package org.cloudfoundry.identity.uaa.scim.jdbc;

import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.Date;
import java.util.List;
import java.util.UUID;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.cloudfoundry.identity.uaa.audit.AuditEventType;
import org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent;
import org.cloudfoundry.identity.uaa.audit.event.SystemDeletable;
import org.cloudfoundry.identity.uaa.resources.jdbc.AbstractQueryable;
import org.cloudfoundry.identity.uaa.resources.jdbc.JdbcPagingListFactory;
import org.cloudfoundry.identity.uaa.scim.ScimGroup;
import org.cloudfoundry.identity.uaa.scim.ScimGroupProvisioning;
import org.cloudfoundry.identity.uaa.scim.ScimMeta;
import org.cloudfoundry.identity.uaa.scim.exception.InvalidScimResourceException;
import org.cloudfoundry.identity.uaa.scim.exception.ScimResourceAlreadyExistsException;
import org.cloudfoundry.identity.uaa.scim.exception.ScimResourceConstraintFailedException;
import org.cloudfoundry.identity.uaa.scim.exception.ScimResourceNotFoundException;
import org.cloudfoundry.identity.uaa.zone.IdentityZone;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder;
import org.cloudfoundry.identity.uaa.zone.ZoneManagementScopes;
import org.cloudfoundry.identity.uaa.zone.event.IdentityZoneModifiedEvent;
import org.hsqldb.Tokens;
import org.springframework.dao.DuplicateKeyException;
import org.springframework.dao.EmptyResultDataAccessException;
import org.springframework.dao.IncorrectResultSizeDataAccessException;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.PreparedStatementSetter;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-3.12.0.jar:org/cloudfoundry/identity/uaa/scim/jdbc/JdbcScimGroupProvisioning.class */
public class JdbcScimGroupProvisioning extends AbstractQueryable<ScimGroup> implements ScimGroupProvisioning, SystemDeletable {
    private JdbcScimGroupExternalMembershipManager externalGroupMappingManager;
    private JdbcTemplate jdbcTemplate;
    private JdbcScimGroupMembershipManager membershipManager;
    private final Log logger;
    public static final String GROUP_TABLE = "groups";
    public static final String GROUP_MEMBERSHIP_TABLE = "group_membership";
    public static final String EXTERNAL_GROUP_TABLE = "external_group_mapping";
    private final RowMapper<ScimGroup> rowMapper;
    public static final String GROUP_FIELDS = "id,displayName,description,created,lastModified,version,identity_zone_id";
    public static final String ADD_GROUP_SQL = String.format("insert into %s ( %s ) values (?,?,?,?,?,?,?)", "groups", GROUP_FIELDS);
    public static final String UPDATE_GROUP_SQL = String.format("update %s set version=?, displayName=?, description=?, lastModified=? where id=? and version=? and identity_zone_id=?", "groups");
    public static final String GET_GROUP_SQL = String.format("select %s from %s where id=? and identity_zone_id=?", GROUP_FIELDS, "groups");
    public static final String ALL_GROUPS = String.format("select %s from %s", GROUP_FIELDS, "groups");
    public static final String DELETE_GROUP_SQL = String.format("delete from %s where id=? and identity_zone_id=?", "groups");
    public static final String DELETE_GROUP_BY_ZONE = String.format("delete from %s where identity_zone_id=?", "groups");
    public static final String DELETE_GROUP_MEMBERSHIP_BY_ZONE = String.format("delete from %s where group_id in (select id from %s where identity_zone_id = ?)", "group_membership", "groups");
    public static final String DELETE_EXTERNAL_GROUP_BY_ZONE = String.format("delete from %s where group_id in (select id from %s where identity_zone_id = ?)", "external_group_mapping", "groups");
    public static final String DELETE_ZONE_ADMIN_MEMBERSHIP_BY_ZONE = String.format("delete from %s where group_id in (select id from %s where identity_zone_id=? and displayName like ?)", "group_membership", "groups");
    public static final String DELETE_ZONE_ADMIN_GROUPS_BY_ZONE = String.format("delete from %s where identity_zone_id=? and displayName like ?", "groups");
    public static final String DELETE_GROUP_MEMBERSHIP_BY_PROVIDER = String.format("delete from %s where group_id in (select id from %s where identity_zone_id = ?) and origin = ?", "group_membership", "groups");
    public static final String DELETE_EXTERNAL_GROUP_BY_PROVIDER = String.format("delete from %s where group_id in (select id from %s where identity_zone_id = ?) and origin = ?", "external_group_mapping", "groups");

