package net.bluemind.directory.service.internal;

import com.google.common.base.Strings;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import net.bluemind.addressbook.api.VCard;
import net.bluemind.core.api.ListResult;
import net.bluemind.core.api.ParametersValidator;
import net.bluemind.core.api.Regex;
import net.bluemind.core.api.fault.ErrorCode;
import net.bluemind.core.api.fault.ServerFault;
import net.bluemind.core.container.model.Container;
import net.bluemind.core.container.model.ContainerChangeset;
import net.bluemind.core.container.model.ItemValue;
import net.bluemind.core.container.model.acl.Verb;
import net.bluemind.core.container.service.internal.DirEntryPermission;
import net.bluemind.core.container.service.internal.RBACManager;
import net.bluemind.core.rest.BmContext;
import net.bluemind.core.task.api.TaskRef;
import net.bluemind.directory.api.DirEntry;
import net.bluemind.directory.api.DirEntryQuery;
import net.bluemind.directory.api.IDirEntryPath;
import net.bluemind.directory.external.ExternalDirectories;
import net.bluemind.directory.external.IExternalDirectory;
import net.bluemind.directory.persistence.ManageableOrgUnit;
import net.bluemind.directory.service.DirEntryHandlers;
import net.bluemind.domain.api.Domain;
import net.bluemind.role.persistence.RoleStore;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/bluemind/directory/service/internal/Directory.class */
public class Directory {
    private static final Logger logger = LoggerFactory.getLogger(Directory.class);
    private final BmContext context;
    private final DirEntryStoreService itemStore;
    private final String domainUid;
    private final RBACManager rbacManager;
    private final ItemValue<Domain> domain;
    private final DirEntriesCache cache;
    private final RoleStore roleStore;
    private final List<IExternalDirectory> externalDirSource;

    public Directory(BmContext bmContext, Container container, ItemValue<Domain> itemValue) {
        this.domainUid = itemValue.uid;
        this.context = bmContext;
        this.itemStore = new DirEntryStoreService(this.context, container, itemValue.uid);
        this.rbacManager = new RBACManager(bmContext).forContainer(container);
        this.roleStore = new RoleStore(bmContext.getDataSource(), container);
        this.domain = itemValue;
        this.cache = DirEntriesCache.get(bmContext, this.domainUid);
        this.externalDirSource = new ExternalDirectories(this.domainUid).dirs();
    }

    public ItemValue<DirEntry> getRoot() throws ServerFault {
        checkReadAccess();
        return this.itemStore.get(this.domainUid, null);
    }

    public ItemValue<DirEntry> findByEntryUid(String str) throws ServerFault {
        checkReadAccess();
        ItemValue<DirEntry> itemValue = this.cache.get(str, () -> {
            return this.itemStore.get(str, null);
        });
        if (itemValue == null || itemValue.value == null) {
            Iterator<IExternalDirectory> it = this.externalDirSource.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                IExternalDirectory next = it.next();
                itemValue = next.findByEntryUid(str);
                if (itemValue != null) {
                    logger.info("EXT Resolved {} with {} => {}", new Object[]{str, next, itemValue});
                    break;
                }
            }
        }
        return itemValue;
    }

    public ItemValue<DirEntry> getEntry(String str) throws ServerFault {
        return findByEntryUid(IDirEntryPath.getEntryUid(str));
    }

    public List<ItemValue<DirEntry>> getEntries(String str) throws ServerFault {
        checkReadAccess();
        return (List) this.itemStore.getEntries(str).stream().filter(itemValue -> {
            return !((DirEntry) itemValue.value).path.equals(str);
        }).collect(Collectors.toList());
    }

    public TaskRef delete(String str) throws ServerFault {
        checkReadAccess();
        List<ItemValue<DirEntry>> entries = this.itemStore.getEntries(str);
        if (entries.isEmpty()) {
            throw new ServerFault("entry " + str + " doesnt exists", ErrorCode.NOT_FOUND);
        }
        if (entries.size() > 1) {
            throw new ServerFault("entry " + str + " has children", ErrorCode.INVALID_QUERY);
        }
        ItemValue<DirEntry> itemValue = entries.get(0);
        return DirEntryHandlers.byKind(((DirEntry) itemValue.value).kind).entryDeleted(this.context, this.domainUid, ((DirEntry) itemValue.value).entryUid);
    }

    public TaskRef deleteByEntryUid(String str) throws ServerFault {
        checkReadAccess();
        ItemValue itemValue = this.itemStore.get(str, null);
        if (itemValue == null) {
            throw new ServerFault("entry " + str + " doesnt exists", ErrorCode.NOT_FOUND);
        }
        return DirEntryHandlers.byKind(((DirEntry) itemValue.value).kind).entryDeleted(this.context, this.domainUid, ((DirEntry) itemValue.value).entryUid);
    }

    public ContainerChangeset<String> changeset(Long l) throws ServerFault {
        return this.itemStore.changeset(l, Long.MAX_VALUE);
    }

    public List<ItemValue<DirEntry>> getMultiple(List<String> list) throws ServerFault {
        checkReadAccess();
        return this.itemStore.getMultiple(list);
    }

    public List<ItemValue<DirEntry>> getMultipleLight(List<String> list) throws ServerFault {
        checkReadAccess();
        return this.itemStore.getMultipleCustom(list, List.of());
    }

