package org.alfresco.repo.tenant;

import java.io.File;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.regex.Pattern;
import javax.transaction.UserTransaction;
import net.sf.acegisecurity.providers.encoding.PasswordEncoder;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.activities.post.lookup.PostLookup;
import org.alfresco.repo.admin.RepoModelDefinition;
import org.alfresco.repo.content.ContentStore;
import org.alfresco.repo.content.ContentStoreCaps;
import org.alfresco.repo.dictionary.DictionaryComponent;
import org.alfresco.repo.domain.tenant.TenantAdminDAO;
import org.alfresco.repo.domain.tenant.TenantEntity;
import org.alfresco.repo.domain.tenant.TenantUpdateEntity;
import org.alfresco.repo.importer.ImporterBootstrap;
import org.alfresco.repo.node.db.DbNodeServiceImpl;
import org.alfresco.repo.policy.BehaviourFilter;
import org.alfresco.repo.security.authentication.AuthenticationContext;
import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.tenant.TenantUtil;
import org.alfresco.repo.thumbnail.ThumbnailRegistry;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.repo.usage.UserUsageTrackingComponent;
import org.alfresco.repo.workflow.WorkflowDeployer;
import org.alfresco.service.cmr.admin.RepoAdminService;
import org.alfresco.service.cmr.module.ModuleService;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.view.RepositoryExporterService;
import org.alfresco.service.cmr.workflow.WorkflowDefinition;
import org.alfresco.service.cmr.workflow.WorkflowService;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.PropertyCheck;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.extensions.surf.util.I18NUtil;
import org.springframework.extensions.surf.util.ParameterCheck;

/* loaded from: input_file:org/alfresco/repo/tenant/MultiTAdminServiceImpl.class */
public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationContextAware, InitializingBean {
    private static Log logger = LogFactory.getLog(MultiTAdminServiceImpl.class);
    protected ApplicationContext ctx;
    private NodeService nodeService;
    private RepoAdminService repoAdminService;
    private AuthenticationContext authenticationContext;
    private MultiTServiceImpl tenantService;
    private BehaviourFilter behaviourFilter;
    protected TransactionService transactionService;
    protected DictionaryComponent dictionaryComponent;
    protected TenantAdminDAO tenantAdminDAO;
    protected PasswordEncoder passwordEncoder;
    protected ContentStore tenantFileContentStore;
    private ThumbnailRegistry thumbnailRegistry;
    private WorkflowService workflowService;
    private RepositoryExporterService repositoryExporterService;
    private ModuleService moduleService;
    private TenantRoutingDataSource trds;
    protected static final String REGEX_VALID_DNS_LABEL = "^[a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9]$";
    protected static final String REGEX_CONTAINS_ALPHA = "^(.*)[a-zA-Z](.*)$";
    protected static final int MAX_LEN = 75;
    public static final String PROTOCOL_STORE_USER = "user";
    public static final String PROTOCOL_STORE_WORKSPACE = "workspace";
    public static final String PROTOCOL_STORE_SYSTEM = "system";
    public static final String PROTOCOL_STORE_ARCHIVE = "archive";
    public static final String STORE_BASE_ID_USER = "alfrescoUserStore";
    public static final String STORE_BASE_ID_SYSTEM = "system";
    public static final String STORE_BASE_ID_VERSION1 = "lightWeightVersionStore";
    public static final String STORE_BASE_ID_VERSION2 = "version2Store";
    public static final String STORE_BASE_ID_SPACES = "SpacesStore";
    public static final String TENANTS_ATTRIBUTE_PATH = "alfresco-tenants";
    public static final String TENANT_ATTRIBUTE_ENABLED = "enabled";
    public static final String TENANT_ATTRIBUTE_ROOT_CONTENT_STORE_DIR = "rootContentStoreDir";
    public static final String TENANT_ATTRIBUTE_DB_URL = "dbUrl";
    private static final String WARN_MSG = "system.mt.warn.upgrade_mt_admin_context";
    private String contentRootContainerPath = null;
    private List<WorkflowDeployer> workflowDeployers = new ArrayList();
    private String baseAdminUsername = null;
    private List<TenantDeployer> tenantDeployers = new ArrayList();

    public void setNodeService(DbNodeServiceImpl dbNodeServiceImpl) {
        this.nodeService = dbNodeServiceImpl;
    }

    public void setDictionaryComponent(DictionaryComponent dictionaryComponent) {
        this.dictionaryComponent = dictionaryComponent;
    }

    public void setRepoAdminService(RepoAdminService repoAdminService) {
        this.repoAdminService = repoAdminService;
    }

    public void setAuthenticationContext(AuthenticationContext authenticationContext) {
        this.authenticationContext = authenticationContext;
    }

    public void setTransactionService(TransactionService transactionService) {
        this.transactionService = transactionService;
    }

    public void setTenantService(MultiTServiceImpl multiTServiceImpl) {
        this.tenantService = multiTServiceImpl;
    }

    public void setBehaviourFilter(BehaviourFilter behaviourFilter) {
        this.behaviourFilter = behaviourFilter;
    }

