package net.tirasa.connid.bundles.ldap.modify;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.ModificationItem;
import net.tirasa.connid.bundles.ldap.LdapConnection;
import net.tirasa.connid.bundles.ldap.commons.GroupHelper;
import net.tirasa.connid.bundles.ldap.commons.LdapConstants;
import net.tirasa.connid.bundles.ldap.commons.LdapModifyOperation;
import net.tirasa.connid.bundles.ldap.commons.LdapUtil;
import net.tirasa.connid.bundles.ldap.commons.StatusManagement;
import net.tirasa.connid.bundles.ldap.schema.GuardedPasswordAttribute;
import net.tirasa.connid.bundles.ldap.search.LdapSearches;
import org.identityconnectors.common.CollectionUtil;
import org.identityconnectors.common.Pair;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.objects.AttributeDelta;
import org.identityconnectors.framework.common.objects.AttributeDeltaUtil;
import org.identityconnectors.framework.common.objects.AttributeUtil;
import org.identityconnectors.framework.common.objects.Name;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.OperationalAttributes;
import org.identityconnectors.framework.common.objects.Uid;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/classes/bundles/net.tirasa.connid.bundles.ad-1.3.8-bundle.jar:lib/net.tirasa.connid.bundles.ldap-1.5.5.jar:net/tirasa/connid/bundles/ldap/modify/LdapUpdate.class
 */
/* loaded from: input_file:WEB-INF/classes/bundles/net.tirasa.connid.bundles.ldap-1.5.7-bundle.jar:net/tirasa/connid/bundles/ldap/modify/LdapUpdate.class */
public class LdapUpdate extends LdapModifyOperation {
    private static final Log LOG = Log.getLog(LdapUpdate.class);
    private final ObjectClass oclass;
    private final Uid uid;

    /* renamed from: net.tirasa.connid.bundles.ldap.modify.LdapUpdate$1, reason: invalid class name */
    /* loaded from: input_file:WEB-INF/classes/bundles/net.tirasa.connid.bundles.ad-1.3.8-bundle.jar:lib/net.tirasa.connid.bundles.ldap-1.5.5.jar:net/tirasa/connid/bundles/ldap/modify/LdapUpdate$1.class */
    class AnonymousClass1 implements GuardedPasswordAttribute.Accessor {
        final /* synthetic */ String val$entryDN;
        final /* synthetic */ List val$modItems;
        final /* synthetic */ int val$ldapModifyOp;

        AnonymousClass1(String str, List list, int i) {
            this.val$entryDN = str;
            this.val$modItems = list;
            this.val$ldapModifyOp = i;
        }

        @Override // net.tirasa.connid.bundles.ldap.schema.GuardedPasswordAttribute.Accessor
        public void access(Attribute attribute) {
            LdapUpdate.access$000(LdapUpdate.this, attribute, this.val$entryDN);
            this.val$modItems.add(new ModificationItem(this.val$ldapModifyOp, attribute));
            LdapUpdate.access$100(LdapUpdate.this, this.val$entryDN, this.val$modItems);
        }
    }

    public LdapUpdate(LdapConnection ldapConnection, ObjectClass objectClass, Uid uid) {
        super(ldapConnection);
        this.oclass = objectClass;
        this.uid = uid;
    }

