package com.evolveum.midpoint.wf.impl.processors.primary.policy;

import com.evolveum.midpoint.common.LocalizationService;
import com.evolveum.midpoint.model.api.ModelInteractionService;
import com.evolveum.midpoint.model.api.ObjectTreeDeltas;
import com.evolveum.midpoint.model.api.authentication.CompiledGuiProfile;
import com.evolveum.midpoint.model.api.context.AssociatedPolicyRule;
import com.evolveum.midpoint.model.api.context.EvaluatedAssignment;
import com.evolveum.midpoint.model.api.context.EvaluatedPolicyRuleTrigger;
import com.evolveum.midpoint.model.api.context.ModelContext;
import com.evolveum.midpoint.model.impl.lens.LensFocusContext;
import com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl;
import com.evolveum.midpoint.prism.Objectable;
import com.evolveum.midpoint.prism.PrismContainerValue;
import com.evolveum.midpoint.prism.PrismContext;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.delta.ChangeType;
import com.evolveum.midpoint.prism.delta.DeltaSetTriple;
import com.evolveum.midpoint.prism.delta.ObjectDelta;
import com.evolveum.midpoint.prism.delta.builder.S_ValuesEntry;
import com.evolveum.midpoint.prism.path.ItemPath;
import com.evolveum.midpoint.schema.config.PolicyActionConfigItem;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.util.ObjectTypeUtil;
import com.evolveum.midpoint.schema.util.OidUtil;
import com.evolveum.midpoint.util.DebugUtil;
import com.evolveum.midpoint.util.LocalizableMessage;
import com.evolveum.midpoint.util.LocalizableMessageBuilder;
import com.evolveum.midpoint.util.exception.CommunicationException;
import com.evolveum.midpoint.util.exception.ConfigurationException;
import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;
import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.exception.SecurityViolationException;
import com.evolveum.midpoint.util.exception.SystemException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.wf.impl.processes.itemApproval.ApprovalSchemaHelper;
import com.evolveum.midpoint.wf.impl.processors.ConfigurationHelper;
import com.evolveum.midpoint.wf.impl.processors.ModelInvocationContext;
import com.evolveum.midpoint.wf.impl.processors.primary.PcpStartInstruction;
import com.evolveum.midpoint.wf.impl.processors.primary.policy.ApprovalSchemaBuilder;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ApprovalPolicyActionType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ApprovalProcessStartInstructionCreationTraceType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.DefaultApprovalPolicyRulesUsageType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.RelationKindType;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import javax.xml.namespace.QName;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.Validate;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:BOOT-INF/lib/workflow-impl-4.10-SNAPSHOT.jar:com/evolveum/midpoint/wf/impl/processors/primary/policy/AssignmentPolicyAspectPart.class */
public class AssignmentPolicyAspectPart {
    private static final Trace LOGGER;
    private static final String OP_EXTRACT_ASSIGNMENT_BASED_INSTRUCTIONS;

    @Autowired
    private PolicyRuleBasedAspect main;

    @Autowired
    protected ApprovalSchemaHelper approvalSchemaHelper;

    @Autowired
    protected PrismContext prismContext;

    @Autowired
    protected ConfigurationHelper configurationHelper;

    @Autowired
    protected LocalizationService localizationService;