    public void setTenantAdminDAO(TenantAdminDAO tenantAdminDAO) {
        this.tenantAdminDAO = tenantAdminDAO;
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    public void setTenantFileContentStore(ContentStore contentStore) {
        this.tenantFileContentStore = contentStore;
    }

    public void setWorkflowService(WorkflowService workflowService) {
        this.workflowService = workflowService;
    }

    public void setRepositoryExporterService(RepositoryExporterService repositoryExporterService) {
        this.repositoryExporterService = repositoryExporterService;
    }

    public void setWorkflowDeployer(WorkflowDeployer workflowDeployer) {
        logger.warn(WARN_MSG);
    }

    public void setModuleService(ModuleService moduleService) {
        this.moduleService = moduleService;
    }

    public void setThumbnailRegistry(ThumbnailRegistry thumbnailRegistry) {
        this.thumbnailRegistry = thumbnailRegistry;
    }

    public void setBaseAdminUsername(String str) {
        this.baseAdminUsername = str;
    }

    public void setTenantRoutingDataSource(TenantRoutingDataSource tenantRoutingDataSource) {
        this.trds = tenantRoutingDataSource;
    }

    public void setContentRootContainerPath(String str) {
        this.contentRootContainerPath = str;
    }

    public void afterPropertiesSet() throws Exception {
        if (this.baseAdminUsername == null) {
            logger.warn(I18NUtil.getMessage(WARN_MSG));
        }
        PropertyCheck.mandatory(this, "NodeService", this.nodeService);
        PropertyCheck.mandatory(this, "DictionaryComponent", this.dictionaryComponent);
        PropertyCheck.mandatory(this, "RepoAdminService", this.repoAdminService);
        PropertyCheck.mandatory(this, "TransactionService", this.transactionService);
        PropertyCheck.mandatory(this, "TenantService", this.tenantService);
        PropertyCheck.mandatory(this, "TenantAdminDAO", this.tenantAdminDAO);
        PropertyCheck.mandatory(this, "PasswordEncoder", this.passwordEncoder);
        PropertyCheck.mandatory(this, "TenantFileContentStore", this.tenantFileContentStore);
        PropertyCheck.mandatory(this, "WorkflowService", this.workflowService);
        PropertyCheck.mandatory(this, "RepositoryExporterService", this.repositoryExporterService);
        PropertyCheck.mandatory(this, "moduleService", this.moduleService);
    }

