package io.gravitee.am.management.service.impl.upgrades;

import io.gravitee.am.identityprovider.api.User;
import io.gravitee.am.management.service.IdentityProviderManager;
import io.gravitee.am.management.service.impl.upgrades.helpers.MembershipHelper;
import io.gravitee.am.model.Domain;
import io.gravitee.am.model.IdentityProvider;
import io.gravitee.am.model.Organization;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.Role;
import io.gravitee.am.model.common.Page;
import io.gravitee.am.model.permissions.DefaultRole;
import io.gravitee.am.service.AuditService;
import io.gravitee.am.service.DomainService;
import io.gravitee.am.service.IdentityProviderService;
import io.gravitee.am.service.OrganizationService;
import io.gravitee.am.service.OrganizationUserService;
import io.gravitee.am.service.RoleService;
import io.gravitee.am.service.model.NewIdentityProvider;
import io.gravitee.am.service.model.PatchOrganization;
import io.gravitee.am.service.reporter.builder.AuditBuilder;
import io.gravitee.am.service.reporter.builder.management.UserAuditBuilder;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.Ordered;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/gravitee/am/management/service/impl/upgrades/DefaultOrganizationUpgrader.class */
public class DefaultOrganizationUpgrader implements Upgrader, Ordered {
    private static final int PAGE_SIZE = 10;
    private final OrganizationService organizationService;
    private final IdentityProviderService identityProviderService;
    private final OrganizationUserService userService;
    private final MembershipHelper membershipHelper;
    private final RoleService roleService;
    private final DomainService domainService;
    private final Environment environment;
    private final IdentityProviderManager identityProviderManager;
    private final AuditService auditService;
    private final boolean useDefaultAdmin;
    private static final Logger logger = LoggerFactory.getLogger(DefaultOrganizationUpgrader.class);
    private static final String ADMIN_DOMAIN = "admin";
    public static String ADMIN_USERNAME = ADMIN_DOMAIN;
    public static String DEFAULT_INLINE_IDP_CONFIG = "{\"users\":[{\"firstname\":\"Administrator\",\"lastname\":\"Administrator\",\"username\":\"" + ADMIN_USERNAME + "\",\"password\":\"adminadmin\"}]}";

    public DefaultOrganizationUpgrader(OrganizationService organizationService, IdentityProviderService identityProviderService, OrganizationUserService organizationUserService, MembershipHelper membershipHelper, RoleService roleService, DomainService domainService, Environment environment, IdentityProviderManager identityProviderManager, AuditService auditService) {
        this.organizationService = organizationService;
        this.identityProviderService = identityProviderService;
        this.userService = organizationUserService;
        this.membershipHelper = membershipHelper;
        this.roleService = roleService;
        this.domainService = domainService;
        this.environment = environment;
        this.identityProviderManager = identityProviderManager;
        this.auditService = auditService;
        this.useDefaultAdmin = ((Boolean) environment.getProperty("security.defaultAdmin", Boolean.TYPE, true)).booleanValue();
    }

