package io.apiman.manager.api.service;

import io.apiman.common.logging.ApimanLoggerFactory;
import io.apiman.common.logging.IApimanLogger;
import io.apiman.manager.api.beans.BeanUtils;
import io.apiman.manager.api.beans.apis.ApiStatus;
import io.apiman.manager.api.beans.audit.AuditEntryBean;
import io.apiman.manager.api.beans.audit.data.EntityUpdatedData;
import io.apiman.manager.api.beans.audit.data.MembershipData;
import io.apiman.manager.api.beans.clients.ClientStatus;
import io.apiman.manager.api.beans.clients.ClientVersionBean;
import io.apiman.manager.api.beans.gateways.GatewayBean;
import io.apiman.manager.api.beans.idm.GrantRolesBean;
import io.apiman.manager.api.beans.idm.RoleBean;
import io.apiman.manager.api.beans.idm.RoleMembershipBean;
import io.apiman.manager.api.beans.idm.UserBean;
import io.apiman.manager.api.beans.members.MemberBean;
import io.apiman.manager.api.beans.members.MemberRoleBean;
import io.apiman.manager.api.beans.orgs.NewOrganizationBean;
import io.apiman.manager.api.beans.orgs.OrganizationBean;
import io.apiman.manager.api.beans.orgs.UpdateOrganizationBean;
import io.apiman.manager.api.beans.search.PagingBean;
import io.apiman.manager.api.beans.search.SearchCriteriaBean;
import io.apiman.manager.api.beans.search.SearchCriteriaFilterOperator;
import io.apiman.manager.api.beans.search.SearchResultsBean;
import io.apiman.manager.api.beans.summary.ApiEntryBean;
import io.apiman.manager.api.beans.summary.ApiRegistryBean;
import io.apiman.manager.api.core.IStorage;
import io.apiman.manager.api.core.IStorageQuery;
import io.apiman.manager.api.core.config.ApiManagerConfig;
import io.apiman.manager.api.core.exceptions.StorageException;
import io.apiman.manager.api.gateway.GatewayAuthenticationException;
import io.apiman.manager.api.gateway.IGatewayLink;
import io.apiman.manager.api.gateway.IGatewayLinkFactory;
import io.apiman.manager.api.rest.IRoleResource;
import io.apiman.manager.api.rest.exceptions.ClientVersionNotFoundException;
import io.apiman.manager.api.rest.exceptions.EntityStillActiveException;
import io.apiman.manager.api.rest.exceptions.InvalidNameException;
import io.apiman.manager.api.rest.exceptions.NotAuthorizedException;
import io.apiman.manager.api.rest.exceptions.OrganizationAlreadyExistsException;
import io.apiman.manager.api.rest.exceptions.OrganizationNotFoundException;
import io.apiman.manager.api.rest.exceptions.RoleNotFoundException;
import io.apiman.manager.api.rest.exceptions.SystemErrorException;
import io.apiman.manager.api.rest.exceptions.UserNotFoundException;
import io.apiman.manager.api.rest.exceptions.i18n.Messages;
import io.apiman.manager.api.rest.exceptions.util.ExceptionFactory;
import io.apiman.manager.api.rest.impl.audit.AuditUtils;
import io.apiman.manager.api.rest.impl.util.DataAccessUtilMixin;
import io.apiman.manager.api.rest.impl.util.FieldValidator;
import io.apiman.manager.api.security.ISecurityContext;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.TreeMap;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.transaction.Transactional;

@ApplicationScoped
@Transactional
/* loaded from: input_file:io/apiman/manager/api/service/OrganizationService.class */
public class OrganizationService implements DataAccessUtilMixin {
    private static final IApimanLogger LOGGER = ApimanLoggerFactory.getLogger(OrganizationService.class);
    private ApiManagerConfig config;
    private IStorage storage;
    private IStorageQuery query;
    private UserService userService;
    private IRoleResource roles;
    private ISecurityContext securityContext;
    private IGatewayLinkFactory gatewayLinkFactory;
    private ClientAppService clientService;

