package com.evolveum.midpoint.gui.impl.page.admin.abstractrole.component;

import com.evolveum.midpoint.authentication.api.util.AuthUtil;
import com.evolveum.midpoint.gui.api.page.PageBase;
import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
import com.evolveum.midpoint.gui.impl.page.admin.abstractrole.component.AbstractRoleMemberPanel;
import com.evolveum.midpoint.model.api.ModelAuthorizationAction;
import com.evolveum.midpoint.prism.PrismContext;
import com.evolveum.midpoint.prism.PrismReferenceValue;
import com.evolveum.midpoint.prism.query.ObjectQuery;
import com.evolveum.midpoint.prism.query.builder.S_AtomicFilterExit;
import com.evolveum.midpoint.prism.query.builder.S_FilterEntry;
import com.evolveum.midpoint.schema.GetOperationOptions;
import com.evolveum.midpoint.schema.SchemaConstantsGenerated;
import com.evolveum.midpoint.schema.SelectorOptions;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.util.GetOperationOptionsUtil;
import com.evolveum.midpoint.schema.util.ObjectTypeUtil;
import com.evolveum.midpoint.security.api.OwnerResolver;
import com.evolveum.midpoint.security.enforcer.api.AuthorizationParameters;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.MiscUtil;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.exception.SystemException;
import com.evolveum.midpoint.util.logging.LoggingUtils;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.web.page.admin.reports.dto.AuditSearchDto;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractRoleType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivityDefinitionType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentHolderType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.MisfireActionType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectSetType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ScheduleType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ThreadStopActionType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.WorkDefinitionsType;
import com.evolveum.midpoint.xml.ns._public.model.scripting_3.AssignActionExpressionType;
import com.evolveum.midpoint.xml.ns._public.model.scripting_3.DeleteActionExpressionType;
import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ExecuteScriptType;
import com.evolveum.midpoint.xml.ns._public.model.scripting_3.UnassignActionExpressionType;
import com.evolveum.prism.xml.ns._public.types_3.PolyStringType;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.stream.Collectors;
import javax.xml.bind.JAXBElement;
import javax.xml.namespace.QName;
import org.apache.commons.lang3.StringUtils;
import org.apache.wicket.Component;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:com/evolveum/midpoint/gui/impl/page/admin/abstractrole/component/MemberOperationsHelper.class */
public class MemberOperationsHelper {
    private static final String OP_KEY_UNASSIGN = "Remove";
    private static final String OP_KEY_ASSIGN = "Add";
    private static final String OP_KEY_DELETE = "delete";
    private static final String OP_KEY_RECOMPUTE = "Recompute";
    private static final Trace LOGGER = TraceManager.getTrace(AbstractRoleMemberPanel.class);
    private static final String OP_SUBMIT_TASK = MemberOperationsHelper.class.getName() + ".submitMemberOperationTask";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/evolveum/midpoint/gui/impl/page/admin/abstractrole/component/MemberOperationsHelper$MemberOpTaskSpec.class */
    public static class MemberOpTaskSpec {

        @NotNull
        private final String operationName;

        @NotNull
        private final PolyStringType taskName;

        @NotNull
        private final QName memberType;

        @Nullable
        private final ObjectQuery memberQuery;

        @Nullable
        private final Collection<SelectorOptions<GetOperationOptions>> options;

        private MemberOpTaskSpec(@NotNull String str, @NotNull PolyStringType polyStringType, @NotNull QName qName, @Nullable ObjectQuery objectQuery, @Nullable Collection<SelectorOptions<GetOperationOptions>> collection) {
            this.operationName = str;
            this.taskName = polyStringType;
            this.memberType = qName;
            this.memberQuery = objectQuery;
            this.options = collection;
        }
    }

    public static void createAndSubmitUnassignMembersTask(AbstractRoleType abstractRoleType, AbstractRoleMemberPanel.QueryScope queryScope, QName qName, ObjectQuery objectQuery, Collection<QName> collection, AjaxRequestTarget ajaxRequestTarget, PageBase pageBase) {
        submitTaskIfPossible(createUnassignMembersTask(abstractRoleType, queryScope, qName, objectQuery, collection, ajaxRequestTarget, pageBase), ajaxRequestTarget, pageBase);
    }

