package de.aservo.ldap.adapter.backend;

import com.atlassian.crowd.embedded.api.SearchRestriction;
import com.atlassian.crowd.exception.ApplicationPermissionException;
import com.atlassian.crowd.exception.ExpiredCredentialException;
import com.atlassian.crowd.exception.GroupNotFoundException;
import com.atlassian.crowd.exception.InactiveAccountException;
import com.atlassian.crowd.exception.InvalidAuthenticationException;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.exception.UserNotFoundException;
import com.atlassian.crowd.integration.rest.service.factory.RestCrowdClientFactory;
import com.atlassian.crowd.model.group.Group;
import com.atlassian.crowd.model.user.User;
import com.atlassian.crowd.search.query.entity.restriction.BooleanRestriction;
import com.atlassian.crowd.search.query.entity.restriction.BooleanRestrictionImpl;
import com.atlassian.crowd.search.query.entity.restriction.MatchMode;
import com.atlassian.crowd.search.query.entity.restriction.NullRestrictionImpl;
import com.atlassian.crowd.search.query.entity.restriction.TermRestriction;
import com.atlassian.crowd.search.query.entity.restriction.constants.GroupTermKeys;
import com.atlassian.crowd.service.client.ClientPropertiesImpl;
import com.atlassian.crowd.service.client.CrowdClient;
import de.aservo.ldap.adapter.ServerConfiguration;
import de.aservo.ldap.adapter.api.LdapUtils;
import de.aservo.ldap.adapter.api.cursor.MappableCursor;
import de.aservo.ldap.adapter.api.database.Row;
import de.aservo.ldap.adapter.api.directory.NestedDirectoryBackend;
import de.aservo.ldap.adapter.api.directory.exception.DirectoryAccessFailureException;
import de.aservo.ldap.adapter.api.directory.exception.EntityNotFoundException;
import de.aservo.ldap.adapter.api.directory.exception.SecurityProblemException;
import de.aservo.ldap.adapter.api.entity.EntityType;
import de.aservo.ldap.adapter.api.entity.GroupEntity;
import de.aservo.ldap.adapter.api.entity.MembershipEntity;
import de.aservo.ldap.adapter.api.entity.UserEntity;
import de.aservo.ldap.adapter.api.query.AndLogicExpression;
import de.aservo.ldap.adapter.api.query.EqualOperator;
import de.aservo.ldap.adapter.api.query.OrLogicExpression;
import de.aservo.ldap.adapter.api.query.QueryExpression;
import java.util.Collection;
import java.util.Properties;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.directory.api.ldap.model.schema.SchemaManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/aservo/ldap/adapter/backend/CrowdDirectoryBackend.class */
public class CrowdDirectoryBackend implements NestedDirectoryBackend {
    public static final String CONFIG_READINESS_CHECK = "readiness-check";
    private final Logger logger = LoggerFactory.getLogger(CrowdDirectoryBackend.class);
    private final CrowdClient crowdClient;
    private final boolean useReadinessCheck;

    public CrowdDirectoryBackend(ServerConfiguration serverConfiguration) {
        Properties backendProperties = serverConfiguration.getBackendProperties();
        this.useReadinessCheck = Boolean.parseBoolean(backendProperties.getProperty(CONFIG_READINESS_CHECK, "true"));
        this.crowdClient = new RestCrowdClientFactory().newInstance(ClientPropertiesImpl.newInstanceFromProperties(backendProperties));
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public String getId() {
        return "crowd";
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public void startup() {
        try {
            if (this.useReadinessCheck) {
                this.crowdClient.testConnection();
            }
        } catch (OperationFailedException e) {
            throw new DirectoryAccessFailureException((Throwable) e);
        } catch (ApplicationPermissionException | InvalidAuthenticationException e2) {
            throw new SecurityProblemException((Throwable) e2);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public void shutdown() {
        this.crowdClient.shutdown();
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public MappableCursor<Row> runQueryExpression(String str, SchemaManager schemaManager, QueryExpression queryExpression, EntityType entityType) {
        throw new UnsupportedOperationException("Query generation not supported for Crowd directory backend.");
