package be.personify.iam.scim.rest;

import be.personify.iam.scim.authentication.CurrentConsumer;
import be.personify.iam.scim.schema.Schema;
import be.personify.iam.scim.schema.SchemaAttribute;
import be.personify.iam.scim.schema.SchemaException;
import be.personify.iam.scim.schema.SchemaReader;
import be.personify.iam.scim.schema.SchemaResourceType;
import be.personify.iam.scim.storage.ConfigurationException;
import be.personify.iam.scim.storage.ConstraintViolationException;
import be.personify.iam.scim.storage.DataException;
import be.personify.iam.scim.storage.Storage;
import be.personify.iam.scim.storage.StorageImplementationFactory;
import be.personify.iam.scim.util.Constants;
import be.personify.iam.scim.util.PropertyFactory;
import be.personify.iam.scim.util.ScimErrorType;
import be.personify.util.SearchCriteria;
import be.personify.util.SearchCriteriaUtil;
import be.personify.util.SearchCriterium;
import be.personify.util.SearchOperation;
import be.personify.util.StringUtils;
import be.personify.util.exception.InvalidFilterException;
import be.personify.util.scim.PatchOperation;
import be.personify.util.scim.ScimMutability;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.http.server.ServletServerHttpRequest;
import org.springframework.web.util.UriComponentsBuilder;

/* loaded from: input_file:be/personify/iam/scim/rest/Controller.class */
public class Controller {
    private static final String SORT_ORDER = "SortOrder";
    private static final String SORT_BY = "SortBy";
    private static final String SCHEMA_VALIDATION = "schema validation : ";
    private static final Logger logger = LogManager.getLogger(Controller.class);

    @Value("${scim.allowIdOnCreate:true}")
    private boolean allowIdOnCreate;

    @Value("${scim.returnGroupsOnUserGet:true}")
    private boolean returnGroupsOnUserGet;

    @Value("${scim.returnGroupsOnUserSearch:true}")
    private boolean returnGroupsOnUserSearch;

    @Value("${scim.returnGroupsOnUser.max:100}")
    private int returnGroupsMax;

    @Value("${scim.returnGroupsOnUser.includedFields:id,displayName}")
    private String returnGroupsIncludedFields;

    @Autowired
    private PropertyFactory propertyFactory;

    @Autowired
    private StorageImplementationFactory storageImplementationFactory;

    @Autowired
    private SchemaReader schemaReader;

    @Autowired
    private PatchUtils patchUtils;
    private Map<String, String> defaultSort = new HashMap();
    private List<String> returnGroupsIncludedFieldsArray = null;
    private SearchCriteriaUtil searchCriteriaUtil = new SearchCriteriaUtil();

