package com.clusterra.iam.demo.application;

import com.clusterra.iam.avatar.application.AvatarImageResizeException;
import com.clusterra.iam.avatar.application.AvatarService;
import com.clusterra.iam.avatar.domain.model.AvatarType;
import com.clusterra.iam.core.application.group.GroupAlreadyExistsException;
import com.clusterra.iam.core.application.group.GroupDescriptor;
import com.clusterra.iam.core.application.group.GroupService;
import com.clusterra.iam.core.application.membership.AuthorizedMembershipService;
import com.clusterra.iam.core.application.role.ActionAlreadyAllowedException;
import com.clusterra.iam.core.application.role.ActionAlreadyExistsException;
import com.clusterra.iam.core.application.role.ActionDescriptor;
import com.clusterra.iam.core.application.role.ActionService;
import com.clusterra.iam.core.application.role.RoleAlreadyExistsException;
import com.clusterra.iam.core.application.role.RoleDescriptor;
import com.clusterra.iam.core.application.role.RoleNotFoundException;
import com.clusterra.iam.core.application.role.RoleService;
import com.clusterra.iam.core.application.tenant.InvalidTenantNameException;
import com.clusterra.iam.core.application.tenant.TenantAlreadyExistsException;
import com.clusterra.iam.core.application.tenant.TenantCommandService;
import com.clusterra.iam.core.application.tenant.TenantId;
import com.clusterra.iam.core.application.tenant.TenantNotFoundException;
import com.clusterra.iam.core.application.tenant.TenantQueryService;
import com.clusterra.iam.core.application.tenant.event.TenantActivatedEvent;
import com.clusterra.iam.core.application.user.EmailAlreadyExistsException;
import com.clusterra.iam.core.application.user.InvalidEmailException;
import com.clusterra.iam.core.application.user.LoginAlreadyExistsException;
import com.clusterra.iam.core.application.user.UserCommandService;
import com.clusterra.iam.core.application.user.UserId;
import com.clusterra.iam.core.domain.model.tenant.Tenant;
import com.clusterra.iam.core.domain.model.user.User;
import com.clusterra.iam.demo.application.config.TenantConfig;
import com.clusterra.iam.demo.application.config.UserConfig;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Service
/* loaded from: input_file:com/clusterra/iam/demo/application/DemoTenantServiceImpl.class */
public class DemoTenantServiceImpl implements DemoTenantService {
    private static Logger logger = LoggerFactory.getLogger(DemoTenantServiceImpl.class);

    @Autowired
    private UserCommandService userCommandService;

    @Autowired
    private RoleService roleService;

    @Autowired
    private TenantQueryService tenantQueryService;

    @Autowired
    private GroupService groupService;

    @Autowired
    private AuthorizedMembershipService authorizedMembershipService;

    @Autowired
    private ActionService actionService;

    @Autowired
    private TenantCommandService tenantCommandService;

    @Autowired
    private AvatarService avatarService;

    @Autowired
    private ApplicationEventPublisher publisher;

    @Override // com.clusterra.iam.demo.application.DemoTenantService
    @Transactional
    public void create(TenantConfig tenantConfig) throws EmailAlreadyExistsException, TenantAlreadyExistsException, InvalidEmailException, RoleAlreadyExistsException, LoginAlreadyExistsException, TenantNotFoundException, InvalidTenantNameException {
        if (this.tenantQueryService.isNameTaken(tenantConfig.getName())) {
            logger.info("skipping tenant creation '{}' as it already exists", tenantConfig.getName());
            return;
        }
        Tenant create = this.tenantCommandService.create(tenantConfig.getName(), tenantConfig.getAdmin().getEmail());
        this.publisher.publishEvent(new TenantActivatedEvent(this, new TenantId(create.getId()), tenantConfig.getAdmin().getLogin(), tenantConfig.getAdmin().getPassword(), tenantConfig.getAdmin().getEmail(), tenantConfig.getAdmin().getFirstName(), tenantConfig.getAdmin().getLastName()));
        TenantId tenantId = new TenantId(create.getId());
        try {
            this.tenantCommandService.updateAvatar(tenantId, this.avatarService.newAvatar(AvatarType.TENANT, tenantConfig.getAvatarResource()).getId());
            for (UserConfig userConfig : tenantConfig.getUserConfigs()) {
                User create2 = this.userCommandService.create(tenantId, userConfig.getLogin(), userConfig.getEmail(), userConfig.getPassword(), userConfig.getFirstName(), userConfig.getLastName());
                UserId userId = new UserId(create2.getId());
                logger.info("user login={} for tenant={} created...", userConfig.getLogin(), tenantConfig.getName());
                List asList = Arrays.asList(StringUtils.split(userConfig.getRoles(), ","));
                try {
                    GroupDescriptor createGroup = this.groupService.createGroup(tenantId, create.getName() + RandomStringUtils.randomAlphabetic(5));
                    Iterator it = asList.iterator();
                    while (it.hasNext()) {
                        RoleDescriptor roleDescriptor = setupRole(tenantId, (String) it.next());
                        this.authorizedMembershipService.createAuthorizedMembershipIfNotExists(tenantId, userId, roleDescriptor, createGroup);
                        logger.info("role name={}, user={}, tenant={} assigned...", new Object[]{roleDescriptor.getRoleName(), create2.getLogin(), create.getName()});
                    }
                    this.authorizedMembershipService.createAuthorizedMembershipIfNotExists(tenantId, userId, this.roleService.findOrCreateRole(tenantId, "User"), createGroup);
                } catch (GroupAlreadyExistsException e) {
                    throw new RuntimeException((Throwable) e);
                }
            }
        } catch (AvatarImageResizeException e2) {
            throw new RuntimeException((Throwable) e2);
        }
    }

    public RoleDescriptor setupRole(TenantId tenantId, String str) {
        try {
            RoleDescriptor createRoleIfNotExists = createRoleIfNotExists(tenantId, str);
            allowActionsForRole(createRoleIfNotExists, Arrays.asList("See Personal Details"));
            return createRoleIfNotExists;
        } catch (RoleAlreadyExistsException | RoleNotFoundException | ActionAlreadyExistsException | ActionAlreadyAllowedException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    private void allowActionsForRole(RoleDescriptor roleDescriptor, List<String> list) throws ActionAlreadyExistsException, ActionAlreadyAllowedException {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            ActionDescriptor createActionIfNotExists = createActionIfNotExists(it.next());
            if (!this.actionService.isActionAllowed(createActionIfNotExists, roleDescriptor)) {
                this.actionService.allowActionForRole(createActionIfNotExists, roleDescriptor);
            }
        }
    }

    private RoleDescriptor createRoleIfNotExists(TenantId tenantId, String str) throws RoleAlreadyExistsException, RoleNotFoundException {
        if (this.roleService.isRoleNameTaken(tenantId, str)) {
            return this.roleService.findRoleByName(tenantId, str);
        }
        logger.info("creating new role:" + str);
        return this.roleService.createRole(tenantId, str);
    }

    private ActionDescriptor createActionIfNotExists(String str) throws ActionAlreadyExistsException {
        ActionDescriptor findActionByName = this.actionService.findActionByName(str);
        if (findActionByName != null) {
            return findActionByName;
        }
        logger.info("creating new action:" + str);
        return this.actionService.createAction(str);
    }
}