    @Nullable
    public static Task createUnassignMembersTask(AbstractRoleType abstractRoleType, AbstractRoleMemberPanel.QueryScope queryScope, QName qName, ObjectQuery objectQuery, @NotNull Collection<QName> collection, AjaxRequestTarget ajaxRequestTarget, PageBase pageBase) {
        String oid = abstractRoleType.getOid();
        MiscUtil.argCheck(!collection.isEmpty(), "No relations provided", new Object[0]);
        MiscUtil.argCheck(oid != null, "Target object without OID: %s", new Object[]{abstractRoleType});
        ExecuteScriptType createUnassignBulkAction = createUnassignBulkAction(oid, collection);
        PolyStringType createTaskNameFromKey = createTaskNameFromKey(getOperationKey(OP_KEY_UNASSIGN, queryScope, abstractRoleType, AuditSearchDto.F_FROM), abstractRoleType, pageBase);
        return createScriptingMemberOperationTask(new MemberOpTaskSpec(getOperationName(createTaskNameFromKey), createTaskNameFromKey, qName, objectQuery, null), createUnassignBulkAction, pageBase, ajaxRequestTarget);
    }

    @NotNull
    private static ExecuteScriptType createUnassignBulkAction(@NotNull String str, @NotNull Collection<QName> collection) {
        try {
            UnassignActionExpressionType filter = new UnassignActionExpressionType().filter(PrismContext.get().getQueryConverter().createSearchFilterType(PrismContext.get().queryFor(AssignmentType.class).item(AssignmentType.F_TARGET_REF).ref((List) collection.stream().map(qName -> {
                return new ObjectReferenceType().oid(str).relation(qName).asReferenceValue();
            }).collect(Collectors.toList()), true).buildFilter()));
            ExecuteScriptType executeScriptType = new ExecuteScriptType();
            executeScriptType.setScriptingExpression(new JAXBElement(SchemaConstantsGenerated.SC_UNASSIGN, UnassignActionExpressionType.class, filter));
            return executeScriptType;
        } catch (SchemaException e) {
            throw new SystemException("Unexpected schema exception: " + e.getMessage(), e);
        }
    }

    public static void createAndSubmitAssignMembersTask(AbstractRoleType abstractRoleType, QName qName, ObjectQuery objectQuery, @NotNull QName qName2, AjaxRequestTarget ajaxRequestTarget, PageBase pageBase) {
        MiscUtil.argCheck(abstractRoleType.getOid() != null, "Target object without OID: %s", new Object[]{abstractRoleType});
        ExecuteScriptType createAssignBulkAction = createAssignBulkAction(abstractRoleType, qName2);
        PolyStringType createTaskNameFromKey = createTaskNameFromKey(getOperationKey(OP_KEY_ASSIGN, null, abstractRoleType, AuditSearchDto.F_TO), abstractRoleType, pageBase);
        submitTaskIfPossible(createScriptingMemberOperationTask(new MemberOpTaskSpec(getOperationName(createTaskNameFromKey), createTaskNameFromKey, qName, objectQuery, null), createAssignBulkAction, pageBase, ajaxRequestTarget), ajaxRequestTarget, pageBase);
    }

    @NotNull
    private static ExecuteScriptType createAssignBulkAction(AbstractRoleType abstractRoleType, @NotNull QName qName) {
        AssignActionExpressionType targetRef = new AssignActionExpressionType().targetRef(ObjectTypeUtil.createObjectRef(abstractRoleType, qName));
        ExecuteScriptType executeScriptType = new ExecuteScriptType();
        executeScriptType.setScriptingExpression(new JAXBElement(SchemaConstantsGenerated.SC_ASSIGN, AssignActionExpressionType.class, targetRef));
        return executeScriptType;
    }

    public static void createAndSubmitDeleteMembersTask(AbstractRoleType abstractRoleType, AbstractRoleMemberPanel.QueryScope queryScope, ObjectQuery objectQuery, AjaxRequestTarget ajaxRequestTarget, PageBase pageBase) {
        ExecuteScriptType createDeleteBulkAction = createDeleteBulkAction();
        PolyStringType createTaskNameFromKey = createTaskNameFromKey(getOperationKey("delete", queryScope, abstractRoleType, "of"), abstractRoleType, pageBase);
        submitTaskIfPossible(createScriptingMemberOperationTask(new MemberOpTaskSpec(getOperationName(createTaskNameFromKey), createTaskNameFromKey, AssignmentHolderType.COMPLEX_TYPE, objectQuery, null), createDeleteBulkAction, pageBase, ajaxRequestTarget), ajaxRequestTarget, pageBase);
    }

    @NotNull
    private static ExecuteScriptType createDeleteBulkAction() {
        ExecuteScriptType executeScriptType = new ExecuteScriptType();
        executeScriptType.setScriptingExpression(new JAXBElement(SchemaConstantsGenerated.SC_DELETE, DeleteActionExpressionType.class, new DeleteActionExpressionType()));
        return executeScriptType;
    }

    public static void createAndSubmitRecomputeMembersTask(AbstractRoleType abstractRoleType, AbstractRoleMemberPanel.QueryScope queryScope, ObjectQuery objectQuery, AjaxRequestTarget ajaxRequestTarget, PageBase pageBase) {
        submitTaskIfPossible(createRecomputeMembersTask(abstractRoleType, queryScope, objectQuery, ajaxRequestTarget, pageBase), ajaxRequestTarget, pageBase);
    }

