package com.evolveum.midpoint.model.impl.lens;

import com.evolveum.midpoint.audit.api.AuditEventRecord;
import com.evolveum.midpoint.audit.api.AuditEventStage;
import com.evolveum.midpoint.audit.api.AuditEventType;
import com.evolveum.midpoint.model.common.expression.ModelExpressionEnvironment;
import com.evolveum.midpoint.model.impl.util.ModelImplUtils;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.delta.ObjectDelta;
import com.evolveum.midpoint.prism.xml.XmlTypeConverter;
import com.evolveum.midpoint.repo.common.AuditConfiguration;
import com.evolveum.midpoint.repo.common.AuditHelper;
import com.evolveum.midpoint.schema.ObjectDeltaOperation;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SystemConfigurationAuditEventRecordingPropertyType;
import com.google.common.base.Preconditions;
import java.util.Collection;
import java.util.Iterator;
import javax.xml.datatype.XMLGregorianCalendar;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:BOOT-INF/lib/model-impl-4.9.2-SNAPSHOT.jar:com/evolveum/midpoint/model/impl/lens/ClockworkAuditHelper.class */
public class ClockworkAuditHelper {
    private static final Trace LOGGER;

    @Autowired
    private AuditHelper auditHelper;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    public <F extends ObjectType> void audit(LensContext<F> lensContext, AuditEventStage auditEventStage, Task task, OperationResult operationResult, OperationResult operationResult2) throws SchemaException {
        if (!lensContext.isLazyAuditRequest()) {
            auditEvent(lensContext, auditEventStage, null, false, task, operationResult, operationResult2);
            return;
        }
        if (auditEventStage == AuditEventStage.REQUEST || auditEventStage != AuditEventStage.EXECUTION || lensContext.getUnauditedExecutedDeltas().isEmpty()) {
            return;
        }
        if (!lensContext.isRequestAudited()) {
            auditEvent(lensContext, AuditEventStage.REQUEST, lensContext.getStats().getRequestTimestamp(), false, task, operationResult, operationResult2);
        }
        auditEvent(lensContext, auditEventStage, null, false, task, operationResult, operationResult2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public <F extends ObjectType> void auditFinalExecution(LensContext<F> lensContext, Task task, OperationResult operationResult, OperationResult operationResult2) {
        if (!lensContext.isRequestAudited() || lensContext.isExecutionAudited()) {
            return;
        }
        auditEvent(lensContext, AuditEventStage.EXECUTION, null, true, task, operationResult, operationResult2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    public <F extends ObjectType> void auditEvent(LensContext<F> lensContext, AuditEventStage auditEventStage, XMLGregorianCalendar xMLGregorianCalendar, boolean z, Task task, OperationResult operationResult, OperationResult operationResult2) {
        PrismObject<?> objectOld;
        ObjectDelta<? extends ObjectType> currentDelta;
        if (!task.isExecutionFullyPersistent()) {
            LOGGER.trace("No persistent execution, no auditing");
            return;
        }
        if (lensContext.getFocusContext() != null) {
            objectOld = lensContext.getFocusContext().getObjectOld() != null ? lensContext.getFocusContext().getObjectOld() : lensContext.getFocusContext().getObjectNew();
            currentDelta = lensContext.getFocusContext().getSummaryDelta();
        } else {
            Collection<LensProjectionContext> projectionContexts = lensContext.getProjectionContexts();
            if (projectionContexts.isEmpty()) {
                throw new IllegalStateException("No focus and no projections in " + lensContext);
            }
            if (projectionContexts.size() > 1) {
                throw new IllegalStateException("No focus and more than one projection in " + lensContext);
            }
            LensProjectionContext next = projectionContexts.iterator().next();
            objectOld = next.getObjectOld() != null ? next.getObjectOld() : next.getObjectNew();
            currentDelta = next.getCurrentDelta();
        }
        AuditEventRecord auditEventRecord = new AuditEventRecord(determineEventType(currentDelta), auditEventStage);
        auditEventRecord.setRequestIdentifier(lensContext.getRequestIdentifier());
        AuditConfiguration auditConfiguration = this.auditHelper.getAuditConfiguration(lensContext.getSystemConfigurationBean());
        if (objectOld != null) {
            auditEventRecord.setTarget(objectOld);
            if (auditConfiguration.isRecordResourceOids()) {
                recordResourceOids(auditEventRecord, (ObjectType) objectOld.getRealValue(), lensContext);
            }
        }
        auditEventRecord.setChannel(lensContext.getChannel());
        OperationResult cloneResultForAuditEventRecord = this.auditHelper.cloneResultForAuditEventRecord(operationResult2);
        if (auditEventStage == AuditEventStage.REQUEST) {
            Collection<? extends ObjectDeltaOperation<? extends ObjectType>> cloneDeltaCollection = ObjectDeltaOperation.cloneDeltaCollection(lensContext.getPrimaryChanges());
            checkNamesArePresent(cloneDeltaCollection, objectOld);
            auditEventRecord.addDeltas(cloneDeltaCollection);
            if (auditEventRecord.getTargetRef() == null) {
                auditEventRecord.setTargetRef(ModelImplUtils.determineAuditTargetDeltaOps(cloneDeltaCollection));
            }
        } else {
            if (auditEventStage != AuditEventStage.EXECUTION) {
                throw new IllegalStateException("Unknown audit stage " + auditEventStage);
            }
            auditEventRecord.setOutcome(cloneResultForAuditEventRecord.getStatus());
            Collection<ObjectDeltaOperation<? extends ObjectType>> unauditedExecutedDeltas = lensContext.getUnauditedExecutedDeltas();
            if (!z && unauditedExecutedDeltas.isEmpty()) {
                return;
            }
            Collection<? extends ObjectDeltaOperation<? extends ObjectType>> cloneCollection = ObjectDeltaOperation.cloneCollection(unauditedExecutedDeltas);
            checkNamesArePresent(cloneCollection, objectOld);
            auditEventRecord.addDeltas(cloneCollection);
        }
        if (xMLGregorianCalendar != null) {
            auditEventRecord.setTimestamp(Long.valueOf(XmlTypeConverter.toMillis(xMLGregorianCalendar)));
        }
        this.auditHelper.addRecordMessage(auditEventRecord, cloneResultForAuditEventRecord.getMessage());
        Iterator<SystemConfigurationAuditEventRecordingPropertyType> it = auditConfiguration.getPropertiesToRecord().iterator();
        while (it.hasNext()) {
            this.auditHelper.evaluateAuditRecordProperty(it.next(), auditEventRecord, objectOld, lensContext.getPrivilegedExpressionProfile(), task, operationResult);
        }
        if (auditConfiguration.getEventRecordingExpression() != null) {
            auditEventRecord = this.auditHelper.evaluateRecordingExpression(auditConfiguration.getEventRecordingExpression(), auditEventRecord, objectOld, lensContext.getPrivilegedExpressionProfile(), (task2, operationResult3) -> {
                return new ModelExpressionEnvironment(lensContext, null, task2, operationResult3);
            }, task, operationResult);
        }
        if (auditEventRecord != null) {
            this.auditHelper.audit(auditEventRecord, lensContext.getNameResolver(), task, operationResult);
        }
        if (auditEventStage == AuditEventStage.EXECUTION) {
            lensContext.markExecutedDeltasAudited();
            lensContext.setExecutionAudited(true);
        } else {
            if (!$assertionsDisabled && auditEventStage != AuditEventStage.REQUEST) {
                throw new AssertionError();
            }
            lensContext.setRequestAudited(true);
        }
    }