    public Uid update(Set<org.identityconnectors.framework.common.objects.Attribute> set) {
        String findEntryDN = LdapSearches.findEntryDN(this.conn, this.oclass, this.uid);
        LdapModifyOperation.PosixGroupMember posixGroupMember = new LdapModifyOperation.PosixGroupMember(findEntryDN);
        Set<org.identityconnectors.framework.common.objects.Attribute> set2 = set;
        Name nameFromAttributes = AttributeUtil.getNameFromAttributes(set);
        org.identityconnectors.framework.common.objects.Attribute find = AttributeUtil.find(OperationalAttributes.ENABLE_NAME, set);
        String str = null;
        if (nameFromAttributes != null) {
            set2 = CollectionUtil.newSet(set);
            set2.remove(nameFromAttributes);
            set2.remove(AttributeUtil.find(LdapUtil.getDNAttributeName(nameFromAttributes), set));
            str = this.conn.getSchemaMapping().getEntryDN(this.oclass, nameFromAttributes);
        }
        List<String> stringListValue = getStringListValue(set2, LdapConstants.LDAP_GROUPS_NAME);
        List<String> stringListValue2 = getStringListValue(set2, LdapConstants.POSIX_GROUPS_NAME);
        Pair<Attributes, GuardedPasswordAttribute> attributesToModify = getAttributesToModify(set2);
        Attributes attributes = attributesToModify.first;
        Set<String> attributeValues = getAttributeValues(GroupHelper.getPosixRefAttribute(), LdapUtil.quietCreateLdapName(str == null ? findEntryDN : str), attributes);
        if (attributeValues != null && attributeValues.isEmpty()) {
            checkRemovedPosixRefAttrs(posixGroupMember.getPosixRefAttributes(), posixGroupMember.getPosixGroupMemberships());
        }
        if (find != null && find.getValue() != null && !find.getValue().isEmpty()) {
            StatusManagement.getInstance(this.conn.getConfiguration().getStatusManagementClass()).setStatus(((Boolean) find.getValue().get(0)).booleanValue(), attributes);
        }
        modifyAttributes(findEntryDN, attributesToModify, 2);
        String str2 = null;
        if (nameFromAttributes != null) {
            if ((attributeValues != null && this.conn.getConfiguration().isMaintainPosixGroupMembership()) || stringListValue2 != null) {
                posixGroupMember.getPosixRefAttributes();
            }
            str2 = findEntryDN;
            findEntryDN = this.conn.getSchemaMapping().rename(this.oclass, str2, nameFromAttributes);
        }
        GroupHelper.Modification<GroupHelper.GroupMembership> modification = new GroupHelper.Modification<>();
        if (str2 != null && this.conn.getConfiguration().isMaintainLdapGroupMembership()) {
            Set<GroupHelper.GroupMembership> ldapGroupMemberships = this.groupHelper.getLdapGroupMemberships(str2);
            modification.removeAll(ldapGroupMemberships);
            Iterator<GroupHelper.GroupMembership> it = ldapGroupMemberships.iterator();
            while (it.hasNext()) {
                modification.add(new GroupHelper.GroupMembership(findEntryDN, it.next().getGroupDN()));
            }
        }
        if (stringListValue != null) {
            modification.removeAll(this.groupHelper.getLdapGroupMemberships(findEntryDN));
            modification.clearAdded();
            Iterator<String> it2 = stringListValue.iterator();
            while (it2.hasNext()) {
                modification.add(new GroupHelper.GroupMembership(findEntryDN, it2.next()));
            }
        }
        this.groupHelper.modifyLdapGroupMemberships(modification);
        GroupHelper.Modification<GroupHelper.GroupMembership> modification2 = new GroupHelper.Modification<>();
        if (attributeValues != null && this.conn.getConfiguration().isMaintainPosixGroupMembership()) {
            HashSet hashSet = new HashSet(posixGroupMember.getPosixRefAttributes());
            hashSet.removeAll(attributeValues);
            Set<GroupHelper.GroupMembership> posixGroupMembershipsByAttrs = posixGroupMember.getPosixGroupMembershipsByAttrs(hashSet);
            modification2.removeAll(posixGroupMembershipsByAttrs);
            if (!posixGroupMembershipsByAttrs.isEmpty()) {
                String firstPosixRefAttr = getFirstPosixRefAttr(findEntryDN, attributeValues);
                Iterator<GroupHelper.GroupMembership> it3 = posixGroupMembershipsByAttrs.iterator();
                while (it3.hasNext()) {
                    modification2.add(new GroupHelper.GroupMembership(firstPosixRefAttr, it3.next().getGroupDN()));
                }
            }
        }
        if (stringListValue2 != null) {
            modification2.removeAll(posixGroupMember.getPosixGroupMemberships());
            modification2.clearAdded();
            if (!stringListValue2.isEmpty()) {
                String firstPosixRefAttr2 = getFirstPosixRefAttr(findEntryDN, attributeValues);
                Iterator<String> it4 = stringListValue2.iterator();
                while (it4.hasNext()) {
                    modification2.add(new GroupHelper.GroupMembership(firstPosixRefAttr2, it4.next()));
                }
            }
        }
        this.groupHelper.modifyPosixGroupMemberships(modification2);
        return this.conn.getSchemaMapping().createUid(this.oclass, findEntryDN);
    }

