package org.wso2.carbon.is.migration.service.v700.service;

import java.sql.Connection;
import java.sql.SQLException;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.identity.core.migrate.MigrationClientException;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.organization.management.service.model.Organization;
import org.wso2.carbon.is.migration.service.v700.constant.MigratorConstants;
import org.wso2.carbon.is.migration.service.v700.dao.ApplicationDAO;
import org.wso2.carbon.is.migration.service.v700.dao.OrganizationDAO;
import org.wso2.carbon.is.migration.service.v700.dao.RoleV1DAO;
import org.wso2.carbon.is.migration.service.v700.dao.RoleV2DAO;
import org.wso2.carbon.is.migration.service.v700.model.Application;
import org.wso2.carbon.is.migration.service.v700.util.Utils;
import org.wso2.carbon.is.migration.util.Utility;
import org.wso2.carbon.user.api.Tenant;

/* loaded from: input_file:org/wso2/carbon/is/migration/service/v700/service/RoleV2MigrationService.class */
public class RoleV2MigrationService {
    private static final Logger LOG = LoggerFactory.getLogger(RoleV2MigrationService.class);
    private static final RoleV2DAO roleV2DAO = new RoleV2DAO();
    private static final RoleV1DAO roleV1DAO = new RoleV1DAO();
    private static final OrganizationDAO organizationDAO = new OrganizationDAO();
    private static final ApplicationDAO applicationDAO = new ApplicationDAO();
    private static final String AUDIENCE_FOR_ASSOCIATED_ROLES = "allowedAudienceForAssociatedRoles";

    public void execute() throws MigrationClientException {
        LOG.info("Started migrating SCIM role v1 to role v2.");
        addAudienceRef();
        try {
            Connection connection = Utils.getUMDataSource().getConnection();
            Throwable th = null;
            try {
                connection.setAutoCommit(false);
                migrateRoleV2(MigratorConstants.SUPER_TENANT_DOMAIN, connection);
                Iterator<Tenant> it = Utility.getTenants().iterator();
                while (it.hasNext()) {
                    migrateRoleV2(it.next().getDomain(), connection);
                }
                connection.commit();
                if (connection != null) {
                    if (0 != 0) {
                        try {
                            connection.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        connection.close();
                    }
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new MigrationClientException("Error while retrieving connection.", e);
        }
    }

    public void addAudienceRef() throws MigrationClientException {
        try {
            for (Organization organization : organizationDAO.getOrganizations(Utils.getUMDataSource().getConnection())) {
                if (!roleV2DAO.isRoleAudienceExist(MigratorConstants.ORGANIZATION, organization.getId())) {
                    roleV2DAO.createRoleAudience(MigratorConstants.ORGANIZATION, organization.getId());
                }
            }
        } catch (MigrationClientException e) {
            throw new MigrationClientException("Error while migrating SCIM role v1 to role v2.", e);
        } catch (SQLException e2) {
            throw new MigrationClientException("Error while retrieving connection.", e2);
        }
    }

    public void migrateRoleV2(String str, Connection connection) throws MigrationClientException {
        try {
            int tenantId = IdentityTenantUtil.getTenantId(str);
            String organizationIdByName = organizationDAO.getOrganizationIdByName(connection, str);
            for (String str2 : roleV1DAO.getV1Roles(connection, tenantId)) {
                int roleAudienceByAudienceID = roleV2DAO.getRoleAudienceByAudienceID(organizationIdByName);
                String sCIM2GroupId = roleV2DAO.getSCIM2GroupId(str2, tenantId, roleAudienceByAudienceID);
                if (sCIM2GroupId == null) {
                    sCIM2GroupId = UUID.randomUUID().toString();
                    roleV2DAO.insertSCIM2GroupId(tenantId, str2, sCIM2GroupId, roleAudienceByAudienceID);
                }
                roleV2DAO.updateHybridRole(connection, roleAudienceByAudienceID, sCIM2GroupId, str2, tenantId);
                assignRoleToApplications(sCIM2GroupId, str);
            }
        } catch (MigrationClientException e) {
            throw new MigrationClientException("Error while migrating SCIM role v1 to role v2.", e);
        }
    }

    private void assignRoleToApplications(String str, String str2) throws MigrationClientException {
        int tenantId = IdentityTenantUtil.getTenantId(str2);
        int i = -1;
        try {
            Iterator it = ((List) applicationDAO.getApplicationsExceptSystemApps(tenantId).stream().filter(application -> {
                return !MigratorConstants.CLIENT_CREDENTIALS.equals(application.getAllowedGrantTypes());
            }).collect(Collectors.toList())).iterator();
            while (it.hasNext()) {
                i = ((Application) it.next()).getAppID();
                if (applicationDAO.getApplicationProperty(i, "allowedAudienceForAssociatedRoles") == null) {
                    applicationDAO.insertApplicationProperty(i, tenantId, "allowedAudienceForAssociatedRoles", MigratorConstants.ORGANIZATION, null);
                }
            }
        } catch (MigrationClientException e) {
            LOG.error("Error while assigning role to application", e);
            if (i != -1) {
                applicationDAO.deleteApplicationAudience(i);
                applicationDAO.deleteRoleFromApplication(str);
            }
        }
    }
}