    @Autowired
    protected ModelInteractionService modelInteractionService;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    public void extractAssignmentBasedInstructions(ObjectTreeDeltas<?> objectTreeDeltas, PrismObject<? extends FocusType> prismObject, List<PcpStartInstruction> list, ModelInvocationContext<?> modelInvocationContext, OperationResult operationResult) throws SchemaException, ObjectNotFoundException {
        ApprovalProcessStartInstructionCreationTraceType approvalProcessStartInstructionCreationTraceType;
        OperationResult build = operationResult.subresult(OP_EXTRACT_ASSIGNMENT_BASED_INSTRUCTIONS).setMinor().build();
        if (build.isTracingNormal(ApprovalProcessStartInstructionCreationTraceType.class)) {
            approvalProcessStartInstructionCreationTraceType = new ApprovalProcessStartInstructionCreationTraceType();
            build.addTrace(approvalProcessStartInstructionCreationTraceType);
        } else {
            approvalProcessStartInstructionCreationTraceType = null;
        }
        try {
            try {
                DeltaSetTriple<EvaluatedAssignmentImpl<?>> evaluatedAssignmentTriple = modelInvocationContext.modelContext.getEvaluatedAssignmentTriple();
                LOGGER.trace("Processing evaluatedAssignmentTriple:\n{}", DebugUtil.debugDumpLazily(evaluatedAssignmentTriple));
                if (evaluatedAssignmentTriple == null) {
                    return;
                }
                ArrayList arrayList = new ArrayList();
                Iterator<EvaluatedAssignmentImpl<?>> it = evaluatedAssignmentTriple.union().iterator();
                while (it.hasNext()) {
                    CollectionUtils.addIgnoreNull(arrayList, createInstructionFromAssignment(it.next(), objectTreeDeltas, prismObject, modelInvocationContext, build));
                }
                int size = arrayList.size();
                if (approvalProcessStartInstructionCreationTraceType != null) {
                    Iterator it2 = arrayList.iterator();
                    while (it2.hasNext()) {
                        approvalProcessStartInstructionCreationTraceType.getCaseRef().add(ObjectTypeUtil.createObjectRefWithFullObject(((PcpStartInstruction) it2.next()).getCase()));
                    }
                }
                list.addAll(arrayList);
                try {
                    CompiledGuiProfile compiledGuiProfile = this.modelInteractionService.getCompiledGuiProfile(modelInvocationContext.task, build);
                    Integer assignmentApprovalRequestLimit = compiledGuiProfile.getRoleManagement() != null ? compiledGuiProfile.getRoleManagement().getAssignmentApprovalRequestLimit() : null;
                    LOGGER.trace("Assignment-related approval instructions: {}; limit is {}", Integer.valueOf(size), assignmentApprovalRequestLimit);
                    if (assignmentApprovalRequestLimit != null && size > assignmentApprovalRequestLimit.intValue()) {
                        throw new IllegalStateException("Assignment approval request limit (" + assignmentApprovalRequestLimit + ") exceeded: you are trying to submit " + size + " requests");
                    }
                    if (assignmentApprovalRequestLimit != null) {
                        build.addContext("assignmentApprovalRequestLimit", assignmentApprovalRequestLimit.intValue());
                    }
                    build.addReturn("instructionsCreated", Integer.valueOf(arrayList.size()));
                    build.computeStatusIfUnknown();
                } catch (CommunicationException | ConfigurationException | ExpressionEvaluationException | SecurityViolationException e) {
                    throw new SystemException(e.getMessage(), e);
                }
            } catch (Throwable th) {
                build.recordFatalError(th);
                throw th;
            }
        } finally {
            build.computeStatusIfUnknown();
        }
    }

