package com.atlassian.crowd.manager.directory;

import com.atlassian.crowd.dao.application.ApplicationDAO;
import com.atlassian.crowd.directory.InternalRemoteDirectory;
import com.atlassian.crowd.directory.RemoteDirectory;
import com.atlassian.crowd.directory.SynchronisableDirectory;
import com.atlassian.crowd.directory.loader.DirectoryInstanceLoader;
import com.atlassian.crowd.embedded.api.Directory;
import com.atlassian.crowd.embedded.api.DirectorySynchronisationInformation;
import com.atlassian.crowd.embedded.api.OperationType;
import com.atlassian.crowd.embedded.api.PasswordCredential;
import com.atlassian.crowd.embedded.impl.IdentifierUtils;
import com.atlassian.crowd.embedded.spi.DirectoryDao;
import com.atlassian.crowd.event.directory.DirectoryCreatedEvent;
import com.atlassian.crowd.event.directory.DirectoryDeletedEvent;
import com.atlassian.crowd.event.directory.DirectoryUpdatedEvent;
import com.atlassian.crowd.event.group.GroupAttributeDeletedEvent;
import com.atlassian.crowd.event.group.GroupAttributeStoredEvent;
import com.atlassian.crowd.event.group.GroupCreatedEvent;
import com.atlassian.crowd.event.group.GroupDeletedEvent;
import com.atlassian.crowd.event.group.GroupMembershipCreatedEvent;
import com.atlassian.crowd.event.group.GroupMembershipDeletedEvent;
import com.atlassian.crowd.event.group.GroupUpdatedEvent;
import com.atlassian.crowd.event.user.ResetPasswordEvent;
import com.atlassian.crowd.event.user.UserAttributeDeletedEvent;
import com.atlassian.crowd.event.user.UserAttributeStoredEvent;
import com.atlassian.crowd.event.user.UserCreatedEvent;
import com.atlassian.crowd.event.user.UserCredentialUpdatedEvent;
import com.atlassian.crowd.event.user.UserDeletedEvent;
import com.atlassian.crowd.event.user.UserUpdatedEvent;
import com.atlassian.crowd.exception.DirectoryCurrentlySynchronisingException;
import com.atlassian.crowd.exception.DirectoryInstantiationException;
import com.atlassian.crowd.exception.DirectoryNotFoundException;
import com.atlassian.crowd.exception.ExpiredCredentialException;
import com.atlassian.crowd.exception.GroupNotFoundException;
import com.atlassian.crowd.exception.InactiveAccountException;
import com.atlassian.crowd.exception.InvalidAuthenticationException;
import com.atlassian.crowd.exception.InvalidCredentialException;
import com.atlassian.crowd.exception.InvalidEmailAddressException;
import com.atlassian.crowd.exception.InvalidGroupException;
import com.atlassian.crowd.exception.InvalidMembershipException;
import com.atlassian.crowd.exception.InvalidUserException;
import com.atlassian.crowd.exception.MembershipNotFoundException;
import com.atlassian.crowd.exception.NestedGroupsNotSupportedException;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.exception.ReadOnlyGroupException;
import com.atlassian.crowd.exception.UserAlreadyExistsException;
import com.atlassian.crowd.exception.UserNotFoundException;
import com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerManager;
import com.atlassian.crowd.manager.lock.DirectoryLockManager;
import com.atlassian.crowd.manager.permission.PermissionManager;
import com.atlassian.crowd.model.group.Group;
import com.atlassian.crowd.model.group.GroupTemplate;
import com.atlassian.crowd.model.group.GroupType;
import com.atlassian.crowd.model.group.GroupWithAttributes;
import com.atlassian.crowd.model.membership.MembershipType;
import com.atlassian.crowd.model.user.User;
import com.atlassian.crowd.model.user.UserTemplate;
import com.atlassian.crowd.model.user.UserTemplateWithCredentialAndAttributes;
import com.atlassian.crowd.model.user.UserWithAttributes;
import com.atlassian.crowd.search.Entity;
import com.atlassian.crowd.search.EntityDescriptor;
import com.atlassian.crowd.search.builder.QueryBuilder;
import com.atlassian.crowd.search.query.entity.EntityQuery;
import com.atlassian.crowd.search.query.membership.MembershipQuery;
import com.atlassian.crowd.search.util.SearchResultsUtil;
import com.atlassian.crowd.util.PasswordHelper;
import com.atlassian.event.api.EventPublisher;
import com.google.common.base.Preconditions;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.locks.Lock;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/atlassian/crowd/manager/directory/DirectoryManagerGeneric.class */
public class DirectoryManagerGeneric implements DirectoryManager {
    private final Logger logger = Logger.getLogger(getClass());
    private final DirectoryDao directoryDao;
    private final ApplicationDAO applicationDAO;
    private final EventPublisher eventPublisher;
    private final PermissionManager permissionManager;
    private final PasswordHelper passwordHelper;
    private final DirectoryInstanceLoader directoryInstanceLoader;
    private final DirectorySynchroniser directorySynchroniser;
    private final DirectoryPollerManager directoryPollerManager;
    private final DirectoryLockManager directoryLockManager;
    private final SynchronisationStatusManager synchronisationStatusManager;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.atlassian.crowd.manager.directory.DirectoryManagerGeneric$1, reason: invalid class name */
    /* loaded from: input_file:com/atlassian/crowd/manager/directory/DirectoryManagerGeneric$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$atlassian$crowd$model$group$GroupType = new int[GroupType.values().length];

