package com.atlassian.crowd.manager.directory;

import com.atlassian.crowd.dao.application.ApplicationDAO;
import com.atlassian.crowd.directory.BatchingRemoteDirectory;
import com.atlassian.crowd.directory.RemoteDirectory;
import com.atlassian.crowd.directory.loader.DirectoryInstanceLoader;
import com.atlassian.crowd.embedded.spi.DirectoryDao;
import com.atlassian.crowd.event.directory.DirectoryCreatedEvent;
import com.atlassian.crowd.event.directory.DirectoryDeletedEvent;
import com.atlassian.crowd.event.directory.DirectoryUpdatedEvent;
import com.atlassian.crowd.event.group.GroupAttributeDeletedEvent;
import com.atlassian.crowd.event.group.GroupAttributeStoredEvent;
import com.atlassian.crowd.event.group.GroupCreatedEvent;
import com.atlassian.crowd.event.group.GroupDeletedEvent;
import com.atlassian.crowd.event.group.GroupMembershipCreatedEvent;
import com.atlassian.crowd.event.group.GroupMembershipDeletedEvent;
import com.atlassian.crowd.event.group.GroupUpdatedEvent;
import com.atlassian.crowd.event.user.ResetPasswordEvent;
import com.atlassian.crowd.event.user.UserAttributeDeletedEvent;
import com.atlassian.crowd.event.user.UserAttributeStoredEvent;
import com.atlassian.crowd.event.user.UserCreatedEvent;
import com.atlassian.crowd.event.user.UserCredentialUpdatedEvent;
import com.atlassian.crowd.event.user.UserDeletedEvent;
import com.atlassian.crowd.event.user.UserUpdatedEvent;
import com.atlassian.crowd.exception.DirectoryAccessException;
import com.atlassian.crowd.exception.DirectoryInstantiationException;
import com.atlassian.crowd.exception.DirectoryNotFoundException;
import com.atlassian.crowd.exception.GroupNotFoundException;
import com.atlassian.crowd.exception.InvalidCredentialException;
import com.atlassian.crowd.exception.InvalidEmailAddressException;
import com.atlassian.crowd.exception.InvalidGroupException;
import com.atlassian.crowd.exception.InvalidMembershipException;
import com.atlassian.crowd.exception.InvalidUserException;
import com.atlassian.crowd.exception.MembershipNotFoundException;
import com.atlassian.crowd.exception.ObjectNotFoundException;
import com.atlassian.crowd.exception.UserNotFoundException;
import com.atlassian.crowd.manager.permission.PermissionManager;
import com.atlassian.crowd.model.authentication.PasswordCredential;
import com.atlassian.crowd.model.directory.Directory;
import com.atlassian.crowd.model.directory.OperationType;
import com.atlassian.crowd.model.group.Group;
import com.atlassian.crowd.model.group.GroupTemplate;
import com.atlassian.crowd.model.group.GroupType;
import com.atlassian.crowd.model.group.GroupWithAttributes;
import com.atlassian.crowd.model.membership.MembershipType;
import com.atlassian.crowd.model.user.User;
import com.atlassian.crowd.model.user.UserTemplate;
import com.atlassian.crowd.model.user.UserTemplateWithCredentialAndAttributes;
import com.atlassian.crowd.model.user.UserWithAttributes;
import com.atlassian.crowd.search.Entity;
import com.atlassian.crowd.search.EntityDescriptor;
import com.atlassian.crowd.search.builder.QueryBuilder;
import com.atlassian.crowd.search.query.entity.EntityQuery;
import com.atlassian.crowd.search.query.membership.MembershipQuery;
import com.atlassian.crowd.search.util.SearchResultsUtil;
import com.atlassian.crowd.util.I18nHelper;
import com.atlassian.crowd.util.PasswordHelper;
import com.atlassian.event.api.EventPublisher;
import com.google.common.base.Preconditions;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/atlassian/crowd/manager/directory/DirectoryManagerGeneric.class */
public class DirectoryManagerGeneric implements DirectoryManager {
    private final Logger logger = Logger.getLogger(getClass());
    private final DirectoryDao directoryDao;
    private final ApplicationDAO applicationDAO;
    private final EventPublisher eventPublisher;
    private final PermissionManager permissionManager;
    private final PasswordHelper passwordHelper;
    private final I18nHelper i18nHelper;
    private final DirectoryInstanceLoader directoryInstanceLoader;

    public DirectoryManagerGeneric(DirectoryDao directoryDao, ApplicationDAO applicationDAO, EventPublisher eventPublisher, PermissionManager permissionManager, PasswordHelper passwordHelper, I18nHelper i18nHelper, DirectoryInstanceLoader directoryInstanceLoader) {
        this.directoryDao = (DirectoryDao) Preconditions.checkNotNull(directoryDao);
        this.applicationDAO = (ApplicationDAO) Preconditions.checkNotNull(applicationDAO);
        this.eventPublisher = (EventPublisher) Preconditions.checkNotNull(eventPublisher);
        this.permissionManager = (PermissionManager) Preconditions.checkNotNull(permissionManager);
        this.passwordHelper = (PasswordHelper) Preconditions.checkNotNull(passwordHelper);
        this.i18nHelper = (I18nHelper) Preconditions.checkNotNull(i18nHelper);
        this.directoryInstanceLoader = (DirectoryInstanceLoader) Preconditions.checkNotNull(directoryInstanceLoader);
    }

