package jetbrains.youtrack.security;

import java.util.Map;
import jetbrains.charisma.main.ConfigurationParameter;
import jetbrains.charisma.persistence.security.InternalPermissionManager;
import jetbrains.exodus.core.crypto.MessageDigestUtil;
import jetbrains.exodus.database.TransientEntityStore;
import jetbrains.exodus.database.TransientStoreSession;
import jetbrains.exodus.entitystore.Entity;
import jetbrains.jetpass.pojo.api.authority.profile.LoginUtils;
import jetbrains.springframework.configuration.runtime.ServiceLocator;
import jetbrains.teamsys.dnq.runtime.util.DnqUtils;
import jetbrains.teamsys.dnq.runtime.util.TransientQueryCancellingPolicyProvider;
import jetbrains.youtrack.core.legacy.LegacySupportKt;
import jetbrains.youtrack.core.persistent.UserGroupRootImpl;
import jetbrains.youtrack.core.persistent.UserImpl;
import jetbrains.youtrack.core.persistent.user.XdUser;
import jetbrains.youtrack.core.persistent.user.XdUserGroup;
import jetbrains.youtrack.core.security.DefaultPermissionScheme;
import jetbrains.youtrack.core.security.DefaultRole;
import jetbrains.youtrack.core.security.Permission;
import jetbrains.youtrack.core.security.Security;
import jetbrains.youtrack.persistent.XdUserExtKt;
import jetbrains.youtrack.persistent.XdUserGroupExtKt;
import jetbrains.youtrack.persistent.security.XdRole;
import kotlin.Metadata;
import kotlin.TypeCastException;
import kotlin.Unit;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Reflection;
import kotlinx.dnq.XdExtensionsKt;
import kotlinx.dnq.query.NodeBaseOperationsKt;
import kotlinx.dnq.query.XdQueryKt;
import kotlinx.dnq.util.ReflectionUtilKt;
import mu.KLogging;
import org.jetbrains.annotations.NotNull;

/* compiled from: BaseSecurity.kt */
@Metadata(mv = {1, 1, 16}, bv = {1, 0, 3}, k = 1, d1 = {"��D\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0002\b\u0004\n\u0002\u0010\u000e\n\u0002\b\u0004\n\u0002\u0018\u0002\n��\n\u0002\u0010$\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0007\b&\u0018�� !2\u00020\u0001:\u0001!B\u0005¢\u0006\u0002\u0010\u0002J\u0018\u0010\b\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u00042\u0006\u0010\u000b\u001a\u00020\u0004H\u0016J \u0010\f\u001a\u00020\t2\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u000e2\u0006\u0010\u0010\u001a\u00020\u000eH\u0016J(\u0010\u0011\u001a\u00020\t2\u0006\u0010\u0012\u001a\u00020\u00132\u0016\u0010\u0014\u001a\u0012\u0012\u0004\u0012\u00020\u000e\u0012\b\u0012\u00060\u0016R\u00020\u00130\u0015H\u0004J(\u0010\u0017\u001a\u00020\t2\u0006\u0010\u0012\u001a\u00020\u00132\u0016\u0010\u0014\u001a\u0012\u0012\u0004\u0012\u00020\u000e\u0012\b\u0012\u00060\u0016R\u00020\u00130\u0015H\u0004J \u0010\u0018\u001a\u00020\u00042\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u000e2\u0006\u0010\u0019\u001a\u00020\u000eH\u0004J\u0018\u0010\u001a\u001a\u00020\t2\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\n\u001a\u00020\u001bH\u0002J\b\u0010\u001c\u001a\u00020\u0004H\u0016J\b\u0010\u001d\u001a\u00020\u0004H\u0016J\u0010\u0010\u001e\u001a\u00020\t2\u0006\u0010\u0012\u001a\u00020\u0013H\u0016J\u0018\u0010\u001f\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u00042\u0006\u0010\u000b\u001a\u00020\u0004H\u0016J\u0018\u0010 \u001a\u00020\t2\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u000eH\u0016R\u0010\u0010\u0003\u001a\u0004\u0018\u00010\u0004X\u0082\u000e¢\u0006\u0002\n��R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n��R\u0010\u0010\u0007\u001a\u0004\u0018\u00010\u0004X\u0082\u000e¢\u0006\u0002\n��¨\u0006\""}, d2 = {"Ljetbrains/youtrack/security/BaseSecurity;", "Ljetbrains/youtrack/core/security/Security;", "()V", "guest", "Ljetbrains/exodus/entitystore/Entity;", "internalPermissionsManager", "Ljetbrains/charisma/persistence/security/InternalPermissionManager;", "root", "addUserToUserGroup", "", "user", "group", "createRoot", "login", "", "password", "fullname", "createUserGroups", "dps", "Ljetbrains/youtrack/core/security/DefaultPermissionScheme;", "permissionGroups", "", "Ljetbrains/youtrack/core/security/DefaultPermissionScheme$PermissionGroupInfo;", "createUsers", "doCreateRoot", "fullName", "ensureUserCanTakeLogin", "Ljetbrains/youtrack/core/persistent/user/XdUser;", "getGuest", "getRoot", "initPermissionScheme", "removeUserFromUserGroup", "restoreRoot", "Companion", "youtrack-application"})
/* loaded from: input_file:jetbrains/youtrack/security/BaseSecurity.class */
public abstract class BaseSecurity implements Security {
    private Entity root;
    private Entity guest;
    private final InternalPermissionManager internalPermissionsManager;
    public static final Companion Companion = new Companion(null);

