package com.google.gerrit.httpd.rpc.account;

import com.google.gerrit.common.data.GroupAdminService;
import com.google.gerrit.common.data.GroupDetail;
import com.google.gerrit.common.data.GroupList;
import com.google.gerrit.common.data.GroupOptions;
import com.google.gerrit.common.data.GroupReference;
import com.google.gerrit.common.errors.InactiveAccountException;
import com.google.gerrit.common.errors.NameAlreadyUsedException;
import com.google.gerrit.common.errors.NoSuchAccountException;
import com.google.gerrit.common.errors.NoSuchEntityException;
import com.google.gerrit.common.errors.NoSuchGroupException;
import com.google.gerrit.httpd.rpc.BaseServiceImplementation;
import com.google.gerrit.httpd.rpc.account.CreateGroup;
import com.google.gerrit.httpd.rpc.account.GroupDetailHandler;
import com.google.gerrit.httpd.rpc.account.RenameGroup;
import com.google.gerrit.httpd.rpc.account.VisibleGroupsHandler;
import com.google.gerrit.reviewdb.client.Account;
import com.google.gerrit.reviewdb.client.AccountGroup;
import com.google.gerrit.reviewdb.client.AccountGroupInclude;
import com.google.gerrit.reviewdb.client.AccountGroupIncludeAudit;
import com.google.gerrit.reviewdb.client.AccountGroupMember;
import com.google.gerrit.reviewdb.client.AccountGroupMemberAudit;
import com.google.gerrit.reviewdb.client.AuthType;
import com.google.gerrit.reviewdb.server.ReviewDb;
import com.google.gerrit.server.IdentifiedUser;
import com.google.gerrit.server.account.AccountCache;
import com.google.gerrit.server.account.AccountException;
import com.google.gerrit.server.account.AccountManager;
import com.google.gerrit.server.account.AccountResolver;
import com.google.gerrit.server.account.AuthRequest;
import com.google.gerrit.server.account.GroupBackend;
import com.google.gerrit.server.account.GroupBackends;
import com.google.gerrit.server.account.GroupCache;
import com.google.gerrit.server.account.GroupControl;
import com.google.gerrit.server.account.GroupIncludeCache;
import com.google.gerrit.server.config.AuthConfig;
import com.google.gwtjsonrpc.common.AsyncCallback;
import com.google.gwtjsonrpc.common.VoidResult;
import com.google.gwtorm.server.OrmException;
import com.google.inject.Inject;
import com.google.inject.Provider;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/gerrit-httpd-2.5.2.jar:com/google/gerrit/httpd/rpc/account/GroupAdminServiceImpl.class */
public class GroupAdminServiceImpl extends BaseServiceImplementation implements GroupAdminService {
    private final AccountCache accountCache;
    private final AccountResolver accountResolver;
    private final AccountManager accountManager;
    private final AuthType authType;
    private final GroupCache groupCache;
    private final GroupBackend groupBackend;
    private final GroupIncludeCache groupIncludeCache;
    private final GroupControl.Factory groupControlFactory;
    private final CreateGroup.Factory createGroupFactory;
    private final RenameGroup.Factory renameGroupFactory;
    private final GroupDetailHandler.Factory groupDetailFactory;
    private final VisibleGroupsHandler.Factory visibleGroupsFactory;

    @Inject
    GroupAdminServiceImpl(Provider<ReviewDb> provider, Provider<IdentifiedUser> provider2, AccountCache accountCache, GroupIncludeCache groupIncludeCache, AccountResolver accountResolver, AccountManager accountManager, AuthConfig authConfig, GroupCache groupCache, GroupBackend groupBackend, GroupControl.Factory factory, CreateGroup.Factory factory2, RenameGroup.Factory factory3, GroupDetailHandler.Factory factory4, VisibleGroupsHandler.Factory factory5) {
        super(provider, provider2);
        this.accountCache = accountCache;
        this.groupIncludeCache = groupIncludeCache;
        this.accountResolver = accountResolver;
        this.accountManager = accountManager;
        this.authType = authConfig.getAuthType();
        this.groupCache = groupCache;
        this.groupBackend = groupBackend;
        this.groupControlFactory = factory;
        this.createGroupFactory = factory2;
        this.renameGroupFactory = factory3;
        this.groupDetailFactory = factory4;
        this.visibleGroupsFactory = factory5;
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void visibleGroups(AsyncCallback<GroupList> asyncCallback) {
        this.visibleGroupsFactory.create().to(asyncCallback);
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void createGroup(String str, AsyncCallback<AccountGroup.Id> asyncCallback) {
