package pl.edu.icm.unity.engine.project;

import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import java.util.ArrayList;
import java.util.Deque;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.MessageSource;
import pl.edu.icm.unity.engine.api.AttributeTypeManagement;
import pl.edu.icm.unity.engine.api.EnquiryManagement;
import pl.edu.icm.unity.engine.api.EntityManagement;
import pl.edu.icm.unity.engine.api.GroupsManagement;
import pl.edu.icm.unity.engine.api.RegistrationsManagement;
import pl.edu.icm.unity.engine.api.bulk.BulkGroupQueryService;
import pl.edu.icm.unity.engine.api.project.DelegatedGroup;
import pl.edu.icm.unity.engine.api.project.DelegatedGroupContents;
import pl.edu.icm.unity.engine.api.project.DelegatedGroupManagement;
import pl.edu.icm.unity.engine.api.project.DelegatedGroupMember;
import pl.edu.icm.unity.engine.api.project.GroupAuthorizationRole;
import pl.edu.icm.unity.engine.api.project.SubprojectGroupDelegationConfiguration;
import pl.edu.icm.unity.engine.api.utils.CodeGenerator;
import pl.edu.icm.unity.engine.api.utils.GroupDelegationConfigGenerator;
import pl.edu.icm.unity.engine.attribute.AttributesHelper;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.exceptions.InternalException;
import pl.edu.icm.unity.store.api.tx.Transactional;
import pl.edu.icm.unity.types.I18nString;
import pl.edu.icm.unity.types.basic.Attribute;
import pl.edu.icm.unity.types.basic.EntityParam;
import pl.edu.icm.unity.types.basic.Group;
import pl.edu.icm.unity.types.basic.GroupContents;
import pl.edu.icm.unity.types.basic.GroupDelegationConfiguration;
import pl.edu.icm.unity.types.basic.GroupMembership;
import pl.edu.icm.unity.types.basic.IdentityParam;
import pl.edu.icm.unity.types.basic.VerifiableElementBase;
import pl.edu.icm.unity.types.registration.EnquiryForm;
import pl.edu.icm.unity.types.registration.RegistrationForm;

@Component
@Primary
/* loaded from: input_file:pl/edu/icm/unity/engine/project/DelegatedGroupManagementImpl.class */
public class DelegatedGroupManagementImpl implements DelegatedGroupManagement {
    private GroupsManagement groupMan;
    private BulkGroupQueryService bulkQueryService;
    private ProjectAuthorizationManager authz;
    private AttributeTypeManagement attrTypeMan;
    private MessageSource msg;
    private AttributesHelper attrHelper;
    private EntityManagement identitiesMan;
    private ProjectAttributeHelper projectAttrHelper;
    private GroupDelegationConfigGenerator groupDelegationConfigGenerator;
    private RegistrationsManagement registrationsManagement;
    private EnquiryManagement enquiryManagement;

    /* loaded from: input_file:pl/edu/icm/unity/engine/project/DelegatedGroupManagementImpl$IllegalGroupAttributeException.class */
    public static class IllegalGroupAttributeException extends InternalException {
        public IllegalGroupAttributeException(String str, String str2) {
            super("Attribute " + str + " is not definded as read only attribute in project group (" + str2 + ") configuration");
        }
    }

    /* loaded from: input_file:pl/edu/icm/unity/engine/project/DelegatedGroupManagementImpl$IllegalGroupNameException.class */
    public static class IllegalGroupNameException extends InternalException {
        public IllegalGroupNameException() {
            super("Group name can not be empty or null");
        }
    }

    /* loaded from: input_file:pl/edu/icm/unity/engine/project/DelegatedGroupManagementImpl$OneManagerRemainsException.class */
    public static class OneManagerRemainsException extends InternalException {
        public OneManagerRemainsException(String str) {
            super("At least one manager should remains in group " + str);
        }
    }

    /* loaded from: input_file:pl/edu/icm/unity/engine/project/DelegatedGroupManagementImpl$RemovalOfProjectGroupException.class */
    public static class RemovalOfProjectGroupException extends InternalException {
        public RemovalOfProjectGroupException(String str) {
            super("Can not remove the main project group " + str);
        }
    }