    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
        this.ctx = applicationContext;
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void startTenants() {
        AuthenticationUtil.setMtEnabled(true);
        register((TenantDeployer) this.dictionaryComponent);
        if (isTenantDeployer(this.tenantFileContentStore)) {
            register(tenantDeployer(this.tenantFileContentStore), 0);
        }
        UserTransaction userTransaction = this.transactionService.getUserTransaction();
        try {
            try {
                this.authenticationContext.setSystemUserAsCurrentUser();
                userTransaction.begin();
                int i = 0;
                int i2 = 0;
                for (Tenant tenant : getAllTenants()) {
                    if (!isTenantRoutingContentStore(this.tenantFileContentStore) && !this.tenantFileContentStore.getRootLocation().equals(tenant.getRootContentStoreDir())) {
                        throw new AlfrescoRuntimeException("MT: cannot start tenants - TenantRoutingContentStore is not configured AND not all tenants use co-mingled content store");
                    }
                    String tenantDomain = tenant.getTenantDomain();
                    if (tenant.isEnabled()) {
                        notifyAfterEnableTenant(tenantDomain);
                        i++;
                    } else {
                        i2++;
                        if (logger.isDebugEnabled()) {
                            logger.debug("Tenant disabled: " + tenantDomain);
                        }
                    }
                }
                userTransaction.commit();
                if (i + i2 == 0) {
                    AuthenticationUtil.setMtEnabled(false);
                }
                if (logger.isInfoEnabled() && i + i2 > 0) {
                    logger.info(String.format("Alfresco Multi-Tenant startup - %d enabled tenants, %d disabled tenants", Integer.valueOf(i), Integer.valueOf(i2)));
                } else if (logger.isDebugEnabled()) {
                    logger.debug(String.format("Alfresco Multi-Tenant startup - %d enabled tenants, %d disabled tenants", Integer.valueOf(i), Integer.valueOf(i2)));
                }
            } catch (Throwable th) {
                if (userTransaction != null) {
                    try {
                        userTransaction.rollback();
                    } catch (Exception e) {
                        throw new AlfrescoRuntimeException("Failed to bootstrap tenants", th);
                    }
                }
                throw new AlfrescoRuntimeException("Failed to bootstrap tenants", th);
            }
        } finally {
            this.authenticationContext.clearCurrentSecurityContext();
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void stopTenants() {
        this.tenantDeployers.clear();
        this.tenantDeployers = null;
        AuthenticationUtil.setMtEnabled(false);
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void createTenant(String str, char[] cArr) {
        createTenant(str, cArr, null);
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void createTenant(String str, char[] cArr, String str2) {
        createTenant(str, cArr, str2, null);
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void createTenant(String str, final char[] cArr, String str2, final String str3) {
        ParameterCheck.mandatory("tenantAdminRawPassword", cArr);
        final String tenantDomain = getTenantDomain(str);
        AuthenticationUtil.setMtEnabled(true);
        long currentTimeMillis = System.currentTimeMillis();
        if (this.contentRootContainerPath != null && !this.contentRootContainerPath.isEmpty()) {
            String str4 = !this.contentRootContainerPath.endsWith("/") ? this.contentRootContainerPath + "/" + tenantDomain : this.contentRootContainerPath + tenantDomain;
            if (str2 != null && !str2.isEmpty()) {
                logger.warn("Use default content root path: " + str4 + " (ignoring: " + str2 + ")");
            }
            str2 = str4;
        }
        initTenant(tenantDomain, str2, str3);
        if (str3 != null && this.trds != null) {
            try {
                this.trds.addTenantDataSource(tenantDomain, str3);
            } catch (SQLException e) {
                throw new AlfrescoRuntimeException("Failed to create tenant '" + tenantDomain + "' for dbUrl '" + str3 + "'", e);
            }
        }
        try {
            AuthenticationUtil.pushAuthentication();
            AuthenticationUtil.setFullyAuthenticatedUser(getSystemUser(tenantDomain));
            TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<Object>() { // from class: org.alfresco.repo.tenant.MultiTAdminServiceImpl.1
                public Object doWork() {
                    MultiTAdminServiceImpl.this.dictionaryComponent.init();
                    if (MultiTAdminServiceImpl.this.isTenantDeployer(MultiTAdminServiceImpl.this.tenantFileContentStore)) {
                        MultiTAdminServiceImpl.this.tenantDeployer(MultiTAdminServiceImpl.this.tenantFileContentStore).init();
                    }
                    MultiTAdminServiceImpl.this.transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Object>() { // from class: org.alfresco.repo.tenant.MultiTAdminServiceImpl.1.1
                        @Override // org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback
                        public Object execute() throws Throwable {
                            MultiTAdminServiceImpl.this.bootstrapUserTenantStore((ImporterBootstrap) MultiTAdminServiceImpl.this.ctx.getBean("userBootstrap-mt"), tenantDomain, cArr);
                            MultiTAdminServiceImpl.this.bootstrapSystemTenantStore((ImporterBootstrap) MultiTAdminServiceImpl.this.ctx.getBean("systemBootstrap-mt"), tenantDomain);
                            MultiTAdminServiceImpl.this.bootstrapVersionTenantStore((ImporterBootstrap) MultiTAdminServiceImpl.this.ctx.getBean("versionBootstrap-mt"), tenantDomain);
                            MultiTAdminServiceImpl.this.bootstrapVersionTenantStore((ImporterBootstrap) MultiTAdminServiceImpl.this.ctx.getBean("version2Bootstrap-mt"), tenantDomain);
                            MultiTAdminServiceImpl.this.bootstrapSpacesArchiveTenantStore((ImporterBootstrap) MultiTAdminServiceImpl.this.ctx.getBean("spacesArchiveBootstrap-mt"), tenantDomain);
                            MultiTAdminServiceImpl.this.bootstrapSpacesTenantStore((ImporterBootstrap) MultiTAdminServiceImpl.this.ctx.getBean("spacesBootstrap-mt"), tenantDomain);
                            MultiTAdminServiceImpl.this.thumbnailRegistry.initThumbnailDefinitions();
                            Iterator it = MultiTAdminServiceImpl.this.workflowDeployers.iterator();
                            while (it.hasNext()) {
                                ((WorkflowDeployer) it.next()).init();
                            }
                            MultiTAdminServiceImpl.this.moduleService.startModules();
                            return null;
                        }
                    }, MultiTAdminServiceImpl.this.transactionService.isReadOnly(), str3 != null);
                    return null;
                }
            }, tenantDomain);
            AuthenticationUtil.popAuthentication();
            if (logger.isInfoEnabled()) {
                logger.info("Tenant created: " + tenantDomain + " in " + (System.currentTimeMillis() - currentTimeMillis) + " ms");
            }
        } catch (Throwable th) {
            AuthenticationUtil.popAuthentication();
            throw th;
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void exportTenant(String str, final File file) {
        final String tenantDomain = getTenantDomain(str);
        TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<Object>() { // from class: org.alfresco.repo.tenant.MultiTAdminServiceImpl.2
            public Object doWork() {
                MultiTAdminServiceImpl.this.repositoryExporterService.export(file, tenantDomain);
                return null;
            }
        }, tenantDomain);
        if (logger.isInfoEnabled()) {
            logger.info("Tenant exported: " + tenantDomain);
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void importTenant(String str, File file, String str2) {
        String tenantDomain = getTenantDomain(str);
        AuthenticationUtil.setMtEnabled(true);
        initTenant(tenantDomain, str2, null);
        try {
            AuthenticationUtil.pushAuthentication();
            AuthenticationUtil.setFullyAuthenticatedUser(getSystemUser(tenantDomain));
            this.dictionaryComponent.init();
            if (isTenantDeployer(this.tenantFileContentStore)) {
                tenantDeployer(this.tenantFileContentStore).init();
            }
            importBootstrapUserTenantStore(tenantDomain, file);
            importBootstrapSystemTenantStore(tenantDomain, file);
            importBootstrapVersionTenantStore(tenantDomain, file);
            importBootstrapSpacesArchiveTenantStore(tenantDomain, file);
            importBootstrapSpacesModelsTenantStore(tenantDomain, file);
            importBootstrapSpacesTenantStore(tenantDomain, file);
            this.thumbnailRegistry.initThumbnailDefinitions();
            Iterator<TenantDeployer> it = this.tenantDeployers.iterator();
            while (it.hasNext()) {
                it.next().onEnableTenant();
            }
            if (this.workflowService.isMultiTenantWorkflowDeploymentEnabled()) {
                Iterator<WorkflowDeployer> it2 = this.workflowDeployers.iterator();
                while (it2.hasNext()) {
                    it2.next().init();
                }
            }
            this.moduleService.startModules();
            AuthenticationUtil.popAuthentication();
            if (logger.isInfoEnabled()) {
                logger.info("Tenant imported: " + tenantDomain);
            }
        } catch (Throwable th) {
            AuthenticationUtil.popAuthentication();
            throw th;
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public boolean existsTenant(String str) {
        ParameterCheck.mandatory(PostLookup.JSON_TENANT_DOMAIN, str);
        return getTenantAttributes(getTenantDomain(str)) != null;
    }

