package com.atlassian.crowd.directory;

import com.atlassian.crowd.directory.ldap.mapper.ContextMapperWithRequiredAttributes;
import com.atlassian.crowd.directory.ldap.mapper.UserContextMapperConfig;
import com.atlassian.crowd.directory.ldap.mapper.attribute.AttributeMapper;
import com.atlassian.crowd.directory.ldap.mapper.attribute.RFC2307GidNumberMapper;
import com.atlassian.crowd.directory.ldap.mapper.attribute.group.RFC2307MemberUidMapper;
import com.atlassian.crowd.embedded.api.Attributes;
import com.atlassian.crowd.exception.GroupNotFoundException;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.exception.UserNotFoundException;
import com.atlassian.crowd.model.group.Group;
import com.atlassian.crowd.model.group.GroupType;
import com.atlassian.crowd.model.group.LDAPGroupWithAttributes;
import com.atlassian.crowd.model.group.Membership;
import com.atlassian.crowd.model.user.LDAPUserWithAttributes;
import com.atlassian.crowd.search.Entity;
import com.atlassian.crowd.search.EntityDescriptor;
import com.atlassian.crowd.search.builder.QueryBuilder;
import com.atlassian.crowd.search.ldap.LDAPQueryTranslater;
import com.atlassian.crowd.search.query.membership.MembershipQuery;
import com.atlassian.crowd.search.util.SearchResultsUtil;
import com.atlassian.crowd.util.InstanceFactory;
import com.atlassian.event.api.EventPublisher;
import com.google.common.base.Function;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Iterables;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.naming.ldap.LdapName;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.Validate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.ldap.filter.AndFilter;
import org.springframework.ldap.filter.EqualsFilter;
import org.springframework.ldap.filter.HardcodedFilter;
import org.springframework.ldap.filter.OrFilter;

/* loaded from: input_file:com/atlassian/crowd/directory/RFC2307Directory.class */
public abstract class RFC2307Directory extends SpringLDAPConnector {
    private static final Logger logger = LoggerFactory.getLogger(RFC2307Directory.class);
    private final Function<? super LDAPGroupWithAttributes, ? extends Membership> fillInPrimaryGroups;

    public RFC2307Directory(LDAPQueryTranslater lDAPQueryTranslater, EventPublisher eventPublisher, InstanceFactory instanceFactory, LdapContextSourceProvider ldapContextSourceProvider) {
        super(lDAPQueryTranslater, eventPublisher, instanceFactory, ldapContextSourceProvider);
        this.fillInPrimaryGroups = new Function<LDAPGroupWithAttributes, Membership>() { // from class: com.atlassian.crowd.directory.RFC2307Directory.1
            public Membership apply(LDAPGroupWithAttributes lDAPGroupWithAttributes) {
                final String name = lDAPGroupWithAttributes.getName();
                final HashSet hashSet = new HashSet(RFC2307Directory.this.getMemberNames(lDAPGroupWithAttributes));
                String gid = RFC2307Directory.this.getGid(lDAPGroupWithAttributes);
                if (gid != null) {
                    try {
                        AndFilter andFilter = new AndFilter();
                        andFilter.and(new HardcodedFilter(RFC2307Directory.this.ldapPropertiesMapper.getUserFilter()));
                        andFilter.and(new EqualsFilter(RFC2307GidNumberMapper.ATTRIBUTE_KEY, gid));
                        if (RFC2307Directory.logger.isDebugEnabled()) {
                            RFC2307Directory.logger.debug("Executing search at DN: <" + RFC2307Directory.this.searchDN.getUser() + "> with filter: <" + andFilter.encode() + ">");
                        }
                        Iterables.addAll(hashSet, NamedLdapEntity.namesOf((Iterable<? extends NamedLdapEntity>) RFC2307Directory.this.searchEntities(RFC2307Directory.this.searchDN.getUser(), andFilter.encode(), NamedLdapEntity.mapperFromAttribute(RFC2307Directory.this.ldapPropertiesMapper.getUserNameAttribute()), 0, -1)));
                    } catch (OperationFailedException e) {
                        RFC2307Directory.logger.debug("Unable to get gid members for group: " + lDAPGroupWithAttributes.getDn(), e);
                    }
                }
                return new Membership() { // from class: com.atlassian.crowd.directory.RFC2307Directory.1.1
                    public String getGroupName() {
                        return name;
                    }

                    public Set<String> getUserNames() {
                        return hashSet;
                    }

                    public Set<String> getChildGroupNames() {
                        return Collections.emptySet();
                    }
                };
            }
        };
    }

    @Override // com.atlassian.crowd.directory.SpringLDAPConnector
    protected List<AttributeMapper> getCustomGroupAttributeMappers() {
        ImmutableList.Builder builder = ImmutableList.builder();
        builder.addAll(super.getCustomGroupAttributeMappers());
        builder.add(new RFC2307MemberUidMapper(this.ldapPropertiesMapper.getGroupMemberAttribute()));
        builder.add(new RFC2307GidNumberMapper());
        return builder.build();
    }

