package com.dynfi.services;

import com.dynfi.exceptions.CannotCreateException;
import com.dynfi.exceptions.CannotDeleteException;
import com.dynfi.exceptions.CannotUpdateException;
import com.dynfi.exceptions.EntityNotFoundException;
import com.dynfi.services.dto.AllowedDevices;
import com.dynfi.services.dto.DeviceGroupCreateRequest;
import com.dynfi.services.dto.DeviceGroupUpdateRequest;
import com.dynfi.storage.entities.ConnectionAgentToken;
import com.dynfi.storage.entities.Device;
import com.dynfi.storage.entities.DeviceGroup;
import com.dynfi.storage.entities.HasDeviceReference;
import com.dynfi.storage.entities.LogEntry;
import com.dynfi.storage.entities.MessageCode;
import com.dynfi.storage.entities.User;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.mongodb.QueryOperators;
import dev.morphia.Datastore;
import dev.morphia.UpdateOptions;
import dev.morphia.query.FindOptions;
import dev.morphia.query.Query;
import dev.morphia.query.experimental.filters.Filters;
import dev.morphia.query.experimental.updates.UpdateOperator;
import dev.morphia.query.experimental.updates.UpdateOperators;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import java.util.UUID;
import java.util.stream.Collectors;
import javax.inject.Inject;
import javax.ws.rs.ForbiddenException;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.shiro.authz.AuthorizationException;
import org.bson.BsonBinary;
import org.bson.Document;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/dynfi/services/DeviceGroupServiceImpl.class */
public class DeviceGroupServiceImpl implements DeviceGroupService {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) DeviceGroupServiceImpl.class);
    private final Datastore datastore;
    private final UserService userService;
    private final DeviceService deviceService;
    private final LogService logService;

    @Inject
    public DeviceGroupServiceImpl(Datastore datastore, UserService userService, DeviceService deviceService, LogService logService) {
        this.datastore = datastore;
        this.userService = userService;
        this.deviceService = deviceService;
        this.logService = logService;
    }

    public static boolean canUserAccessAllSpecifiedDeviceGroups(User user, Collection<UUID> collection) {
        return CollectionUtils.isEmpty(collection) || user.canAccessAllDeviceGroups() || ((Set) user.getLimitedToDeviceGroups().stream().map((v0) -> {
            return v0.getId();
        }).collect(Collectors.toSet())).containsAll(collection);
    }

    public static void ensureCurrentUserNotReachingNotAllowedDeviceGroups(User user, Set<UUID> set) {
        if (canUserAccessAllSpecifiedDeviceGroups(user, set)) {
            return;
        }
        logger.warn("User {} trying to access device groups {}, which the user is not allowed to.", user.getId(), CollectionUtils.removeAll(set, (Collection) user.getLimitedToDeviceGroups().stream().map((v0) -> {
            return v0.getId();
        }).collect(Collectors.toSet())));
        throw new AuthorizationException("Not authorized to use all the requested device groups");
    }

    public static void addFilterToQueryToLimitDeviceGroupsIds(Query<DeviceGroup> query, User user, Set<UUID> set) {
        if (CollectionUtils.isEmpty(set)) {
            query.filter(Filters.in("id", (Iterable) user.getLimitedToDeviceGroups().stream().map((v0) -> {
                return v0.getId();
            }).collect(Collectors.toSet())));
        } else {
            query.filter(Filters.in("id", set));
        }
    }

    public static void addFilterToQueryToLimitDeviceGroups(Query<?> query, String str, User user, Set<UUID> set) {
        if ("id".equals(str)) {
            throw new IllegalArgumentException("This method can't filter using IDs");
        }
        if (CollectionUtils.isEmpty(set)) {
            query.filter(Filters.in(str, user.getLimitedToDeviceGroups()));
        } else {
            query.filter(Filters.in(str, set));
        }
    }

    public static void ensureUserCanAccessFeatureOnlyHavingALLDeviceGroup(UserService userService, String str, Logger logger2) {
        User currentUser = userService.getCurrentUser();
        if (currentUser.canAccessAllDeviceGroups()) {
            return;
        }
        logger2.warn("User {} trying to access feature [{}], which the user is not allowed to, because the user is not allowed to access ALL device group.", currentUser.getId(), str);
        throw new ForbiddenException("Not assigned ALL device group");
    }