    public Directory addDirectory(Directory directory) throws DirectoryInstantiationException {
        directory.getRawImplementation();
        Directory add = this.directoryDao.add(directory);
        this.eventPublisher.publish(new DirectoryCreatedEvent(this, directory));
        return add;
    }

    public Directory findDirectoryById(long j) {
        return this.directoryDao.findById(j);
    }

    public List<Directory> findAllDirectories() {
        return searchDirectories(QueryBuilder.queryFor(Directory.class, EntityDescriptor.directory()).returningAtMost(-1));
    }

    public List<Directory> searchDirectories(EntityQuery entityQuery) {
        return this.directoryDao.search(entityQuery);
    }

    public Directory findDirectoryByName(String str) {
        return this.directoryDao.findByName(str);
    }

    public Directory updateDirectory(Directory directory) {
        if (directory.getId() == null) {
            throw new DirectoryNotFoundException(directory.getId());
        }
        findDirectoryById(directory.getId().longValue());
        Directory update = this.directoryDao.update(directory);
        this.eventPublisher.publish(new DirectoryUpdatedEvent(this, update));
        return update;
    }

    public void removeDirectory(Directory directory) {
        this.applicationDAO.removeDirectoryMappings(directory.getId().longValue());
        this.directoryDao.remove(directory);
        this.eventPublisher.publish(new DirectoryDeletedEvent(this, directory));
    }

    private RemoteDirectory getDirectoryImplementation(long j) throws DirectoryInstantiationException {
        return this.directoryInstanceLoader.getDirectory(findDirectoryById(j));
    }

    public User findUserByName(long j, String str) throws DirectoryAccessException {
        try {
            return getDirectoryImplementation(j).findUserByName(str);
        } catch (ObjectNotFoundException e) {
            throw new UserNotFoundException(str, e);
        }
    }

    public UserWithAttributes findUserWithAttributesByName(long j, String str) throws DirectoryAccessException {
        try {
            return getDirectoryImplementation(j).findUserWithAttributesByName(str);
        } catch (ObjectNotFoundException e) {
            throw new UserNotFoundException(str, e);
        }
    }

    public <T> List<T> searchUsers(long j, EntityQuery<T> entityQuery) throws DirectoryAccessException {
        return getDirectoryImplementation(j).searchUsers(entityQuery);
    }

    public User addUser(long j, UserTemplate userTemplate, PasswordCredential passwordCredential) throws InvalidCredentialException, InvalidUserException, DirectoryAccessException, DirectoryPermissionException {
        try {
            findUserByName(j, userTemplate.getName());
            throw new InvalidUserException(userTemplate, "User already exists");
        } catch (UserNotFoundException e) {
            Directory findDirectoryById = findDirectoryById(j);
            if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.CREATE_USER)) {
                throw new DirectoryPermissionException(this.i18nHelper.getText("permission.directory.exception.add.principal"));
            }
            try {
                User addUser = getDirectoryImplementation(j).addUser(userTemplate, passwordCredential);
                this.eventPublisher.publish(new UserCreatedEvent(this, findDirectoryById, addUser));
                return addUser;
            } catch (ObjectNotFoundException e2) {
                throw new UserNotFoundException(userTemplate.getName(), e2);
            }
        }
    }

    public User updateUser(long j, UserTemplate userTemplate) throws DirectoryAccessException, DirectoryPermissionException, InvalidUserException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText("permission.directory.exception.modify.principal"));
        }
        try {
            User updateUser = getDirectoryImplementation(j).updateUser(userTemplate);
            this.eventPublisher.publish(new UserUpdatedEvent(this, findDirectoryById, updateUser));
            return updateUser;
        } catch (ObjectNotFoundException e) {
            throw new UserNotFoundException(userTemplate.getName(), e);
        }
    }

    public User renameUser(long j, String str, String str2) throws DirectoryAccessException, DirectoryPermissionException, InvalidUserException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText("permission.directory.exception.modify.principal"));
        }
        try {
            User renameUser = getDirectoryImplementation(j).renameUser(str, str2);
            this.eventPublisher.publish(new UserUpdatedEvent(this, findDirectoryById, renameUser));
            return renameUser;
        } catch (ObjectNotFoundException e) {
            throw new UserNotFoundException(str, e);
        }
    }

