package jp.openstandia.connector.guacamole;

import java.time.ZonedDateTime;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import jp.openstandia.connector.guacamole.GuacamoleClient;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.framework.common.exceptions.UnknownUidException;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeBuilder;
import org.identityconnectors.framework.common.objects.AttributeDelta;
import org.identityconnectors.framework.common.objects.AttributeInfo;
import org.identityconnectors.framework.common.objects.AttributeInfoBuilder;
import org.identityconnectors.framework.common.objects.AttributeValueCompleteness;
import org.identityconnectors.framework.common.objects.ConnectorObject;
import org.identityconnectors.framework.common.objects.ConnectorObjectBuilder;
import org.identityconnectors.framework.common.objects.Name;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.ObjectClassInfo;
import org.identityconnectors.framework.common.objects.ObjectClassInfoBuilder;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.OperationalAttributeInfos;
import org.identityconnectors.framework.common.objects.OperationalAttributes;
import org.identityconnectors.framework.common.objects.ResultsHandler;
import org.identityconnectors.framework.common.objects.Uid;

/* loaded from: input_file:jp/openstandia/connector/guacamole/GuacamoleUserHandler.class */
public class GuacamoleUserHandler implements GuacamoleObjectHandler {
    public static final ObjectClass USER_OBJECT_CLASS = new ObjectClass("User");
    private static final Log LOGGER = Log.getLog(GuacamoleUserHandler.class);
    static final String ATTR_USERNAME = "username";
    static final String ATTR_EMAIL = "guac-email-address";
    static final String ATTR_ORGANIZATIONAL_ROLE = "guac-organizational-role";
    static final String ATTR_ORGANIZATION = "guac-organization";
    static final String ATTR_FULL_NAME = "guac-full-name";
    static final String ATTR_PASSWORD_EXPIRED = "expired";
    static final String ATTR_TIMEZONE = "timezone";
    static final String ATTR_ACCESS_WINDOW_START = "access-window-start";
    static final String ATTR_ACCESS_WINDOW_END = "access-window-end";
    static final String ATTR_VALID_UNTIL = "valid-until";
    static final String ATTR_VALID_FROM = "valid-from";
    private static final String ATTR_USER_PERMISSIONS = "userPermissions";
    private static final String ATTR_SYSTEM_PERMISSIONS = "systemPermissions";
    static final String ATTR_DISABLED = "disabled";
    private static final String ATTR_USER_GROUPS = "userGroups";
    private static final String ATTR_CONNECTIONS = "connections";
    private static final String ATTR_CONNECTION_GROUPS = "connectionGroups";
    private final GuacamoleConfiguration configuration;
    private final GuacamoleClient client;
    private final GuacamoleAssociationHandler associationHandler;
    private final GuacamoleSchema schema;

    public GuacamoleUserHandler(GuacamoleConfiguration guacamoleConfiguration, GuacamoleClient guacamoleClient, Map<String, AttributeInfo> map) {
        this.configuration = guacamoleConfiguration;
        this.client = guacamoleClient;
        this.schema = new GuacamoleSchema(guacamoleConfiguration, guacamoleClient);
        this.associationHandler = new GuacamoleAssociationHandler(guacamoleConfiguration, guacamoleClient);
    }

