package com.atlassian.crowd.directory.rfc4519;

import com.atlassian.crowd.directory.NamedLdapEntity;
import com.atlassian.crowd.directory.RFC4519Directory;
import com.atlassian.crowd.directory.ldap.mapper.ContextMapperWithRequiredAttributes;
import com.atlassian.crowd.directory.ldap.name.CrowdLdapName;
import com.atlassian.crowd.directory.ldap.name.CrowdLdapNameFactory;
import com.atlassian.crowd.directory.ldap.name.LdapNameFormatException;
import com.atlassian.crowd.directory.synchronisation.cache.GroupUserCache;
import com.atlassian.crowd.embedded.api.SearchRestriction;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.model.group.ImmutableMembership;
import com.atlassian.crowd.model.group.Membership;
import com.atlassian.crowd.search.EntityDescriptor;
import com.atlassian.crowd.search.builder.QueryBuilder;
import com.atlassian.crowd.search.query.entity.EntityQuery;
import com.atlassian.crowd.search.query.entity.restriction.BooleanRestriction;
import com.atlassian.crowd.search.query.entity.restriction.BooleanRestrictionImpl;
import com.atlassian.crowd.search.query.entity.restriction.MatchMode;
import com.atlassian.crowd.search.query.entity.restriction.PropertyImpl;
import com.atlassian.crowd.search.query.entity.restriction.TermRestriction;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import java.util.stream.StreamSupport;
import javax.annotation.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/crowd/directory/rfc4519/RFC4519DirectoryMembershipsIterable.class */
public class RFC4519DirectoryMembershipsIterable implements Iterable<Membership> {
    private static final Logger logger = LoggerFactory.getLogger(RFC4519DirectoryMembershipsIterable.class);
    private static final int MISSING_NAMES_PARTITION_SIZE = Integer.getInteger("com.atlassian.crowd.directory.RFC4519DirectoryMembershipsIterable.MISSING_NAMES_PARTITION_SIZE", 1000).intValue();
    private final CrowdLdapNameFactory ldapNameFactory = CrowdLdapNameFactory.getInstance();
    private final RFC4519Directory connector;
    private final Map<CrowdLdapName, Optional<String>> users;
    private final Map<CrowdLdapName, Optional<String>> groups;
    private final Map<CrowdLdapName, String> groupsToInclude;
    private final GroupUserCache groupUserCache;
    private final int membershipBatchSize;
    private final ContextMapperWithRequiredAttributes<CrowdLdapName> dnMapper;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/atlassian/crowd/directory/rfc4519/RFC4519DirectoryMembershipsIterable$MembershipHolder.class */
    public static class MembershipHolder {
        private final String name;
        private final Set<CrowdLdapName> children;

        MembershipHolder(String str, Set<CrowdLdapName> set) {
            this.name = str;
            this.children = (Set) Preconditions.checkNotNull(set, "children cannot be null");
        }

        public String getName() {
            return this.name;
        }

        public Set<CrowdLdapName> getChildren() {
            return this.children;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RFC4519DirectoryMembershipsIterable(RFC4519Directory rFC4519Directory, Map<CrowdLdapName, String> map, Map<CrowdLdapName, String> map2, Map<CrowdLdapName, String> map3, @Nullable GroupUserCache groupUserCache, int i, ContextMapperWithRequiredAttributes<CrowdLdapName> contextMapperWithRequiredAttributes) {
        this.connector = rFC4519Directory;
        this.users = (Map) map.entrySet().stream().collect(Collectors.toMap((v0) -> {
            return v0.getKey();
        }, entry -> {
            return Optional.ofNullable((String) entry.getValue());
        }));
        this.groups = (Map) map2.entrySet().stream().collect(Collectors.toMap((v0) -> {
            return v0.getKey();
        }, entry2 -> {
            return Optional.ofNullable((String) entry2.getValue());
        }));
        this.groupsToInclude = map3;
        this.groupUserCache = groupUserCache == null ? GroupUserCache.createEmptyCache() : groupUserCache;
        this.membershipBatchSize = i;
        this.dnMapper = contextMapperWithRequiredAttributes;
    }