        this.createGroupFactory.create(str).to(asyncCallback);
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void groupDetail(AccountGroup.Id id, AccountGroup.UUID uuid, AsyncCallback<GroupDetail> asyncCallback) {
        AccountGroup accountGroup;
        if (id == null && uuid != null && (accountGroup = this.groupCache.get(uuid)) != null) {
            id = accountGroup.getId();
        }
        this.groupDetailFactory.create(id).to(asyncCallback);
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void changeGroupDescription(final AccountGroup.Id id, final String str, AsyncCallback<VoidResult> asyncCallback) {
        run(asyncCallback, new BaseServiceImplementation.Action<VoidResult>() { // from class: com.google.gerrit.httpd.rpc.account.GroupAdminServiceImpl.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.google.gerrit.httpd.rpc.BaseServiceImplementation.Action
            public VoidResult run(ReviewDb reviewDb) throws OrmException, BaseServiceImplementation.Failure {
                AccountGroup accountGroup = reviewDb.accountGroups().get(id);
                GroupAdminServiceImpl.this.assertAmGroupOwner(reviewDb, accountGroup);
                accountGroup.setDescription(str);
                reviewDb.accountGroups().update(Collections.singleton(accountGroup));
                GroupAdminServiceImpl.this.groupCache.evict(accountGroup);
                return VoidResult.INSTANCE;
            }
        });
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void changeGroupOptions(final AccountGroup.Id id, final GroupOptions groupOptions, AsyncCallback<VoidResult> asyncCallback) {
        run(asyncCallback, new BaseServiceImplementation.Action<VoidResult>() { // from class: com.google.gerrit.httpd.rpc.account.GroupAdminServiceImpl.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.google.gerrit.httpd.rpc.BaseServiceImplementation.Action
            public VoidResult run(ReviewDb reviewDb) throws OrmException, BaseServiceImplementation.Failure {
                AccountGroup accountGroup = reviewDb.accountGroups().get(id);
                GroupAdminServiceImpl.this.assertAmGroupOwner(reviewDb, accountGroup);
                accountGroup.setVisibleToAll(groupOptions.isVisibleToAll());
                reviewDb.accountGroups().update(Collections.singleton(accountGroup));
                GroupAdminServiceImpl.this.groupCache.evict(accountGroup);
                return VoidResult.INSTANCE;
            }
        });
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void changeGroupOwner(final AccountGroup.Id id, final String str, AsyncCallback<VoidResult> asyncCallback) {
        run(asyncCallback, new BaseServiceImplementation.Action<VoidResult>() { // from class: com.google.gerrit.httpd.rpc.account.GroupAdminServiceImpl.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.google.gerrit.httpd.rpc.BaseServiceImplementation.Action
            public VoidResult run(ReviewDb reviewDb) throws OrmException, BaseServiceImplementation.Failure {
                AccountGroup accountGroup = reviewDb.accountGroups().get(id);
                GroupAdminServiceImpl.this.assertAmGroupOwner(reviewDb, accountGroup);
                GroupReference findExactSuggestion = GroupBackends.findExactSuggestion(GroupAdminServiceImpl.this.groupBackend, str);
                if (findExactSuggestion == null) {
                    throw new BaseServiceImplementation.Failure(new NoSuchEntityException());
                }
                accountGroup.setOwnerGroupUUID(findExactSuggestion.getUUID());
                reviewDb.accountGroups().update(Collections.singleton(accountGroup));
                GroupAdminServiceImpl.this.groupCache.evict(accountGroup);
                return VoidResult.INSTANCE;
            }
        });
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void renameGroup(AccountGroup.Id id, String str, AsyncCallback<GroupDetail> asyncCallback) {
        this.renameGroupFactory.create(id, str).to(asyncCallback);
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void changeGroupType(final AccountGroup.Id id, final AccountGroup.Type type, AsyncCallback<VoidResult> asyncCallback) {
        run(asyncCallback, new BaseServiceImplementation.Action<VoidResult>() { // from class: com.google.gerrit.httpd.rpc.account.GroupAdminServiceImpl.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.google.gerrit.httpd.rpc.BaseServiceImplementation.Action