        static {
            try {
                $SwitchMap$com$atlassian$crowd$model$group$GroupType[GroupType.GROUP.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$atlassian$crowd$model$group$GroupType[GroupType.LEGACY_ROLE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public DirectoryManagerGeneric(DirectoryDao directoryDao, ApplicationDAO applicationDAO, EventPublisher eventPublisher, PermissionManager permissionManager, PasswordHelper passwordHelper, DirectoryInstanceLoader directoryInstanceLoader, DirectorySynchroniser directorySynchroniser, DirectoryPollerManager directoryPollerManager, DirectoryLockManager directoryLockManager, SynchronisationStatusManager synchronisationStatusManager) {
        this.directoryDao = (DirectoryDao) Preconditions.checkNotNull(directoryDao);
        this.applicationDAO = (ApplicationDAO) Preconditions.checkNotNull(applicationDAO);
        this.eventPublisher = (EventPublisher) Preconditions.checkNotNull(eventPublisher);
        this.permissionManager = (PermissionManager) Preconditions.checkNotNull(permissionManager);
        this.passwordHelper = (PasswordHelper) Preconditions.checkNotNull(passwordHelper);
        this.directoryInstanceLoader = (DirectoryInstanceLoader) Preconditions.checkNotNull(directoryInstanceLoader);
        this.directorySynchroniser = (DirectorySynchroniser) Preconditions.checkNotNull(directorySynchroniser);
        this.directoryPollerManager = (DirectoryPollerManager) Preconditions.checkNotNull(directoryPollerManager);
        this.directoryLockManager = (DirectoryLockManager) Preconditions.checkNotNull(directoryLockManager);
        this.synchronisationStatusManager = (SynchronisationStatusManager) Preconditions.checkNotNull(synchronisationStatusManager);
    }

    public Directory addDirectory(Directory directory) throws DirectoryInstantiationException {
        if (!this.directoryInstanceLoader.canLoad(directory.getImplementationClass())) {
            throw new IllegalArgumentException("Failed to instantiate directory with class: " + directory.getImplementationClass());
        }
        Directory add = this.directoryDao.add(directory);
        this.eventPublisher.publish(new DirectoryCreatedEvent(this, directory));
        return add;
    }

    public Directory findDirectoryById(long j) throws DirectoryNotFoundException {
        return this.directoryDao.findById(j);
    }

    public List<Directory> findAllDirectories() {
        return searchDirectories(QueryBuilder.queryFor(Directory.class, EntityDescriptor.directory()).returningAtMost(-1));
    }

    public List<Directory> searchDirectories(EntityQuery<Directory> entityQuery) {
        return this.directoryDao.search(entityQuery);
    }

    public Directory findDirectoryByName(String str) throws DirectoryNotFoundException {
        return this.directoryDao.findByName(str);
    }

    public Directory updateDirectory(Directory directory) throws DirectoryNotFoundException {
        if (directory.getId() == null) {
            throw new DirectoryNotFoundException(directory.getId());
        }
        findDirectoryById(directory.getId().longValue());
        Directory update = this.directoryDao.update(directory);
        this.eventPublisher.publish(new DirectoryUpdatedEvent(this, update));
        return update;
    }

    public void removeDirectory(Directory directory) throws DirectoryNotFoundException, DirectoryCurrentlySynchronisingException {
        Lock lock = this.directoryLockManager.getLock(directory.getId().longValue());
        if (!lock.tryLock()) {
            throw new DirectoryCurrentlySynchronisingException(directory.getId().longValue());
        }
        try {
            this.applicationDAO.removeDirectoryMappings(directory.getId().longValue());
            this.directoryDao.remove(directory);
            this.eventPublisher.publish(new DirectoryDeletedEvent(this, directory));
            lock.unlock();
        } catch (Throwable th) {
            lock.unlock();
            throw th;
        }
    }

    public boolean supportsNestedGroups(long j) throws DirectoryInstantiationException, DirectoryNotFoundException {
        return getDirectoryImplementation(j).supportsNestedGroups();
    }

    public boolean isSynchronisable(long j) throws DirectoryInstantiationException, DirectoryNotFoundException {
        return getDirectoryImplementation(j) instanceof SynchronisableDirectory;
    }

    public void synchroniseCache(long j, SynchronisationMode synchronisationMode) throws OperationFailedException, DirectoryNotFoundException {
        synchroniseCache(j, synchronisationMode, true);
    }

    public void synchroniseCache(long j, SynchronisationMode synchronisationMode, boolean z) throws OperationFailedException, DirectoryNotFoundException {
        SynchronisableDirectory directoryImplementation = getDirectoryImplementation(j);
        if (directoryImplementation instanceof SynchronisableDirectory) {
            if (z) {
                this.directoryPollerManager.triggerPoll(j, synchronisationMode);
            } else {
                if (isSynchronising(j)) {
                    throw new OperationFailedException("Directory " + j + " is currently synchronising");
                }
                this.directorySynchroniser.synchronise(directoryImplementation, synchronisationMode);
            }
        }
    }

    public boolean isSynchronising(long j) throws DirectoryInstantiationException, DirectoryNotFoundException {
        return this.directorySynchroniser.isSynchronising(j);
    }

    public DirectorySynchronisationInformation getDirectorySynchronisationInformation(long j) throws DirectoryInstantiationException, DirectoryNotFoundException {
        if (getDirectoryImplementation(j) instanceof SynchronisableDirectory) {
            return this.synchronisationStatusManager.getDirectorySynchronisationInformation(findDirectoryById(j));
        }
        return null;
    }

    private RemoteDirectory getDirectoryImplementation(long j) throws DirectoryInstantiationException, DirectoryNotFoundException {
        return this.directoryInstanceLoader.getDirectory(findDirectoryById(j));
    }

    public User authenticateUser(long j, String str, PasswordCredential passwordCredential) throws OperationFailedException, InactiveAccountException, InvalidAuthenticationException, ExpiredCredentialException, DirectoryNotFoundException, UserNotFoundException {
        return getDirectoryImplementation(j).authenticate(str, passwordCredential);
    }

