package net.bluemind.user.service.internal;

import com.google.common.collect.Sets;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import net.bluemind.core.api.Email;
import net.bluemind.core.api.fault.ServerFault;
import net.bluemind.core.container.hooks.IAclHook;
import net.bluemind.core.container.model.ContainerDescriptor;
import net.bluemind.core.container.model.ItemValue;
import net.bluemind.core.container.model.acl.AccessControlEntry;
import net.bluemind.core.container.model.acl.Verb;
import net.bluemind.core.rest.BmContext;
import net.bluemind.directory.api.BaseDirEntry;
import net.bluemind.directory.api.DirEntry;
import net.bluemind.directory.api.IDirectory;
import net.bluemind.domain.api.Domain;
import net.bluemind.domain.api.IDomains;
import net.bluemind.group.api.IGroup;
import net.bluemind.group.api.Member;
import net.bluemind.mailbox.api.IMailboxes;
import net.bluemind.mailbox.api.Mailbox;
import net.bluemind.mailbox.hook.DefaultMailboxHook;
import net.bluemind.mailbox.identity.api.IdentityDescription;
import net.bluemind.user.api.IInternalUserMailIdentities;
import net.bluemind.user.api.IUser;
import net.bluemind.user.api.IUserMailIdentities;
import net.bluemind.user.api.UserMailIdentity;
import net.bluemind.user.service.IInCoreUser;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/bluemind/user/service/internal/UserMailIdentitiesHook.class */
public class UserMailIdentitiesHook extends DefaultMailboxHook implements IAclHook {
    private static Logger logger = LoggerFactory.getLogger(UserMailIdentitiesHook.class);

    public void onAclChanged(BmContext bmContext, ContainerDescriptor containerDescriptor, List<AccessControlEntry> list, List<AccessControlEntry> list2) {
        if ("mailboxacl".equals(containerDescriptor.type)) {
            Set set = (Set) list.stream().filter(accessControlEntry -> {
                return accessControlEntry.verb == Verb.All || accessControlEntry.verb == Verb.Write;
            }).collect(Collectors.toSet());
            Set<AccessControlEntry> set2 = (Set) list2.stream().filter(accessControlEntry2 -> {
                return accessControlEntry2.verb == Verb.All || accessControlEntry2.verb == Verb.Write;
            }).collect(Collectors.toSet());
            Sets.SetView difference = Sets.difference(set, set2);
            if (difference.isEmpty()) {
                return;
            }
            try {
                handleChanges(bmContext, containerDescriptor, difference, set2);
            } catch (Exception e) {
                logger.error("error during auto subscribe to mailbox", e);
            }
        }
    }

    private void handleChanges(BmContext bmContext, ContainerDescriptor containerDescriptor, Set<AccessControlEntry> set, Set<AccessControlEntry> set2) throws ServerFault {
        Set<String> asUsers = asUsers(bmContext, containerDescriptor.domainUid, set);
        asUsers.removeAll(asUsers(bmContext, containerDescriptor.domainUid, set2));
        asUsers.remove(containerDescriptor.owner);
        if (asUsers.isEmpty()) {
            return;
        }
        IInCoreUser iInCoreUser = (IInCoreUser) bmContext.su().provider().instance(IInCoreUser.class, new String[]{containerDescriptor.domainUid});
        Iterator<String> it = asUsers.iterator();
        while (it.hasNext()) {
            iInCoreUser.deleteUserIdentitiesForMailbox(it.next(), containerDescriptor.owner);
        }
    }