    @Override // com.dynfi.services.DeviceGroupService
    public void addFilterToQueryToLimitDevicesOfCurrentUser(Query<? extends HasDeviceReference> query, String str) {
        AllowedDevices allDevicesCurrentUserIsLimitedTo = getAllDevicesCurrentUserIsLimitedTo();
        if (!allDevicesCurrentUserIsLimitedTo.cannotAccessAll() || queryHasValidDevicesSpecified(query, str, allDevicesCurrentUserIsLimitedTo.getDevices())) {
            return;
        }
        query.filter(Filters.in(str, allDevicesCurrentUserIsLimitedTo.getDevices()));
    }

    private boolean queryHasValidDevicesSpecified(Query<?> query, String str, Collection<Device> collection) {
        Object obj = query.toDocument().get(str);
        if (obj == null) {
            return false;
        }
        if (obj instanceof BsonBinary) {
            return getAllowedBinaries(collection).contains(obj);
        }
        if (!(obj instanceof Document)) {
            return false;
        }
        List list = (List) ((Document) obj).get((Object) QueryOperators.IN, List.class);
        if (list.isEmpty()) {
            return false;
        }
        return getAllowedBinaries(collection).containsAll(list);
    }

    private Set<BsonBinary> getAllowedBinaries(Collection<Device> collection) {
        return (Set) collection.stream().map(device -> {
            return new BsonBinary(device.getId());
        }).collect(Collectors.toSet());
    }

    @Override // com.dynfi.services.DeviceGroupService
    public DeviceGroup getFromIdOrDefault(UUID uuid) {
        DeviceGroup deviceGroup;
        if (uuid == null) {
            deviceGroup = getDefaultGroup();
        } else {
            deviceGroup = (DeviceGroup) this.datastore.find(DeviceGroup.class).filter(Filters.eq("id", uuid)).first();
            if (deviceGroup == null) {
                throw new EntityNotFoundException("Cannot find device group with ID [" + uuid + "]");
            }
        }
        User currentUser = this.userService.getCurrentUser();
        if (currentUser.canAccessAllDeviceGroups() || currentUser.getLimitedToDeviceGroups().contains(deviceGroup)) {
            return deviceGroup;
        }
        throw new AuthorizationException("User not allowed to access device group ID [" + uuid + "]");
    }

    @Override // com.dynfi.services.DeviceGroupService
    public boolean canCurrentUserAccessAllSpecifiedDeviceGroups(UUID... uuidArr) {
        return canCurrentUserAccessAllSpecifiedDeviceGroups(Arrays.asList(uuidArr));
    }

    @Override // com.dynfi.services.DeviceGroupService
    public boolean canCurrentUserAccessAllSpecifiedDeviceGroups(Collection<UUID> collection) {
        return canUserAccessAllSpecifiedDeviceGroups(this.userService.getCurrentUser(), collection);
    }

    @Override // com.dynfi.services.DeviceGroupService
    public DeviceGroup create(DeviceGroupCreateRequest deviceGroupCreateRequest) {
        if (((DeviceGroup) this.datastore.find(DeviceGroup.class).filter(Filters.regex("name").pattern(deviceGroupCreateRequest.getName()).caseInsensitive()).first()) != null) {
            String str = "Cannot create device group with name " + deviceGroupCreateRequest.getName() + ", the group with such name already exists.";
            logger.info(str);
            throw new CannotCreateException(str);
        }
        DeviceGroup deviceGroup = (DeviceGroup) this.datastore.find(DeviceGroup.class).filter(Filters.eq("id", deviceGroupCreateRequest.getParent())).first();
        if (deviceGroup == null) {
            String str2 = "Cannot create device group, parent group " + deviceGroupCreateRequest.getParent() + " does not exist.";
            logger.info(str2);
            throw new CannotCreateException(str2);
        }
        if (!deviceGroup.isDefault()) {
            String str3 = "Cannot create device group, parent group " + deviceGroupCreateRequest.getParent() + " is not the default ALL group.";
            logger.info(str3);
            throw new CannotCreateException(str3);
        }
        DeviceGroup deviceGroup2 = new DeviceGroup(deviceGroupCreateRequest.getName(), deviceGroup);
        this.datastore.save((Datastore) deviceGroup2);
        logger.info("New device group [ID: {}, name{} ] created (parent group set to [{}]).", deviceGroup2.getId(), deviceGroup2.getName(), deviceGroup.getId());
        this.logService.addLogEntry(MessageCode.DEVICE_GROUP_CREATED, LogEntry.Severity.INFO, ImmutableMap.of("deviceGroupId", deviceGroup2.getId().toString(), "deviceGroupName", deviceGroup2.getName(), "parentDeviceGroupId", deviceGroup.getId().toString()));
        return deviceGroup2;
    }