    /* loaded from: input_file:pl/edu/icm/unity/engine/project/DelegatedGroupManagementImpl$RemovalOfSubProjectGroupException.class */
    public static class RemovalOfSubProjectGroupException extends InternalException {
        public RemovalOfSubProjectGroupException(String str) {
            super("Can not remove the sub-project group " + str);
        }
    }

    /* loaded from: input_file:pl/edu/icm/unity/engine/project/DelegatedGroupManagementImpl$RenameProjectGroupException.class */
    public static class RenameProjectGroupException extends InternalException {
        public RenameProjectGroupException(String str) {
            super("Can not rename the main project group " + str);
        }
    }

    @Autowired
    public DelegatedGroupManagementImpl(MessageSource messageSource, @Qualifier("insecure") GroupsManagement groupsManagement, @Qualifier("insecure") BulkGroupQueryService bulkGroupQueryService, @Qualifier("insecure") AttributeTypeManagement attributeTypeManagement, @Qualifier("insecure") EntityManagement entityManagement, AttributesHelper attributesHelper, @Qualifier("insecure") RegistrationsManagement registrationsManagement, @Qualifier("insecure") EnquiryManagement enquiryManagement, GroupDelegationConfigGenerator groupDelegationConfigGenerator, ProjectAttributeHelper projectAttributeHelper, ProjectAuthorizationManager projectAuthorizationManager) {
        this.msg = messageSource;
        this.authz = projectAuthorizationManager;
        this.groupMan = groupsManagement;
        this.identitiesMan = entityManagement;
        this.bulkQueryService = bulkGroupQueryService;
        this.attrTypeMan = attributeTypeManagement;
        this.attrHelper = attributesHelper;
        this.projectAttrHelper = projectAttributeHelper;
        this.groupDelegationConfigGenerator = groupDelegationConfigGenerator;
        this.registrationsManagement = registrationsManagement;
        this.enquiryManagement = enquiryManagement;
    }

    @Transactional
    public String addGroup(String str, String str2, I18nString i18nString, boolean z) throws EngineException {
        String generateMixedCharCode;
        this.authz.assertManagerAuthorization(str, str2);
        List subGroups = this.groupMan.getContents(str2, 1).getSubGroups();
        if (i18nString == null || i18nString.isEmpty()) {
            throw new IllegalGroupNameException();
        }
        do {
            generateMixedCharCode = CodeGenerator.generateMixedCharCode(5);
        } while (subGroups.contains(generateMixedCharCode));
        Group group = new Group(new Group(str2), generateMixedCharCode);
        group.setPublic(z);
        group.setDisplayedName(i18nString);
        this.groupMan.addGroup(group);
        return group.toString();
    }

    @Transactional
    public void removeGroup(String str, String str2) throws EngineException {
        this.authz.assertManagerAuthorization(str, str2);
        if (str.equals(str2)) {
            throw new RemovalOfProjectGroupException(str);
        }
        if (getGroupInternal(str2).getDelegationConfiguration().enabled) {
            throw new RemovalOfSubProjectGroupException(str);
        }
        this.groupMan.removeGroup(str2, true);
    }

    @Transactional
    public void removeProject(String str, String str2) throws EngineException {
        this.authz.assertProjectsAdminAuthorization(str, str2);
        if (str.equals(str2)) {
            throw new RemovalOfProjectGroupException(str);
        }
        Group groupInternal = getGroupInternal(str2);
        if (groupInternal.getDelegationConfiguration().enabled) {
            removeRelatedForms(groupInternal.getDelegationConfiguration());
        }
        this.groupMan.removeGroup(str2, true);
    }

    private void removeRelatedForms(GroupDelegationConfiguration groupDelegationConfiguration) throws EngineException {
        if (!Strings.isNullOrEmpty(groupDelegationConfiguration.registrationForm)) {
            this.registrationsManagement.removeFormWithoutDependencyChecking(groupDelegationConfiguration.registrationForm);
        }
        if (!Strings.isNullOrEmpty(groupDelegationConfiguration.signupEnquiryForm)) {
            this.enquiryManagement.removeEnquiryWithoutDependencyChecking(groupDelegationConfiguration.signupEnquiryForm);
        }
        if (Strings.isNullOrEmpty(groupDelegationConfiguration.membershipUpdateEnquiryForm)) {
            return;
        }
        this.enquiryManagement.removeEnquiryWithoutDependencyChecking(groupDelegationConfiguration.membershipUpdateEnquiryForm);
    }

