package com.zimbra.cs.account.accesscontrol;

import com.zimbra.common.service.ServiceException;
import com.zimbra.common.util.ZimbraLog;
import com.zimbra.cs.account.AttributeClass;
import com.zimbra.cs.account.Entry;
import com.zimbra.cs.account.Provisioning;
import com.zimbra.cs.account.ZAttrProvisioning;
import com.zimbra.cs.account.ldap.LdapUtil;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.naming.directory.Attributes;

/* loaded from: input_file:com/zimbra/cs/account/accesscontrol/SearchGrants.class */
public class SearchGrants {
    private Provisioning mProv;
    private Set<TargetType> mTargetTypes;
    private Set<String> mGranteeIds;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/zimbra/cs/account/accesscontrol/SearchGrants$GrantsOnTarget.class */
    public static class GrantsOnTarget {
        private Entry mTargetEntry;
        private ZimbraACL mAcl;

        private GrantsOnTarget(Entry entry, ZimbraACL zimbraACL) {
            this.mTargetEntry = entry;
            this.mAcl = zimbraACL;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Entry getTargetEntry() {
            return this.mTargetEntry;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public ZimbraACL getAcl() {
            return this.mAcl;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/zimbra/cs/account/accesscontrol/SearchGrants$GrantsOnTargetRaw.class */
    public static class GrantsOnTargetRaw {
        private String cn;
        private String zimbraId;
        private Set<String> objectClass;
        private String[] zimbraACE;

        /* JADX INFO: Access modifiers changed from: private */
        public String dump() {
            StringBuilder sb = new StringBuilder();
            sb.append("SearchGrantResult: ");
            sb.append("cn=" + this.cn);
            sb.append("zimbraId=" + this.zimbraId);
            sb.append(", objectClass=[");
            Iterator<String> it = this.objectClass.iterator();
            while (it.hasNext()) {
                sb.append(it.next() + ", ");
            }
            sb.append("]");
            sb.append(", zimbraACE=[");
            for (String str : this.zimbraACE) {
                sb.append(str + ", ");
            }
            return sb.toString();
        }

        private String[] getMultiAttrString(Map<String, Object> map, String str) {
            Object obj = map.get(str);
            return obj instanceof String ? new String[]{(String) obj} : (String[]) obj;
        }

        private GrantsOnTargetRaw(Map<String, Object> map) {
            this.cn = (String) map.get(ZAttrProvisioning.A_cn);
            this.zimbraId = (String) map.get("zimbraId");
            this.objectClass = new HashSet(Arrays.asList(getMultiAttrString(map, ZAttrProvisioning.A_objectClass)));
            this.zimbraACE = getMultiAttrString(map, ZAttrProvisioning.A_zimbraACE);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String getTargetId() {
            return this.zimbraId != null ? this.zimbraId : this.cn;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/zimbra/cs/account/accesscontrol/SearchGrants$SearchGrantVisitor.class */
    public static class SearchGrantVisitor implements LdapUtil.SearchLdapVisitor {
        SearchGrantsResults mResults;

        SearchGrantVisitor(SearchGrantsResults searchGrantsResults) {
            this.mResults = searchGrantsResults;
        }

        @Override // com.zimbra.cs.account.ldap.LdapUtil.SearchLdapVisitor
        public void visit(String str, Map<String, Object> map, Attributes attributes) {
            this.mResults.addResult(new GrantsOnTargetRaw(map));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/zimbra/cs/account/accesscontrol/SearchGrants$SearchGrantsResults.class */
    public static class SearchGrantsResults {
        private Provisioning mProv;
        private Map<String, GrantsOnTargetRaw> mRawResults = new HashMap();
        private Set<GrantsOnTarget> mResults;

        SearchGrantsResults(Provisioning provisioning) {
            this.mProv = provisioning;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void addResult(GrantsOnTargetRaw grantsOnTargetRaw) {
            this.mRawResults.put(grantsOnTargetRaw.getTargetId(), grantsOnTargetRaw);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Set<GrantsOnTarget> getResults() throws ServiceException {
            if (this.mResults == null) {
                this.mResults = new HashSet();
                Iterator<GrantsOnTargetRaw> it = this.mRawResults.values().iterator();
                while (it.hasNext()) {
                    this.mResults.add(getGrants(this.mProv, it.next()));
                }
            }
            return this.mResults;
        }