    @Override // io.gravitee.am.management.service.impl.upgrades.Upgrader
    public boolean upgrade() {
        Page page;
        try {
            Organization organization = (Organization) this.organizationService.createDefault().blockingGet();
            if (organization != null) {
                logger.info("Default organization successfully created");
                Domain domain = (Domain) this.domainService.findById(ADMIN_DOMAIN).blockingGet();
                if (domain != null) {
                    PatchOrganization patchOrganization = new PatchOrganization();
                    patchOrganization.setIdentities(domain.getIdentities() != null ? new ArrayList(domain.getIdentities()) : null);
                    this.organizationService.update(organization.getId(), patchOrganization, (User) null).blockingGet();
                    Role role = (Role) this.roleService.findDefaultRole("DEFAULT", DefaultRole.ORGANIZATION_OWNER, ReferenceType.ORGANIZATION).blockingGet();
                    int i = 0;
                    do {
                        page = (Page) this.userService.findAll(ReferenceType.ORGANIZATION, "DEFAULT", i, 10).blockingGet();
                        page.getData().forEach(user -> {
                            this.membershipHelper.setOrganizationRole(user, role);
                        });
                        i++;
                    } while (page.getData().size() == 10);
                    this.domainService.delete(ADMIN_DOMAIN).blockingAwait();
                } else if (this.useDefaultAdmin) {
                    this.membershipHelper.setOrganizationPrimaryOwnerRole(createAdminUser(createInlineProvider()));
                }
            }
            if (this.identityProviderManager != null) {
                this.identityProviderManager.loadIdentityProviders().blockingAwait();
            }
            Organization organization2 = (Organization) this.organizationService.findById("DEFAULT").blockingGet();
            logger.info("Check if default organization is up to date");
            if (this.useDefaultAdmin) {
                List list = (List) Optional.ofNullable(organization2.getIdentities()).orElse(Collections.emptyList());
                IdentityProvider identityProvider = (IdentityProvider) this.identityProviderService.findAll(ReferenceType.ORGANIZATION, "DEFAULT").filter(identityProvider2 -> {
                    return identityProvider2.getType().equals("inline-am-idp") && !identityProvider2.isExternal() && list.contains(identityProvider2.getId());
                }).firstElement().blockingGet();
                if (identityProvider != null && identityProvider.getConfiguration().contains(",\"username\":\"" + ADMIN_USERNAME + "\",") && identityProvider.getRoleMapper().isEmpty() && ((io.gravitee.am.model.User) this.userService.findByUsernameAndSource(ReferenceType.ORGANIZATION, "DEFAULT", ADMIN_USERNAME, identityProvider.getId()).blockingGet()) == null) {
                    this.membershipHelper.setOrganizationPrimaryOwnerRole(createAdminUser(identityProvider));
                }
            }
            this.membershipHelper.setPlatformAdminRole();
            return true;
        } catch (Exception e) {
            logger.error("An error occurred trying to initialize default organization", e);
            return false;
        }
    }

    private IdentityProvider createInlineProvider() {
        logger.info("Create an user-inline provider");
        NewIdentityProvider newIdentityProvider = new NewIdentityProvider();
        newIdentityProvider.setType("inline-am-idp");
        newIdentityProvider.setName("Inline users");
        newIdentityProvider.setConfiguration(DEFAULT_INLINE_IDP_CONFIG);
        IdentityProvider identityProvider = (IdentityProvider) this.identityProviderService.create(ReferenceType.ORGANIZATION, "DEFAULT", newIdentityProvider, (User) null, false).blockingGet();
        logger.info("Associate user-inline provider to default organization");
        PatchOrganization patchOrganization = new PatchOrganization();
        patchOrganization.setIdentities(Collections.singletonList(identityProvider.getId()));
        this.organizationService.update("DEFAULT", patchOrganization, (User) null).blockingGet();
        return identityProvider;
    }

    private io.gravitee.am.model.User createAdminUser(IdentityProvider identityProvider) {
        io.gravitee.am.model.User user = new io.gravitee.am.model.User();
        user.setInternal(false);
        user.setUsername(ADMIN_USERNAME);
        user.setSource(identityProvider.getId());
        user.setReferenceType(ReferenceType.ORGANIZATION);
        user.setReferenceId("DEFAULT");
        return (io.gravitee.am.model.User) this.userService.create(user).doOnSuccess(user2 -> {
            this.auditService.report(((UserAuditBuilder) ((UserAuditBuilder) AuditBuilder.builder(UserAuditBuilder.class)).type("USER_CREATED")).user(user2));
        }).doOnError(th -> {
            this.auditService.report((AuditBuilder) ((UserAuditBuilder) ((UserAuditBuilder) AuditBuilder.builder(UserAuditBuilder.class)).type("USER_CREATED")).throwable(th));
        }).blockingGet();
    }

    @Override // io.gravitee.am.management.service.impl.upgrades.Upgrader
    public int getOrder() {
        return 2;
    }
}
