package com.atlassian.crowd.manager.application;

import com.atlassian.crowd.embedded.api.Directory;
import com.atlassian.crowd.embedded.api.OperationType;
import com.atlassian.crowd.embedded.api.PasswordCredential;
import com.atlassian.crowd.exception.ApplicationPermissionException;
import com.atlassian.crowd.exception.BulkAddFailedException;
import com.atlassian.crowd.exception.DirectoryAccessException;
import com.atlassian.crowd.exception.DirectoryInstantiationException;
import com.atlassian.crowd.exception.DirectoryNotFoundException;
import com.atlassian.crowd.exception.GroupNotFoundException;
import com.atlassian.crowd.exception.InvalidCredentialException;
import com.atlassian.crowd.exception.InvalidEmailAddressException;
import com.atlassian.crowd.exception.InvalidGroupException;
import com.atlassian.crowd.exception.InvalidMembershipException;
import com.atlassian.crowd.exception.InvalidUserException;
import com.atlassian.crowd.exception.MembershipNotFoundException;
import com.atlassian.crowd.exception.ObjectNotFoundException;
import com.atlassian.crowd.exception.UserNotFoundException;
import com.atlassian.crowd.manager.directory.BulkAddResult;
import com.atlassian.crowd.manager.directory.DirectoryManager;
import com.atlassian.crowd.manager.directory.DirectoryPermissionException;
import com.atlassian.crowd.manager.permission.PermissionManager;
import com.atlassian.crowd.model.EntityComparator;
import com.atlassian.crowd.model.application.Application;
import com.atlassian.crowd.model.application.DirectoryMapping;
import com.atlassian.crowd.model.group.Group;
import com.atlassian.crowd.model.group.GroupTemplate;
import com.atlassian.crowd.model.group.GroupType;
import com.atlassian.crowd.model.group.GroupWithAttributes;
import com.atlassian.crowd.model.user.User;
import com.atlassian.crowd.model.user.UserTemplate;
import com.atlassian.crowd.model.user.UserTemplateWithCredentialAndAttributes;
import com.atlassian.crowd.model.user.UserWithAttributes;
import com.atlassian.crowd.search.builder.QueryBuilder;
import com.atlassian.crowd.search.query.entity.EntityQuery;
import com.atlassian.crowd.search.query.membership.MembershipQuery;
import com.atlassian.crowd.search.util.SearchResultsUtil;
import com.atlassian.crowd.util.I18nHelper;
import com.google.common.base.Preconditions;
import java.rmi.RemoteException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/atlassian/crowd/manager/application/ApplicationServiceGeneric.class */
public class ApplicationServiceGeneric implements ApplicationService {
    private final Logger logger = Logger.getLogger(getClass());
    private final DirectoryManager directoryManager;
    private final PermissionManager permissionManager;
    private final I18nHelper i18nHelper;

    public ApplicationServiceGeneric(DirectoryManager directoryManager, PermissionManager permissionManager, I18nHelper i18nHelper) {
        this.directoryManager = (DirectoryManager) Preconditions.checkNotNull(directoryManager);
        this.permissionManager = (PermissionManager) Preconditions.checkNotNull(permissionManager);
        this.i18nHelper = (I18nHelper) Preconditions.checkNotNull(i18nHelper);
    }