    public static Task createRecomputeMembersTask(AbstractRoleType abstractRoleType, AbstractRoleMemberPanel.QueryScope queryScope, ObjectQuery objectQuery, AjaxRequestTarget ajaxRequestTarget, PageBase pageBase) {
        PolyStringType createTaskNameFromKey = createTaskNameFromKey(getOperationKey(OP_KEY_RECOMPUTE, queryScope, abstractRoleType, "of"), abstractRoleType, pageBase);
        return createRecomputeMembersTask(new MemberOpTaskSpec(getOperationName(createTaskNameFromKey), createTaskNameFromKey, AssignmentHolderType.COMPLEX_TYPE, objectQuery, null), ajaxRequestTarget, pageBase);
    }

    @NotNull
    public static <R extends AbstractRoleType> ObjectQuery createDirectMemberQuery(R r, @NotNull QName qName, Collection<QName> collection, ObjectReferenceType objectReferenceType, ObjectReferenceType objectReferenceType2) {
        S_FilterEntry queryFor = PrismContext.get().queryFor(AssignmentHolderType.class);
        if (!AssignmentHolderType.COMPLEX_TYPE.equals(qName)) {
            queryFor = queryFor.type(qName);
        }
        S_AtomicFilterExit ref = queryFor.exists(new Object[]{AssignmentHolderType.F_ASSIGNMENT}).block().item(AssignmentType.F_TARGET_REF).ref(createReferenceValuesList(r, collection));
        if (objectReferenceType != null && StringUtils.isNotEmpty(objectReferenceType.getOid())) {
            ref = ref.and().item(AssignmentType.F_TENANT_REF).ref(new String[]{objectReferenceType.getOid()});
        }
        if (objectReferenceType2 != null && StringUtils.isNotEmpty(objectReferenceType2.getOid())) {
            ref = ref.and().item(AssignmentType.F_ORG_REF).ref(new String[]{objectReferenceType2.getOid()});
        }
        ObjectQuery build = ref.endBlock().build();
        LOGGER.trace("Searching members of role {} with query:\n{}", r.getOid(), build.debugDumpLazily());
        return build;
    }

    @NotNull
    public static List<PrismReferenceValue> createReferenceValuesList(@NotNull AbstractRoleType abstractRoleType, @NotNull Collection<QName> collection) {
        MiscUtil.argCheck(!collection.isEmpty(), "At least one relation must be specified", new Object[0]);
        return (List) collection.stream().map(qName -> {
            return ObjectTypeUtil.createObjectRef(abstractRoleType, qName).asReferenceValue();
        }).collect(Collectors.toList());
    }

    @NotNull
    public static List<PrismReferenceValue> createReferenceValuesList(@NotNull ObjectReferenceType objectReferenceType, @NotNull Collection<QName> collection) {
        MiscUtil.argCheck(!collection.isEmpty(), "At least one relation must be specified", new Object[0]);
        return (List) collection.stream().map(qName -> {
            return objectReferenceType.relation(qName).asReferenceValue().clone();
        }).collect(Collectors.toList());
    }

    @NotNull
    public static ObjectQuery createSelectedObjectsQuery(@NotNull List<? extends ObjectType> list) {
        return PrismContext.get().queryFor(AssignmentHolderType.class).id((String[]) new HashSet(ObjectTypeUtil.getOids(list)).toArray(new String[0])).build();
    }

    private static <R extends AbstractRoleType> String getOperationKey(String str, AbstractRoleMemberPanel.QueryScope queryScope, R r, String str2) {
        StringBuilder sb = new StringBuilder("operation.");
        sb.append(str);
        sb.append(".");
        if (queryScope != null) {
            sb.append(queryScope.name());
            sb.append(".");
        }
        sb.append("members").append(".");
        if (r != null) {
            sb.append(str2 != null ? str2 : "").append(str2 != null ? "." : "");
            String simpleName = r.getClass().getSimpleName();
            if (simpleName.endsWith("Type")) {
                simpleName = simpleName.substring(0, simpleName.indexOf("Type"));
            }
            sb.append(simpleName);
        }
        return sb.toString().toLowerCase();
    }

    @NotNull
    private static PolyStringType createTaskNameFromKey(String str, AbstractRoleType abstractRoleType, PageBase pageBase) {
        return WebComponentUtil.createPolyFromOrigString(pageBase.getString(str, WebComponentUtil.getDisplayNameOrName(abstractRoleType.asPrismObject())));
    }

