package id.onyx.obdp.server.controller.internal;

import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Sets;
import id.onyx.obdp.server.OBDPException;
import id.onyx.obdp.server.api.services.BaseService;
import id.onyx.obdp.server.configuration.Configuration;
import id.onyx.obdp.server.controller.LdapSyncRequest;
import id.onyx.obdp.server.controller.OBDPManagementController;
import id.onyx.obdp.server.controller.internal.AbstractResourceProvider;
import id.onyx.obdp.server.controller.spi.NoSuchParentResourceException;
import id.onyx.obdp.server.controller.spi.NoSuchResourceException;
import id.onyx.obdp.server.controller.spi.Predicate;
import id.onyx.obdp.server.controller.spi.Request;
import id.onyx.obdp.server.controller.spi.RequestStatus;
import id.onyx.obdp.server.controller.spi.Resource;
import id.onyx.obdp.server.controller.spi.ResourceAlreadyExistsException;
import id.onyx.obdp.server.controller.spi.SystemException;
import id.onyx.obdp.server.controller.spi.UnsupportedPropertyException;
import id.onyx.obdp.server.controller.utilities.PropertyHelper;
import id.onyx.obdp.server.orm.DBAccessorImpl;
import id.onyx.obdp.server.orm.entities.LdapSyncEventEntity;
import id.onyx.obdp.server.orm.entities.LdapSyncSpecEntity;
import id.onyx.obdp.server.security.authorization.AuthorizationException;
import id.onyx.obdp.server.security.authorization.AuthorizationHelper;
import id.onyx.obdp.server.security.authorization.ResourceType;
import id.onyx.obdp.server.security.authorization.RoleAuthorization;
import id.onyx.obdp.server.security.ldap.LdapBatchDto;
import java.util.Arrays;
import java.util.Collections;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Queue;
import java.util.Set;
import java.util.concurrent.ConcurrentSkipListMap;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicLong;
import javax.naming.OperationNotSupportedException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:id/onyx/obdp/server/controller/internal/LdapSyncEventResourceProvider.class */
public class LdapSyncEventResourceProvider extends AbstractControllerResourceProvider {
    private static ExecutorService executorService;
    private static final int THREAD_POOL_CORE_SIZE = 2;
    private static final int THREAD_POOL_MAX_SIZE = 5;
    private static final long THREAD_POOL_TIMEOUT = 1000;
    private static final String PRINCIPAL_TYPE_SPEC_KEY = "principal_type";
    private static final String SYNC_TYPE_SPEC_KEY = "sync_type";
    private static final String POST_PROCESS_EXISTING_USERS_SPEC_KEY = "post_process_existing_users";
    private static final String NAMES_SPEC_KEY = "names";
    private final Map<Long, LdapSyncEventEntity> events;
    private final Queue<LdapSyncEventEntity> eventQueue;
    private volatile boolean processingEvents;
    private AtomicLong nextEventId;
    public static final String EVENT_ID_PROPERTY_ID = "Event/id";
    private static final Map<Resource.Type, String> keyPropertyIds = ImmutableMap.builder().put(Resource.Type.LdapSyncEvent, EVENT_ID_PROPERTY_ID).build();
    public static final String EVENT_STATUS_PROPERTY_ID = "Event/status";
    public static final String EVENT_STATUS_DETAIL_PROPERTY_ID = "Event/status_detail";
    public static final String EVENT_START_TIME_PROPERTY_ID = "Event/sync_time/start";
    public static final String EVENT_END_TIME_PROPERTY_ID = "Event/sync_time/end";
    public static final String USERS_CREATED_PROPERTY_ID = "Event/summary/users/created";
    public static final String USERS_UPDATED_PROPERTY_ID = "Event/summary/users/updated";
    public static final String USERS_REMOVED_PROPERTY_ID = "Event/summary/users/removed";
    public static final String USERS_SKIPPED_PROPERTY_ID = "Event/summary/users/skipped";
    public static final String GROUPS_CREATED_PROPERTY_ID = "Event/summary/groups/created";
    public static final String GROUPS_UPDATED_PROPERTY_ID = "Event/summary/groups/updated";
    public static final String GROUPS_REMOVED_PROPERTY_ID = "Event/summary/groups/removed";
    public static final String MEMBERSHIPS_CREATED_PROPERTY_ID = "Event/summary/memberships/created";
    public static final String MEMBERSHIPS_REMOVED_PROPERTY_ID = "Event/summary/memberships/removed";
    public static final String EVENT_SPECS_PROPERTY_ID = "Event/specs";
    private static final Set<String> propertyIds = Sets.newHashSet(new String[]{EVENT_ID_PROPERTY_ID, EVENT_STATUS_PROPERTY_ID, EVENT_STATUS_DETAIL_PROPERTY_ID, EVENT_START_TIME_PROPERTY_ID, EVENT_END_TIME_PROPERTY_ID, USERS_CREATED_PROPERTY_ID, USERS_UPDATED_PROPERTY_ID, USERS_REMOVED_PROPERTY_ID, USERS_SKIPPED_PROPERTY_ID, GROUPS_CREATED_PROPERTY_ID, GROUPS_UPDATED_PROPERTY_ID, GROUPS_REMOVED_PROPERTY_ID, MEMBERSHIPS_CREATED_PROPERTY_ID, MEMBERSHIPS_REMOVED_PROPERTY_ID, EVENT_SPECS_PROPERTY_ID});
    private static final Logger LOG = LoggerFactory.getLogger(LdapSyncEventResourceProvider.class);

