package org.alfresco.repo.remotecredentials;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.alfresco.query.EmptyPagingResults;
import org.alfresco.query.ListBackedPagingResults;
import org.alfresco.query.PagingRequest;
import org.alfresco.query.PagingResults;
import org.alfresco.repo.model.Repository;
import org.alfresco.repo.node.SystemNodeUtils;
import org.alfresco.repo.remotecredentials.RemoteCredentialsInfoFactory;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.remotecredentials.BaseCredentialsInfo;
import org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.datatype.TypeConversionException;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.namespace.QName;
import org.alfresco.service.namespace.RegexQNamePattern;
import org.alfresco.util.GUID;
import org.alfresco.util.Pair;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:org/alfresco/repo/remotecredentials/RemoteCredentialsServiceImpl.class */
public class RemoteCredentialsServiceImpl implements RemoteCredentialsService {
    private Repository repositoryHelper;
    private NodeService nodeService;
    private NamespaceService namespaceService;
    private PermissionService permissionService;
    private DictionaryService dictionaryService;
    private Map<QName, RemoteCredentialsInfoFactory> credentialsFactories = new HashMap();
    private static Log logger = LogFactory.getLog(RemoteCredentialsServiceImpl.class);
    private static String SHARED_CREDENTIALS_CONTAINER_NAME = "remote_credentials";
    private static QName SHARED_CREDENTIALS_CONTAINER_QNAME = QName.createQName("http://www.alfresco.org/model/system/1.0", SHARED_CREDENTIALS_CONTAINER_NAME);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/alfresco/repo/remotecredentials/RemoteCredentialsServiceImpl$CredentialsPagingResults.class */
    public class CredentialsPagingResults implements PagingResults<BaseCredentialsInfo> {
        private List<BaseCredentialsInfo> results;
        private boolean hasMore;
        private int size;

        private CredentialsPagingResults(List<ChildAssociationRef> list, int i, boolean z, String str) {
            this.size = i;
            this.hasMore = z;
            this.results = new ArrayList(list.size());
            for (ChildAssociationRef childAssociationRef : list) {
                this.results.add(RemoteCredentialsServiceImpl.this.loadCredentials(str, childAssociationRef.getParentRef(), childAssociationRef.getChildRef()));
            }
        }

        public List<BaseCredentialsInfo> getPage() {
            return this.results;
        }

        public Pair<Integer, Integer> getTotalResultCount() {
            return new Pair<>(Integer.valueOf(this.size), Integer.valueOf(this.size));
        }

        public boolean hasMoreItems() {
            return this.hasMore;
        }

        public String getQueryExecutionId() {
            return null;
        }
    }

    public void setNodeService(NodeService nodeService) {
        this.nodeService = nodeService;
    }

    public void setNamespaceService(NamespaceService namespaceService) {
        this.namespaceService = namespaceService;
    }

    public void setPermissionService(PermissionService permissionService) {
        this.permissionService = permissionService;
    }

    public void setDictionaryService(DictionaryService dictionaryService) {
        this.dictionaryService = dictionaryService;
    }

    public void setRepositoryHelper(Repository repository) {
        this.repositoryHelper = repository;
    }

    public void setCredentialsFactories(Map<String, RemoteCredentialsInfoFactory> map) {
        for (String str : map.keySet()) {
            registerCredentialsFactory(QName.createQName(str, this.namespaceService), map.get(str));
        }
    }

    public void registerCredentialsFactory(QName qName, RemoteCredentialsInfoFactory remoteCredentialsInfoFactory) {
        if (!this.dictionaryService.isSubClass(qName, RemoteCredentialsModel.TYPE_CREDENTIALS_BASE)) {
            logger.warn("Unable to register credentials factory for " + qName + " as that type doesn't inherit from " + RemoteCredentialsModel.TYPE_CREDENTIALS_BASE);
            return;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Registering credentials factory for " + qName + " of " + remoteCredentialsInfoFactory);
        }
        this.credentialsFactories.put(qName, remoteCredentialsInfoFactory);
    }

    protected Map<QName, RemoteCredentialsInfoFactory> getCredentialsFactories() {
        return Collections.unmodifiableMap(this.credentialsFactories);
    }

