package com.evolveum.midpoint.model.impl.lens.projector.policy.scriptExecutor;

import com.evolveum.midpoint.model.api.ModelService;
import com.evolveum.midpoint.model.api.util.ReferenceResolver;
import com.evolveum.midpoint.model.common.LinkManager;
import com.evolveum.midpoint.model.impl.ModelObjectResolver;
import com.evolveum.midpoint.model.impl.lens.EvaluatedPolicyRuleImpl;
import com.evolveum.midpoint.model.impl.lens.LensContext;
import com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl;
import com.evolveum.midpoint.model.impl.scripting.BulkActionsExecutor;
import com.evolveum.midpoint.model.impl.security.RunAsRunner;
import com.evolveum.midpoint.model.impl.security.RunAsRunnerFactory;
import com.evolveum.midpoint.prism.PrismContext;
import com.evolveum.midpoint.repo.api.RepositoryService;
import com.evolveum.midpoint.repo.common.expression.ExpressionFactory;
import com.evolveum.midpoint.schema.RelationRegistry;
import com.evolveum.midpoint.schema.config.PolicyActionConfigItem;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.result.OperationResultStatus;
import com.evolveum.midpoint.security.api.SecurityContextManager;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.exception.CommonException;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.logging.LoggingUtils;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExecutionPolicyActionType;
import java.lang.invoke.SerializedLambda;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:BOOT-INF/lib/model-impl-4.9.4-SNAPSHOT.jar:com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/PolicyRuleScriptExecutor.class */
public class PolicyRuleScriptExecutor {
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) PolicyRuleScriptExecutor.class);
    private static final String OP_EXECUTE_SCRIPTS_FROM_RULES = PolicyRuleScriptExecutor.class + ".executeScriptsFromRules";

    @Autowired
    PrismContext prismContext;

    @Autowired
    RelationRegistry relationRegistry;

    @Autowired
    @Qualifier("cacheRepositoryService")
    RepositoryService repositoryService;

    @Autowired
    ModelService modelService;

    @Autowired
    SecurityContextManager securityContextManager;

    @Autowired
    ModelObjectResolver modelObjectResolver;

    @Autowired
    ReferenceResolver referenceResolver;

    @Autowired
    ExpressionFactory expressionFactory;

    @Autowired
    BulkActionsExecutor bulkActionsExecutor;

    @Autowired
    RunAsRunnerFactory runAsRunnerFactory;

    @Autowired
    LinkManager linkManager;

    public void execute(@NotNull LensContext<?> lensContext, Task task, OperationResult operationResult) throws SchemaException {
        if (!lensContext.hasFocusContext()) {
            LOGGER.trace("No focus context, no 'scriptExecution' policy actions");
            return;
        }
        List<EvaluatedPolicyRuleImpl> collectRelevantPolicyRules = collectRelevantPolicyRules(lensContext);
        if (collectRelevantPolicyRules.isEmpty()) {
            LOGGER.trace("No relevant policy rules found");
        } else {
            executeScriptsFromCollectedRules(collectRelevantPolicyRules, lensContext, task, operationResult);
        }
    }

    private List<EvaluatedPolicyRuleImpl> collectRelevantPolicyRules(LensContext<?> lensContext) {
        ArrayList arrayList = new ArrayList();
        collectFromFocus(arrayList, lensContext);
        collectFromAssignments(arrayList, lensContext);
        return arrayList;
    }

    private void collectFromFocus(List<EvaluatedPolicyRuleImpl> list, LensContext<?> lensContext) {
        Iterator<EvaluatedPolicyRuleImpl> it = lensContext.getFocusContext().getObjectPolicyRules().iterator();
        while (it.hasNext()) {
            collectRule(list, it.next());
        }
    }

    private <O extends ObjectType> void collectFromAssignments(List<EvaluatedPolicyRuleImpl> list, LensContext<O> lensContext) {
        Iterator<EvaluatedAssignmentImpl<?>> it = lensContext.getAllEvaluatedAssignments().iterator();
        while (it.hasNext()) {
            Iterator<EvaluatedPolicyRuleImpl> it2 = it.next().getAllTargetsPolicyRules().iterator();
            while (it2.hasNext()) {
                collectRule(list, it2.next());
            }
        }
    }

