package com.atlassian.crowd.embedded.admin.list;

import com.atlassian.crowd.directory.DelegatedAuthenticationDirectory;
import com.atlassian.crowd.directory.ldap.LDAPPropertiesMapper;
import com.atlassian.crowd.embedded.admin.DirectoryContextHelper;
import com.atlassian.crowd.embedded.admin.jirajdbc.JiraJdbcDirectoryConfiguration;
import com.atlassian.crowd.embedded.admin.plugin.InternalDirectoryOptionsModuleDescriptor;
import com.atlassian.crowd.embedded.admin.util.HtmlEncoder;
import com.atlassian.crowd.embedded.admin.util.MapBuilder;
import com.atlassian.crowd.embedded.admin.util.SimpleMessage;
import com.atlassian.crowd.embedded.api.CrowdDirectoryService;
import com.atlassian.crowd.embedded.api.Directory;
import com.atlassian.crowd.embedded.api.DirectorySynchronisationInformation;
import com.atlassian.crowd.embedded.api.DirectoryType;
import com.atlassian.crowd.embedded.api.PermissionOption;
import com.atlassian.crowd.embedded.impl.ImmutableDirectory;
import com.atlassian.crowd.exception.DirectoryCurrentlySynchronisingException;
import com.atlassian.crowd.exception.DirectoryNotFoundException;
import com.atlassian.crowd.model.application.ApplicationType;
import com.atlassian.plugin.PluginAccessor;
import com.atlassian.plugin.web.springmvc.xsrf.XsrfTokenGenerator;
import com.atlassian.sal.api.ApplicationProperties;
import com.atlassian.sal.api.message.Message;
import com.atlassian.sal.api.transaction.TransactionCallback;
import com.atlassian.sal.api.transaction.TransactionTemplate;
import com.atlassian.sal.api.user.UserManager;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.Sets;
import electric.glue.pro.console.services.ILogConstants;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.framework.AdminPermission;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.tags.BindErrorsTag;
import org.springframework.web.servlet.view.RedirectView;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/embedded-crowd-admin-plugin-2.0.0-m4.jar:com/atlassian/crowd/embedded/admin/list/DirectoriesController.class */
public final class DirectoriesController {
    private static final String TYPE_KEY_PREFIX = "embedded.crowd.directory.type.";
    private static final Logger log = LoggerFactory.getLogger((Class<?>) DirectoriesController.class);
    private static final String LIST_DIRECTORIES_VIEW = "list-directories";
    private CrowdDirectoryService crowdDirectoryService;
    private UserManager userManager;
    private TransactionTemplate transactionTemplate;
    private DirectoryContextHelper directoryContextHelper;
    private ApplicationProperties applicationProperties;
    private XsrfTokenGenerator xsrfTokenGenerator;
    private LDAPPropertiesMapper ldapPropertiesMapper;
    private HtmlEncoder htmlEncoder;
    private PluginAccessor pluginAccessor;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/embedded-crowd-admin-plugin-2.0.0-m4.jar:com/atlassian/crowd/embedded/admin/list/DirectoriesController$DirectoryOperation.class */
    public interface DirectoryOperation {
        void withDirectory(Directory directory) throws DirectoryOperationException;
    }

    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/embedded-crowd-admin-plugin-2.0.0-m4.jar:com/atlassian/crowd/embedded/admin/list/DirectoriesController$DirectoryOperationException.class */
    public final class DirectoryOperationException extends RuntimeException {
        public DirectoryOperationException(String str) {
            super(str);
        }

        public DirectoryOperationException(String str, Throwable th) {
            super(str, th);
        }

        public DirectoryOperationException(Throwable th) {
            super(th);
        }
    }

    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/embedded-crowd-admin-plugin-2.0.0-m4.jar:com/atlassian/crowd/embedded/admin/list/DirectoriesController$DirectoryOperationNotPermittedException.class */
    public final class DirectoryOperationNotPermittedException extends RuntimeException {
        private Message message;

        public DirectoryOperationNotPermittedException(String str, Message message) {
            super(str);
            this.message = message;
        }

        public Message getI18nMessage() {
            return this.message;
        }
    }

    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/embedded-crowd-admin-plugin-2.0.0-m4.jar:com/atlassian/crowd/embedded/admin/list/DirectoriesController$Operation.class */
    public enum Operation {
        ENABLE(ILogConstants.ENABLE),
        DISABLE("disable"),
        REMOVE("remove"),
        EDIT("edit"),
        TROUBLESHOOT("troubleshoot");

        private static final String LABEL_PREFIX = "embedded.crowd.operation.";
        private static final String URL_PREFIX = "/plugins/servlet/embedded-crowd/directories/";
        private final String methodName;