    public static ObjectClassInfo createSchema() {
        ObjectClassInfoBuilder objectClassInfoBuilder = new ObjectClassInfoBuilder();
        objectClassInfoBuilder.setType(USER_OBJECT_CLASS.getObjectClassValue());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(Uid.NAME).setRequired(false).setCreateable(false).setUpdateable(false).setNativeName(ATTR_USERNAME).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(Name.NAME).setRequired(true).setUpdateable(false).setNativeName(ATTR_USERNAME).build());
        objectClassInfoBuilder.addAttributeInfo(OperationalAttributeInfos.ENABLE);
        objectClassInfoBuilder.addAttributeInfo(OperationalAttributeInfos.PASSWORD);
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_FULL_NAME).setRequired(false).setCreateable(true).setUpdateable(true).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_EMAIL).setRequired(false).setCreateable(true).setUpdateable(true).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_ORGANIZATION).setRequired(false).setCreateable(true).setUpdateable(true).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_ORGANIZATIONAL_ROLE).setRequired(false).setCreateable(true).setUpdateable(true).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_PASSWORD_EXPIRED).setRequired(false).setCreateable(true).setUpdateable(true).setType(Boolean.class).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_TIMEZONE).setRequired(false).setCreateable(true).setUpdateable(true).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_ACCESS_WINDOW_START).setRequired(false).setCreateable(true).setUpdateable(true).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_ACCESS_WINDOW_END).setRequired(false).setCreateable(true).setUpdateable(true).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_VALID_UNTIL).setRequired(false).setCreateable(true).setUpdateable(true).setType(ZonedDateTime.class).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_VALID_FROM).setRequired(false).setCreateable(true).setUpdateable(true).setType(ZonedDateTime.class).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_USER_PERMISSIONS).setRequired(false).setCreateable(true).setUpdateable(true).setMultiValued(true).setReturnedByDefault(false).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_SYSTEM_PERMISSIONS).setRequired(false).setCreateable(true).setUpdateable(true).setMultiValued(true).setReturnedByDefault(false).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_USER_GROUPS).setMultiValued(true).setReturnedByDefault(false).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_CONNECTIONS).setMultiValued(true).setReturnedByDefault(false).build());
        objectClassInfoBuilder.addAttributeInfo(AttributeInfoBuilder.define(ATTR_CONNECTION_GROUPS).setMultiValued(true).setReturnedByDefault(false).build());
        ObjectClassInfo build = objectClassInfoBuilder.build();
        LOGGER.ok("The constructed User core schema: {0}", new Object[]{build});
        return build;
    }

    @Override // jp.openstandia.connector.guacamole.GuacamoleObjectHandler
    public Uid create(Set<Attribute> set) {
        HashSet hashSet = new HashSet();
        List<Object> list = null;
        List<Object> list2 = null;
        List<Object> list3 = null;
        List<Object> list4 = null;
        List<Object> list5 = null;
        for (Attribute attribute : set) {
            if (attribute.is(ATTR_USER_GROUPS)) {
                list = attribute.getValue();
            } else if (attribute.is(ATTR_CONNECTIONS)) {
                list2 = attribute.getValue();
            } else if (attribute.is(ATTR_CONNECTION_GROUPS)) {
                list3 = attribute.getValue();
            } else if (attribute.is(ATTR_USER_PERMISSIONS)) {
                list4 = attribute.getValue();
            } else if (attribute.is(ATTR_SYSTEM_PERMISSIONS)) {
                list5 = attribute.getValue();
            } else {
                hashSet.add(attribute);
            }
        }
        Uid createUser = this.client.createUser(this.schema, hashSet);
        this.associationHandler.addUserGroupsToUser(createUser, list);
        this.associationHandler.addConnectionsToUser(createUser, list2);
        this.associationHandler.addConnectionGroupsToUser(createUser, list3);
        this.associationHandler.addUserPermissionsToUser(createUser, list4);
        this.associationHandler.addSystemPermissionsToUser(createUser, list5);
        return createUser;
    }

