package com.atlassian.jira.permission.management;

import com.atlassian.event.api.EventPublisher;
import com.atlassian.fugue.Either;
import com.atlassian.fugue.Option;
import com.atlassian.jira.bc.ServiceOutcome;
import com.atlassian.jira.permission.JiraPermissionHolderType;
import com.atlassian.jira.permission.PermissionGrant;
import com.atlassian.jira.permission.PermissionHolder;
import com.atlassian.jira.permission.PermissionHolderType;
import com.atlassian.jira.permission.PermissionScheme;
import com.atlassian.jira.permission.PermissionSchemeManager;
import com.atlassian.jira.permission.PermissionSchemeService;
import com.atlassian.jira.permission.PermissionTypeManager;
import com.atlassian.jira.permission.ProjectPermission;
import com.atlassian.jira.permission.ProjectPermissionCategory;
import com.atlassian.jira.permission.management.beans.PermissionsInputBean;
import com.atlassian.jira.permission.management.beans.ProjectPermissionAddBean;
import com.atlassian.jira.permission.management.beans.ProjectPermissionBean;
import com.atlassian.jira.permission.management.beans.ProjectPermissionOperationResultBean;
import com.atlassian.jira.permission.management.beans.ProjectPermissionRenderingBean;
import com.atlassian.jira.permission.management.beans.ProjectPermissionRenderingSectionBean;
import com.atlassian.jira.permission.management.beans.ProjectPermissionSchemeBean;
import com.atlassian.jira.permission.management.beans.SecurityTypeBean;
import com.atlassian.jira.permission.management.beans.SecurityTypeValueBean;
import com.atlassian.jira.permission.management.events.PermissionGrantedToSecurityTypeEvent;
import com.atlassian.jira.permission.management.events.PermissionRevokedFromSecurityTypeEvent;
import com.atlassian.jira.permission.management.events.SuccessfulPermissionSchemeGrantEvent;
import com.atlassian.jira.permission.management.events.SuccessfulPermissionSchemeRevokeEvent;
import com.atlassian.jira.scheme.Scheme;
import com.atlassian.jira.security.PermissionManager;
import com.atlassian.jira.security.plugin.ProjectPermissionKey;
import com.atlassian.jira.security.type.SecurityType;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.user.util.UserManager;
import com.atlassian.jira.util.ErrorCollection;
import com.atlassian.jira.util.I18nHelper;
import com.atlassian.jira.util.SimpleErrorCollection;
import com.google.common.base.Preconditions;
import com.google.common.base.Supplier;
import com.google.common.collect.ArrayListMultimap;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import com.google.common.collect.UnmodifiableIterator;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;

/* loaded from: input_file:com/atlassian/jira/permission/management/ManagedPermissionSchemeHelperImpl.class */
public class ManagedPermissionSchemeHelperImpl implements ManagedPermissionSchemeHelper {
    private final PermissionManager permissionManager;
    private final PermissionSchemeManager permissionSchemeManager;
    private final PermissionSchemeService permissionSchemeService;
    private final PermissionTypeManager permissionTypeManager;
    private final I18nHelper i18nHelper;
    private final SecurityTypeValuesService securityTypeValuesService;
    private final ManagedPermissionSchemeEditingService editingHelper;
    private final EventPublisher eventPublisher;
    private final UserManager userManager;
    private final ImmutableList<SectionDefinition> SECTION_DEFINITIONS = ImmutableList.of(new SectionDefinition("project", "admin.permission.group.project.permissions", this::getProjectPermissions), new SectionDefinition("issue", "admin.permission.group.issue.permissions", this::getIssuePermissions), new SectionDefinition("voterandwatcher", "admin.permission.group.voters.and.watchers.permissions", this::getVotersAndWatchersPermissions), new SectionDefinition("comment", "admin.permission.group.comments.permissions", this::getCommentsPermissions), new SectionDefinition("attachment", "admin.permission.group.attachments.permissions", this::getAttachmentsPermissions), new SectionDefinition("timetracking", "admin.permission.group.time.tracking.permissions", this::getTimeTrackingPermissions), new SectionDefinition("other", "admin.permission.group.other.permissions", this::getOtherPermissions));