        Operation(String str) {
            this.methodName = str;
        }

        public String getMethodName() {
            return this.methodName;
        }

        public String getUrl(Directory directory) {
            return URL_PREFIX + this.methodName + "?directoryId=" + directory.getId();
        }

        public Message getMessage() {
            return SimpleMessage.instance(LABEL_PREFIX + name(), new Serializable[0]);
        }
    }

    private Map<String, Object> getReferenceData(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        hashMap.put("directories", getDirectoryListItems(httpServletRequest));
        hashMap.put("newDirectoryTypes", NewDirectoryType.getValidNewDirectoryTypes(getApplicationType(this.applicationProperties.getDisplayName())));
        hashMap.put("highlightDirectoryId", httpServletRequest.getParameter("highlightDirectoryId"));
        hashMap.put(AdminPermission.CONTEXT, hashMap);
        hashMap.put("req", httpServletRequest);
        hashMap.put("htmlEncoder", this.htmlEncoder);
        return hashMap;
    }

    public ModelAndView list(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        return new ModelAndView(LIST_DIRECTORIES_VIEW, (Map<String, ?>) getReferenceData(httpServletRequest));
    }

    public ModelAndView edit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!isXsrfTokenPresentAndCorrect(httpServletRequest)) {
            return redirectWithSessionTimeoutWarning(httpServletRequest);
        }
        try {
            Directory directory = this.directoryContextHelper.getDirectory(httpServletRequest);
            switch (directory.getType()) {
                case INTERNAL:
                    return new ModelAndView("redirect:/plugins/servlet/embedded-crowd/configure/internal/", (Map<String, ?>) MapBuilder.build("directoryId", directory.getId()));
                case CROWD:
                    return new ModelAndView("redirect:/plugins/servlet/embedded-crowd/configure/crowd/", (Map<String, ?>) MapBuilder.build("directoryId", directory.getId()));
                case DELEGATING:
                    return new ModelAndView("redirect:/plugins/servlet/embedded-crowd/configure/delegatingldap/", (Map<String, ?>) MapBuilder.build("directoryId", directory.getId()));
                case CUSTOM:
                    if (JiraJdbcDirectoryConfiguration.DIRECTORY_CLASS.equals(directory.getImplementationClass())) {
                        return new ModelAndView("redirect:/plugins/servlet/embedded-crowd/configure/jirajdbc/", (Map<String, ?>) MapBuilder.build("directoryId", directory.getId()));
                    }
                    break;
            }
            return new ModelAndView("redirect:/plugins/servlet/embedded-crowd/configure/ldap/", (Map<String, ?>) MapBuilder.build("directoryId", directory.getId()));
        } catch (DirectoryNotFoundException e) {
            return directoryNotFound(httpServletRequest);
        }
    }

    public ModelAndView disable(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        return !isXsrfTokenPresentAndCorrect(httpServletRequest) ? redirectWithSessionTimeoutWarning(httpServletRequest) : this.directoryContextHelper.isContextUserFromDirectory(httpServletRequest) ? directoryInError(httpServletRequest, SimpleMessage.instance("embedded.crowd.current.directory.cannot.disable.remove", new Serializable[0])) : withDirectoryInTransaction(httpServletRequest, new DirectoryOperation() { // from class: com.atlassian.crowd.embedded.admin.list.DirectoriesController.1
            @Override // com.atlassian.crowd.embedded.admin.list.DirectoriesController.DirectoryOperation
            public void withDirectory(Directory directory) {
                ImmutableDirectory.Builder newBuilder = ImmutableDirectory.newBuilder(directory);
                newBuilder.setActive(false);
                DirectoriesController.this.crowdDirectoryService.updateDirectory(newBuilder.toDirectory());
                DirectoriesController.log.info("User directory disabled: [ {} ], type: [ {} ]", directory.getName(), directory.getType());
            }
        });
    }