    @Inject
    public OrganizationService(ApiManagerConfig apiManagerConfig, IStorage iStorage, IStorageQuery iStorageQuery, UserService userService, IRoleResource iRoleResource, ISecurityContext iSecurityContext, IGatewayLinkFactory iGatewayLinkFactory, ClientAppService clientAppService) {
        this.config = apiManagerConfig;
        this.storage = iStorage;
        this.query = iStorageQuery;
        this.userService = userService;
        this.roles = iRoleResource;
        this.securityContext = iSecurityContext;
        this.gatewayLinkFactory = iGatewayLinkFactory;
        this.clientService = clientAppService;
    }

    public OrganizationService() {
    }

    public OrganizationBean createOrg(NewOrganizationBean newOrganizationBean) throws OrganizationAlreadyExistsException, InvalidNameException {
        FieldValidator.validateName(newOrganizationBean.getName());
        SearchCriteriaBean searchCriteriaBean = new SearchCriteriaBean();
        searchCriteriaBean.setPage(1);
        searchCriteriaBean.setPageSize(100);
        searchCriteriaBean.addFilter("autoGrant", "true", SearchCriteriaFilterOperator.bool_eq);
        try {
            List beans = this.query.findRoles(searchCriteriaBean).getBeans();
            if ("true".equals(System.getProperty("apiman.manager.require-auto-granted-org", "true")) && beans.isEmpty()) {
                throw new SystemErrorException(Messages.i18n.format("OrganizationResourceImpl.NoAutoGrantRoleAvailable", new Object[0]));
            }
            return (OrganizationBean) tryAction(() -> {
                OrganizationBean organizationBean = new OrganizationBean();
                organizationBean.setName(newOrganizationBean.getName());
                organizationBean.setDescription(newOrganizationBean.getDescription());
                organizationBean.setId(BeanUtils.idFromName(newOrganizationBean.getName()));
                organizationBean.setCreatedOn(new Date());
                organizationBean.setCreatedBy(this.securityContext.getCurrentUser());
                organizationBean.setModifiedOn(new Date());
                organizationBean.setModifiedBy(this.securityContext.getCurrentUser());
                if (this.storage.getOrganization(organizationBean.getId()) != null) {
                    throw ExceptionFactory.organizationAlreadyExistsException(newOrganizationBean.getName());
                }
                this.storage.createOrganization(organizationBean);
                this.storage.createAuditEntry(AuditUtils.organizationCreated(organizationBean, this.securityContext));
                Iterator it = beans.iterator();
                while (it.hasNext()) {
                    RoleMembershipBean create = RoleMembershipBean.create(this.securityContext.getCurrentUser(), ((RoleBean) it.next()).getId(), organizationBean.getId());
                    create.setCreatedOn(new Date());
                    this.storage.createMembership(create);
                }
                LOGGER.debug(String.format("Created organization %s: %s", organizationBean.getName(), organizationBean));
                return organizationBean;
            });
        } catch (StorageException e) {
            throw new SystemErrorException(e);
        }
    }

    public void deleteOrg(String str) throws OrganizationNotFoundException, NotAuthorizedException, EntityStillActiveException {
        tryAction(() -> {
            OrganizationBean organizationFromStorage = getOrganizationFromStorage(str);
            Iterator allClientVersions = this.storage.getAllClientVersions(organizationFromStorage, ClientStatus.Registered, 5);
            if (allClientVersions.hasNext()) {
                throw ExceptionFactory.entityStillActiveExceptionClientVersions(allClientVersions);
            }
            Iterator allApiVersions = this.storage.getAllApiVersions(organizationFromStorage, ApiStatus.Published, 5);
            if (allApiVersions.hasNext()) {
                throw ExceptionFactory.entityStillActiveExceptionApiVersions(allApiVersions);
            }
            Iterator allContracts = this.storage.getAllContracts(organizationFromStorage, 5);
            if (allContracts.hasNext()) {
                throw ExceptionFactory.entityStillActiveExceptionContracts(allContracts);
            }
            if (this.storage.getAllPlanVersions(organizationFromStorage, 5).hasNext()) {
                LOGGER.warn("There are locked plans(s): these will be deleted.");
            }
            this.storage.deleteOrganization(organizationFromStorage);
            LOGGER.debug("Deleted Organization: " + organizationFromStorage.getName());
        });
    }

