package org.craftercms.studio.impl.v2.service.security;

import java.util.ArrayList;
import java.util.List;
import org.apache.commons.collections4.CollectionUtils;
import org.craftercms.commons.security.permissions.DefaultPermission;
import org.craftercms.commons.security.permissions.annotations.HasPermission;
import org.craftercms.studio.api.v1.constant.StudioConstants;
import org.craftercms.studio.api.v1.dal.SiteFeed;
import org.craftercms.studio.api.v1.exception.ServiceLayerException;
import org.craftercms.studio.api.v1.exception.security.AuthenticationException;
import org.craftercms.studio.api.v1.exception.security.GroupAlreadyExistsException;
import org.craftercms.studio.api.v1.exception.security.GroupNotFoundException;
import org.craftercms.studio.api.v1.exception.security.UserNotFoundException;
import org.craftercms.studio.api.v1.service.GeneralLockService;
import org.craftercms.studio.api.v1.service.site.SiteService;
import org.craftercms.studio.api.v2.dal.AuditLog;
import org.craftercms.studio.api.v2.dal.AuditLogConstants;
import org.craftercms.studio.api.v2.dal.AuditLogParameter;
import org.craftercms.studio.api.v2.dal.Group;
import org.craftercms.studio.api.v2.dal.User;
import org.craftercms.studio.api.v2.exception.OrganizationNotFoundException;
import org.craftercms.studio.api.v2.service.audit.internal.AuditServiceInternal;
import org.craftercms.studio.api.v2.service.config.ConfigurationService;
import org.craftercms.studio.api.v2.service.security.GroupService;
import org.craftercms.studio.api.v2.service.security.internal.GroupServiceInternal;
import org.craftercms.studio.api.v2.service.security.internal.OrganizationServiceInternal;
import org.craftercms.studio.api.v2.service.security.internal.UserServiceInternal;
import org.craftercms.studio.api.v2.utils.StudioConfiguration;
import org.craftercms.studio.permissions.StudioPermissionsConstants;

/* loaded from: input_file:org/craftercms/studio/impl/v2/service/security/GroupServiceImpl.class */
public class GroupServiceImpl implements GroupService {
    private ConfigurationService configurationService;
    private GroupServiceInternal groupServiceInternal;
    private OrganizationServiceInternal organizationServiceInternal;
    private UserServiceInternal userServiceInternal;
    private GeneralLockService generalLockService;
    private StudioConfiguration studioConfiguration;
    private AuditServiceInternal auditServiceInternal;
    private SiteService siteService;

    @Override // org.craftercms.studio.api.v2.service.security.GroupService
    @HasPermission(type = DefaultPermission.class, action = StudioPermissionsConstants.PERMISSION_READ_GROUPS)
    public List<Group> getAllGroups(long j, String str, int i, int i2, String str2) throws ServiceLayerException, OrganizationNotFoundException {
        if (this.organizationServiceInternal.organizationExists(j)) {
            return this.groupServiceInternal.getAllGroups(j, str, i, i2, str2);
        }
        throw new OrganizationNotFoundException();
    }

    @Override // org.craftercms.studio.api.v2.service.security.GroupService
    @HasPermission(type = DefaultPermission.class, action = StudioPermissionsConstants.PERMISSION_READ_GROUPS)
    public int getAllGroupsTotal(long j, String str) throws ServiceLayerException, OrganizationNotFoundException {
        if (this.organizationServiceInternal.organizationExists(j)) {
            return this.groupServiceInternal.getAllGroupsTotal(j, str);
        }
        throw new OrganizationNotFoundException();
    }

    @Override // org.craftercms.studio.api.v2.service.security.GroupService
    @HasPermission(type = DefaultPermission.class, action = StudioPermissionsConstants.PERMISSION_CREATE_GROUPS)
    public Group createGroup(long j, String str, String str2) throws GroupAlreadyExistsException, ServiceLayerException, AuthenticationException {
        Group createGroup = this.groupServiceInternal.createGroup(j, str, str2);
        SiteFeed site = this.siteService.getSite(this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE));
        AuditLog createAuditLogEntry = this.auditServiceInternal.createAuditLogEntry();
        createAuditLogEntry.setOperation(AuditLogConstants.OPERATION_CREATE);
        createAuditLogEntry.setSiteId(site.getId());
        createAuditLogEntry.setActorId(this.userServiceInternal.getCurrentUser().getUsername());
        createAuditLogEntry.setPrimaryTargetId(str);
        createAuditLogEntry.setPrimaryTargetType(AuditLogConstants.TARGET_TYPE_GROUP);
        createAuditLogEntry.setPrimaryTargetValue(str);
        this.auditServiceInternal.insertAuditLog(createAuditLogEntry);
        return createGroup;
    }

