package com.atlassian.jira.plugins.dvcs.webwork;

import com.atlassian.fusion.aci.api.model.Installation;
import com.atlassian.fusion.aci.api.service.ACIInstallationService;
import com.atlassian.fusion.aci.api.service.exception.ConnectApplicationNotFoundException;
import com.atlassian.fusion.aci.api.service.exception.InstallationNotFoundException;
import com.atlassian.jira.exception.NotFoundException;
import com.atlassian.jira.permission.GlobalPermissionKey;
import com.atlassian.jira.plugins.dvcs.model.Organization;
import com.atlassian.jira.plugins.dvcs.service.OrganizationService;
import com.atlassian.jira.plugins.dvcs.service.optional.aci.AciInstallationServiceAccessor;
import com.atlassian.jira.plugins.dvcs.spi.bitbucket.clientlibrary.model.BitbucketConstants;
import com.atlassian.jira.security.GlobalPermissionManager;
import com.atlassian.jira.security.JiraAuthenticationContext;
import com.atlassian.jira.web.action.ActionViewData;
import com.atlassian.jira.web.action.JiraWebActionSupport;
import com.atlassian.plugin.spring.scanner.annotation.imports.ComponentImport;
import com.atlassian.sal.api.ApplicationProperties;
import com.atlassian.sal.api.UrlMode;
import com.atlassian.webresource.api.assembler.PageBuilderService;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableMap;
import java.util.Map;
import javax.annotation.ParametersAreNonnullByDefault;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ParametersAreNonnullByDefault
/* loaded from: input_file:com/atlassian/jira/plugins/dvcs/webwork/BitbucketPostInstallApprovalAction.class */
public class BitbucketPostInstallApprovalAction extends JiraWebActionSupport {
    private static final Logger log = LoggerFactory.getLogger(BitbucketPostInstallApprovalAction.class);
    private static final String REQUIRE_RESOURCE_KEY = "com.atlassian.jira.plugins.jira-bitbucket-connector-plugin:bitbucket-post-install-approval-resources";
    private static final String APPROVAL_VIEW_NAME = "approval";
    private static final String APPROVAL_ERROR_VIEW_NAME = "approvalError";
    private static final String NON_ADMIN_VIEW_NAME = "nonAdmin";
    private static final String REDIRECT_TO_ADMIN_VIEW_NAME = "redirectToAdminView";
    private static final String UNKNOWN_ERROR_VIEW_NAME = "unknownError";
    private static final String BITBUCKET_ERROR_ACCESS_DENIED = "access_denied";
    private final AciInstallationServiceAccessor aciInstallationServiceAccessor;
    private final ApplicationProperties salApplicationProperties;
    private final com.atlassian.jira.config.properties.ApplicationProperties jiraApplicationProperties;
    private final JiraAuthenticationContext jiraAuthenticationContext;
    private final GlobalPermissionManager globalPermissionManager;
    private final BitbucketPostInstallApprovalActionUrlProvider urlProvider;
    private final PageBuilderService pageBuilderService;
    private final OrganizationService organizationService;
    private boolean isJiraInitiated;
    private boolean isApprovalError;
    private boolean isUnknownError;
    private Installation installation;
    private Organization organization;
    private String principalUuid = "";
    private String accountName = "";
    private String clientKey = "";
    private String unknownErrorMessage = "";
    private String bitbucketError = "";
    private String bitbucketErrorDescription = "";

    public BitbucketPostInstallApprovalAction(@ComponentImport ApplicationProperties applicationProperties, @ComponentImport com.atlassian.jira.config.properties.ApplicationProperties applicationProperties2, @ComponentImport GlobalPermissionManager globalPermissionManager, @ComponentImport JiraAuthenticationContext jiraAuthenticationContext, @ComponentImport PageBuilderService pageBuilderService, AciInstallationServiceAccessor aciInstallationServiceAccessor, BitbucketPostInstallApprovalActionUrlProvider bitbucketPostInstallApprovalActionUrlProvider, OrganizationService organizationService) {
        this.salApplicationProperties = (ApplicationProperties) Preconditions.checkNotNull(applicationProperties);
        this.jiraApplicationProperties = (com.atlassian.jira.config.properties.ApplicationProperties) Preconditions.checkNotNull(applicationProperties2);
        this.jiraAuthenticationContext = (JiraAuthenticationContext) Preconditions.checkNotNull(jiraAuthenticationContext);
        this.globalPermissionManager = (GlobalPermissionManager) Preconditions.checkNotNull(globalPermissionManager);
        this.pageBuilderService = (PageBuilderService) Preconditions.checkNotNull(pageBuilderService);
        this.aciInstallationServiceAccessor = (AciInstallationServiceAccessor) Preconditions.checkNotNull(aciInstallationServiceAccessor);
        this.urlProvider = (BitbucketPostInstallApprovalActionUrlProvider) Preconditions.checkNotNull(bitbucketPostInstallApprovalActionUrlProvider);
        this.organizationService = (OrganizationService) Preconditions.checkNotNull(organizationService);
    }