    public void storeUserAttributes(long j, String str, Map<String, List<String>> map) throws DirectoryAccessException, DirectoryPermissionException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText("permission.directory.exception.modify.principal"));
        }
        try {
            getDirectoryImplementation(j).storeUserAttributes(str, map);
            this.eventPublisher.publish(new UserAttributeStoredEvent(this, findDirectoryById, getDirectoryImplementation(j).findUserByName(str), map));
        } catch (ObjectNotFoundException e) {
            throw new UserNotFoundException(str, e);
        }
    }

    public void removeUserAttributes(long j, String str, String str2) throws DirectoryAccessException, DirectoryPermissionException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText("permission.directory.exception.modify.principal"));
        }
        try {
            getDirectoryImplementation(j).removeUserAttributes(str, str2);
            this.eventPublisher.publish(new UserAttributeDeletedEvent(this, findDirectoryById, getDirectoryImplementation(j).findUserByName(str), str2));
        } catch (ObjectNotFoundException e) {
            throw new UserNotFoundException(str, e);
        }
    }

    public void updateUserCredential(long j, String str, PasswordCredential passwordCredential) throws DirectoryAccessException, DirectoryPermissionException, InvalidCredentialException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText("permission.directory.exception.modify.principal"));
        }
        try {
            getDirectoryImplementation(j).updateUserCredential(str, passwordCredential);
            this.eventPublisher.publish(new UserCredentialUpdatedEvent(this, findDirectoryById, str, passwordCredential));
        } catch (ObjectNotFoundException e) {
            throw new UserNotFoundException(str, e);
        }
    }

    public void resetPassword(long j, String str) throws DirectoryAccessException, InvalidEmailAddressException, DirectoryPermissionException, InvalidCredentialException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.UPDATE_USER)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText("permission.directory.exception.modify.principal"));
        }
        String generateRandomPassword = this.passwordHelper.generateRandomPassword();
        PasswordCredential passwordCredential = new PasswordCredential(generateRandomPassword);
        try {
            User findUserByName = getDirectoryImplementation(j).findUserByName(str);
            if (!StringUtils.isNotBlank(findUserByName.getEmailAddress())) {
                throw new InvalidEmailAddressException(this.i18nHelper.getText("principal.resetpassword.error.blank"));
            }
            try {
                getDirectoryImplementation(j).updateUserCredential(str, passwordCredential);
                this.eventPublisher.publish(new ResetPasswordEvent(this, findDirectoryById, findUserByName, generateRandomPassword));
            } catch (ObjectNotFoundException e) {
                throw new UserNotFoundException(str, e);
            }
        } catch (ObjectNotFoundException e2) {
            throw new UserNotFoundException(str, e2);
        }
    }

    public void removeUser(long j, String str) throws DirectoryPermissionException, DirectoryAccessException {
        Directory findDirectoryById = findDirectoryById(j);
        if (!this.permissionManager.hasPermission(findDirectoryById, OperationType.DELETE_USER)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText("permission.directory.exception.remove.principal"));
        }
        try {
            getDirectoryImplementation(j).removeUser(str);
            this.eventPublisher.publish(new UserDeletedEvent(this, findDirectoryById, str));
        } catch (ObjectNotFoundException e) {
            throw new UserNotFoundException(str, e);
        }
    }

    public Group findGroupByName(long j, String str) throws DirectoryAccessException, GroupNotFoundException {
        try {
            return getDirectoryImplementation(j).findGroupByName(str);
        } catch (ObjectNotFoundException e) {
            throw new GroupNotFoundException(str, e);
        }
    }

    public GroupWithAttributes findGroupWithAttributesByName(long j, String str) throws DirectoryAccessException, GroupNotFoundException {
        try {
            return getDirectoryImplementation(j).findGroupWithAttributesByName(str);
        } catch (ObjectNotFoundException e) {
            throw new GroupNotFoundException(str, e);
        }
    }

    public <T> List<T> searchGroups(long j, EntityQuery<T> entityQuery) throws DirectoryAccessException {
        return getDirectoryImplementation(j).searchGroups(entityQuery);
    }

    public Group addGroup(long j, GroupTemplate groupTemplate) throws InvalidGroupException, DirectoryAccessException, DirectoryPermissionException, GroupNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        try {
            findGroupByName(j, groupTemplate.getName());
            throw new InvalidGroupException(groupTemplate, "Group with name <" + groupTemplate.getName() + "> already exists in directory <" + findDirectoryById.getName() + ">");
        } catch (GroupNotFoundException e) {
            OperationType operationType = GroupType.GROUP.equals(groupTemplate.getType()) ? OperationType.CREATE_GROUP : OperationType.CREATE_ROLE;
            if (!this.permissionManager.hasPermission(findDirectoryById, operationType)) {
                throw new DirectoryPermissionException(this.i18nHelper.getText(OperationType.CREATE_GROUP.equals(operationType) ? "permission.directory.exception.add.group" : "permission.directory.exception.add.role"));
            }
            try {
                Group addGroup = getDirectoryImplementation(j).addGroup(groupTemplate);
                this.eventPublisher.publish(new GroupCreatedEvent(this, findDirectoryById, addGroup));
                return addGroup;
            } catch (ObjectNotFoundException e2) {
                throw new GroupNotFoundException(groupTemplate.getName(), e2);
            }
        }
    }

