package com.appiancorp.rpa.user;

import com.appiancorp.ag.ExtendedGroupService;
import com.appiancorp.ag.RemoteUserSyncer;
import com.appiancorp.core.configuration.FeatureToggles;
import com.appiancorp.core.expr.portable.string.Strings;
import com.appiancorp.rpa.client.ArpaInternalClient;
import com.appiancorp.rpa.config.RpaInternalNameSupplier;
import com.appiancorp.rpa.model.UserSyncRequest;
import com.appiancorp.rpa.token.TokenSupplier;
import com.appiancorp.security.auth.SpringSecurityContextHelper;
import com.appiancorp.security.authz.SystemRoleAeImpl;
import com.appiancorp.suiteapi.personalization.User;
import com.appiancorp.suiteapi.personalization.UserProfile;
import com.appiancorp.suiteapi.personalization.UserProfileService;
import com.google.common.collect.Lists;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/appiancorp/rpa/user/RpaUserSyncer.class */
public class RpaUserSyncer implements RemoteUserSyncer {
    private static final Logger LOG = Logger.getLogger(RpaUserSyncer.class);
    static final int RPA_BATCH_SIZE = 100;
    private String internalRpaRestUrl;
    private UserResponseGenerator userResponseGenerator;
    private TokenSupplier authTokenSupplier;
    private ExtendedGroupService extendedGroupService;
    private UserProfileService userProfileService;
    private Supplier<Boolean> isRpaEnabled;
    private final ArpaInternalClient arpaInternalClient;

    public RpaUserSyncer(UserResponseGenerator userResponseGenerator, TokenSupplier tokenSupplier, ArpaInternalClient arpaInternalClient, RpaInternalNameSupplier rpaInternalNameSupplier, ExtendedGroupService extendedGroupService, UserProfileService userProfileService, FeatureToggles featureToggles) {
        this.internalRpaRestUrl = rpaInternalNameSupplier.get() + "/rpa/rest/";
        featureToggles.getClass();
        this.isRpaEnabled = featureToggles::isAppianRpaUserSyncEnabled;
        this.userResponseGenerator = userResponseGenerator;
        this.authTokenSupplier = tokenSupplier;
        this.arpaInternalClient = arpaInternalClient;
        this.extendedGroupService = extendedGroupService;
        this.userProfileService = userProfileService;
    }

    public boolean waitForAppianRpa(long j, long j2) {
        return ((Boolean) SpringSecurityContextHelper.runAsAdmin(() -> {
            return Boolean.valueOf(waitForAppianRpaInternal(j, j2));
        })).booleanValue();
    }

    public boolean syncUsers(List<UserSyncRequest> list) {
        return ((Boolean) SpringSecurityContextHelper.runAsAdmin(() -> {
            return Boolean.valueOf(syncUsersInternal(list));
        })).booleanValue();
    }

    public void enableRpa(long j, long j2) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            return Boolean.valueOf(enableRpaInternal(j, j2));
        });
    }

    public void onLogout(UserProfile userProfile) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            onLogoutInternal(userProfile);
        });
    }

    public void onMembersAddedToGroups(String[] strArr, Long[] lArr) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            onMembersAddedToGroupsInternal(strArr, lArr);
        });
    }

    public void onGroupsAddedToGroup(Long[] lArr, Long l) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            onGroupsAddedToGroupInternal(lArr, l);
        });
    }

    public void onMembersRemovedFromGroups(String[] strArr, Long[] lArr) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            onMembersRemovedFromGroupsInternal(strArr, lArr);
        });
    }

    public void onGroupsRemovedFromGroup(Long[] lArr, Long l) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            onGroupsRemovedFromGroupInternal(lArr, l);
        });
    }

    public void onUserCreated(UserProfile[] userProfileArr) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            onUserCreatedInternal(userProfileArr);
        });
    }

    public void onUserDeactivated(String[] strArr) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            onUserDeactivatedInternal(strArr);
        });
    }

    public void onUserReactivated(String[] strArr) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            onUserReactivatedInternal(strArr);
        });
    }

    public void onUserRename(String[] strArr) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            onUserRenameInternal(strArr);
        });
    }

    public void onUserUpdate(UserProfile[] userProfileArr) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            onUserUpdateInternal(userProfileArr);
        });
    }

    public void onUserObjectFaviconPreferenceChanged(String str) {
        SpringSecurityContextHelper.runAsAdmin(() -> {
            onUserObjectFaviconPreferenceChangedInternal(str);
        });
    }

