package pl.edu.icm.yadda.aas.userdb;

import java.security.InvalidParameterException;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import pl.edu.icm.yadda.common.pagination.PaginationResult;
import pl.edu.icm.yadda.service2.user.UserCatalog;
import pl.edu.icm.yadda.service2.user.credential.Credential;
import pl.edu.icm.yadda.service2.user.exception.CrossDomainOperationException;
import pl.edu.icm.yadda.service2.user.exception.DomainNotSpecifiedException;
import pl.edu.icm.yadda.service2.user.exception.DomainNotSupportedException;
import pl.edu.icm.yadda.service2.user.exception.GroupExistsException;
import pl.edu.icm.yadda.service2.user.exception.GroupNotFoundException;
import pl.edu.icm.yadda.service2.user.exception.UserNotFoundException;
import pl.edu.icm.yadda.service2.user.model.Group;
import pl.edu.icm.yadda.service2.user.model.GroupName;
import pl.edu.icm.yadda.service2.user.model.User;
import pl.edu.icm.yadda.service2.user.model.UserData;

/* loaded from: input_file:WEB-INF/lib/yadda-user-api-4.4.3-SNAPSHOT.jar:pl/edu/icm/yadda/aas/userdb/UserDBInitializer.class */
public class UserDBInitializer implements InitializingBean {
    public static final int FIRST_RESULT_IDX = 0;
    protected UserCatalog userCatalog;
    protected Collection<UserData> users;
    protected Collection<Group> groups;
    protected final Logger log = LoggerFactory.getLogger(getClass());
    protected boolean overwriteExistingObjects = false;
    protected String identifiableAttribute = null;
    protected boolean initActive = true;
    protected boolean allowEmptyCredential = false;

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        if (!this.initActive) {
            this.log.info("userdb initialization is deactivated!");
            return;
        }
        if (this.groups == null || this.groups.size() <= 0) {
            this.log.info("no groups to be pre-registered");
        } else {
            Iterator<Group> it = this.groups.iterator();
            while (it.hasNext()) {
                handleStoringSingleGroup(it.next());
            }
        }
        if (this.users == null || this.users.size() <= 0) {
            this.log.info("no users to be pre-registered");
            return;
        }
        Iterator<UserData> it2 = this.users.iterator();
        while (it2.hasNext()) {
            handleStoringSingleUser(it2.next());
        }
    }

    public boolean handleStoringSingleUser(UserData userData) throws DomainNotSpecifiedException, Exception {
        if (userData == null) {
            this.log.error("received null user data!");
            return false;
        }
        if (!containsIdOrIdentifiableAttribute(userData.getUser())) {
            throw new InvalidParameterException("unable to register user which does not contain either id or identifiable attribute: " + this.identifiableAttribute);
        }
        String alreadyCreatedInternalId = getAlreadyCreatedInternalId(userData.getUser());
        if (alreadyCreatedInternalId == null) {
            this.log.info("creating new user entry for " + identify(userData.getUser()) + "...");
            storeUser(userData, alreadyCreatedInternalId);
            this.log.info("user " + identify(userData.getUser()) + " registered!");
            return true;
        }
        if (!this.overwriteExistingObjects) {
            this.log.debug("user object " + identify(userData.getUser()) + " already created");
            return false;
        }
        this.log.info("overwriting entry for user object " + identify(userData.getUser()) + "...");
        storeUser(userData, alreadyCreatedInternalId);
        this.log.info("user object " + identify(userData.getUser()) + " registered!");
        return true;
    }

    public boolean handleStoringSingleGroup(Group group) throws GroupExistsException, GroupNotFoundException, DomainNotSupportedException {
        if (group == null) {
            this.log.error("received null group data!");
            return false;
        }
        if (!alreadyCreated(group)) {
            this.log.info("creating new group entry for " + group + "...");
            storeGroup(group, false);
            this.log.info("group " + group + " registered!");
            return true;
        }
        if (!this.overwriteExistingObjects) {
            this.log.debug("group object " + group + " already created");
            return false;
        }
        this.log.info("overwriting entry for group object " + group + "...");
        storeGroup(group, true);
        this.log.info("group object " + group + " registered!");
        return true;
    }

    protected void storeUser(UserData userData, String str) throws Exception {
        if (!this.allowEmptyCredential && (userData.getCredentials() == null || userData.getCredentials().size() == 0)) {
            throw new Exception("unable to register user " + identify(userData.getUser()) + ", no credential defined!");
        }
        if (str == null) {
            String addUser = this.userCatalog.addUser(userData.getUser());
            if (userData.getCredentials() != null && userData.getCredentials().size() > 0) {
                for (Credential credential : userData.getCredentials()) {
                    credential.setUserId(addUser);
                    this.userCatalog.addCredential(credential);
                }
            }
            if (userData.getDirectGroups() != null) {
                Iterator<GroupName> it = userData.getDirectGroups().iterator();
                while (it.hasNext()) {
                    this.userCatalog.assignUser(addUser, it.next());
                }
                return;
            }
            return;
        }
        if (userData.getUser().getId() == null) {
            userData.getUser().setId(str);
        }
        UserData loadUser = this.userCatalog.loadUser(userData.getUser().getId(), userData.getUser().getDomain(), UserData.UserDataParts.SENSITIVE_DATA);
        this.userCatalog.updateUser(userData.getUser());
        if (userData.getCredentials() != null && userData.getCredentials().size() > 0) {
            if (loadUser.getCredentials() != null) {
                for (Credential credential2 : loadUser.getCredentials()) {
                    if (credential2.getId() != null) {
                        this.log.debug("removing credential " + credential2.getId() + " of user " + identify(userData.getUser()));
                        this.userCatalog.deleteCredential(credential2.getId());
                    } else {
                        this.log.debug("got unidentified credential " + credential2.getClass().getName() + ", which cannot be removed, probably removal is not supported!");
                    }
                }
            }
            for (Credential credential3 : userData.getCredentials()) {
                credential3.setUserId(userData.getUser().getId());
                this.userCatalog.addCredential(credential3);
            }
        }
        updateGroupAssignments(userData.getUser().getId(), loadUser.getDirectGroups(), userData.getDirectGroups());
    }