    @Nullable
    private PcpStartInstruction createInstructionFromAssignment(EvaluatedAssignment evaluatedAssignment, @NotNull ObjectTreeDeltas<?> objectTreeDeltas, PrismObject<? extends FocusType> prismObject, ModelInvocationContext<?> modelInvocationContext, OperationResult operationResult) throws SchemaException {
        LOGGER.trace("-------------------------------------------------------------");
        LOGGER.trace("Creating process start instruction for an assignment to be {}: {}", getAssignmentChangeVerb(evaluatedAssignment), evaluatedAssignment);
        List<AssociatedPolicyRule> selectTriggeredApprovalActionRules = this.main.selectTriggeredApprovalActionRules(evaluatedAssignment.getAllAssociatedPolicyRules());
        logApprovalActions(evaluatedAssignment, selectTriggeredApprovalActionRules);
        if (evaluatedAssignment.getTarget() == null) {
            if (selectTriggeredApprovalActionRules.isEmpty()) {
                return null;
            }
            throw new IllegalStateException(String.format("No target in %s, but with %d triggered approval action rule(s)", evaluatedAssignment, Integer.valueOf(selectTriggeredApprovalActionRules.size())));
        }
        if (modelInvocationContext.modelContext.getFocusContext().isDelete()) {
            LOGGER.debug("Focus is going to be deleted. There's no point in approving any assignment changes.");
            return null;
        }
        ApprovalSchemaBuilder.Result createSchemaWithRules = createSchemaWithRules(selectTriggeredApprovalActionRules, evaluatedAssignment, modelInvocationContext, operationResult);
        if (this.approvalSchemaHelper.shouldBeSkipped(createSchemaWithRules.schema)) {
            return null;
        }
        ObjectDelta<? extends ObjectType> factorOutAssignmentValue = (evaluatedAssignment.isBeingAdded() || evaluatedAssignment.isBeingDeleted()) ? factorOutAssignmentValue(evaluatedAssignment, objectTreeDeltas, modelInvocationContext) : factorOutAssignmentModifications(evaluatedAssignment, objectTreeDeltas);
        if (factorOutAssignmentValue == null) {
            return null;
        }
        ObjectDelta<?> focusChange = objectTreeDeltas.getFocusChange();
        if (focusChange.isAdd()) {
            generateFocusOidIfNeeded(modelInvocationContext.modelContext, focusChange);
        }
        return prepareAssignmentRelatedStartInstruction(createSchemaWithRules, evaluatedAssignment, factorOutAssignmentValue, prismObject, modelInvocationContext, operationResult);
    }

    private void generateFocusOidIfNeeded(ModelContext<?> modelContext, ObjectDelta<? extends ObjectType> objectDelta) {
        if (modelContext.getFocusContext().getOid() != null) {
            return;
        }
        String generateOid = OidUtil.generateOid();
        LOGGER.trace("This is ADD operation with no focus OID provided. Generated new OID to be used: {}", generateOid);
        if (objectDelta.getChangeType() != ChangeType.ADD) {
            throw new IllegalStateException("Change type is not ADD for no-oid focus situation: " + objectDelta);
        }
        if (objectDelta.getObjectToAdd() == null) {
            throw new IllegalStateException("Object to add is null for change: " + objectDelta);
        }
        if (objectDelta.getObjectToAdd().getOid() != null) {
            throw new IllegalStateException("Object to add has already an OID present: " + objectDelta);
        }
        objectDelta.getObjectToAdd().setOid(generateOid);
        ((LensFocusContext) modelContext.getFocusContext()).setOid(generateOid);
    }

    private <T extends ObjectType> ObjectDelta<T> factorOutAssignmentModifications(EvaluatedAssignment evaluatedAssignment, ObjectTreeDeltas<T> objectTreeDeltas) {
        Long assignmentId = evaluatedAssignment.getAssignmentId();
        if (assignmentId == null) {
            throw new IllegalStateException("None or unnumbered assignment in " + evaluatedAssignment);
        }
        ItemPath create = ItemPath.create(FocusType.F_ASSIGNMENT, assignmentId);
        ObjectDelta<T> focusChange = objectTreeDeltas.getFocusChange();
        if (!$assertionsDisabled && focusChange == null) {
            throw new AssertionError();
        }
        ObjectDelta.FactorOutResultSingle<T> factorOut = focusChange.factorOut(Collections.singleton(create), false);
        if (factorOut.offspring != null) {
            return factorOut.offspring;
        }
        LOGGER.trace("No modifications for an assignment, skipping approval action(s). Assignment = {}", evaluatedAssignment);
        return null;
    }