    public ListResult<ItemValue<DirEntry>> search(DirEntryQuery dirEntryQuery) throws ServerFault {
        checkReadAccess();
        ParametersValidator.notNull(dirEntryQuery);
        if (!Strings.isNullOrEmpty(dirEntryQuery.emailFilter) && !Regex.EMAIL.validate(dirEntryQuery.emailFilter)) {
            throw new ServerFault("emailFilter is not valid ", ErrorCode.INVALID_PARAMETER);
        }
        if (!Strings.isNullOrEmpty(dirEntryQuery.emailFilter)) {
            String[] split = dirEntryQuery.emailFilter.split("@");
            if (!this.domain.uid.equals(split[1]) && !((Domain) this.domain.value).aliases.contains(split[1])) {
                return ListResult.create(Collections.emptyList());
            }
        }
        if (dirEntryQuery.entries == null) {
            if (dirEntryQuery.onlyManagable) {
                return this.itemStore.searchManageable(dirEntryQuery, getManageableDirEntries());
            }
            return this.itemStore.search(dirEntryQuery);
        }
        int i = 0;
        int size = dirEntryQuery.entries.size();
        if (dirEntryQuery.from > 0) {
            i = dirEntryQuery.from;
        }
        if (dirEntryQuery.size > 0) {
            size = Math.min(i + dirEntryQuery.size, dirEntryQuery.entries.size());
        }
        List subList = dirEntryQuery.entries.subList(i, size);
        return ListResult.create(dirEntryQuery.lightResults ? light(subList) : this.itemStore.getMultiple(subList), dirEntryQuery.entries.size());
    }

    private List<ItemValue<DirEntry>> light(List<String> list) {
        return list.stream().map(str -> {
            return this.itemStore.getLight(str, null);
        }).toList();
    }

    private List<ManageableOrgUnit> getManageableDirEntries() {
        RBACManager forDomain = RBACManager.forContext(this.context).forDomain(this.domainUid);
        ArrayList arrayList = new ArrayList();
        for (Map.Entry entry : this.context.getSecurityContext().getRolesByOrgUnits().entrySet()) {
            Set set = (Set) forDomain.forOrgUnit((String) entry.getKey()).resolve().stream().filter(permission -> {
                return permission instanceof DirEntryPermission;
            }).map(permission2 -> {
                return ((DirEntryPermission) permission2).getKind();
            }).collect(Collectors.toSet());
            if (!set.isEmpty()) {
                arrayList.add(new ManageableOrgUnit((String) entry.getKey(), set));
            }
        }
        Set set2 = (Set) forDomain.forDomain(this.domainUid).resolve().stream().filter(permission3 -> {
            return permission3 instanceof DirEntryPermission;
        }).map(permission4 -> {
            return ((DirEntryPermission) permission4).getKind();
        }).collect(Collectors.toSet());
        if (!set2.isEmpty()) {
            arrayList.add(new ManageableOrgUnit((String) null, set2));
        }
        return arrayList;
    }

    public byte[] getEntryIcon(String str) throws ServerFault {
        ItemValue itemValue = this.itemStore.get(str, null);
        if (itemValue != null) {
            return DirEntryHandlers.byKind(((DirEntry) itemValue.value).kind).getIcon(this.context, this.domainUid, ((DirEntry) itemValue.value).entryUid);
        }
        return null;
    }

    public byte[] getIcon(String str) throws ServerFault {
        List<ItemValue<DirEntry>> entries = this.itemStore.getEntries(str);
        if (entries.size() > 0) {
            return DirEntryHandlers.byKind(((DirEntry) entries.get(0).value).kind).getIcon(this.context, this.domainUid, ((DirEntry) entries.get(0).value).entryUid);
        }
        return null;
    }

    public Set<String> getRolesForDirEntry(String str) throws ServerFault {
        return new HashSet(this.rbacManager.forEntry(str).roles());
    }

    public Set<String> getRolesForOrgUnit(String str) throws ServerFault {
        return new HashSet(this.rbacManager.forOrgUnit(str).roles());
    }

    public ItemValue<VCard> getVCard(String str) throws ServerFault {
        return this.itemStore.getVCard(str);
    }

    public byte[] getEntryPhoto(String str) throws ServerFault {
        return this.itemStore.getPhoto(str);
    }

    public ItemValue<DirEntry> getByEmail(String str) throws ServerFault {
        checkReadAccess();
        if (!Regex.EMAIL.validate(str)) {
            throw new ServerFault("emailFilter is not valid ", ErrorCode.INVALID_PARAMETER);
        }
        String lowerCase = str.toLowerCase();
        String str2 = lowerCase.split("@")[1];
        return this.itemStore.getByEmail(lowerCase, ((Domain) this.domain.value).aliases.contains(str2) || str2.equals(((Domain) this.domain.value).name));
    }

    private void checkReadAccess() {
        this.rbacManager.check(new String[]{Verb.Read.name(), "admin"});
    }

    public List<ItemValue<DirEntry>> getByRoles(List<String> list) {
        checkReadAccess();
        try {
            return getMultiple(new ArrayList(this.roleStore.getItemsWithRoles(list)));
        } catch (SQLException e) {
            throw ServerFault.sqlFault(e);
        }
    }
}
