package net.bluemind.dataprotect.service.internal;

import java.sql.SQLException;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import net.bluemind.core.api.ParametersValidator;
import net.bluemind.core.api.fault.ErrorCode;
import net.bluemind.core.api.fault.ServerFault;
import net.bluemind.core.container.service.internal.RBACManager;
import net.bluemind.core.rest.BmContext;
import net.bluemind.core.task.api.TaskRef;
import net.bluemind.core.task.service.ITasksManager;
import net.bluemind.dataprotect.api.DataProtectGeneration;
import net.bluemind.dataprotect.api.IDataProtect;
import net.bluemind.dataprotect.api.PartGeneration;
import net.bluemind.dataprotect.api.Restorable;
import net.bluemind.dataprotect.api.RestoreDefinition;
import net.bluemind.dataprotect.api.RestoreOperation;
import net.bluemind.dataprotect.api.RetentionPolicy;
import net.bluemind.dataprotect.persistence.DataProtectGenerationStore;
import net.bluemind.dataprotect.persistence.GenerationWriter;
import net.bluemind.dataprotect.persistence.RetentionPolicyStore;
import net.bluemind.dataprotect.service.IRestoreActionProvider;
import net.bluemind.dataprotect.service.action.RestoreActionExecutor;
import net.bluemind.directory.api.DirEntry;
import net.bluemind.directory.api.IDirectory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/bluemind/dataprotect/service/internal/DPService.class */
public class DPService implements IDataProtect {
    private static final Logger logger = LoggerFactory.getLogger(DPService.class);
    private final BmContext ctx;
    private final DataProtectGenerationStore dpgStore;
    private final RetentionPolicyStore rpStore;
    private final List<RestoreOperation> restoreOps;
    private List<IRestoreActionProvider> restoreProviders;
    private RBACManager rbac;

    public DPService(BmContext bmContext, List<RestoreOperation> list, List<IRestoreActionProvider> list2) {
        this.ctx = bmContext;
        this.rbac = RBACManager.forContext(this.ctx);
        logger.debug("Built with ctx {}", this.ctx);
        this.dpgStore = new DataProtectGenerationStore(bmContext.getDataSource());
        this.rpStore = new RetentionPolicyStore(bmContext.getDataSource());
        this.restoreOps = list;
        this.restoreProviders = list2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public DataProtectGenerationStore getStore() {
        return this.dpgStore;
    }

    public List<DataProtectGeneration> getAvailableGenerations() throws ServerFault {
        checkAccess();
        try {
            return this.dpgStore.getGenerations();
        } catch (SQLException e) {
            throw ServerFault.sqlFault(e);
        }
    }

    public TaskRef getContent(String str) throws ServerFault {
        checkAccess();
        logger.info("Access is fine for {} loading gen {}", this.ctx, str);
        List<DataProtectGeneration> availableGenerations = getAvailableGenerations();
        DataProtectGeneration dataProtectGeneration = null;
        int parseInt = Integer.parseInt(str);
        Iterator<DataProtectGeneration> it = availableGenerations.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            DataProtectGeneration next = it.next();
            if (parseInt == next.id) {
                dataProtectGeneration = next;
                break;
            }
        }
        if (dataProtectGeneration == null) {
            throw new ServerFault("Generation " + str + " not found.");
        }
        List list = dataProtectGeneration.parts;
        Optional findFirst = list.stream().filter(partGeneration -> {
            return "directory".equals(partGeneration.datatype);
        }).findFirst();
        if (!findFirst.isPresent()) {
            throw new ServerFault("directory part is missing from generation " + str);
        }
        return ((ITasksManager) this.ctx.provider().instance(ITasksManager.class, new String[0])).run(new LoadGenerationTask(this.ctx, (PartGeneration) findFirst.get(), list));
    }

    public List<RestoreOperation> getRestoreCapabilities() throws ServerFault {
        checkAccess();
        return this.restoreOps;
    }