    public void setPrincipalUuid(String str) {
        this.principalUuid = str;
    }

    public void setClientKey(String str) {
        this.clientKey = str;
    }

    public void setJiraInitiated(String str) {
        this.isJiraInitiated = true;
    }

    public void setAccountName(String str) {
        this.accountName = str;
    }

    public void setApprovalError(String str) {
        this.isApprovalError = true;
    }

    public void setUnknownError(String str) {
        this.isUnknownError = true;
    }

    public void setUnknownErrorMessage(String str) {
        this.unknownErrorMessage = str;
    }

    public void setError(String str) {
        this.bitbucketError = str;
    }

    public void setError_description(String str) {
        this.bitbucketErrorDescription = str;
    }

    protected String doExecute() {
        this.pageBuilderService.assembler().resources().requireWebResource(REQUIRE_RESOURCE_KEY);
        if (!isCurrentUserAdmin()) {
            return NON_ADMIN_VIEW_NAME;
        }
        if (StringUtils.isNotBlank(this.bitbucketError) || StringUtils.isNotBlank(this.bitbucketErrorDescription)) {
            if (BITBUCKET_ERROR_ACCESS_DENIED.equals(this.bitbucketError)) {
                return REDIRECT_TO_ADMIN_VIEW_NAME;
            }
            logBitbucketError();
            return UNKNOWN_ERROR_VIEW_NAME;
        }
        checkRequiredQueryParams();
        if (this.isApprovalError) {
            return APPROVAL_ERROR_VIEW_NAME;
        }
        if (this.isUnknownError) {
            logUnknownError();
            return UNKNOWN_ERROR_VIEW_NAME;
        }
        try {
            this.installation = getAciInstallation();
            this.organization = this.organizationService.getByHostAndName(this.installation.getBaseUrl(), this.installation.getPrincipalUsername());
            if (this.organization == null) {
                log.debug("Organization does not yet exist, however Aci Installation is present. Triggering Org creation based on the Aci Installation found. Principal id: {}", this.installation.getPrincipalUuid());
                this.organizationService.createNewOrgBasedOnAciInstallation(this.installation);
                this.organization = this.organizationService.getByHostAndName(this.installation.getBaseUrl(), this.installation.getPrincipalUsername());
                if (this.organization == null) {
                    return APPROVAL_ERROR_VIEW_NAME;
                }
            }
            return this.organization.getApprovalState() == Organization.ApprovalState.APPROVED ? REDIRECT_TO_ADMIN_VIEW_NAME : APPROVAL_VIEW_NAME;
        } catch (NotFoundException e) {
            return APPROVAL_ERROR_VIEW_NAME;
        }
    }

    private boolean isCurrentUserAdmin() {
        return this.globalPermissionManager.hasPermission(GlobalPermissionKey.ADMINISTER, this.jiraAuthenticationContext.getLoggedInUser());
    }

    private void logUnknownError() {
        log.error("An error occured while a user was trying to approve an Organization. Error message: {}", this.unknownErrorMessage);
    }

    private void logBitbucketError() {
        log.error("Failed to display BB Connection approval screen due to Bitbucket indicating an error in Jira redirect. Error: {}. Error description: {}", this.bitbucketError, this.bitbucketErrorDescription);
    }

    private void checkRequiredQueryParams() {
        if (StringUtils.isBlank(this.principalUuid) && StringUtils.isBlank(this.clientKey)) {
            log.error("We received none of the following query params: principalUuid, clientKey. At least one of them is required for this action.");
            this.isUnknownError = true;
        }
    }

