package com.atlassian.servicedesk.bootstrap.upgrade.tasks;

import com.atlassian.jira.permission.PermissionSchemeManager;
import com.atlassian.jira.permission.ProjectPermissions;
import com.atlassian.jira.project.Project;
import com.atlassian.jira.scheme.Scheme;
import com.atlassian.jira.scheme.SchemeEntity;
import com.atlassian.jira.security.plugin.ProjectPermissionKey;
import com.atlassian.jira.security.roles.ProjectRole;
import com.atlassian.servicedesk.bootstrap.upgrade.helper.MigrateAgentPermissionHelper;
import com.atlassian.servicedesk.internal.api.bootstrap.upgrade.SyncUpgradeTask;
import com.atlassian.servicedesk.internal.feature.servicedesk.ServiceDeskInternalManager;
import com.atlassian.servicedesk.internal.permission.ServiceDeskProjectPermissionKeys;
import com.atlassian.servicedesk.internal.permission.misconfiguration.PermissionSchemeUtil;
import com.atlassian.servicedesk.internal.permission.security.type.CustomerPortalOnlySecurityType;
import com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskJiraRoleManager;
import com.atlassian.servicedesk.internal.user.permission.roles.ServiceDeskProjectRole;
import com.atlassian.servicedesk.squalor.JIRAScreenAndSchemeCreator;
import com.google.common.collect.Lists;
import io.atlassian.fugue.Option;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.ofbiz.core.entity.GenericEntityException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/servicedesk/bootstrap/upgrade/tasks/SyncUpgradeTaskMigrateAgentPermission.class */
public class SyncUpgradeTaskMigrateAgentPermission implements SyncUpgradeTask {
    private static final Logger log = LoggerFactory.getLogger(SyncUpgradeTaskMigrateAgentPermission.class);
    private ServiceDeskInternalManager serviceDeskManager;
    private PermissionSchemeManager permissionSchemeManager;
    private MigrateAgentPermissionHelper migrateAgentPermissionHelper;
    private JIRAScreenAndSchemeCreator jiraScreenAndSchemeCreator;
    private PermissionSchemeUtil permissionSchemeUtil;
    private ServiceDeskJiraRoleManager serviceDeskJIRARoleManager;

    public SyncUpgradeTaskMigrateAgentPermission(ServiceDeskInternalManager serviceDeskInternalManager, PermissionSchemeManager permissionSchemeManager, MigrateAgentPermissionHelper migrateAgentPermissionHelper, JIRAScreenAndSchemeCreator jIRAScreenAndSchemeCreator, PermissionSchemeUtil permissionSchemeUtil, ServiceDeskJiraRoleManager serviceDeskJiraRoleManager) {
        this.serviceDeskManager = serviceDeskInternalManager;
        this.permissionSchemeManager = permissionSchemeManager;
        this.migrateAgentPermissionHelper = migrateAgentPermissionHelper;
        this.jiraScreenAndSchemeCreator = jIRAScreenAndSchemeCreator;
        this.permissionSchemeUtil = permissionSchemeUtil;
        this.serviceDeskJIRARoleManager = serviceDeskJiraRoleManager;
    }

    @Override // com.atlassian.servicedesk.internal.api.bootstrap.upgrade.JSDUpgradeTask
    public String getVersionIntroduced() {
        return "3.0-OD-xx";
    }

    @Override // com.atlassian.servicedesk.internal.api.bootstrap.upgrade.SyncUpgradeTask
    public void doUpgrade() {
        performUpgradeAgentPermission();
    }

    @Override // com.atlassian.servicedesk.internal.api.bootstrap.upgrade.SyncUpgradeTask
    public String getVersionMigratedFromAsync() {
        return "3.1-OD-12";
    }

    @Override // com.atlassian.servicedesk.internal.api.bootstrap.upgrade.SyncUpgradeTask
    public String getAsyncTaskName() {
        return "AsyncUpgradeTaskMigrateAgentPermission";
    }

    void performUpgradeAgentPermission() {
        String renaissanceMigrationType = this.migrateAgentPermissionHelper.getRenaissanceMigrationType();
        if (renaissanceMigrationType == null) {
            log.info("No Renaissance migration type found because the data is created in Renaissance mode already");
            return;
        }
        if (MigrateAgentPermissionHelper.SD_RENAISSANCE_MIGRATION_TYPE_NONE.equals(renaissanceMigrationType)) {
            log.info("No Service Desk license found during JIRA Renaissance migration");
            return;
        }
        if (!MigrateAgentPermissionHelper.SD_RENAISSANCE_MIGRATION_TYPE_TBP.equals(renaissanceMigrationType) && !MigrateAgentPermissionHelper.SD_RENAISSANCE_MIGRATION_TYPE_ABP.equals(renaissanceMigrationType)) {
            String format = String.format("Unknown Renaissance migration type: %s. This indicates an error happened during JIRA Renaissance migration", renaissanceMigrationType);
            log.error(format);
            Thread.dumpStack();
            throw new RuntimeException(format);
        }
        List<Scheme> permissionSchemesUsedByServiceDesk = getPermissionSchemesUsedByServiceDesk();
        int i = 0;
        Iterator<Scheme> it = permissionSchemesUsedByServiceDesk.iterator();
        while (it.hasNext()) {
            if (migrateAgentPermissionForPermissionScheme(it.next(), renaissanceMigrationType)) {
                i++;
            }
        }
        if (i != permissionSchemesUsedByServiceDesk.size()) {
            throw new RuntimeException("There were schemes that have not migrated successfully yet. This upgrade task will rerun on next scheduled time");
        }
        log.info(String.format("All %d permission schemes use by service desk have been migrated successfully", Integer.valueOf(i)));
    }