    protected NodeRef getSharedContainerNodeRef(boolean z) {
        Pair<NodeRef, Boolean> orCreateSystemChildContainer;
        final NodeRef systemChildContainer = SystemNodeUtils.getSystemChildContainer(SHARED_CREDENTIALS_CONTAINER_QNAME, this.nodeService, this.repositoryHelper);
        if (systemChildContainer == null && z) {
            synchronized (this) {
                orCreateSystemChildContainer = SystemNodeUtils.getOrCreateSystemChildContainer(SHARED_CREDENTIALS_CONTAINER_QNAME, this.nodeService, this.repositoryHelper);
            }
            systemChildContainer = (NodeRef) orCreateSystemChildContainer.getFirst();
            if (((Boolean) orCreateSystemChildContainer.getSecond()).booleanValue()) {
                AuthenticationUtil.runAsSystem(new AuthenticationUtil.RunAsWork<Void>() { // from class: org.alfresco.repo.remotecredentials.RemoteCredentialsServiceImpl.1
                    /* renamed from: doWork, reason: merged with bridge method [inline-methods] */
                    public Void m879doWork() throws Exception {
                        RemoteCredentialsServiceImpl.this.nodeService.addAspect(systemChildContainer, RemoteCredentialsModel.ASPECT_REMOTE_CREDENTIALS_SYSTEM_CONTAINER, (Map) null);
                        RemoteCredentialsServiceImpl.this.permissionService.setInheritParentPermissions(systemChildContainer, false);
                        RemoteCredentialsServiceImpl.this.permissionService.setPermission(systemChildContainer, "GROUP_EVERYONE", "AddChildren", true);
                        RemoteCredentialsServiceImpl.this.permissionService.setPermission(systemChildContainer, "GROUP_EVERYONE", "Read", true);
                        RemoteCredentialsServiceImpl.this.permissionService.setPermission(systemChildContainer, "ROLE_OWNER", "FullControl", true);
                        return null;
                    }
                });
            }
        }
        if (systemChildContainer != null) {
            return systemChildContainer;
        }
        if (!logger.isInfoEnabled()) {
            return null;
        }
        logger.info("Required System Folder " + SHARED_CREDENTIALS_CONTAINER_QNAME + " not yet created, will be lazy created on write");
        return null;
    }

    private NodeRef getPersonContainer(String str, boolean z) {
        NodeRef person = this.repositoryHelper.getPerson();
        if (person == null) {
            throw new IllegalStateException("Person details required but none found! Running as " + AuthenticationUtil.getRunAsUser());
        }
        if (z) {
            ensureCredentialsSystemContainer(person);
        }
        return findRemoteSystemContainer(person, str, z);
    }

    private NodeRef getSharedContainer(String str, boolean z) {
        NodeRef sharedContainerNodeRef = getSharedContainerNodeRef(z);
        if (sharedContainerNodeRef == null) {
            return null;
        }
        if (z) {
            ensureCredentialsSystemContainer(sharedContainerNodeRef);
        }
        return findRemoteSystemContainer(sharedContainerNodeRef, str, z);
    }

    private void ensureCredentialsSystemContainer(final NodeRef nodeRef) {
        AuthenticationUtil.runAsSystem(new AuthenticationUtil.RunAsWork<Void>() { // from class: org.alfresco.repo.remotecredentials.RemoteCredentialsServiceImpl.2
            /* renamed from: doWork, reason: merged with bridge method [inline-methods] */
            public Void m880doWork() throws Exception {
                if (RemoteCredentialsServiceImpl.this.nodeService.hasAspect(nodeRef, RemoteCredentialsModel.ASPECT_REMOTE_CREDENTIALS_SYSTEM_CONTAINER)) {
                    return null;
                }
                RemoteCredentialsServiceImpl.this.nodeService.addAspect(nodeRef, RemoteCredentialsModel.ASPECT_REMOTE_CREDENTIALS_SYSTEM_CONTAINER, (Map) null);
                if (!RemoteCredentialsServiceImpl.logger.isDebugEnabled()) {
                    return null;
                }
                RemoteCredentialsServiceImpl.logger.debug("Added the Credentials Container aspect to " + nodeRef);
                return null;
            }
        });
    }

