package com.appiancorp.datasources;

import com.appiancorp.connectedsystems.datasource.ConnectedSystemDataSourceService;
import com.appiancorp.core.expr.exceptions.ExpressionRuntimeException;
import com.appiancorp.core.expr.portable.string.Strings;
import com.appiancorp.features.FeatureToggleClient;
import com.appiancorp.rdbms.config.DataConfiguration;
import com.appiancorp.rdbms.datasource.DataSourceDescriptor;
import com.appiancorp.rdbms.datasource.DataSourceInfo;
import com.appiancorp.rdbms.datasource.DataSourceValidationException;
import com.appiancorp.rdbms.datasource.DataSourceValidator;
import com.appiancorp.security.auth.SpringSecurityContextHelper;
import com.appiancorp.security.auth.phpmyadmin.PhpMyAdminAuthStats;
import com.appiancorp.security.auth.phpmyadmin.PhpMyAdminUserHelper;
import com.appiancorp.security.authz.SystemRoleAeImpl;
import com.appiancorp.suite.cfg.ConfigurationFactory;
import com.appiancorp.suiteapi.common.exceptions.ErrorCode;
import com.appiancorp.suiteapi.common.exceptions.InvalidGroupException;
import com.appiancorp.suiteapi.common.exceptions.PrivilegeException;
import com.appiancorp.suiteapi.personalization.Attribute;
import com.appiancorp.suiteapi.personalization.Group;
import com.appiancorp.suiteapi.personalization.GroupService;
import com.appiancorp.suiteapi.personalization.GroupTypeService;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.atomic.AtomicReference;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.log4j.Logger;
import org.hibernate.jdbc.Work;

/* loaded from: input_file:com/appiancorp/datasources/PhpMyAdminUserHelperImpl.class */
public class PhpMyAdminUserHelperImpl implements PhpMyAdminUserHelper {
    private static final String CLOUD_DB_CONNECTION_STRING = "jdbc:mariadb://database:3306/";
    private static final String GET_CUSTOMER_GENERATED_SCHEMAS = "CALL AppianProcess.showCustomerSchemas()";
    private final transient ConnectedSystemDataSourceService connectedSystemService;
    private final transient DataSourceValidator dataSourceValidator;
    private final transient GroupService groupService;
    private final transient GroupTypeService groupTypeService;
    private final transient FeatureToggleClient featureToggleClient;
    private static final Logger LOG = Logger.getLogger(PhpMyAdminUserHelperImpl.class);
    private static final Pattern CLOUD_URL_PATTERN = Pattern.compile("jdbc:mariadb://database:3306/(\\w+)(\\?.*)?");

    public PhpMyAdminUserHelperImpl(ConnectedSystemDataSourceService connectedSystemDataSourceService, DataSourceValidator dataSourceValidator, GroupService groupService, GroupTypeService groupTypeService, FeatureToggleClient featureToggleClient) {
        this.connectedSystemService = (ConnectedSystemDataSourceService) Objects.requireNonNull(connectedSystemDataSourceService);
        this.dataSourceValidator = (DataSourceValidator) Objects.requireNonNull(dataSourceValidator);
        this.groupService = (GroupService) Objects.requireNonNull(groupService);
        this.groupTypeService = (GroupTypeService) Objects.requireNonNull(groupTypeService);
        this.featureToggleClient = (FeatureToggleClient) Objects.requireNonNull(featureToggleClient);
    }

    public List<String> getSchemasForUser(String str) {
        LinkedHashSet linkedHashSet = new LinkedHashSet(getDscsSchemasForUser(str));
        if (this.featureToggleClient.isFeatureEnabled("ae.databases-and-search.schema-specific-phpmyadmin-access")) {
            linkedHashSet.addAll((Collection) SpringSecurityContextHelper.runAs(str, () -> {
                return getGroupSchemasForUser(str);
            }));
            String cloudProvidedSchemaName = getCloudProvidedSchemaName();
            if (!linkedHashSet.isEmpty() && !linkedHashSet.contains(cloudProvidedSchemaName)) {
                linkedHashSet.add(cloudProvidedSchemaName);
            }
        }
        ArrayList arrayList = new ArrayList(linkedHashSet);
        arrayList.sort((v0, v1) -> {
            return v0.compareToIgnoreCase(v1);
        });
        return arrayList;
    }

