package edu.internet2.middleware.grouper.pspng;

import edu.internet2.middleware.subject.Subject;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import java.util.regex.Pattern;
import org.apache.commons.lang.StringUtils;
import org.ldaptive.AttributeModification;
import org.ldaptive.AttributeModificationType;
import org.ldaptive.LdapAttribute;
import org.ldaptive.ModifyRequest;
import org.ldaptive.SearchFilter;
import org.ldaptive.SearchRequest;
import org.ldaptive.SearchScope;
import org.slf4j.Logger;

/* loaded from: input_file:edu/internet2/middleware/grouper/pspng/LdapAttributeProvisioner.class */
public class LdapAttributeProvisioner extends LdapProvisioner<LdapAttributeProvisionerConfiguration> {
    public LdapAttributeProvisioner(String str, LdapAttributeProvisionerConfiguration ldapAttributeProvisionerConfiguration, boolean z) {
        super(str, ldapAttributeProvisionerConfiguration, z);
    }

    public static Class<? extends ProvisionerConfiguration> getPropertyClass() {
        return LdapAttributeProvisionerConfiguration.class;
    }

    protected void scheduleUserModification(LdapUser ldapUser, AttributeModificationType attributeModificationType, Collection<String> collection) {
        String provisionedAttributeName = ((LdapAttributeProvisionerConfiguration) this.config).getProvisionedAttributeName();
        for (String str : collection) {
            Logger logger = this.LOG;
            Object[] objArr = new Object[5];
            objArr[0] = attributeModificationType;
            objArr[1] = str;
            objArr[2] = attributeModificationType == AttributeModificationType.ADD ? "to" : "from";
            objArr[3] = provisionedAttributeName;
            objArr[4] = ldapUser;
            logger.info("Will change LDAP: {} {} {} {} of {}", objArr);
        }
        scheduleLdapModification(new ModifyRequest(ldapUser.getLdapObject().getDn(), new AttributeModification[]{new AttributeModification(attributeModificationType, new LdapAttribute(provisionedAttributeName, (String[]) collection.toArray(new String[0])))}));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // edu.internet2.middleware.grouper.pspng.Provisioner
    public void addMembership(GrouperGroupInfo grouperGroupInfo, LdapGroup ldapGroup, Subject subject, LdapUser ldapUser) throws PspException {
        if (ldapUser == null) {
            this.LOG.warn("{}: Skipping addMembership: LdapUser does not exist for subject {}", getDisplayName(), subject.getId());
        } else {
            scheduleUserModification(ldapUser, AttributeModificationType.ADD, Arrays.asList(evaluateJexlExpression(((LdapAttributeProvisionerConfiguration) this.config).getProvisionedAttributeValueFormat(), subject, ldapUser, grouperGroupInfo, null, new Object[0])));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // edu.internet2.middleware.grouper.pspng.Provisioner
    public void deleteMembership(GrouperGroupInfo grouperGroupInfo, LdapGroup ldapGroup, Subject subject, LdapUser ldapUser) throws PspException {
        if (ldapUser == null) {
            this.LOG.warn("{}: Skipping deleteMembership: LdapUser does not exist for subject {}", getDisplayName(), subject.getId());
        } else {
            scheduleUserModification(ldapUser, AttributeModificationType.REMOVE, Arrays.asList(evaluateJexlExpression(((LdapAttributeProvisionerConfiguration) this.config).getProvisionedAttributeValueFormat(), subject, ldapUser, grouperGroupInfo, null, new Object[0])));
        }
    }

