package com.atlassian.bamboo.persister;

import com.atlassian.bamboo.Key;
import com.atlassian.bamboo.build.pipeline.concurrent.SystemAuthorityThreadFactory;
import com.atlassian.bamboo.configuration.AdministrationConfiguration;
import com.atlassian.bamboo.configuration.AdministrationConfigurationAccessor;
import com.atlassian.bamboo.configuration.AdministrationConfigurationPersister;
import com.atlassian.bamboo.persister.AuditLogService;
import com.atlassian.bamboo.plan.PlanKey;
import com.atlassian.bamboo.plan.PlanKeys;
import com.atlassian.bamboo.plan.cache.ImmutablePlan;
import com.atlassian.bamboo.security.EncryptionService;
import com.atlassian.bamboo.user.BambooAuthenticationContext;
import com.atlassian.bamboo.util.PasswordMaskingUtils;
import com.atlassian.bamboo.utils.XmlDiffFinder;
import com.atlassian.bamboo.utils.XsrfUtils;
import com.atlassian.user.User;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableSet;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.apache.log4j.Logger;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:com/atlassian/bamboo/persister/DefaultAuditLogService.class */
public class DefaultAuditLogService implements AuditLogService {
    private static final String CONFIDENTIAL_FIELD_NAME = "confidential";
    private final AuditLogDao auditLogDao;
    private final BambooAuthenticationContext authenticationContext;
    private final AdministrationConfigurationAccessor administrationConfigurationAccessor;
    private final AdministrationConfigurationPersister administrationConfigurationPersister;
    private final ExecutorService executorService = Executors.newSingleThreadExecutor(new SystemAuthorityThreadFactory("AuditLogSaveThread"));
    private Boolean enabled;
    private static final Logger log = Logger.getLogger(DefaultAuditLogService.class);
    private static final Set<String> OTHER_CONFIDENTIAL_FIELD_NAMES = ImmutableSet.of("key.private", "ssh.key", "sslKeyFile");

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/atlassian/bamboo/persister/DefaultAuditLogService$EntityKeys.class */
    public class EntityKeys {
        private final String entityId;
        private final String childId;

        public EntityKeys(Key key) {
            String str = null;
            String str2 = null;
            if (key != null) {
                if (PlanKeys.isPlanKey(key.getKey())) {
                    PlanKey chainKeyIfJobKey = PlanKeys.getChainKeyIfJobKey(PlanKeys.getPlanKey(key.getKey()));
                    if (chainKeyIfJobKey != null) {
                        str = chainKeyIfJobKey.getKey();
                        str2 = key.getKey();
                    } else {
                        str = key.getKey();
                    }
                } else if (NumberUtils.isDigits(key.getKey())) {
                    str = key.getKey();
                } else {
                    PlanKey planKey = PlanKeys.getPlanKey(key.getKey());
                    str = PlanKeys.getProjectKeyPart(planKey);
                    str2 = planKey.getPartialKey();
                }
            }
            this.entityId = str;
            this.childId = str2;
        }

        public String getEntityId() {
            return this.entityId;
        }

        public String getChildId() {
            return this.childId;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/atlassian/bamboo/persister/DefaultAuditLogService$LoggerRunnable.class */
    public class LoggerRunnable implements Runnable {
        private final AuditLogEntry auditLogMessage;

        public LoggerRunnable(@NotNull AuditLogEntry auditLogEntry) {
            this.auditLogMessage = auditLogEntry;
        }

        @Override // java.lang.Runnable
        public void run() {
            DefaultAuditLogService.this.auditLogDao.save(this.auditLogMessage);
        }
    }

    public DefaultAuditLogService(AuditLogDao auditLogDao, BambooAuthenticationContext bambooAuthenticationContext, AdministrationConfigurationAccessor administrationConfigurationAccessor, AdministrationConfigurationPersister administrationConfigurationPersister) {
        this.auditLogDao = auditLogDao;
        this.authenticationContext = bambooAuthenticationContext;
        this.administrationConfigurationAccessor = administrationConfigurationAccessor;
        this.administrationConfigurationPersister = administrationConfigurationPersister;
    }

    public void log(@NotNull AuditLogEntry auditLogEntry) {
        if (isEnabled()) {
            this.executorService.submit(new LoggerRunnable(auditLogEntry));
        }
    }

    public void log(@NotNull String str) {
        log(this.authenticationContext.getUser(), str);
    }

    public void log(@Nullable User user, @NotNull String str) {
        log((AuditLogEntry) new AuditLogMessage(user == null ? null : user.getName(), new Date(), (AuditLogEntityType) null, (String) null, (String) null, (AuditLogEntity) null, "CONFIG_CHANGE", str, (String) null, (String) null));
    }