    /* JADX INFO: Access modifiers changed from: protected */
    public ResponseEntity<Map<String, Object>> post(Map<String, Object> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SchemaResourceType schemaResourceType, String str, String str2) {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            Schema schemaObject = schemaResourceType.getSchemaObject();
            this.schemaReader.validate(schemaResourceType, map, true, httpServletRequest.getMethod());
            String createId = createId(map);
            map.put(Constants.ID, createId);
            String str3 = UriComponentsBuilder.fromHttpRequest(new ServletServerHttpRequest(httpServletRequest)).build().toUriString() + "/" + createId;
            createMeta(new Date(), createId, map, schemaObject.getName(), str3);
            httpServletResponse.addHeader(Constants.HEADER_LOCATION, str3);
            this.storageImplementationFactory.getStorageImplementation(schemaObject).create(createId, map, CurrentConsumer.getCurrent());
            logger.info("resource of type {} with id {} created in {} ms", schemaObject.getName(), createId, Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
            return new ResponseEntity<>(filterAttributes(schemaObject, map, getListFromString(str), str2), HttpStatus.CREATED);
        } catch (SchemaException e) {
            logger.error("invalid schema in {} ms : {}", Long.valueOf(System.currentTimeMillis() - currentTimeMillis), e.getMessage());
            return showError(400, SCHEMA_VALIDATION + e.getMessage(), ScimErrorType.invalidSyntax);
        } catch (ConfigurationException | DataException e2) {
            return showError(HttpStatus.INTERNAL_SERVER_ERROR.value(), e2.getMessage());
        } catch (ConstraintViolationException e3) {
            logger.error("constraint violation in {} ms : {}", Long.valueOf(System.currentTimeMillis() - currentTimeMillis), e3.getMessage());
            return showError(409, SCHEMA_VALIDATION + e3.getMessage(), ScimErrorType.uniqueness);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResponseEntity<Map<String, Object>> put(String str, Map<String, Object> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SchemaResourceType schemaResourceType, String str2, String str3) {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            try {
                Schema schemaObject = schemaResourceType.getSchemaObject();
                logger.debug("schema {} ", schemaObject);
                this.schemaReader.validate(schemaResourceType, map, true, httpServletRequest.getMethod());
                if (!map.get(Constants.ID).equals(str)) {
                    return showError(400, "id [" + map.get(Constants.ID) + "] given in the data does not match the one in the url [" + str + "]");
                }
                Map<String, Object> map2 = this.storageImplementationFactory.getStorageImplementation(schemaObject).get(str, CurrentConsumer.getCurrent());
                if (map2 == null) {
                    return showError(404, "resource of type " + schemaObject.getName() + " with id " + str + " can not be updated");
                }
                map.put(Constants.KEY_META, map2.get(Constants.KEY_META));
                String uriString = UriComponentsBuilder.fromHttpRequest(new ServletServerHttpRequest(httpServletRequest)).build().toUriString();
                createMeta(new Date(), str, map, schemaObject.getName(), uriString);
                httpServletResponse.addHeader(Constants.HEADER_LOCATION, uriString);
                this.storageImplementationFactory.getStorageImplementation(schemaObject).update(str, map, CurrentConsumer.getCurrent());
                logger.info("resource of type {} with id {} updated in {} ms", schemaObject.getName(), str, Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                return new ResponseEntity<>(filterAttributes(schemaObject, map, getListFromString(str2), str3), HttpStatus.OK);
            } catch (ConfigurationException | DataException e) {
                return showError(HttpStatus.INTERNAL_SERVER_ERROR.value(), e.getMessage());
            }
        } catch (SchemaException e2) {
            logger.error("invalid schema in {} ms : {}", Long.valueOf(System.currentTimeMillis() - currentTimeMillis), e2.getMessage());
            return showError(400, SCHEMA_VALIDATION + e2.getMessage(), ScimErrorType.invalidSyntax);
        } catch (ConstraintViolationException e3) {
            logger.error("constraint violation", e3);
            return showError(409, SCHEMA_VALIDATION + e3.getMessage(), ScimErrorType.uniqueness);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResponseEntity<Map<String, Object>> patch(String str, Map<String, Object> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SchemaResourceType schemaResourceType, String str2, String str3) {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            try {