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public GroupEntity getGroup(String str) throws EntityNotFoundException {
        this.logger.info("Backend call: getGroup; ID={}", str);
        try {
            return createGroupEntity(this.crowdClient.getGroup(str));
        } catch (ApplicationPermissionException | InvalidAuthenticationException e) {
            throw new SecurityProblemException((Throwable) e);
        } catch (OperationFailedException e2) {
            throw new DirectoryAccessFailureException((Throwable) e2);
        } catch (GroupNotFoundException e3) {
            throw new EntityNotFoundException((Throwable) e3);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public UserEntity getUser(String str) throws EntityNotFoundException {
        this.logger.info("Backend call: getUser; ID={}", str);
        try {
            return createUserEntity(this.crowdClient.getUser(str));
        } catch (ApplicationPermissionException | InvalidAuthenticationException e) {
            throw new SecurityProblemException((Throwable) e);
        } catch (UserNotFoundException e2) {
            throw new EntityNotFoundException((Throwable) e2);
        } catch (OperationFailedException e3) {
            throw new DirectoryAccessFailureException((Throwable) e3);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public UserEntity getAuthenticatedUser(String str, String str2) throws EntityNotFoundException {
        this.logger.info("Backend call: getAuthenticatedUser; ID={}", str);
        try {
            return createUserEntity(this.crowdClient.authenticateUser(str, str2));
        } catch (OperationFailedException e) {
            throw new DirectoryAccessFailureException((Throwable) e);
        } catch (InactiveAccountException | ExpiredCredentialException | ApplicationPermissionException | InvalidAuthenticationException e2) {
            throw new SecurityProblemException((Throwable) e2);
        } catch (UserNotFoundException e3) {
            throw new EntityNotFoundException((Throwable) e3);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<GroupEntity> getAllGroups() {
        return getAllGroups(0, Integer.MAX_VALUE);
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<GroupEntity> getAllGroups(int i, int i2) {
        this.logger.info("Backend call: getGroups({}, {})", Integer.valueOf(i), Integer.valueOf(i2));
        try {
            return (Set) this.crowdClient.searchGroups(NullRestrictionImpl.INSTANCE, i, i2).stream().map(this::createGroupEntity).collect(Collectors.toSet());
        } catch (ApplicationPermissionException | InvalidAuthenticationException e) {
            throw new SecurityProblemException((Throwable) e);
        } catch (OperationFailedException e2) {
            throw new DirectoryAccessFailureException((Throwable) e2);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<UserEntity> getAllUsers() {
        return getAllUsers(0, Integer.MAX_VALUE);
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<UserEntity> getAllUsers(int i, int i2) {
        this.logger.info("Backend call: getUsers({}, {})", Integer.valueOf(i), Integer.valueOf(i2));
        try {
            return (Set) this.crowdClient.searchUsers(NullRestrictionImpl.INSTANCE, i, i2).stream().map(this::createUserEntity).collect(Collectors.toSet());
        } catch (ApplicationPermissionException | InvalidAuthenticationException e) {
            throw new SecurityProblemException((Throwable) e);
        } catch (OperationFailedException e2) {
            throw new DirectoryAccessFailureException((Throwable) e2);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<UserEntity> getDirectUsersOfGroup(String str) throws EntityNotFoundException {
        this.logger.info("Backend call: getDirectUsersOfGroup; ID={}", str);
        try {
            return (Set) this.crowdClient.getUsersOfGroup(str, 0, Integer.MAX_VALUE).stream().map(this::createUserEntity).collect(Collectors.toSet());
        } catch (OperationFailedException e) {
            throw new DirectoryAccessFailureException((Throwable) e);
        } catch (ApplicationPermissionException | InvalidAuthenticationException e2) {