    public User findUserByName(long j, String str) throws OperationFailedException, DirectoryNotFoundException, UserNotFoundException {
        return getDirectoryImplementation(j).findUserByName(str);
    }

    public UserWithAttributes findUserWithAttributesByName(long j, String str) throws OperationFailedException, DirectoryNotFoundException, UserNotFoundException {
        return getDirectoryImplementation(j).findUserWithAttributesByName(str);
    }

    public <T> List<T> searchUsers(long j, EntityQuery<T> entityQuery) throws OperationFailedException, DirectoryNotFoundException {
        return getDirectoryImplementation(j).searchUsers(entityQuery);
    }

    public User addUser(long j, UserTemplate userTemplate, PasswordCredential passwordCredential) throws InvalidCredentialException, InvalidUserException, OperationFailedException, DirectoryPermissionException, DirectoryNotFoundException, UserAlreadyExistsException {
        if (userExists(j, userTemplate.getName())) {
            throw new InvalidUserException(userTemplate, "User already exists");
        }
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.CREATE_USER)) {
            throw new DirectoryPermissionException("Directory does not allow adding of users");
        }
        User addUser = getDirectoryImplementation(j).addUser(userTemplate, passwordCredential);
        this.eventPublisher.publish(new UserCreatedEvent(this, findDirectoryById, addUser));
        return addUser;
    }

    private boolean userExists(long j, String str) throws DirectoryNotFoundException, OperationFailedException {
        try {
            findUserByName(j, str);
            return true;
        } catch (UserNotFoundException e) {
            return false;
        }
    }

    public User updateUser(long j, UserTemplate userTemplate) throws OperationFailedException, DirectoryPermissionException, InvalidUserException, DirectoryNotFoundException, UserNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER)) {
            throw new DirectoryPermissionException("Directory does not allow user modifications");
        }
        User updateUser = getDirectoryImplementation(j).updateUser(userTemplate);
        this.eventPublisher.publish(new UserUpdatedEvent(this, findDirectoryById, updateUser));
        return updateUser;
    }

    public User renameUser(long j, String str, String str2) throws OperationFailedException, DirectoryPermissionException, InvalidUserException, DirectoryNotFoundException, UserNotFoundException, UserAlreadyExistsException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER)) {
            throw new DirectoryPermissionException("Directory does not allow user modifications");
        }
        User renameUser = getDirectoryImplementation(j).renameUser(str, str2);
        this.eventPublisher.publish(new UserUpdatedEvent(this, findDirectoryById, renameUser));
        return renameUser;
    }

    public void storeUserAttributes(long j, String str, Map<String, Set<String>> map) throws OperationFailedException, DirectoryPermissionException, DirectoryNotFoundException, UserNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER_ATTRIBUTE)) {
            throw new DirectoryPermissionException("Directory does not allow user attribute modifications");
        }
        getDirectoryImplementation(j).storeUserAttributes(str, map);
        this.eventPublisher.publish(new UserAttributeStoredEvent(this, findDirectoryById, getDirectoryImplementation(j).findUserByName(str), map));
    }

    public void removeUserAttributes(long j, String str, String str2) throws OperationFailedException, DirectoryPermissionException, DirectoryNotFoundException, UserNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER_ATTRIBUTE)) {
            throw new DirectoryPermissionException("Directory does not allow user attribute modifications");
        }
        getDirectoryImplementation(j).removeUserAttributes(str, str2);
        this.eventPublisher.publish(new UserAttributeDeletedEvent(this, findDirectoryById, getDirectoryImplementation(j).findUserByName(str), str2));
    }

    public void updateUserCredential(long j, String str, PasswordCredential passwordCredential) throws OperationFailedException, DirectoryPermissionException, InvalidCredentialException, DirectoryNotFoundException, UserNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER)) {
            throw new DirectoryPermissionException("Directory does not allow user modifications");
        }
        getDirectoryImplementation(j).updateUserCredential(str, passwordCredential);
        this.eventPublisher.publish(new UserCredentialUpdatedEvent(this, findDirectoryById, str, passwordCredential));
    }

    public void resetPassword(long j, String str) throws OperationFailedException, InvalidEmailAddressException, DirectoryPermissionException, InvalidCredentialException, DirectoryNotFoundException, UserNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER)) {
            throw new DirectoryPermissionException("Directory does not allow user modifications");
        }
        String generateRandomPassword = this.passwordHelper.generateRandomPassword();
        PasswordCredential passwordCredential = new PasswordCredential(generateRandomPassword);
        User findUserByName = getDirectoryImplementation(j).findUserByName(str);
        if (!StringUtils.isNotBlank(findUserByName.getEmailAddress())) {
            throw new InvalidEmailAddressException("Cannot email a new password; user's email address is blank.");
        }
        getDirectoryImplementation(j).updateUserCredential(str, passwordCredential);
        this.eventPublisher.publish(new ResetPasswordEvent(this, findDirectoryById, findUserByName, generateRandomPassword));
    }

    public void removeUser(long j, String str) throws DirectoryPermissionException, OperationFailedException, DirectoryNotFoundException, UserNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.DELETE_USER)) {
            throw new DirectoryPermissionException("Directory does not allow user removal");
        }
        getDirectoryImplementation(j).removeUser(str);
        this.eventPublisher.publish(new UserDeletedEvent(this, findDirectoryById, str));
    }

    public Group findGroupByName(long j, String str) throws OperationFailedException, GroupNotFoundException, DirectoryNotFoundException {
        return getDirectoryImplementation(j).findGroupByName(str);
    }