                Schema schemaObject = schemaResourceType.getSchemaObject();
                this.schemaReader.validate(schemaResourceType, map, false, httpServletRequest.getMethod());
                if (!map.containsKey(Constants.KEY_OPERATIONS)) {
                    return showError(400, "no operations present");
                }
                String uriString = UriComponentsBuilder.fromHttpRequest(new ServletServerHttpRequest(httpServletRequest)).build().toUriString();
                Map<String, Object> map2 = this.storageImplementationFactory.getStorageImplementation(schemaObject).get(str, CurrentConsumer.getCurrent());
                if (map2 == null) {
                    return showError(404, "resource of type " + schemaObject.getName() + " with id " + str + " can not be updated");
                }
                map.put(Constants.KEY_META, map2.get(Constants.KEY_META));
                httpServletResponse.addHeader(Constants.HEADER_LOCATION, uriString);
                for (Map map3 : (List) map.get(Constants.KEY_OPERATIONS)) {
                    if (!map3.containsKey(Constants.KEY_OP)) {
                        return showError(404, "Invalid Operation : " + map3);
                    }
                    PatchOperation valueOf = PatchOperation.valueOf(((String) map3.get(Constants.KEY_OP)).toLowerCase());
                    if (valueOf == null) {
                        return showError(404, "Invalid Operation" + map3);
                    }
                    String str4 = (String) map3.get(Constants.KEY_PATH);
                    Object obj = map3.get(Constants.KEY_VALUE);
                    if (!canPerformAction(schemaObject, valueOf, str4)) {
                        return showError(403, "operation " + valueOf + " is not allowed for path " + str4);
                    }
                    this.patchUtils.patchEntity(map2, valueOf, str4, obj, schemaObject);
                }
                createMeta(new Date(), str, map2, schemaObject.getName(), uriString);
                this.storageImplementationFactory.getStorageImplementation(schemaObject).update(str, map2, CurrentConsumer.getCurrent());
                logger.info("resource of type {} with id {} patched in {} ms", schemaObject.getName(), str, Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                return new ResponseEntity<>(filterAttributes(schemaObject, map2, getListFromString(str2), str3), HttpStatus.OK);
            } catch (ConfigurationException | DataException e) {
                return showError(HttpStatus.INTERNAL_SERVER_ERROR.value(), e.getMessage());
            }
        } catch (SchemaException e2) {
            logger.error("invalid schema in {} ms : {}", Long.valueOf(System.currentTimeMillis() - currentTimeMillis), e2.getMessage());
            return showError(400, SCHEMA_VALIDATION + e2.getMessage(), ScimErrorType.invalidSyntax);
        } catch (ConstraintViolationException e3) {
            logger.error("constraint violation", e3);
            return showError(409, SCHEMA_VALIDATION + e3.getMessage(), ScimErrorType.uniqueness);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResponseEntity<Map<String, Object>> get(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Schema schema, String str2, String str3) {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            Map<String, Object> map = this.storageImplementationFactory.getStorageImplementation(schema).get(str, CurrentConsumer.getCurrent());
            if (map == null) {
                return showError(HttpStatus.NOT_FOUND.value(), "the resource with id " + str + " is not found");
            }
            List<String> listFromString = getListFromString(str2);
            Map<String, Object> filterAttributes = filterAttributes(schema, map, listFromString, str3);
            if (haveToIncludeGroups(schema, listFromString, str3, Constants.HTTP_METHOD_GET)) {
                logger.debug("have to include groups");
                includeGroups(str, filterAttributes);
            }
            ResponseEntity<Map<String, Object>> responseEntity = new ResponseEntity<>(filterAttributes, HttpStatus.OK);
            httpServletResponse.addHeader(Constants.HEADER_LOCATION, UriComponentsBuilder.fromHttpRequest(new ServletServerHttpRequest(httpServletRequest)).build().toUriString());
            logger.info("resource of type {} with id {} fetched in {} ms", schema.getName(), str, Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
            return responseEntity;
        } catch (ConfigurationException | DataException e) {
            return showError(HttpStatus.INTERNAL_SERVER_ERROR.value(), e.getMessage());
        }
    }