    /* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-3.12.0.jar:org/cloudfoundry/identity/uaa/scim/jdbc/JdbcScimGroupProvisioning$ScimGroupRowMapper.class */
    private static final class ScimGroupRowMapper implements RowMapper<ScimGroup> {
        private ScimGroupRowMapper() {
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.springframework.jdbc.core.RowMapper
        public ScimGroup mapRow(ResultSet resultSet, int i) throws SQLException {
            int i2 = 1 + 1;
            String string = resultSet.getString(1);
            int i3 = i2 + 1;
            String string2 = resultSet.getString(i2);
            int i4 = i3 + 1;
            String string3 = resultSet.getString(i3);
            int i5 = i4 + 1;
            Timestamp timestamp = resultSet.getTimestamp(i4);
            int i6 = i5 + 1;
            Timestamp timestamp2 = resultSet.getTimestamp(i5);
            int i7 = i6 + 1;
            int i8 = resultSet.getInt(i6);
            int i9 = i7 + 1;
            ScimGroup scimGroup = new ScimGroup(string, string2, resultSet.getString(i7));
            scimGroup.setDescription(string3);
            scimGroup.setMeta(new ScimMeta(timestamp, timestamp2, i8));
            return scimGroup;
        }
    }

    @Override // org.cloudfoundry.identity.uaa.audit.event.SystemDeletable
    public Log getLogger() {
        return this.logger;
    }

    public JdbcScimGroupProvisioning(JdbcTemplate jdbcTemplate, JdbcPagingListFactory jdbcPagingListFactory) {
        super(jdbcTemplate, jdbcPagingListFactory, new ScimGroupRowMapper());
        this.logger = LogFactory.getLog(getClass());
        this.rowMapper = new ScimGroupRowMapper();
        this.membershipManager = new JdbcScimGroupMembershipManager(jdbcTemplate, jdbcPagingListFactory);
        this.membershipManager.setScimGroupProvisioning(this);
        this.externalGroupMappingManager = new JdbcScimGroupExternalMembershipManager(jdbcTemplate, jdbcPagingListFactory);
        this.externalGroupMappingManager.setScimGroupProvisioning(this);
        Assert.notNull(jdbcTemplate);
        this.jdbcTemplate = jdbcTemplate;
        setQueryConverter(new ScimSearchQueryConverter());
    }

    private void createAndIgnoreDuplicate(String str, String str2) {
        try {
            create(new ScimGroup(null, str, str2), str2);
        } catch (ScimResourceAlreadyExistsException e) {
        }
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.cloudfoundry.identity.uaa.audit.event.SystemDeletable, org.springframework.context.ApplicationListener
    public void onApplicationEvent(AbstractUaaEvent abstractUaaEvent) {
        if (abstractUaaEvent != null && (abstractUaaEvent instanceof IdentityZoneModifiedEvent) && ((IdentityZoneModifiedEvent) abstractUaaEvent).getEventType() == AuditEventType.IdentityZoneCreatedEvent) {
            String id = ((IdentityZone) abstractUaaEvent.getSource()).getId();
            ZoneManagementScopes.getSystemScopes().stream().forEach(str -> {
                createAndIgnoreDuplicate(str, id);
            });
        }
        super.onApplicationEvent(abstractUaaEvent);
    }

    @Override // org.cloudfoundry.identity.uaa.resources.jdbc.AbstractQueryable
    protected String getBaseSqlQuery() {
        return ALL_GROUPS;
    }