    public OrganizationBean getOrg(String str) throws OrganizationNotFoundException {
        OrganizationBean organizationBean = (OrganizationBean) tryAction(() -> {
            return getOrganizationFromStorage(str);
        });
        LOGGER.debug("Got organization {0}: {1}", new Object[]{organizationBean.getName(), organizationBean});
        return organizationBean;
    }

    public void updateOrg(String str, UpdateOrganizationBean updateOrganizationBean) throws OrganizationNotFoundException, NotAuthorizedException {
        OrganizationBean organizationBean = (OrganizationBean) tryAction(() -> {
            return getOrganizationFromStorage(str);
        });
        EntityUpdatedData entityUpdatedData = new EntityUpdatedData();
        if (AuditUtils.valueChanged(organizationBean.getDescription(), updateOrganizationBean.getDescription())) {
            entityUpdatedData.addChange("description", organizationBean.getDescription(), updateOrganizationBean.getDescription());
            organizationBean.setDescription(updateOrganizationBean.getDescription());
        }
        tryAction(() -> {
            this.storage.updateOrganization(organizationBean);
            this.storage.createAuditEntry(AuditUtils.organizationUpdated(organizationBean, entityUpdatedData, this.securityContext));
        });
        LOGGER.debug(String.format("Updated organization %s: %s", organizationBean.getName(), organizationBean));
    }

    public SearchResultsBean<AuditEntryBean> activity(String str, int i, int i2) throws OrganizationNotFoundException, NotAuthorizedException {
        PagingBean create = PagingBean.create(i, i2);
        return (SearchResultsBean) tryAction(() -> {
            return this.query.auditEntity(str, (String) null, (String) null, (Class) null, create);
        });
    }

    public ApiRegistryBean getApiRegistry(String str, String str2, String str3) throws ClientVersionNotFoundException {
        ClientVersionBean clientVersion = this.clientService.getClientVersion(str, str2, str3);
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        try {
            try {
                ApiRegistryBean apiRegistry = this.query.getApiRegistry(str, str2, str3);
                apiRegistry.setApiKey(clientVersion.getApikey());
                for (ApiEntryBean apiEntryBean : apiRegistry.getApis()) {
                    String gatewayId = apiEntryBean.getGatewayId();
                    apiEntryBean.setGatewayId((String) null);
                    GatewayBean gatewayBean = (GatewayBean) hashMap2.get(gatewayId);
                    if (gatewayBean == null) {
                        gatewayBean = this.storage.getGateway(gatewayId);
                        hashMap2.put(gatewayId, gatewayBean);
                    }
                    IGatewayLink iGatewayLink = (IGatewayLink) hashMap.get(gatewayId);
                    if (iGatewayLink == null) {
                        iGatewayLink = this.gatewayLinkFactory.create(gatewayBean);
                        hashMap.put(gatewayId, iGatewayLink);
                    }
                    apiEntryBean.setHttpEndpoint(iGatewayLink.getApiEndpoint(apiEntryBean.getApiOrgId(), apiEntryBean.getApiId(), apiEntryBean.getApiVersion()).getEndpoint());
                }
                return apiRegistry;
            } catch (StorageException | GatewayAuthenticationException e) {
                throw new SystemErrorException(e);
            }
        } finally {
            Iterator it = hashMap.values().iterator();
            while (it.hasNext()) {
                ((IGatewayLink) it.next()).close();
            }
        }
    }