    @Override // com.dynfi.services.DeviceGroupService
    public void delete(UUID uuid) {
        DeviceGroup deviceGroup = (DeviceGroup) this.datastore.find(DeviceGroup.class).filter(Filters.eq("id", uuid)).first();
        if (deviceGroup == null) {
            throw new EntityNotFoundException("Device group does not exist.");
        }
        if ("ALL".equals(deviceGroup.getName())) {
            throw new CannotDeleteException("Cannot delete default ALL device group.");
        }
        if (this.datastore.find(Device.class).filter(Filters.eq("deviceGroup", uuid)).count() > 0) {
            throw new CannotDeleteException("Device group still has some devices assigned.");
        }
        deactivateAllConnectionAgentTokensForTheGroup(deviceGroup);
        this.userService.removeAllUsersFromDeviceGroup(deviceGroup);
        this.datastore.delete((Datastore) deviceGroup);
        this.logService.addLogEntry(MessageCode.DEVICE_GROUP_DELETED, LogEntry.Severity.INFO, ImmutableMap.of("deviceGroupId", deviceGroup.getId().toString(), "deviceGroupName", deviceGroup.getName()));
    }

    private void deactivateAllConnectionAgentTokensForTheGroup(DeviceGroup deviceGroup) {
        this.datastore.find(ConnectionAgentToken.class).filter(Filters.eq("deviceGroup", deviceGroup), Filters.eq("deactivated", false)).update(UpdateOperators.set("deactivated", true), new UpdateOperator[0]).execute(new UpdateOptions().multi(true));
    }

    @Override // com.dynfi.services.DeviceGroupService
    public DeviceGroup update(DeviceGroupUpdateRequest deviceGroupUpdateRequest) {
        DeviceGroup deviceGroup = (DeviceGroup) this.datastore.find(DeviceGroup.class).filter(Filters.eq("id", deviceGroupUpdateRequest.getId())).first();
        if (deviceGroup == null) {
            throw new EntityNotFoundException("Device group does not exist.");
        }
        if ("ALL".equals(deviceGroup.getName())) {
            throw new CannotUpdateException("Cannot rename default ALL device group.");
        }
        if (((DeviceGroup) this.datastore.find(DeviceGroup.class).filter(Filters.ne("id", deviceGroup.getId()), Filters.regex("name").pattern(deviceGroupUpdateRequest.getName()).caseInsensitive()).first()) != null) {
            String str = "Cannot update device group to name " + deviceGroupUpdateRequest.getName() + ", the group with such name already exists.";
            logger.info(str);
            throw new CannotUpdateException(str);
        }
        String name = deviceGroup.getName();
        deviceGroup.setName(deviceGroupUpdateRequest.getName());
        this.datastore.save((Datastore) deviceGroup);
        this.logService.addLogEntry(MessageCode.DEVICE_GROUP_RENAMED, LogEntry.Severity.INFO, ImmutableMap.of("deviceGroupId", deviceGroup.getId().toString(), "deviceGroupName", deviceGroup.getName(), "oldDeviceGroupName", name));
        return deviceGroup;
    }

    @Override // com.dynfi.services.DeviceGroupService
    public DeviceGroup getById(UUID uuid) {
        return (DeviceGroup) this.datastore.find(DeviceGroup.class).filter(Filters.eq("id", uuid)).first();
    }

    @Override // com.dynfi.services.DeviceGroupService
    public List<DeviceGroup> getAll() {
        return getAllForUser(this.userService.getCurrentUser());
    }

    @Override // com.dynfi.services.DeviceGroupService
    public List<DeviceGroup> getAllForUser(User user) {
        Query find = this.datastore.find(DeviceGroup.class);
        if (!user.canAccessAllDeviceGroups()) {
            addFilterToQueryToLimitDeviceGroupsIds(find, user, Collections.emptySet());
        }
        return find.iterator().toList();
    }