    @Override // org.craftercms.studio.api.v2.service.security.GroupService
    @HasPermission(type = DefaultPermission.class, action = StudioPermissionsConstants.PERMISSION_UPDATE_GROUPS)
    public Group updateGroup(long j, Group group) throws ServiceLayerException, GroupNotFoundException, AuthenticationException {
        Group updateGroup = this.groupServiceInternal.updateGroup(j, group);
        SiteFeed site = this.siteService.getSite(this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE));
        AuditLog createAuditLogEntry = this.auditServiceInternal.createAuditLogEntry();
        createAuditLogEntry.setOperation("UPDATE");
        createAuditLogEntry.setSiteId(site.getId());
        createAuditLogEntry.setActorId(this.userServiceInternal.getCurrentUser().getUsername());
        createAuditLogEntry.setPrimaryTargetId(group.getGroupName());
        createAuditLogEntry.setPrimaryTargetType(AuditLogConstants.TARGET_TYPE_GROUP);
        createAuditLogEntry.setPrimaryTargetValue(group.getGroupName());
        this.auditServiceInternal.insertAuditLog(createAuditLogEntry);
        return updateGroup;
    }

    @Override // org.craftercms.studio.api.v2.service.security.GroupService
    @HasPermission(type = DefaultPermission.class, action = StudioPermissionsConstants.PERMISSION_DELETE_GROUPS)
    public void deleteGroup(List<Long> list) throws ServiceLayerException, GroupNotFoundException, AuthenticationException {
        try {
            Group groupByName = this.groupServiceInternal.getGroupByName(StudioConstants.SYSTEM_ADMIN_GROUP);
            if (CollectionUtils.isNotEmpty(list) && list.contains(Long.valueOf(groupByName.getId()))) {
                throw new ServiceLayerException("Deleting the System Admin group is not allowed.");
            }
            List<Group> groups = this.groupServiceInternal.getGroups(list);
            this.groupServiceInternal.deleteGroup(list);
            SiteFeed site = this.siteService.getSite(this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE));
            AuditLog createAuditLogEntry = this.auditServiceInternal.createAuditLogEntry();
            createAuditLogEntry.setOperation("DELETE");
            createAuditLogEntry.setActorId(this.userServiceInternal.getCurrentUser().getUsername());
            createAuditLogEntry.setSiteId(site.getId());
            createAuditLogEntry.setPrimaryTargetId(this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE));
            createAuditLogEntry.setPrimaryTargetType(AuditLogConstants.TARGET_TYPE_GROUP);
            createAuditLogEntry.setPrimaryTargetValue(this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE));
            ArrayList arrayList = new ArrayList();
            for (Group group : groups) {
                AuditLogParameter auditLogParameter = new AuditLogParameter();
                auditLogParameter.setTargetId(Long.toString(group.getId()));
                auditLogParameter.setTargetType(AuditLogConstants.TARGET_TYPE_GROUP);
                auditLogParameter.setTargetValue(group.getGroupName());
                arrayList.add(auditLogParameter);
            }
            createAuditLogEntry.setParameters(arrayList);
            this.auditServiceInternal.insertAuditLog(createAuditLogEntry);
        } catch (GroupNotFoundException e) {
            throw new ServiceLayerException("The System Admin group is not found", e);
        }
    }

    @Override // org.craftercms.studio.api.v2.service.security.GroupService
    @HasPermission(type = DefaultPermission.class, action = StudioPermissionsConstants.PERMISSION_READ_GROUPS)
    public Group getGroup(long j) throws ServiceLayerException, GroupNotFoundException {
        return this.groupServiceInternal.getGroup(j);
    }

    @Override // org.craftercms.studio.api.v2.service.security.GroupService
    @HasPermission(type = DefaultPermission.class, action = StudioPermissionsConstants.PERMISSION_READ_GROUPS)
    public List<User> getGroupMembers(long j, int i, int i2, String str) throws ServiceLayerException, GroupNotFoundException {
        return this.groupServiceInternal.getGroupMembers(j, i, i2, str);
    }

    @Override // org.craftercms.studio.api.v2.service.security.GroupService
    @HasPermission(type = DefaultPermission.class, action = StudioPermissionsConstants.PERMISSION_READ_GROUPS)
    public int getGroupMembersTotal(long j) throws ServiceLayerException, GroupNotFoundException {
        return this.groupServiceInternal.getGroupMembersTotal(j);
    }

    @Override // org.craftercms.studio.api.v2.service.security.GroupService
    @HasPermission(type = DefaultPermission.class, action = StudioPermissionsConstants.PERMISSION_UPDATE_GROUPS)
    public List<User> addGroupMembers(long j, List<Long> list, List<String> list2) throws ServiceLayerException, UserNotFoundException, GroupNotFoundException, AuthenticationException {
        List<User> addGroupMembers = this.groupServiceInternal.addGroupMembers(j, list, list2);
        Group group = this.groupServiceInternal.getGroup(j);
        SiteFeed site = this.siteService.getSite(this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE));
        AuditLog createAuditLogEntry = this.auditServiceInternal.createAuditLogEntry();
        ArrayList arrayList = new ArrayList();
        for (User user : addGroupMembers) {
            AuditLogParameter auditLogParameter = new AuditLogParameter();
            auditLogParameter.setTargetId(Long.toString(user.getId()));
            auditLogParameter.setTargetType(AuditLogConstants.TARGET_TYPE_USER);
            auditLogParameter.setTargetValue(user.getUsername());
            arrayList.add(auditLogParameter);
        }
        createAuditLogEntry.setParameters(arrayList);
        createAuditLogEntry.setOperation(AuditLogConstants.OPERATION_ADD_MEMBERS);
        createAuditLogEntry.setSiteId(site.getId());
        createAuditLogEntry.setActorId(this.userServiceInternal.getCurrentUser().getUsername());
        createAuditLogEntry.setPrimaryTargetId(Long.toString(j));
        createAuditLogEntry.setPrimaryTargetType(AuditLogConstants.TARGET_TYPE_GROUP);
        createAuditLogEntry.setPrimaryTargetValue(group.getGroupName());
        this.auditServiceInternal.insertAuditLog(createAuditLogEntry);
        return addGroupMembers;
    }