    private Set<String> asUsers(BmContext bmContext, String str, Collection<AccessControlEntry> collection) throws ServerFault {
        IDirectory iDirectory = (IDirectory) bmContext.provider().instance(IDirectory.class, new String[]{str});
        IGroup iGroup = (IGroup) bmContext.su().provider().instance(IGroup.class, new String[]{str});
        HashSet<DirEntry> hashSet = new HashSet();
        for (AccessControlEntry accessControlEntry : collection) {
            DirEntry findByEntryUid = iDirectory.findByEntryUid(accessControlEntry.subject);
            if (findByEntryUid != null) {
                hashSet.add(findByEntryUid);
            } else {
                logger.warn("did not found entry for {} in domain {}", accessControlEntry.subject, str);
            }
        }
        HashSet hashSet2 = new HashSet(hashSet.size());
        if (hashSet.stream().anyMatch(dirEntry -> {
            return dirEntry.kind == BaseDirEntry.Kind.DOMAIN;
        })) {
            hashSet2.addAll(((IUser) bmContext.provider().instance(IUser.class, new String[]{str})).allUids());
        } else {
            for (DirEntry dirEntry2 : hashSet) {
                if (dirEntry2.kind == BaseDirEntry.Kind.USER) {
                    hashSet2.add(dirEntry2.entryUid);
                } else if (dirEntry2.kind == BaseDirEntry.Kind.GROUP) {
                    Iterator it = iGroup.getExpandedUserMembers(dirEntry2.entryUid).iterator();
                    while (it.hasNext()) {
                        hashSet2.add(((Member) it.next()).uid);
                    }
                }
            }
        }
        return hashSet2;
    }

    public void onMailboxDeleted(BmContext bmContext, String str, ItemValue<Mailbox> itemValue) throws ServerFault {
        ((IInCoreUser) bmContext.su().provider().instance(IInCoreUser.class, new String[]{str})).deleteUserIdentitiesForMailbox(itemValue.uid);
    }

    public void onMailboxCreated(BmContext bmContext, String str, ItemValue<Mailbox> itemValue) throws ServerFault {
        if (((Mailbox) itemValue.value).type == Mailbox.Type.user && ((Mailbox) itemValue.value).defaultEmail() != null) {
            ((IInternalUserMailIdentities) bmContext.su().provider().instance(IInternalUserMailIdentities.class, new String[]{str, itemValue.uid})).createDefaultIdentity(itemValue, ((IDirectory) bmContext.su().provider().instance(IDirectory.class, new String[]{str})).findByEntryUid(itemValue.uid));
        }
    }

    public void onMailboxUpdated(BmContext bmContext, String str, ItemValue<Mailbox> itemValue, ItemValue<Mailbox> itemValue2) throws ServerFault {
        if (((Mailbox) itemValue2.value).type == Mailbox.Type.user && ((Mailbox) itemValue2.value).routing != Mailbox.Routing.none) {
            IInternalUserMailIdentities iInternalUserMailIdentities = (IInternalUserMailIdentities) bmContext.su().provider().instance(IInternalUserMailIdentities.class, new String[]{str, itemValue2.uid});
            DirEntry findByEntryUid = ((IDirectory) bmContext.su().provider().instance(IDirectory.class, new String[]{str})).findByEntryUid(itemValue2.uid);
            boolean z = ((Mailbox) itemValue2.value).defaultEmail() != null;
            for (IdentityDescription identityDescription : iInternalUserMailIdentities.getIdentities()) {
                if (identityDescription.isDefault.booleanValue()) {
                    z = false;
                }
                if (identityDescription.mbox != null) {
                    if (identityDescription.isDefault.booleanValue()) {
                        UserMailIdentity userMailIdentity = iInternalUserMailIdentities.get(identityDescription.id);
                        userMailIdentity.displayname = findByEntryUid.displayName;
                        userMailIdentity.name = userMailIdentity.displayname;
                        verifyDefaultIdentityIntegrity(identityDescription.id, iInternalUserMailIdentities, userMailIdentity, ((Mailbox) itemValue2.value).defaultEmail(), str, bmContext, itemValue2, ((Mailbox) itemValue.value).defaultEmail());
                    } else {
                        verifyIdentityIntegrity(identityDescription, iInternalUserMailIdentities, itemValue2, str, bmContext);
                    }
                }
            }
            if (z) {
                iInternalUserMailIdentities.createDefaultIdentity(itemValue2, findByEntryUid);
            }
        }
    }