    private boolean waitForAppianRpaInternal(long j, long j2) {
        if (isRpaDisabled()) {
            return true;
        }
        try {
            boolean z = 200 == this.arpaInternalClient.callRpaHeartBeatEndPoint(j, j2, this.internalRpaRestUrl).getStatusLine().getStatusCode();
            if (!z) {
                LOG.error("Could not enable Appian RPA using url : " + this.internalRpaRestUrl);
            }
            return z;
        } catch (Exception e) {
            LOG.error("Error while trying to wait for AppianRPA using url: " + this.internalRpaRestUrl, e);
            return false;
        }
    }

    private boolean syncUsersInternal(List<UserSyncRequest> list) {
        if (isRpaDisabled()) {
            return true;
        }
        try {
            boolean z = 200 == this.arpaInternalClient.callRpaUpdateUserEndPoint(list, this.internalRpaRestUrl, this.authTokenSupplier.getToken()).getStatusLine().getStatusCode();
            if (!z) {
                LOG.error("Could not sync users using url : " + this.internalRpaRestUrl);
            }
            return z;
        } catch (Exception e) {
            LOG.error("Error while trying to sync users with AppianRPA using url: " + this.internalRpaRestUrl, e);
            return false;
        }
    }

    private boolean enableRpaInternal(long j, long j2) {
        if (isRpaDisabled()) {
            return false;
        }
        try {
            boolean z = this.arpaInternalClient.callRpaExecutionEndPoint(j, j2, this.internalRpaRestUrl, this.authTokenSupplier.getToken()).getStatusLine().getStatusCode() == 200;
            if (!z) {
                LOG.error("Could not enable rpa using url : " + this.internalRpaRestUrl);
            }
            return z;
        } catch (Exception e) {
            LOG.error("Could not enable rpa using url : " + this.internalRpaRestUrl, e);
            return false;
        }
    }

    private void onLogoutInternal(UserProfile userProfile) {
        if (isRpaDisabled()) {
            return;
        }
        try {
            this.arpaInternalClient.callRpaLogoutInternalEndPoint(userProfile.getUuid(), this.internalRpaRestUrl, this.authTokenSupplier.getToken());
        } catch (Exception e) {
            LOG.error("Error while trying to log out user " + userProfile.getUuid() + " from Appian RPA");
        }
    }

    private boolean isRpaDisabled() {
        return !this.isRpaEnabled.get().booleanValue() || Strings.isNullOrEmpty(this.authTokenSupplier.getToken());
    }

    private void onMembersAddedToGroupsInternal(String[] strArr, Long[] lArr) {
        if (isRpaDisabled() || !hasRolesOfInterest(lArr)) {
            return;
        }
        syncUsersInBatch(this.userResponseGenerator.generateUserSyncRequests(strArr));
    }

    private void onGroupsAddedToGroupInternal(Long[] lArr, Long l) {
        if (isRpaDisabled() || !hasRolesOfInterest(new Long[]{l})) {
            return;
        }
        try {
            syncUsersInBatch(this.userResponseGenerator.generateUserSyncRequests(User.getUsernames(this.extendedGroupService.getMemberUsers(lArr))));
        } catch (Exception e) {
            LOG.error("Failed to add users via group->group", e);
        }
    }

    private void onMembersRemovedFromGroupsInternal(String[] strArr, Long[] lArr) {
        if (isRpaDisabled() || !hasRolesOfInterest(lArr)) {
            return;
        }
        List<UserSyncRequest> generateUserSyncRequests = this.userResponseGenerator.generateUserSyncRequests(strArr);
        for (UserSyncRequest userSyncRequest : generateUserSyncRequests) {
            if (!hasRolesOfInterest(userSyncRequest)) {
                userSyncRequest.setActive(false);
            }
        }
        syncUsersInBatch(generateUserSyncRequests);
    }

    private void onGroupsRemovedFromGroupInternal(Long[] lArr, Long l) {
        if (isRpaDisabled() || !hasRolesOfInterest(new Long[]{l})) {
            return;
        }
        try {
            List<UserSyncRequest> generateUserSyncRequests = this.userResponseGenerator.generateUserSyncRequests(User.getUsernames(this.extendedGroupService.getMemberUsers(lArr)));
            for (UserSyncRequest userSyncRequest : generateUserSyncRequests) {
                if (!hasRolesOfInterest(userSyncRequest)) {
                    userSyncRequest.setActive(false);
                }
            }
            syncUsersInBatch(generateUserSyncRequests);
        } catch (Exception e) {
            LOG.error("Failed to remove users via group->group", e);
        }
    }