    /* compiled from: BaseSecurity.kt */
    @Metadata(mv = {1, 1, 16}, bv = {1, 0, 3}, k = 1, d1 = {"��\f\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002¨\u0006\u0003"}, d2 = {"Ljetbrains/youtrack/security/BaseSecurity$Companion;", "Lmu/KLogging;", "()V", "youtrack-application"})
    /* loaded from: input_file:jetbrains/youtrack/security/BaseSecurity$Companion.class */
    public static final class Companion extends KLogging {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    @NotNull
    protected final Entity doCreateRoot(@NotNull final String str, @NotNull final String str2, @NotNull final String str3) {
        Intrinsics.checkParameterIsNotNull(str, "login");
        Intrinsics.checkParameterIsNotNull(str2, "password");
        Intrinsics.checkParameterIsNotNull(str3, "fullName");
        UserGroupRootImpl.getAllUsersGroup();
        XdUser xdUser = XdUser.Companion.new(new Function1<XdUser, Unit>() { // from class: jetbrains.youtrack.security.BaseSecurity$doCreateRoot$root$1
            public /* bridge */ /* synthetic */ Object invoke(Object obj) {
                invoke((XdUser) obj);
                return Unit.INSTANCE;
            }

            public final void invoke(@NotNull XdUser xdUser2) {
                Intrinsics.checkParameterIsNotNull(xdUser2, "$receiver");
                xdUser2.setLogin(str);
                xdUser2.setFullName(str3);
                String sha256 = MessageDigestUtil.sha256(str2);
                Intrinsics.checkExpressionValueIsNotNull(sha256, "MessageDigestUtil.sha256(password)");
                xdUser2.setPassword(sha256);
            }

            /* JADX INFO: Access modifiers changed from: package-private */
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(1);
            }
        });
        String parameter = ConfigurationParameter.getParameter("root.email");
        String str4 = parameter;
        if (!(str4 == null || str4.length() == 0)) {
            xdUser.setEmail(parameter);
        }
        String parameter2 = ConfigurationParameter.getParameter("root.jabber");
        String str5 = parameter2;
        if (!(str5 == null || str5.length() == 0)) {
            xdUser.setJabberAccountName(parameter2);
        }
        this.internalPermissionsManager.grantPermissionsToUser(DefaultRole.SYSTEM_ADMIN.getName(), xdUser.getEntity(), DefaultRole.SYSTEM_ADMIN.getPermissions(), CollectionsKt.emptyList());
        LegacySupportKt.flush();
        jetbrains.charisma.watchfolder.BeansKt.getSavedQueriesProvider().subscribe(xdUser);
        XdUserExtKt.markAsRoot(xdUser);
        LegacySupportKt.flush();
        Companion.getLogger().debug("Created user '" + str + '\'');
        return xdUser.getEntity();
    }