    @Override // jp.openstandia.connector.guacamole.GuacamoleObjectHandler
    public Set<AttributeDelta> updateDelta(Uid uid, Set<AttributeDelta> set, OperationOptions operationOptions) {
        HashSet hashSet = new HashSet();
        List<Object> list = null;
        List<Object> list2 = null;
        List<Object> list3 = null;
        List<Object> list4 = null;
        List<Object> list5 = null;
        List<Object> list6 = null;
        List<Object> list7 = null;
        List<Object> list8 = null;
        List<Object> list9 = null;
        List<Object> list10 = null;
        for (AttributeDelta attributeDelta : set) {
            if (attributeDelta.is(ATTR_USER_GROUPS)) {
                list = attributeDelta.getValuesToAdd();
                list2 = attributeDelta.getValuesToRemove();
            } else if (attributeDelta.is(ATTR_CONNECTIONS)) {
                list3 = attributeDelta.getValuesToAdd();
                list4 = attributeDelta.getValuesToRemove();
            } else if (attributeDelta.is(ATTR_CONNECTION_GROUPS)) {
                list5 = attributeDelta.getValuesToAdd();
                list6 = attributeDelta.getValuesToRemove();
            } else if (attributeDelta.is(ATTR_USER_PERMISSIONS)) {
                list7 = attributeDelta.getValuesToAdd();
                list8 = attributeDelta.getValuesToRemove();
            } else if (attributeDelta.is(ATTR_SYSTEM_PERMISSIONS)) {
                list9 = attributeDelta.getValuesToAdd();
                list10 = attributeDelta.getValuesToRemove();
            } else {
                hashSet.add(attributeDelta);
            }
        }
        try {
            if (!hashSet.isEmpty()) {
                this.client.updateUser(this.schema, uid, hashSet, operationOptions);
            }
            this.associationHandler.updateUserGroupsToUser(uid, list, list2);
            this.associationHandler.updateConnectionsToUser(uid, list3, list4);
            this.associationHandler.updateConnectionGroupsToUser(uid, list5, list6);
            this.associationHandler.updateUserPermissionsToUser(uid, list7, list8);
            this.associationHandler.updateSystemPermissionsToUser(uid, list9, list10);
            return null;
        } catch (UnknownUidException e) {
            LOGGER.warn("Not found user when updating. uid: {0}", new Object[]{uid});
            throw e;
        }
    }

    @Override // jp.openstandia.connector.guacamole.GuacamoleObjectHandler
    public void delete(Uid uid, OperationOptions operationOptions) {
        try {
            this.client.deleteUser(this.schema, uid, operationOptions);
        } catch (UnknownUidException e) {
            LOGGER.warn("Not found user when deleting. uid: {0}", new Object[]{uid});
            throw e;
        }
    }

    @Override // jp.openstandia.connector.guacamole.GuacamoleObjectHandler
    public void query(GuacamoleFilter guacamoleFilter, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        Set<String> createFullAttributesToGet = GuacamoleUtils.createFullAttributesToGet(this.schema.userSchema, operationOptions);
        boolean shouldAllowPartialAttributeValues = GuacamoleUtils.shouldAllowPartialAttributeValues(operationOptions);
        if (guacamoleFilter == null || !(guacamoleFilter.isByUid() || guacamoleFilter.isByName())) {
            this.client.getUsers(this.schema, guacamoleUserRepresentation -> {
                return resultsHandler.handle(toConnectorObject(guacamoleUserRepresentation, createFullAttributesToGet, shouldAllowPartialAttributeValues));
            }, operationOptions, createFullAttributesToGet, -1);
        } else {
            get(guacamoleFilter.attributeValue, resultsHandler, operationOptions, createFullAttributesToGet, shouldAllowPartialAttributeValues);
        }
    }

    private void get(String str, ResultsHandler resultsHandler, OperationOptions operationOptions, Set<String> set, boolean z) {
        GuacamoleClient.GuacamoleUserRepresentation user = this.client.getUser(this.schema, new Uid(str), operationOptions, set);
        if (user != null) {
            resultsHandler.handle(toConnectorObject(user, set, z));
        }
    }