    /* renamed from: doFullSync, reason: avoid collision after fix types in other method */
    protected void doFullSync2(GrouperGroupInfo grouperGroupInfo, LdapGroup ldapGroup, Set<Subject> set, Map<Subject, LdapUser> map, Set<LdapUser> set2, JobStatistics jobStatistics) throws PspException {
        jobStatistics.totalCount.set(set2.size());
        String provisionedAttributeName = ((LdapAttributeProvisionerConfiguration) this.config).getProvisionedAttributeName();
        String attributeValueForGroup = getAttributeValueForGroup(grouperGroupInfo);
        List<LdapObject> performLdapSearchRequest = getLdapSystem().performLdapSearchRequest(((LdapAttributeProvisionerConfiguration) this.config).getUserSearchBaseDn(), SearchScope.SUBTREE, Arrays.asList(((LdapAttributeProvisionerConfiguration) this.config).getUserSearchAttributes()), provisionedAttributeName + "={0}", attributeValueForGroup);
        ArrayList arrayList = new ArrayList(performLdapSearchRequest.size());
        Iterator<LdapObject> it = performLdapSearchRequest.iterator();
        while (it.hasNext()) {
            arrayList.add(new LdapUser(it.next()));
        }
        this.LOG.info("{}: Full-sync comparison for {}: Target-subject count: Correct/Actual: {}/{}", new Object[]{getDisplayName(), grouperGroupInfo, Integer.valueOf(set2.size()), Integer.valueOf(arrayList.size())});
        this.LOG.debug("{}: Full-sync comparison: Correct: {}", getDisplayName(), set2);
        this.LOG.debug("{}: Full-sync comparison: Actual: {}", getDisplayName(), arrayList);
        HashSet hashSet = new HashSet(arrayList);
        hashSet.removeAll(set2);
        jobStatistics.deleteCount.set(hashSet.size());
        Iterator it2 = hashSet.iterator();
        while (it2.hasNext()) {
            scheduleUserModification((LdapUser) it2.next(), AttributeModificationType.REMOVE, Arrays.asList(attributeValueForGroup));
        }
        HashSet hashSet2 = new HashSet(set2);
        hashSet2.removeAll(arrayList);
        jobStatistics.insertCount.set(hashSet2.size());
        Iterator it3 = hashSet2.iterator();
        while (it3.hasNext()) {
            scheduleUserModification((LdapUser) it3.next(), AttributeModificationType.ADD, Arrays.asList(attributeValueForGroup));
        }
        this.LOG.info("{}: Brief full-sync summary: Correct={}, Current={}, Extra={}, Missing={}", new Object[]{getDisplayName(), Integer.valueOf(set.size()), Integer.valueOf(performLdapSearchRequest.size()), Integer.valueOf(hashSet.size()), Integer.valueOf(hashSet2.size())});
    }

    protected String getAttributeValueForGroup(GrouperGroupInfo grouperGroupInfo) throws PspException {
        return evaluateJexlExpression(((LdapAttributeProvisionerConfiguration) this.config).getProvisionedAttributeValueFormat(), null, null, grouperGroupInfo, null, new Object[0]);
    }