    protected final void createUsers(@NotNull DefaultPermissionScheme defaultPermissionScheme, @NotNull Map<String, ? extends DefaultPermissionScheme.PermissionGroupInfo> map) {
        Intrinsics.checkParameterIsNotNull(defaultPermissionScheme, "dps");
        Intrinsics.checkParameterIsNotNull(map, "permissionGroups");
        Map users = defaultPermissionScheme.getUsers();
        Intrinsics.checkExpressionValueIsNotNull(users, "dps.users");
        for (Map.Entry entry : users.entrySet()) {
            final String str = (String) entry.getKey();
            final DefaultPermissionScheme.UserInfo userInfo = (DefaultPermissionScheme.UserInfo) entry.getValue();
            XdUser firstOrNull = XdQueryKt.firstOrNull(XdQueryKt.query(XdUser.Companion.getAllUsers(), NodeBaseOperationsKt.eq(ReflectionUtilKt.getDBName(BaseSecurity$createUsers$user$1.INSTANCE, Reflection.getOrCreateKotlinClass(XdUser.class)), str)));
            if (firstOrNull == null) {
                UserGroupRootImpl.getAllUsersGroup();
                firstOrNull = XdUser.Companion.new(new Function1<XdUser, Unit>() { // from class: jetbrains.youtrack.security.BaseSecurity$createUsers$1
                    public /* bridge */ /* synthetic */ Object invoke(Object obj) {
                        invoke((XdUser) obj);
                        return Unit.INSTANCE;
                    }

                    public final void invoke(@NotNull XdUser xdUser) {
                        Intrinsics.checkParameterIsNotNull(xdUser, "$receiver");
                        String str2 = str;
                        Intrinsics.checkExpressionValueIsNotNull(str2, "userLogin");
                        xdUser.setLogin(str2);
                        DefaultPermissionScheme.UserInfo userInfo2 = userInfo;
                        Intrinsics.checkExpressionValueIsNotNull(userInfo2, "info");
                        String fullName = userInfo2.getFullName();
                        Intrinsics.checkExpressionValueIsNotNull(fullName, "info.fullName");
                        xdUser.setFullName(fullName);
                        DefaultPermissionScheme.UserInfo userInfo3 = userInfo;
                        Intrinsics.checkExpressionValueIsNotNull(userInfo3, "info");
                        String sha256 = MessageDigestUtil.sha256(userInfo3.getPassword());
                        Intrinsics.checkExpressionValueIsNotNull(sha256, "MessageDigestUtil.sha256(info.password)");
                        xdUser.setPassword(sha256);
                    }

                    /* JADX INFO: Access modifiers changed from: package-private */
                    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                    {
                        super(1);
                    }
                });
                Companion.getLogger().debug("Created user '" + str + '\'');
            }
            Intrinsics.checkExpressionValueIsNotNull(userInfo, "info");
            firstOrNull.setBanned(userInfo.getBanned());
            if (map.containsKey(userInfo.getPermissionGroup())) {
                InternalPermissionManager internalPermissionManager = this.internalPermissionsManager;
                String permissionGroup = userInfo.getPermissionGroup();
                Entity entity = firstOrNull.getEntity();
                DefaultPermissionScheme.PermissionGroupInfo permissionGroupInfo = map.get(userInfo.getPermissionGroup());
                internalPermissionManager.grantPermissionsToUser(permissionGroup, entity, permissionGroupInfo != null ? permissionGroupInfo.getPermissions() : null, CollectionsKt.emptyList());
            }
            LegacySupportKt.flush();
        }
    }