    public void addAllUsers(Application application, Collection<UserTemplateWithCredentialAndAttributes> collection) throws ApplicationPermissionException, RemoteException, DirectoryAccessException, BulkAddFailedException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Adding users for application " + application);
        }
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        boolean z = false;
        for (DirectoryMapping directoryMapping : application.getDirectoryMappings()) {
            if (this.permissionManager.hasPermission(directoryMapping.getDirectory(), OperationType.CREATE_USER)) {
                z = true;
                Directory directory = directoryMapping.getDirectory();
                try {
                    Iterator<UserTemplateWithCredentialAndAttributes> it = collection.iterator();
                    while (it.hasNext()) {
                        it.next().setDirectoryId(directory.getId().longValue());
                    }
                    BulkAddResult addAllUsers = this.directoryManager.addAllUsers(directory.getId().longValue(), collection, false);
                    Iterator it2 = addAllUsers.getExistingEntities().iterator();
                    while (it2.hasNext()) {
                        hashSet2.add(((User) it2.next()).getName());
                    }
                    Iterator it3 = addAllUsers.getFailedEntities().iterator();
                    while (it3.hasNext()) {
                        hashSet.add(((User) it3.next()).getName());
                    }
                } catch (ObjectNotFoundException e) {
                    this.logger.error(e.getMessage(), e);
                } catch (DirectoryPermissionException e2) {
                    this.logger.info("Could not add users to directory " + directory.getName());
                    this.logger.info(e2.getMessage());
                }
            }
        }
        if (!z) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.add.user", Arrays.asList(application.getName())));
        }
        if (hashSet.size() > 0 || hashSet2.size() > 0) {
            throw new BulkAddFailedException(hashSet, hashSet2);
        }
    }

    public User findUserByName(Application application, String str) throws DirectoryAccessException, UserNotFoundException {
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            try {
                return this.directoryManager.findUserByName(((DirectoryMapping) it.next()).getDirectory().getId().longValue(), str);
            } catch (DirectoryInstantiationException e) {
                this.logger.error(e);
            } catch (UserNotFoundException e2) {
            }
        }
        throw new UserNotFoundException(str);
    }

    public UserWithAttributes findUserWithAttributesByName(Application application, String str) throws DirectoryAccessException, UserNotFoundException {
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            try {
                return this.directoryManager.findUserWithAttributesByName(((DirectoryMapping) it.next()).getDirectory().getId().longValue(), str);
            } catch (DirectoryInstantiationException e) {
                this.logger.error(e);
            } catch (UserNotFoundException e2) {
            }
        }
        throw new UserNotFoundException(str);
    }

    public User addUser(Application application, UserTemplate userTemplate, PasswordCredential passwordCredential) throws InvalidUserException, DirectoryAccessException, InvalidCredentialException, ApplicationPermissionException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Adding user <" + userTemplate.getName() + "> for application <" + application.getName() + ">");
        }
        try {
            findUserByName(application, userTemplate.getName());
            throw new InvalidUserException(userTemplate, "User already exists");
        } catch (UserNotFoundException e) {
            Iterator it = application.getDirectoryMappings().iterator();
            while (it.hasNext()) {
                Directory directory = ((DirectoryMapping) it.next()).getDirectory();
                if (this.permissionManager.hasPermission(application, directory, OperationType.CREATE_USER)) {
                    try {
                        userTemplate.setDirectoryId(directory.getId().longValue());
                        this.directoryManager.addUser(directory.getId().longValue(), userTemplate, passwordCredential);
                    } catch (DirectoryPermissionException e2) {
                        this.logger.info("Could not add user <" + userTemplate.getName() + "> to directory <" + directory.getName() + ">");
                        this.logger.info(e2.getMessage());
                    } catch (DirectoryNotFoundException e3) {
                        this.logger.error(e3.getMessage(), e3);
                    }
                }
            }
            try {
                return findUserByName(application, userTemplate.getName());
            } catch (UserNotFoundException e4) {
                throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.add.user", Arrays.asList(application.getName())));
            }
        }
    }

    public User updateUser(Application application, UserTemplate userTemplate) throws InvalidUserException, DirectoryAccessException, ApplicationPermissionException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Updating user <" + userTemplate.getName() + "> for application <" + application.getName() + ">");
        }
        findUserByName(application, userTemplate.getName());
        boolean z = false;
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, OperationType.UPDATE_USER)) {
                try {
                    userTemplate.setDirectoryId(directory.getId().longValue());
                    this.directoryManager.updateUser(directory.getId().longValue(), userTemplate);
                    z = true;
                } catch (UserNotFoundException e) {
                } catch (DirectoryPermissionException e2) {
                    this.logger.info("Could not update user <" + userTemplate.getName() + "> to directory <" + directory.getName() + ">");
                    this.logger.info(e2.getMessage());
                }
            }
        }
        if (z) {
            return findUserByName(application, userTemplate.getName());
        }
        throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.user", Arrays.asList(application.getName())));
    }