    public GroupWithAttributes findGroupWithAttributesByName(long j, String str) throws OperationFailedException, GroupNotFoundException, DirectoryNotFoundException {
        return getDirectoryImplementation(j).findGroupWithAttributesByName(str);
    }

    public <T> List<T> searchGroups(long j, EntityQuery<T> entityQuery) throws OperationFailedException, DirectoryNotFoundException {
        return getDirectoryImplementation(j).searchGroups(entityQuery);
    }

    public Group addGroup(long j, GroupTemplate groupTemplate) throws InvalidGroupException, OperationFailedException, DirectoryPermissionException, DirectoryNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        try {
            findGroupByName(j, groupTemplate.getName());
            throw new InvalidGroupException(groupTemplate, "Group with name <" + groupTemplate.getName() + "> already exists in directory <" + findDirectoryById.getName() + ">");
        } catch (GroupNotFoundException e) {
            OperationType createOperationType = getCreateOperationType(groupTemplate);
            if (this.permissionManager.hasPermission(findDirectoryById, createOperationType)) {
                Group addGroup = getDirectoryImplementation(j).addGroup(groupTemplate);
                this.eventPublisher.publish(new GroupCreatedEvent(this, findDirectoryById, addGroup));
                return addGroup;
            }
            if (createOperationType.equals(OperationType.CREATE_GROUP)) {
                throw new DirectoryPermissionException("Directory does not allow adding of groups");
            }
            throw new DirectoryPermissionException("Directory does not allow adding of roles");
        }
    }

    public Group updateGroup(long j, GroupTemplate groupTemplate) throws OperationFailedException, DirectoryPermissionException, InvalidGroupException, DirectoryNotFoundException, GroupNotFoundException, ReadOnlyGroupException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType updateOperationType = getUpdateOperationType(groupTemplate);
        if (this.permissionManager.hasPermission(findDirectoryById, updateOperationType)) {
            Group updateGroup = getDirectoryImplementation(j).updateGroup(groupTemplate);
            this.eventPublisher.publish(new GroupUpdatedEvent(this, findDirectoryById, updateGroup));
            return updateGroup;
        }
        if (updateOperationType.equals(OperationType.UPDATE_GROUP)) {
            throw new DirectoryPermissionException("Directory does not allow group modifications");
        }
        throw new DirectoryPermissionException("Directory does not allow role modifications");
    }

    public Group renameGroup(long j, String str, String str2) throws OperationFailedException, DirectoryPermissionException, InvalidGroupException, DirectoryNotFoundException, GroupNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType updateOperationType = getUpdateOperationType(findGroupByName(j, str));
        if (this.permissionManager.hasPermission(findDirectoryById, updateOperationType)) {
            Group renameGroup = getDirectoryImplementation(j).renameGroup(str, str2);
            this.eventPublisher.publish(new GroupUpdatedEvent(this, findDirectoryById, renameGroup));
            return renameGroup;
        }
        if (updateOperationType.equals(OperationType.UPDATE_GROUP)) {
            throw new DirectoryPermissionException("Directory does not allow group modifications");
        }
        throw new DirectoryPermissionException("Directory does not allow role modifications");
    }

    public void storeGroupAttributes(long j, String str, Map<String, Set<String>> map) throws OperationFailedException, DirectoryPermissionException, DirectoryNotFoundException, GroupNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType updateAttributeOperationType = getUpdateAttributeOperationType(findGroupByName(j, str));
        if (!this.permissionManager.hasPermission(findDirectoryById, updateAttributeOperationType)) {
            if (!updateAttributeOperationType.equals(OperationType.UPDATE_GROUP)) {
                throw new DirectoryPermissionException("Directory does not allow role modifications");
            }
            throw new DirectoryPermissionException("Directory does not allow group modifications");
        }
        getDirectoryImplementation(j).storeGroupAttributes(str, map);
        this.eventPublisher.publish(new GroupAttributeStoredEvent(this, findDirectoryById, findGroupByName(j, str), map));
    }

    public void removeGroupAttributes(long j, String str, String str2) throws OperationFailedException, DirectoryPermissionException, DirectoryNotFoundException, GroupNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType updateAttributeOperationType = getUpdateAttributeOperationType(findGroupByName(j, str));
        if (!this.permissionManager.hasPermission(findDirectoryById, updateAttributeOperationType)) {
            if (!updateAttributeOperationType.equals(OperationType.UPDATE_GROUP_ATTRIBUTE)) {
                throw new DirectoryPermissionException("Directory does not allow role attribute modifications");
            }
            throw new DirectoryPermissionException("Directory does not allow group attribute modifications");
        }
        getDirectoryImplementation(j).removeGroupAttributes(str, str2);
        this.eventPublisher.publish(new GroupAttributeDeletedEvent(this, findDirectoryById, findGroupByName(j, str), str2));
    }

    public void removeGroup(long j, String str) throws DirectoryPermissionException, OperationFailedException, DirectoryNotFoundException, GroupNotFoundException, ReadOnlyGroupException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType deleteOperationType = getDeleteOperationType(findGroupByName(j, str));
        if (!this.permissionManager.hasPermission(findDirectoryById, deleteOperationType)) {
            if (!deleteOperationType.equals(OperationType.DELETE_GROUP)) {
                throw new DirectoryPermissionException("Directory does not allow role removal");
            }
            throw new DirectoryPermissionException("Directory does not allow group removal");
        }
        getDirectoryImplementation(j).removeGroup(str);
        this.applicationDAO.removeGroupMappings(j, str);
        this.eventPublisher.publish(new GroupDeletedEvent(this, findDirectoryById, str));
    }

    public boolean isUserDirectGroupMember(long j, String str, String str2) throws OperationFailedException, DirectoryNotFoundException {
        return getDirectoryImplementation(j).isUserDirectGroupMember(str, str2);
    }