    public Set<AttributeDelta> updateDelta(Set<AttributeDelta> set) {
        String findEntryDN = LdapSearches.findEntryDN(this.conn, this.oclass, this.uid);
        LdapModifyOperation.PosixGroupMember posixGroupMember = new LdapModifyOperation.PosixGroupMember(findEntryDN);
        Optional.ofNullable(AttributeDeltaUtil.find(OperationalAttributes.ENABLE_NAME, set)).filter(attributeDelta -> {
            return !CollectionUtil.isEmpty(attributeDelta.getValuesToReplace());
        }).ifPresent(attributeDelta2 -> {
            StatusManagement.getInstance(this.conn.getConfiguration().getStatusManagementClass()).setStatus(((Boolean) attributeDelta2.getValuesToReplace().get(0)).booleanValue(), (Set<AttributeDelta>) set);
            set.remove(attributeDelta2);
        });
        GuardedPasswordAttribute guardedPasswordAttribute = null;
        ArrayList arrayList = new ArrayList();
        for (AttributeDelta attributeDelta3 : set) {
            if (attributeDelta3.is(Uid.NAME) || attributeDelta3.is(Name.NAME)) {
                throw new IllegalArgumentException("Do not perform rename via updateDelta, use standard update");
            }
            if (!LdapConstants.isLdapGroups(attributeDelta3.getName()) && !LdapConstants.isPosixGroups(attributeDelta3.getName())) {
                if (attributeDelta3.is(OperationalAttributes.PASSWORD_NAME)) {
                    guardedPasswordAttribute = this.conn.getSchemaMapping().encodePassword(attributeDelta3);
                } else {
                    arrayList.addAll(this.conn.getSchemaMapping().encodeAttribute(this.oclass, attributeDelta3));
                }
            }
        }
        if (guardedPasswordAttribute != null) {
            guardedPasswordAttribute.access(attribute -> {
                hashPassword(attribute, findEntryDN);
                arrayList.add(new ModificationItem(2, attribute));
                modifyAttributes(findEntryDN, arrayList);
            });
        } else {
            modifyAttributes(findEntryDN, arrayList);
        }
        Optional.ofNullable(AttributeDeltaUtil.find(LdapConstants.LDAP_GROUPS_NAME, set)).ifPresent(attributeDelta4 -> {
            GroupHelper.Modification<GroupHelper.GroupMembership> modification = new GroupHelper.Modification<>();
            if (CollectionUtil.isEmpty(attributeDelta4.getValuesToReplace())) {
                if (!CollectionUtil.isEmpty(attributeDelta4.getValuesToAdd())) {
                    Iterator it = LdapUtil.checkedListByFilter(CollectionUtil.nullAsEmpty((List) attributeDelta4.getValuesToAdd()), String.class).iterator();
                    while (it.hasNext()) {
                        modification.add(new GroupHelper.GroupMembership(findEntryDN, (String) it.next()));
                    }
                }
                if (!CollectionUtil.isEmpty(attributeDelta4.getValuesToRemove())) {
                    Iterator it2 = LdapUtil.checkedListByFilter(CollectionUtil.nullAsEmpty((List) attributeDelta4.getValuesToRemove()), String.class).iterator();
                    while (it2.hasNext()) {
                        modification.remove(new GroupHelper.GroupMembership(findEntryDN, (String) it2.next()));
                    }
                }
            } else {
                modification.removeAll(this.groupHelper.getLdapGroupMemberships(findEntryDN));
                modification.clearAdded();
                Iterator it3 = LdapUtil.checkedListByFilter(CollectionUtil.nullAsEmpty((List) attributeDelta4.getValuesToReplace()), String.class).iterator();
                while (it3.hasNext()) {
                    modification.add(new GroupHelper.GroupMembership(findEntryDN, (String) it3.next()));
                }
            }
            if (modification.isEmpty()) {
                return;
            }
            this.groupHelper.modifyLdapGroupMemberships(modification);
        });
        Optional.ofNullable(AttributeDeltaUtil.find(LdapConstants.POSIX_GROUPS_NAME, set)).ifPresent(attributeDelta5 -> {
            String firstPosixRefAttr = getFirstPosixRefAttr(findEntryDN, posixGroupMember.getPosixRefAttributes());
            GroupHelper.Modification<GroupHelper.GroupMembership> modification = new GroupHelper.Modification<>();
            if (CollectionUtil.isEmpty(attributeDelta5.getValuesToReplace())) {
                if (!CollectionUtil.isEmpty(attributeDelta5.getValuesToAdd())) {
                    Iterator it = LdapUtil.checkedListByFilter(CollectionUtil.nullAsEmpty((List) attributeDelta5.getValuesToAdd()), String.class).iterator();
                    while (it.hasNext()) {
                        modification.add(new GroupHelper.GroupMembership(firstPosixRefAttr, (String) it.next()));
                    }
                }
                if (!CollectionUtil.isEmpty(attributeDelta5.getValuesToRemove())) {
                    Iterator it2 = LdapUtil.checkedListByFilter(CollectionUtil.nullAsEmpty((List) attributeDelta5.getValuesToRemove()), String.class).iterator();
                    while (it2.hasNext()) {
                        modification.remove(new GroupHelper.GroupMembership(firstPosixRefAttr, (String) it2.next()));
                    }
                }
            } else {
                modification.removeAll(posixGroupMember.getPosixGroupMemberships());
                modification.clearAdded();
                Iterator it3 = LdapUtil.checkedListByFilter(CollectionUtil.nullAsEmpty((List) attributeDelta5.getValuesToReplace()), String.class).iterator();
                while (it3.hasNext()) {
                    modification.add(new GroupHelper.GroupMembership(firstPosixRefAttr, (String) it3.next()));
                }
            }
            if (modification.isEmpty()) {
                return;
            }
            this.groupHelper.modifyPosixGroupMemberships(modification);
        });
        return set;
    }