    public void log(@NotNull String str, @Nullable Key key, AuditLogEntityType auditLogEntityType) {
        log(this.authenticationContext.getUserName(), str, key, auditLogEntityType);
    }

    public void log(@NotNull String str, @Nullable Key key, AuditLogEntityType auditLogEntityType, @Nullable AuditLogEntity auditLogEntity) {
        log(this.authenticationContext.getUserName(), str, key, auditLogEntityType, auditLogEntity);
    }

    public void log(@Nullable User user, @NotNull String str, @Nullable Key key, AuditLogEntityType auditLogEntityType) {
        log(user == null ? null : user.getName(), str, key, auditLogEntityType);
    }

    public void log(@Nullable User user, @NotNull String str, @Nullable Key key, AuditLogEntityType auditLogEntityType, @Nullable AuditLogEntity auditLogEntity) {
        log(user == null ? null : user.getName(), str, key, auditLogEntityType, auditLogEntity);
    }

    public void log(@Nullable String str, @NotNull String str2, @Nullable Key key, AuditLogEntityType auditLogEntityType) {
        EntityKeys entityKeys = new EntityKeys(key);
        log((AuditLogEntry) new AuditLogMessage(str, new Date(), auditLogEntityType, entityKeys.getEntityId(), entityKeys.getChildId(), (AuditLogEntity) null, "CONFIG_CHANGE", str2, (String) null, (String) null));
    }

    public void log(@Nullable String str, @NotNull String str2, @Nullable Key key, @Nullable AuditLogEntityType auditLogEntityType, @Nullable AuditLogEntity auditLogEntity) {
        EntityKeys entityKeys = new EntityKeys(key);
        log((AuditLogEntry) new AuditLogMessage(str, new Date(), auditLogEntityType, entityKeys.getEntityId(), entityKeys.getChildId(), auditLogEntity, "CONFIG_CHANGE", str2, (String) null, (String) null));
    }

    public List<AuditLogEntry> getAuditLogMessagesForPlan(@NotNull ImmutablePlan immutablePlan, long j, long j2, int i, int i2) {
        return getAuditLogMessagesForEntity(immutablePlan.getKey(), AuditLogEntityType.PLAN, j, j2, i, i2);
    }

    public List<AuditLogEntry> getAuditLogMessagesForEntity(@NotNull String str, AuditLogEntityType auditLogEntityType, long j, long j2, int i, int i2) {
        return this.auditLogDao.getAuditLogMessagesForEntity(str, auditLogEntityType, j, j2, i, i2);
    }

    public boolean hasAuditLogMessagesForPlan(@NotNull ImmutablePlan immutablePlan, long j, long j2) {
        return countAuditLogMessagesForPlan(immutablePlan, j, j2) > 0;
    }

    public void removeAuditLogMessagesForPlan(@NotNull ImmutablePlan immutablePlan) {
        removeAuditLogMessagesByTypeAndEntityId(immutablePlan.getKey(), AuditLogEntityType.PLAN);
    }

    public void removeAuditLogMessagesByTypeAndEntityId(@NotNull String str, @Nullable AuditLogEntityType auditLogEntityType) {
        XsrfUtils.assertCanPerformMutativeAction("Cannot perform mutative operation");
        this.auditLogDao.deleteAuditLogMessagesByTypeAndEntityId(str, auditLogEntityType);
    }

    public void removeGlobalAuditLogMessages() {
        this.auditLogDao.deleteAll(this.auditLogDao.getGlobalAuditLogMessages());
    }

    public void removeAllAuditLogMessages() {
        XsrfUtils.assertCanPerformMutativeAction("Cannot perform mutative operation");
        this.auditLogDao.deleteAllAuditLogMessages();
    }

    public List<AuditLogEntry> getGlobalAuditLogMessages() {
        return this.auditLogDao.getGlobalAuditLogMessages();
    }

    public List<AuditLogEntry> getGlobalAuditLogMessages(int i, int i2) {
        return this.auditLogDao.getGlobalAuditLogMessages(i, i2);
    }

    public long countGlobalAuditLogMessages() {
        return this.auditLogDao.countGlobalAuditLogMessages();
    }

    public long countAuditLogMessagesForPlan(@NotNull ImmutablePlan immutablePlan) {
        return countAuditLogMessagesForPlan(immutablePlan, 0L, 0L);
    }

    public long countAuditLogMessagesForPlan(@NotNull ImmutablePlan immutablePlan, long j, long j2) {
        return countAuditLogMessagesForEntity(immutablePlan.getKey(), AuditLogEntityType.PLAN, j, j2);
    }

    public long countAuditLogMessagesForEntity(@NotNull String str, AuditLogEntityType auditLogEntityType, long j, long j2) {
        return this.auditLogDao.countAuditLogMessagesForEntity(str, auditLogEntityType, j, j2);
    }

