package com.atlassian.servicedesk.internal.user.permission.roles;

import com.atlassian.jira.config.properties.ApplicationProperties;
import com.atlassian.jira.project.Project;
import com.atlassian.jira.security.roles.DefaultRoleActors;
import com.atlassian.jira.security.roles.ProjectRole;
import com.atlassian.jira.security.roles.ProjectRoleActor;
import com.atlassian.jira.security.roles.ProjectRoleActors;
import com.atlassian.jira.security.roles.ProjectRoleImpl;
import com.atlassian.jira.security.roles.ProjectRoleManager;
import com.atlassian.jira.security.roles.RoleActorDoesNotExistException;
import com.atlassian.jira.security.roles.RoleActorFactory;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.util.I18nHelper;
import com.atlassian.pocketknife.api.commons.error.AnError;
import com.atlassian.pocketknife.api.commons.jira.ErrorResultHelper;
import com.atlassian.servicedesk.JSDSuccess;
import com.atlassian.servicedesk.api.user.CheckedUser;
import com.google.common.collect.Lists;
import io.atlassian.fugue.Either;
import io.atlassian.fugue.Option;
import io.atlassian.fugue.Pair;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/atlassian/servicedesk/internal/user/permission/roles/ServiceDeskJiraRoleManagerImpl.class */
public class ServiceDeskJiraRoleManagerImpl implements ServiceDeskJiraRoleManager {
    private static final Logger log = LoggerFactory.getLogger(ServiceDeskJiraRoleManager.class);
    private final I18nHelper.BeanFactory i18nFactory;
    private final ErrorResultHelper errorResultHelper;
    private final ApplicationProperties applicationProperties;
    private final ProjectRoleManager projectRoleManager;
    private final RoleActorFactory roleActorFactory;

    @Autowired
    public ServiceDeskJiraRoleManagerImpl(ApplicationProperties applicationProperties, I18nHelper.BeanFactory beanFactory, ErrorResultHelper errorResultHelper, ProjectRoleManager projectRoleManager, RoleActorFactory roleActorFactory) {
        this.applicationProperties = applicationProperties;
        this.i18nFactory = beanFactory;
        this.errorResultHelper = errorResultHelper;
        this.projectRoleManager = projectRoleManager;
        this.roleActorFactory = roleActorFactory;
    }

    @Override // com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskJiraRoleManager
    public Either<AnError, CheckedUser> addUserToRole(CheckedUser checkedUser, Project project, ServiceDeskProjectRole serviceDeskProjectRole) {
        String str;
        ProjectRole orCreateRole = getOrCreateRole(serviceDeskProjectRole);
        switch (serviceDeskProjectRole) {
            case CUSTOMER:
                str = "sd.role.customer.add.fails";
                break;
            case TEAM:
                str = "sd.role.agent.add.fails";
                break;
            case ADMIN:
                str = "sd.role.admin.add.fails";
                break;
            default:
                throw new IllegalArgumentException("Unknown ServiceDeskProjectRole to add : " + serviceDeskProjectRole);
        }
        return doAddUserToRole(checkedUser, project, orCreateRole, str);
    }

    @Override // com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskJiraRoleManager
    public Either<AnError, CheckedUser> addUserToRoleThroughInvite(CheckedUser checkedUser, Project project, ServiceDeskProjectRole serviceDeskProjectRole) {
        ProjectRole orCreateRole = getOrCreateRole(serviceDeskProjectRole);
        switch (serviceDeskProjectRole) {
            case CUSTOMER:
                return doAddUserToRole(checkedUser, project, orCreateRole, "sd.agent.people.customers.invite.error.add.user.to.customer.role");
            default:
                throw new IllegalArgumentException("Unknown ServiceDeskProjectRole to add through invite : " + serviceDeskProjectRole);
        }
    }

    @Override // com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskJiraRoleManager
    public Either<AnError, JSDSuccess> removeUserFromRole(CheckedUser checkedUser, Project project, ServiceDeskProjectRole serviceDeskProjectRole) {
        String str;
        ArrayList newArrayList = Lists.newArrayList(new ServiceDeskProjectRole[]{serviceDeskProjectRole});
        switch (serviceDeskProjectRole) {
            case CUSTOMER:
                str = "sd.role.customer.remove.fails";
                break;
            case TEAM:
                newArrayList.add(ServiceDeskProjectRole.ADMIN);
                str = "sd.role.agent.remove.fails";
                break;
            case ADMIN:
                str = "sd.role.admin.remove.fails";
                break;
            default:
                throw new IllegalArgumentException("Unknown ServiceDeskProjectRole to remove : " + serviceDeskProjectRole);
        }
        ArrayList newArrayList2 = Lists.newArrayList();
        Iterator it = newArrayList.iterator();
        while (it.hasNext()) {
            ProjectRole orCreateRole = getOrCreateRole((ServiceDeskProjectRole) it.next());
            newArrayList2.add(Pair.pair(orCreateRole, Option.option(this.projectRoleManager.getProjectRoleActors(orCreateRole, project))));
        }
        if (newArrayList2.stream().map((v0) -> {
            return v0.right();
        }).anyMatch((v0) -> {
            return v0.isEmpty();
        })) {
            return Either.left(this.errorResultHelper.badRequest400(str, new Object[0]).build());
        }
        newArrayList2.forEach(pair -> {
            simpleRemoveFromRoleHelper((ProjectRoleActors) ((Option) pair.right()).get(), checkedUser, (ProjectRole) pair.left(), project);
        });
        return Either.right(JSDSuccess.success());
    }