    public Uid addAttributeValues(Set<org.identityconnectors.framework.common.objects.Attribute> set) {
        String findEntryDN = LdapSearches.findEntryDN(this.conn, this.oclass, this.uid);
        LdapModifyOperation.PosixGroupMember posixGroupMember = new LdapModifyOperation.PosixGroupMember(findEntryDN);
        modifyAttributes(findEntryDN, getAttributesToModify(set), 1);
        List<String> stringListValue = getStringListValue(set, LdapConstants.LDAP_GROUPS_NAME);
        if (!CollectionUtil.isEmpty(stringListValue)) {
            this.groupHelper.addLdapGroupMemberships(findEntryDN, stringListValue);
        }
        List<String> stringListValue2 = getStringListValue(set, LdapConstants.POSIX_GROUPS_NAME);
        if (!CollectionUtil.isEmpty(stringListValue2)) {
            this.groupHelper.addPosixGroupMemberships(getFirstPosixRefAttr(findEntryDN, posixGroupMember.getPosixRefAttributes()), stringListValue2);
        }
        return this.uid;
    }

    public Uid removeAttributeValues(Set<org.identityconnectors.framework.common.objects.Attribute> set) {
        String findEntryDN = LdapSearches.findEntryDN(this.conn, this.oclass, this.uid);
        LdapModifyOperation.PosixGroupMember posixGroupMember = new LdapModifyOperation.PosixGroupMember(findEntryDN);
        Pair<Attributes, GuardedPasswordAttribute> attributesToModify = getAttributesToModify(set);
        Set<String> attributeValues = getAttributeValues(GroupHelper.getPosixRefAttribute(), null, attributesToModify.first);
        if (!CollectionUtil.isEmpty(attributeValues)) {
            checkRemovedPosixRefAttrs(attributeValues, posixGroupMember.getPosixGroupMemberships());
        }
        modifyAttributes(findEntryDN, attributesToModify, 3);
        List<String> stringListValue = getStringListValue(set, LdapConstants.LDAP_GROUPS_NAME);
        if (!CollectionUtil.isEmpty(stringListValue)) {
            this.groupHelper.removeLdapGroupMemberships(findEntryDN, stringListValue);
        }
        List<String> stringListValue2 = getStringListValue(set, LdapConstants.POSIX_GROUPS_NAME);
        if (!CollectionUtil.isEmpty(stringListValue2)) {
            this.groupHelper.removePosixGroupMemberships(posixGroupMember.getPosixGroupMembershipsByGroups(stringListValue2));
        }
        return this.uid;
    }