    public List<RestoreOperation> getRestoreCapabilitiesByTags(List<String> list) throws ServerFault {
        checkAccess();
        return (List) this.restoreOps.stream().filter(restoreOperation -> {
            if (restoreOperation.requiredTag != null) {
                return list.contains(restoreOperation.requiredTag);
            }
            return true;
        }).collect(Collectors.toList());
    }

    public TaskRef run(RestoreDefinition restoreDefinition) throws ServerFault {
        ParametersValidator.notNull(restoreDefinition);
        ParametersValidator.notNull(restoreDefinition.item);
        ParametersValidator.notNull(restoreDefinition.item.domainUid);
        ParametersValidator.notNull(restoreDefinition.restoreOperationIdenfitier);
        checkAccess();
        if (!this.ctx.getSecurityContext().isDomainGlobal() && !this.ctx.getSecurityContext().getRoles().contains("manageDataProtect") && !this.ctx.getSecurityContext().getRoles().contains("manageRestore")) {
            checkRestoreItemAccess(restoreDefinition.item);
        }
        DataProtectGeneration dataProtectGeneration = null;
        Iterator<DataProtectGeneration> it = getAvailableGenerations().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            DataProtectGeneration next = it.next();
            if (next.id == restoreDefinition.generation) {
                dataProtectGeneration = next;
                break;
            }
        }
        if (dataProtectGeneration == null) {
            throw new ServerFault(String.format("data generation with id %s not found", Integer.valueOf(restoreDefinition.generation)), ErrorCode.NOT_FOUND);
        }
        IRestoreActionProvider iRestoreActionProvider = null;
        RestoreOperation restoreOperation = null;
        for (IRestoreActionProvider iRestoreActionProvider2 : this.restoreProviders) {
            Iterator<RestoreOperation> it2 = iRestoreActionProvider2.operations().iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                RestoreOperation next2 = it2.next();
                if (next2.identifier.equals(restoreDefinition.restoreOperationIdenfitier)) {
                    iRestoreActionProvider = iRestoreActionProvider2;
                    restoreOperation = next2;
                    break;
                }
            }
        }
        if (iRestoreActionProvider == null) {
            throw new ServerFault(String.format("No restore provider found for %s", restoreDefinition.restoreOperationIdenfitier), ErrorCode.NOT_FOUND);
        }
        return iRestoreActionProvider.run(restoreOperation, dataProtectGeneration, restoreDefinition.item, new RestoreActionExecutor<>(this.ctx));
    }

    public TaskRef forget(int i) throws ServerFault {
        this.rbac.check(new String[]{"manageDataProtect"});
        DataProtectGeneration dataProtectGeneration = null;
        Iterator<DataProtectGeneration> it = getAvailableGenerations().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            DataProtectGeneration next = it.next();
            if (next.id == i) {
                dataProtectGeneration = next;
                break;
            }
        }
        if (dataProtectGeneration == null) {
            throw new ServerFault("Generation " + i + " not found");
        }
        return ((ITasksManager) this.ctx.provider().instance(ITasksManager.class, new String[0])).run(new ForgetTask(this.ctx, this, dataProtectGeneration));
    }

    public RetentionPolicy getRetentionPolicy() throws ServerFault {
        this.rbac.check(new String[]{"manageDataProtect"});
        try {
            return this.rpStore.get();
        } catch (SQLException e) {
            throw ServerFault.sqlFault(e);
        }
    }

    public void updatePolicy(RetentionPolicy retentionPolicy) throws ServerFault {
        this.rbac.check(new String[]{"manageDataProtect"});
        this.rpStore.update(retentionPolicy);
    }

    public void syncWithFilesystem() throws ServerFault {
        this.rbac.check(new String[]{"systemManagement"});
        List readGenerationFiles = GenerationWriter.readGenerationFiles();
        logger.info("rewriting generations using {} stored generations", Integer.valueOf(readGenerationFiles.size()));
        this.dpgStore.rewriteGenerations(readGenerationFiles);
    }