    public void updateUserCredential(Application application, String str, PasswordCredential passwordCredential) throws DirectoryAccessException, InvalidCredentialException, ApplicationPermissionException {
        User findUserByName = findUserByName(application, str);
        if (!this.permissionManager.hasPermission(application, this.directoryManager.findDirectoryById(findUserByName.getDirectoryId()), OperationType.UPDATE_USER)) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.user", Arrays.asList(application.getName())));
        }
        try {
            this.directoryManager.updateUserCredential(findUserByName.getDirectoryId(), str, passwordCredential);
        } catch (DirectoryPermissionException e) {
            throw new ApplicationPermissionException(e);
        }
    }

    public void resetUserCredential(Application application, String str) throws DirectoryAccessException, InvalidCredentialException, ApplicationPermissionException, InvalidEmailAddressException {
        User findUserByName = findUserByName(application, str);
        if (!this.permissionManager.hasPermission(application, this.directoryManager.findDirectoryById(findUserByName.getDirectoryId()), OperationType.UPDATE_USER)) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.user", Arrays.asList(application.getName())));
        }
        try {
            this.directoryManager.resetPassword(findUserByName.getDirectoryId(), str);
        } catch (DirectoryPermissionException e) {
            throw new ApplicationPermissionException(e);
        }
    }

    public void storeUserAttributes(Application application, String str, Map<String, Set<String>> map) throws DirectoryAccessException, ApplicationPermissionException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Storing user attributes for user <" + str + "> and application <" + application.getName() + ">");
        }
        findUserByName(application, str);
        boolean z = false;
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, OperationType.UPDATE_USER)) {
                try {
                    this.directoryManager.storeUserAttributes(directory.getId().longValue(), str, map);
                    z = true;
                } catch (DirectoryPermissionException e) {
                    this.logger.info("Could not update user <" + str + "> to directory <" + directory.getName() + ">");
                    this.logger.info(e.getMessage());
                } catch (UserNotFoundException e2) {
                }
            }
        }
        if (!z) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.user", Arrays.asList(application.getName())));
        }
    }

    public void removeUserAttributes(Application application, String str, String str2) throws DirectoryAccessException, ApplicationPermissionException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Removing user attributes for user <" + str + "> and application <" + application.getName() + ">");
        }
        findUserByName(application, str);
        boolean z = false;
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, OperationType.UPDATE_USER)) {
                try {
                    this.directoryManager.removeUserAttributes(directory.getId().longValue(), str, str2);
                    z = true;
                } catch (DirectoryPermissionException e) {
                    this.logger.info("Could not update user <" + str + "> to directory <" + directory.getName() + ">");
                    this.logger.info(e.getMessage());
                } catch (UserNotFoundException e2) {
                }
            }
        }
        if (!z) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.user", Arrays.asList(application.getName())));
        }
    }

    public void removeUser(Application application, String str) throws DirectoryAccessException, ApplicationPermissionException {
        findUserByName(application, str);
        boolean z = false;
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, OperationType.DELETE_USER)) {
                try {
                    this.directoryManager.removeUser(directory.getId().longValue(), str);
                    z = true;
                } catch (DirectoryPermissionException e) {
                    this.logger.info("Could not remove user <" + str + "> from directory <" + directory.getName() + ">");
                } catch (UserNotFoundException e2) {
                }
            }
        }
        if (!z) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.remove.user", Arrays.asList(application.getName())));
        }
    }

