {
            log.error(e.getMessage(), e);
            throw new CloudExportException(text);
        }
    }

    private void removeGroupsAndUsersFromHibernateUserRepository(@NotNull CachingUserManager cachingUserManager, @NotNull CachingGroupManager cachingGroupManager) throws EntityException {
        Iterator it = cachingUserManager.getUsers().iterator();
        while (it.hasNext()) {
            cachingUserManager.removeUser((User) it.next());
        }
        Iterator it2 = cachingGroupManager.getGroups().iterator();
        while (it2.hasNext()) {
            cachingGroupManager.removeGroup((Group) it2.next());
        }
    }

    private void mergeGroups(@NotNull CachingGroupManager cachingGroupManager, @NotNull CrowdGroupManager crowdGroupManager) throws EntityException {
        Set<String> filteredGroups = getFilteredGroups();
        for (Group group : crowdGroupManager.getGroups()) {
            String name = group.getName();
            log.info("crowd group - " + name + ", " + group.toString());
            if (filteredGroups.contains(name)) {
                log.info("Group " + name + " is filtered out");
            } else {
                cachingGroupManager.createGroup(name);
            }
        }
    }

    private Set<String> getFilteredGroups() {
        return (Set) FILTERED_GROUPS.stream().filter(str -> {
            return !this.aclService.hasAcesForSid(new GroupPrincipalSid(str));
        }).collect(Collectors.toSet());
    }

    private void mergeUsers(@NotNull CachingUserManager cachingUserManager, @NotNull CachingGroupManager cachingGroupManager, @NotNull CrowdUserManager crowdUserManager, @NotNull CrowdGroupManager crowdGroupManager, @NotNull String str, @NotNull String str2) throws EntityException {
        String str3;
        for (Object obj : crowdUserManager.getUserNames()) {
            log.info("crowd user - " + obj);
            String obj2 = obj.toString();
            if (FILTERED_USERS.contains(obj2)) {
                log.info("User " + obj2 + " is filtered out");
            } else if (cachingUserManager.getUser(obj2) == null) {
                if (str.equals(obj)) {
                    str3 = str2;
                } else {
                    byte[] bArr = new byte[30];
                    this.random.nextBytes(bArr);
                    str3 = new String(bArr);
                }
                migrateUser(crowdUserManager.getUser(obj2), cachingUserManager, cachingGroupManager, crowdGroupManager, str3);
            }
        }
    }

    private void migrateUser(@NotNull User user, @NotNull CachingUserManager cachingUserManager, @NotNull CachingGroupManager cachingGroupManager, @NotNull CrowdGroupManager crowdGroupManager, String str) throws EntityException {
        User createUser = cachingUserManager.createUser(user, Credential.unencrypted(str));
        Iterator it = crowdGroupManager.getGroups(user).iterator();
        while (it.hasNext()) {
            Group group = cachingGroupManager.getGroup(((Group) it.next()).getName());
            if (group != null) {
                cachingGroupManager.addMembership(group, createUser);
            }
        }
    }

    @Nullable
    private <T extends UserManager> T getUserManager(@NotNull Class<T> cls) {
        for (RepositoryAccessor repositoryAccessor : this.bambooUserConfiguration.getDelegationAccessor().getRepositoryAccessors()) {
            if (cls.isInstance(repositoryAccessor.getUserManager())) {
                return (T) repositoryAccessor.getUserManager();
            }
        }
        return null;
    }

    @Nullable
    private <T extends GroupManager> T getGroupManager(@NotNull Class<T> cls) {
        for (T t : ((DelegatingGroupManager) this.bambooUserConfiguration.getDelegationAccessor().getGroupManager()).getGroupManagers()) {
            if (cls.isInstance(t)) {
                return t;
            }
        }
        return null;
    }
}