    private <F extends ObjectType> void recordResourceOids(AuditEventRecord auditEventRecord, ObjectType objectType, LensContext<F> lensContext) {
        ObjectReferenceType resourceRef;
        if (!(objectType instanceof FocusType)) {
            if (!(objectType instanceof ShadowType) || (resourceRef = ((ShadowType) objectType).getResourceRef()) == null || resourceRef.getOid() == null) {
                return;
            }
            auditEventRecord.addResourceOid(resourceRef.getOid());
            return;
        }
        Iterator<ObjectReferenceType> it = ((FocusType) objectType).getLinkRef().iterator();
        while (it.hasNext()) {
            String oid = it.next().getOid();
            if (oid != null) {
                Iterator<LensProjectionContext> it2 = lensContext.findProjectionContextsByOid(oid).iterator();
                while (it2.hasNext()) {
                    String resourceOid = it2.next().getResourceOid();
                    if (resourceOid != null) {
                        auditEventRecord.addResourceOid(resourceOid);
                    }
                }
            }
        }
    }

    @NotNull
    private AuditEventType determineEventType(ObjectDelta<? extends ObjectType> objectDelta) {
        AuditEventType auditEventType;
        if (objectDelta == null) {
            auditEventType = AuditEventType.SYNCHRONIZATION;
        } else if (objectDelta.isAdd()) {
            auditEventType = AuditEventType.ADD_OBJECT;
        } else if (objectDelta.isModify()) {
            auditEventType = AuditEventType.MODIFY_OBJECT;
        } else {
            if (!objectDelta.isDelete()) {
                throw new IllegalStateException("Unknown state of delta " + objectDelta);
            }
            auditEventType = AuditEventType.DELETE_OBJECT;
        }
        return auditEventType;
    }

    private void checkNamesArePresent(Collection<ObjectDeltaOperation<? extends ObjectType>> collection, PrismObject<? extends ObjectType> prismObject) {
        if (prismObject != null) {
            for (ObjectDeltaOperation<? extends ObjectType> objectDeltaOperation : collection) {
                if (objectDeltaOperation.getObjectName() == null) {
                    objectDeltaOperation.setObjectName(prismObject.getName());
                }
            }
        }
    }

    public void auditRequestDenied(@NotNull LensContext<? extends ObjectType> lensContext, @NotNull Task task, @NotNull OperationResult operationResult, @NotNull OperationResult operationResult2) {
        Preconditions.checkArgument(operationResult.isClosed());
        Preconditions.checkArgument(!operationResult2.isClosed());
        AuditEventRecord auditEventRecord = new AuditEventRecord(AuditEventType.MODIFY_OBJECT, AuditEventStage.REQUEST);
        auditEventRecord.setRequestIdentifier(lensContext.getRequestIdentifier());
        auditEventRecord.setChannel(lensContext.getChannel());
        auditEventRecord.setOutcome(operationResult.getStatus());
        auditEventRecord.setMessage(operationResult.getMessage());
        this.auditHelper.audit(auditEventRecord, lensContext.getNameResolver(), task, operationResult2);
    }

    static {
        $assertionsDisabled = !ClockworkAuditHelper.class.desiredAssertionStatus();
        LOGGER = TraceManager.getTrace((Class<?>) ClockworkAuditHelper.class);
    }
}