    private Tenant getTenantAttributes(String str) {
        TenantEntity tenant = this.tenantAdminDAO.getTenant(str);
        if (tenant == null) {
            return null;
        }
        return new Tenant(tenant.getTenantDomain(), tenant.getEnabled().booleanValue(), tenant.getContentRoot(), (String) null);
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void enableTenant(String str) {
        String tenantDomain = getTenantDomain(str);
        if (!existsTenant(tenantDomain)) {
            throw new AuthenticationException("Tenant does not exist: " + tenantDomain);
        }
        if (isEnabledTenant(tenantDomain)) {
            logger.warn("Tenant already enabled: " + tenantDomain);
        }
        TenantUpdateEntity tenantForUpdate = this.tenantAdminDAO.getTenantForUpdate(tenantDomain);
        tenantForUpdate.setEnabled(true);
        this.tenantAdminDAO.updateTenant(tenantForUpdate);
        notifyAfterEnableTenant(tenantDomain);
    }

    protected void notifyAfterEnableTenant(String str) {
        ParameterCheck.mandatory(PostLookup.JSON_TENANT_DOMAIN, str);
        TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<Object>() { // from class: org.alfresco.repo.tenant.MultiTAdminServiceImpl.3
            public Object doWork() {
                Iterator it = MultiTAdminServiceImpl.this.tenantDeployers.iterator();
                while (it.hasNext()) {
                    ((TenantDeployer) it.next()).onEnableTenant();
                }
                return null;
            }
        }, str);
        if (logger.isDebugEnabled()) {
            logger.debug("Tenant enabled: " + str);
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void disableTenant(String str) {
        String tenantDomain = getTenantDomain(str);
        if (!existsTenant(tenantDomain)) {
            throw new AuthenticationException("Tenant does not exist: " + tenantDomain);
        }
        if (!isEnabledTenant(tenantDomain)) {
            logger.warn("Tenant already disabled: " + tenantDomain);
        }
        notifyBeforeDisableTenant(tenantDomain);
        TenantUpdateEntity tenantForUpdate = this.tenantAdminDAO.getTenantForUpdate(tenantDomain);
        tenantForUpdate.setEnabled(false);
        this.tenantAdminDAO.updateTenant(tenantForUpdate);
    }