    public void log(@NotNull Collection<AuditLogService.FieldChange> collection, @Nullable Key key) {
        if (key == null) {
            log(collection, (String) null, (AuditLogEntityType) null, (String) null, (AuditLogEntity) null);
        } else {
            log(collection, key.getKey(), AuditLogEntityType.PLAN, (String) null, (AuditLogEntity) null);
        }
    }

    public void log(@NotNull Iterable<AuditLogService.FieldChange> iterable, @Nullable String str, @Nullable AuditLogEntityType auditLogEntityType, @Nullable String str2, @Nullable AuditLogEntity auditLogEntity) {
        if (isEnabled()) {
            Date date = new Date();
            String userNameFromSecurityContext = this.authenticationContext.getUserNameFromSecurityContext();
            for (AuditLogService.FieldChange fieldChange : iterable) {
                if (!Objects.equals(fieldChange.getOldValue(), fieldChange.getNewValue())) {
                    log((AuditLogEntry) new AuditLogMessage(userNameFromSecurityContext, date, auditLogEntityType, str, str2, auditLogEntity, "FIELD_CHANGE", fieldChange.getFieldName(), maskIfNeeded(fieldChange.getFieldName(), fieldChange.getOldValue()), maskIfNeeded(fieldChange.getFieldName(), fieldChange.getNewValue())));
                }
            }
        }
    }

    public void log(@NotNull Iterable<AuditLogService.FieldChange> iterable, @Nullable AuditLogEntity auditLogEntity) {
        if (isEnabled()) {
            Date date = new Date();
            String userNameFromSecurityContext = this.authenticationContext.getUserNameFromSecurityContext();
            for (AuditLogService.FieldChange fieldChange : iterable) {
                if (!Objects.equals(fieldChange.getOldValue(), fieldChange.getNewValue())) {
                    log((AuditLogEntry) new AuditLogMessage(userNameFromSecurityContext, date, (AuditLogEntityType) null, (String) null, (String) null, auditLogEntity, "FIELD_CHANGE", fieldChange.getFieldName(), maskIfNeeded(fieldChange.getFieldName(), fieldChange.getOldValue()), maskIfNeeded(fieldChange.getFieldName(), fieldChange.getNewValue())));
                }
            }
        }
    }

    public void log(@NotNull String str, @Nullable String str2, @Nullable String str3, @Nullable Key key) {
        if (Objects.equals(str2, str3)) {
            return;
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(new XmlDiffFinder.DefaultFieldChange(str, str2, str3));
        log(arrayList, key);
    }

    public void log(@NotNull String str, @Nullable String str2, @Nullable String str3, @Nullable Key key, @Nullable AuditLogEntityType auditLogEntityType, @Nullable AuditLogEntity auditLogEntity) {
        if (!Objects.equals(str2, str3) && isEnabled()) {
            Date date = new Date();
            EntityKeys entityKeys = new EntityKeys(key);
            log((AuditLogEntry) new AuditLogMessage(this.authenticationContext.getUserName(), date, auditLogEntityType, entityKeys.getEntityId(), entityKeys.getChildId(), auditLogEntity, "FIELD_CHANGE", str, maskIfNeeded(str, str2), maskIfNeeded(str, str3)));
        }
    }

    public boolean isEnabled() {
        if (this.enabled == null) {
            this.enabled = Boolean.valueOf(this.administrationConfigurationAccessor.getAdministrationConfiguration().isAuditLoggingEnabled());
        }
        return this.enabled.booleanValue();
    }

    public void setEnabled(boolean z) {
        AdministrationConfiguration administrationConfiguration = this.administrationConfigurationAccessor.getAdministrationConfiguration();
        administrationConfiguration.setAuditLoggingEnabled(z);
        this.administrationConfigurationPersister.saveAdministrationConfiguration(administrationConfiguration);
        this.enabled = null;
        if (z) {
            log("auditLoggingEnabled", "false", "true", (Key) null);
        }
    }

    @Nullable
    private String maskIfNeeded(@NotNull String str, @Nullable String str2) {
        return shouldBeMasked(str, str2) ? "********" : str2;
    }

    @VisibleForTesting
    boolean shouldBeMasked(@NotNull String str, @Nullable String str2) {
        return PasswordMaskingUtils.shouldBeMasked(str) || StringUtils.startsWith(str2, EncryptionService.ENCRYPTED_PRIVATE_KEY_PREFIX) || StringUtils.containsIgnoreCase(str, CONFIDENTIAL_FIELD_NAME) || OTHER_CONFIDENTIAL_FIELD_NAMES.stream().anyMatch(str3 -> {
            return StringUtils.containsIgnoreCase(str, str3);
        });
    }

    public List<AuditLogEntry> getAgentAuditLogsMessagesByAgentName(String str) {
        return this.auditLogDao.getAgentAuditLogsMessagesByAgentName(str);
    }
}