    protected final void createUserGroups(@NotNull DefaultPermissionScheme defaultPermissionScheme, @NotNull Map<String, ? extends DefaultPermissionScheme.PermissionGroupInfo> map) {
        Intrinsics.checkParameterIsNotNull(defaultPermissionScheme, "dps");
        Intrinsics.checkParameterIsNotNull(map, "permissionGroups");
        Entity allUsersGroup = UserGroupRootImpl.getAllUsersGroup();
        String allUsersGroupPermissionGroup = defaultPermissionScheme.getAllUsersGroupPermissionGroup();
        if (map.containsKey(allUsersGroupPermissionGroup)) {
            InternalPermissionManager internalPermissionManager = this.internalPermissionsManager;
            DefaultPermissionScheme.PermissionGroupInfo permissionGroupInfo = map.get(allUsersGroupPermissionGroup);
            internalPermissionManager.grantPermissionsToGroup(allUsersGroupPermissionGroup, allUsersGroup, permissionGroupInfo != null ? permissionGroupInfo.getPermissions() : null, CollectionsKt.emptyList());
        }
        Map userGroups = defaultPermissionScheme.getUserGroups();
        Intrinsics.checkExpressionValueIsNotNull(userGroups, "dps.userGroups");
        for (Map.Entry entry : userGroups.entrySet()) {
            String str = (String) entry.getKey();
            DefaultPermissionScheme.UserGroupInfo userGroupInfo = (DefaultPermissionScheme.UserGroupInfo) entry.getValue();
            XdUserGroup.Companion companion = XdUserGroup.Companion;
            Intrinsics.checkExpressionValueIsNotNull(str, "name");
            XdUserGroup find = companion.find(str);
            if (find == null) {
                find = XdUserGroup.Companion.new$default(XdUserGroup.Companion, str, (Function1) null, 2, (Object) null);
            }
            XdUserGroup xdUserGroup = find;
            Intrinsics.checkExpressionValueIsNotNull(userGroupInfo, "info");
            xdUserGroup.setDescription(userGroupInfo.getDescription());
            xdUserGroup.setAddNewUser(userGroupInfo.getAddNewUsers());
            InternalPermissionManager internalPermissionManager2 = this.internalPermissionsManager;
            String permissionGroup = userGroupInfo.getPermissionGroup();
            Entity entity = xdUserGroup.getEntity();
            DefaultPermissionScheme.PermissionGroupInfo permissionGroupInfo2 = (DefaultPermissionScheme.PermissionGroupInfo) defaultPermissionScheme.getPermissionGroups().get(userGroupInfo.getPermissionGroup());
            internalPermissionManager2.grantPermissionsToGroup(permissionGroup, entity, permissionGroupInfo2 != null ? permissionGroupInfo2.getPermissions() : null, CollectionsKt.emptyList());
            LegacySupportKt.flush();
        }
    }

    public void initPermissionScheme(@NotNull DefaultPermissionScheme defaultPermissionScheme) {
        Intrinsics.checkParameterIsNotNull(defaultPermissionScheme, "dps");
        Map<String, ? extends DefaultPermissionScheme.PermissionGroupInfo> permissionGroups = defaultPermissionScheme.getPermissionGroups();
        Intrinsics.checkExpressionValueIsNotNull(permissionGroups, "permissionGroups");
        for (Map.Entry<String, ? extends DefaultPermissionScheme.PermissionGroupInfo> entry : permissionGroups.entrySet()) {
            final String key = entry.getKey();
            DefaultPermissionScheme.PermissionGroupInfo value = entry.getValue();
            if (((XdRole) XdQueryKt.firstOrNull(XdQueryKt.query(XdRole.Companion, NodeBaseOperationsKt.eq(ReflectionUtilKt.getDBName(BaseSecurity$initPermissionScheme$role$1.INSTANCE, Reflection.getOrCreateKotlinClass(XdRole.class)), key)))) == null) {
                XdRole xdRole = (XdRole) XdRole.Companion.new(new Function1<XdRole, Unit>() { // from class: jetbrains.youtrack.security.BaseSecurity$initPermissionScheme$1
                    public /* bridge */ /* synthetic */ Object invoke(Object obj) {
                        invoke((XdRole) obj);
                        return Unit.INSTANCE;
                    }