    private void includeGroups(String str, Map<String, Object> map) {
        Schema schemaByName = this.schemaReader.getSchemaByName(Constants.RESOURCE_TYPE_GROUP);
        List<Map> search = this.storageImplementationFactory.getStorageImplementation(schemaByName).search(new SearchCriteria(new SearchCriterium[]{new SearchCriterium("members.value", str, SearchOperation.ENDS_WITH)}), 1, this.returnGroupsMax, null, null, CurrentConsumer.getCurrent());
        if (this.returnGroupsIncludedFieldsArray == null) {
            this.returnGroupsIncludedFieldsArray = Arrays.asList(this.returnGroupsIncludedFields.split(","));
        }
        ArrayList arrayList = new ArrayList();
        Iterator<Map> it = search.iterator();
        while (it.hasNext()) {
            arrayList.add(filterAttributes(schemaByName, it.next(), this.returnGroupsIncludedFieldsArray, null));
        }
        map.put(Constants.KEY_GROUPS, arrayList);
    }

    private boolean haveToIncludeGroups(Schema schema, List<String> list, String str, String str2) {
        if (!schema.getName().equalsIgnoreCase(Constants.RESOURCE_TYPE_USER)) {
            return false;
        }
        if (str != null && str.contains(Constants.KEY_GROUPS)) {
            return false;
        }
        if (str2.equalsIgnoreCase(Constants.HTTP_METHOD_GET) && this.returnGroupsOnUserGet) {
            logger.debug("have to return groups for get");
            return true;
        }
        if (!str2.equalsIgnoreCase(Constants.SEARCH) || !this.returnGroupsOnUserSearch) {
            return false;
        }
        logger.debug("have to return groups for search");
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResponseEntity<Map<String, Object>> search(Integer num, Integer num2, Schema schema, String str) {
        return search(num, num2, schema, str, null, null, null, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResponseEntity<Map<String, Object>> search(Integer num, Integer num2, Schema schema, String str, String str2, String str3, String str4, String str5) {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            try {
                SearchCriteria composeSearchCriteriaFromSCIMFilter = this.searchCriteriaUtil.composeSearchCriteriaFromSCIMFilter(str);
                Storage storageImplementation = this.storageImplementationFactory.getStorageImplementation(schema);
                List<String> listFromString = getListFromString(str4);
                if (StringUtils.isEmpty(str2)) {
                    str2 = getSearchDefault(schema, SORT_BY);
                }
                if (StringUtils.isEmpty(str3)) {
                    str3 = getSearchDefault(schema, SORT_ORDER);
                }
                List<Map> search = storageImplementation.search(composeSearchCriteriaFromSCIMFilter, num.intValue(), num2.intValue(), str2, str3, listFromString, CurrentConsumer.getCurrent());
                ArrayList arrayList = new ArrayList();
                if (search == null) {
                    throw new DataException("null value returned from storage layer implemetation, should be empty list");
                }
                for (Map map : search) {
                    if (haveToIncludeGroups(schema, listFromString, str5, Constants.SEARCH)) {
                        includeGroups((String) map.get(Constants.ID), map);
                    }
                    arrayList.add(filterAttributes(schema, map, listFromString, str5));
                }
                HashMap hashMap = new HashMap();
                hashMap.put(Constants.KEY_SCHEMAS, new String[]{Constants.SCHEMA_LISTRESPONSE});
                hashMap.put(Constants.KEY_STARTINDEX, num);
                hashMap.put(Constants.KEY_ITEMSPERPAGE, num2);
                hashMap.put(Constants.KEY_TOTALRESULTS, Long.valueOf(storageImplementation.count(composeSearchCriteriaFromSCIMFilter, CurrentConsumer.getCurrent())));
                hashMap.put(Constants.KEY_RESOURCES, arrayList);
                ResponseEntity<Map<String, Object>> responseEntity = new ResponseEntity<>(hashMap, HttpStatus.OK);
                logger.info("resources of type {} start [{}] count[{}] filter [{}] fetched in {} ms", schema.getName(), num, num2, str, Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                return responseEntity;
            } catch (InvalidFilterException e) {
                return showError(HttpStatus.BAD_REQUEST.value(), "the filter [" + str + "] is not correct : " + e.getMessage(), ScimErrorType.invalidFilter);
            }
        } catch (ConfigurationException | DataException e2) {
            return showError(HttpStatus.INTERNAL_SERVER_ERROR.value(), e2.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResponseEntity<?> delete(String str, Schema schema) {
        long currentTimeMillis = System.currentTimeMillis();
        if (this.storageImplementationFactory.getStorageImplementation(schema).get(str, CurrentConsumer.getCurrent()) == null) {
            return showError(HttpStatus.NOT_FOUND.value(), "the resource with id " + str + " is not found");
        }
        if (!this.storageImplementationFactory.getStorageImplementation(schema).delete(str, CurrentConsumer.getCurrent())) {
            return showError(400, "could not delete resource of type " + schema.getName() + " with id " + str);
        }
        ResponseEntity<?> responseEntity = new ResponseEntity<>(HttpStatus.NO_CONTENT);
        if (schema.getName().equalsIgnoreCase(Constants.RESOURCE_TYPE_USER)) {
            deleteUserFromMembers(str);
        }
        logger.info("resource of type {} with id {} deleted in {} ms", schema.getName(), str, Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        return responseEntity;
    }