    private ObjectDelta<? extends ObjectType> factorOutAssignmentValue(EvaluatedAssignment evaluatedAssignment, @NotNull ObjectTreeDeltas<?> objectTreeDeltas, ModelInvocationContext<?> modelInvocationContext) throws SchemaException {
        if (!$assertionsDisabled && !evaluatedAssignment.isBeingAdded() && !evaluatedAssignment.isBeingDeleted()) {
            throw new AssertionError();
        }
        PrismContainerValue asPrismContainerValue = evaluatedAssignment.getAssignment().asPrismContainerValue();
        boolean isBeingDeleted = evaluatedAssignment.isBeingDeleted();
        if (objectTreeDeltas.subtractFromFocusDelta(FocusType.F_ASSIGNMENT, asPrismContainerValue, isBeingDeleted, false)) {
            return assignmentToDelta(modelInvocationContext.modelContext.getFocusClass(), evaluatedAssignment.getAssignment(), isBeingDeleted, modelInvocationContext.getFocusObjectOid());
        }
        ObjectDelta<?> summarySecondaryDelta = modelInvocationContext.modelContext.getFocusContext().getSummarySecondaryDelta();
        if (summarySecondaryDelta == null || !summarySecondaryDelta.subtract(FocusType.F_ASSIGNMENT, asPrismContainerValue, isBeingDeleted, true)) {
            throw new IllegalStateException(String.format("Assignment to be added/deleted was not found in primary nor secondary delta.\nAssignment:\n%s\nPrimary delta:\n%s", asPrismContainerValue.debugDump(), objectTreeDeltas.debugDump()));
        }
        LOGGER.trace("Assignment to be added/deleted was not found in primary delta. It is present in secondary delta, so there's nothing to be approved.");
        return null;
    }

    private void logApprovalActions(EvaluatedAssignment evaluatedAssignment, List<AssociatedPolicyRule> list) {
        if (!LOGGER.isDebugEnabled() || list.isEmpty()) {
            return;
        }
        LOGGER.debug("Assignment to be {}: {}: {} this target policy rules, {} triggered approval action rules:", getAssignmentChangeVerb(evaluatedAssignment), evaluatedAssignment, Integer.valueOf(evaluatedAssignment.getThisTargetPolicyRules().size()), Integer.valueOf(list.size()));
        for (AssociatedPolicyRule associatedPolicyRule : list) {
            LOGGER.debug(" - Rule: {}", associatedPolicyRule.toShortString());
            LOGGER.debug("   - Approval actions: {}", associatedPolicyRule.getEnabledActions(ApprovalPolicyActionType.class));
            Iterator<EvaluatedPolicyRuleTrigger<?>> it = associatedPolicyRule.getEvaluatedPolicyRule().getTriggers().iterator();
            while (it.hasNext()) {
                LOGGER.debug("   - Trigger: {}", it.next());
            }
        }
    }

    private static String getAssignmentChangeVerb(EvaluatedAssignment evaluatedAssignment) {
        return evaluatedAssignment.isBeingAdded() ? "added" : evaluatedAssignment.isBeingDeleted() ? "deleted" : "kept";
    }