                    public final void invoke(@NotNull XdRole xdRole2) {
                        Intrinsics.checkParameterIsNotNull(xdRole2, "$receiver");
                        String str = key;
                        Intrinsics.checkExpressionValueIsNotNull(str, "roleName");
                        xdRole2.setName(str);
                    }

                    /* JADX INFO: Access modifiers changed from: package-private */
                    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                    {
                        super(1);
                    }
                });
                Intrinsics.checkExpressionValueIsNotNull(value, "info");
                xdRole.setDescription(value.getDescription());
                for (Permission permission : value.getPermissions()) {
                    Intrinsics.checkExpressionValueIsNotNull(permission, "p");
                    xdRole.addPermission(permission);
                }
                LegacySupportKt.flush();
            }
        }
        createUsers(defaultPermissionScheme, permissionGroups);
        if (XdQueryKt.isEmpty(XdUserGroupExtKt.getGroupRoles(jetbrains.charisma.persistent.BeansKt.getXdAllUsersGroup()))) {
            createUserGroups(defaultPermissionScheme, permissionGroups);
        }
    }

    public void createRoot(@NotNull String str, @NotNull String str2, @NotNull String str3) {
        Intrinsics.checkParameterIsNotNull(str, "login");
        Intrinsics.checkParameterIsNotNull(str2, "password");
        Intrinsics.checkParameterIsNotNull(str3, "fullname");
        if (XdQueryKt.isEmpty(XdQueryKt.query(XdUser.Companion.getAllUsers(), NodeBaseOperationsKt.eq(ReflectionUtilKt.getDBName(BaseSecurity$createRoot$1.INSTANCE, Reflection.getOrCreateKotlinClass(XdUser.class)), str)))) {
            doCreateRoot(str, str2, str3);
        }
    }

    @NotNull
    public Entity getRoot() {
        if (this.root == null) {
            TransientEntityStore transientStore = DnqUtils.getTransientStore();
            TransientQueryCancellingPolicyProvider queryCancellingPolicyProvider = LegacySupportKt.getQueryCancellingPolicyProvider();
            TransientEntityStore.DefaultImpls.transactional$default(transientStore, false, queryCancellingPolicyProvider != null ? queryCancellingPolicyProvider.getQueryCancellingPolicy() : null, false, new Function1<TransientStoreSession, Unit>() { // from class: jetbrains.youtrack.security.BaseSecurity$getRoot$$inlined$transactional$1
                {
                    super(1);
                }

                public final Unit invoke(@NotNull TransientStoreSession transientStoreSession) {
                    Intrinsics.checkParameterIsNotNull(transientStoreSession, "it");
                    BaseSecurity.this.root = UserImpl.findRoot();
                    return Unit.INSTANCE;
                }
            }, 5, (Object) null);
        }
        Entity entity = this.root;
        if (entity != null) {
            return entity;
        }
        throw new IllegalStateException("root is not created".toString());
    }

    @NotNull
    public Entity getGuest() {
        if (this.guest == null) {
            XdUser firstOrNull = XdQueryKt.firstOrNull(XdQueryKt.query(XdUser.Companion, NodeBaseOperationsKt.eq(ReflectionUtilKt.getDBName(BaseSecurity$getGuest$1.INSTANCE, Reflection.getOrCreateKotlinClass(XdUser.class)), "guest")));
            this.guest = firstOrNull != null ? firstOrNull.getEntity() : null;
        }
        Entity entity = this.guest;
        if (entity != null) {
            return entity;
        }
        throw new IllegalStateException("guest is not created".toString());
    }

