package com.atlassian.confluence.user.tokengroups;

import com.atlassian.crowd.directory.MicrosoftActiveDirectory;
import com.atlassian.crowd.directory.RemoteDirectory;
import com.atlassian.crowd.directory.loader.DirectoryInstanceLoader;
import com.atlassian.crowd.directory.loader.LDAPDirectoryInstanceLoader;
import com.atlassian.crowd.embedded.api.Directory;
import com.atlassian.crowd.embedded.api.DirectoryType;
import com.atlassian.crowd.event.user.AutoUserCreatedEvent;
import com.atlassian.crowd.event.user.AutoUserUpdatedEvent;
import com.atlassian.crowd.exception.CrowdException;
import com.atlassian.crowd.exception.DirectoryInstantiationException;
import com.atlassian.crowd.exception.GroupNotFoundException;
import com.atlassian.crowd.exception.InvalidGroupException;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.exception.UserNotFoundException;
import com.atlassian.crowd.model.EntityComparator;
import com.atlassian.crowd.model.group.Group;
import com.atlassian.crowd.model.group.GroupTemplate;
import com.atlassian.crowd.model.group.LDAPGroupWithAttributes;
import com.atlassian.crowd.model.user.User;
import com.atlassian.crowd.model.user.UserWithAttributes;
import com.atlassian.crowd.search.EntityDescriptor;
import com.atlassian.crowd.search.builder.QueryBuilder;
import com.atlassian.event.api.EventListener;
import com.atlassian.event.api.EventPublisher;
import com.google.common.collect.ImmutableMap;
import java.util.Collections;
import java.util.List;
import java.util.TreeSet;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.DisposableBean;
import org.springframework.beans.factory.InitializingBean;

/* loaded from: input_file:com/atlassian/confluence/user/tokengroups/TokenGroupsAutoGroupAdderListener.class */
public class TokenGroupsAutoGroupAdderListener implements InitializingBean, DisposableBean {
    private static final Logger log = LoggerFactory.getLogger(TokenGroupsAutoGroupAdderListener.class);
    private static final String TOKEN_GROUPS_ADDED = "tokenGroupsAdded";
    private DirectoryInstanceLoader directoryInstanceLoader;
    private LDAPDirectoryInstanceLoader ldapDirectoryInstanceLoader;
    private TokenGroupsSettingsManager settingsManager;
    private EventPublisher eventPublisher;

    @EventListener
    public void onUserCreated(AutoUserCreatedEvent autoUserCreatedEvent) {
        updateTokenGroups(autoUserCreatedEvent.getDirectory(), autoUserCreatedEvent.getUser());
    }

    @EventListener
    public void onUserUpdated(AutoUserUpdatedEvent autoUserUpdatedEvent) {
        updateTokenGroups(autoUserUpdatedEvent.getDirectory(), autoUserUpdatedEvent.getUser());
    }

    public void updateTokenGroups(Directory directory, User user) {
        Group addGroup;
        if (directory.getType() != DirectoryType.DELEGATING) {
            return;
        }
        try {
            RemoteDirectory directory2 = this.directoryInstanceLoader.getDirectory(directory);
            UserWithAttributes findUserWithAttributesByName = directory2.findUserWithAttributesByName(user.getName());
            if (this.settingsManager.isAlwaysUpdate() || !Boolean.parseBoolean(findUserWithAttributesByName.getValue(TOKEN_GROUPS_ADDED))) {
                log.info("Finding token groups for user '{}'", user.getName());
                MicrosoftActiveDirectory activeDirectory = getActiveDirectory(directory);
                List<LDAPGroupWithAttributes> findTokenGroups = new TokenGroupsSearcher(activeDirectory, new TokenGroupsGroupContextMapper(this.settingsManager, directory.getId().longValue()), this.settingsManager).findTokenGroups(activeDirectory.findUserByName(user.getName()));
                log.info("Updating {} token groups for user '{}'", Integer.valueOf(findTokenGroups.size()), user.getName());
                TreeSet treeSet = new TreeSet(EntityComparator.of(String.class));
                treeSet.addAll(searchDirectGroupMemberships(directory2, user));
                for (LDAPGroupWithAttributes lDAPGroupWithAttributes : findTokenGroups) {
                    try {
                        if (!treeSet.contains(lDAPGroupWithAttributes.getName())) {
                            try {
                                addGroup = directory2.findGroupByName(lDAPGroupWithAttributes.getName());
                            } catch (GroupNotFoundException e) {
                                log.info("LDAP group '{}' doesn't exist locally, creating it now", lDAPGroupWithAttributes.getName());
                                addGroup = directory2.addGroup(new GroupTemplate(lDAPGroupWithAttributes));
                            }
                            log.info("Adding user '{}' to group '{}'", user.getName(), addGroup.getName());
                            directory2.addUserToGroup(user.getName(), addGroup.getName());
                        }
                    } catch (InvalidGroupException e2) {
                        log.error("Could not create group [" + lDAPGroupWithAttributes.getName() + "] locally: " + e2.getMessage(), e2);
                    } catch (OperationFailedException e3) {
                        log.error("Could not access directory: " + e3.getMessage(), e3);
                    } catch (CrowdException e4) {
                        log.error("Could not add user [" + user.getName() + "] to read-only group [" + lDAPGroupWithAttributes.getName() + "]: " + e4.getMessage(), e4);
                    }
                }
                directory2.storeUserAttributes(user.getName(), ImmutableMap.of(TOKEN_GROUPS_ADDED, Collections.singleton(Boolean.TRUE.toString())));
            }
        } catch (UserNotFoundException e5) {
            log.error("Could not find user: " + e5.getMessage(), e5);
        } catch (DirectoryInstantiationException e6) {
            log.error("Could not load directory: " + e6.getMessage(), e6);
        } catch (OperationFailedException e7) {
            log.error("Could not access directory: " + e7.getMessage(), e7);
        }
    }

    private MicrosoftActiveDirectory getActiveDirectory(Directory directory) throws DirectoryInstantiationException {
        return this.ldapDirectoryInstanceLoader.getRawDirectory(directory.getId(), MicrosoftActiveDirectory.class.getName(), directory.getAttributes());
    }

    private List<String> searchDirectGroupMemberships(RemoteDirectory remoteDirectory, User user) throws OperationFailedException {
        return remoteDirectory.searchGroupRelationships(QueryBuilder.queryFor(String.class, EntityDescriptor.group()).parentsOf(EntityDescriptor.user()).withName(user.getName()).returningAtMost(-1));
    }

    public void setDirectoryInstanceLoader(DirectoryInstanceLoader directoryInstanceLoader) {
        this.directoryInstanceLoader = directoryInstanceLoader;
    }

    public void setCrowdLdapDirectoryLoader(LDAPDirectoryInstanceLoader lDAPDirectoryInstanceLoader) {
        this.ldapDirectoryInstanceLoader = lDAPDirectoryInstanceLoader;
    }

    public void setTokenGroupsSettingsManager(TokenGroupsSettingsManager tokenGroupsSettingsManager) {
        this.settingsManager = tokenGroupsSettingsManager;
    }

    public void setEventPublisher(EventPublisher eventPublisher) {
        this.eventPublisher = eventPublisher;
    }

    public void afterPropertiesSet() throws Exception {
        this.eventPublisher.register(this);
    }

    public void destroy() throws Exception {
        this.eventPublisher.unregister(this);
    }
}