    @Override // org.cloudfoundry.identity.uaa.resources.jdbc.AbstractQueryable, org.cloudfoundry.identity.uaa.resources.Queryable
    public List<ScimGroup> query(String str, String str2, boolean z) {
        return query(str, str2, z, IdentityZoneHolder.get().getId());
    }

    public List<ScimGroup> query(String str, String str2, boolean z, String str3) {
        getQueryConverter().convert(str, str2, z);
        if (StringUtils.hasText(str)) {
            str = Tokens.T_OPENBRACKET + str + ") and";
        }
        return super.query(str + " identity_zone_id eq \"" + str3 + "\"", str2, z);
    }

    @Override // org.cloudfoundry.identity.uaa.resources.jdbc.AbstractQueryable
    protected String getTableName() {
        return "groups";
    }

    @Override // org.cloudfoundry.identity.uaa.resources.ResourceManager
    public List<ScimGroup> retrieveAll() {
        return query("id pr", "created", true);
    }

    public List<ScimGroup> retrieveAll(String str) {
        return query("id pr", "created", true, str);
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.cloudfoundry.identity.uaa.resources.ResourceManager
    public ScimGroup retrieve(String str) throws ScimResourceNotFoundException {
        return retrieve(str, IdentityZoneHolder.get().getId());
    }

    public ScimGroup retrieve(String str, String str2) throws ScimResourceNotFoundException {
        try {
            return (ScimGroup) this.jdbcTemplate.queryForObject(GET_GROUP_SQL, this.rowMapper, str, str2);
        } catch (EmptyResultDataAccessException e) {
            throw new ScimResourceNotFoundException("Group " + str + " does not exist");
        }
    }

    @Override // org.cloudfoundry.identity.uaa.resources.ResourceManager
    public ScimGroup create(ScimGroup scimGroup) throws InvalidScimResourceException {
        return create(scimGroup, IdentityZoneHolder.get().getId());
    }

    public ScimGroup create(final ScimGroup scimGroup, final String str) throws InvalidScimResourceException {
        final String uuid = UUID.randomUUID().toString();
        this.logger.debug("creating new group with id: " + uuid);
        try {
            validateGroup(scimGroup);
            this.jdbcTemplate.update(ADD_GROUP_SQL, new PreparedStatementSetter() { // from class: org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupProvisioning.1
                @Override // org.springframework.jdbc.core.PreparedStatementSetter
                public void setValues(PreparedStatement preparedStatement) throws SQLException {
                    int i = 1 + 1;
                    preparedStatement.setString(1, uuid);
                    int i2 = i + 1;
                    preparedStatement.setString(i, scimGroup.getDisplayName());
                    int i3 = i2 + 1;
                    preparedStatement.setString(i2, scimGroup.getDescription());
                    int i4 = i3 + 1;
                    preparedStatement.setTimestamp(i3, new Timestamp(new Date().getTime()));
                    int i5 = i4 + 1;
                    preparedStatement.setTimestamp(i4, new Timestamp(new Date().getTime()));
                    int i6 = i5 + 1;
                    preparedStatement.setInt(i5, scimGroup.getVersion());
                    int i7 = i6 + 1;
                    preparedStatement.setString(i6, str);
                }
            });
            return retrieve(uuid, str);
        } catch (DuplicateKeyException e) {
            throw new ScimResourceAlreadyExistsException("A group with displayName: " + scimGroup.getDisplayName() + " already exists.");
        }
    }