    public <T> List<T> searchUsers(Application application, EntityQuery<T> entityQuery) throws DirectoryAccessException {
        TreeSet treeSet = new TreeSet(EntityComparator.of(entityQuery.getReturnType()));
        int startIndex = entityQuery.getStartIndex() + entityQuery.getMaxResults();
        if (entityQuery.getMaxResults() == -1) {
            startIndex = -1;
        }
        for (DirectoryMapping directoryMapping : application.getDirectoryMappings()) {
            try {
                int size = startIndex - treeSet.size();
                if (entityQuery.getMaxResults() == -1) {
                    size = -1;
                }
                treeSet.addAll(this.directoryManager.searchUsers(directoryMapping.getDirectory().getId().longValue(), QueryBuilder.queryFor(entityQuery.getReturnType(), entityQuery.getEntityDescriptor(), entityQuery.getSearchRestriction(), entityQuery.getStartIndex(), size)));
                if (entityQuery.getMaxResults() != -1 && treeSet.size() >= entityQuery.getMaxResults()) {
                    break;
                }
            } catch (DirectoryNotFoundException e) {
            }
        }
        return SearchResultsUtil.constrainResults(new ArrayList(treeSet), entityQuery.getStartIndex(), entityQuery.getMaxResults());
    }

    public Group findGroupByName(Application application, String str) throws DirectoryAccessException {
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            try {
                return this.directoryManager.findGroupByName(((DirectoryMapping) it.next()).getDirectory().getId().longValue(), str);
            } catch (DirectoryInstantiationException e) {
                this.logger.error(e);
            } catch (GroupNotFoundException e2) {
            }
        }
        throw new GroupNotFoundException(str);
    }

    public GroupWithAttributes findGroupWithAttributesByName(Application application, String str) throws DirectoryAccessException {
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            try {
                return this.directoryManager.findGroupWithAttributesByName(((DirectoryMapping) it.next()).getDirectory().getId().longValue(), str);
            } catch (DirectoryInstantiationException e) {
                this.logger.error(e);
            } catch (GroupNotFoundException e2) {
            }
        }
        throw new GroupNotFoundException(str);
    }

    public Group addGroup(Application application, GroupTemplate groupTemplate) throws InvalidGroupException, DirectoryAccessException, ApplicationPermissionException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Adding group <" + groupTemplate.getName() + "> for application <" + application.getName() + ">");
        }
        try {
            findGroupByName(application, groupTemplate.getName());
            throw new InvalidGroupException(groupTemplate, "Group already exists");
        } catch (GroupNotFoundException e) {
            OperationType operationType = GroupType.GROUP.equals(groupTemplate.getType()) ? OperationType.CREATE_GROUP : OperationType.CREATE_ROLE;
            Iterator it = application.getDirectoryMappings().iterator();
            while (it.hasNext()) {
                Directory directory = ((DirectoryMapping) it.next()).getDirectory();
                if (this.permissionManager.hasPermission(application, directory, operationType)) {
                    try {
                        groupTemplate.setDirectoryId(directory.getId().longValue());
                        this.directoryManager.addGroup(directory.getId().longValue(), groupTemplate);
                    } catch (DirectoryNotFoundException e2) {
                        this.logger.error(e2.getMessage(), e2);
                    } catch (DirectoryPermissionException e3) {
                        this.logger.info("Could not add group <" + groupTemplate.getName() + "> to directory <" + directory.getName() + ">");
                        this.logger.info(e3.getMessage());
                    }
                }
            }
            try {
                return findGroupByName(application, groupTemplate.getName());
            } catch (GroupNotFoundException e4) {
                throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.add.group", Arrays.asList(application.getName())));
            }
        }
    }

    public Group updateGroup(Application application, GroupTemplate groupTemplate) throws InvalidGroupException, DirectoryAccessException, ApplicationPermissionException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Updating group <" + groupTemplate.getName() + "> for application <" + application.getName() + ">");
        }
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(application, groupTemplate.getName()).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        boolean z = false;
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, operationType)) {
                try {
                    groupTemplate.setDirectoryId(directory.getId().longValue());
                    this.directoryManager.updateGroup(directory.getId().longValue(), groupTemplate);
                    z = true;
                } catch (DirectoryPermissionException e) {
                    this.logger.info("Could not update group <" + groupTemplate.getName() + "> to directory <" + directory.getName() + ">");
                    this.logger.info(e.getMessage());
                } catch (GroupNotFoundException e2) {
                }
            }
        }
        if (z) {
            return findGroupByName(application, groupTemplate.getName());
        }
        throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.group", Arrays.asList(application.getName())));
    }