    public boolean isGroupDirectGroupMember(long j, String str, String str2) throws OperationFailedException, DirectoryNotFoundException {
        if (str.equals(str2)) {
            return false;
        }
        RemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        return directoryImplementation.supportsNestedGroups() && directoryImplementation.isGroupDirectGroupMember(str, str2);
    }

    public void addUserToGroup(long j, String str, String str2) throws DirectoryPermissionException, OperationFailedException, DirectoryNotFoundException, GroupNotFoundException, UserNotFoundException, ReadOnlyGroupException {
        if (isUserDirectGroupMember(j, str, str2)) {
            return;
        }
        Directory findDirectoryById = findDirectoryById(j);
        OperationType updateOperationType = getUpdateOperationType(findGroupByName(j, str2));
        if (this.permissionManager.hasPermission(findDirectoryById, updateOperationType)) {
            getDirectoryImplementation(j).addUserToGroup(str, str2);
            this.eventPublisher.publish(new GroupMembershipCreatedEvent(this, findDirectoryById, str, str2, MembershipType.GROUP_USER));
        } else {
            if (!updateOperationType.equals(OperationType.UPDATE_GROUP)) {
                throw new DirectoryPermissionException("Directory does not allow role modifications");
            }
            throw new DirectoryPermissionException("Directory does not allow group modifications");
        }
    }

    public void addGroupToGroup(long j, String str, String str2) throws DirectoryPermissionException, OperationFailedException, InvalidMembershipException, NestedGroupsNotSupportedException, DirectoryNotFoundException, GroupNotFoundException, ReadOnlyGroupException {
        RemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        if (!directoryImplementation.supportsNestedGroups()) {
            throw new NestedGroupsNotSupportedException(j);
        }
        if (isGroupDirectGroupMember(j, str, str2)) {
            return;
        }
        Directory findDirectoryById = findDirectoryById(j);
        OperationType updateOperationType = getUpdateOperationType(findGroupByName(j, str2));
        if (!this.permissionManager.hasPermission(findDirectoryById, updateOperationType)) {
            if (!updateOperationType.equals(OperationType.UPDATE_GROUP)) {
                throw new DirectoryPermissionException("Directory does not allow role modifications");
            }
            throw new DirectoryPermissionException("Directory does not allow group modifications");
        }
        if (str.equals(str2)) {
            throw new InvalidMembershipException("Cannot add direct circular group membership reference");
        }
        directoryImplementation.addGroupToGroup(str, str2);
        this.eventPublisher.publish(new GroupMembershipCreatedEvent(this, findDirectoryById, str, str2, MembershipType.GROUP_GROUP));
    }

    public void removeUserFromGroup(long j, String str, String str2) throws DirectoryPermissionException, OperationFailedException, MembershipNotFoundException, DirectoryNotFoundException, GroupNotFoundException, UserNotFoundException, ReadOnlyGroupException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType updateOperationType = getUpdateOperationType(findGroupByName(j, str2));
        if (this.permissionManager.hasPermission(findDirectoryById, updateOperationType)) {
            getDirectoryImplementation(j).removeUserFromGroup(str, str2);
            this.eventPublisher.publish(new GroupMembershipDeletedEvent(this, findDirectoryById, str, str2, MembershipType.GROUP_USER));
        } else {
            if (!updateOperationType.equals(OperationType.UPDATE_GROUP)) {
                throw new DirectoryPermissionException("Directory does not allow role modifications");
            }
            throw new DirectoryPermissionException("Directory does not allow group modifications");
        }
    }

    public void removeGroupFromGroup(long j, String str, String str2) throws DirectoryPermissionException, OperationFailedException, InvalidMembershipException, MembershipNotFoundException, DirectoryNotFoundException, GroupNotFoundException, ReadOnlyGroupException {
        RemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        if (!directoryImplementation.supportsNestedGroups()) {
            throw new UnsupportedOperationException("Directory with id [" + j + "] does not support nested groups");
        }
        Directory findDirectoryById = findDirectoryById(j);
        OperationType updateOperationType = getUpdateOperationType(findGroupByName(j, str2));
        if (!this.permissionManager.hasPermission(findDirectoryById, updateOperationType)) {
            if (!updateOperationType.equals(OperationType.UPDATE_GROUP)) {
                throw new DirectoryPermissionException("Directory does not allow role modifications");
            }
            throw new DirectoryPermissionException("Directory does not allow group modifications");
        }
        if (str.equals(str2)) {
            throw new InvalidMembershipException("Cannot remove direct circular group membership reference");
        }
        directoryImplementation.removeGroupFromGroup(str, str2);
        this.eventPublisher.publish(new GroupMembershipDeletedEvent(this, findDirectoryById, str, str2, MembershipType.GROUP_GROUP));
    }

    public <T> List<T> searchDirectGroupRelationships(long j, MembershipQuery<T> membershipQuery) throws OperationFailedException, DirectoryNotFoundException {
        RemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        return (!directoryImplementation.supportsNestedGroups() && membershipQuery.getEntityToMatch().getEntityType() == Entity.GROUP && membershipQuery.getEntityToReturn().getEntityType() == Entity.GROUP) ? Collections.emptyList() : (directoryImplementation.isRolesDisabled() && ((membershipQuery.getEntityToMatch().getEntityType() == Entity.GROUP && membershipQuery.getEntityToMatch().getGroupType() == GroupType.LEGACY_ROLE) || (membershipQuery.getEntityToReturn().getEntityType() == Entity.GROUP && membershipQuery.getEntityToReturn().getGroupType() == GroupType.LEGACY_ROLE))) ? Collections.emptyList() : getDirectoryImplementation(j).searchGroupRelationships(membershipQuery);
    }