    private void notifyBeforeDisableTenant(String str) {
        String tenantDomain = getTenantDomain(str);
        TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<Object>() { // from class: org.alfresco.repo.tenant.MultiTAdminServiceImpl.4
            public Object doWork() {
                Iterator it = MultiTAdminServiceImpl.this.tenantDeployers.iterator();
                while (it.hasNext()) {
                    ((TenantDeployer) it.next()).onDisableTenant();
                }
                return null;
            }
        }, tenantDomain);
        if (logger.isInfoEnabled()) {
            logger.info("Tenant disabled: " + tenantDomain);
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public boolean isEnabledTenant(String str) {
        ParameterCheck.mandatory(PostLookup.JSON_TENANT_DOMAIN, str);
        Tenant tenantAttributes = getTenantAttributes(getTenantDomain(str));
        if (tenantAttributes != null) {
            return tenantAttributes.isEnabled();
        }
        return false;
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public Tenant getTenant(String str) {
        String tenantDomain = getTenantDomain(str);
        if (existsTenant(tenantDomain)) {
            return getTenantAttributes(tenantDomain);
        }
        throw new AuthenticationException("Tenant does not exist: " + tenantDomain);
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void deleteTenant(String str) {
        String tenantDomain = getTenantDomain(str);
        if (!existsTenant(tenantDomain)) {
            throw new AuthenticationException("Tenant does not exist: " + tenantDomain);
        }
        try {
            TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<Object>() { // from class: org.alfresco.repo.tenant.MultiTAdminServiceImpl.5
                public Object doWork() {
                    List<WorkflowDefinition> definitions;
                    if (MultiTAdminServiceImpl.this.workflowService.isMultiTenantWorkflowDeploymentEnabled() && (definitions = MultiTAdminServiceImpl.this.workflowService.getDefinitions()) != null) {
                        Iterator<WorkflowDefinition> it = definitions.iterator();
                        while (it.hasNext()) {
                            MultiTAdminServiceImpl.this.workflowService.undeployDefinition(it.next().getId());
                        }
                    }
                    List<String> messageBundles = MultiTAdminServiceImpl.this.repoAdminService.getMessageBundles();
                    if (messageBundles != null) {
                        Iterator<String> it2 = messageBundles.iterator();
                        while (it2.hasNext()) {
                            MultiTAdminServiceImpl.this.repoAdminService.undeployMessageBundle(it2.next());
                        }
                    }
                    List<RepoModelDefinition> models = MultiTAdminServiceImpl.this.repoAdminService.getModels();
                    if (models == null) {
                        return null;
                    }
                    Iterator<RepoModelDefinition> it3 = models.iterator();
                    while (it3.hasNext()) {
                        MultiTAdminServiceImpl.this.repoAdminService.undeployModel(it3.next().getRepoName());
                    }
                    return null;
                }
            }, tenantDomain);
            this.behaviourFilter.disableBehaviour(ContentModel.ASPECT_UNDELETABLE);
            try {
                this.nodeService.deleteStore(this.tenantService.getName(new StoreRef(PROTOCOL_STORE_WORKSPACE, STORE_BASE_ID_SPACES), tenantDomain, false));
                this.nodeService.deleteStore(this.tenantService.getName(new StoreRef(PROTOCOL_STORE_ARCHIVE, STORE_BASE_ID_SPACES), tenantDomain, false));
                this.nodeService.deleteStore(this.tenantService.getName(new StoreRef(PROTOCOL_STORE_WORKSPACE, "lightWeightVersionStore"), tenantDomain, false));
                this.nodeService.deleteStore(this.tenantService.getName(new StoreRef(PROTOCOL_STORE_WORKSPACE, "version2Store"), tenantDomain, false));
                this.nodeService.deleteStore(this.tenantService.getName(new StoreRef("system", "system"), tenantDomain, false));
                this.nodeService.deleteStore(this.tenantService.getName(new StoreRef("user", STORE_BASE_ID_USER), tenantDomain, false));
                this.behaviourFilter.enableBehaviour(ContentModel.ASPECT_UNDELETABLE);
                TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<Object>() { // from class: org.alfresco.repo.tenant.MultiTAdminServiceImpl.6
                    public Object doWork() {
                        MultiTAdminServiceImpl.this.moduleService.shutdownModules();
                        Iterator it = MultiTAdminServiceImpl.this.tenantDeployers.iterator();
                        while (it.hasNext()) {
                            ((TenantDeployer) it.next()).onDisableTenant();
                        }
                        return null;
                    }
                }, tenantDomain);
                this.tenantAdminDAO.deleteTenant(tenantDomain);
                if (logger.isInfoEnabled()) {
                    logger.info("Tenant deleted: " + tenantDomain);
                }
            } catch (Throwable th) {
                this.behaviourFilter.enableBehaviour(ContentModel.ASPECT_UNDELETABLE);
                throw th;
            }
        } catch (Throwable th2) {
            throw new AlfrescoRuntimeException("Failed to delete tenant: " + tenantDomain, th2);
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    @Deprecated
    public List<Tenant> getAllTenants() {
        return getTenants(false);
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    @Deprecated
    public List<Tenant> getTenants(boolean z) {
        List<TenantEntity> listTenants = this.tenantAdminDAO.listTenants(z);
        ArrayList arrayList = new ArrayList(listTenants.size());
        for (TenantEntity tenantEntity : listTenants) {
            arrayList.add(new Tenant(tenantEntity.getTenantDomain(), tenantEntity.getEnabled().booleanValue(), tenantEntity.getContentRoot(), (String) null));
        }
        return arrayList;
    }

    private void importBootstrapSystemTenantStore(String str, File file) {
        Properties properties = new Properties();
        properties.put("path", "/");
        properties.put("location", file.getPath() + "/" + str + "_system.acp");
        ArrayList arrayList = new ArrayList(1);
        arrayList.add(properties);
        ImporterBootstrap importerBootstrap = (ImporterBootstrap) this.ctx.getBean("systemBootstrap");
        importerBootstrap.setBootstrapViews(arrayList);
        bootstrapSystemTenantStore(importerBootstrap, str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void bootstrapSystemTenantStore(ImporterBootstrap importerBootstrap, String str) {
        StoreRef storeRef = importerBootstrap.getStoreRef();
        StoreRef storeRef2 = new StoreRef(storeRef.getProtocol(), this.tenantService.getName(storeRef.getIdentifier(), str));
        importerBootstrap.setStoreUrl(storeRef2.toString());
        ArrayList arrayList = new ArrayList();
        arrayList.add(new StoreRef(PROTOCOL_STORE_WORKSPACE, this.tenantService.getName(STORE_BASE_ID_USER, str)).toString());
        importerBootstrap.setMustNotExistStoreUrls(arrayList);
        importerBootstrap.bootstrap();
        importerBootstrap.setStoreUrl(storeRef.toString());
        if (logger.isDebugEnabled()) {
            logger.debug("Bootstrapped store: " + this.tenantService.getBaseName(storeRef2) + " (Tenant: " + str + ")");
        }
    }