    private void deleteUserFromMembers(String str) {
        Storage storageImplementation = this.storageImplementationFactory.getStorageImplementation(this.schemaReader.getSchemaByName(Constants.RESOURCE_TYPE_GROUP));
        List<Map> search = storageImplementation.search(new SearchCriteria(new SearchCriterium[]{new SearchCriterium("members.value", str)}), 1, Integer.MAX_VALUE, null, null, CurrentConsumer.getCurrent());
        if (search == null || search.size() <= 0) {
            return;
        }
        logger.info("found {} groups containing the deleted user", Integer.valueOf(search.size()));
        for (Map<String, Object> map : search) {
            String str2 = (String) map.get(Constants.ID);
            ArrayList arrayList = new ArrayList();
            for (Map map2 : (List) map.get(Constants.KEY_MEMBERS)) {
                if (!map2.get(Constants.KEY_VALUE).equals(str)) {
                    arrayList.add(map2);
                }
            }
            map.put(Constants.KEY_MEMBERS, arrayList);
            try {
                storageImplementation.update(str2, map, CurrentConsumer.getCurrent());
                logger.info("updated group {} containing the deleted user {}", str2, str);
            } catch (Exception e) {
                logger.error("can not remove user from group", e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v20, types: [java.util.Map] */
    public void createMeta(Date date, String str, Map<String, Object> map, String str2, String str3) {
        logger.debug("create meta {} {} {} {} {}", date, str, map, str2, str3);
        HashMap hashMap = new HashMap();
        String format = new SimpleDateFormat(Constants.DATEFORMAT_STRING, Locale.US).format(date);
        if (map.containsKey(Constants.KEY_META)) {
            hashMap = (Map) map.get(Constants.KEY_META);
            if (hashMap == null) {
                hashMap = new HashMap();
            }
        } else {
            hashMap.put(Constants.KEY_CREATED, format);
        }
        hashMap.put(Constants.KEY_RESOURCE_TYPE, str2);
        hashMap.put(Constants.KEY_LAST_MODIFIED, format);
        hashMap.put(Constants.KEY_VERSION, createVersion(date));
        hashMap.put(Constants.KEY_LOCATION, str3);
        map.put(Constants.KEY_META, hashMap);
    }

    private String getSearchDefault(Schema schema, String str) {
        String str2 = schema.getName() + "." + str;
        if (this.defaultSort.containsKey(str2)) {
            return this.defaultSort.get(str2);
        }
        String property = this.propertyFactory.getProperty("scim.search." + schema.getName() + ".default" + str);
        if (StringUtils.isEmpty(property)) {
            property = "";
        }
        logger.info("putting default sort for type {} schema {} to value {}", str, schema.getName(), property);
        this.defaultSort.put(str2, property);
        return property;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String createVersion(Date date) {
        return "" + date.getTime();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResponseEntity<Map<String, Object>> showError(int i, String str) {
        return showError(i, str, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResponseEntity<Map<String, Object>> showError(int i, String str, ScimErrorType scimErrorType) {
        HashMap hashMap = new HashMap();
        hashMap.put(Constants.KEY_SCHEMAS, Constants.SCHEMA_ERROR);
        if (scimErrorType != null) {
            hashMap.put(Constants.KEY_SCIMTYPE, scimErrorType);
        }
        hashMap.put(Constants.KEY_DETAIL, str);
        hashMap.put(Constants.KEY_STATUS, "" + i);
        return new ResponseEntity<>(hashMap, HttpStatus.valueOf(i));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, Object> filterAttributes(Schema schema, Map<String, Object> map, List<String> list, String str) {
        HashMap hashMap = new HashMap();
        hashMap.putAll(map);
        List<String> listFromString = getListFromString(str);
        for (SchemaAttribute schemaAttribute : schema.getAttributes()) {
            if (schemaAttribute.getReturned().equalsIgnoreCase(Constants.RETURNED_NEVER)) {
                hashMap.remove(schemaAttribute.getName());
            }
            if (list == null || list.size() <= 0) {
                if (listFromString != null && listFromString.size() > 0 && !schemaAttribute.getReturned().equalsIgnoreCase(Constants.RETURNED_ALWAYS) && listFromString.contains(schemaAttribute.getName())) {
                    hashMap.remove(schemaAttribute.getName());
                }
            } else if (!schemaAttribute.getReturned().equalsIgnoreCase(Constants.RETURNED_ALWAYS) && !list.contains(schemaAttribute.getName())) {
                hashMap.remove(schemaAttribute.getName());
            }
        }
        if (list == null || list.size() <= 0) {
            if (listFromString != null && listFromString.size() > 0 && listFromString.contains(Constants.KEY_META)) {
                hashMap.remove(Constants.KEY_META);
            }
        } else if (!list.contains(Constants.KEY_META)) {
            hashMap.remove(Constants.KEY_META);
        }
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<String> getListFromString(String str) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        return Arrays.asList(str.split(","));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String createId(Map<String, Object> map) {
        Object obj = map.get(Constants.ID);
        if (this.allowIdOnCreate && obj != null) {
            return obj.toString();
        }
        return UUID.randomUUID().toString();
    }