    @Override // org.craftercms.studio.api.v2.service.security.GroupService
    @HasPermission(type = DefaultPermission.class, action = StudioPermissionsConstants.PERMISSION_UPDATE_GROUPS)
    public void removeGroupMembers(long j, List<Long> list, List<String> list2) throws ServiceLayerException, UserNotFoundException, GroupNotFoundException, AuthenticationException {
        Group group = getGroup(j);
        this.generalLockService.lock(StudioConstants.REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
        try {
            if (group.getGroupName().equals(StudioConstants.SYSTEM_ADMIN_GROUP)) {
                List<User> groupMembers = getGroupMembers(j, 0, Integer.MAX_VALUE, "");
                if (CollectionUtils.isNotEmpty(groupMembers)) {
                    ArrayList arrayList = new ArrayList(groupMembers);
                    groupMembers.forEach(user -> {
                        if (CollectionUtils.isNotEmpty(list) && list.contains(Long.valueOf(user.getId()))) {
                            arrayList.remove(user);
                        }
                        if (CollectionUtils.isNotEmpty(list2) && list2.contains(user.getUsername())) {
                            arrayList.remove(user);
                        }
                    });
                    if (CollectionUtils.isEmpty(arrayList)) {
                        throw new ServiceLayerException("Removing all members of the System Admin group is not allowed. We must have at least one system administrator.");
                    }
                }
            }
            List<User> usersByIdOrUsername = this.userServiceInternal.getUsersByIdOrUsername(list, list2);
            this.groupServiceInternal.removeGroupMembers(j, list, list2);
            SiteFeed site = this.siteService.getSite(this.studioConfiguration.getProperty(StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE));
            AuditLog createAuditLogEntry = this.auditServiceInternal.createAuditLogEntry();
            createAuditLogEntry.setOperation(AuditLogConstants.OPERATION_REMOVE_MEMBERS);
            createAuditLogEntry.setActorId(this.userServiceInternal.getCurrentUser().getUsername());
            createAuditLogEntry.setSiteId(site.getId());
            createAuditLogEntry.setPrimaryTargetId(Long.toString(group.getId()));
            createAuditLogEntry.setPrimaryTargetType(AuditLogConstants.TARGET_TYPE_USER);
            createAuditLogEntry.setPrimaryTargetValue(group.getGroupName());
            ArrayList arrayList2 = new ArrayList();
            for (User user2 : usersByIdOrUsername) {
                AuditLogParameter auditLogParameter = new AuditLogParameter();
                auditLogParameter.setTargetId(Long.toString(user2.getId()));
                auditLogParameter.setTargetType(AuditLogConstants.TARGET_TYPE_USER);
                auditLogParameter.setTargetValue(user2.getUsername());
                arrayList2.add(auditLogParameter);
            }
            createAuditLogEntry.setParameters(arrayList2);
            this.auditServiceInternal.insertAuditLog(createAuditLogEntry);
            this.generalLockService.unlock(StudioConstants.REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
        } catch (Throwable th) {
            this.generalLockService.unlock(StudioConstants.REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
            throw th;
        }
    }

    public void setGroupServiceInternal(GroupServiceInternal groupServiceInternal) {
        this.groupServiceInternal = groupServiceInternal;
    }

    public void setOrganizationServiceInternal(OrganizationServiceInternal organizationServiceInternal) {
        this.organizationServiceInternal = organizationServiceInternal;
    }

    public void setUserServiceInternal(UserServiceInternal userServiceInternal) {
        this.userServiceInternal = userServiceInternal;
    }

    public void setConfigurationService(ConfigurationService configurationService) {
        this.configurationService = configurationService;
    }

    public void setGeneralLockService(GeneralLockService generalLockService) {
        this.generalLockService = generalLockService;
    }

    public void setStudioConfiguration(StudioConfiguration studioConfiguration) {
        this.studioConfiguration = studioConfiguration;
    }

    public void setAuditServiceInternal(AuditServiceInternal auditServiceInternal) {
        this.auditServiceInternal = auditServiceInternal;
    }

    public void setSiteService(SiteService siteService) {
        this.siteService = siteService;
    }
}