    private void onUserCreatedInternal(UserProfile[] userProfileArr) {
        if (isRpaDisabled()) {
            return;
        }
        try {
            syncUsersInBatch(this.userResponseGenerator.generateUserSyncRequests((String[]) Arrays.stream(userProfileArr).filter(userProfile -> {
                return UserProfile.USER_TYPE_SYS_ADMIN.equals(userProfile.getUserTypeId());
            }).map((v0) -> {
                return v0.getUsername();
            }).toArray(i -> {
                return new String[i];
            })));
        } catch (Exception e) {
            LOG.error("Failed to create user", e);
        }
    }

    private void onUserDeactivatedInternal(String[] strArr) {
        if (isRpaDisabled()) {
            return;
        }
        try {
            syncUsersInBatch((List) this.userResponseGenerator.generateUserSyncRequests(strArr).stream().peek(userSyncRequest -> {
                userSyncRequest.setActive(false);
            }).filter(this::hasRolesOfInterest).collect(Collectors.toList()));
        } catch (Exception e) {
            LOG.error("Failed to deactivate user", e);
        }
    }

    private void onUserReactivatedInternal(String[] strArr) {
        if (isRpaDisabled()) {
            return;
        }
        try {
            syncUsersInBatch((List) this.userResponseGenerator.generateUserSyncRequests(strArr).stream().peek(userSyncRequest -> {
                userSyncRequest.setActive(true);
            }).filter(this::hasRolesOfInterest).collect(Collectors.toList()));
        } catch (Exception e) {
            LOG.error("Failed to reactivate user", e);
        }
    }

    private void onUserRenameInternal(String[] strArr) {
        if (isRpaDisabled()) {
            return;
        }
        try {
            syncUsersInBatch((List) this.userResponseGenerator.generateUserSyncRequests(strArr).stream().filter(this::hasRolesOfInterest).collect(Collectors.toList()));
        } catch (Exception e) {
            LOG.error("Failed to rename user", e);
        }
    }

    private void onUserUpdateInternal(UserProfile[] userProfileArr) {
        if (isRpaDisabled()) {
            return;
        }
        try {
            UserProfile[] users = this.userProfileService.getUsers((String[]) Arrays.stream(userProfileArr).map((v0) -> {
                return v0.getUsername();
            }).toArray(i -> {
                return new String[i];
            }));
            HashMap hashMap = new HashMap(users.length);
            Arrays.stream(users).forEach(userProfile -> {
            });
            syncUsersInBatch(this.userResponseGenerator.generateUserSyncRequests((String[]) Stream.of(Arrays.stream(userProfileArr).filter(userProfile2 -> {
                return UserProfile.USER_TYPE_SYS_ADMIN.equals(((UserProfile) hashMap.get(userProfile2.getUuid())).getUserTypeId()) != UserProfile.USER_TYPE_SYS_ADMIN.equals(userProfile2.getUserTypeId());
            }).toArray(i2 -> {
                return new UserProfile[i2];
            })).map((v0) -> {
                return v0.getUsername();
            }).toArray(i3 -> {
                return new String[i3];
            })));
        } catch (Exception e) {
            LOG.error("Error trying to update user", e);
        }
    }

    private void onUserObjectFaviconPreferenceChangedInternal(String str) {
        if (isRpaDisabled()) {
            return;
        }
        try {
            syncUsersInBatch(this.userResponseGenerator.generateUserSyncRequests(new String[]{str}));
        } catch (Exception e) {
            LOG.error("Failed to sync after object favicon setting change for user: " + str, e);
        }
    }

    private boolean hasRolesOfInterest(Long[] lArr) {
        return !Collections.disjoint(Arrays.asList(SystemRoleAeImpl.DESIGNER.getGroupId(), SystemRoleAeImpl.SERVICE_ACCOUNT.getGroupId(), SystemRoleAeImpl.RPA_OPERATIONS_MANAGER.getGroupId()), Arrays.asList(lArr));
    }

    private boolean hasRolesOfInterest(UserSyncRequest userSyncRequest) {
        return userSyncRequest.isServiceAccount() || "ADMIN".equals(userSyncRequest.getRole()) || "DEVELOPER".equals(userSyncRequest.getRole()) || "RPA_OPERATIONS_MANAGER".equals(userSyncRequest.getRole());
    }

    private void syncUsersInBatch(List<UserSyncRequest> list) {
        if (list == null) {
            return;
        }
        Lists.partition(list, RPA_BATCH_SIZE).forEach(this::syncUsers);
    }
}