    public TaskRef installFromGeneration(int i) throws ServerFault {
        this.rbac.check(new String[]{"systemManagement"});
        DataProtectGeneration dataProtectGeneration = null;
        Iterator<DataProtectGeneration> it = getAvailableGenerations().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            DataProtectGeneration next = it.next();
            if (next.id == i) {
                dataProtectGeneration = next;
                break;
            }
        }
        if (dataProtectGeneration == null) {
            throw new ServerFault("Generation " + i + " not found");
        }
        return ((ITasksManager) this.ctx.provider().instance(ITasksManager.class, new String[0])).run(new InstallTask(this.ctx, dataProtectGeneration));
    }

    public TaskRef saveAll() {
        this.rbac.check(new String[]{"systemManagement"});
        logger.info("Backup TIME....");
        return ((ITasksManager) this.ctx.provider().instance(ITasksManager.class, new String[0])).run(new SaveAllTask(this.ctx, this));
    }

    private void checkAccess() {
        if (!this.ctx.getSecurityContext().isDomainGlobal() && !this.ctx.getSecurityContext().getRoles().contains("manageDataProtect") && !Stream.concat(((Set) this.ctx.getSecurityContext().getRolesByOrgUnits().values().stream().flatMap((v0) -> {
            return v0.stream();
        }).collect(Collectors.toSet())).stream(), this.ctx.getSecurityContext().getRoles().stream()).anyMatch(str -> {
            return str.equals("manageRestore");
        })) {
            throw new ServerFault(String.format("%s@%s Doesnt have role %s or %s", this.ctx.getSecurityContext().getSubject(), this.ctx.getSecurityContext().getContainerUid(), "manageDataProtect", "manageRestore"), ErrorCode.PERMISSION_DENIED);
        }
    }

    private void checkRestoreItemAccess(Restorable restorable) {
        if (!restorable.domainUid.equals(this.ctx.getSecurityContext().getContainerUid()) || restorable.entryUid == null) {
            throw new ServerFault(String.format("%s@%s Doesnt have perms to restore %s", this.ctx.getSecurityContext().getSubject(), this.ctx.getSecurityContext().getContainerUid(), restorable.domainUid), ErrorCode.PERMISSION_DENIED);
        }
        Collection<String> expandContextManageRestoreOrgUnitPerms = expandContextManageRestoreOrgUnitPerms(this.ctx);
        DirEntry findByEntryUid = ((IDirectory) this.ctx.getServiceProvider().instance(IDirectory.class, new String[]{this.ctx.getSecurityContext().getContainerUid()})).findByEntryUid(restorable.entryUid);
        if (itemIsnotInOrgUnit(findByEntryUid) || userHasInsufficientPermisionsForOrgUnit(expandContextManageRestoreOrgUnitPerms, findByEntryUid)) {
            throw new ServerFault(String.format("%s@%s Doesnt have perms to restore %s from domain %s", this.ctx.getSecurityContext().getSubject(), this.ctx.getSecurityContext().getContainerUid(), restorable.entryUid, restorable.domainUid), ErrorCode.PERMISSION_DENIED);
        }
    }

    private boolean userHasInsufficientPermisionsForOrgUnit(Collection<String> collection, DirEntry dirEntry) {
        Stream stream = dirEntry.orgUnitPath.path().stream();
        collection.getClass();
        return stream.noneMatch((v1) -> {
            return r1.contains(v1);
        });
    }

    private boolean itemIsnotInOrgUnit(DirEntry dirEntry) {
        return dirEntry.orgUnitPath == null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Collection<String> expandContextManageRestoreOrgUnitPerms(BmContext bmContext) {
        return (Collection) bmContext.getSecurityContext().getRolesByOrgUnits().entrySet().stream().filter(entry -> {
            return ((Set) entry.getValue()).contains("manageRestore") || ((Set) entry.getValue()).contains("manageDataProtect");
        }).map((v0) -> {
            return v0.getKey();
        }).collect(Collectors.toSet());
    }
}