    private NodeRef findRemoteSystemContainer(NodeRef nodeRef, String str, boolean z) {
        List childAssocs = this.nodeService.getChildAssocs(nodeRef, RemoteCredentialsModel.ASSOC_CREDENTIALS_SYSTEM, QName.createQName(str));
        NodeRef nodeRef2 = null;
        if (childAssocs.size() > 0) {
            nodeRef2 = ((ChildAssociationRef) childAssocs.get(0)).getChildRef();
            if (logger.isDebugEnabled()) {
                logger.debug("Resolved Remote Credentials Container for " + str + " of " + nodeRef2 + " in parent " + nodeRef);
            }
        } else if (z) {
            nodeRef2 = this.nodeService.createNode(nodeRef, RemoteCredentialsModel.ASSOC_CREDENTIALS_SYSTEM, QName.createQName(str), RemoteCredentialsModel.TYPE_REMOTE_CREDENTIALS_SYSTEM).getChildRef();
            if (logger.isDebugEnabled()) {
                logger.debug("Lazy created Remote Credentials Container for " + str + " in parent " + nodeRef + ", new container is " + nodeRef2);
            }
        } else if (logger.isDebugEnabled()) {
            logger.debug("No Remote Credentials Container for " + str + " found in " + nodeRef + ", will be lazy created on write");
        }
        return nodeRef2;
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public void deleteCredentials(BaseCredentialsInfo baseCredentialsInfo) {
        if (baseCredentialsInfo.getNodeRef() == null) {
            throw new IllegalArgumentException("Cannot delete Credentials which haven't been persisted yet!");
        }
        this.nodeService.deleteNode(baseCredentialsInfo.getNodeRef());
        if (logger.isDebugEnabled()) {
            logger.debug("Deleted credentials " + baseCredentialsInfo + " from " + baseCredentialsInfo.getNodeRef() + " from Remote System " + baseCredentialsInfo.getRemoteSystemName());
        }
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public BaseCredentialsInfo createPersonCredentials(String str, BaseCredentialsInfo baseCredentialsInfo) {
        return createCredentials(str, getPersonContainer(str, true), baseCredentialsInfo);
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public BaseCredentialsInfo createSharedCredentials(String str, BaseCredentialsInfo baseCredentialsInfo) {
        return createCredentials(str, getSharedContainer(str, true), baseCredentialsInfo);
    }