    @Override // com.atlassian.crowd.directory.SpringLDAPConnector
    protected List<AttributeMapper> getCustomUserAttributeMappers(UserContextMapperConfig userContextMapperConfig) {
        ImmutableList.Builder builder = ImmutableList.builder();
        builder.addAll(super.getCustomUserAttributeMappers(userContextMapperConfig));
        if (userContextMapperConfig.includeAll()) {
            builder.add(new RFC2307GidNumberMapper());
        }
        return builder.build();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Set<String> getMemberNames(LDAPGroupWithAttributes lDAPGroupWithAttributes) {
        return lDAPGroupWithAttributes.getValues(RFC2307MemberUidMapper.ATTRIBUTE_KEY);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String getGid(Attributes attributes) {
        return attributes.getValue(RFC2307GidNumberMapper.ATTRIBUTE_KEY);
    }

    public boolean isUserDirectGroupMember(String str, String str2) throws OperationFailedException {
        Validate.notEmpty(str, "username argument cannot be null or empty", new Object[0]);
        Validate.notEmpty(str2, "groupName argument cannot be null or empty", new Object[0]);
        boolean z = false;
        try {
            LDAPGroupWithAttributes findGroupByName = m11findGroupByName(str2);
            Set<String> memberNames = getMemberNames(findGroupByName);
            if (memberNames != null) {
                Iterator<String> it = memberNames.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (it.next().equalsIgnoreCase(str)) {
                        z = true;
                        break;
                    }
                }
            }
            if (!z) {
                if (StringUtils.equals(getGid(m14findUserByName(str)), getGid(findGroupByName))) {
                    z = true;
                }
            }
        } catch (UserNotFoundException e) {
        } catch (GroupNotFoundException e2) {
        }
        return z;
    }

    public boolean isGroupDirectGroupMember(String str, String str2) {
        return false;
    }

    @Override // com.atlassian.crowd.directory.SpringLDAPConnector
    protected <T> Iterable<T> searchGroupRelationshipsWithGroupTypeSpecified(MembershipQuery<T> membershipQuery) throws OperationFailedException {
        List<LDAPUserWithAttributes> findGroupMemberships;
        Validate.notNull(membershipQuery, "query argument cannot be null", new Object[0]);
        if (membershipQuery.isFindChildren()) {
            if (membershipQuery.getEntityToMatch().getEntityType() != Entity.GROUP) {
                throw new IllegalArgumentException("You can only find the GROUP or USER members of a GROUP");
            }
            if (membershipQuery.getEntityToReturn().getEntityType() == Entity.USER) {
                if (membershipQuery.getReturnType() == String.class) {
                    try {
                        return ((Membership) this.fillInPrimaryGroups.apply(findGroupByNameAndType(membershipQuery.getEntityNameToMatch(), GroupType.GROUP))).getUserNames();
                    } catch (GroupNotFoundException e) {
                        return Collections.emptyList();
                    }
                }
                findGroupMemberships = findUserMembersOfGroup(membershipQuery.getEntityNameToMatch(), membershipQuery.getEntityToMatch().getGroupType(), membershipQuery.getStartIndex(), membershipQuery.getMaxResults());
            } else {
                if (membershipQuery.getEntityToReturn().getEntityType() != Entity.GROUP) {
                    throw new IllegalArgumentException("You can only find the GROUP or USER members of a GROUP");
                }
                findGroupMemberships = Collections.emptyList();
            }
        } else {
            if (membershipQuery.getReturnType() == String.class) {
                return (Iterable<T>) findGroupMembershipNames(membershipQuery);
            }
            findGroupMemberships = findGroupMemberships(membershipQuery);
        }
        return membershipQuery.getReturnType() == String.class ? SearchResultsUtil.convertEntitiesToNames(findGroupMemberships) : findGroupMemberships;
    }

    private Iterable<? extends LDAPGroupWithAttributes> findGroupMemberships(MembershipQuery<? extends LDAPGroupWithAttributes> membershipQuery) throws OperationFailedException {
        if (membershipQuery.getEntityToReturn().getEntityType() != Entity.GROUP) {
            throw new IllegalArgumentException("You can only find the GROUP memberships of USER or GROUP");
        }
        if (membershipQuery.getEntityToMatch().getEntityType() == Entity.USER) {
            return findGroupMembershipsOfUser(membershipQuery.getEntityNameToMatch(), membershipQuery.getEntityToReturn().getGroupType(), membershipQuery.getStartIndex(), membershipQuery.getMaxResults());
        }
        if (membershipQuery.getEntityToMatch().getEntityType() == Entity.GROUP) {
            return Collections.emptyList();
        }
        throw new IllegalArgumentException("You can only find the GROUP memberships of USER or GROUP");
    }

    private Iterable<String> findGroupMembershipNames(MembershipQuery<String> membershipQuery) throws OperationFailedException {
        if (membershipQuery.getEntityToReturn().getEntityType() != Entity.GROUP) {
            throw new IllegalArgumentException("You can only find the GROUP memberships of USER or GROUP");
        }
        if (membershipQuery.getEntityToMatch().getEntityType() == Entity.USER) {
            return findGroupMembershipNamesOfUser(membershipQuery.getEntityNameToMatch(), membershipQuery.getEntityToReturn().getGroupType(), membershipQuery.getStartIndex(), membershipQuery.getMaxResults());
        }
        if (membershipQuery.getEntityToMatch().getEntityType() == Entity.GROUP) {
            return Collections.emptyList();
        }
        throw new IllegalArgumentException("You can only find the GROUP memberships of USER or GROUP");
    }