    @Nullable
    private static Task createScriptingMemberOperationTask(@NotNull MemberOpTaskSpec memberOpTaskSpec, @NotNull ExecuteScriptType executeScriptType, PageBase pageBase, AjaxRequestTarget ajaxRequestTarget) {
        try {
            Task createTaskForActivity = createTaskForActivity(memberOpTaskSpec, (ActivityDefinitionType) ((WorkDefinitionsType) new ActivityDefinitionType(PrismContext.get()).beginWork().beginIterativeScripting().objects(createObjectSetBean(memberOpTaskSpec)).scriptExecutionRequest(executeScriptType).end()).end(), pageBase);
            pageBase.getSecurityEnforcer().authorize(ModelAuthorizationAction.EXECUTE_SCRIPT.getUrl(), (AuthorizationPhaseType) null, AuthorizationParameters.EMPTY, (OwnerResolver) null, createTaskForActivity, createTaskForActivity.getResult());
            return createTaskForActivity;
        } catch (Exception e) {
            processTaskCreationException(e, memberOpTaskSpec.operationName, ajaxRequestTarget, pageBase);
            return null;
        }
    }

    private static ObjectSetType createObjectSetBean(@NotNull MemberOpTaskSpec memberOpTaskSpec) throws SchemaException {
        return new ObjectSetType(PrismContext.get()).type(memberOpTaskSpec.memberType).query(PrismContext.get().getQueryConverter().createQueryType(memberOpTaskSpec.memberQuery)).searchOptions(GetOperationOptionsUtil.optionsToOptionsBeanNullable(memberOpTaskSpec.options));
    }

    @Nullable
    private static Task createRecomputeMembersTask(@NotNull MemberOpTaskSpec memberOpTaskSpec, AjaxRequestTarget ajaxRequestTarget, PageBase pageBase) {
        try {
            Task createTaskForActivity = createTaskForActivity(memberOpTaskSpec, (ActivityDefinitionType) ((WorkDefinitionsType) new ActivityDefinitionType(PrismContext.get()).beginWork().beginRecomputation().objects(createObjectSetBean(memberOpTaskSpec)).end()).end(), pageBase);
            pageBase.getSecurityEnforcer().authorize(ModelAuthorizationAction.RECOMPUTE.getUrl(), (AuthorizationPhaseType) null, AuthorizationParameters.EMPTY, (OwnerResolver) null, createTaskForActivity, createTaskForActivity.getResult());
            return createTaskForActivity;
        } catch (Exception e) {
            processTaskCreationException(e, memberOpTaskSpec.operationName, ajaxRequestTarget, pageBase);
            return null;
        }
    }

    private static void processTaskCreationException(@NotNull Exception exc, @NotNull String str, AjaxRequestTarget ajaxRequestTarget, PageBase pageBase) {
        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't create member processing task", exc, new Object[0]);
        OperationResult operationResult = new OperationResult(str);
        operationResult.recordFatalError(pageBase.getString("WebComponentUtil.message.startPerformed.fatalError.createTask"), exc);
        pageBase.showResult(operationResult);
        ajaxRequestTarget.add(new Component[]{pageBase.getFeedbackPanel()});
    }

    @NotNull
    private static Task createTaskForActivity(@NotNull MemberOpTaskSpec memberOpTaskSpec, @NotNull ActivityDefinitionType activityDefinitionType, @NotNull PageBase pageBase) throws SchemaException {
        Task createSimpleTask = pageBase.createSimpleTask(memberOpTaskSpec.operationName);
        createSimpleTask.setName(memberOpTaskSpec.taskName);
        createSimpleTask.setOwner(AuthUtil.getPrincipalUser().getFocus().asPrismObject());
        createSimpleTask.setInitiallyRunnable();
        createSimpleTask.setThreadStopAction(ThreadStopActionType.RESTART);
        createSimpleTask.setSchedule(new ScheduleType(PrismContext.get()).misfireAction(MisfireActionType.EXECUTE_IMMEDIATELY));
        createSimpleTask.setRootActivityDefinition(activityDefinitionType);
        return createSimpleTask;
    }

    private static void submitTaskIfPossible(@Nullable Task task, AjaxRequestTarget ajaxRequestTarget, PageBase pageBase) {
        if (task != null) {
            OperationResult result = task.getResult();
            OperationResult createSubresult = result.createSubresult(OP_SUBMIT_TASK);
            try {
                try {
                    pageBase.getTaskManager().switchToBackground(task, createSubresult);
                    createSubresult.close();
                    result.setInProgress();
                    result.setBackgroundTaskOid(task.getOid());
                    pageBase.showResult(result);
                    ajaxRequestTarget.add(new Component[]{pageBase.getFeedbackPanel()});
                } catch (Throwable th) {
                    createSubresult.recordFatalError(th);
                    throw th;
                }
            } catch (Throwable th2) {
                createSubresult.close();
                throw th2;
            }
        }
    }

    private static String getOperationName(PolyStringType polyStringType) {
        return polyStringType.getOrig();
    }
}