    public Group updateGroup(long j, GroupTemplate groupTemplate) throws DirectoryAccessException, DirectoryPermissionException, InvalidGroupException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType operationType = GroupType.GROUP.equals(groupTemplate.getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        if (!this.permissionManager.hasPermission(findDirectoryById, operationType)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText(OperationType.UPDATE_GROUP.equals(operationType) ? "permission.directory.exception.modify.group" : "permission.directory.exception.modify.role"));
        }
        try {
            Group updateGroup = getDirectoryImplementation(j).updateGroup(groupTemplate);
            this.eventPublisher.publish(new GroupUpdatedEvent(this, findDirectoryById, updateGroup));
            return updateGroup;
        } catch (ObjectNotFoundException e) {
            throw new GroupNotFoundException(groupTemplate.getName());
        }
    }

    public Group renameGroup(long j, String str, String str2) throws DirectoryAccessException, DirectoryPermissionException, InvalidGroupException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(j, str).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        if (!this.permissionManager.hasPermission(findDirectoryById, operationType)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText(OperationType.UPDATE_GROUP.equals(operationType) ? "permission.directory.exception.modify.group" : "permission.directory.exception.modify.role"));
        }
        try {
            Group renameGroup = getDirectoryImplementation(j).renameGroup(str, str2);
            this.eventPublisher.publish(new GroupUpdatedEvent(this, findDirectoryById, renameGroup));
            return renameGroup;
        } catch (ObjectNotFoundException e) {
            throw new GroupNotFoundException(str, e);
        }
    }

    public void storeGroupAttributes(long j, String str, Map<String, List<String>> map) throws DirectoryAccessException, DirectoryPermissionException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(j, str).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        if (!this.permissionManager.hasPermission(findDirectoryById, operationType)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText(OperationType.UPDATE_GROUP.equals(operationType) ? "permission.directory.exception.modify.group" : "permission.directory.exception.modify.role"));
        }
        try {
            getDirectoryImplementation(j).storeGroupAttributes(str, map);
            this.eventPublisher.publish(new GroupAttributeStoredEvent(this, findDirectoryById, findGroupByName(j, str), map));
        } catch (ObjectNotFoundException e) {
            throw new GroupNotFoundException(str, e);
        }
    }

    public void removeGroupAttributes(long j, String str, String str2) throws DirectoryAccessException, DirectoryPermissionException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(j, str).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        if (!this.permissionManager.hasPermission(findDirectoryById, operationType)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText(OperationType.UPDATE_GROUP.equals(operationType) ? "permission.directory.exception.modify.group" : "permission.directory.exception.modify.role"));
        }
        try {
            getDirectoryImplementation(j).removeGroupAttributes(str, str2);
            this.eventPublisher.publish(new GroupAttributeDeletedEvent(this, findDirectoryById, findGroupByName(j, str), str2));
        } catch (ObjectNotFoundException e) {
            throw new GroupNotFoundException(str, e);
        }
    }

    public void removeGroup(long j, String str) throws DirectoryPermissionException, DirectoryAccessException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(j, str).getType()) ? OperationType.DELETE_GROUP : OperationType.DELETE_ROLE;
        if (!this.permissionManager.hasPermission(findDirectoryById, operationType)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText(OperationType.DELETE_GROUP.equals(operationType) ? "permission.directory.exception.remove.group" : "permission.directory.exception.remove.role"));
        }
        try {
            getDirectoryImplementation(j).removeGroup(str);
            this.applicationDAO.removeGroupMappings(j, str);
            this.eventPublisher.publish(new GroupDeletedEvent(this, findDirectoryById, str));
        } catch (ObjectNotFoundException e) {
            throw new GroupNotFoundException(str, e);
        }
    }

    public boolean isUserDirectGroupMember(long j, String str, String str2) throws DirectoryAccessException {
        return getDirectoryImplementation(j).isUserDirectGroupMember(str, str2);
    }

    public boolean isGroupDirectGroupMember(long j, String str, String str2) throws DirectoryAccessException {
        if (str.equals(str2)) {
            return false;
        }
        RemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        if (directoryImplementation.supportsNestedGroups()) {
            return directoryImplementation.isGroupDirectGroupMember(str, str2);
        }
        return false;
    }