    private void importBootstrapUserTenantStore(String str, File file) {
        Properties properties = new Properties();
        properties.put("path", "/");
        properties.put("location", file.getPath() + "/" + str + "_users.acp");
        ArrayList arrayList = new ArrayList(1);
        arrayList.add(properties);
        ImporterBootstrap importerBootstrap = (ImporterBootstrap) this.ctx.getBean("userBootstrap");
        importerBootstrap.setBootstrapViews(arrayList);
        bootstrapUserTenantStore(importerBootstrap, str, null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void bootstrapUserTenantStore(ImporterBootstrap importerBootstrap, String str, char[] cArr) {
        StoreRef storeRef = importerBootstrap.getStoreRef();
        StoreRef storeRef2 = new StoreRef(storeRef.getProtocol(), this.tenantService.getName(storeRef.getIdentifier(), str));
        importerBootstrap.setStoreUrl(storeRef2.toString());
        Properties configuration = importerBootstrap.getConfiguration();
        configuration.put("alfresco_user_store.adminusername", getTenantAdminUser(str));
        if (cArr != null) {
            configuration.put("alfresco_user_store.adminpassword", this.passwordEncoder.encodePassword(new String(cArr), (Object) null));
        }
        importerBootstrap.bootstrap();
        if (logger.isDebugEnabled()) {
            logger.debug("Bootstrapped store: " + this.tenantService.getBaseName(storeRef2) + " (Tenant: " + str + ")");
        }
    }

    private void importBootstrapVersionTenantStore(String str, File file) {
        Properties properties = new Properties();
        properties.put("path", "/");
        properties.put("location", file.getPath() + "/" + str + "_versions2.acp");
        ArrayList arrayList = new ArrayList(1);
        arrayList.add(properties);
        ImporterBootstrap importerBootstrap = (ImporterBootstrap) this.ctx.getBean("versionBootstrap");
        importerBootstrap.setBootstrapViews(arrayList);
        bootstrapVersionTenantStore(importerBootstrap, str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void bootstrapVersionTenantStore(ImporterBootstrap importerBootstrap, String str) {
        StoreRef storeRef = importerBootstrap.getStoreRef();
        StoreRef storeRef2 = new StoreRef(storeRef.getProtocol(), this.tenantService.getName(storeRef.getIdentifier(), str));
        importerBootstrap.setStoreUrl(storeRef2.toString());
        importerBootstrap.bootstrap();
        if (logger.isDebugEnabled()) {
            logger.debug("Bootstrapped store: " + this.tenantService.getBaseName(storeRef2) + " (Tenant: " + str + ")");
        }
    }

    private void importBootstrapSpacesArchiveTenantStore(String str, File file) {
        Properties properties = new Properties();
        properties.put("path", "/");
        properties.put("location", file.getPath() + "/" + str + "_spaces_archive.acp");
        ArrayList arrayList = new ArrayList(1);
        arrayList.add(properties);
        ImporterBootstrap importerBootstrap = (ImporterBootstrap) this.ctx.getBean("spacesArchiveBootstrap");
        importerBootstrap.setBootstrapViews(arrayList);
        bootstrapSpacesArchiveTenantStore(importerBootstrap, str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void bootstrapSpacesArchiveTenantStore(ImporterBootstrap importerBootstrap, String str) {
        StoreRef storeRef = importerBootstrap.getStoreRef();
        StoreRef storeRef2 = new StoreRef(storeRef.getProtocol(), this.tenantService.getName(storeRef.getIdentifier(), str));
        importerBootstrap.setStoreUrl(storeRef2.toString());
        ArrayList arrayList = new ArrayList();
        arrayList.add(storeRef2.toString());
        importerBootstrap.setMustNotExistStoreUrls(arrayList);
        importerBootstrap.bootstrap();
        if (logger.isDebugEnabled()) {
            logger.debug("Bootstrapped store: " + this.tenantService.getBaseName(storeRef2) + " (Tenant: " + str + ")");
        }
    }

    private void importBootstrapSpacesModelsTenantStore(String str, File file) {
        Properties properties = new Properties();
        properties.put("path", "/");
        properties.put("location", file.getPath() + "/" + str + "_models.acp");
        ArrayList arrayList = new ArrayList(1);
        arrayList.add(properties);
        ImporterBootstrap importerBootstrap = (ImporterBootstrap) this.ctx.getBean("spacesBootstrap");
        importerBootstrap.setBootstrapViews(arrayList);
        bootstrapSpacesTenantStore(importerBootstrap, str);
    }