    private Iterable<LDAPGroupWithAttributes> findGroupMembershipsOfUser(String str, GroupType groupType, int i, int i2) throws OperationFailedException {
        return findGroupMembershipsOfUser(str, groupType, getGroupContextMapper(groupType, true), i, i2);
    }

    private Iterable<String> findGroupMembershipNamesOfUser(String str, GroupType groupType, int i, int i2) throws OperationFailedException {
        return NamedLdapEntity.namesOf((List<? extends NamedLdapEntity>) findGroupMembershipsOfUser(str, groupType, NamedLdapEntity.mapperFromAttribute(this.ldapPropertiesMapper.getGroupNameAttribute()), i, i2));
    }

    private <T> List<T> findGroupMembershipsOfUser(String str, GroupType groupType, ContextMapperWithRequiredAttributes<T> contextMapperWithRequiredAttributes, int i, int i2) throws OperationFailedException {
        try {
            if (groupType != GroupType.GROUP) {
                if (groupType == GroupType.LEGACY_ROLE) {
                    return Collections.emptyList();
                }
                throw new IllegalArgumentException("Cannot find membership of user that are of GroupType: " + groupType);
            }
            LdapName group = this.searchDN.getGroup();
            String groupMemberAttribute = this.ldapPropertiesMapper.getGroupMemberAttribute();
            String groupFilter = this.ldapPropertiesMapper.getGroupFilter();
            LDAPUserWithAttributes findUserByName = m14findUserByName(str);
            String gid = getGid(findUserByName);
            OrFilter orFilter = new OrFilter();
            orFilter.or(new EqualsFilter(groupMemberAttribute, findUserByName.getName()));
            if (gid != null) {
                orFilter.or(new EqualsFilter(RFC2307GidNumberMapper.ATTRIBUTE_KEY, gid));
            }
            AndFilter andFilter = new AndFilter();
            andFilter.and(new HardcodedFilter(groupFilter));
            andFilter.and(orFilter);
            return searchEntities(group, andFilter.encode(), contextMapperWithRequiredAttributes, i, i2);
        } catch (UserNotFoundException e) {
            return Collections.emptyList();
        }
    }

    private List<LDAPUserWithAttributes> findUserMembersOfGroup(String str, GroupType groupType, int i, int i2) throws OperationFailedException {
        try {
            LDAPGroupWithAttributes findGroupByNameAndType = findGroupByNameAndType(str, groupType);
            HashSet hashSet = new HashSet();
            String gid = getGid(findGroupByNameAndType);
            if (gid != null) {
                try {
                    AndFilter andFilter = new AndFilter();
                    andFilter.and(new HardcodedFilter(this.ldapPropertiesMapper.getUserFilter()));
                    andFilter.and(new EqualsFilter(RFC2307GidNumberMapper.ATTRIBUTE_KEY, gid));
                    if (logger.isDebugEnabled()) {
                        logger.debug("Executing search at DN: <" + this.searchDN.getUser() + "> with filter: <" + andFilter.encode() + ">");
                    }
                    hashSet.addAll(searchEntities(this.searchDN.getUser(), andFilter.encode(), getUserContextMapper(UserContextMapperConfig.Builder.withCustomAttributes().build()), i, i2));
                } catch (OperationFailedException e) {
                    logger.debug("Unable to get gid members for group: " + findGroupByNameAndType.getDn(), e);
                }
            }
            Set<String> memberNames = getMemberNames(findGroupByNameAndType);
            if (memberNames != null) {
                Iterator<String> it = memberNames.iterator();
                while (it.hasNext()) {
                    try {
                        hashSet.add(m14findUserByName(it.next()));
                    } catch (UserNotFoundException e2) {
                    }
                }
            }
            return SearchResultsUtil.constrainResults(new ArrayList(hashSet), i, i2);
        } catch (GroupNotFoundException e3) {
            if (logger.isDebugEnabled()) {
                logger.debug("Group with name <" + str + "> does not exist and therefore has no members");
            }
            return Collections.emptyList();
        }
    }

    @Override // com.atlassian.crowd.directory.SpringLDAPConnector
    public boolean supportsNestedGroups() {
        return false;
    }

    @Override // com.atlassian.crowd.directory.SpringLDAPConnector
    public boolean supportsPasswordExpiration() {
        return false;
    }

    public Iterable<Membership> getMemberships() throws OperationFailedException {
        return Iterables.transform(searchGroupObjectsOfSpecifiedGroupType(QueryBuilder.queryFor(Group.class, EntityDescriptor.group(GroupType.GROUP)).returningAtMost(-1), getGroupContextMapper(GroupType.GROUP, true)), this.fillInPrimaryGroups);
    }
}