    private BaseCredentialsInfo createCredentials(String str, NodeRef nodeRef, BaseCredentialsInfo baseCredentialsInfo) {
        if (baseCredentialsInfo.getNodeRef() != null) {
            throw new IllegalArgumentException("Cannot create Credentials which have already been persisted!");
        }
        RemoteCredentialsInfoFactory remoteCredentialsInfoFactory = this.credentialsFactories.get(baseCredentialsInfo.getCredentialsType());
        if (remoteCredentialsInfoFactory == null) {
            throw new TypeConversionException("No Factory registered for type " + baseCredentialsInfo.getCredentialsType());
        }
        Map<QName, Serializable> coreCredentials = RemoteCredentialsInfoFactory.FactoryHelper.getCoreCredentials(baseCredentialsInfo);
        coreCredentials.putAll(remoteCredentialsInfoFactory.serializeCredentials(baseCredentialsInfo));
        NodeRef childRef = this.nodeService.createNode(nodeRef, RemoteCredentialsModel.ASSOC_CREDENTIALS, QName.createQName(GUID.generate()), baseCredentialsInfo.getCredentialsType(), coreCredentials).getChildRef();
        if (logger.isDebugEnabled()) {
            logger.debug("Created new credentials at " + childRef + " for " + str + " in " + nodeRef + " of " + baseCredentialsInfo);
        }
        return remoteCredentialsInfoFactory.createCredentials(baseCredentialsInfo.getCredentialsType(), childRef, str, nodeRef, this.nodeService.getProperties(childRef));
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public BaseCredentialsInfo getPersonCredentials(String str) {
        NodeRef personContainer = getPersonContainer(str, false);
        if (personContainer == null) {
            return null;
        }
        List childAssocs = this.nodeService.getChildAssocs(personContainer, RemoteCredentialsModel.ASSOC_CREDENTIALS, RegexQNamePattern.MATCH_ALL);
        if (childAssocs.size() > 0) {
            return loadCredentials(str, personContainer, ((ChildAssociationRef) childAssocs.get(0)).getChildRef());
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public BaseCredentialsInfo loadCredentials(String str, NodeRef nodeRef, NodeRef nodeRef2) {
        QName type = this.nodeService.getType(nodeRef2);
        RemoteCredentialsInfoFactory remoteCredentialsInfoFactory = this.credentialsFactories.get(type);
        if (remoteCredentialsInfoFactory == null) {
            throw new TypeConversionException("No Factory registered for type " + type);
        }
        return remoteCredentialsInfoFactory.createCredentials(type, nodeRef2, str, nodeRef, this.nodeService.getProperties(nodeRef2));
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public BaseCredentialsInfo updateCredentials(BaseCredentialsInfo baseCredentialsInfo) {
        if (baseCredentialsInfo.getNodeRef() == null) {
            throw new IllegalArgumentException("Cannot update Credentials which haven't been persisted yet!");
        }
        RemoteCredentialsInfoFactory remoteCredentialsInfoFactory = this.credentialsFactories.get(baseCredentialsInfo.getCredentialsType());
        if (remoteCredentialsInfoFactory == null) {
            throw new TypeConversionException("No Factory registered for type " + baseCredentialsInfo.getCredentialsType());
        }
        HashMap hashMap = new HashMap(this.nodeService.getProperties(baseCredentialsInfo.getNodeRef()));
        hashMap.putAll(RemoteCredentialsInfoFactory.FactoryHelper.getCoreCredentials(baseCredentialsInfo));
        hashMap.putAll(remoteCredentialsInfoFactory.serializeCredentials(baseCredentialsInfo));
        this.nodeService.setProperties(baseCredentialsInfo.getNodeRef(), hashMap);
        return baseCredentialsInfo;
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public BaseCredentialsInfo updateCredentialsAuthenticationSucceeded(boolean z, BaseCredentialsInfo baseCredentialsInfo) {
        if (baseCredentialsInfo.getNodeRef() == null) {
            throw new IllegalArgumentException("Cannot update Credentials which haven't been persisted yet!");
        }
        if (z == baseCredentialsInfo.getLastAuthenticationSucceeded()) {
            return baseCredentialsInfo;
        }
        this.nodeService.setProperty(baseCredentialsInfo.getNodeRef(), RemoteCredentialsModel.PROP_LAST_AUTHENTICATION_SUCCEEDED, Boolean.valueOf(z));
        if (!(baseCredentialsInfo instanceof AbstractCredentialsImpl)) {
            return loadCredentials(baseCredentialsInfo.getRemoteSystemName(), baseCredentialsInfo.getRemoteSystemContainerNodeRef(), baseCredentialsInfo.getNodeRef());
        }
        ((AbstractCredentialsImpl) baseCredentialsInfo).setLastAuthenticationSucceeded(z);
        return baseCredentialsInfo;
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public PagingResults<String> listAllRemoteSystems(PagingRequest pagingRequest) {
        return listRemoteSystems(true, true, pagingRequest);
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public PagingResults<String> listPersonRemoteSystems(PagingRequest pagingRequest) {
        return listRemoteSystems(true, false, pagingRequest);
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public PagingResults<String> listSharedRemoteSystems(PagingRequest pagingRequest) {
        return listRemoteSystems(false, true, pagingRequest);
    }