    private Installation getAciInstallation() {
        return StringUtils.isNotBlank(this.principalUuid) ? getAciInstallationByPrincipalUuid(this.principalUuid) : getAciInstallationByClientKey(this.clientKey);
    }

    private Installation getAciInstallationByPrincipalUuid(String str) {
        log.debug("Retrieving ACI Installation based on principalUuid: {}", str);
        try {
            return getAciInstallationService().get(BitbucketConstants.BITBUCKET_CONNECTOR_APPLICATION_ID, str);
        } catch (ConnectApplicationNotFoundException | InstallationNotFoundException e) {
            throw new NotFoundException(String.format("Cannot retrieve ACI Installation with principalUuid '%s': %s", str, e.getMessage()), e);
        }
    }

    private Installation getAciInstallationByClientKey(String str) {
        log.debug("Retrieving ACI Installation based on clientKey: {}", str);
        try {
            return getAciInstallationService().getByClientKey(str);
        } catch (ConnectApplicationNotFoundException | InstallationNotFoundException e) {
            throw new NotFoundException(String.format("Cannot retrieve ACI Installation with clientKey '%s': %s", str, e.getMessage()), e);
        }
    }

    private ACIInstallationService getAciInstallationService() {
        return this.aciInstallationServiceAccessor.get().orElseThrow(() -> {
            return new IllegalStateException("Unable to get an instance of ACIInstallationService from ACIInstallationServiceAccessor");
        });
    }

    @ActionViewData(APPROVAL_VIEW_NAME)
    public Map<String, Object> getApprovalViewData() {
        ImmutableMap.Builder builder = ImmutableMap.builder();
        builder.put("baseUrl", this.salApplicationProperties.getBaseUrl(UrlMode.AUTO));
        builder.put("orgId", Integer.valueOf(this.organization.getId()));
        builder.put("grantAccessButtonRedirectUrl", this.urlProvider.grantAccessButtonRedirectUrl(this.organization));
        builder.put("cancelButtonUrl", this.urlProvider.cancelButtonUrlForApprovalView(this.isJiraInitiated, this.accountName, this.installation));
        builder.put("accountName", this.installation.getPrincipalUsername());
        builder.put("jiraInstanceTitle", this.jiraApplicationProperties.getString("jira.title"));
        builder.put("atlToken", getXsrfToken());
        return builder.build();
    }

    @ActionViewData(NON_ADMIN_VIEW_NAME)
    public Map<String, Object> getNonAdminViewData() {
        ImmutableMap.Builder builder = ImmutableMap.builder();
        builder.put("baseUrl", this.salApplicationProperties.getBaseUrl(UrlMode.AUTO));
        builder.put("okButtonUrl", this.urlProvider.okButtonForNonAdminView(this.isJiraInitiated, this.accountName, this.installation));
        builder.put("logoutButtonUrl", this.urlProvider.logoutButtonUrl());
        builder.put("accountName", this.accountName);
        builder.put("jiraInstanceTitle", this.jiraApplicationProperties.getString("jira.title"));
        builder.put("atlToken", getXsrfToken());
        return builder.build();
    }

    @ActionViewData(APPROVAL_ERROR_VIEW_NAME)
    public Map<String, Object> getApprovalErrorViewData() {
        return createErrorViewDataCommon();
    }

    @ActionViewData(UNKNOWN_ERROR_VIEW_NAME)
    public Map<String, Object> getUnknownErrorViewData() {
        return createErrorViewDataCommon();
    }

    @ActionViewData(REDIRECT_TO_ADMIN_VIEW_NAME)
    public Map<String, Object> getRedirectToAdminViewData() {
        ImmutableMap.Builder builder = ImmutableMap.builder();
        builder.put("redirectUrl", this.urlProvider.dvcsConnectorAdminPageUrl());
        return builder.build();
    }

    private Map<String, Object> createErrorViewDataCommon() {
        ImmutableMap.Builder builder = ImmutableMap.builder();
        builder.put("accountName", this.accountName);
        builder.put("startAgainButtonUrl", this.urlProvider.startAgainButtonUrlForErrorView(this.isJiraInitiated, this.accountName, this.installation));
        builder.put("cancelButtonUrl", this.urlProvider.cancelButtonUrlForErrorView(this.isJiraInitiated, this.accountName, this.installation));
        builder.put("jiraInstanceTitle", this.jiraApplicationProperties.getString("jira.title"));
        return builder.build();
    }
}