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/atlassian/jira/permission/management/ManagedPermissionSchemeHelperImpl$SectionDefinition.class */
    public static class SectionDefinition {
        private String sectionType;
        private String i18nKey;
        private Supplier<Collection<ProjectPermission>> permissions;

        private SectionDefinition(String str, String str2, Supplier<Collection<ProjectPermission>> supplier) {
            this.sectionType = (String) Preconditions.checkNotNull(str);
            this.i18nKey = (String) Preconditions.checkNotNull(str2);
            this.permissions = (Supplier) Preconditions.checkNotNull(supplier);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/atlassian/jira/permission/management/ManagedPermissionSchemeHelperImpl$SecurityTypeMapKey.class */
    public static class SecurityTypeMapKey {
        private final PermissionHolder permissionHolder;
        private final PermissionHolderType permissionHolderType;

        SecurityTypeMapKey(PermissionHolder permissionHolder, PermissionHolderType permissionHolderType) {
            this.permissionHolder = permissionHolder;
            this.permissionHolderType = permissionHolderType;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            return obj != null && getClass() == obj.getClass() && this.permissionHolderType.equals(((SecurityTypeMapKey) obj).permissionHolderType);
        }

        public int hashCode() {
            return this.permissionHolderType.hashCode();
        }
    }

    public ManagedPermissionSchemeHelperImpl(PermissionSchemeManager permissionSchemeManager, PermissionSchemeService permissionSchemeService, PermissionManager permissionManager, PermissionTypeManager permissionTypeManager, I18nHelper i18nHelper, SecurityTypeValuesService securityTypeValuesService, ManagedPermissionSchemeEditingService managedPermissionSchemeEditingService, EventPublisher eventPublisher, UserManager userManager) {
        this.permissionSchemeManager = permissionSchemeManager;
        this.permissionSchemeService = permissionSchemeService;
        this.permissionManager = permissionManager;
        this.permissionTypeManager = permissionTypeManager;
        this.i18nHelper = i18nHelper;
        this.securityTypeValuesService = securityTypeValuesService;
        this.editingHelper = managedPermissionSchemeEditingService;
        this.eventPublisher = eventPublisher;
        this.userManager = userManager;
    }

    @Override // com.atlassian.jira.permission.management.ManagedPermissionSchemeHelper
    public Either<ErrorCollection, ProjectPermissionSchemeBean> getManagedPermissionScheme(ApplicationUser applicationUser, Long l) {
        ServiceOutcome permissionScheme = this.permissionSchemeService.getPermissionScheme(applicationUser, l);
        if (!permissionScheme.isValid()) {
            return Either.left(permissionScheme.getErrorCollection());
        }
        if (this.permissionSchemeManager.getSchemeObject(l) == null) {
            return Either.left(schemeNotFound());
        }
        ArrayList newArrayList = Lists.newArrayList(getAllProjectPermissions());
        Collections.sort(newArrayList, (projectPermission, projectPermission2) -> {
            return projectPermission.getKey().compareTo(projectPermission2.getKey());
        });
        return Either.right(generatePermissionSchemeBean(newArrayList, (PermissionScheme) permissionScheme.get()));
    }

    @Override // com.atlassian.jira.permission.management.ManagedPermissionSchemeHelper
    public Either<ErrorCollection, ProjectPermissionAddBean> getManagedPermissionSchemeAddView(ApplicationUser applicationUser, Long l, String str) {
        ServiceOutcome permissionScheme = this.permissionSchemeService.getPermissionScheme(applicationUser, l);
        if (!permissionScheme.isValid()) {
            return Either.left(permissionScheme.getErrorCollection());
        }
        if (this.permissionSchemeManager.getSchemeObject(l) == null) {
            return Either.left(schemeNotFound());
        }
        Option projectPermission = this.permissionManager.getProjectPermission(new ProjectPermissionKey(str));
        return projectPermission.isEmpty() ? Either.left(schemeNotFound()) : Either.right(generatePermissionSchemeAddBean((ProjectPermission) projectPermission.get(), applicationUser));
    }