    @Override // org.cloudfoundry.identity.uaa.resources.ResourceManager
    public ScimGroup update(String str, ScimGroup scimGroup) throws InvalidScimResourceException, ScimResourceNotFoundException {
        return update(str, scimGroup, IdentityZoneHolder.get().getId());
    }

    public ScimGroup update(final String str, final ScimGroup scimGroup, final String str2) throws InvalidScimResourceException, ScimResourceNotFoundException {
        try {
            validateGroup(scimGroup);
            int update = this.jdbcTemplate.update(UPDATE_GROUP_SQL, new PreparedStatementSetter() { // from class: org.cloudfoundry.identity.uaa.scim.jdbc.JdbcScimGroupProvisioning.2
                @Override // org.springframework.jdbc.core.PreparedStatementSetter
                public void setValues(PreparedStatement preparedStatement) throws SQLException {
                    int i = 1 + 1;
                    preparedStatement.setInt(1, scimGroup.getVersion() + 1);
                    int i2 = i + 1;
                    preparedStatement.setString(i, scimGroup.getDisplayName());
                    int i3 = i2 + 1;
                    preparedStatement.setString(i2, scimGroup.getDescription());
                    int i4 = i3 + 1;
                    preparedStatement.setTimestamp(i3, new Timestamp(new Date().getTime()));
                    int i5 = i4 + 1;
                    preparedStatement.setString(i4, str);
                    int i6 = i5 + 1;
                    preparedStatement.setInt(i5, scimGroup.getVersion());
                    int i7 = i6 + 1;
                    preparedStatement.setString(i6, str2);
                }
            });
            if (update != 1) {
                throw new IncorrectResultSizeDataAccessException(1, update);
            }
            return retrieve(str, str2);
        } catch (DuplicateKeyException e) {
            throw new InvalidScimResourceException("A group with displayName: " + scimGroup.getDisplayName() + " already exists");
        }
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.cloudfoundry.identity.uaa.resources.ResourceManager
    public ScimGroup delete(String str, int i) throws ScimResourceNotFoundException {
        ScimGroup retrieve = retrieve(str);
        this.membershipManager.removeMembersByGroupId(str);
        this.externalGroupMappingManager.unmapAll(str);
        int update = i > 0 ? this.jdbcTemplate.update(DELETE_GROUP_SQL + " and version=?;", str, IdentityZoneHolder.get().getId(), Integer.valueOf(i)) : this.jdbcTemplate.update(DELETE_GROUP_SQL, str, IdentityZoneHolder.get().getId());
        if (update != 1) {
            throw new IncorrectResultSizeDataAccessException(1, update);
        }
        return retrieve;
    }

    @Override // org.cloudfoundry.identity.uaa.audit.event.SystemDeletable
    public int deleteByIdentityZone(String str) {
        this.jdbcTemplate.update(DELETE_ZONE_ADMIN_MEMBERSHIP_BY_ZONE, IdentityZone.getUaa().getId(), ZoneManagementScopes.ZONES_ZONE_ID_PREFIX + str + ".%");
        this.jdbcTemplate.update(DELETE_ZONE_ADMIN_GROUPS_BY_ZONE, IdentityZone.getUaa().getId(), ZoneManagementScopes.ZONES_ZONE_ID_PREFIX + str + ".%");
        this.jdbcTemplate.update(DELETE_EXTERNAL_GROUP_BY_ZONE, str);
        this.jdbcTemplate.update(DELETE_GROUP_MEMBERSHIP_BY_ZONE, str);
        return this.jdbcTemplate.update(DELETE_GROUP_BY_ZONE, str);
    }

    @Override // org.cloudfoundry.identity.uaa.audit.event.SystemDeletable
    public int deleteByOrigin(String str, String str2) {
        this.jdbcTemplate.update(DELETE_EXTERNAL_GROUP_BY_PROVIDER, str2, str);
        return this.jdbcTemplate.update(DELETE_GROUP_MEMBERSHIP_BY_PROVIDER, str2, str);
    }

    protected void validateGroup(ScimGroup scimGroup) throws ScimResourceConstraintFailedException {
        if (!StringUtils.hasText(scimGroup.getZoneId())) {
            throw new ScimResourceConstraintFailedException("zoneId is a required field");
        }
    }

    @Override // org.cloudfoundry.identity.uaa.resources.jdbc.AbstractQueryable
    protected void validateOrderBy(String str) throws IllegalArgumentException {
        super.validateOrderBy(str, GROUP_FIELDS);
    }
}