    public boolean isUserNestedGroupMember(long j, String str, String str2) throws OperationFailedException, DirectoryNotFoundException {
        return getDirectoryImplementation(j).supportsNestedGroups() ? isUserNestedGroupMember(j, str, str2, new HashSet()) : isUserDirectGroupMember(j, str, str2);
    }

    private boolean isUserNestedGroupMember(long j, String str, String str2, Set<String> set) throws OperationFailedException, DirectoryNotFoundException {
        if (set.contains(IdentifierUtils.toLowerCase(str2))) {
            return false;
        }
        boolean isUserDirectGroupMember = isUserDirectGroupMember(j, str, str2);
        set.add(IdentifierUtils.toLowerCase(str2));
        if (!isUserDirectGroupMember) {
            Iterator it = searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group()).childrenOf(EntityDescriptor.group()).withName(str2).returningAtMost(-1)).iterator();
            while (it.hasNext()) {
                isUserDirectGroupMember = isUserNestedGroupMember(j, str, ((Group) it.next()).getName(), set);
                if (isUserDirectGroupMember) {
                    break;
                }
            }
        }
        return isUserDirectGroupMember;
    }

    public boolean isGroupNestedGroupMember(long j, String str, String str2) throws OperationFailedException, DirectoryNotFoundException {
        if (str.equals(str2)) {
            return false;
        }
        return getDirectoryImplementation(j).supportsNestedGroups() ? isGroupNestedGroupMember(j, str, str2, new HashSet()) : isGroupDirectGroupMember(j, str, str2);
    }

    private boolean isGroupNestedGroupMember(long j, String str, String str2, Set<String> set) throws OperationFailedException, DirectoryNotFoundException {
        if (set.contains(IdentifierUtils.toLowerCase(str2))) {
            return false;
        }
        boolean isGroupDirectGroupMember = isGroupDirectGroupMember(j, str, str2);
        set.add(IdentifierUtils.toLowerCase(str2));
        if (!isGroupDirectGroupMember) {
            Iterator it = searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group()).childrenOf(EntityDescriptor.group()).withName(str2).returningAtMost(-1)).iterator();
            while (it.hasNext()) {
                isGroupDirectGroupMember = isGroupNestedGroupMember(j, str, ((Group) it.next()).getName(), set);
                if (isGroupDirectGroupMember) {
                    break;
                }
            }
        }
        return isGroupDirectGroupMember;
    }

    public <T> List<T> searchNestedGroupRelationships(long j, MembershipQuery<T> membershipQuery) throws OperationFailedException, DirectoryNotFoundException {
        List<User> findNestedGroupMembershipsOfGroup;
        if (!getDirectoryImplementation(j).supportsNestedGroups()) {
            return searchDirectGroupRelationships(j, membershipQuery);
        }
        int startIndex = membershipQuery.getStartIndex() + membershipQuery.getMaxResults();
        if (membershipQuery.getMaxResults() == -1) {
            startIndex = -1;
        }
        if (membershipQuery.isFindChildren()) {
            if (membershipQuery.getEntityToMatch().getEntityType() != Entity.GROUP) {
                throw new IllegalArgumentException("You can only find the GROUP or USER members of a GROUP");
            }
            if (membershipQuery.getEntityToReturn().getEntityType() == Entity.USER) {
                findNestedGroupMembershipsOfGroup = findNestedUserMembersOfGroup(j, membershipQuery.getEntityNameToMatch(), membershipQuery.getEntityToMatch().getGroupType(), startIndex);
            } else {
                if (membershipQuery.getEntityToReturn().getEntityType() != Entity.GROUP) {
                    throw new IllegalArgumentException("You can only find the GROUP or USER members of a GROUP");
                }
                findNestedGroupMembershipsOfGroup = findNestedGroupMembersOfGroup(j, membershipQuery.getEntityNameToMatch(), membershipQuery.getEntityToMatch().getGroupType(), startIndex);
            }
        } else {
            if (membershipQuery.getEntityToReturn().getEntityType() != Entity.GROUP) {
                throw new IllegalArgumentException("You can only find the GROUP memberships of USER or GROUP");
            }
            if (membershipQuery.getEntityToMatch().getEntityType() == Entity.USER) {
                findNestedGroupMembershipsOfGroup = findNestedGroupMembershipsOfUser(j, membershipQuery.getEntityNameToMatch(), membershipQuery.getEntityToReturn().getGroupType(), startIndex);
            } else {
                if (membershipQuery.getEntityToMatch().getEntityType() != Entity.GROUP) {
                    throw new IllegalArgumentException("You can only find the GROUP memberships of USER or GROUP");
                }
                findNestedGroupMembershipsOfGroup = findNestedGroupMembershipsOfGroup(j, membershipQuery.getEntityNameToMatch(), membershipQuery.getEntityToReturn().getGroupType(), startIndex);
            }
        }
        List<T> constrainResults = SearchResultsUtil.constrainResults(findNestedGroupMembershipsOfGroup, membershipQuery.getStartIndex(), membershipQuery.getMaxResults());
        return membershipQuery.getReturnType() == String.class ? SearchResultsUtil.convertEntitiesToNames(constrainResults) : constrainResults;
    }

    private List<Group> findNestedGroupMembershipsOfGroup(long j, String str, GroupType groupType, int i) throws OperationFailedException, DirectoryNotFoundException {
        try {
            return new ArrayList(findNestedGroupMembershipsIncludingGroups(j, Arrays.asList(findGroupByName(j, str)), groupType, i, false));
        } catch (GroupNotFoundException e) {
            return Collections.emptyList();
        }
    }