    @Override // com.atlassian.jira.permission.management.ManagedPermissionSchemeHelper
    public Either<ErrorCollection, ProjectPermissionAddBean> getManagedPermissionSchemeAddViewSecurityTypes(ApplicationUser applicationUser) {
        return Either.right(ProjectPermissionAddBean.builder().setPrimarySecurityType(this.securityTypeValuesService.buildPrimarySecurityTypes(applicationUser)).setSecondarySecurityType(this.securityTypeValuesService.buildSecondarySecurityTypes(applicationUser)).build());
    }

    @Override // com.atlassian.jira.permission.management.ManagedPermissionSchemeHelper
    public Either<ErrorCollection, ProjectPermissionSchemeBean> removeManagedPermissionSchemeGrants(ApplicationUser applicationUser, Long l, List<Long> list) {
        if (this.permissionSchemeManager.getSchemeObject(l) == null) {
            return Either.left(schemeNotFound());
        }
        if (list == null || list.isEmpty()) {
            return Either.left(notFoundError("admin.errors.permissions.specify.permission.to.delete"));
        }
        triggerRevokeAnalyticsEvents(l, list, applicationUser);
        this.permissionSchemeManager.deleteEntities(list);
        Either<ErrorCollection, ProjectPermissionSchemeBean> managedPermissionScheme = getManagedPermissionScheme(applicationUser, l);
        if (managedPermissionScheme.isRight()) {
            addSuccessfulOperationDetails((ProjectPermissionSchemeBean) managedPermissionScheme.right().get(), this.i18nHelper.getText("admin.permissions.feedback.successfuldelete." + (list.size() == 1 ? "single" : "multiple")));
        }
        return managedPermissionScheme;
    }

    @Override // com.atlassian.jira.permission.management.ManagedPermissionSchemeHelper
    public Either<ErrorCollection, ProjectPermissionSchemeBean> addManagedPermissionSchemeGrants(ApplicationUser applicationUser, Long l, PermissionsInputBean permissionsInputBean) {
        Scheme schemeObject = this.permissionSchemeManager.getSchemeObject(l);
        if (schemeObject == null) {
            return Either.left(schemeNotFound());
        }
        ErrorCollection validateAddPermissions = this.editingHelper.validateAddPermissions(applicationUser, permissionsInputBean);
        if (validateAddPermissions.hasAnyErrors()) {
            return Either.left(validateAddPermissions);
        }
        this.editingHelper.addNewSecurityTypes(schemeObject, permissionsInputBean);
        Either<ErrorCollection, ProjectPermissionSchemeBean> managedPermissionScheme = getManagedPermissionScheme(applicationUser, l);
        if (managedPermissionScheme.isRight()) {
            triggerGrantAnalyticsEvents(l, permissionsInputBean);
            addSuccessfulOperationDetails((ProjectPermissionSchemeBean) managedPermissionScheme.right().get(), this.i18nHelper.getText("admin.permissions.feedback.successfulgrant." + (permissionsInputBean.getPermissionKeys().size() == 1 ? "single" : "multiple")));
        }
        return managedPermissionScheme;
    }

    private void triggerRevokeAnalyticsEvents(Long l, List<Long> list, ApplicationUser applicationUser) {
        if (list.isEmpty()) {
            return;
        }
        List entitiesByIds = this.permissionSchemeManager.getEntitiesByIds(list);
        if (entitiesByIds.isEmpty()) {
            return;
        }
        this.eventPublisher.publish(new SuccessfulPermissionSchemeRevokeEvent(l, (String) entitiesByIds.stream().map(genericValue -> {
            return genericValue.get("permissionKey").toString();
        }).sorted().distinct().collect(Collectors.joining(",")), Integer.valueOf(list.size())));
        entitiesByIds.stream().forEach(genericValue2 -> {
            this.eventPublisher.publish(new PermissionRevokedFromSecurityTypeEvent(l, genericValue2.get("permissionKey").toString(), genericValue2.get("type").toString()));
        });
    }