    private void checkRemovedPosixRefAttrs(Set<String> set, Set<GroupHelper.GroupMembership> set2) {
        Iterator<GroupHelper.GroupMembership> it = set2.iterator();
        while (it.hasNext()) {
            if (set.contains(it.next().getMemberRef())) {
                throw new ConnectorException(this.conn.format("cannotRemoveBecausePosixMember", GroupHelper.getPosixRefAttribute(), new Object[0]));
            }
        }
    }

    private Pair<Attributes, GuardedPasswordAttribute> getAttributesToModify(Set<org.identityconnectors.framework.common.objects.Attribute> set) {
        BasicAttributes basicAttributes = new BasicAttributes();
        GuardedPasswordAttribute guardedPasswordAttribute = null;
        for (org.identityconnectors.framework.common.objects.Attribute attribute : set) {
            Attribute attribute2 = null;
            if (attribute.is(Uid.NAME)) {
                throw new IllegalArgumentException("Unable to modify an object's uid");
            }
            if (attribute.is(Name.NAME)) {
                throw new IllegalArgumentException("Unable to modify an object's name");
            }
            if (!LdapConstants.isLdapGroups(attribute.getName()) && !LdapConstants.isPosixGroups(attribute.getName())) {
                if (attribute.is(OperationalAttributes.PASSWORD_NAME)) {
                    guardedPasswordAttribute = this.conn.getSchemaMapping().encodePassword(attribute);
                } else {
                    attribute2 = this.conn.getSchemaMapping().encodeAttribute(this.oclass, attribute);
                }
            }
            if (attribute2 != null) {
                Attribute attribute3 = basicAttributes.get(attribute2.getID());
                if (attribute3 != null) {
                    try {
                        NamingEnumeration all = attribute2.getAll();
                        while (all.hasMoreElements()) {
                            attribute3.add(all.nextElement());
                        }
                    } catch (NamingException e) {
                        throw new ConnectorException((Throwable) e);
                    }
                } else {
                    basicAttributes.put(attribute2);
                }
            }
        }
        return Pair.of(basicAttributes, guardedPasswordAttribute);
    }

    private void modifyAttributes(String str, Pair<Attributes, GuardedPasswordAttribute> pair, int i) {
        ArrayList arrayList = new ArrayList(pair.first.size());
        NamingEnumeration all = pair.first.getAll();
        while (all.hasMoreElements()) {
            arrayList.add(new ModificationItem(i, (Attribute) all.nextElement()));
        }
        if (pair.second != null) {
            pair.second.access(attribute -> {
                hashPassword(attribute, str);
                arrayList.add(new ModificationItem(i, attribute));
                modifyAttributes(str, arrayList);
            });
        } else {
            modifyAttributes(str, arrayList);
        }
    }

    private void modifyAttributes(String str, List<ModificationItem> list) {
        LOG.ok("About to apply to {0} the following modifications: {1}", str, list);
        try {
            this.conn.getInitialContext().modifyAttributes(str, (ModificationItem[]) list.toArray(new ModificationItem[0]));
        } catch (NamingException e) {
            throw new ConnectorException((Throwable) e);
        }
    }

    private static List<String> getStringListValue(Set<org.identityconnectors.framework.common.objects.Attribute> set, String str) {
        return (List) Optional.ofNullable(AttributeUtil.find(str, set)).map(attribute -> {
            return LdapUtil.checkedListByFilter(CollectionUtil.nullAsEmpty((List) attribute.getValue()), String.class);
        }).orElse(null);
    }
}