    public void verifyIdentityIntegrity(IdentityDescription identityDescription, IUserMailIdentities iUserMailIdentities, ItemValue<Mailbox> itemValue, String str, BmContext bmContext) throws ServerFault {
        sanitizeIdentityIntegrity(identityDescription.email, getReferencedMailbox(identityDescription.mbox, itemValue, str, bmContext), bmContext, str, () -> {
            logger.info("Referenced mailbox:email {}:{} does not exist anymore. Deleting identity", identityDescription.mbox, identityDescription.email);
            iUserMailIdentities.delete(identityDescription.id);
        });
    }

    public void verifyDefaultIdentityIntegrity(String str, IUserMailIdentities iUserMailIdentities, UserMailIdentity userMailIdentity, Email email, String str2, BmContext bmContext, ItemValue<Mailbox> itemValue, Email email2) throws ServerFault {
        if (identityFollowsDefaultEmail(userMailIdentity, itemValue, email2)) {
            userMailIdentity.email = ((Mailbox) itemValue.value).defaultEmail().address;
            iUserMailIdentities.update(str, userMailIdentity);
        } else if (email == null) {
            verifyIdentityIntegrity(toDescription(str, userMailIdentity), iUserMailIdentities, itemValue, str2, bmContext);
        } else {
            ItemValue<Mailbox> referencedMailbox = getReferencedMailbox(userMailIdentity.mailboxUid, itemValue, str2, bmContext);
            sanitizeIdentityIntegrity(userMailIdentity.email, referencedMailbox, bmContext, str2, () -> {
                if (email == null || !StringUtils.isNotBlank(email.address)) {
                    return;
                }
                logger.info("Referenced mailbox:email {}:{} does not exist anymore. Setting default identity to {}", new Object[]{referencedMailbox.uid, userMailIdentity.email, email.address});
                userMailIdentity.email = email.address;
                iUserMailIdentities.update(str, userMailIdentity);
            });
        }
    }

    private IdentityDescription toDescription(String str, UserMailIdentity userMailIdentity) {
        IdentityDescription identityDescription = new IdentityDescription();
        identityDescription.id = str;
        identityDescription.displayname = userMailIdentity.displayname;
        identityDescription.email = userMailIdentity.email;
        identityDescription.isDefault = Boolean.valueOf(userMailIdentity.isDefault);
        identityDescription.mbox = userMailIdentity.mailboxUid;
        identityDescription.name = userMailIdentity.name;
        return identityDescription;
    }

    private boolean identityFollowsDefaultEmail(UserMailIdentity userMailIdentity, ItemValue<Mailbox> itemValue, Email email) {
        return (email == null || !userMailIdentity.email.equals(email.address) || ((Mailbox) itemValue.value).defaultEmail() == null || email.address.equals(((Mailbox) itemValue.value).defaultEmail().address)) ? false : true;
    }

    private ItemValue<Mailbox> getReferencedMailbox(String str, ItemValue<Mailbox> itemValue, String str2, BmContext bmContext) {
        return !str.equals(itemValue.uid) ? ((IMailboxes) bmContext.provider().instance(IMailboxes.class, new String[]{str2})).getComplete(str) : itemValue;
    }

    private void sanitizeIdentityIntegrity(String str, ItemValue<Mailbox> itemValue, BmContext bmContext, String str2, Runnable runnable) {
        boolean z = false;
        if (itemValue != null) {
            ItemValue itemValue2 = ((IDomains) bmContext.su().provider().instance(IDomains.class, new String[0])).get(str2);
            String[] split = str.split("@");
            Iterator it = ((Mailbox) itemValue.value).emails.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Email email = (Email) it.next();
                if (email.allAliases) {
                    if (split[0].equals(email.address.split("@")[0]) && (split[1].equals(itemValue2.uid) || ((Domain) itemValue2.value).aliases.contains(split[1]))) {
                        break;
                    }
                } else if (email.address.equals(str)) {
                    z = true;
                    break;
                }
            }
            z = true;
        }
        if (z) {
            return;
        }
        runnable.run();
    }
}