    private void triggerGrantAnalyticsEvents(Long l, PermissionsInputBean permissionsInputBean) {
        String str = (String) permissionsInputBean.getGrants().stream().map((v0) -> {
            return v0.getSecurityType();
        }).sorted().collect(Collectors.joining(","));
        this.eventPublisher.publish(new SuccessfulPermissionSchemeGrantEvent(l, str, Integer.valueOf(permissionsInputBean.getPermissionKeys().size())));
        permissionsInputBean.getPermissionKeys().forEach(str2 -> {
            this.eventPublisher.publish(new PermissionGrantedToSecurityTypeEvent(l, str2, str));
        });
    }

    private void addSuccessfulOperationDetails(ProjectPermissionSchemeBean projectPermissionSchemeBean, String str) {
        ProjectPermissionOperationResultBean projectPermissionOperationResultBean = new ProjectPermissionOperationResultBean();
        projectPermissionOperationResultBean.setType(ProjectPermissionOperationResultBean.SUCCESS_TYPE);
        projectPermissionOperationResultBean.setMessages(Arrays.asList(str));
        projectPermissionSchemeBean.setOperationResult(projectPermissionOperationResultBean);
    }

    private ProjectPermissionSchemeBean generatePermissionSchemeBean(Collection<ProjectPermission> collection, PermissionScheme permissionScheme) {
        return ProjectPermissionSchemeBean.builder().setId(permissionScheme.getId()).setName(permissionScheme.getName()).setDescription(permissionScheme.getDescription()).setPermissions(Lists.newArrayList(Iterables.transform(collection, projectPermission -> {
            ProjectPermissionKey projectPermissionKey = projectPermission.getProjectPermissionKey();
            String descriptionI18nKey = projectPermission.getDescriptionI18nKey();
            String nameI18nKey = projectPermission.getNameI18nKey();
            return ProjectPermissionBean.builder().setPermissionKey(projectPermissionKey.permissionKey()).setPermissionDesc(this.i18nHelper.getText(descriptionI18nKey)).setPermissionName(this.i18nHelper.getText(nameI18nKey)).setGrants(buildGrants(projectPermissionKey, permissionScheme)).build();
        }))).setDisplayRendering(buildRenderingSections(this.i18nHelper)).build();
    }

    private ProjectPermissionAddBean generatePermissionSchemeAddBean(ProjectPermission projectPermission, ApplicationUser applicationUser) {
        return ProjectPermissionAddBean.builder().setPermission(ProjectPermissionBean.builder().setPermissionKey(projectPermission.getProjectPermissionKey().permissionKey()).setPermissionDesc(this.i18nHelper.getText(projectPermission.getDescriptionI18nKey())).setPermissionName(this.i18nHelper.getText(projectPermission.getNameI18nKey())).build()).setPrimarySecurityType(this.securityTypeValuesService.buildPrimarySecurityTypes(applicationUser)).setSecondarySecurityType(this.securityTypeValuesService.buildSecondarySecurityTypes(applicationUser)).build();
    }