    protected void updateGroupAssignments(String str, Set<GroupName> set, Set<GroupName> set2) throws UserNotFoundException, GroupNotFoundException, CrossDomainOperationException {
        if (set == null || set.isEmpty()) {
            if (set2 == null || set2.isEmpty()) {
                return;
            }
            Iterator<GroupName> it = set2.iterator();
            while (it.hasNext()) {
                this.userCatalog.assignUser(str, it.next());
            }
            return;
        }
        if (set2 == null || set2.isEmpty()) {
            Iterator<GroupName> it2 = set.iterator();
            while (it2.hasNext()) {
                this.userCatalog.unassignUser(str, it2.next());
            }
            return;
        }
        for (GroupName groupName : set2) {
            if (!set.contains(groupName)) {
                this.userCatalog.assignUser(str, groupName);
            }
        }
        for (GroupName groupName2 : set) {
            if (!set2.contains(groupName2)) {
                this.userCatalog.unassignUser(str, groupName2);
            }
        }
    }

    protected void storeGroup(Group group, boolean z) throws GroupExistsException, GroupNotFoundException, DomainNotSupportedException {
        if (!z) {
            this.userCatalog.addGroup(group);
            return;
        }
        if (group.getId() == null) {
            group.setId(this.userCatalog.loadGroup(group.getGroupName()).getId());
        }
        this.userCatalog.updateGroup(group);
    }

    protected boolean containsIdOrIdentifiableAttribute(User user) {
        return this.identifiableAttribute != null ? user.getAttributes() != null && user.getAttributes().containsKey(this.identifiableAttribute) : (user.getId() == null && (user.getIdentifiers() == null || user.getIdentifiers().isEmpty())) ? false : true;
    }

    protected String identify(User user) {
        if (this.identifiableAttribute == null) {
            return (user.getIdentifiers() == null || user.getIdentifiers().isEmpty()) ? user.getId() : user.getIdentifiers().iterator().next();
        }
        if (user.getAttributes() != null) {
            return user.getAttributes().get(this.identifiableAttribute);
        }
        return null;
    }

    protected String getAlreadyCreatedInternalId(User user) throws DomainNotSpecifiedException {
        if (this.identifiableAttribute != null) {
            HashMap hashMap = new HashMap();
            hashMap.put(this.identifiableAttribute, user.getAttributes().get(this.identifiableAttribute));
            PaginationResult<UserData> searchUsers = this.userCatalog.searchUsers(user.getDomain(), null, null, hashMap, null, 0, 1, new UserData.UserDataParts[0]);
            if (searchUsers == null || searchUsers.getResults() == null || searchUsers.getResults().isEmpty()) {
                return null;
            }
            return searchUsers.getResults().iterator().next().getUser().getId();
        }
        if (user.getId() != null) {
            UserData loadUser = this.userCatalog.loadUser(user.getId(), user.getDomain(), new UserData.UserDataParts[0]);
            if (loadUser == null || loadUser.getUser() == null) {
                return null;
            }
            return loadUser.getUser().getId();
        }
        if (user.getIdentifiers() == null || user.getIdentifiers().isEmpty()) {
            throw new RuntimeException("Unable to verify whether user was already created! Neither userId/external id was provided within user object, nor identifiableAttribute was defined in initializer!");
        }
        UserData loadUser2 = this.userCatalog.loadUser(user.getIdentifiers().iterator().next(), user.getDomain(), new UserData.UserDataParts[0]);
        if (loadUser2 == null || loadUser2.getUser() == null) {
            return null;
        }
        return loadUser2.getUser().getId();
    }

    protected boolean alreadyCreated(Group group) {
        return this.userCatalog.loadGroup(group.getGroupName()) != null;
    }

    public void setUserCatalog(UserCatalog userCatalog) {
        this.userCatalog = userCatalog;
    }

    public void setGroups(Collection<Group> collection) {
        this.groups = collection;
    }

    public void setUsers(Collection<UserData> collection) {
        this.users = collection;
    }

    public void setOverwriteExistingObjects(boolean z) {
        this.overwriteExistingObjects = z;
    }

    public void setIdentifiableAttribute(String str) {
        this.identifiableAttribute = str;
    }

    public void setInitActive(boolean z) {
        this.initActive = z;
    }

    public void setAllowEmptyCredential(boolean z) {
        this.allowEmptyCredential = z;
    }
}