    public void addUserToUserGroup(@NotNull Entity entity, @NotNull Entity entity2) {
        Intrinsics.checkParameterIsNotNull(entity, "user");
        Intrinsics.checkParameterIsNotNull(entity2, "group");
        XdUserGroup xd = XdExtensionsKt.toXd(entity2);
        if (xd.getAllUsersGroup()) {
            return;
        }
        xd.getUsers().add(XdExtensionsKt.toXd(entity));
    }

    public void removeUserFromUserGroup(@NotNull Entity entity, @NotNull Entity entity2) {
        Intrinsics.checkParameterIsNotNull(entity, "user");
        Intrinsics.checkParameterIsNotNull(entity2, "group");
        XdUserGroup xd = XdExtensionsKt.toXd(entity2);
        if (xd.getAllUsersGroup()) {
            return;
        }
        xd.getUsers().remove(XdExtensionsKt.toXd(entity));
    }

    public void restoreRoot(@NotNull final String str, @NotNull String str2) {
        Intrinsics.checkParameterIsNotNull(str, "login");
        Intrinsics.checkParameterIsNotNull(str2, "password");
        Entity findRoot = UserImpl.findRoot();
        XdUser xdUser = findRoot != null ? (XdUser) XdExtensionsKt.toXd(findRoot) : null;
        if (xdUser != null) {
            ensureUserCanTakeLogin(str, xdUser);
        }
        LegacySupportKt.flush();
        if (xdUser == null) {
            xdUser = XdUser.Companion.new(new Function1<XdUser, Unit>() { // from class: jetbrains.youtrack.security.BaseSecurity$restoreRoot$2
                public /* bridge */ /* synthetic */ Object invoke(Object obj) {
                    invoke((XdUser) obj);
                    return Unit.INSTANCE;
                }

                public final void invoke(@NotNull XdUser xdUser2) {
                    Intrinsics.checkParameterIsNotNull(xdUser2, "$receiver");
                    xdUser2.setLogin(str);
                    xdUser2.setFullName(str);
                    XdUserExtKt.markAsRoot(xdUser2);
                }

                /* JADX INFO: Access modifiers changed from: package-private */
                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                {
                    super(1);
                }
            });
        }
        this.root = xdUser.getEntity();
        xdUser.setLogin(str);
        String sha256 = MessageDigestUtil.sha256(str2);
        Intrinsics.checkExpressionValueIsNotNull(sha256, "MessageDigestUtil.sha256(password)");
        xdUser.setPassword(sha256);
        xdUser.setBanned(false);
        this.internalPermissionsManager.grantPermissionsToUser(DefaultRole.SYSTEM_ADMIN.getName(), xdUser.getEntity(), DefaultRole.SYSTEM_ADMIN.getPermissions(), CollectionsKt.emptyList());
    }

    private final void ensureUserCanTakeLogin(String str, XdUser xdUser) {
        XdUser firstOrNull;
        if (!(!Intrinsics.areEqual(xdUser.getLogin(), str)) || (firstOrNull = XdQueryKt.firstOrNull(XdQueryKt.query(XdUser.Companion.getAllUsers(), NodeBaseOperationsKt.eq(ReflectionUtilKt.getDBName(BaseSecurity$ensureUserCanTakeLogin$currentLoginOwner$1.INSTANCE, Reflection.getOrCreateKotlinClass(XdUser.class)), str)))) == null) {
            return;
        }
        String generate = LoginUtils.generate(str);
        Intrinsics.checkExpressionValueIsNotNull(generate, "LoginUtils.generate(login)");
        firstOrNull.setLogin(generate);
    }

    public BaseSecurity() {
        Object bean = ServiceLocator.getBean("internalPermissionsManager");
        if (bean == null) {
            throw new TypeCastException("null cannot be cast to non-null type jetbrains.charisma.persistence.security.InternalPermissionManager");
        }
        this.internalPermissionsManager = (InternalPermissionManager) bean;
    }
}
