package com.atlassian.servicedesk.bootstrap.upgrade.tasks;

import com.atlassian.fugue.Either;
import com.atlassian.jira.permission.PermissionSchemeManager;
import com.atlassian.jira.permission.ProjectPermissions;
import com.atlassian.jira.project.Project;
import com.atlassian.jira.scheme.Scheme;
import com.atlassian.jira.scheme.SchemeEntity;
import com.atlassian.jira.security.plugin.ProjectPermissionKey;
import com.atlassian.jira.security.roles.ProjectRole;
import com.atlassian.servicedesk.bootstrap.upgrade.AsyncUpgradeTask;
import com.atlassian.servicedesk.bootstrap.upgrade.AsyncUpgradeTaskResult;
import com.atlassian.servicedesk.internal.feature.jira.project.ServiceDeskProjectManager;
import com.atlassian.servicedesk.internal.feature.servicedesk.InternalServiceDeskManager;
import com.atlassian.servicedesk.internal.feature.servicedesk.ServiceDesk;
import com.atlassian.servicedesk.internal.manager.JiraUpgradeNeededManager;
import com.atlassian.servicedesk.internal.permission.ServiceDeskProjectPermissionManager;
import com.atlassian.servicedesk.internal.permission.misconfiguration.PermissionSchemeUtil;
import com.atlassian.servicedesk.internal.permission.restore.PermissionSchemeMisconfigurationManager;
import com.atlassian.servicedesk.internal.permission.security.type.CustomerPortalOnlySecurityType;
import com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskJIRARoleManager;
import com.atlassian.servicedesk.internal.utils.Convert;
import com.atlassian.servicedesk.squalor.JIRAScreenAndSchemeCreator;
import com.google.common.collect.Lists;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.lang.StringUtils;
import org.ofbiz.core.entity.GenericEntityException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import scala.Option;

/* loaded from: input_file:com/atlassian/servicedesk/bootstrap/upgrade/tasks/AsyncUpgradeTaskMigrateAgentPermission.class */
public class AsyncUpgradeTaskMigrateAgentPermission implements AsyncUpgradeTask {
    private static final Logger log = LoggerFactory.getLogger(AsyncUpgradeTaskMigrateAgentPermission.class);
    private ServiceDeskProjectPermissionManager serviceDeskProjectPermissionManager;
    private InternalServiceDeskManager serviceDeskManager;
    private ServiceDeskProjectManager serviceDeskProjectManager;
    private PermissionSchemeManager permissionSchemeManager;
    private JiraUpgradeNeededManager jiraUpgradeNeededManager;
    private PermissionSchemeMisconfigurationManager permissionSchemeMisconfigurationManager;
    private JIRAScreenAndSchemeCreator jiraScreenAndSchemeCreator;
    private PermissionSchemeUtil permissionSchemeUtil;
    private ServiceDeskJIRARoleManager serviceDeskJIRARoleManager;

    public AsyncUpgradeTaskMigrateAgentPermission(ServiceDeskProjectPermissionManager serviceDeskProjectPermissionManager, InternalServiceDeskManager internalServiceDeskManager, ServiceDeskProjectManager serviceDeskProjectManager, PermissionSchemeManager permissionSchemeManager, JiraUpgradeNeededManager jiraUpgradeNeededManager, PermissionSchemeMisconfigurationManager permissionSchemeMisconfigurationManager, JIRAScreenAndSchemeCreator jIRAScreenAndSchemeCreator, PermissionSchemeUtil permissionSchemeUtil, ServiceDeskJIRARoleManager serviceDeskJIRARoleManager) {
        this.serviceDeskProjectPermissionManager = serviceDeskProjectPermissionManager;
        this.serviceDeskManager = internalServiceDeskManager;
        this.serviceDeskProjectManager = serviceDeskProjectManager;
        this.permissionSchemeManager = permissionSchemeManager;
        this.jiraUpgradeNeededManager = jiraUpgradeNeededManager;
        this.permissionSchemeMisconfigurationManager = permissionSchemeMisconfigurationManager;
        this.jiraScreenAndSchemeCreator = jIRAScreenAndSchemeCreator;
        this.permissionSchemeUtil = permissionSchemeUtil;
        this.serviceDeskJIRARoleManager = serviceDeskJIRARoleManager;
    }

    @Override // com.atlassian.servicedesk.bootstrap.upgrade.AsyncUpgradeTask
    public String getVersionIntroduced() {
        return "3.0-OD-xx";
    }

    @Override // com.atlassian.servicedesk.bootstrap.upgrade.AsyncUpgradeTask
    public Set<Class<? extends AsyncUpgradeTask>> getDependentUpgradeTaskTypes() {
        return Collections.emptySet();
    }