    public LdapSyncEventResourceProvider(OBDPManagementController oBDPManagementController) {
        super(Resource.Type.LdapSyncEvent, propertyIds, keyPropertyIds, oBDPManagementController);
        this.events = new ConcurrentSkipListMap();
        this.eventQueue = new LinkedList();
        this.processingEvents = false;
        this.nextEventId = new AtomicLong(1L);
        EnumSet of = EnumSet.of(RoleAuthorization.OBDP_MANAGE_GROUPS, RoleAuthorization.OBDP_MANAGE_USERS);
        setRequiredCreateAuthorizations(of);
        setRequiredDeleteAuthorizations(of);
    }

    @Override // id.onyx.obdp.server.controller.internal.AbstractAuthorizedResourceProvider
    public RequestStatus createResourcesAuthorized(Request request) throws SystemException, UnsupportedPropertyException, ResourceAlreadyExistsException, NoSuchParentResourceException {
        HashSet<LdapSyncEventEntity> hashSet = new HashSet();
        Iterator<Map<String, Object>> it = request.getProperties().iterator();
        while (it.hasNext()) {
            hashSet.add((LdapSyncEventEntity) createResources(getCreateCommand(it.next())));
        }
        notifyCreate(Resource.Type.ViewInstance, request);
        HashSet hashSet2 = new HashSet();
        for (LdapSyncEventEntity ldapSyncEventEntity : hashSet) {
            ResourceImpl resourceImpl = new ResourceImpl(Resource.Type.LdapSyncEvent);
            resourceImpl.setProperty(EVENT_ID_PROPERTY_ID, Long.valueOf(ldapSyncEventEntity.getId()));
            hashSet2.add(resourceImpl);
            synchronized (this.eventQueue) {
                this.eventQueue.offer(ldapSyncEventEntity);
            }
        }
        ensureEventProcessor();
        return getRequestStatus(null, hashSet2);
    }

    @Override // id.onyx.obdp.server.controller.internal.AbstractAuthorizedResourceProvider, id.onyx.obdp.server.controller.spi.ResourceProvider
    public Set<Resource> getResources(Request request, Predicate predicate) throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {
        HashSet hashSet = new HashSet();
        Set<String> requestPropertyIds = getRequestPropertyIds(request, predicate);
        Iterator<LdapSyncEventEntity> it = this.events.values().iterator();
        while (it.hasNext()) {
            hashSet.add(toResource(it.next(), requestPropertyIds));
        }
        return hashSet;
    }