    public void addUserToGroup(long j, String str, String str2) throws DirectoryPermissionException, DirectoryAccessException {
        if (isUserDirectGroupMember(j, str, str2)) {
            return;
        }
        Directory findDirectoryById = findDirectoryById(j);
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(j, str2).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        if (!this.permissionManager.hasPermission(findDirectoryById, operationType)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText(OperationType.UPDATE_GROUP.equals(operationType) ? "permission.directory.exception.modify.group" : "permission.directory.exception.modify.role"));
        }
        try {
            getDirectoryImplementation(j).addUserToGroup(str, str2);
            this.eventPublisher.publish(new GroupMembershipCreatedEvent(this, findDirectoryById, str, str2, MembershipType.GROUP_USER));
        } catch (ObjectNotFoundException e) {
            throw new UserNotFoundException(str, e);
        }
    }

    public void addGroupToGroup(long j, String str, String str2) throws DirectoryPermissionException, DirectoryAccessException, InvalidMembershipException {
        RemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        if (!directoryImplementation.supportsNestedGroups()) {
            throw new UnsupportedOperationException("Directory with id [" + j + "] does not support nested groups");
        }
        if (isGroupDirectGroupMember(j, str, str2)) {
            return;
        }
        Directory findDirectoryById = findDirectoryById(j);
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(j, str2).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        if (!this.permissionManager.hasPermission(findDirectoryById, operationType)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText(OperationType.UPDATE_GROUP.equals(operationType) ? "permission.directory.exception.modify.group" : "permission.directory.exception.modify.role"));
        }
        if (str.equals(str2)) {
            throw new InvalidMembershipException("Cannot add direct circular group membership reference");
        }
        try {
            directoryImplementation.addGroupToGroup(str, str2);
            this.eventPublisher.publish(new GroupMembershipCreatedEvent(this, findDirectoryById, str, str2, MembershipType.GROUP_GROUP));
        } catch (ObjectNotFoundException e) {
            throw new GroupNotFoundException(str, e);
        }
    }

    public void removeUserFromGroup(long j, String str, String str2) throws DirectoryPermissionException, DirectoryAccessException, MembershipNotFoundException {
        Directory findDirectoryById = findDirectoryById(j);
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(j, str2).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        if (!this.permissionManager.hasPermission(findDirectoryById, operationType)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText(OperationType.UPDATE_GROUP.equals(operationType) ? "permission.directory.exception.modify.group" : "permission.directory.exception.modify.role"));
        }
        try {
            getDirectoryImplementation(j).removeUserFromGroup(str, str2);
            this.eventPublisher.publish(new GroupMembershipDeletedEvent(this, findDirectoryById, str, str2, MembershipType.GROUP_USER));
        } catch (ObjectNotFoundException e) {
            throw new UserNotFoundException(str, e);
        }
    }

    public void removeGroupFromGroup(long j, String str, String str2) throws DirectoryPermissionException, DirectoryAccessException, InvalidMembershipException, MembershipNotFoundException {
        RemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        if (!directoryImplementation.supportsNestedGroups()) {
            throw new UnsupportedOperationException("Directory with id [" + j + "] does not support nested groups");
        }
        Directory findDirectoryById = findDirectoryById(j);
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(j, str2).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        if (!this.permissionManager.hasPermission(findDirectoryById, operationType)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText(OperationType.UPDATE_GROUP.equals(operationType) ? "permission.directory.exception.modify.group" : "permission.directory.exception.modify.role"));
        }
        if (str.equals(str2)) {
            throw new InvalidMembershipException("Cannot remove direct circular group membership reference");
        }
        try {
            directoryImplementation.removeGroupFromGroup(str, str2);
            this.eventPublisher.publish(new GroupMembershipDeletedEvent(this, findDirectoryById, str, str2, MembershipType.GROUP_GROUP));
        } catch (ObjectNotFoundException e) {
            throw new GroupNotFoundException(str, e);
        }
    }

    public <T> List<T> searchDirectGroupRelationships(long j, MembershipQuery<T> membershipQuery) throws DirectoryAccessException {
        RemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        return (!directoryImplementation.supportsNestedGroups() && membershipQuery.getEntityToMatch().getEntityType() == Entity.GROUP && membershipQuery.getEntityToReturn().getEntityType() == Entity.GROUP) ? Collections.emptyList() : (directoryImplementation.isRolesDisabled() && ((membershipQuery.getEntityToMatch().getEntityType() == Entity.GROUP && membershipQuery.getEntityToMatch().getGroupType() == GroupType.LEGACY_ROLE) || (membershipQuery.getEntityToReturn().getEntityType() == Entity.GROUP && membershipQuery.getEntityToReturn().getGroupType() == GroupType.LEGACY_ROLE))) ? Collections.emptyList() : getDirectoryImplementation(j).searchGroupRelationships(membershipQuery);
    }

    public boolean isUserNestedGroupMember(long j, String str, String str2) throws DirectoryAccessException {
        return getDirectoryImplementation(j).supportsNestedGroups() ? isUserNestedGroupMember(j, str, str2, new HashSet()) : isUserDirectGroupMember(j, str, str2);
    }