    private List<Group> findNestedGroupMembershipsIncludingGroups(long j, List<Group> list, GroupType groupType, int i, boolean z) throws OperationFailedException, DirectoryNotFoundException {
        LinkedList linkedList = new LinkedList();
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        linkedList.addAll(list);
        int i2 = i;
        if (i != -1 && !z) {
            i2 = i + list.size();
        }
        while (!linkedList.isEmpty() && (i2 == -1 || linkedHashSet.size() < i2)) {
            Group group = (Group) linkedList.remove();
            if (!linkedHashSet.contains(group)) {
                linkedHashSet.add(group);
                linkedList.addAll(searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group(groupType)).parentsOf(EntityDescriptor.group(groupType)).withName(group.getName()).returningAtMost(i)));
            }
        }
        if (!z) {
            linkedHashSet.removeAll(list);
        }
        return new ArrayList(linkedHashSet);
    }

    private List<Group> findNestedGroupMembershipsOfUser(long j, String str, GroupType groupType, int i) throws OperationFailedException, DirectoryNotFoundException {
        return findNestedGroupMembershipsIncludingGroups(j, searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group(groupType)).parentsOf(EntityDescriptor.user()).withName(str).returningAtMost(i)), groupType, i, true);
    }

    private List<Group> findNestedGroupMembersOfGroup(long j, String str, GroupType groupType, int i) throws OperationFailedException, DirectoryNotFoundException {
        try {
            Group findGroupByName = findGroupByName(j, str);
            LinkedList linkedList = new LinkedList();
            LinkedHashSet linkedHashSet = new LinkedHashSet();
            linkedList.add(findGroupByName);
            while (!linkedList.isEmpty() && (i == -1 || linkedHashSet.size() < i + 1)) {
                Group group = (Group) linkedList.remove();
                if (!linkedHashSet.contains(group)) {
                    linkedHashSet.add(group);
                    linkedList.addAll(searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group(groupType)).childrenOf(EntityDescriptor.group(groupType)).withName(group.getName()).returningAtMost(i)));
                }
            }
            linkedHashSet.remove(findGroupByName);
            return new ArrayList(linkedHashSet);
        } catch (GroupNotFoundException e) {
            return Collections.emptyList();
        }
    }

    private List<User> findNestedUserMembersOfGroup(long j, String str, GroupType groupType, int i) throws OperationFailedException, DirectoryNotFoundException {
        try {
            Group findGroupByName = findGroupByName(j, str);
            LinkedList linkedList = new LinkedList();
            LinkedHashSet linkedHashSet = new LinkedHashSet();
            LinkedHashSet linkedHashSet2 = new LinkedHashSet();
            linkedList.add(findGroupByName);
            while (!linkedList.isEmpty() && (i == -1 || linkedHashSet2.size() < i)) {
                Group group = (Group) linkedList.remove();
                linkedHashSet2.addAll(searchDirectGroupRelationships(j, QueryBuilder.queryFor(User.class, EntityDescriptor.user()).childrenOf(EntityDescriptor.group(groupType)).withName(group.getName()).returningAtMost(i)));
                if (!linkedHashSet.contains(group)) {
                    linkedHashSet.add(group);
                    linkedList.addAll(searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group(groupType)).childrenOf(EntityDescriptor.group(groupType)).withName(group.getName()).returningAtMost(-1)));
                }
            }
            return new ArrayList(linkedHashSet2);
        } catch (GroupNotFoundException e) {
            return Collections.emptyList();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v34, types: [java.util.Collection] */
    public BulkAddResult<User> addAllUsers(long j, Collection<UserTemplateWithCredentialAndAttributes> collection, boolean z) throws DirectoryPermissionException, OperationFailedException, DirectoryNotFoundException {
        ArrayList arrayList;
        if (!this.permissionManager.hasPermission(findDirectoryById(j), OperationType.CREATE_USER)) {
            throw new DirectoryPermissionException("Directory does not allow adding of users");
        }
        InternalRemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        ArrayList arrayList2 = new ArrayList();
        BulkAddResult<User> bulkAddResult = new BulkAddResult<>(collection.size(), z);
        for (UserTemplateWithCredentialAndAttributes userTemplateWithCredentialAndAttributes : collection) {
            try {
                findUserByName(j, userTemplateWithCredentialAndAttributes.getName());
                if (z) {
                    try {
                        this.logger.info("Removing existing user: " + userTemplateWithCredentialAndAttributes);
                        removeUser(j, userTemplateWithCredentialAndAttributes.getName());
                        arrayList2.add(userTemplateWithCredentialAndAttributes);
                    } catch (Exception e) {
                        this.logger.error("Could not remove user for bulk import overwrite: " + userTemplateWithCredentialAndAttributes, e);
                        bulkAddResult.addExistingEntity(userTemplateWithCredentialAndAttributes);
                    }
                } else {
                    this.logger.info("User <" + userTemplateWithCredentialAndAttributes + "> already exists in directory. Skipping over this entity.");
                    bulkAddResult.addExistingEntity(userTemplateWithCredentialAndAttributes);
                }
            } catch (UserNotFoundException e2) {
                arrayList2.add(userTemplateWithCredentialAndAttributes);
            }
        }
        Set<UserTemplateWithCredentialAndAttributes> retainUniqueEntities = retainUniqueEntities(arrayList2);
        if (directoryImplementation instanceof InternalRemoteDirectory) {
            arrayList = directoryImplementation.addAllUsers(retainUniqueEntities);
        } else {
            arrayList = new ArrayList();
            for (UserTemplateWithCredentialAndAttributes userTemplateWithCredentialAndAttributes2 : retainUniqueEntities) {
                try {
                    directoryImplementation.addUser(userTemplateWithCredentialAndAttributes2, userTemplateWithCredentialAndAttributes2.getCredential());
                } catch (Exception e3) {
                    arrayList.add(userTemplateWithCredentialAndAttributes2);
                }
            }
        }
        bulkAddResult.addFailedEntities(arrayList);
        return bulkAddResult;
    }