    public void grant(String str, GrantRolesBean grantRolesBean) throws OrganizationNotFoundException, RoleNotFoundException, UserNotFoundException, NotAuthorizedException {
        getOrg(str);
        this.userService.getUserById(grantRolesBean.getUserId());
        Iterator it = grantRolesBean.getRoleIds().iterator();
        while (it.hasNext()) {
            this.roles.get((String) it.next());
        }
        MembershipData membershipData = new MembershipData();
        membershipData.setUserId(grantRolesBean.getUserId());
        tryAction(() -> {
            for (String str2 : grantRolesBean.getRoleIds()) {
                RoleMembershipBean create = RoleMembershipBean.create(grantRolesBean.getUserId(), str2, str);
                create.setCreatedOn(new Date());
                if (this.storage.getMembership(grantRolesBean.getUserId(), str2, str) == null) {
                    this.storage.createMembership(create);
                }
                membershipData.addRole(str2);
            }
            this.storage.createAuditEntry(AuditUtils.membershipGranted(str, membershipData, this.securityContext));
        });
    }

    public void revoke(String str, String str2, String str3) throws OrganizationNotFoundException, RoleNotFoundException, UserNotFoundException, NotAuthorizedException {
        getOrg(str);
        this.userService.getUserById(str3);
        this.roles.get(str2);
        MembershipData membershipData = new MembershipData();
        membershipData.setUserId(str3);
        tryAction(() -> {
            this.storage.deleteMembership(str3, str2, str);
            membershipData.addRole(str2);
            this.storage.createAuditEntry(AuditUtils.membershipRevoked(str, membershipData, this.securityContext));
            LOGGER.debug(String.format("Revoked User %s Role %s Org %s", str3, str2, str));
        });
    }

    public void revokeAll(String str, String str2) throws OrganizationNotFoundException, RoleNotFoundException, UserNotFoundException, NotAuthorizedException {
        getOrg(str);
        this.userService.getUserById(str2);
        MembershipData membershipData = new MembershipData();
        membershipData.setUserId(str2);
        membershipData.addRole("*");
        tryAction(() -> {
            this.storage.deleteMemberships(str2, str);
            this.storage.createAuditEntry(AuditUtils.membershipRevoked(str, membershipData, this.securityContext));
        });
    }

    public List<MemberBean> listMembers(String str) throws OrganizationNotFoundException, NotAuthorizedException {
        getOrg(str);
        return (List) tryAction(() -> {
            Set<RoleMembershipBean> orgMemberships = this.query.getOrgMemberships(str);
            TreeMap treeMap = new TreeMap();
            for (RoleMembershipBean roleMembershipBean : orgMemberships) {
                String userId = roleMembershipBean.getUserId();
                String roleId = roleMembershipBean.getRoleId();
                RoleBean role = this.storage.getRole(roleId);
                if (role != null) {
                    MemberBean memberBean = (MemberBean) treeMap.get(userId);
                    if (memberBean == null) {
                        UserBean user = this.storage.getUser(userId);
                        memberBean = new MemberBean();
                        memberBean.setEmail(user.getEmail());
                        memberBean.setUserId(userId);
                        memberBean.setUserName(user.getFullName());
                        memberBean.setRoles(new ArrayList());
                        treeMap.put(userId, memberBean);
                    }
                    MemberRoleBean memberRoleBean = new MemberRoleBean();
                    memberRoleBean.setRoleId(roleId);
                    memberRoleBean.setRoleName(role.getName());
                    memberBean.getRoles().add(memberRoleBean);
                    if (memberBean.getJoinedOn() == null || roleMembershipBean.getCreatedOn().compareTo(memberBean.getJoinedOn()) < 0) {
                        memberBean.setJoinedOn(roleMembershipBean.getCreatedOn());
                    }
                }
            }
            return new ArrayList(treeMap.values());
        });
    }

    private OrganizationBean getOrganizationFromStorage(String str) throws OrganizationNotFoundException, StorageException {
        OrganizationBean organization = this.storage.getOrganization(str);
        if (organization == null) {
            throw ExceptionFactory.organizationNotFoundException(str);
        }
        return organization;
    }
}