            throw new SecurityProblemException((Throwable) e2);
        } catch (GroupNotFoundException e3) {
            throw new EntityNotFoundException((Throwable) e3);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<GroupEntity> getDirectGroupsOfUser(String str) throws EntityNotFoundException {
        this.logger.info("Backend call: getDirectGroupsOfUser; ID={}", str);
        try {
            return (Set) this.crowdClient.getGroupsForUser(str, 0, Integer.MAX_VALUE).stream().map(this::createGroupEntity).collect(Collectors.toSet());
        } catch (OperationFailedException e) {
            throw new DirectoryAccessFailureException((Throwable) e);
        } catch (ApplicationPermissionException | InvalidAuthenticationException e2) {
            throw new SecurityProblemException((Throwable) e2);
        } catch (UserNotFoundException e3) {
            throw new EntityNotFoundException((Throwable) e3);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<UserEntity> getTransitiveUsersOfGroup(String str) throws EntityNotFoundException {
        this.logger.info("Backend call: getTransitiveUsersOfGroup; ID={}", str);
        try {
            return (Set) this.crowdClient.getNestedUsersOfGroup(str, 0, Integer.MAX_VALUE).stream().map(this::createUserEntity).collect(Collectors.toSet());
        } catch (OperationFailedException e) {
            throw new DirectoryAccessFailureException((Throwable) e);
        } catch (ApplicationPermissionException | InvalidAuthenticationException e2) {
            throw new SecurityProblemException((Throwable) e2);
        } catch (GroupNotFoundException e3) {
            throw new EntityNotFoundException((Throwable) e3);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<GroupEntity> getTransitiveGroupsOfUser(String str) throws EntityNotFoundException {
        this.logger.info("Backend call: getTransitiveGroupsOfUser; ID={}", str);
        try {
            return (Set) this.crowdClient.getGroupsForNestedUser(str, 0, Integer.MAX_VALUE).stream().map(this::createGroupEntity).collect(Collectors.toSet());
        } catch (OperationFailedException e) {
            throw new DirectoryAccessFailureException((Throwable) e);
        } catch (ApplicationPermissionException | InvalidAuthenticationException e2) {
            throw new SecurityProblemException((Throwable) e2);
        } catch (UserNotFoundException e3) {
            throw new EntityNotFoundException((Throwable) e3);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<GroupEntity> getDirectChildGroupsOfGroup(String str) throws EntityNotFoundException {
        this.logger.info("Backend call: getDirectChildGroupsOfGroup; ID={}", str);
        try {
            return (Set) this.crowdClient.getChildGroupsOfGroup(str, 0, Integer.MAX_VALUE).stream().map(this::createGroupEntity).collect(Collectors.toSet());
        } catch (OperationFailedException e) {
            throw new DirectoryAccessFailureException((Throwable) e);
        } catch (ApplicationPermissionException | InvalidAuthenticationException e2) {
            throw new SecurityProblemException((Throwable) e2);
        } catch (GroupNotFoundException e3) {
            throw new EntityNotFoundException((Throwable) e3);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<GroupEntity> getDirectParentGroupsOfGroup(String str) throws EntityNotFoundException {
        this.logger.info("Backend call: getDirectParentGroupsOfGroup; ID={}", str);
        try {
            return (Set) this.crowdClient.getParentGroupsForGroup(str, 0, Integer.MAX_VALUE).stream().map(this::createGroupEntity).collect(Collectors.toSet());
        } catch (OperationFailedException e) {
            throw new DirectoryAccessFailureException((Throwable) e);
        } catch (ApplicationPermissionException | InvalidAuthenticationException e2) {
            throw new SecurityProblemException((Throwable) e2);
        } catch (GroupNotFoundException e3) {
            throw new EntityNotFoundException((Throwable) e3);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<GroupEntity> getTransitiveChildGroupsOfGroup(String str) throws EntityNotFoundException {
        this.logger.info("Backend call: getTransitiveChildGroupsOfGroup; ID={}", str);