    public ModelAndView remove(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!isXsrfTokenPresentAndCorrect(httpServletRequest)) {
            return redirectWithSessionTimeoutWarning(httpServletRequest);
        }
        if (this.directoryContextHelper.isContextUserFromDirectory(this.directoryContextHelper.getDirectory(httpServletRequest), httpServletRequest)) {
            return directoryInError(httpServletRequest, SimpleMessage.instance("embedded.crowd.current.directory.cannot.disable.remove", new Serializable[0]));
        }
        switch (r0.getType()) {
            case INTERNAL:
                return directoryInError(httpServletRequest, SimpleMessage.instance("embedded.crowd.internal.directory.cannot.remove", new Serializable[0]));
            default:
                return withDirectoryInTransaction(httpServletRequest, new DirectoryOperation() { // from class: com.atlassian.crowd.embedded.admin.list.DirectoriesController.2
                    @Override // com.atlassian.crowd.embedded.admin.list.DirectoriesController.DirectoryOperation
                    public void withDirectory(Directory directory) {
                        try {
                            DirectoriesController.this.crowdDirectoryService.removeDirectory(directory.getId().longValue());
                            DirectoriesController.log.info("User directory removed: [ {} ], type: [ {} ]", directory.getName(), directory.getType());
                        } catch (DirectoryCurrentlySynchronisingException e) {
                            throw new DirectoryOperationException(e);
                        }
                    }
                });
        }
    }

    public ModelAndView enable(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        return !isXsrfTokenPresentAndCorrect(httpServletRequest) ? redirectWithSessionTimeoutWarning(httpServletRequest) : withDirectoryInTransaction(httpServletRequest, new DirectoryOperation() { // from class: com.atlassian.crowd.embedded.admin.list.DirectoriesController.3
            @Override // com.atlassian.crowd.embedded.admin.list.DirectoriesController.DirectoryOperation
            public void withDirectory(Directory directory) {
                ImmutableDirectory.Builder newBuilder = ImmutableDirectory.newBuilder(directory);
                newBuilder.setActive(true);
                DirectoriesController.this.crowdDirectoryService.updateDirectory(newBuilder.toDirectory());
                DirectoriesController.log.info("User directory enabled: [ {} ], type: [ {} ]", directory.getName(), directory.getType());
            }
        });
    }

    public ModelAndView moveUp(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        return !isXsrfTokenPresentAndCorrect(httpServletRequest) ? redirectWithSessionTimeoutWarning(httpServletRequest) : withDirectoryInTransaction(httpServletRequest, new DirectoryOperation() { // from class: com.atlassian.crowd.embedded.admin.list.DirectoriesController.4
            @Override // com.atlassian.crowd.embedded.admin.list.DirectoriesController.DirectoryOperation
            public void withDirectory(Directory directory) {
                int indexOf = DirectoriesController.this.getDirectoryIds().indexOf(directory.getId());
                DirectoriesController.this.crowdDirectoryService.setDirectoryPosition(directory.getId().longValue(), indexOf > 0 ? indexOf - 1 : 0);
                if (DirectoriesController.this.userManager.isSystemAdmin(DirectoriesController.this.userManager.getRemoteUsername())) {
                    DirectoriesController.log.info("User directory moved up: [ {} ], type: [ {} ]", directory.getName(), directory.getType());
                } else {
                    DirectoriesController.this.crowdDirectoryService.setDirectoryPosition(directory.getId().longValue(), indexOf);
                    throw new DirectoryOperationNotPermittedException("Current user would have lost system admin privileges if directory was moved.", SimpleMessage.instance("embedded.crowd.internal.directory.cannot.reorder", new Serializable[0]));
                }
            }
        });
    }

    public ModelAndView moveDown(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        return !isXsrfTokenPresentAndCorrect(httpServletRequest) ? redirectWithSessionTimeoutWarning(httpServletRequest) : withDirectoryInTransaction(httpServletRequest, new DirectoryOperation() { // from class: com.atlassian.crowd.embedded.admin.list.DirectoriesController.5
            @Override // com.atlassian.crowd.embedded.admin.list.DirectoriesController.DirectoryOperation
            public void withDirectory(Directory directory) {
                List directoryIds = DirectoriesController.this.getDirectoryIds();
                int indexOf = directoryIds.indexOf(directory.getId());
                int size = directoryIds.size() - 1;
                DirectoriesController.this.crowdDirectoryService.setDirectoryPosition(directory.getId().longValue(), indexOf < size ? indexOf + 1 : size);
                if (DirectoriesController.this.userManager.isSystemAdmin(DirectoriesController.this.userManager.getRemoteUsername())) {
                    DirectoriesController.log.info("User directory moved down: [ {} ], type: [ {} ]", directory.getName(), directory.getType());
                } else {
                    DirectoriesController.this.crowdDirectoryService.setDirectoryPosition(directory.getId().longValue(), indexOf);
                    throw new DirectoryOperationNotPermittedException("Current user would have lost system admin privileges if directory was moved.", SimpleMessage.instance("embedded.crowd.internal.directory.cannot.reorder", new Serializable[0]));
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<Long> getDirectoryIds() {
        List<Directory> findAllDirectories = this.crowdDirectoryService.findAllDirectories();
        ArrayList arrayList = new ArrayList(findAllDirectories.size());
        Iterator<Directory> it2 = findAllDirectories.iterator();
        while (it2.hasNext()) {
            arrayList.add(it2.next().getId());
        }
        return arrayList;
    }