    @Override // id.onyx.obdp.server.controller.internal.AbstractAuthorizedResourceProvider, id.onyx.obdp.server.controller.spi.ResourceProvider
    public RequestStatus updateResources(Request request, Predicate predicate) throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {
        throw new UnsupportedOperationException("Not supported.");
    }

    @Override // id.onyx.obdp.server.controller.internal.AbstractAuthorizedResourceProvider
    public RequestStatus deleteResourcesAuthorized(Request request, Predicate predicate) throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {
        modifyResources(getDeleteCommand(predicate));
        notifyDelete(Resource.Type.ViewInstance, predicate);
        return getRequestStatus(null);
    }

    @Override // id.onyx.obdp.server.controller.internal.AbstractResourceProvider, id.onyx.obdp.server.controller.spi.ResourceProvider
    public Map<Resource.Type, String> getKeyPropertyIds() {
        return keyPropertyIds;
    }

    @Override // id.onyx.obdp.server.controller.internal.AbstractResourceProvider
    protected Set<String> getPKPropertyIds() {
        return new HashSet(keyPropertyIds.values());
    }

    protected void ensureEventProcessor() {
        if (this.processingEvents) {
            return;
        }
        synchronized (this.eventQueue) {
            if (!this.processingEvents) {
                this.processingEvents = true;
                getExecutorService().submit(new Runnable() { // from class: id.onyx.obdp.server.controller.internal.LdapSyncEventResourceProvider.1
                    @Override // java.lang.Runnable
                    public void run() {
                        LdapSyncEventResourceProvider.this.processSyncEvents();
                    }
                });
            }
        }
    }

    private Resource toResource(LdapSyncEventEntity ldapSyncEventEntity, Set<String> set) {
        ResourceImpl resourceImpl = new ResourceImpl(Resource.Type.LdapSyncEvent);
        setResourceProperty(resourceImpl, EVENT_ID_PROPERTY_ID, Long.valueOf(ldapSyncEventEntity.getId()), set);
        setResourceProperty(resourceImpl, EVENT_STATUS_PROPERTY_ID, ldapSyncEventEntity.getStatus().toString().toUpperCase(), set);
        setResourceProperty(resourceImpl, EVENT_STATUS_DETAIL_PROPERTY_ID, ldapSyncEventEntity.getStatusDetail(), set);
        setResourceProperty(resourceImpl, USERS_CREATED_PROPERTY_ID, ldapSyncEventEntity.getUsersCreated(), set);
        setResourceProperty(resourceImpl, USERS_UPDATED_PROPERTY_ID, ldapSyncEventEntity.getUsersUpdated(), set);
        setResourceProperty(resourceImpl, USERS_REMOVED_PROPERTY_ID, ldapSyncEventEntity.getUsersRemoved(), set);
        setResourceProperty(resourceImpl, USERS_SKIPPED_PROPERTY_ID, ldapSyncEventEntity.getUsersSkipped(), set);
        setResourceProperty(resourceImpl, GROUPS_CREATED_PROPERTY_ID, ldapSyncEventEntity.getGroupsCreated(), set);
        setResourceProperty(resourceImpl, GROUPS_UPDATED_PROPERTY_ID, ldapSyncEventEntity.getGroupsUpdated(), set);
        setResourceProperty(resourceImpl, GROUPS_REMOVED_PROPERTY_ID, ldapSyncEventEntity.getGroupsRemoved(), set);
        setResourceProperty(resourceImpl, MEMBERSHIPS_CREATED_PROPERTY_ID, ldapSyncEventEntity.getMembershipsCreated(), set);
        setResourceProperty(resourceImpl, MEMBERSHIPS_REMOVED_PROPERTY_ID, ldapSyncEventEntity.getMembershipsRemoved(), set);
        HashSet hashSet = new HashSet();
        for (LdapSyncSpecEntity ldapSyncSpecEntity : ldapSyncEventEntity.getSpecs()) {
            HashMap hashMap = new HashMap();
            hashMap.put("principal_type", ldapSyncSpecEntity.getPrincipalType().toString().toLowerCase());
            hashMap.put(SYNC_TYPE_SPEC_KEY, ldapSyncSpecEntity.getSyncType().toString().toLowerCase());
            List<String> principalNames = ldapSyncSpecEntity.getPrincipalNames();
            if (!principalNames.isEmpty()) {
                hashMap.put(NAMES_SPEC_KEY, principalNames.toString().replace("[", Configuration.JDBC_IN_MEMORY_PASSWORD).replace("]", Configuration.JDBC_IN_MEMORY_PASSWORD).replace(BaseService.FIELDS_SEPARATOR, ","));
            }
            hashSet.add(hashMap);
        }
        setResourceProperty(resourceImpl, EVENT_SPECS_PROPERTY_ID, hashSet, set);
        setResourceProperty(resourceImpl, EVENT_START_TIME_PROPERTY_ID, Long.valueOf(ldapSyncEventEntity.getStartTime()), set);
        setResourceProperty(resourceImpl, EVENT_END_TIME_PROPERTY_ID, Long.valueOf(ldapSyncEventEntity.getEndTime()), set);
        return resourceImpl;
    }