        try {
            return (Set) this.crowdClient.getNestedChildGroupsOfGroup(str, 0, Integer.MAX_VALUE).stream().map(this::createGroupEntity).collect(Collectors.toSet());
        } catch (OperationFailedException e) {
            throw new DirectoryAccessFailureException((Throwable) e);
        } catch (ApplicationPermissionException | InvalidAuthenticationException e2) {
            throw new SecurityProblemException((Throwable) e2);
        } catch (GroupNotFoundException e3) {
            throw new EntityNotFoundException((Throwable) e3);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.DirectoryBackend
    public Set<GroupEntity> getTransitiveParentGroupsOfGroup(String str) throws EntityNotFoundException {
        this.logger.info("Backend call: getTransitiveParentGroupsOfGroup; ID={}", str);
        try {
            return (Set) this.crowdClient.getParentGroupsForNestedGroup(str, 0, Integer.MAX_VALUE).stream().map(this::createGroupEntity).collect(Collectors.toSet());
        } catch (OperationFailedException e) {
            throw new DirectoryAccessFailureException((Throwable) e);
        } catch (ApplicationPermissionException | InvalidAuthenticationException e2) {
            throw new SecurityProblemException((Throwable) e2);
        } catch (GroupNotFoundException e3) {
            throw new EntityNotFoundException((Throwable) e3);
        }
    }

    @Override // de.aservo.ldap.adapter.api.directory.NestedDirectoryBackend
    public MappableCursor<MembershipEntity> getMemberships() {
        this.logger.info("Backend call: getMemberships");
        try {
            return MappableCursor.fromIterable(this.crowdClient.getMemberships()).map(membership -> {
                return new MembershipEntity(membership.getGroupName(), membership.getChildGroupNames(), membership.getUserNames());
            });
        } catch (OperationFailedException e) {
            throw new DirectoryAccessFailureException((Throwable) e);
        } catch (ApplicationPermissionException | InvalidAuthenticationException e2) {
            throw new SecurityProblemException((Throwable) e2);
        }
    }

    private GroupEntity createGroupEntity(Group group) {
        return new GroupEntity(group.getName(), group.getDescription());
    }

    private UserEntity createUserEntity(User user) {
        return new UserEntity(user.getName(), user.getLastName(), user.getFirstName(), user.getDisplayName(), user.getEmailAddress(), user.isActive());
    }

    private SearchRestriction createGroupSearchRestriction(QueryExpression queryExpression) {
        if (queryExpression instanceof AndLogicExpression) {
            return new BooleanRestrictionImpl(BooleanRestriction.BooleanLogic.AND, (Collection) ((AndLogicExpression) queryExpression).getChildren().stream().map(this::createGroupSearchRestriction).collect(Collectors.toList()));
        }
        if (queryExpression instanceof OrLogicExpression) {
            return new BooleanRestrictionImpl(BooleanRestriction.BooleanLogic.OR, (Collection) ((OrLogicExpression) queryExpression).getChildren().stream().map(this::createGroupSearchRestriction).collect(Collectors.toList()));
        }
        if (queryExpression instanceof EqualOperator) {
            String normalizeAttribute = LdapUtils.normalizeAttribute(((EqualOperator) queryExpression).getAttribute());
            boolean z = -1;
            switch (normalizeAttribute.hashCode()) {
                case -1502146812:
                    if (normalizeAttribute.equals("2.5.4.3")) {
                        z = false;
                        break;
                    }
                    break;
                case 678089073:
                    if (normalizeAttribute.equals("2.5.4.13")) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    return new TermRestriction(GroupTermKeys.NAME, MatchMode.EXACTLY_MATCHES, ((EqualOperator) queryExpression).getValue());
                case true:
                    return new TermRestriction(GroupTermKeys.DESCRIPTION, MatchMode.EXACTLY_MATCHES, ((EqualOperator) queryExpression).getValue());
            }
        }
        return NullRestrictionImpl.INSTANCE;
    }
}