    public void storeGroupAttributes(Application application, String str, Map<String, Set<String>> map) throws DirectoryAccessException, ApplicationPermissionException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Storing group attributes for group <" + str + "> and application <" + application.getName() + ">");
        }
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(application, str).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        boolean z = false;
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, operationType)) {
                try {
                    this.directoryManager.storeGroupAttributes(directory.getId().longValue(), str, map);
                    z = true;
                } catch (GroupNotFoundException e) {
                } catch (DirectoryPermissionException e2) {
                    this.logger.info("Could not update group <" + str + "> to directory <" + directory.getName() + ">");
                    this.logger.info(e2.getMessage());
                }
            }
        }
        if (!z) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.group", Arrays.asList(application.getName())));
        }
    }

    public void removeGroupAttributes(Application application, String str, String str2) throws DirectoryAccessException, ApplicationPermissionException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Removing group attributes for group <" + str + "> and application <" + application.getName() + ">");
        }
        boolean z = false;
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(application, str).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, operationType)) {
                try {
                    this.directoryManager.removeGroupAttributes(directory.getId().longValue(), str, str2);
                    z = true;
                } catch (GroupNotFoundException e) {
                } catch (DirectoryPermissionException e2) {
                    this.logger.info("Could not update group <" + str + "> to directory <" + directory.getName() + ">");
                    this.logger.info(e2.getMessage());
                }
            }
        }
        if (!z) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.group", Arrays.asList(application.getName())));
        }
    }

    public void removeGroup(Application application, String str) throws DirectoryAccessException, ApplicationPermissionException {
        boolean z = false;
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(application, str).getType()) ? OperationType.DELETE_GROUP : OperationType.DELETE_ROLE;
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, operationType)) {
                try {
                    this.directoryManager.removeGroup(directory.getId().longValue(), str);
                    z = true;
                } catch (GroupNotFoundException e) {
                } catch (DirectoryPermissionException e2) {
                    this.logger.info("Could not remove group <" + str + "> from directory <" + directory.getName() + ">");
                }
            }
        }
        if (!z) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.remove.group", Arrays.asList(application.getName())));
        }
    }

    public <T> List<T> searchGroups(Application application, EntityQuery<T> entityQuery) throws DirectoryAccessException {
        TreeSet treeSet = new TreeSet(EntityComparator.of(entityQuery.getReturnType()));
        int startIndex = entityQuery.getStartIndex() + entityQuery.getMaxResults();
        if (entityQuery.getMaxResults() == -1) {
            startIndex = -1;
        }
        for (DirectoryMapping directoryMapping : application.getDirectoryMappings()) {
            try {
                int size = startIndex - treeSet.size();
                if (entityQuery.getMaxResults() == -1) {
                    size = -1;
                }
                treeSet.addAll(this.directoryManager.searchGroups(directoryMapping.getDirectory().getId().longValue(), QueryBuilder.queryFor(entityQuery.getReturnType(), entityQuery.getEntityDescriptor(), entityQuery.getSearchRestriction(), 0, size)));
                if (entityQuery.getMaxResults() != -1 && treeSet.size() >= entityQuery.getMaxResults()) {
                    break;
                }
            } catch (DirectoryNotFoundException e) {
            }
        }
        return SearchResultsUtil.constrainResults(new ArrayList(treeSet), entityQuery.getStartIndex(), entityQuery.getMaxResults());
    }