    @Override // com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskJiraRoleManager
    public boolean isUserInRole(CheckedUser checkedUser, Project project, ServiceDeskProjectRole serviceDeskProjectRole) {
        return getRole(serviceDeskProjectRole).exists(projectRole -> {
            return this.projectRoleManager.isUserInProjectRole(checkedUser.forJIRA(), projectRole, project);
        });
    }

    @Override // com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskJiraRoleManager
    public Set<ApplicationUser> getAllUsersInRole(Project project, ServiceDeskProjectRole serviceDeskProjectRole) {
        return (Set) getRole(serviceDeskProjectRole).fold(Collections::emptySet, projectRole -> {
            return this.projectRoleManager.getProjectRoleActors(projectRole, project).getApplicationUsers();
        });
    }

    @Override // com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskJiraRoleManager
    public ProjectRole getOrCreateRole(ServiceDeskProjectRole serviceDeskProjectRole) {
        return createRole(createRoleTemplate(serviceDeskProjectRole));
    }

    @Override // com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskJiraRoleManager
    public Option<ProjectRole> getRole(ServiceDeskProjectRole serviceDeskProjectRole) {
        try {
            return Option.option(this.projectRoleManager.getProjectRole(serviceDeskProjectRole.getRolename()));
        } catch (IllegalArgumentException e) {
            return Option.none();
        }
    }

    private ProjectRole createRoleTemplate(ServiceDeskProjectRole serviceDeskProjectRole) {
        String str;
        switch (serviceDeskProjectRole) {
            case CUSTOMER:
                str = "sd.role.create.description.customer";
                break;
            case TEAM:
                str = "sd.role.create.description.team";
                break;
            case ADMIN:
                str = "sd.role.create.description.administrator";
                break;
            default:
                throw new IllegalArgumentException("Unknown ServiceDeskProjectRole to create project role template : " + serviceDeskProjectRole);
        }
        return new ProjectRoleImpl(serviceDeskProjectRole.getRolename(), this.i18nFactory.getInstance(this.applicationProperties.getDefaultLocale()).getText(str));
    }

    private ProjectRole createRole(ProjectRole projectRole) {
        return (ProjectRole) Option.option(this.projectRoleManager.getProjectRole(projectRole.getName())).getOrElse(() -> {
            log.info("Creating project role {}", projectRole.getName());
            return this.projectRoleManager.createRole(projectRole);
        });
    }

    private ProjectRoleActor createRoleActor(CheckedUser checkedUser, ProjectRole projectRole, Project project) {
        try {
            return this.roleActorFactory.createRoleActor((Long) null, projectRole.getId(), project.getId(), "atlassian-user-role-actor", checkedUser.getKey());
        } catch (RoleActorDoesNotExistException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    private Either<AnError, CheckedUser> doAddUserToRole(CheckedUser checkedUser, Project project, ProjectRole projectRole, String str) {
        return Option.option(this.projectRoleManager.getProjectRoleActors(projectRole, project)).toRight(() -> {
            return this.errorResultHelper.badRequest400(str, new Object[0]).build();
        }).map(projectRoleActors -> {
            simpleAddToRoleHelper(projectRoleActors, checkedUser, projectRole, project);
            return checkedUser;
        });
    }

    private void simpleAddToRoleHelper(ProjectRoleActors projectRoleActors, CheckedUser checkedUser, ProjectRole projectRole, Project project) {
        updateRoleActors(projectRoleActors.addRoleActor(createRoleActor(checkedUser, projectRole, project)));
    }

    private void simpleRemoveFromRoleHelper(ProjectRoleActors projectRoleActors, CheckedUser checkedUser, ProjectRole projectRole, Project project) {
        updateRoleActors(projectRoleActors.removeRoleActor(createRoleActor(checkedUser, projectRole, project)));
    }

    private void updateRoleActors(DefaultRoleActors defaultRoleActors) {
        if (defaultRoleActors instanceof ProjectRoleActors) {
            this.projectRoleManager.updateProjectRoleActors((ProjectRoleActors) defaultRoleActors);
        } else {
            this.projectRoleManager.updateDefaultRoleActors(defaultRoleActors);
        }
    }
}