    private boolean isUserNestedGroupMember(long j, String str, String str2, Set<String> set) throws DirectoryAccessException {
        if (set.contains(str2.toLowerCase())) {
            return false;
        }
        boolean isUserDirectGroupMember = isUserDirectGroupMember(j, str, str2);
        set.add(str2.toLowerCase());
        if (!isUserDirectGroupMember) {
            Iterator it = searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group()).membersOf(EntityDescriptor.group()).withName(str2).returningAtMost(-1)).iterator();
            while (it.hasNext()) {
                isUserDirectGroupMember = isUserNestedGroupMember(j, str, ((Group) it.next()).getName(), set);
                if (isUserDirectGroupMember) {
                    break;
                }
            }
        }
        return isUserDirectGroupMember;
    }

    public boolean isGroupNestedGroupMember(long j, String str, String str2) throws DirectoryAccessException {
        if (str.equals(str2)) {
            return false;
        }
        return getDirectoryImplementation(j).supportsNestedGroups() ? isGroupNestedGroupMember(j, str, str2, new HashSet()) : isGroupDirectGroupMember(j, str, str2);
    }

    private boolean isGroupNestedGroupMember(long j, String str, String str2, Set<String> set) throws DirectoryAccessException {
        if (set.contains(str2.toLowerCase())) {
            return false;
        }
        boolean isGroupDirectGroupMember = isGroupDirectGroupMember(j, str, str2);
        set.add(str2.toLowerCase());
        if (!isGroupDirectGroupMember) {
            Iterator it = searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group()).membersOf(EntityDescriptor.group()).withName(str2).returningAtMost(-1)).iterator();
            while (it.hasNext()) {
                isGroupDirectGroupMember = isGroupNestedGroupMember(j, str, ((Group) it.next()).getName(), set);
                if (isGroupDirectGroupMember) {
                    break;
                }
            }
        }
        return isGroupDirectGroupMember;
    }

    public <T> List<T> searchNestedGroupRelationships(long j, MembershipQuery<T> membershipQuery) throws DirectoryAccessException {
        List<User> findNestedGroupMembershipsOfGroup;
        if (!getDirectoryImplementation(j).supportsNestedGroups()) {
            return searchDirectGroupRelationships(j, membershipQuery);
        }
        int startIndex = membershipQuery.getStartIndex() + membershipQuery.getMaxResults();
        if (membershipQuery.getMaxResults() == -1) {
            startIndex = -1;
        }
        if (membershipQuery.isFindMembers()) {
            if (membershipQuery.getEntityToMatch().getEntityType() != Entity.GROUP) {
                throw new IllegalArgumentException("You can only find the GROUP or USER members of a GROUP");
            }
            if (membershipQuery.getEntityToReturn().getEntityType() == Entity.USER) {
                findNestedGroupMembershipsOfGroup = findNestedUserMembersOfGroup(j, membershipQuery.getEntityNameToMatch(), membershipQuery.getEntityToMatch().getGroupType(), startIndex);
            } else {
                if (membershipQuery.getEntityToReturn().getEntityType() != Entity.GROUP) {
                    throw new IllegalArgumentException("You can only find the GROUP or USER members of a GROUP");
                }
                findNestedGroupMembershipsOfGroup = findNestedGroupMembersOfGroup(j, membershipQuery.getEntityNameToMatch(), membershipQuery.getEntityToMatch().getGroupType(), startIndex);
            }
        } else {
            if (membershipQuery.getEntityToReturn().getEntityType() != Entity.GROUP) {
                throw new IllegalArgumentException("You can only find the GROUP memberships of USER or GROUP");
            }
            if (membershipQuery.getEntityToMatch().getEntityType() == Entity.USER) {
                findNestedGroupMembershipsOfGroup = findNestedGroupMembershipsOfUser(j, membershipQuery.getEntityNameToMatch(), membershipQuery.getEntityToReturn().getGroupType(), startIndex);
            } else {
                if (membershipQuery.getEntityToMatch().getEntityType() != Entity.GROUP) {
                    throw new IllegalArgumentException("You can only find the GROUP memberships of USER or GROUP");
                }
                findNestedGroupMembershipsOfGroup = findNestedGroupMembershipsOfGroup(j, membershipQuery.getEntityNameToMatch(), membershipQuery.getEntityToReturn().getGroupType(), startIndex);
            }
        }
        List<T> constrainResults = SearchResultsUtil.constrainResults(findNestedGroupMembershipsOfGroup, membershipQuery.getStartIndex(), membershipQuery.getMaxResults());
        return membershipQuery.getReturnType() == String.class ? SearchResultsUtil.convertEntitiesToNames(constrainResults) : constrainResults;
    }

    private List<Group> findNestedGroupMembershipsOfGroup(long j, String str, GroupType groupType, int i) throws DirectoryAccessException {
        try {
            Group findGroupByName = findGroupByName(j, str);
            List<Group> findNestedGroupMembershipsIncludingGroups = findNestedGroupMembershipsIncludingGroups(j, Arrays.asList(findGroupByName), groupType, i);
            findNestedGroupMembershipsIncludingGroups.remove(findGroupByName);
            return new ArrayList(findNestedGroupMembershipsIncludingGroups);
        } catch (GroupNotFoundException e) {
            return Collections.emptyList();
        }
    }