    public void addUserToGroup(Application application, String str, String str2) throws DirectoryAccessException, ApplicationPermissionException {
        boolean z = false;
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(application, str2).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, operationType)) {
                try {
                    this.directoryManager.addUserToGroup(directory.getId().longValue(), str, str2);
                    z = true;
                } catch (GroupNotFoundException e) {
                    z = true;
                } catch (DirectoryPermissionException e2) {
                    this.logger.info("Could not add user <" + str + "> to group <" + str2 + "> from directory <" + directory.getName() + ">");
                }
            }
        }
        if (!z) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.group", Arrays.asList(application.getName())));
        }
        if (!isUserDirectGroupMember(application, str, str2)) {
            throw new GroupNotFoundException(str2);
        }
    }

    public void addGroupToGroup(Application application, String str, String str2) throws DirectoryAccessException, ApplicationPermissionException {
        boolean z = false;
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(application, str2).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, operationType)) {
                try {
                    this.directoryManager.addGroupToGroup(directory.getId().longValue(), str, str2);
                    z = true;
                } catch (DirectoryPermissionException e) {
                    this.logger.info("Could not add child group <" + str + "> to parent group <" + str2 + "> from directory <" + directory.getName() + ">");
                } catch (InvalidMembershipException e2) {
                    this.logger.info("Could not add child group <" + str + "> to parent group <" + str2 + "> from directory <" + directory.getName() + ">: " + e2.getMessage());
                } catch (GroupNotFoundException e3) {
                    z = true;
                }
            }
        }
        if (!z) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.group", Arrays.asList(application.getName())));
        }
        if (!isGroupDirectGroupMember(application, str, str2)) {
            throw new GroupNotFoundException(str2);
        }
    }

    public void removeUserFromGroup(Application application, String str, String str2) throws DirectoryAccessException, ApplicationPermissionException, MembershipNotFoundException {
        boolean z = false;
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(application, str2).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        if (!isUserDirectGroupMember(application, str, str2)) {
            throw new MembershipNotFoundException(str, str2);
        }
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, operationType)) {
                try {
                    this.directoryManager.removeUserFromGroup(directory.getId().longValue(), str, str2);
                    z = true;
                } catch (DirectoryPermissionException e) {
                    this.logger.info("Could not remove user <" + str + "> to group <" + str2 + "> from directory <" + directory.getName() + ">");
                } catch (GroupNotFoundException e2) {
                    z = true;
                } catch (UserNotFoundException e3) {
                    z = true;
                }
            }
        }
        if (!z) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.group", Arrays.asList(application.getName())));
        }
    }

    public void removeGroupFromGroup(Application application, String str, String str2) throws DirectoryAccessException, ApplicationPermissionException, MembershipNotFoundException {
        boolean z = false;
        if (!isGroupDirectGroupMember(application, str, str2)) {
            throw new MembershipNotFoundException(str, str2);
        }
        OperationType operationType = GroupType.GROUP.equals(findGroupByName(application, str2).getType()) ? OperationType.UPDATE_GROUP : OperationType.UPDATE_ROLE;
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Directory directory = ((DirectoryMapping) it.next()).getDirectory();
            if (this.permissionManager.hasPermission(application, directory, operationType)) {
                try {
                    this.directoryManager.removeGroupFromGroup(directory.getId().longValue(), str, str2);
                    z = true;
                } catch (DirectoryPermissionException e) {
                    this.logger.info("Could not remove child group <" + str + "> to parent group <" + str2 + "> from directory <" + directory.getName() + ">");
                } catch (InvalidMembershipException e2) {
                    this.logger.info("Could not remove child group <" + str + "> from parent group <" + str2 + "> from directory <" + directory.getName() + ">: " + e2.getMessage());
                } catch (GroupNotFoundException e3) {
                    z = true;
                }
            }
        }
        if (!z) {
            throw new ApplicationPermissionException(this.i18nHelper.getText("permission.application.exception.modify.group", Arrays.asList(application.getName())));
        }
    }