    private void importBootstrapSpacesTenantStore(String str, File file) {
        Properties properties = new Properties();
        properties.put("path", "/");
        properties.put("location", file.getPath() + "/" + str + "_spaces.acp");
        properties.put(ImporterBootstrap.VIEW_UUID_BINDING, "UPDATE_EXISTING");
        ArrayList arrayList = new ArrayList(1);
        arrayList.add(properties);
        ImporterBootstrap importerBootstrap = (ImporterBootstrap) this.ctx.getBean("spacesBootstrap");
        importerBootstrap.setBootstrapViews(arrayList);
        importerBootstrap.setUseExistingStore(true);
        bootstrapSpacesTenantStore(importerBootstrap, str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void bootstrapSpacesTenantStore(ImporterBootstrap importerBootstrap, String str) {
        StoreRef storeRef = importerBootstrap.getStoreRef();
        StoreRef storeRef2 = new StoreRef(storeRef.getProtocol(), this.tenantService.getName(storeRef.getIdentifier(), str));
        importerBootstrap.setStoreUrl(storeRef2.toString());
        Properties configuration = importerBootstrap.getConfiguration();
        configuration.put("alfresco_user_store.adminusername", getTenantAdminUser(str));
        configuration.put("alfresco_user_store.guestusername", getTenantGuestUser(str));
        importerBootstrap.bootstrap();
        importerBootstrap.setStoreUrl(storeRef.toString());
        ((UserUsageTrackingComponent) this.ctx.getBean("userUsageTrackingComponent")).bootstrapInternal();
        if (logger.isDebugEnabled()) {
            logger.debug("Bootstrapped store: " + this.tenantService.getBaseName(storeRef2) + " (Tenant: " + str + ")");
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void deployTenants(final TenantDeployer tenantDeployer, Log log) {
        if (tenantDeployer == null) {
            throw new AlfrescoRuntimeException("Deployer must be provided");
        }
        if (log == null) {
            throw new AlfrescoRuntimeException("Logger must be provided");
        }
        if (this.tenantService.isEnabled()) {
            UserTransaction userTransaction = this.transactionService.getUserTransaction();
            this.authenticationContext.setSystemUserAsCurrentUser();
            try {
                try {
                    userTransaction.begin();
                    List<Tenant> allTenants = getAllTenants();
                    userTransaction.commit();
                    this.authenticationContext.clearCurrentSecurityContext();
                    for (Tenant tenant : allTenants) {
                        if (tenant.isEnabled()) {
                            try {
                                TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<Object>() { // from class: org.alfresco.repo.tenant.MultiTAdminServiceImpl.7
                                    public Object doWork() {
                                        tenantDeployer.init();
                                        return null;
                                    }
                                }, tenant.getTenantDomain());
                            } catch (Throwable th) {
                                log.error("Deployment failed" + th);
                                StringWriter stringWriter = new StringWriter();
                                th.printStackTrace(new PrintWriter(stringWriter));
                                log.error(stringWriter.toString());
                            }
                        }
                    }
                } catch (Throwable th2) {
                    if (userTransaction != null) {
                        try {
                            userTransaction.rollback();
                        } catch (Exception e) {
                            throw new AlfrescoRuntimeException("Failed to get tenants", th2);
                        }
                    }
                    throw new AlfrescoRuntimeException("Failed to get tenants", th2);
                }
            } catch (Throwable th3) {
                this.authenticationContext.clearCurrentSecurityContext();
                throw th3;
            }
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void undeployTenants(final TenantDeployer tenantDeployer, Log log) {
        if (tenantDeployer == null) {
            throw new AlfrescoRuntimeException("Deployer must be provided");
        }
        if (log == null) {
            throw new AlfrescoRuntimeException("Logger must be provided");
        }
        if (this.tenantService.isEnabled()) {
            UserTransaction userTransaction = this.transactionService.getUserTransaction();
            this.authenticationContext.setSystemUserAsCurrentUser();
            try {
                userTransaction.begin();
                List<Tenant> allTenants = getAllTenants();
                userTransaction.commit();
                try {
                    AuthenticationUtil.pushAuthentication();
                    for (Tenant tenant : allTenants) {
                        if (tenant.isEnabled()) {
                            try {
                                TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<Object>() { // from class: org.alfresco.repo.tenant.MultiTAdminServiceImpl.8
                                    public Object doWork() {
                                        tenantDeployer.destroy();
                                        return null;
                                    }
                                }, tenant.getTenantDomain());
                            } catch (Throwable th) {
                                log.error("Undeployment failed" + th);
                                StringWriter stringWriter = new StringWriter();
                                th.printStackTrace(new PrintWriter(stringWriter));
                                log.error(stringWriter.toString());
                            }
                        }
                    }
                } finally {
                    AuthenticationUtil.popAuthentication();
                }
            } catch (Throwable th2) {
                if (userTransaction != null) {
                    try {
                        userTransaction.rollback();
                    } catch (Exception e) {
                        this.authenticationContext.clearCurrentSecurityContext();
                        throw new AlfrescoRuntimeException("Failed to get tenants", th2);
                    }
                }
                try {
                    this.authenticationContext.clearCurrentSecurityContext();
                } catch (Exception e2) {
                }
                throw new AlfrescoRuntimeException("Failed to get tenants", th2);
            }
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void register(TenantDeployer tenantDeployer) {
        register(tenantDeployer, -1);
    }

    private void register(TenantDeployer tenantDeployer, int i) {
        if (tenantDeployer == null) {
            throw new AlfrescoRuntimeException("Deployer must be provided");
        }
        if (this.tenantDeployers.contains(tenantDeployer)) {
            return;
        }
        if (i == -1) {
            this.tenantDeployers.add(tenantDeployer);
        } else {
            this.tenantDeployers.add(i, tenantDeployer);
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void unregister(TenantDeployer tenantDeployer) {
        if (tenantDeployer == null) {
            throw new AlfrescoRuntimeException("TenantDeployer must be provided");
        }
        if (this.tenantDeployers != null) {
            this.tenantDeployers.remove(tenantDeployer);
        }
    }