        private GrantsOnTarget getGrants(Provisioning provisioning, GrantsOnTargetRaw grantsOnTargetRaw) throws ServiceException {
            TargetType targetType;
            if (grantsOnTargetRaw.objectClass.contains(AttributeClass.calendarResource.getOCName())) {
                targetType = TargetType.calresource;
            } else if (grantsOnTargetRaw.objectClass.contains(AttributeClass.account.getOCName())) {
                targetType = TargetType.account;
            } else if (grantsOnTargetRaw.objectClass.contains(AttributeClass.cos.getOCName())) {
                targetType = TargetType.cos;
            } else if (grantsOnTargetRaw.objectClass.contains(AttributeClass.distributionList.getOCName())) {
                targetType = TargetType.dl;
            } else if (grantsOnTargetRaw.objectClass.contains(AttributeClass.domain.getOCName())) {
                targetType = TargetType.domain;
            } else if (grantsOnTargetRaw.objectClass.contains(AttributeClass.server.getOCName())) {
                targetType = TargetType.server;
            } else if (grantsOnTargetRaw.objectClass.contains(AttributeClass.xmppComponent.getOCName())) {
                targetType = TargetType.xmppcomponent;
            } else if (grantsOnTargetRaw.objectClass.contains(AttributeClass.zimletEntry.getOCName())) {
                targetType = TargetType.zimlet;
            } else if (grantsOnTargetRaw.objectClass.contains(AttributeClass.globalConfig.getOCName())) {
                targetType = TargetType.config;
            } else {
                if (!grantsOnTargetRaw.objectClass.contains(AttributeClass.aclTarget.getOCName())) {
                    throw ServiceException.FAILURE("cannot determine target type from SearchGrantResult. " + grantsOnTargetRaw.dump(), (Throwable) null);
                }
                targetType = TargetType.global;
            }
            try {
                Entry lookupTarget = targetType == TargetType.zimlet ? TargetType.lookupTarget(provisioning, targetType, Provisioning.TargetBy.name, grantsOnTargetRaw.cn) : TargetType.lookupTarget(provisioning, targetType, Provisioning.TargetBy.id, grantsOnTargetRaw.zimbraId);
                if (lookupTarget != null) {
                    return new GrantsOnTarget(lookupTarget, new ZimbraACL(grantsOnTargetRaw.zimbraACE, targetType, lookupTarget.getLabel()));
                }
                ZimbraLog.acl.warn("canot find target by id " + grantsOnTargetRaw.zimbraId);
                throw ServiceException.FAILURE("canot find target by id " + grantsOnTargetRaw.zimbraId + ". " + grantsOnTargetRaw.dump(), (Throwable) null);
            } catch (ServiceException e) {
                throw ServiceException.FAILURE("canot find target by id " + grantsOnTargetRaw.zimbraId + ". " + grantsOnTargetRaw.dump(), (Throwable) null);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SearchGrants(Provisioning provisioning, Set<TargetType> set, Set<String> set2) {
        this.mProv = provisioning;
        this.mTargetTypes = set;
        this.mGranteeIds = set2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SearchGrantsResults doSearch() throws ServiceException {
        Map<String, Set<String>> searchBasesAndOCs = TargetType.getSearchBasesAndOCs(this.mProv, this.mTargetTypes);
        SearchGrantsResults searchGrantsResults = new SearchGrantsResults(this.mProv);
        SearchGrantVisitor searchGrantVisitor = new SearchGrantVisitor(searchGrantsResults);
        for (Map.Entry<String, Set<String>> entry : searchBasesAndOCs.entrySet()) {
            search(entry.getKey(), entry.getValue(), searchGrantVisitor);
        }
        return searchGrantsResults;
    }

    private void search(String str, Set<String> set, SearchGrantVisitor searchGrantVisitor) throws ServiceException {
        StringBuilder sb = new StringBuilder();
        sb.append("(|");
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            sb.append("(objectClass=" + it.next() + ")");
        }
        sb.append(")");
        StringBuilder sb2 = new StringBuilder();
        sb2.append("(|");
        Iterator<String> it2 = this.mGranteeIds.iterator();
        while (it2.hasNext()) {
            sb2.append("(zimbraACE=" + it2.next() + "*)");
        }
        sb2.append(")");
        LdapUtil.searchLdapOnMaster(str, "(&" + ((Object) sb2) + ((Object) sb) + ")", new String[]{ZAttrProvisioning.A_cn, "zimbraId", ZAttrProvisioning.A_objectClass, ZAttrProvisioning.A_zimbraACE}, searchGrantVisitor);
    }
}