    public boolean isUserDirectGroupMember(Application application, String str, String str2) throws DirectoryAccessException {
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            if (this.directoryManager.isUserDirectGroupMember(((DirectoryMapping) it.next()).getDirectory().getId().longValue(), str, str2)) {
                return true;
            }
        }
        return false;
    }

    public boolean isGroupDirectGroupMember(Application application, String str, String str2) throws DirectoryAccessException {
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            if (this.directoryManager.isGroupDirectGroupMember(((DirectoryMapping) it.next()).getDirectory().getId().longValue(), str, str2)) {
                return true;
            }
        }
        return false;
    }

    public boolean isUserNestedGroupMember(Application application, String str, String str2) throws DirectoryAccessException {
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            if (this.directoryManager.isUserNestedGroupMember(((DirectoryMapping) it.next()).getDirectory().getId().longValue(), str, str2)) {
                return true;
            }
        }
        return false;
    }

    public boolean isGroupNestedGroupMember(Application application, String str, String str2) throws DirectoryAccessException {
        Iterator it = application.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            if (this.directoryManager.isGroupNestedGroupMember(((DirectoryMapping) it.next()).getDirectory().getId().longValue(), str, str2)) {
                return true;
            }
        }
        return false;
    }

    public <T> List<T> searchDirectGroupRelationships(Application application, MembershipQuery<T> membershipQuery) throws DirectoryAccessException {
        TreeSet treeSet = new TreeSet(EntityComparator.of(membershipQuery.getReturnType()));
        int startIndex = membershipQuery.getStartIndex() + membershipQuery.getMaxResults();
        if (membershipQuery.getMaxResults() == -1) {
            startIndex = -1;
        }
        for (DirectoryMapping directoryMapping : application.getDirectoryMappings()) {
            try {
                int size = startIndex - treeSet.size();
                if (membershipQuery.getMaxResults() == -1) {
                    size = -1;
                }
                treeSet.addAll(this.directoryManager.searchDirectGroupRelationships(directoryMapping.getDirectory().getId().longValue(), QueryBuilder.createMembershipQuery(size, 0, membershipQuery.isFindMembers(), membershipQuery.getEntityToReturn(), membershipQuery.getReturnType(), membershipQuery.getEntityToMatch(), membershipQuery.getEntityNameToMatch())));
                if (membershipQuery.getMaxResults() != -1 && treeSet.size() >= membershipQuery.getMaxResults()) {
                    break;
                }
            } catch (DirectoryNotFoundException e) {
            }
        }
        return SearchResultsUtil.constrainResults(new ArrayList(treeSet), membershipQuery.getStartIndex(), membershipQuery.getMaxResults());
    }

    public <T> List<T> searchNestedGroupRelationships(Application application, MembershipQuery<T> membershipQuery) throws DirectoryAccessException {
        TreeSet treeSet = new TreeSet(EntityComparator.of(membershipQuery.getReturnType()));
        int startIndex = membershipQuery.getStartIndex() + membershipQuery.getMaxResults();
        if (membershipQuery.getMaxResults() == -1) {
            startIndex = -1;
        }
        for (DirectoryMapping directoryMapping : application.getDirectoryMappings()) {
            try {
                int size = startIndex - treeSet.size();
                if (membershipQuery.getMaxResults() == -1) {
                    size = -1;
                }
                treeSet.addAll(this.directoryManager.searchNestedGroupRelationships(directoryMapping.getDirectory().getId().longValue(), QueryBuilder.createMembershipQuery(size, 0, membershipQuery.isFindMembers(), membershipQuery.getEntityToReturn(), membershipQuery.getReturnType(), membershipQuery.getEntityToMatch(), membershipQuery.getEntityNameToMatch())));
                if (membershipQuery.getMaxResults() != -1 && treeSet.size() >= membershipQuery.getMaxResults()) {
                    break;
                }
            } catch (DirectoryNotFoundException e) {
            }
        }
        return SearchResultsUtil.constrainResults(new ArrayList(treeSet), membershipQuery.getStartIndex(), membershipQuery.getMaxResults());
    }
}