    private List<Group> findNestedGroupMembershipsIncludingGroups(long j, List<Group> list, GroupType groupType, int i) throws DirectoryAccessException {
        LinkedList linkedList = new LinkedList();
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        linkedList.addAll(list);
        while (!linkedList.isEmpty() && (i == -1 || linkedHashSet.size() < i)) {
            Group group = (Group) linkedList.remove();
            if (!linkedHashSet.contains(group)) {
                linkedHashSet.add(group);
                linkedList.addAll(searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group(groupType)).membershipsOf(EntityDescriptor.group(groupType)).withName(group.getName()).returningAtMost(i)));
            }
        }
        return new ArrayList(linkedHashSet);
    }

    private List<Group> findNestedGroupMembershipsOfUser(long j, String str, GroupType groupType, int i) throws DirectoryAccessException {
        return findNestedGroupMembershipsIncludingGroups(j, searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group(groupType)).membershipsOf(EntityDescriptor.user()).withName(str).returningAtMost(i)), groupType, i);
    }

    private List<Group> findNestedGroupMembersOfGroup(long j, String str, GroupType groupType, int i) throws DirectoryAccessException {
        try {
            Group findGroupByName = findGroupByName(j, str);
            LinkedList linkedList = new LinkedList();
            LinkedHashSet linkedHashSet = new LinkedHashSet();
            linkedList.add(findGroupByName);
            while (!linkedList.isEmpty() && (i == -1 || linkedHashSet.size() < i)) {
                Group group = (Group) linkedList.remove();
                if (!linkedHashSet.contains(group)) {
                    linkedHashSet.add(group);
                    linkedList.addAll(searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group(groupType)).membersOf(EntityDescriptor.group(groupType)).withName(group.getName()).returningAtMost(i)));
                }
            }
            linkedHashSet.remove(findGroupByName);
            return new ArrayList(linkedHashSet);
        } catch (GroupNotFoundException e) {
            return Collections.emptyList();
        }
    }

    private List<User> findNestedUserMembersOfGroup(long j, String str, GroupType groupType, int i) throws DirectoryAccessException {
        try {
            Group findGroupByName = findGroupByName(j, str);
            LinkedList linkedList = new LinkedList();
            LinkedHashSet linkedHashSet = new LinkedHashSet();
            LinkedHashSet linkedHashSet2 = new LinkedHashSet();
            linkedList.add(findGroupByName);
            while (!linkedList.isEmpty() && (i == -1 || linkedHashSet2.size() < i)) {
                Group group = (Group) linkedList.remove();
                linkedHashSet2.addAll(searchDirectGroupRelationships(j, QueryBuilder.queryFor(User.class, EntityDescriptor.user()).membersOf(EntityDescriptor.group(groupType)).withName(group.getName()).returningAtMost(i)));
                if (!linkedHashSet.contains(group)) {
                    linkedHashSet.add(group);
                    linkedList.addAll(searchDirectGroupRelationships(j, QueryBuilder.queryFor(Group.class, EntityDescriptor.group(groupType)).membersOf(EntityDescriptor.group(groupType)).withName(group.getName()).returningAtMost(i)));
                }
            }
            return new ArrayList(linkedHashSet2);
        } catch (GroupNotFoundException e) {
            return Collections.emptyList();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v34, types: [java.util.Collection] */
    public BulkAddResult<User> addAllUsers(long j, Collection<UserTemplateWithCredentialAndAttributes> collection, boolean z) throws DirectoryPermissionException, DirectoryAccessException {
        ArrayList arrayList;
        if (!this.permissionManager.hasPermission(findDirectoryById(j), OperationType.CREATE_USER)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText("permission.directory.exception.add.principal"));
        }
        BatchingRemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        ArrayList arrayList2 = new ArrayList();
        BulkAddResult<User> bulkAddResult = new BulkAddResult<>(collection.size(), z);
        for (UserTemplateWithCredentialAndAttributes userTemplateWithCredentialAndAttributes : collection) {
            try {
                findUserByName(j, userTemplateWithCredentialAndAttributes.getName());
                if (z) {
                    try {
                        this.logger.info("Removing existing user: " + userTemplateWithCredentialAndAttributes);
                        removeUser(j, userTemplateWithCredentialAndAttributes.getName());
                        arrayList2.add(userTemplateWithCredentialAndAttributes);
                    } catch (Exception e) {
                        this.logger.error("Could not remove user for bulk import overwrite: " + userTemplateWithCredentialAndAttributes, e);
                        bulkAddResult.addExistingEntity(userTemplateWithCredentialAndAttributes);
                    }
                } else {
                    this.logger.info("User <" + userTemplateWithCredentialAndAttributes + "> already exists in directory. Skipping over this entity.");
                    bulkAddResult.addExistingEntity(userTemplateWithCredentialAndAttributes);
                }
            } catch (UserNotFoundException e2) {
                arrayList2.add(userTemplateWithCredentialAndAttributes);
            }
        }
        Set<UserTemplateWithCredentialAndAttributes> retainUniqueEntities = retainUniqueEntities(arrayList2);
        if (directoryImplementation instanceof BatchingRemoteDirectory) {
            arrayList = directoryImplementation.addAllUsers(retainUniqueEntities);
        } else {
            arrayList = new ArrayList();
            for (UserTemplateWithCredentialAndAttributes userTemplateWithCredentialAndAttributes2 : retainUniqueEntities) {
                try {
                    directoryImplementation.addUser(userTemplateWithCredentialAndAttributes2, userTemplateWithCredentialAndAttributes2.getCredential());
                } catch (Exception e3) {
                    arrayList.add(userTemplateWithCredentialAndAttributes2);
                }
            }
        }
        bulkAddResult.addFailedEntities(arrayList);
        return bulkAddResult;
    }