    @Transactional
    public Map<String, DelegatedGroupContents> getGroupAndSubgroups(String str, String str2) throws EngineException {
        this.authz.assertManagerAuthorization(str, str2);
        Map groupAndSubgroups = this.bulkQueryService.getGroupAndSubgroups(this.bulkQueryService.getBulkStructuralData(str2));
        HashMap hashMap = new HashMap();
        for (Map.Entry entry : groupAndSubgroups.entrySet()) {
            GroupContents groupContents = (GroupContents) entry.getValue();
            if (groupContents != null) {
                Group group = groupContents.getGroup();
                hashMap.put((String) entry.getKey(), new DelegatedGroupContents(new DelegatedGroup(group.toString(), group.getDelegationConfiguration(), group.isPublic(), group.getDisplayedName()), Optional.ofNullable(groupContents.getSubGroups())));
            }
        }
        return hashMap;
    }

    @Transactional
    public DelegatedGroupContents getContents(String str, String str2) throws EngineException {
        this.authz.assertManagerAuthorization(str, str2);
        GroupContents contents = this.groupMan.getContents(str2, 9);
        Group group = contents.getGroup();
        return new DelegatedGroupContents(new DelegatedGroup(group.toString(), group.getDelegationConfiguration(), group.isPublic(), group.getDisplayedName()), Optional.ofNullable(contents.getSubGroups()));
    }

    @Transactional
    public List<DelegatedGroupMember> getDelegatedGroupMembers(String str, String str2) throws EngineException {
        this.authz.assertManagerAuthorization(str, str2);
        return getDelegatedGroupMembersInternal(str, str2);
    }

    @Transactional
    public String getAttributeDisplayedName(String str, String str2) throws EngineException {
        this.authz.assertManagerAuthorization(str);
        if (getProjectAttrs(str).contains(str2)) {
            return this.attrTypeMan.getAttributeType(str2).getDisplayedName().getValue(this.msg);
        }
        throw new IllegalGroupAttributeException(str2, str);
    }

    @Transactional
    public void setGroupDisplayedName(String str, String str2, I18nString i18nString) throws EngineException {
        this.authz.assertManagerAuthorization(str, str2);
        if (str.equals(str2)) {
            throw new RenameProjectGroupException(str);
        }
        Group groupInternal = getGroupInternal(str2);
        groupInternal.setDisplayedName(i18nString);
        this.groupMan.updateGroup(str2, groupInternal, "set displayed name", i18nString.getValue(this.msg));
    }

    @Transactional
    public void setGroupAccessMode(String str, String str2, boolean z) throws EngineException {
        this.authz.assertManagerAuthorization(str, str2);
        Group group = this.groupMan.getContents(str2, 9).getGroup();
        group.setPublic(z);
        this.groupMan.updateGroup(str2, group, "set access mode", z ? "public" : "private");
    }

    @Transactional
    public void setGroupAuthorizationRole(String str, String str2, long j, GroupAuthorizationRole groupAuthorizationRole) throws EngineException {
        this.authz.assertRoleManagerAuthorization(str, str2, groupAuthorizationRole);
        Attribute attribute = new Attribute(ProjectAuthorizationRoleAttributeTypeProvider.PROJECT_MANAGEMENT_AUTHORIZATION_ROLE, (String) null, str2, Lists.newArrayList(new String[]{groupAuthorizationRole.toString()}));
        if (str.equals(str2) && groupAuthorizationRole.equals(GroupAuthorizationRole.regular)) {
            assertIfOneManagerRemain(str, j);
        }
        this.attrHelper.addSystemAttribute(j, attribute, true);
    }

    @Transactional
    public List<DelegatedGroup> getProjectsForEntity(long j) throws EngineException {
        ArrayList arrayList = new ArrayList();
        Iterator it = this.identitiesMan.getGroups(new EntityParam(Long.valueOf(j))).keySet().iterator();
        while (it.hasNext()) {
            Group groupInternal = getGroupInternal((String) it.next());
            if (groupInternal.getDelegationConfiguration().enabled) {
                Optional<String> attributeValue = this.projectAttrHelper.getAttributeValue(j, groupInternal.getName(), ProjectAuthorizationRoleAttributeTypeProvider.PROJECT_MANAGEMENT_AUTHORIZATION_ROLE);
                if (attributeValue.isPresent() && !attributeValue.get().equals(GroupAuthorizationRole.regular.toString())) {
                    arrayList.add(new DelegatedGroup(groupInternal.toString(), groupInternal.getDelegationConfiguration(), groupInternal.isPublic(), groupInternal.getDisplayedName()));
                }
            }
        }
        return arrayList;
    }