    @Override // java.lang.Iterable
    public Iterator<Membership> iterator() {
        return StreamSupport.stream(Iterables.partition(this.groupsToInclude.entrySet(), this.membershipBatchSize).spliterator(), false).map(list -> {
            try {
                return getMemberships(list);
            } catch (OperationFailedException e) {
                throw new Membership.MembershipIterationException(e);
            }
        }).flatMap(iterable -> {
            return StreamSupport.stream(iterable.spliterator(), false);
        }).iterator();
    }

    private Iterable<Membership> getMemberships(Collection<Map.Entry<CrowdLdapName, String>> collection) throws OperationFailedException {
        if (!collection.iterator().hasNext()) {
            return Collections.emptyList();
        }
        List<MembershipHolder> searchChildrenDns = searchChildrenDns(collection);
        lookupMissingNames(searchChildrenDns);
        return resolveMemberships(searchChildrenDns);
    }

    protected void lookupMissingNames(List<MembershipHolder> list) throws OperationFailedException {
        Set<CrowdLdapName> findMissingEntriesInCacheAndCreateRestrictionsForThem = findMissingEntriesInCacheAndCreateRestrictionsForThem(list);
        if (findMissingEntriesInCacheAndCreateRestrictionsForThem.isEmpty()) {
            return;
        }
        updateCache(findMissingEntriesInCacheAndCreateRestrictionsForThem);
    }

    private List<MembershipHolder> searchChildrenDns(Collection<Map.Entry<CrowdLdapName, String>> collection) {
        long currentTimeMillis = System.currentTimeMillis();
        logger.info("Searching for children of {} groups", Integer.valueOf(collection.size()));
        ArrayList arrayList = new ArrayList();
        for (Map.Entry<CrowdLdapName, String> entry : collection) {
            try {
                arrayList.add(new MembershipHolder(entry.getValue(), ImmutableSet.copyOf(this.connector.findDirectMembersOfGroup(entry.getKey(), this.dnMapper, this.groupUserCache))));
            } catch (OperationFailedException e) {
                throw new Membership.MembershipIterationException(e);
            }
        }
        if (logger.isInfoEnabled()) {
            logger.info("Found {} children for {} groups in {}ms", new Object[]{Long.valueOf(countMembershipsChildren(arrayList)), Integer.valueOf(collection.size()), Long.valueOf(System.currentTimeMillis() - currentTimeMillis)});
        }
        return arrayList;
    }

    @VisibleForTesting
    long countMembershipsChildren(List<MembershipHolder> list) {
        return list.stream().map((v0) -> {
            return v0.getChildren();
        }).mapToLong((v0) -> {
            return v0.size();
        }).sum();
    }

    private Set<CrowdLdapName> findMissingEntriesInCacheAndCreateRestrictionsForThem(List<MembershipHolder> list) {
        return (Set) list.stream().map(membershipHolder -> {
            return (List) membershipHolder.getChildren().stream().filter(crowdLdapName -> {
                return (this.users.containsKey(crowdLdapName) || this.groups.containsKey(crowdLdapName)) ? false : true;
            }).collect(Collectors.toList());
        }).flatMap((v0) -> {
            return v0.stream();
        }).collect(Collectors.toSet());
    }

    private void updateCache(Collection<CrowdLdapName> collection) throws OperationFailedException {
        long currentTimeMillis = System.currentTimeMillis();
        logger.info("Fetching details for {} entities for membership resolution", Integer.valueOf(collection.size()));
        Set set = (Set) collection.stream().map(crowdLdapName -> {
            return new TermRestriction(new PropertyImpl("distinguishedName", String.class), MatchMode.EXACTLY_MATCHES, crowdLdapName.toString());
        }).collect(Collectors.toSet());
        Collection<NamedLdapEntity> searchUsers = searchUsers(set, MISSING_NAMES_PARTITION_SIZE);
        List<TermRestriction<String>> filterOutRestrictionsForDns = filterOutRestrictionsForDns(set, getDns(searchUsers));
        Collection<NamedLdapEntity> searchGroups = searchGroups(filterOutRestrictionsForDns, MISSING_NAMES_PARTITION_SIZE);
        for (TermRestriction<String> termRestriction : filterOutRestrictionsForDns(filterOutRestrictionsForDns, getDns(searchGroups))) {
            try {
                this.users.put(this.ldapNameFactory.get((String) termRestriction.getValue()), Optional.empty());
                this.groups.put(this.ldapNameFactory.get((String) termRestriction.getValue()), Optional.empty());
            } catch (LdapNameFormatException e) {
                throw new OperationFailedException(e);
            }
        }
        searchUsers.forEach(namedLdapEntity -> {
            this.users.put(namedLdapEntity.getDn(), Optional.of(namedLdapEntity.getName()));
        });
        searchGroups.forEach(namedLdapEntity2 -> {
            this.groups.put(namedLdapEntity2.getDn(), Optional.of(namedLdapEntity2.getName()));
        });
        if (logger.isDebugEnabled()) {
            logger.debug("Updating cache took {}ms", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        }
    }