    /* JADX WARN: Multi-variable type inference failed */
    private ApprovalSchemaBuilder.Result createSchemaWithRules(@NotNull List<AssociatedPolicyRule> list, @NotNull EvaluatedAssignment evaluatedAssignment, @NotNull ModelInvocationContext<?> modelInvocationContext, @NotNull OperationResult operationResult) throws SchemaException {
        PrismObject<?> target = evaluatedAssignment.getTarget();
        ApprovalSchemaBuilder approvalSchemaBuilder = new ApprovalSchemaBuilder(this.main, this.approvalSchemaHelper);
        if (list.isEmpty() && evaluatedAssignment.isBeingAdded() && this.configurationHelper.getUseDefaultApprovalPolicyRules(modelInvocationContext.wfConfiguration) != DefaultApprovalPolicyRulesUsageType.NEVER && approvalSchemaBuilder.addPredefined(target, RelationKindType.APPROVER, operationResult)) {
            LOGGER.trace("Added default approval action, as no explicit one was found for {}", evaluatedAssignment);
        }
        for (AssociatedPolicyRule associatedPolicyRule : list) {
            for (PolicyActionConfigItem policyActionConfigItem : associatedPolicyRule.getEnabledActions(ApprovalPolicyActionType.class)) {
                approvalSchemaBuilder.add(this.main.getSchemaFromAction((ApprovalPolicyActionType) policyActionConfigItem.value()), (ApprovalPolicyActionType) policyActionConfigItem.value(), target, associatedPolicyRule);
            }
        }
        return approvalSchemaBuilder.buildSchema(modelInvocationContext, operationResult);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private PcpStartInstruction prepareAssignmentRelatedStartInstruction(ApprovalSchemaBuilder.Result result, EvaluatedAssignment evaluatedAssignment, ObjectDelta<? extends ObjectType> objectDelta, PrismObject<? extends FocusType> prismObject, ModelInvocationContext<?> modelInvocationContext, OperationResult operationResult) throws SchemaException {
        PrismObject<?> target = evaluatedAssignment.getTarget();
        Validate.notNull(target, "assignment target is null", new Object[0]);
        LocalizableMessage createProcessName = this.main.createProcessName(result, evaluatedAssignment, modelInvocationContext, operationResult);
        if (this.main.useDefaultProcessName(createProcessName)) {
            createProcessName = createDefaultProcessName(modelInvocationContext, evaluatedAssignment, target);
        }
        String translate = this.localizationService.translate(createProcessName, Locale.getDefault(), "(unnamed)");
        PcpStartInstruction createItemApprovalInstruction = PcpStartInstruction.createItemApprovalInstruction(this.main.getChangeProcessor(), result.schema, result.attachedRules);
        createItemApprovalInstruction.prepareCommonAttributes(this.main, modelInvocationContext.modelContext, prismObject);
        createItemApprovalInstruction.setDeltasToApprove(objectDelta);
        createItemApprovalInstruction.setObjectRef(modelInvocationContext);
        createItemApprovalInstruction.setTargetRef(ObjectTypeUtil.createObjectRef(target), operationResult);
        createItemApprovalInstruction.setName(translate, createProcessName);
        return createItemApprovalInstruction;
    }

    private LocalizableMessage createDefaultProcessName(ModelInvocationContext<?> modelInvocationContext, EvaluatedAssignment evaluatedAssignment, PrismObject<? extends ObjectType> prismObject) {
        ObjectType focusObjectNewOrOld = modelInvocationContext.getFocusObjectNewOrOld();
        String str = evaluatedAssignment.isBeingAdded() ? "Added" : evaluatedAssignment.isBeingDeleted() ? "Deleted" : "Modified";
        QName normalizedRelation = evaluatedAssignment.getNormalizedRelation();
        if (this.prismContext.isDefaultRelation(normalizedRelation)) {
            return new LocalizableMessageBuilder().key("DefaultPolicyConstraint.Short.assignmentModification.toBe" + str).arg(ObjectTypeUtil.createDisplayInformation(prismObject, false)).arg(ObjectTypeUtil.createDisplayInformation(PrismObject.asPrismObject(focusObjectNewOrOld), false)).build();
        }
        return new LocalizableMessageBuilder().key("DefaultPolicyConstraint.ShortWithRelation.assignmentModification.toBe" + str).arg(ObjectTypeUtil.createDisplayInformation(prismObject, false)).arg(ObjectTypeUtil.createDisplayInformation(PrismObject.asPrismObject(focusObjectNewOrOld), false)).arg(new LocalizableMessageBuilder().key("relation." + normalizedRelation.getLocalPart()).build()).build();
    }

    private ObjectDelta<? extends FocusType> assignmentToDelta(Class<? extends Objectable> cls, AssignmentType assignmentType, boolean z, String str) throws SchemaException {
        PrismContainerValue asPrismContainerValue = assignmentType.mo1633clone().asPrismContainerValue();
        S_ValuesEntry item = this.prismContext.deltaFor(cls).item(FocusType.F_ASSIGNMENT);
        return (z ? item.delete(asPrismContainerValue) : item.add(asPrismContainerValue)).asObjectDelta(str);
    }

    static {
        $assertionsDisabled = !AssignmentPolicyAspectPart.class.desiredAssertionStatus();
        LOGGER = TraceManager.getTrace((Class<?>) AssignmentPolicyAspectPart.class);
        OP_EXTRACT_ASSIGNMENT_BASED_INSTRUCTIONS = AssignmentPolicyAspectPart.class.getName() + ".extractAssignmentBasedInstructions";
    }
}