    @Transactional
    public void addMemberToGroup(String str, String str2, long j) throws EngineException {
        this.authz.assertManagerAuthorization(str, str2);
        addToGroupRecursive(getMissingEntityGroups(str2, j), j);
    }

    @Transactional
    public void removeMemberFromGroup(String str, String str2, long j) throws EngineException {
        this.authz.assertManagerAuthorization(str, str2);
        this.groupMan.removeMember(str2, new EntityParam(Long.valueOf(j)));
    }

    @Transactional
    public GroupAuthorizationRole getGroupAuthorizationRole(String str, long j) throws EngineException {
        this.authz.assertManagerAuthorization(str);
        Optional<String> attributeValue = this.projectAttrHelper.getAttributeValue(j, str, ProjectAuthorizationRoleAttributeTypeProvider.PROJECT_MANAGEMENT_AUTHORIZATION_ROLE);
        if (attributeValue.isPresent()) {
            return GroupAuthorizationRole.valueOf(attributeValue.get());
        }
        return null;
    }

    public void setGroupDelegationConfiguration(String str, String str2, SubprojectGroupDelegationConfiguration subprojectGroupDelegationConfiguration) throws EngineException {
        this.authz.assertProjectsAdminAuthorization(str, str2);
        GroupDelegationConfiguration delegationConfiguration = getGroupInternal(str).getDelegationConfiguration();
        Group groupInternal = getGroupInternal(str2);
        GroupDelegationConfiguration delegationConfiguration2 = groupInternal.getDelegationConfiguration();
        String str3 = delegationConfiguration2.registrationForm;
        String str4 = delegationConfiguration2.signupEnquiryForm;
        String str5 = delegationConfiguration2.membershipUpdateEnquiryForm;
        if (subprojectGroupDelegationConfiguration.enabled) {
            if (Strings.isNullOrEmpty(str3) && !Strings.isNullOrEmpty(delegationConfiguration.registrationForm)) {
                RegistrationForm generateSubprojectRegistrationForm = this.groupDelegationConfigGenerator.generateSubprojectRegistrationForm(delegationConfiguration.registrationForm, str, str2, subprojectGroupDelegationConfiguration.logoUrl);
                this.registrationsManagement.addForm(generateSubprojectRegistrationForm);
                str3 = generateSubprojectRegistrationForm.getName();
            }
            if (Strings.isNullOrEmpty(str4) && !Strings.isNullOrEmpty(delegationConfiguration.signupEnquiryForm)) {
                EnquiryForm generateSubprojectJoinEnquiryForm = this.groupDelegationConfigGenerator.generateSubprojectJoinEnquiryForm(delegationConfiguration.signupEnquiryForm, str, str2, subprojectGroupDelegationConfiguration.logoUrl);
                this.enquiryManagement.addEnquiry(generateSubprojectJoinEnquiryForm);
                str4 = generateSubprojectJoinEnquiryForm.getName();
            }
            if (Strings.isNullOrEmpty(str5) && !Strings.isNullOrEmpty(delegationConfiguration.membershipUpdateEnquiryForm)) {
                EnquiryForm generateSubprojectUpdateEnquiryForm = this.groupDelegationConfigGenerator.generateSubprojectUpdateEnquiryForm(delegationConfiguration.membershipUpdateEnquiryForm, str, str2, subprojectGroupDelegationConfiguration.logoUrl);
                this.enquiryManagement.addEnquiry(generateSubprojectUpdateEnquiryForm);
                str5 = generateSubprojectUpdateEnquiryForm.getName();
            }
        }
        groupInternal.setDelegationConfiguration(new GroupDelegationConfiguration(subprojectGroupDelegationConfiguration.enabled, Boolean.valueOf(subprojectGroupDelegationConfiguration.enableSubprojects), subprojectGroupDelegationConfiguration.logoUrl, str3, str4, str5, delegationConfiguration.attributes));
        this.groupMan.updateGroup(str2, groupInternal);
    }