    protected ResponseEntity<Map<String, Object>> invalidSchemaForEndpoint(List<String> list, String str) {
        return showError(400, "for type " + str + " content is not compliant with schemas " + list.toString(), ScimErrorType.invalidSyntax);
    }

    protected ResponseEntity<Map<String, Object>> invalidSchemaForResource(String str, String str2) {
        return showError(400, "for patching " + str + ", given schemas is not containing " + str2, ScimErrorType.invalidSyntax);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResponseEntity<Map<String, Object>> missingRequiredSchemaForResource(SchemaResourceType schemaResourceType, String str) {
        return showError(400, "the required schema " + str + " for resourcetype " + schemaResourceType.getName() + " is not present in the body ", ScimErrorType.invalidSyntax);
    }

    private boolean canPerformAction(Schema schema, PatchOperation patchOperation, String str) {
        logger.debug("operation {} path {}", patchOperation, str);
        if (str == null) {
            return true;
        }
        if (str.startsWith(Constants.URN)) {
            String substring = str.substring(0, str.lastIndexOf(":"));
            String substring2 = str.substring(str.lastIndexOf(":") + 1, str.length());
            logger.debug("custom schema string {}", substring);
            Schema schema2 = this.schemaReader.getSchema(substring);
            logger.debug("custom schema {}", schema2);
            return canPreformActionOnAttribute(patchOperation, schema2.getAttribute(substring2));
        }
        if (str.indexOf(".") == -1) {
            return canPreformActionOnAttribute(patchOperation, schema.getAttribute(str));
        }
        String[] split = str.split("\\.");
        if (split.length != 2) {
            logger.info("authorization check skipped for operation {}, path {} containing more then two levels of depth", patchOperation, str);
            return true;
        }
        SchemaAttribute attribute = schema.getAttribute(removeExpression(split[0]));
        if (attribute != null && !canPreformActionOnAttribute(patchOperation, attribute)) {
            return false;
        }
        SchemaAttribute subAttribute = attribute.getSubAttribute(removeExpression(split[1]));
        return subAttribute == null || canPreformActionOnAttribute(patchOperation, subAttribute);
    }

    private String removeExpression(String str) {
        int indexOf = str.indexOf("[");
        int indexOf2 = str.indexOf("]");
        logger.debug("start {} end {}", Integer.valueOf(indexOf), Integer.valueOf(indexOf2));
        if (indexOf != -1 && indexOf2 != -1) {
            str = str.substring(0, indexOf) + str.substring(indexOf2 + 1, str.length());
        }
        logger.debug("removed expression {}", str);
        return str;
    }

    private boolean canPreformActionOnAttribute(PatchOperation patchOperation, SchemaAttribute schemaAttribute) {
        if (schemaAttribute != null && !StringUtils.isEmpty(schemaAttribute.getMutability())) {
            ScimMutability valueOf = ScimMutability.valueOf(schemaAttribute.getMutability());
            if (patchOperation == PatchOperation.add) {
                if (valueOf == ScimMutability.immutable || valueOf == ScimMutability.readOnly) {
                    return false;
                }
            } else if (patchOperation == PatchOperation.remove) {
                if (valueOf == ScimMutability.immutable || valueOf == ScimMutability.readOnly) {
                    return false;
                }
            } else if (patchOperation == PatchOperation.replace && (valueOf == ScimMutability.immutable || valueOf == ScimMutability.readOnly)) {
                return false;
            }
        }
        return (schemaAttribute.isRequired() && patchOperation == PatchOperation.remove) ? false : true;
    }
}