    public ModelAndView sync(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!isXsrfTokenPresentAndCorrect(httpServletRequest)) {
            return redirectWithSessionTimeoutWarning(httpServletRequest);
        }
        Directory directory = this.directoryContextHelper.getDirectory(httpServletRequest);
        log.info("User directory synchronisation requested: [ {} ], type: [ {} ]", directory.getName(), directory.getType());
        this.crowdDirectoryService.synchroniseDirectory(directory.getId().longValue());
        return new ModelAndView("redirect:/plugins/servlet/embedded-crowd/directories/list?highlightDirectoryId=" + directory.getId());
    }

    private ModelAndView withDirectoryInTransaction(HttpServletRequest httpServletRequest, final DirectoryOperation directoryOperation) {
        try {
            final Directory directory = this.directoryContextHelper.getDirectory(httpServletRequest);
            this.transactionTemplate.execute(new TransactionCallback() { // from class: com.atlassian.crowd.embedded.admin.list.DirectoriesController.6
                @Override // com.atlassian.sal.api.transaction.TransactionCallback
                public Object doInTransaction() {
                    directoryOperation.withDirectory(directory);
                    return null;
                }
            });
            return new ModelAndView("redirect:/plugins/servlet/embedded-crowd/directories/list?highlightDirectoryId=" + directory.getId());
        } catch (DirectoryOperationException e) {
            log.error("The directory operation failed: ", (Throwable) e);
            return e.getCause() instanceof DirectoryCurrentlySynchronisingException ? directoryInError(httpServletRequest, SimpleMessage.instance("embedded.crowd.directory.not.removable.during.sync", new Serializable[0])) : directoryInError(httpServletRequest, SimpleMessage.instance("embedded.crowd.directory.operation.error", this.htmlEncoder.encode(e.getMessage())));
        } catch (DirectoryOperationNotPermittedException e2) {
            Message i18nMessage = e2.getI18nMessage();
            return i18nMessage != null ? directoryInError(httpServletRequest, i18nMessage) : directoryInError(httpServletRequest, SimpleMessage.instance("embedded.crowd.directory.operation.error", this.htmlEncoder.encode(e2.getMessage())));
        } catch (DirectoryNotFoundException e3) {
            log.error("Directory not found: ", (Throwable) e3);
            return directoryNotFound(httpServletRequest);
        }
    }

    private ModelAndView directoryInError(HttpServletRequest httpServletRequest, Message message) {
        Map<String, Object> referenceData = getReferenceData(httpServletRequest);
        referenceData.put(BindErrorsTag.ERRORS_VARIABLE_NAME, Collections.singleton(message));
        return new ModelAndView(LIST_DIRECTORIES_VIEW, (Map<String, ?>) referenceData);
    }

    private ModelAndView directoryNotFound(HttpServletRequest httpServletRequest) {
        return directoryInError(httpServletRequest, SimpleMessage.instance("embedded.crowd.directory.not.found", new Serializable[0]));
    }

    private List<DirectoryListItem> getDirectoryListItems(HttpServletRequest httpServletRequest) {
        ArrayList arrayList = new ArrayList();
        List<Directory> findAllDirectories = this.crowdDirectoryService.findAllDirectories();
        boolean isInternalDirectoryEditable = isInternalDirectoryEditable();
        for (int i = 0; i < findAllDirectories.size(); i++) {
            Directory directory = findAllDirectories.get(i);
            ListItemPosition listItemPosition = new ListItemPosition(i, findAllDirectories.size());
            DirectorySynchronisationInformation directorySynchronisationInformation = this.crowdDirectoryService.getDirectorySynchronisationInformation(directory.getId().longValue());
            boolean isContextUserFromDirectory = this.directoryContextHelper.isContextUserFromDirectory(directory, httpServletRequest);
            arrayList.add(new DirectoryListItem(directory, getAvailableOperations(directory, isContextUserFromDirectory, isInternalDirectoryEditable), isContextUserFromDirectory, getTypeName(directory), listItemPosition, directorySynchronisationInformation));
        }
        return arrayList;
    }