            public VoidResult run(ReviewDb reviewDb) throws OrmException, BaseServiceImplementation.Failure {
                AccountGroup accountGroup = reviewDb.accountGroups().get(id);
                GroupAdminServiceImpl.this.assertAmGroupOwner(reviewDb, accountGroup);
                accountGroup.setType(type);
                reviewDb.accountGroups().update(Collections.singleton(accountGroup));
                GroupAdminServiceImpl.this.groupCache.evict(accountGroup);
                return VoidResult.INSTANCE;
            }
        });
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void addGroupMember(final AccountGroup.Id id, final String str, AsyncCallback<GroupDetail> asyncCallback) {
        run(asyncCallback, new BaseServiceImplementation.Action<GroupDetail>() { // from class: com.google.gerrit.httpd.rpc.account.GroupAdminServiceImpl.5
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.google.gerrit.httpd.rpc.BaseServiceImplementation.Action
            public GroupDetail run(ReviewDb reviewDb) throws OrmException, BaseServiceImplementation.Failure, NoSuchGroupException {
                GroupControl validateFor = GroupAdminServiceImpl.this.groupControlFactory.validateFor(id);
                if (GroupAdminServiceImpl.this.groupCache.get(id).getType() != AccountGroup.Type.INTERNAL) {
                    throw new BaseServiceImplementation.Failure(new NameAlreadyUsedException());
                }
                Account findAccount = GroupAdminServiceImpl.this.findAccount(str);
                if (!findAccount.isActive()) {
                    throw new BaseServiceImplementation.Failure(new InactiveAccountException(findAccount.getFullName()));
                }
                if (!validateFor.canAddMember(findAccount.getId())) {
                    throw new BaseServiceImplementation.Failure(new NoSuchEntityException());
                }
                AccountGroupMember.Key key = new AccountGroupMember.Key(findAccount.getId(), id);
                if (reviewDb.accountGroupMembers().get(key) == null) {
                    AccountGroupMember accountGroupMember = new AccountGroupMember(key);
                    reviewDb.accountGroupMembersAudit().insert(Collections.singleton(new AccountGroupMemberAudit(accountGroupMember, GroupAdminServiceImpl.this.getAccountId())));
                    reviewDb.accountGroupMembers().insert(Collections.singleton(accountGroupMember));
                    GroupAdminServiceImpl.this.accountCache.evict(accountGroupMember.getAccountId());
                }
                return GroupAdminServiceImpl.this.groupDetailFactory.create(id).call();
            }
        });
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void addGroupInclude(final AccountGroup.Id id, final String str, AsyncCallback<GroupDetail> asyncCallback) {
        run(asyncCallback, new BaseServiceImplementation.Action<GroupDetail>() { // from class: com.google.gerrit.httpd.rpc.account.GroupAdminServiceImpl.6
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.google.gerrit.httpd.rpc.BaseServiceImplementation.Action
            public GroupDetail run(ReviewDb reviewDb) throws OrmException, BaseServiceImplementation.Failure, NoSuchGroupException {
                GroupControl validateFor = GroupAdminServiceImpl.this.groupControlFactory.validateFor(id);
                if (GroupAdminServiceImpl.this.groupCache.get(id).getType() != AccountGroup.Type.INTERNAL) {
                    throw new BaseServiceImplementation.Failure(new NameAlreadyUsedException());
                }
                AccountGroup findGroup = GroupAdminServiceImpl.this.findGroup(str);
                if (!validateFor.canAddGroup(findGroup.getId())) {
                    throw new BaseServiceImplementation.Failure(new NoSuchEntityException());
                }
                AccountGroupInclude.Key key = new AccountGroupInclude.Key(id, findGroup.getId());
                if (reviewDb.accountGroupIncludes().get(key) == null) {
                    AccountGroupInclude accountGroupInclude = new AccountGroupInclude(key);
                    reviewDb.accountGroupIncludesAudit().insert(Collections.singleton(new AccountGroupIncludeAudit(accountGroupInclude, GroupAdminServiceImpl.this.getAccountId())));
                    reviewDb.accountGroupIncludes().insert(Collections.singleton(accountGroupInclude));
                    GroupAdminServiceImpl.this.groupIncludeCache.evictInclude(findGroup.getGroupUUID());
                }