    @Override // com.atlassian.servicedesk.bootstrap.upgrade.AsyncUpgradeTask
    public AsyncUpgradeTaskResult doUpgrade() {
        return this.serviceDeskProjectPermissionManager.isAgentProjectPermissionUpgradeTaskEnabled() ? performUpgradeAgentPermission(Convert.toJava(this.serviceDeskManager.getAllServiceDesks())) : AsyncUpgradeTaskResult.delayed(String.format("Agent permission upgrade task is skipped due to rolesSupported() being false", new Object[0]));
    }

    AsyncUpgradeTaskResult performUpgradeAgentPermission(List<ServiceDesk> list) {
        int i = 0;
        Iterator<ServiceDesk> it = list.iterator();
        while (it.hasNext()) {
            Either java = Convert.toJava(this.serviceDeskProjectManager.getProject(it.next().projectId()));
            if (java.isRight()) {
                Project project = (Project) java.right().get();
                Scheme schemeFor = this.permissionSchemeManager.getSchemeFor(project);
                List<SchemeEntity> filterInvalidEntries = filterInvalidEntries(schemeFor, getPermissionEntitiesNeedToBeMigrated(schemeFor));
                try {
                    if (!filterInvalidEntries.isEmpty()) {
                        Scheme backupAndSwitchPermissionScheme = this.permissionSchemeMisconfigurationManager.backupAndSwitchPermissionScheme(project, schemeFor);
                        for (SchemeEntity schemeEntity : filterInvalidEntries) {
                            this.jiraScreenAndSchemeCreator.addEntityToPermissionScheme(backupAndSwitchPermissionScheme, schemeEntity.getType(), schemeEntity.getParameter(), ServiceDeskProjectPermissionManager.SERVICEDESK_AGENT());
                        }
                    }
                    i++;
                } catch (GenericEntityException e) {
                    log.error(String.format("There was an error when adding entity to Agent permission during upgrade task for project %s", project.getName()), e);
                }
            }
        }
        if (i != list.size()) {
            return AsyncUpgradeTaskResult.failure("There were projects that have not migrated successfully yet. This upgrade task will rerun on next scheduled time.");
        }
        this.jiraUpgradeNeededManager.setAgentPermissionUpgradeTaskCompleted(true);
        return AsyncUpgradeTaskResult.success(String.format("All %d projects have been migrated successfully", Integer.valueOf(i)));
    }

    List<SchemeEntity> getPermissionEntitiesNeedToBeMigrated(Scheme scheme) {
        return this.jiraUpgradeNeededManager.isOldLicenseTypeMatched(JiraUpgradeNeededManager.SD_LICENSE_TYPE_ABP()) ? getPermissionEntities(scheme, ProjectPermissions.EDIT_ISSUES) : getPermissionEntities(scheme, ProjectPermissions.BROWSE_PROJECTS);
    }

    List<SchemeEntity> getPermissionEntities(Scheme scheme, ProjectPermissionKey projectPermissionKey) {
        ArrayList newArrayList = Lists.newArrayList();
        for (SchemeEntity schemeEntity : scheme.getEntities()) {
            if (projectPermissionKey.equals(this.permissionSchemeUtil.getPermissionKeyFromEntity(schemeEntity))) {
                newArrayList.add(schemeEntity);
            }
        }
        return newArrayList;
    }

    List<SchemeEntity> filterInvalidEntries(Scheme scheme, List<SchemeEntity> list) {
        ArrayList newArrayList = Lists.newArrayList();
        for (SchemeEntity schemeEntity : list) {
            if (isSchemeEntityValid(schemeEntity) && isNotPortalAccessSecurityType(schemeEntity) && isNotInAgentPermission(scheme, schemeEntity)) {
                newArrayList.add(schemeEntity);
            }
        }
        return newArrayList;
    }

    boolean isSchemeEntityValid(SchemeEntity schemeEntity) {
        boolean z = true;
        Option<ProjectRole> customerRole = this.serviceDeskJIRARoleManager.getCustomerRole();
        if (customerRole.isDefined() && ((ProjectRole) customerRole.get()).getId().toString().equals(schemeEntity.getParameter())) {
            z = false;
        }
        Option<ProjectRole> collaboratorRole = this.serviceDeskJIRARoleManager.getCollaboratorRole();
        if (collaboratorRole.isDefined() && ((ProjectRole) collaboratorRole.get()).getId().toString().equals(schemeEntity.getParameter())) {
            z = false;
        }
        return z;
    }

    boolean isNotPortalAccessSecurityType(SchemeEntity schemeEntity) {
        return !CustomerPortalOnlySecurityType.TYPE.equals(schemeEntity.getType());
    }

    boolean isNotInAgentPermission(Scheme scheme, SchemeEntity schemeEntity) {
        for (SchemeEntity schemeEntity2 : getPermissionEntities(scheme, ServiceDeskProjectPermissionManager.SERVICEDESK_AGENT())) {
            if (StringUtils.isNotEmpty(schemeEntity2.getParameter()) && schemeEntity2.getParameter().equals(schemeEntity.getParameter())) {
                return false;
            }
        }
        return true;
    }
}