    private LdapSyncEventEntity toEntity(Map<String, Object> map) {
        LdapSyncEventEntity ldapSyncEventEntity = new LdapSyncEventEntity(getNextEventId());
        LinkedList linkedList = new LinkedList();
        for (Map map2 : (Set) map.get(EVENT_SPECS_PROPERTY_ID)) {
            LdapSyncSpecEntity.SyncType syncType = null;
            LdapSyncSpecEntity.PrincipalType principalType = null;
            boolean z = false;
            List emptyList = Collections.emptyList();
            for (Map.Entry entry : map2.entrySet()) {
                String str = (String) entry.getKey();
                if (str.equalsIgnoreCase("principal_type")) {
                    principalType = LdapSyncSpecEntity.PrincipalType.valueOfIgnoreCase((String) entry.getValue());
                } else if (str.equalsIgnoreCase(SYNC_TYPE_SPEC_KEY)) {
                    syncType = LdapSyncSpecEntity.SyncType.valueOfIgnoreCase((String) entry.getValue());
                } else if (str.equalsIgnoreCase(NAMES_SPEC_KEY)) {
                    emptyList = Arrays.asList(((String) entry.getValue()).split("\\s*,\\s*"));
                } else {
                    if (!str.equalsIgnoreCase(POST_PROCESS_EXISTING_USERS_SPEC_KEY)) {
                        throw new IllegalArgumentException("Unknown spec key " + str + ".");
                    }
                    z = DBAccessorImpl.TRUE.equalsIgnoreCase((String) entry.getValue());
                }
            }
            if (syncType == null || principalType == null) {
                throw new IllegalArgumentException("LDAP event spec must include both sync-type and principal-type.");
            }
            linkedList.add(new LdapSyncSpecEntity(principalType, syncType, emptyList, z));
        }
        ldapSyncEventEntity.setSpecs(linkedList);
        return ldapSyncEventEntity;
    }

    private long getNextEventId() {
        return this.nextEventId.getAndIncrement();
    }