    private <T> Set<T> retainUniqueEntities(Collection<T> collection) {
        HashSet hashSet = new HashSet(collection.size());
        for (T t : collection) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Going to add: " + t);
            }
            if (!hashSet.add(t)) {
                this.logger.warn("Duplicate entity. Entity is already in the set of entities to bulk add: " + t);
            }
        }
        return hashSet;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v34, types: [java.util.Collection] */
    public BulkAddResult<Group> addAllGroups(long j, Collection<GroupTemplate> collection, boolean z) throws DirectoryPermissionException, DirectoryAccessException {
        ArrayList arrayList;
        if (!this.permissionManager.hasPermission(findDirectoryById(j), OperationType.CREATE_GROUP)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText("permission.directory.exception.add.group"));
        }
        BatchingRemoteDirectory directoryImplementation = getDirectoryImplementation(j);
        ArrayList arrayList2 = new ArrayList();
        BulkAddResult<Group> bulkAddResult = new BulkAddResult<>(collection.size(), z);
        for (GroupTemplate groupTemplate : collection) {
            try {
                findGroupByName(j, groupTemplate.getName());
                if (z) {
                    try {
                        this.logger.info("Removing existing group: " + groupTemplate);
                        removeGroup(j, groupTemplate.getName());
                        arrayList2.add(groupTemplate);
                    } catch (Exception e) {
                        this.logger.error("Could not remove group for bulk import overwrite: " + groupTemplate, e);
                        bulkAddResult.addExistingEntity(groupTemplate);
                    }
                } else {
                    this.logger.info("Group <" + groupTemplate + "> already exists in directory. Skipping over this entity.");
                    bulkAddResult.addExistingEntity(groupTemplate);
                }
            } catch (GroupNotFoundException e2) {
                arrayList2.add(groupTemplate);
            }
        }
        Set<GroupTemplate> retainUniqueEntities = retainUniqueEntities(arrayList2);
        if (directoryImplementation instanceof BatchingRemoteDirectory) {
            arrayList = directoryImplementation.addAllGroups(retainUniqueEntities);
        } else {
            arrayList = new ArrayList();
            for (GroupTemplate groupTemplate2 : retainUniqueEntities) {
                try {
                    directoryImplementation.addGroup(groupTemplate2);
                } catch (Exception e3) {
                    arrayList.add(groupTemplate2);
                }
            }
        }
        bulkAddResult.addFailedEntities(arrayList);
        return bulkAddResult;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v39, types: [java.util.Collection] */
    public BulkAddResult<String> addAllUsersToGroup(long j, Collection<String> collection, String str) throws DirectoryPermissionException, DirectoryAccessException {
        ArrayList arrayList;
        Directory findDirectoryById = findDirectoryById(j);
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(j, str).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        if (!this.permissionManager.hasPermission(findDirectoryById, operationType)) {
            throw new DirectoryPermissionException(this.i18nHelper.getText(OperationType.UPDATE_GROUP.equals(operationType) ? "permission.directory.exception.modify.group" : "permission.directory.exception.modify.role"));
        }
        BatchingRemoteDirectory implementation = findDirectoryById.getImplementation();
        Set<String> retainUniqueEntities = retainUniqueEntities(collection);
        BulkAddResult<String> bulkAddResult = new BulkAddResult<>(collection.size(), true);
        if (implementation instanceof BatchingRemoteDirectory) {
            arrayList = implementation.addAllUsersToGroup(retainUniqueEntities, str);
        } else {
            arrayList = new ArrayList();
            for (String str2 : retainUniqueEntities) {
                try {
                    addUserToGroup(j, str2, str);
                } catch (Exception e) {
                    arrayList.add(str2);
                }
            }
        }
        bulkAddResult.addFailedEntities(arrayList);
        return bulkAddResult;
    }
}