                return GroupAdminServiceImpl.this.groupDetailFactory.create(id).call();
            }
        });
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void deleteGroupMembers(final AccountGroup.Id id, final Set<AccountGroupMember.Key> set, AsyncCallback<VoidResult> asyncCallback) {
        run(asyncCallback, new BaseServiceImplementation.Action<VoidResult>() { // from class: com.google.gerrit.httpd.rpc.account.GroupAdminServiceImpl.7
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.google.gerrit.httpd.rpc.BaseServiceImplementation.Action
            public VoidResult run(ReviewDb reviewDb) throws OrmException, NoSuchGroupException, BaseServiceImplementation.Failure {
                GroupControl validateFor = GroupAdminServiceImpl.this.groupControlFactory.validateFor(id);
                if (GroupAdminServiceImpl.this.groupCache.get(id).getType() != AccountGroup.Type.INTERNAL) {
                    throw new BaseServiceImplementation.Failure(new NameAlreadyUsedException());
                }
                Iterator it = set.iterator();
                while (it.hasNext()) {
                    if (!id.equals(((AccountGroupMember.Key) it.next()).getAccountGroupId())) {
                        throw new BaseServiceImplementation.Failure(new NoSuchEntityException());
                    }
                }
                Account.Id accountId = GroupAdminServiceImpl.this.getAccountId();
                Iterator it2 = set.iterator();
                while (it2.hasNext()) {
                    AccountGroupMember accountGroupMember = reviewDb.accountGroupMembers().get((AccountGroupMember.Key) it2.next());
                    if (accountGroupMember != null) {
                        if (!validateFor.canRemoveMember(accountGroupMember.getAccountId())) {
                            throw new BaseServiceImplementation.Failure(new NoSuchEntityException());
                        }
                        AccountGroupMemberAudit accountGroupMemberAudit = null;
                        Iterator<AccountGroupMemberAudit> it3 = reviewDb.accountGroupMembersAudit().byGroupAccount(accountGroupMember.getAccountGroupId(), accountGroupMember.getAccountId()).iterator();
                        while (true) {
                            if (!it3.hasNext()) {
                                break;
                            }
                            AccountGroupMemberAudit next = it3.next();
                            if (next.isActive()) {
                                accountGroupMemberAudit = next;
                                break;
                            }
                        }
                        if (accountGroupMemberAudit != null) {
                            accountGroupMemberAudit.removed(accountId);
                            reviewDb.accountGroupMembersAudit().update(Collections.singleton(accountGroupMemberAudit));
                        } else {
                            AccountGroupMemberAudit accountGroupMemberAudit2 = new AccountGroupMemberAudit(accountGroupMember, accountId);
                            accountGroupMemberAudit2.removedLegacy();
                            reviewDb.accountGroupMembersAudit().insert(Collections.singleton(accountGroupMemberAudit2));
                        }
                        reviewDb.accountGroupMembers().delete(Collections.singleton(accountGroupMember));
                        GroupAdminServiceImpl.this.accountCache.evict(accountGroupMember.getAccountId());
                    }
                }
                return VoidResult.INSTANCE;
            }
        });
    }

    @Override // com.google.gerrit.common.data.GroupAdminService
    public void deleteGroupIncludes(final AccountGroup.Id id, final Set<AccountGroupInclude.Key> set, AsyncCallback<VoidResult> asyncCallback) {
        run(asyncCallback, new BaseServiceImplementation.Action<VoidResult>() { // from class: com.google.gerrit.httpd.rpc.account.GroupAdminServiceImpl.8
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.google.gerrit.httpd.rpc.BaseServiceImplementation.Action
            public VoidResult run(ReviewDb reviewDb) throws OrmException, NoSuchGroupException, BaseServiceImplementation.Failure {
                GroupControl validateFor = GroupAdminServiceImpl.this.groupControlFactory.validateFor(id);
                if (GroupAdminServiceImpl.this.groupCache.get(id).getType() != AccountGroup.Type.INTERNAL) {
                    throw new BaseServiceImplementation.Failure(new NameAlreadyUsedException());