    private AbstractResourceProvider.Command<LdapSyncEventEntity> getCreateCommand(final Map<String, Object> map) {
        return new AbstractResourceProvider.Command<LdapSyncEventEntity>() { // from class: id.onyx.obdp.server.controller.internal.LdapSyncEventResourceProvider.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // id.onyx.obdp.server.controller.internal.AbstractResourceProvider.Command
            public LdapSyncEventEntity invoke() throws OBDPException, AuthorizationException {
                LdapSyncEventEntity entity = LdapSyncEventResourceProvider.this.toEntity(map);
                Iterator<LdapSyncSpecEntity> it = entity.getSpecs().iterator();
                while (it.hasNext()) {
                    if (it.next().getPrincipalType() == LdapSyncSpecEntity.PrincipalType.USERS) {
                        if (!AuthorizationHelper.isAuthorized(ResourceType.OBDP, (Long) null, RoleAuthorization.OBDP_MANAGE_USERS)) {
                            throw new AuthorizationException("The uthenticated user is not authorized to syng LDAP users");
                        }
                    } else if (!AuthorizationHelper.isAuthorized(ResourceType.OBDP, (Long) null, RoleAuthorization.OBDP_MANAGE_GROUPS)) {
                        throw new AuthorizationException("The uthenticated user is not authorized to syng LDAP groups");
                    }
                }
                LdapSyncEventResourceProvider.this.events.put(Long.valueOf(entity.getId()), entity);
                return entity;
            }
        };
    }

    private AbstractResourceProvider.Command<Void> getDeleteCommand(final Predicate predicate) {
        return new AbstractResourceProvider.Command<Void>() { // from class: id.onyx.obdp.server.controller.internal.LdapSyncEventResourceProvider.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // id.onyx.obdp.server.controller.internal.AbstractResourceProvider.Command
            public Void invoke() throws OBDPException {
                Set<String> requestPropertyIds = LdapSyncEventResourceProvider.this.getRequestPropertyIds(PropertyHelper.getReadRequest(new String[0]), predicate);
                HashSet hashSet = new HashSet();
                for (LdapSyncEventEntity ldapSyncEventEntity : LdapSyncEventResourceProvider.this.events.values()) {
                    Resource resource = LdapSyncEventResourceProvider.this.toResource(ldapSyncEventEntity, requestPropertyIds);
                    if (predicate == null || predicate.evaluate(resource)) {
                        hashSet.add(ldapSyncEventEntity);
                    }
                }
                Iterator it = hashSet.iterator();
                while (it.hasNext()) {
                    LdapSyncEventResourceProvider.this.events.remove(Long.valueOf(((LdapSyncEventEntity) it.next()).getId()));
                }
                return null;
            }
        };
    }

    private static synchronized ExecutorService getExecutorService() {
        if (executorService == null) {
            ThreadPoolExecutor threadPoolExecutor = new ThreadPoolExecutor(2, 5, THREAD_POOL_TIMEOUT, TimeUnit.MILLISECONDS, new LinkedBlockingQueue());
            threadPoolExecutor.allowCoreThreadTimeOut(true);
            executorService = threadPoolExecutor;
        }
        return executorService;
    }

    private void processSyncEvents() {
        LdapSyncEventEntity poll;
        String str;
        while (this.processingEvents) {
            synchronized (this.eventQueue) {
                if (!this.processingEvents) {
                    return;
                }
                poll = this.eventQueue.poll();
                if (poll == null) {
                    this.processingEvents = false;
                    return;
                }
            }
            poll.setStatus(LdapSyncEventEntity.Status.RUNNING);
            poll.setStatusDetail("Running LDAP sync.");
            poll.setStartTime(System.currentTimeMillis());
            try {
                try {
                    populateLdapSyncEvent(poll, syncLdap(poll));
                    poll.setStatus(LdapSyncEventEntity.Status.COMPLETE);
                    poll.setStatusDetail("Completed LDAP sync.");
                    poll.setEndTime(System.currentTimeMillis());
                } catch (Exception e) {
                    poll.setStatus(LdapSyncEventEntity.Status.ERROR);
                    str = "Caught exception running LDAP sync. ";
                    str = e.getCause() instanceof OperationNotSupportedException ? str + "LDAP server may not support search results pagination. Try to turn the pagination off." : "Caught exception running LDAP sync. ";
                    poll.setStatusDetail(str + e.getMessage());
                    LOG.error(str, e);
                    poll.setEndTime(System.currentTimeMillis());
                }
            } catch (Throwable th) {
                poll.setEndTime(System.currentTimeMillis());
                throw th;
            }
        }
    }