    private ConnectorObject toConnectorObject(GuacamoleClient.GuacamoleUserRepresentation guacamoleUserRepresentation, Set<String> set, boolean z) {
        List list;
        List list2;
        List<String> list3;
        List<String> list4;
        ConnectorObjectBuilder name = new ConnectorObjectBuilder().setObjectClass(USER_OBJECT_CLASS).setUid(guacamoleUserRepresentation.username).setName(guacamoleUserRepresentation.username);
        if (GuacamoleUtils.shouldReturn(set, OperationalAttributes.ENABLE_NAME)) {
            name.addAttribute(new Attribute[]{AttributeBuilder.buildEnabled(guacamoleUserRepresentation.isEnabled())});
        }
        for (GuacamoleAttribute guacamoleAttribute : guacamoleUserRepresentation.toGuacamoleAttributes()) {
            AttributeInfo attributeInfo = this.schema.userSchema.get(guacamoleAttribute.name);
            if (attributeInfo != null && guacamoleAttribute.value != null && GuacamoleUtils.shouldReturn(set, attributeInfo.getName())) {
                name.addAttribute(new Attribute[]{GuacamoleUtils.toConnectorAttribute(attributeInfo, guacamoleAttribute)});
            }
        }
        if (z) {
            LOGGER.ok("Suppress fetching associations because return partial attribute values is requested", new Object[0]);
            Stream.of((Object[]) new String[]{ATTR_USER_GROUPS, ATTR_CONNECTIONS, ATTR_USER_PERMISSIONS, ATTR_SYSTEM_PERMISSIONS}).forEach(str -> {
                AttributeBuilder attributeBuilder = new AttributeBuilder();
                attributeBuilder.setName(str).setAttributeValueCompleteness(AttributeValueCompleteness.INCOMPLETE);
                attributeBuilder.addValue(Collections.EMPTY_LIST);
                name.addAttribute(new Attribute[]{attributeBuilder.build()});
            });
        } else if (set == null) {
            LOGGER.ok("Suppress fetching associations because returned by default is true", new Object[0]);
        } else {
            if (GuacamoleUtils.shouldReturn(set, ATTR_USER_GROUPS)) {
                LOGGER.ok("Fetching userGroups because attributes to get is requested", new Object[0]);
                name.addAttribute(ATTR_USER_GROUPS, this.associationHandler.getUserGroupsForUser(guacamoleUserRepresentation.username));
            }
            if (GuacamoleUtils.shouldReturn(set, ATTR_USER_PERMISSIONS) || GuacamoleUtils.shouldReturn(set, ATTR_SYSTEM_PERMISSIONS) || GuacamoleUtils.shouldReturn(set, ATTR_CONNECTIONS) || GuacamoleUtils.shouldReturn(set, ATTR_CONNECTION_GROUPS)) {
                LOGGER.ok("Fetching permissions because attributes to get is requested", new Object[0]);
                GuacamoleClient.GuacamolePermissionRepresentation permissionsForUser = this.client.getPermissionsForUser(guacamoleUserRepresentation.username);
                if (GuacamoleUtils.shouldReturn(set, ATTR_USER_PERMISSIONS) && (list4 = permissionsForUser.userPermissions.get(guacamoleUserRepresentation.username)) != null) {
                    name.addAttribute(ATTR_USER_PERMISSIONS, (List) list4.stream().filter(str2 -> {
                        return !str2.equals("READ");
                    }).collect(Collectors.toList()));
                }
                if (GuacamoleUtils.shouldReturn(set, ATTR_SYSTEM_PERMISSIONS) && (list3 = permissionsForUser.systemPermissions) != null) {
                    name.addAttribute(ATTR_SYSTEM_PERMISSIONS, list3);
                }
                if (GuacamoleUtils.shouldReturn(set, ATTR_CONNECTIONS) && (list2 = (List) permissionsForUser.connectionPermissions.entrySet().stream().filter(entry -> {
                    return ((List) entry.getValue()).contains("READ");
                }).map(entry2 -> {
                    return (String) entry2.getKey();
                }).collect(Collectors.toList())) != null) {
                    name.addAttribute(ATTR_CONNECTIONS, list2);
                }
                if (GuacamoleUtils.shouldReturn(set, ATTR_CONNECTION_GROUPS) && (list = (List) permissionsForUser.connectionGroupPermissions.entrySet().stream().filter(entry3 -> {
                    return ((List) entry3.getValue()).contains("READ");
                }).map(entry4 -> {
                    return (String) entry4.getKey();
                }).collect(Collectors.toList())) != null) {
                    name.addAttribute(ATTR_CONNECTION_GROUPS, list);
                }
            }
        }
        return name.build();
    }
}