    private List<DelegatedGroupMember> getDelegatedGroupMembersInternal(String str, String str2) throws EngineException {
        List<GroupMembership> members = this.groupMan.getContents(str2, 4).getMembers();
        ArrayList arrayList = new ArrayList();
        if (members != null && !members.isEmpty()) {
            List<String> projectAttrs = getProjectAttrs(str);
            for (GroupMembership groupMembership : members) {
                long entityId = groupMembership.getEntityId();
                VerifiableElementBase emailIdentity = getEmailIdentity(entityId);
                arrayList.add(new DelegatedGroupMember(groupMembership.getEntityId(), str, groupMembership.getGroup(), getGroupAuthRoleAttr(entityId, str2), this.projectAttrHelper.getAttributeFromMeta(entityId, "/", "entityDisplayedName"), emailIdentity != null ? emailIdentity : this.projectAttrHelper.getVerifiableAttributeFromMeta(entityId, "/", "contactEmail"), Optional.ofNullable(getProjectMemberAttributes(entityId, str, projectAttrs))));
            }
        }
        arrayList.sort((delegatedGroupMember, delegatedGroupMember2) -> {
            return Long.compare(delegatedGroupMember.entityId, delegatedGroupMember2.entityId);
        });
        return arrayList;
    }

    private Group getGroupInternal(String str) throws EngineException {
        return this.groupMan.getContents(str, 8).getGroup();
    }

    private void assertIfOneManagerRemain(String str, long j) throws EngineException {
        List<DelegatedGroupMember> delegatedGroupMembersInternal = getDelegatedGroupMembersInternal(str, str);
        ArrayList arrayList = new ArrayList();
        for (DelegatedGroupMember delegatedGroupMember : delegatedGroupMembersInternal) {
            if (!delegatedGroupMember.role.equals(GroupAuthorizationRole.regular)) {
                arrayList.add(Long.valueOf(delegatedGroupMember.entityId));
            }
        }
        if (arrayList.size() == 1 && arrayList.contains(Long.valueOf(j))) {
            throw new OneManagerRemainsException(str);
        }
    }

    private List<Attribute> getProjectMemberAttributes(long j, String str, List<String> list) throws EngineException {
        ArrayList arrayList = new ArrayList();
        if (list == null || list.isEmpty()) {
            return arrayList;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            Optional<Attribute> attribute = this.projectAttrHelper.getAttribute(j, str, it.next());
            if (attribute.isPresent()) {
                arrayList.add(attribute.get());
            }
        }
        return arrayList;
    }

    private List<String> getProjectAttrs(String str) throws EngineException {
        return getGroupInternal(str).getDelegationConfiguration().attributes;
    }

    private GroupAuthorizationRole getGroupAuthRoleAttr(long j, String str) throws EngineException {
        Optional<String> attributeValue = this.projectAttrHelper.getAttributeValue(j, str, ProjectAuthorizationRoleAttributeTypeProvider.PROJECT_MANAGEMENT_AUTHORIZATION_ROLE);
        return attributeValue.isPresent() ? GroupAuthorizationRole.valueOf(attributeValue.get()) : GroupAuthorizationRole.regular;
    }

    private Deque<String> getMissingEntityGroups(String str, long j) throws EngineException {
        return Group.getMissingGroups(str, this.identitiesMan.getGroups(new EntityParam(Long.valueOf(j))).keySet());
    }

    private void addToGroupRecursive(Deque<String> deque, long j) throws EngineException {
        if (deque.isEmpty()) {
            return;
        }
        this.groupMan.addMemberFromParent(deque.pollLast(), new EntityParam(Long.valueOf(j)));
        addToGroupRecursive(deque, j);
    }

    private VerifiableElementBase getEmailIdentity(long j) throws EngineException {
        for (IdentityParam identityParam : this.identitiesMan.getEntity(new EntityParam(Long.valueOf(j))).getIdentities()) {
            if (identityParam != null && identityParam.getTypeId().equals("email")) {
                return new VerifiableElementBase(identityParam.getValue(), identityParam.getConfirmationInfo());
            }
        }
        return null;
    }
}