    private LdapBatchDto syncLdap(LdapSyncEventEntity ldapSyncEventEntity) throws OBDPException {
        LdapSyncRequest ldapSyncRequest = null;
        LdapSyncRequest ldapSyncRequest2 = null;
        for (LdapSyncSpecEntity ldapSyncSpecEntity : ldapSyncEventEntity.getSpecs()) {
            switch (ldapSyncSpecEntity.getPrincipalType()) {
                case USERS:
                    ldapSyncRequest = getLdapRequest(ldapSyncRequest, ldapSyncSpecEntity);
                    break;
                case GROUPS:
                    ldapSyncRequest2 = getLdapRequest(ldapSyncRequest2, ldapSyncSpecEntity);
                    break;
            }
        }
        return getManagementController().synchronizeLdapUsersAndGroups(ldapSyncRequest, ldapSyncRequest2);
    }

    private LdapSyncRequest getLdapRequest(LdapSyncRequest ldapSyncRequest, LdapSyncSpecEntity ldapSyncSpecEntity) {
        switch (ldapSyncSpecEntity.getSyncType()) {
            case ALL:
                return new LdapSyncRequest(LdapSyncSpecEntity.SyncType.ALL, ldapSyncSpecEntity.getPostProcessExistingUsers());
            case EXISTING:
                return new LdapSyncRequest(LdapSyncSpecEntity.SyncType.EXISTING, ldapSyncSpecEntity.getPostProcessExistingUsers());
            case SPECIFIC:
                HashSet hashSet = new HashSet(ldapSyncSpecEntity.getPrincipalNames());
                if (ldapSyncRequest != null) {
                    ldapSyncRequest.addPrincipalNames(hashSet);
                    break;
                } else {
                    ldapSyncRequest = new LdapSyncRequest(LdapSyncSpecEntity.SyncType.SPECIFIC, hashSet, ldapSyncSpecEntity.getPostProcessExistingUsers());
                    break;
                }
        }
        return ldapSyncRequest;
    }

    private void populateLdapSyncEvent(LdapSyncEventEntity ldapSyncEventEntity, LdapBatchDto ldapBatchDto) {
        ldapSyncEventEntity.setUsersCreated(Integer.valueOf(ldapBatchDto.getUsersToBeCreated().size()));
        ldapSyncEventEntity.setUsersUpdated(Integer.valueOf(ldapBatchDto.getUsersToBecomeLdap().size()));
        ldapSyncEventEntity.setUsersRemoved(Integer.valueOf(ldapBatchDto.getUsersToBeRemoved().size()));
        ldapSyncEventEntity.setUsersSkipped(Integer.valueOf(ldapBatchDto.getUsersSkipped().size()));
        ldapSyncEventEntity.setGroupsCreated(Integer.valueOf(ldapBatchDto.getGroupsToBeCreated().size()));
        ldapSyncEventEntity.setGroupsUpdated(Integer.valueOf(ldapBatchDto.getGroupsToBecomeLdap().size()));
        ldapSyncEventEntity.setGroupsRemoved(Integer.valueOf(ldapBatchDto.getGroupsToBeRemoved().size()));
        ldapSyncEventEntity.setMembershipsCreated(Integer.valueOf(ldapBatchDto.getMembershipToAdd().size()));
        ldapSyncEventEntity.setMembershipsRemoved(Integer.valueOf(ldapBatchDto.getMembershipToRemove().size()));
    }
}