    @Override // com.dynfi.services.DeviceGroupService
    public boolean canCurrentUserAccessAllSpecifiedDevices(Collection<UUID> collection) {
        return canUserAccessAllSpecifiedDevices(this.userService.getCurrentUser(), collection);
    }

    @Override // com.dynfi.services.DeviceGroupService
    public boolean canUserAccessAllSpecifiedDevices(User user, Collection<UUID> collection) {
        if (user == null) {
            throw new IllegalArgumentException("User must be specified");
        }
        return CollectionUtils.isEmpty(collection) || user.canAccessAllDeviceGroups() || this.datastore.find(Device.class).filter(Filters.in("id", collection), Filters.nin("deviceGroup", user.getLimitedToDeviceGroups())).count() == 0;
    }

    @Override // com.dynfi.services.DeviceGroupService
    public AllowedDevices getAllDevicesCurrentUserIsLimitedTo() {
        User currentUser = this.userService.getCurrentUser();
        return (currentUser == null || currentUser.canAccessAllDeviceGroups()) ? new AllowedDevices(true, Collections.emptyList()) : new AllowedDevices(false, this.datastore.find(Device.class).filter(Filters.in("deviceGroup", currentUser.getLimitedToDeviceGroups())).iterator(new FindOptions().projection().include("id")).toList());
    }

    @Override // com.dynfi.services.DeviceGroupService
    public boolean canCurrentUserAccessAllDeviceGroups() {
        return this.userService.getCurrentUser().canAccessAllDeviceGroups();
    }

    @Override // com.dynfi.services.DeviceGroupService
    public void addUsers(UUID uuid, Set<UUID> set) {
        if (logger.isDebugEnabled()) {
            logger.debug("Adding users [{}] to device group [{}] by user [{}]", set, uuid, this.userService.getCurrentUser().getId());
        }
        this.userService.addUsersToDeviceGroups(set, ImmutableSet.of(getById(uuid)));
    }

    @Override // com.dynfi.services.DeviceGroupService
    public void removeUsers(UUID uuid, Set<UUID> set) {
        if (logger.isDebugEnabled()) {
            logger.debug("Removing users [{}] from device group [{}] by user [{}]", set, uuid, this.userService.getCurrentUser().getId());
        }
        DeviceGroup byId = getById(uuid);
        ensureTheLastUserOfDefaultGroupNotRemoved(set, byId);
        this.userService.removeUsersFromDeviceGroups(set, ImmutableSet.of(byId));
    }

    private void ensureTheLastUserOfDefaultGroupNotRemoved(Set<UUID> set, DeviceGroup deviceGroup) {
        if (deviceGroup.isDefault()) {
            ensureTheLastActiveUserOfGroupNotRemoved(set, deviceGroup, this.userService);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void ensureTheLastActiveUserOfGroupNotRemoved(Set<UUID> set, DeviceGroup deviceGroup, UserService userService) {
        Set<UUID> activeUsersAssignedToDeviceGroup = userService.getActiveUsersAssignedToDeviceGroup(deviceGroup);
        activeUsersAssignedToDeviceGroup.removeAll(set);
        if (activeUsersAssignedToDeviceGroup.isEmpty()) {
            throw new CannotDeleteException(String.format("Cannot delete the last user of the %s group.", deviceGroup.getName()));
        }
    }

    @Override // com.dynfi.services.DeviceGroupService
    public void moveDevices(UUID uuid, Set<UUID> set) {
        if (logger.isDebugEnabled()) {
            logger.debug("Moving devices [{}] to device group [{}] by user [{}]", set, uuid, this.userService.getCurrentUser().getId());
        }
        this.deviceService.moveDevicesToDeviceGroup(set, getById(uuid));
    }

    private DeviceGroup getDefaultGroup() {
        DeviceGroup deviceGroup = (DeviceGroup) this.datastore.find(DeviceGroup.class).filter(Filters.eq("name", "ALL")).first();
        if (deviceGroup == null) {
            throw new EntityNotFoundException("Cannot find default device group. System configuration error!");
        }
        if (this.userService.getCurrentUser().canAccessAllDeviceGroups()) {
            return deviceGroup;
        }
        throw new AuthorizationException("User not allowed to access default device group");
    }
}