    private void collectRule(List<EvaluatedPolicyRuleImpl> list, EvaluatedPolicyRuleImpl evaluatedPolicyRuleImpl) {
        if (evaluatedPolicyRuleImpl.isTriggered() && evaluatedPolicyRuleImpl.containsEnabledAction(ScriptExecutionPolicyActionType.class)) {
            list.add(evaluatedPolicyRuleImpl);
        }
    }

    private <O extends ObjectType> void executeScriptsFromCollectedRules(List<EvaluatedPolicyRuleImpl> list, LensContext<O> lensContext, Task task, OperationResult operationResult) {
        OperationResult createSubresult = operationResult.createSubresult(OP_EXECUTE_SCRIPTS_FROM_RULES);
        try {
            try {
                RunAsRunner runner = this.runAsRunnerFactory.runner();
                try {
                    for (EvaluatedPolicyRuleImpl evaluatedPolicyRuleImpl : list) {
                        List enabledActions = evaluatedPolicyRuleImpl.getEnabledActions(ScriptExecutionPolicyActionType.class);
                        LOGGER.trace("Rule {} has {} enabled script execution actions", evaluatedPolicyRuleImpl, Integer.valueOf(enabledActions.size()));
                        Iterator it = enabledActions.iterator();
                        while (it.hasNext()) {
                            ActionContext actionContext = new ActionContext((PolicyActionConfigItem) it.next(), evaluatedPolicyRuleImpl, lensContext, task, this);
                            try {
                                runner.runAs(() -> {
                                    executeScriptingAction(actionContext, createSubresult);
                                }, actionContext.action.getRunAsRef(), createSubresult);
                            } catch (CommonException e) {
                                LoggingUtils.logUnexpectedException(LOGGER, "Couldn't execute scripting action - continuing with others (if present)", e, new Object[0]);
                            }
                        }
                    }
                    if (runner != null) {
                        runner.close();
                    }
                } catch (Throwable th) {
                    if (runner != null) {
                        try {
                            runner.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
                createSubresult.close();
                if (createSubresult.getStatus() == OperationResultStatus.FATAL_ERROR) {
                    createSubresult.setStatus(OperationResultStatus.PARTIAL_ERROR);
                }
            }
        } catch (Throwable th3) {
            createSubresult.recordException(th3);
            throw th3;
        }
    }

    private void executeScriptingAction(ActionContext actionContext, OperationResult operationResult) {
        LOGGER.debug("Executing policy action scripts ({}) in action: {}\non rule:{}", Integer.valueOf(actionContext.action.getExecuteScript().size()), actionContext.action, actionContext.rule.debugDumpLazily());
        if (actionContext.action.getAsynchronousExecution() != null) {
            new AsynchronousScriptExecutor(actionContext).submitScripts(operationResult);
        } else {
            new SynchronousScriptExecutor(actionContext).executeScripts(operationResult);
        }
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -1922166:
                if (implMethodName.equals("lambda$executeScriptsFromCollectedRules$86df6865$1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/evolveum/midpoint/util/CheckedCommonRunnable") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()V") && serializedLambda.getImplClass().equals("com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/PolicyRuleScriptExecutor") && serializedLambda.getImplMethodSignature().equals("(Lcom/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/ActionContext;Lcom/evolveum/midpoint/schema/result/OperationResult;)V")) {
                    PolicyRuleScriptExecutor policyRuleScriptExecutor = (PolicyRuleScriptExecutor) serializedLambda.getCapturedArg(0);
                    ActionContext actionContext = (ActionContext) serializedLambda.getCapturedArg(1);
                    OperationResult operationResult = (OperationResult) serializedLambda.getCapturedArg(2);
                    return () -> {
                        executeScriptingAction(actionContext, operationResult);
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