    public List<String> getDscsSchemasForUser(String str) {
        if (!isUserInLegacyAccessGroup(str)) {
            return Collections.emptyList();
        }
        List<String> list = (List) SpringSecurityContextHelper.runAs(str, this::getDscsLegacySchemasForUser);
        list.add(0, getCloudProvidedSchemaName());
        return list;
    }

    public List<String> getGroupSchemasForUser(String str) {
        if (!this.featureToggleClient.isFeatureEnabled("ae.databases-and-search.schema-specific-phpmyadmin-access")) {
            return Collections.emptyList();
        }
        AtomicReference<List<String>> atomicReference = new AtomicReference<>();
        setAvailableSchemas(atomicReference);
        return (List) ((List) Arrays.stream(getApplicableSchemaGroups()).filter(group -> {
            return isUserInSchemaGroup(str, group);
        }).map(this::getSchemaNameAttribute).collect(Collectors.toList())).stream().filter(str2 -> {
            return ((List) atomicReference.get()).contains(str2);
        }).collect(Collectors.toList());
    }

    public String getCloudProvidedSchemaName() {
        return ((DataConfiguration) ConfigurationFactory.getConfiguration(DataConfiguration.class)).getCloudProvidedDataSourceKey().replaceFirst(CreateNewSchemaReaction.DATA_SOURCE_NAME_PREFIX, "");
    }

    public PhpMyAdminAuthStats getPhpMyAdminAuthStats() {
        PhpMyAdminAuthStats phpMyAdminAuthStats = new PhpMyAdminAuthStats();
        long j = 0;
        List list = (List) Arrays.stream(getApplicableSchemaGroups()).filter(group -> {
            return isSchemaGroupType(group.getGroupTypeId());
        }).collect(Collectors.toList());
        phpMyAdminAuthStats.setAuthGroupCount(list.size());
        Iterator it = list.iterator();
        while (it.hasNext()) {
            try {
                j += this.groupService.getMemberUserCount(((Group) it.next()).getId());
            } catch (Exception e) {
                LOG.error("Error collecting PhpMyAdmin auth metrics", e);
            }
        }
        phpMyAdminAuthStats.setAuthMemberCount(j);
        phpMyAdminAuthStats.setLegacyAuthMemberCount(getLegacyGroupMemberCount());
        return phpMyAdminAuthStats;
    }

    List<String> getAllAvailableSchemas() {
        AtomicReference atomicReference = new AtomicReference(null);
        try {
            doWorkInPrimaryDS(connection -> {
                queryCustomerGeneratedSchemas(connection, atomicReference);
            });
            return (List) atomicReference.get();
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new ExpressionRuntimeException(e2, ErrorCode.RDBMS_SCHEMA_PASSWORD_DECRYPTION_ERROR, new Object[0]);
        }
    }

    long getLegacyGroupMemberCount() {
        try {
            return this.groupService.getMemberUserCount(SystemRoleAeImpl.DATABASE_EDITOR.getGroupId()) + this.groupService.getMemberUserCount(SystemRoleAeImpl.DATABASE_VIEWER.getGroupId());
        } catch (InvalidGroupException | PrivilegeException e) {
            return 0L;
        }
    }

    private Group[] getApplicableSchemaGroups() {
        return (Group[]) SpringSecurityContextHelper.runAsAdmin(() -> {
            try {
                return this.groupService.getMemberGroupsDirect(SystemRoleAeImpl.DATABASE_USERS.getGroupId());
            } catch (InvalidGroupException | PrivilegeException e) {
                LOG.error("Error retrieving member groups of Database Users group", e);
                return null;
            }
        });
    }

    private void setAvailableSchemas(AtomicReference<List<String>> atomicReference) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            atomicReference.set(getAllAvailableSchemas());
        });
    }

    private boolean isUserInSchemaGroup(String str, Group group) {
        try {
            if (this.groupService.isUserMember(str, group.getId())) {
                if (isSchemaGroupType(group.getGroupTypeId())) {
                    return true;
                }
            }
            return false;
        } catch (InvalidGroupException | PrivilegeException e) {
            LOG.error("Error checking group membership", e);
            return false;
        }
    }

    private String getSchemaNameAttribute(Group group) {
        for (Attribute attribute : group.getAttributes()) {
            if (attribute.getName().equals("schemaName")) {
                return (String) attribute.getValue();
            }
        }
        return "";
    }