    private boolean migrateAgentPermissionForPermissionScheme(Scheme scheme, String str) {
        try {
            for (SchemeEntity schemeEntity : filterInvalidEntries(scheme, getPermissionEntitiesNeedToBeMigrated(scheme, str))) {
                this.jiraScreenAndSchemeCreator.addEntityToPermissionScheme(scheme, schemeEntity.getType(), schemeEntity.getParameter(), ServiceDeskProjectPermissionKeys.SERVICEDESK_AGENT);
            }
            return true;
        } catch (GenericEntityException e) {
            log.error(String.format("There was an error when adding entity to Agent permission during upgrade task for permission scheme %s", scheme.getName()), e);
            return false;
        }
    }

    List<Scheme> getPermissionSchemesUsedByServiceDesk() {
        List<Scheme> schemeObjects = this.permissionSchemeManager.getSchemeObjects();
        ArrayList newArrayList = Lists.newArrayList();
        for (Scheme scheme : schemeObjects) {
            if (isPermissionSchemeUsedByServiceDeskProject(scheme)) {
                newArrayList.add(scheme);
            }
        }
        return newArrayList;
    }

    private boolean isPermissionSchemeUsedByServiceDeskProject(Scheme scheme) {
        Iterator it = this.permissionSchemeManager.getProjects(scheme).iterator();
        while (it.hasNext()) {
            if (this.serviceDeskManager.isServiceDeskEnabled((Project) it.next())) {
                return true;
            }
        }
        return false;
    }

    List<SchemeEntity> getPermissionEntitiesNeedToBeMigrated(Scheme scheme, String str) {
        return MigrateAgentPermissionHelper.SD_RENAISSANCE_MIGRATION_TYPE_ABP.equals(str) ? getPermissionEntities(scheme, ProjectPermissions.EDIT_ISSUES) : getPermissionEntities(scheme, ProjectPermissions.BROWSE_PROJECTS);
    }

    List<SchemeEntity> getPermissionEntities(Scheme scheme, ProjectPermissionKey projectPermissionKey) {
        ArrayList newArrayList = Lists.newArrayList();
        for (SchemeEntity schemeEntity : scheme.getEntities()) {
            if (projectPermissionKey.equals(this.permissionSchemeUtil.getPermissionKeyFromEntity(schemeEntity))) {
                newArrayList.add(schemeEntity);
            }
        }
        return newArrayList;
    }

    List<SchemeEntity> filterInvalidEntries(Scheme scheme, List<SchemeEntity> list) {
        ArrayList newArrayList = Lists.newArrayList();
        for (SchemeEntity schemeEntity : list) {
            if (isSchemeEntityValid(schemeEntity) && isNotPortalAccessSecurityType(schemeEntity) && isNotInAgentPermission(scheme, schemeEntity)) {
                newArrayList.add(schemeEntity);
            }
        }
        return newArrayList;
    }

    boolean isSchemeEntityValid(SchemeEntity schemeEntity) {
        boolean z = true;
        Option<ProjectRole> role = this.serviceDeskJIRARoleManager.getRole(ServiceDeskProjectRole.CUSTOMER);
        if (role.isDefined() && ((ProjectRole) role.get()).getId().toString().equals(schemeEntity.getParameter())) {
            z = false;
        }
        Option<ProjectRole> role2 = this.serviceDeskJIRARoleManager.getRole(ServiceDeskProjectRole.COLLABORATOR);
        if (role2.isDefined() && ((ProjectRole) role2.get()).getId().toString().equals(schemeEntity.getParameter())) {
            z = false;
        }
        return z;
    }

    boolean isNotPortalAccessSecurityType(SchemeEntity schemeEntity) {
        return !CustomerPortalOnlySecurityType.TYPE.equals(schemeEntity.getType());
    }

    boolean isNotInAgentPermission(Scheme scheme, SchemeEntity schemeEntity) {
        for (SchemeEntity schemeEntity2 : getPermissionEntities(scheme, ServiceDeskProjectPermissionKeys.SERVICEDESK_AGENT)) {
            if (StringUtils.equals(schemeEntity2.getType(), schemeEntity.getType()) && StringUtils.equals(schemeEntity2.getParameter(), schemeEntity.getParameter())) {
                return false;
            }
        }
        return true;
    }
}