    private PagingResults<String> listRemoteSystems(boolean z, boolean z2, PagingRequest pagingRequest) {
        NodeRef sharedContainerNodeRef;
        ArrayList arrayList = new ArrayList();
        if (z) {
            NodeRef person = this.repositoryHelper.getPerson();
            if (this.nodeService.hasAspect(person, RemoteCredentialsModel.ASPECT_REMOTE_CREDENTIALS_SYSTEM_CONTAINER)) {
                arrayList.add(person);
            }
        }
        if (z2 && (sharedContainerNodeRef = getSharedContainerNodeRef(false)) != null) {
            arrayList.add(sharedContainerNodeRef);
        }
        if (arrayList.isEmpty()) {
            return new EmptyPagingResults();
        }
        HashSet hashSet = new HashSet();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            Iterator it2 = this.nodeService.getChildAssocs((NodeRef) it.next(), RemoteCredentialsModel.ASSOC_CREDENTIALS_SYSTEM, RegexQNamePattern.MATCH_ALL).iterator();
            while (it2.hasNext()) {
                hashSet.add(((ChildAssociationRef) it2.next()).getQName().getLocalName());
            }
        }
        ArrayList arrayList2 = new ArrayList(hashSet);
        Collections.sort(arrayList2);
        return new ListBackedPagingResults(arrayList2, pagingRequest);
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public PagingResults<? extends BaseCredentialsInfo> listSharedCredentials(String str, QName qName, PagingRequest pagingRequest) {
        NodeRef sharedContainer = getSharedContainer(str, false);
        return sharedContainer == null ? new EmptyPagingResults() : listCredentials(new NodeRef[]{sharedContainer}, str, qName, pagingRequest);
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public PagingResults<? extends BaseCredentialsInfo> listPersonCredentials(String str, QName qName, PagingRequest pagingRequest) {
        NodeRef personContainer = getPersonContainer(str, false);
        return personContainer == null ? new EmptyPagingResults() : listCredentials(new NodeRef[]{personContainer}, str, qName, pagingRequest);
    }

    @Override // org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService
    public PagingResults<? extends BaseCredentialsInfo> listAllCredentials(String str, QName qName, PagingRequest pagingRequest) {
        NodeRef personContainer = getPersonContainer(str, false);
        NodeRef sharedContainer = getSharedContainer(str, false);
        return (personContainer == null && sharedContainer == null) ? new EmptyPagingResults() : listCredentials(new NodeRef[]{personContainer, sharedContainer}, str, qName, pagingRequest);
    }

    private PagingResults<? extends BaseCredentialsInfo> listCredentials(NodeRef[] nodeRefArr, String str, QName qName, PagingRequest pagingRequest) {
        HashSet hashSet = null;
        if (qName != null) {
            hashSet = new HashSet(this.dictionaryService.getSubTypes(qName, true));
            if (logger.isDebugEnabled()) {
                logger.debug("Searching for credentials of " + qName + " as types " + hashSet);
            }
        }
        ArrayList arrayList = new ArrayList();
        for (NodeRef nodeRef : nodeRefArr) {
            if (nodeRef != null) {
                List<ChildAssociationRef> childAssocs = this.nodeService.getChildAssocs(nodeRef, RemoteCredentialsModel.ASSOC_CREDENTIALS, RegexQNamePattern.MATCH_ALL);
                if (hashSet == null || hashSet.isEmpty()) {
                    arrayList.addAll(childAssocs);
                } else {
                    for (ChildAssociationRef childAssociationRef : childAssocs) {
                        if (hashSet.contains(this.nodeService.getType(childAssociationRef.getChildRef()))) {
                            arrayList.add(childAssociationRef);
                        }
                    }
                }
            }
        }
        if (arrayList.isEmpty()) {
            return new EmptyPagingResults();
        }
        int skipCount = pagingRequest.getSkipCount();
        int min = Math.min(arrayList.size(), skipCount + pagingRequest.getMaxItems());
        if (pagingRequest.getMaxItems() == 0) {
            min = arrayList.size();
        }
        return new CredentialsPagingResults(arrayList.subList(skipCount, min), arrayList.size(), min < arrayList.size(), str);
    }

    protected static String getSharedCredentialsSystemContainerName() {
        return SHARED_CREDENTIALS_CONTAINER_NAME;
    }

    protected static QName getSharedCredentialsSystemContainerQName() {
        return SHARED_CREDENTIALS_CONTAINER_QNAME;
    }

    protected static void setSharedCredentialsSystemContainerName(String str) {
        SHARED_CREDENTIALS_CONTAINER_NAME = str;
        SHARED_CREDENTIALS_CONTAINER_QNAME = QName.createQName(RemoteCredentialsModel.REMOTE_CREDENTIALS_MODEL_URL, SHARED_CREDENTIALS_CONTAINER_NAME);
    }
}