    private List<TermRestriction<String>> filterOutRestrictionsForDns(Collection<TermRestriction<String>> collection, Collection<String> collection2) {
        return (List) collection.stream().filter(termRestriction -> {
            return !collection2.contains(termRestriction.getValue());
        }).collect(Collectors.toList());
    }

    private Collection<NamedLdapEntity> searchUsers(Collection<TermRestriction<String>> collection, int i) throws OperationFailedException {
        logger.debug("Searching for {} users in directory", Integer.valueOf(collection.size()));
        long currentTimeMillis = System.currentTimeMillis();
        ArrayList arrayList = new ArrayList();
        Iterator it = Iterables.partition(collection, i).iterator();
        while (it.hasNext()) {
            EntityQuery<?> returningAtMost = QueryBuilder.queryFor(String.class, EntityDescriptor.user()).with(prepareBooleanRestrictionForTermRestrictions((List) it.next())).returningAtMost(-1);
            logger.trace("Searching user objects using query {}", returningAtMost);
            arrayList.addAll(this.connector.searchUserObjects(returningAtMost, new NamedLdapEntity.NamedEntityMapper(this.connector.getLdapPropertiesMapper().getUserNameAttribute())));
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Found {} users in directory in {}ms", Integer.valueOf(arrayList.size()), Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        }
        return arrayList;
    }

    private Collection<NamedLdapEntity> searchGroups(Collection<TermRestriction<String>> collection, int i) throws OperationFailedException {
        logger.debug("Searching for {} groups in directory", Integer.valueOf(collection.size()));
        long currentTimeMillis = System.currentTimeMillis();
        ArrayList arrayList = new ArrayList();
        Iterator it = Iterables.partition(collection, i).iterator();
        while (it.hasNext()) {
            arrayList.addAll(this.connector.searchGroupObjects(QueryBuilder.queryFor(String.class, EntityDescriptor.group()).with(prepareBooleanRestrictionForTermRestrictions((List) it.next())).returningAtMost(-1), new NamedLdapEntity.NamedEntityMapper(this.connector.getLdapPropertiesMapper().getGroupNameAttribute())));
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Found {} groups in directory in {}ms", Integer.valueOf(arrayList.size()), Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        }
        return arrayList;
    }

    private BooleanRestrictionImpl prepareBooleanRestrictionForTermRestrictions(List<TermRestriction<String>> list) {
        return new BooleanRestrictionImpl(BooleanRestriction.BooleanLogic.OR, (SearchRestriction[]) list.toArray(new SearchRestriction[list.size()]));
    }

    private Collection<Membership> resolveMemberships(Collection<MembershipHolder> collection) {
        return (Collection) collection.stream().map(this::mapHolderToMembership).collect(Collectors.toList());
    }

    private ImmutableMembership mapHolderToMembership(MembershipHolder membershipHolder) {
        String name = membershipHolder.getName();
        Stream<CrowdLdapName> stream = membershipHolder.getChildren().stream();
        Map<CrowdLdapName, Optional<String>> map = this.users;
        Objects.requireNonNull(map);
        Iterable iterable = (Iterable) stream.map((v1) -> {
            return r4.get(v1);
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).filter((v0) -> {
            return v0.isPresent();
        }).map((v0) -> {
            return v0.get();
        }).collect(Collectors.toList());
        Stream<CrowdLdapName> stream2 = membershipHolder.getChildren().stream();
        Map<CrowdLdapName, Optional<String>> map2 = this.groups;
        Objects.requireNonNull(map2);
        return new ImmutableMembership(name, iterable, (Iterable) stream2.map((v1) -> {
            return r5.get(v1);
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).filter((v0) -> {
            return v0.isPresent();
        }).map((v0) -> {
            return v0.get();
        }).collect(Collectors.toList()));
    }

    private Collection<String> getDns(Collection<NamedLdapEntity> collection) {
        return (Collection) collection.stream().map((v0) -> {
            return v0.getDn();
        }).map((v0) -> {
            return v0.toString();
        }).collect(Collectors.toList());
    }

    @VisibleForTesting
    ContextMapperWithRequiredAttributes<CrowdLdapName> getDnMapper() {
        return this.dnMapper;
    }
}