    @Override // org.alfresco.repo.tenant.TenantAdminService
    public void register(WorkflowDeployer workflowDeployer) {
        if (workflowDeployer == null) {
            throw new AlfrescoRuntimeException("WorkflowDeployer must be provided");
        }
        if (this.workflowDeployers.contains(workflowDeployer)) {
            return;
        }
        this.workflowDeployers.add(workflowDeployer);
    }

    protected TenantRoutingContentStore tenantRoutingContentStore(ContentStore contentStore) {
        if (contentStore instanceof TenantRoutingContentStore) {
            return (TenantRoutingContentStore) contentStore;
        }
        if (contentStore instanceof ContentStoreCaps) {
            return (TenantRoutingContentStore) ((ContentStoreCaps) contentStore).getTenantRoutingContentStore();
        }
        return null;
    }

    protected boolean isTenantRoutingContentStore(ContentStore contentStore) {
        return tenantRoutingContentStore(contentStore) != null;
    }

    protected TenantDeployer tenantDeployer(ContentStore contentStore) {
        if (contentStore instanceof TenantDeployer) {
            return (TenantDeployer) contentStore;
        }
        if (contentStore instanceof ContentStoreCaps) {
            return ((ContentStoreCaps) contentStore).getTenantDeployer();
        }
        return null;
    }

    protected boolean isTenantDeployer(ContentStore contentStore) {
        return tenantDeployer(contentStore) != null;
    }

    private void initTenant(String str, String str2, String str3) {
        validateTenantName(str);
        if (existsTenant(str)) {
            throw new AlfrescoRuntimeException("Tenant already exists: " + str);
        }
        if (str2 == null) {
            str2 = this.tenantFileContentStore.getRootLocation();
        } else {
            if (!isTenantRoutingContentStore(this.tenantFileContentStore)) {
                throw new AlfrescoRuntimeException("MT: cannot initialse tenant - TenantRoutingContentStore is not configured AND tenant is not using co-mingled content store (ie. default root location)");
            }
            File file = new File(str2);
            if (file.exists() && file.list().length != 0) {
                logger.warn("Tenant root directory is not empty: " + str2);
            }
        }
        TenantEntity tenantEntity = new TenantEntity(str);
        tenantEntity.setEnabled(true);
        tenantEntity.setContentRoot(str2);
        tenantEntity.setDbUrl(str3);
        this.tenantAdminDAO.createTenant(tenantEntity);
    }

    protected void validateTenantName(String str) {
        ParameterCheck.mandatory(PostLookup.JSON_TENANT_DOMAIN, str);
        if (str.length() > MAX_LEN) {
            throw new IllegalArgumentException(str + " is not a valid tenant name (must be less than " + MAX_LEN + " characters)");
        }
        if (!Pattern.matches(REGEX_CONTAINS_ALPHA, str)) {
            throw new IllegalArgumentException(str + " is not a valid tenant name (must contain at least one alpha character)");
        }
        String[] split = str.split("\\.");
        if (split.length == 0) {
            if (!Pattern.matches(REGEX_VALID_DNS_LABEL, str)) {
                throw new IllegalArgumentException(str + " is not a valid DNS label (must match " + REGEX_VALID_DNS_LABEL + ")");
            }
            return;
        }
        for (int i = 0; i < split.length; i++) {
            if (!Pattern.matches(REGEX_VALID_DNS_LABEL, split[i])) {
                throw new IllegalArgumentException(split[i] + " is not a valid DNS label (must match " + REGEX_VALID_DNS_LABEL + ")");
            }
        }
    }

    public boolean isEnabled() {
        return this.tenantService.isEnabled();
    }

    public String getCurrentUserDomain() {
        return this.tenantService.getCurrentUserDomain();
    }

    public String getUserDomain(String str) {
        return this.tenantService.getUserDomain(str);
    }

    public String getBaseNameUser(String str) {
        return this.tenantService.getBaseNameUser(str);
    }

    public String getDomainUser(String str, String str2) {
        return this.tenantService.getDomainUser(str, getTenantDomain(str2));
    }

    private String getBaseAdminUser() {
        return this.baseAdminUsername != null ? this.baseAdminUsername : getBaseNameUser(AuthenticationUtil.getAdminUserName());
    }

    private String getSystemUser(String str) {
        return this.tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), str);
    }

    private String getTenantAdminUser(String str) {
        return this.tenantService.getDomainUser(getBaseAdminUser(), str);
    }

    private String getTenantGuestUser(String str) {
        return this.authenticationContext.getGuestUserName(str);
    }

    protected String getTenantDomain(String str) {
        ParameterCheck.mandatory(PostLookup.JSON_TENANT_DOMAIN, str);
        return str.toLowerCase(I18NUtil.getLocale());
    }
}