    @Override // edu.internet2.middleware.grouper.pspng.Provisioner
    protected void doFullSync_cleanupExtraGroups(Set<GrouperGroupInfo> set, Map<GrouperGroupInfo, LdapGroup> map, JobStatistics jobStatistics) throws PspException {
        String allProvisionedValuesPrefix = ((LdapAttributeProvisionerConfiguration) this.config).getAllProvisionedValuesPrefix();
        if (StringUtils.isEmpty(allProvisionedValuesPrefix)) {
            this.LOG.error("{}: Unable to cleanup extra groups without allProvisionedValuesPrefix being defined", getDisplayName());
            return;
        }
        String provisionedAttributeName = ((LdapAttributeProvisionerConfiguration) this.config).getProvisionedAttributeName();
        this.LOG.debug("{}: Looking for all grouper-sourced values of {}.", getDisplayName(), provisionedAttributeName);
        List<LdapObject> performLdapSearchRequest = getLdapSystem().performLdapSearchRequest(((LdapAttributeProvisionerConfiguration) this.config).getUserSearchBaseDn(), SearchScope.SUBTREE, Arrays.asList(provisionedAttributeName), provisionedAttributeName + "=" + allProvisionedValuesPrefix + "*", new Object[0]);
        Pattern compile = Pattern.compile(allProvisionedValuesPrefix + ".*");
        TreeSet treeSet = new TreeSet(String.CASE_INSENSITIVE_ORDER);
        Iterator<LdapObject> it = performLdapSearchRequest.iterator();
        while (it.hasNext()) {
            for (String str : it.next().getStringValues(provisionedAttributeName)) {
                if (compile.matcher(str).matches()) {
                    treeSet.add(str);
                }
            }
        }
        TreeSet treeSet2 = new TreeSet(String.CASE_INSENSITIVE_ORDER);
        Iterator<GrouperGroupInfo> it2 = set.iterator();
        while (it2.hasNext()) {
            treeSet2.add(getAttributeValueForGroup(it2.next()));
        }
        TreeSet<String> treeSet3 = new TreeSet(String.CASE_INSENSITIVE_ORDER);
        treeSet3.addAll(treeSet);
        treeSet3.removeAll(treeSet2);
        this.LOG.info("{}: There are {} values that should be purged from the target system", getDisplayName(), Integer.valueOf(treeSet3.size()));
        for (String str2 : treeSet3) {
            this.LOG.info("{}: Purging attribute value {}", getDisplayName(), str2);
            purgeAttributeValue(provisionedAttributeName, str2, jobStatistics);
        }
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // edu.internet2.middleware.grouper.pspng.Provisioner
    protected LdapGroup createGroup(GrouperGroupInfo grouperGroupInfo, Collection<Subject> collection) throws PspException {
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // edu.internet2.middleware.grouper.pspng.Provisioner
    public void deleteGroup(GrouperGroupInfo grouperGroupInfo, LdapGroup ldapGroup) throws PspException {
        purgeAttributeValue(((LdapAttributeProvisionerConfiguration) this.config).getProvisionedAttributeName(), getAttributeValueForGroup(grouperGroupInfo), new JobStatistics());
    }

    protected void purgeAttributeValue(String str, String str2, JobStatistics jobStatistics) throws PspException {
        SearchFilter searchFilter = new SearchFilter(str + "={0}");
        searchFilter.setParameter(0, str2);
        List<LdapObject> performLdapSearchRequest = getLdapSystem().performLdapSearchRequest(new SearchRequest(((LdapAttributeProvisionerConfiguration) this.config).getUserSearchBaseDn(), searchFilter));
        this.LOG.info("{}: There are {} ldap objects with attribute value={}", new Object[]{getDisplayName(), Integer.valueOf(performLdapSearchRequest.size()), str2});
        jobStatistics.deleteCount.addAndGet(performLdapSearchRequest.size());
        Iterator<LdapObject> it = performLdapSearchRequest.iterator();
        while (it.hasNext()) {
            scheduleUserModification(new LdapUser(it.next()), AttributeModificationType.REMOVE, Arrays.asList(str2));
        }
    }

    @Override // edu.internet2.middleware.grouper.pspng.Provisioner
    protected Map<GrouperGroupInfo, LdapGroup> fetchTargetSystemGroups(Collection<GrouperGroupInfo> collection) throws PspException {
        return Collections.EMPTY_MAP;
    }

    @Override // edu.internet2.middleware.grouper.pspng.Provisioner
    protected /* bridge */ /* synthetic */ void doFullSync(GrouperGroupInfo grouperGroupInfo, LdapGroup ldapGroup, Set set, Map<Subject, LdapUser> map, Set<LdapUser> set2, JobStatistics jobStatistics) throws PspException {
        doFullSync2(grouperGroupInfo, ldapGroup, (Set<Subject>) set, map, set2, jobStatistics);
    }

    @Override // edu.internet2.middleware.grouper.pspng.Provisioner
    protected /* bridge */ /* synthetic */ LdapGroup createGroup(GrouperGroupInfo grouperGroupInfo, Collection collection) throws PspException {
        return createGroup(grouperGroupInfo, (Collection<Subject>) collection);
    }
}
