package com.atlassian.bitbucket.internal.key.ssh.dao.v4;

import com.atlassian.activeobjects.external.ActiveObjects;
import com.atlassian.activeobjects.external.ActiveObjectsUpgradeTask;
import com.atlassian.activeobjects.external.ModelVersion;
import com.atlassian.bitbucket.internal.key.ssh.SshAccessKeyUtils;
import com.atlassian.bitbucket.internal.key.ssh.dao.PartialSshKey;
import com.atlassian.bitbucket.internal.ssh.SshConstants;
import com.atlassian.bitbucket.permission.Permission;
import com.atlassian.bitbucket.ssh.KeyType;
import com.atlassian.bitbucket.ssh.SshKey;
import com.atlassian.bitbucket.user.AbstractApplicationUserVisitor;
import com.atlassian.bitbucket.user.ApplicationUser;
import com.atlassian.bitbucket.user.SecurityService;
import com.atlassian.bitbucket.user.ServiceUser;
import com.atlassian.bitbucket.user.ServiceUserUpdateRequest;
import com.atlassian.bitbucket.user.UserAdminService;
import com.atlassian.bitbucket.user.UserService;
import com.atlassian.bitbucket.util.PageUtils;
import com.atlassian.bitbucket.util.PagedIterable;
import com.atlassian.stash.internal.activity.ActivityType;
import com.google.common.base.Preconditions;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Locale;
import java.util.function.Function;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.java.ao.Accessor;
import net.java.ao.Implementation;
import net.java.ao.Mutator;
import net.java.ao.Query;
import net.java.ao.RawEntity;
import net.java.ao.schema.AutoIncrement;
import net.java.ao.schema.Ignore;
import net.java.ao.schema.Indexed;
import net.java.ao.schema.NotNull;
import net.java.ao.schema.PrimaryKey;
import net.java.ao.schema.StringLength;
import net.java.ao.schema.Table;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/bitbucket-ssh-6.0.0.jar:com/atlassian/bitbucket/internal/key/ssh/dao/v4/ApplyAccessKeysTypeTask.class */
public class ApplyAccessKeysTypeTask implements ActiveObjectsUpgradeTask {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) ApplyAccessKeysTypeTask.class);
    private final int pageSize;
    private final SecurityService securityService;
    private final UserAdminService userAdminService;
    private final UserService userService;

    @Table("SSH_PUBLIC_KEY")
    @Implementation(PartialSshKey.class)
    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/bitbucket-ssh-6.0.0.jar:com/atlassian/bitbucket/internal/key/ssh/dao/v4/ApplyAccessKeysTypeTask$AoSshKeyV3ToV4.class */
    public interface AoSshKeyV3ToV4 extends RawEntity<Integer>, SshKey {
        public static final String COLUMN_ID = "ENTITY_ID";
        public static final String COLUMN_USER_ID = "USER_ID";
        public static final String COLUMN_KEY_TEXT = "KEY_TEXT";
        public static final String COLUMN_KEY_TYPE = "KEY_TYPE";
        public static final String COLUMN_KEY_MD5 = "KEY_MD5";
        public static final String COLUMN_LABEL = "LABEL";
        public static final String COLUMN_LABEL_LOWER = "LABEL_LOWER";
        public static final String TABLE_NAME = "SSH_PUBLIC_KEY";
        public static final int LENGTH_MD5 = 32;
        public static final int LENGTH_LABEL = 255;

        @Override // com.atlassian.bitbucket.ssh.SshKey
        @NotNull
        @AutoIncrement
        @PrimaryKey("ENTITY_ID")
        Integer getId();

        @Indexed
        @StringLength(32)
        @NotNull
        @Accessor("KEY_MD5")
        String getMD5();

        @Override // com.atlassian.bitbucket.ssh.SshKey
        @Accessor("LABEL")
        @Nullable
        @StringLength(255)
        String getLabel();

        @Accessor("LABEL_LOWER")
        @Nullable
        @StringLength(255)
        String getLabelLower();

        @Mutator("LABEL_LOWER")
        void setLabelLower(String str);

        @Override // com.atlassian.bitbucket.ssh.SshKey
        @NotNull
        @Accessor("KEY_TEXT")
        @StringLength(-1)
        String getText();

        @Override // com.atlassian.bitbucket.ssh.SshKey
        @Accessor("KEY_TYPE")
        KeyType getType();

        @Mutator("KEY_TYPE")
        void setType(KeyType keyType);

        @NotNull
        @Accessor("USER_ID")
        @Indexed
        Integer getUserId();

        @Ignore
        void initialize(ApplicationUser applicationUser);

        @Override // com.atlassian.bitbucket.ssh.SshKey
        @Ignore
        @Nullable
        ApplicationUser getUser();

        @Override // com.atlassian.bitbucket.ssh.SshKey
        @Ignore
        @Nonnull
        PublicKey toPublicKey();
    }

    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/bitbucket-ssh-6.0.0.jar:com/atlassian/bitbucket/internal/key/ssh/dao/v4/ApplyAccessKeysTypeTask$MigratingApplicationUserVisitor.class */
    private static class MigratingApplicationUserVisitor extends AbstractApplicationUserVisitor<Function<AoSshKeyV3ToV4, KeyType>> {
        private MigratingApplicationUserVisitor() {
        }

