package org.graylog2.migrations;

import com.mongodb.DuplicateKeyException;
import java.util.Collections;
import java.util.NoSuchElementException;
import java.util.Objects;
import java.util.Set;
import javax.annotation.Nullable;
import javax.inject.Inject;
import org.graylog2.database.NotFoundException;
import org.graylog2.plugin.database.ValidationException;
import org.graylog2.plugin.database.users.User;
import org.graylog2.shared.users.Role;
import org.graylog2.shared.users.UserService;
import org.graylog2.users.RoleImpl;
import org.graylog2.users.RoleService;
import org.joda.time.DateTimeZone;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/graylog2/migrations/MigrationHelpers.class */
public class MigrationHelpers {
    private static final Logger LOG = LoggerFactory.getLogger(MigrationHelpers.class);
    private final RoleService roleService;
    private final UserService userService;

    @Inject
    public MigrationHelpers(RoleService roleService, UserService userService) {
        this.roleService = roleService;
        this.userService = userService;
    }

    @Nullable
    public String ensureBuiltinRole(String str, String str2, Set<String> set) {
        Role role = null;
        try {
            role = this.roleService.load(str);
            if (!role.isReadOnly() || !set.equals(role.getPermissions())) {
                String str3 = "Invalid role '" + str + "', fixing it.";
                LOG.error(str3);
                throw new IllegalArgumentException(str3);
            }
            if (role != null) {
                return role.getId();
            }
            LOG.error("Unable to access fixed '" + str + "' role, please restart Graylog to fix this.");
            return null;
        } catch (IllegalArgumentException | NoSuchElementException | NotFoundException e) {
            LOG.info("{} role is missing or invalid, re-adding it as a built-in role.", str);
            RoleImpl roleImpl = new RoleImpl();
            if (role != null) {
                roleImpl._id = role.getId();
            }
            roleImpl.setReadOnly(true);
            roleImpl.setName(str);
            roleImpl.setDescription(str2);
            roleImpl.setPermissions(set);
            try {
                return this.roleService.save(roleImpl).getId();
            } catch (DuplicateKeyException | ValidationException e2) {
                LOG.error("Unable to save fixed '" + str + "' role, please restart Graylog to fix this.", e2);
            }
        }
    }

    @Nullable
    public String ensureUser(String str, String str2, String str3, String str4, String str5, Set<String> set) {
        return ensureUser(str, str2, str3, str4, str5, set, false);
    }

    @Nullable
    public String ensureUser(String str, String str2, String str3, String str4, String str5, Set<String> set, boolean z) {
        User create;
        User user = null;
        try {
            user = this.userService.load(str);
            if (user == null || !user.getRoleIds().containsAll(set) || !Objects.equals(Boolean.valueOf(z), Boolean.valueOf(user.isServiceAccount()))) {
                String str6 = "Invalid user '" + str + "', fixing it.";
                LOG.error(str6);
                throw new IllegalArgumentException(str6);
            }
            if (user != null) {
                return user.getId();
            }
            LOG.error("Unable to access fixed '" + str + "' user, please restart Graylog to fix this.");
            return null;
        } catch (IllegalArgumentException e) {
            LOG.info("{} user is missing or invalid, re-adding it as a built-in user.", str);
            if (user != null) {
                create = user;
                create.setRoleIds(set);
                create.setServiceAccount(z);
            } else {
                create = this.userService.create();
                create.setName(str);
                create.setFirstLastFullNames(str3, str4);
                create.setPassword(str2);
                create.setEmail(str5);
                create.setPermissions(Collections.emptyList());
                create.setRoleIds(set);
                create.setTimeZone(DateTimeZone.UTC);
                create.setServiceAccount(z);
            }
            try {
                return this.userService.save(create);
            } catch (ValidationException e2) {
                LOG.error("Unable to save fixed '" + str + "' user, please restart Graylog to fix this.", e2);
            }
        }
    }
}