    private <T> Set<T> retainUniqueEntities(Collection<T> collection) {
        HashSet hashSet = new HashSet(collection.size());
        for (T t : collection) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Going to add: " + t);
            }
            if (!hashSet.add(t)) {
                this.logger.warn("Duplicate entity. Entity is already in the set of entities to bulk add: " + t);
            }
        }
        return hashSet;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v34, types: [java.util.Collection] */
    public BulkAddResult<Group> addAllGroups(long j, Collection<GroupTemplate> collection, boolean z) throws DirectoryPermissionException, OperationFailedException, DirectoryNotFoundException, InvalidGroupException {
        ArrayList arrayList;
        if (!this.permissionManager.hasPermission(findDirectoryById(j), OperationType.CREATE_GROUP)) {
            throw new DirectoryPermissionException("Directory does not allow adding of groups");
        }
        InternalRemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        ArrayList arrayList2 = new ArrayList();
        BulkAddResult<Group> bulkAddResult = new BulkAddResult<>(collection.size(), z);
        for (GroupTemplate groupTemplate : collection) {
            try {
                findGroupByName(j, groupTemplate.getName());
                if (z) {
                    try {
                        this.logger.info("Removing existing group: " + groupTemplate);
                        removeGroup(j, groupTemplate.getName());
                        arrayList2.add(groupTemplate);
                    } catch (Exception e) {
                        this.logger.error("Could not remove group for bulk import overwrite: " + groupTemplate, e);
                        bulkAddResult.addExistingEntity(groupTemplate);
                    }
                } else {
                    this.logger.info("Group <" + groupTemplate + "> already exists in directory. Skipping over this entity.");
                    bulkAddResult.addExistingEntity(groupTemplate);
                }
            } catch (GroupNotFoundException e2) {
                arrayList2.add(groupTemplate);
            }
        }
        Set<GroupTemplate> retainUniqueEntities = retainUniqueEntities(arrayList2);
        if (directoryImplementation instanceof InternalRemoteDirectory) {
            arrayList = directoryImplementation.addAllGroups(retainUniqueEntities);
        } else {
            arrayList = new ArrayList();
            for (GroupTemplate groupTemplate2 : retainUniqueEntities) {
                try {
                    directoryImplementation.addGroup(groupTemplate2);
                } catch (Exception e3) {
                    arrayList.add(groupTemplate2);
                }
            }
        }
        bulkAddResult.addFailedEntities(arrayList);
        return bulkAddResult;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v38, types: [java.util.Collection] */
    public BulkAddResult<String> addAllUsersToGroup(long j, Collection<String> collection, String str) throws DirectoryPermissionException, OperationFailedException, DirectoryNotFoundException, GroupNotFoundException, UserNotFoundException {
        ArrayList arrayList;
        Directory findDirectoryById = findDirectoryById(j);
        OperationType updateOperationType = getUpdateOperationType(findGroupByName(j, str));
        if (!this.permissionManager.hasPermission(findDirectoryById, updateOperationType)) {
            if (updateOperationType.equals(OperationType.UPDATE_GROUP)) {
                throw new DirectoryPermissionException("Directory does not allow group modifications");
            }
            throw new DirectoryPermissionException("Directory does not allow role modifications");
        }
        InternalRemoteDirectory directory = this.directoryInstanceLoader.getDirectory(findDirectoryById);
        Set<String> retainUniqueEntities = retainUniqueEntities(collection);
        BulkAddResult<String> bulkAddResult = new BulkAddResult<>(collection.size(), true);
        if (directory instanceof InternalRemoteDirectory) {
            arrayList = directory.addAllUsersToGroup(retainUniqueEntities, str);
        } else {
            arrayList = new ArrayList();
            for (String str2 : retainUniqueEntities) {
                try {
                    addUserToGroup(j, str2, str);
                } catch (Exception e) {
                    arrayList.add(str2);
                    this.logger.error(e.getMessage());
                }
            }
        }
        bulkAddResult.addFailedEntities(arrayList);
        return bulkAddResult;
    }

    private OperationType getCreateOperationType(Group group) {
        switch (AnonymousClass1.$SwitchMap$com$atlassian$crowd$model$group$GroupType[group.getType().ordinal()]) {
            case 1:
                return OperationType.CREATE_GROUP;
            case 2:
                return OperationType.CREATE_ROLE;
            default:
                throw new UnsupportedOperationException();
        }
    }

    private OperationType getUpdateOperationType(Group group) {
        switch (AnonymousClass1.$SwitchMap$com$atlassian$crowd$model$group$GroupType[group.getType().ordinal()]) {
            case 1:
                return OperationType.UPDATE_GROUP;
            case 2:
                return OperationType.UPDATE_ROLE;
            default:
                throw new UnsupportedOperationException();
        }
    }

    private OperationType getUpdateAttributeOperationType(Group group) {
        switch (AnonymousClass1.$SwitchMap$com$atlassian$crowd$model$group$GroupType[group.getType().ordinal()]) {
            case 1:
                return OperationType.UPDATE_GROUP_ATTRIBUTE;
            case 2:
                return OperationType.UPDATE_ROLE_ATTRIBUTE;
            default:
                throw new UnsupportedOperationException();
        }
    }

    private OperationType getDeleteOperationType(Group group) {
        switch (AnonymousClass1.$SwitchMap$com$atlassian$crowd$model$group$GroupType[group.getType().ordinal()]) {
            case 1:
                return OperationType.DELETE_GROUP;
            case 2:
                return OperationType.DELETE_ROLE;
            default:
                throw new UnsupportedOperationException();
        }
    }
}