    private List<SecurityTypeBean> buildGrants(ProjectPermissionKey projectPermissionKey, PermissionScheme permissionScheme) {
        ArrayList<PermissionGrant> newArrayList = Lists.newArrayList(Iterables.filter(permissionScheme.getPermissions(), permissionGrant -> {
            return projectPermissionKey.equals(permissionGrant.getPermission());
        }));
        ArrayListMultimap create = ArrayListMultimap.create();
        for (PermissionGrant permissionGrant2 : newArrayList) {
            create.put(new SecurityTypeMapKey(permissionGrant2.getHolder(), permissionGrant2.getHolder().getType()), permissionGrant2);
        }
        ArrayList arrayList = new ArrayList();
        for (SecurityTypeMapKey securityTypeMapKey : create.keySet()) {
            PermissionHolder permissionHolder = securityTypeMapKey.permissionHolder;
            SecurityTypeBean.Builder displayName = SecurityTypeBean.builder().setSecurityType(permissionHolder.getType().getKey()).setDisplayName(getSecurityType(permissionHolder).getDisplayName());
            for (PermissionGrant permissionGrant3 : create.get(securityTypeMapKey)) {
                PermissionHolder holder = permissionGrant3.getHolder();
                SecurityTypeValueBean.Builder displayValue = SecurityTypeValueBean.builder().setId(permissionGrant3.getId()).setValue((String) holder.getParameter().getOrNull()).setDisplayValue(getParameterDisplayValue(permissionGrant3));
                if (JiraPermissionHolderType.USER.getKey().equals(holder.getType().getKey())) {
                    displayValue.setValid(Boolean.valueOf(this.userManager.isUserExisting(this.userManager.getUserByNameEvenWhenUnknown((String) holder.getParameter().getOrNull()))));
                }
                displayName.addValue(displayValue.build());
            }
            arrayList.add(displayName.build());
        }
        this.securityTypeValuesService.sort(arrayList);
        return arrayList;
    }

    private String getParameterDisplayValue(PermissionGrant permissionGrant) {
        Option parameter = permissionGrant.getHolder().getParameter();
        if (parameter.isDefined()) {
            return getSecurityType(permissionGrant.getHolder()).getArgumentDisplay((String) parameter.get());
        }
        return null;
    }

    private SecurityType getSecurityType(PermissionHolder permissionHolder) {
        return this.permissionTypeManager.getTypes().get(permissionHolder.getType().getKey());
    }

    private ErrorCollection notFoundError(String str) {
        return new SimpleErrorCollection(this.i18nHelper.getText(str), ErrorCollection.Reason.NOT_FOUND);
    }

    private ErrorCollection schemeNotFound() {
        return notFoundError("admin.permissions.errors.mustselectscheme");
    }

    private ProjectPermissionRenderingBean buildRenderingSections(I18nHelper i18nHelper) {
        ArrayList newArrayList = Lists.newArrayList();
        UnmodifiableIterator it = this.SECTION_DEFINITIONS.iterator();
        while (it.hasNext()) {
            SectionDefinition sectionDefinition = (SectionDefinition) it.next();
            ProjectPermissionRenderingSectionBean.Builder builder = ProjectPermissionRenderingSectionBean.builder();
            builder.setSectionType(sectionDefinition.sectionType);
            builder.setHeading(i18nHelper.getText(sectionDefinition.i18nKey));
            builder.addPermissions(Iterables.transform((Iterable) sectionDefinition.permissions.get(), (v0) -> {
                return v0.getKey();
            }));
            newArrayList.add(builder.build());
        }
        return new ProjectPermissionRenderingBean(true, newArrayList);
    }

    private Collection<ProjectPermission> getAllProjectPermissions() {
        return this.permissionManager.getAllProjectPermissions();
    }

    private Collection<ProjectPermission> getProjectPermissions() {
        return this.permissionManager.getProjectPermissions(ProjectPermissionCategory.PROJECTS);
    }

    private Collection<ProjectPermission> getIssuePermissions() {
        return this.permissionManager.getProjectPermissions(ProjectPermissionCategory.ISSUES);
    }

    private Collection<ProjectPermission> getVotersAndWatchersPermissions() {
        return this.permissionManager.getProjectPermissions(ProjectPermissionCategory.VOTERS_AND_WATCHERS);
    }

    private Collection<ProjectPermission> getTimeTrackingPermissions() {
        return this.permissionManager.getProjectPermissions(ProjectPermissionCategory.TIME_TRACKING);
    }

    private Collection<ProjectPermission> getCommentsPermissions() {
        return this.permissionManager.getProjectPermissions(ProjectPermissionCategory.COMMENTS);
    }

    private Collection<ProjectPermission> getAttachmentsPermissions() {
        return this.permissionManager.getProjectPermissions(ProjectPermissionCategory.ATTACHMENTS);
    }

    private Collection<ProjectPermission> getOtherPermissions() {
        return this.permissionManager.getProjectPermissions(ProjectPermissionCategory.OTHER);
    }
}