                }
                Iterator it = set.iterator();
                while (it.hasNext()) {
                    if (!id.equals(((AccountGroupInclude.Key) it.next()).getGroupId())) {
                        throw new BaseServiceImplementation.Failure(new NoSuchEntityException());
                    }
                }
                Account.Id accountId = GroupAdminServiceImpl.this.getAccountId();
                HashSet hashSet = new HashSet();
                for (AccountGroupInclude.Key key : set) {
                    AccountGroupInclude accountGroupInclude = reviewDb.accountGroupIncludes().get(key);
                    if (accountGroupInclude != null) {
                        if (!validateFor.canRemoveGroup(accountGroupInclude.getIncludeId())) {
                            throw new BaseServiceImplementation.Failure(new NoSuchEntityException());
                        }
                        AccountGroupIncludeAudit accountGroupIncludeAudit = null;
                        Iterator<AccountGroupIncludeAudit> it2 = reviewDb.accountGroupIncludesAudit().byGroupInclude(accountGroupInclude.getGroupId(), accountGroupInclude.getIncludeId()).iterator();
                        while (true) {
                            if (!it2.hasNext()) {
                                break;
                            }
                            AccountGroupIncludeAudit next = it2.next();
                            if (next.isActive()) {
                                accountGroupIncludeAudit = next;
                                break;
                            }
                        }
                        if (accountGroupIncludeAudit != null) {
                            accountGroupIncludeAudit.removed(accountId);
                            reviewDb.accountGroupIncludesAudit().update(Collections.singleton(accountGroupIncludeAudit));
                        }
                        reviewDb.accountGroupIncludes().delete(Collections.singleton(accountGroupInclude));
                        hashSet.add(key.getIncludeId());
                    }
                }
                Iterator<AccountGroup> it3 = reviewDb.accountGroups().get(hashSet).iterator();
                while (it3.hasNext()) {
                    GroupAdminServiceImpl.this.groupIncludeCache.evictInclude(it3.next().getGroupUUID());
                }
                return VoidResult.INSTANCE;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void assertAmGroupOwner(ReviewDb reviewDb, AccountGroup accountGroup) throws BaseServiceImplementation.Failure {
        try {
            if (this.groupControlFactory.controlFor(accountGroup.getId()).isOwner()) {
            } else {
                throw new BaseServiceImplementation.Failure(new NoSuchGroupException(accountGroup.getId()));
            }
        } catch (NoSuchGroupException e) {
            throw new BaseServiceImplementation.Failure(new NoSuchGroupException(accountGroup.getId()));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Account findAccount(String str) throws OrmException, BaseServiceImplementation.Failure {
        Account find = this.accountResolver.find(str);
        if (find == null) {
            switch (this.authType) {
                case HTTP_LDAP:
                case CLIENT_SSL_CERT_LDAP:
                case LDAP:
                    find = createAccountByLdap(str);
                    break;
            }
            if (find == null) {
                throw new BaseServiceImplementation.Failure(new NoSuchAccountException(str));
            }
        }
        return find;
    }

    private Account createAccountByLdap(String str) {
        if (!str.matches(Account.USER_NAME_PATTERN)) {
            return null;
        }
        try {
            AuthRequest forUser = AuthRequest.forUser(str);
            forUser.setSkipAuthentication(true);
            return this.accountCache.get(this.accountManager.authenticate(forUser).getAccountId()).getAccount();
        } catch (AccountException e) {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AccountGroup findGroup(String str) throws OrmException, BaseServiceImplementation.Failure {
        AccountGroup accountGroup = this.groupCache.get(new AccountGroup.NameKey(str));
        if (accountGroup == null) {
            throw new BaseServiceImplementation.Failure(new NoSuchGroupException(str));
        }
        return accountGroup;
    }
}