        @Override // com.atlassian.bitbucket.user.AbstractApplicationUserVisitor, com.atlassian.bitbucket.user.ApplicationUserVisitor
        public Function<AoSshKeyV3ToV4, KeyType> visit(@Nonnull ServiceUser serviceUser) {
            return aoSshKeyV3ToV4 -> {
                return isAccessKeyUser(serviceUser, aoSshKeyV3ToV4) ? KeyType.ACCESS_KEY : KeyType.SERVICE;
            };
        }

        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.atlassian.bitbucket.user.AbstractApplicationUserVisitor
        public Function<AoSshKeyV3ToV4, KeyType> defaultValue(ApplicationUser applicationUser) {
            return aoSshKeyV3ToV4 -> {
                return KeyType.USER_KEY;
            };
        }

        private boolean isAccessKeyUser(ServiceUser serviceUser, AoSshKeyV3ToV4 aoSshKeyV3ToV4) {
            if (SshConstants.LABEL_ACCESS_KEY.equals(serviceUser.getLabel())) {
                return true;
            }
            String displayName = serviceUser.getDisplayName();
            return displayName.contains(".service.ssh.key.service.user.name") || displayName.startsWith("Access key user") || displayName.startsWith("Zugriffsschlüssel-Benutzer") || displayName.startsWith("Utilisateur de la clé d'accès") || displayName.startsWith("アクセスキーユーザー") || displayName.contains(SshAccessKeyUtils.getKeyIdentifier(aoSshKeyV3ToV4.getText(), aoSshKeyV3ToV4.getLabel()));
        }
    }

    ApplyAccessKeysTypeTask(SecurityService securityService, UserAdminService userAdminService, UserService userService, int i) {
        this.securityService = securityService;
        this.userAdminService = userAdminService;
        this.userService = userService;
        this.pageSize = i;
    }

    public ApplyAccessKeysTypeTask(SecurityService securityService, UserAdminService userAdminService, UserService userService) {
        this(securityService, userAdminService, userService, 1000);
    }

    @Override // com.atlassian.activeobjects.external.ActiveObjectsUpgradeTask
    public ModelVersion getModelVersion() {
        return ModelVersion.valueOf(ActivityType.PULL_REQUEST_RESCOPE_ACTIVITY_DISCRIMINATOR);
    }

    @Override // com.atlassian.activeobjects.external.ActiveObjectsUpgradeTask
    public void upgrade(ModelVersion modelVersion, ActiveObjects activeObjects) {
        Preconditions.checkState(modelVersion.isSame(ModelVersion.valueOf("3")), "This upgrade task can only upgrade from version 3 to 4");
        log.info("Migrating to add label_lower and key_type to keys.");
        activeObjects.migrateDestructively(AoSshKeyV3ToV4.class);
        Query limit = Query.select().where("KEY_TYPE is null", new Object[0]).order("ENTITY_ID").limit(this.pageSize + 1);
        PagedIterable pagedIterable = new PagedIterable(pageRequest -> {
            return PageUtils.createPage(Arrays.asList(activeObjects.find(AoSshKeyV3ToV4.class, limit)), pageRequest);
        }, this.pageSize);
        MigratingApplicationUserVisitor migratingApplicationUserVisitor = new MigratingApplicationUserVisitor();
        this.securityService.withPermission(Permission.ADMIN, "Migration of access keys to schema v4").call(() -> {
            KeyType keyType;
            ArrayList arrayList = new ArrayList();
            Iterator it = pagedIterable.iterator();
            while (it.hasNext()) {
                AoSshKeyV3ToV4 aoSshKeyV3ToV4 = (AoSshKeyV3ToV4) it.next();
                ApplicationUser userById = this.userService.getUserById(aoSshKeyV3ToV4.getUserId().intValue());
                if (userById != null) {
                    keyType = (KeyType) ((Function) userById.accept(migratingApplicationUserVisitor)).apply(aoSshKeyV3ToV4);
                    if (keyType == KeyType.ACCESS_KEY) {
                        arrayList.add(Integer.valueOf(userById.getId()));
                        this.userAdminService.updateServiceUser(new ServiceUserUpdateRequest.Builder((ServiceUser) userById).label(SshConstants.LABEL_ACCESS_KEY).displayName(SshAccessKeyUtils.generateServiceUserDisplayName(aoSshKeyV3ToV4.getText(), aoSshKeyV3ToV4.getLabel())).build());
                    }
                } else {
                    log.info("SSH key with ID {} and label '{}' is linked to a user with ID {} but the user was not found. Setting the key type to UNKNOWN.", aoSshKeyV3ToV4.getId(), aoSshKeyV3ToV4.getLabel(), aoSshKeyV3ToV4.getUserId());
                    keyType = KeyType.UNKNOWN;
                }
                aoSshKeyV3ToV4.setType(keyType);
                String label = aoSshKeyV3ToV4.getLabel();
                if (label != null) {
                    aoSshKeyV3ToV4.setLabelLower(label.toLowerCase(Locale.ROOT));
                }
                aoSshKeyV3ToV4.save();
            }
            log.info("Updated {} access key users (IDs: {})", Integer.valueOf(arrayList.size()), arrayList);
            return null;
        });
        activeObjects.migrateDestructively(AoSshKeyV4.class);
        log.info("Migrated keys to add label_lower and key_type");
    }
}