    @VisibleForTesting
    protected Set<Operation> getAvailableOperations(Directory directory, boolean z, boolean z2) {
        HashSet newHashSet = Sets.newHashSet();
        if (directory.getType() == DirectoryType.INTERNAL) {
            if (z2) {
                newHashSet.add(Operation.EDIT);
            }
            if (!z) {
                newHashSet.add(directory.isActive() ? Operation.DISABLE : Operation.ENABLE);
            }
        } else {
            if (!directory.isActive()) {
                newHashSet.add(Operation.REMOVE);
            }
            if (directory.getType() != DirectoryType.DELEGATING) {
                newHashSet.add(Operation.TROUBLESHOOT);
            }
            if (!z) {
                newHashSet.add(Operation.EDIT);
                newHashSet.add(directory.isActive() ? Operation.DISABLE : Operation.ENABLE);
            }
        }
        return newHashSet.isEmpty() ? newHashSet : EnumSet.copyOf((Collection) newHashSet);
    }

    @VisibleForTesting
    protected boolean isInternalDirectoryEditable() {
        List enabledModuleDescriptorsByClass = this.pluginAccessor.getEnabledModuleDescriptorsByClass(InternalDirectoryOptionsModuleDescriptor.class);
        if (enabledModuleDescriptorsByClass.isEmpty()) {
            return true;
        }
        Iterator it2 = enabledModuleDescriptorsByClass.iterator();
        while (it2.hasNext()) {
            if (((InternalDirectoryOptionsModuleDescriptor) it2.next()).isEditable()) {
                return true;
            }
        }
        return false;
    }

    public void setCrowdDirectoryService(CrowdDirectoryService crowdDirectoryService) {
        this.crowdDirectoryService = crowdDirectoryService;
    }

    public void setLdapPropertiesMapper(LDAPPropertiesMapper lDAPPropertiesMapper) {
        this.ldapPropertiesMapper = lDAPPropertiesMapper;
    }

    public void setHtmlEncoder(HtmlEncoder htmlEncoder) {
        this.htmlEncoder = htmlEncoder;
    }

    public void setPluginAccessor(PluginAccessor pluginAccessor) {
        this.pluginAccessor = pluginAccessor;
    }

    public void setTransactionTemplate(TransactionTemplate transactionTemplate) {
        this.transactionTemplate = transactionTemplate;
    }

    public void setDirectoryContextHelper(DirectoryContextHelper directoryContextHelper) {
        this.directoryContextHelper = directoryContextHelper;
    }

    public void setUserManager(UserManager userManager) {
        this.userManager = userManager;
    }

    public void setApplicationProperties(ApplicationProperties applicationProperties) {
        this.applicationProperties = applicationProperties;
    }

    public void setXsrfTokenGenerator(XsrfTokenGenerator xsrfTokenGenerator) {
        this.xsrfTokenGenerator = xsrfTokenGenerator;
    }

    private boolean isXsrfTokenPresentAndCorrect(HttpServletRequest httpServletRequest) {
        return this.xsrfTokenGenerator.validateToken(httpServletRequest, httpServletRequest.getParameter("atl_token"));
    }

    private ModelAndView redirectWithSessionTimeoutWarning(HttpServletRequest httpServletRequest) {
        return new ModelAndView(new RedirectView("/directories/list?timeout=true", true));
    }

    private Message getTypeName(Directory directory) {
        DirectoryType type = directory.getType();
        switch (type) {
            case DELEGATING:
                return SimpleMessage.instance(TYPE_KEY_PREFIX + type.name(), getNameForImplementation(directory.getValue(DelegatedAuthenticationDirectory.ATTRIBUTE_LDAP_DIRECTORY_CLASS)));
            case CUSTOM:
                return SimpleMessage.instance(TYPE_KEY_PREFIX + type.name() + getClassNameOnly(directory.getImplementationClass()), new Serializable[0]);
            case CONNECTOR:
                String nameForImplementation = getNameForImplementation(directory.getImplementationClass());
                return SimpleMessage.instance(TYPE_KEY_PREFIX + type.name() + "." + PermissionOption.fromAllowedOperations(directory.getAllowedOperations()).name(), nameForImplementation == null ? type.name() : nameForImplementation);
            default:
                return SimpleMessage.instance(TYPE_KEY_PREFIX + type.name(), new Serializable[0]);
        }
    }

    private String getNameForImplementation(String str) {
        for (Map.Entry<String, String> entry : this.ldapPropertiesMapper.getImplementations().entrySet()) {
            if (entry.getValue().equals(str)) {
                return entry.getKey();
            }
        }
        return null;
    }

    private String getClassNameOnly(String str) {
        return str.substring(str.lastIndexOf("."));
    }

    public ApplicationType getApplicationType(String str) {
        try {
            return ApplicationType.valueOf(str.toUpperCase());
        } catch (IllegalArgumentException e) {
            return ApplicationType.GENERIC_APPLICATION;
        }
    }
}