    private String getSchemaFromUrl(String str) {
        LOG.info("Extracting schema from connection url " + str);
        Matcher matcher = CLOUD_URL_PATTERN.matcher(str);
        if (matcher.find()) {
            return matcher.group(1);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void queryCustomerGeneratedSchemas(Connection connection, AtomicReference<List<String>> atomicReference) throws SQLException {
        ArrayList arrayList = new ArrayList();
        PreparedStatement prepareStatement = connection.prepareStatement(GET_CUSTOMER_GENERATED_SCHEMAS);
        Throwable th = null;
        try {
            ResultSet executeQuery = prepareStatement.executeQuery();
            Throwable th2 = null;
            while (executeQuery.next()) {
                try {
                    try {
                        arrayList.add(executeQuery.getString("customerSchemas"));
                    } catch (Throwable th3) {
                        th2 = th3;
                        throw th3;
                    }
                } catch (Throwable th4) {
                    if (executeQuery != null) {
                        if (th2 != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th5) {
                                th2.addSuppressed(th5);
                            }
                        } else {
                            executeQuery.close();
                        }
                    }
                    throw th4;
                }
            }
            atomicReference.set(arrayList);
            if (executeQuery != null) {
                if (0 != 0) {
                    try {
                        executeQuery.close();
                    } catch (Throwable th6) {
                        th2.addSuppressed(th6);
                    }
                } else {
                    executeQuery.close();
                }
            }
            if (prepareStatement != null) {
                if (0 == 0) {
                    prepareStatement.close();
                    return;
                }
                try {
                    prepareStatement.close();
                } catch (Throwable th7) {
                    th.addSuppressed(th7);
                }
            }
        } catch (Throwable th8) {
            if (prepareStatement != null) {
                if (0 != 0) {
                    try {
                        prepareStatement.close();
                    } catch (Throwable th9) {
                        th.addSuppressed(th9);
                    }
                } else {
                    prepareStatement.close();
                }
            }
            throw th8;
        }
    }

    private List<String> getDscsLegacySchemasForUser() {
        List<DataSourceDescriptor> dataSourceDescriptors = this.connectedSystemService.getDataSourceDescriptors();
        ArrayList arrayList = new ArrayList();
        for (DataSourceDescriptor dataSourceDescriptor : dataSourceDescriptors) {
            Optional dataSourceInfo = this.connectedSystemService.getDataSourceInfo(dataSourceDescriptor.getUuid());
            if (dataSourceInfo.isPresent()) {
                DataSourceInfo dataSourceInfo2 = (DataSourceInfo) dataSourceInfo.get();
                String connectionUrl = dataSourceInfo2.getConnectionUrl();
                if (connectionUrl.startsWith(CLOUD_DB_CONNECTION_STRING)) {
                    try {
                        this.dataSourceValidator.testDataSourceConnection(dataSourceInfo2);
                        String schemaFromUrl = getSchemaFromUrl(connectionUrl);
                        if (Strings.isNullOrEmpty(schemaFromUrl)) {
                            LOG.error("Received an empty schema name for DataSource UUID " + dataSourceDescriptor.getUuid());
                        } else {
                            arrayList.add(schemaFromUrl);
                        }
                    } catch (DataSourceValidationException e) {
                        LOG.error("Cloud Schema with invalid credentials found");
                    }
                }
            } else {
                LOG.error("No Data Source Info Found for UUID " + dataSourceDescriptor.getUuid());
            }
        }
        return arrayList;
    }

    private void doWorkInPrimaryDS(Work work) throws Exception {
        ((DataConfiguration) ConfigurationFactory.getConfiguration(DataConfiguration.class)).getPrimaryDataSourceManager().getTransactionManager().workInTransaction(work);
    }

    private boolean isSchemaGroupType(Long l) {
        return l.equals(this.groupTypeService.getGroupTypeId("###GROUP_TYPE_DATABASE_SCHEMA_EDITOR_NAME")) || l.equals(this.groupTypeService.getGroupTypeId("###GROUP_TYPE_DATABASE_SCHEMA_VIEWER_NAME"));
    }

    boolean isUserInLegacyAccessGroup(String str) {
        return ((Boolean) SpringSecurityContextHelper.runAsAdmin(() -> {
            return Boolean.valueOf(this.groupService.isUserMember(str, SystemRoleAeImpl.DATABASE_VIEWER.getGroupId()) || this.groupService.isUserMember(str, SystemRoleAeImpl.DATABASE_EDITOR.getGroupId()));
        })).booleanValue();
    }
}
