package com.greenhat.server.container.server.audit.orm;

import com.greenhat.server.container.server.ServerDetailService;
import com.greenhat.server.container.server.audit.AuditService;
import com.greenhat.server.container.server.audit.LoggerName;
import com.greenhat.server.container.server.datamodel.Domain;
import com.greenhat.server.container.server.datamodel.Environment;
import com.greenhat.server.container.server.domains.DomainManagerImpl;
import com.greenhat.server.container.server.orm.ServerDetail;
import com.greenhat.server.container.server.security.CredentialsStore;
import com.greenhat.server.container.server.security.CredentialsStoreFactory;
import com.greenhat.server.container.server.security.role.JpaRoleManagerImpl;
import com.greenhat.server.container.server.security.role.JpaRoleStoreImpl;
import com.greenhat.server.container.server.security.token.orm.AuthenticationRecordStoreImpl;
import com.greenhat.server.container.server.security.util.SecurityEnablementService;
import com.greenhat.server.container.server.util.SystemTimestampService;
import com.greenhat.server.container.server.util.VersionUtils;
import com.greenhat.server.container.shared.audit.AuditAction;
import com.greenhat.server.container.shared.datamodel.AuthenticationRecord;
import com.greenhat.server.container.shared.datamodel.DomainId;
import com.greenhat.server.container.shared.datamodel.Role;
import com.greenhat.server.container.shared.datamodel.User;
import com.greenhat.server.container.shared.datamodel.UserRoles;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.EntityTransaction;

/* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/audit/orm/DatabaseSetup.class */
public class DatabaseSetup {
    private static final Logger logger = Logger.getLogger(DatabaseSetup.class.getName());
    private final File installationDirectory;
    private final String securityWorkingDirectory;
    private final EntityManager auditEntityManager;
    private final EntityManagerFactory domainEntityManagerFactory;
    private final EntityManager domainEntityManager;
    private final EntityManagerFactory roleEntityManagerFactory;
    private final ServerDetailService serverDetailService;
    private final CredentialsStore credentialsStore;
    private final AuditService auditService;

    /* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/audit/orm/DatabaseSetup$MigrateTo87.class */
    public class MigrateTo87 {
        public static final String MIGRATION_LOG_FILE_NAME = "migration.8700.log";
        private File logFile;
        private FileWriter logFileWriter;

        public MigrateTo87() {
            File file = new File(DatabaseSetup.this.installationDirectory, "logs/");
            file.mkdir();
            try {
                this.logFile = new File(file, MIGRATION_LOG_FILE_NAME);
                this.logFile.createNewFile();
                this.logFileWriter = new FileWriter(this.logFile);
            } catch (IOException e) {
                DatabaseSetup.logger.log(Level.WARNING, "Could not create migration log file " + this.logFile.getAbsolutePath() + ", trying alternative in workspace");
                try {
                    this.logFile = new File(DatabaseSetup.this.securityWorkingDirectory, MIGRATION_LOG_FILE_NAME);
                    this.logFile.createNewFile();
                    this.logFileWriter = new FileWriter(this.logFile);
                } catch (IOException e2) {
                    throw new RuntimeException("Could not create workspace migration log file " + this.logFile.getAbsolutePath() + ", so aborting migration", e);
                }
            }
        }

        public void migrate() {
            migrateTo87Schema();
            migrateTo87DomainRoleUserNames();
            migrateTo87SecurityTokenUserNames();
        }

        private void migrateTo87Schema() {
            EntityTransaction transaction = DatabaseSetup.this.domainEntityManager.getTransaction();
            transaction.begin();
            DatabaseSetup.this.domainEntityManager.createNativeQuery("alter table DOMAIN alter column DATABASEURL varchar(512)").executeUpdate();
            DatabaseSetup.this.domainEntityManager.createNativeQuery("alter table DATABASEDESCRIPTOR alter column URL varchar(512)").executeUpdate();
            transaction.commit();
        }

        private void migrateTo87DomainRoleUserNames() {
            DatabaseSetup.logger.info("Migrating domain roles to canonical user names...");
            DatabaseSetup.logger.info("Logging migrated data to " + this.logFile.getAbsolutePath());
            List<Domain> findAll = new DomainManagerImpl(DatabaseSetup.this.domainEntityManagerFactory).findAll();
            JpaRoleStoreImpl jpaRoleStoreImpl = new JpaRoleStoreImpl(new JpaRoleManagerImpl(DatabaseSetup.this.roleEntityManagerFactory));
            logHeader("Before migration");
            for (Domain domain : findAll) {
                DomainId domainId = new DomainId(domain.getId().longValue());
                for (UserRoles userRoles : jpaRoleStoreImpl.getUserRoles(domainId)) {
                    log(domainId, userRoles);
                    String name = userRoles.user.getName();
                    String userExists = DatabaseSetup.this.credentialsStore.userExists(name);
                    if (userExists != null && !userExists.equals(name)) {
                        jpaRoleStoreImpl.removeUser(domainId, userRoles.user);
                        jpaRoleStoreImpl.setRoles(domainId, new User(userExists, null), userRoles.roles);
                        DatabaseSetup.this.auditService.log(Level.INFO, "databaseSetup_userNameMigrated", AuditAction.MODIFY_USER, domain, (Environment) null, User.DEFAULT_USER, userExists, name, userRoles.roles.toString());
                    }
                }
            }
            logHeader("After migration");
            Iterator<Domain> it = findAll.iterator();
            while (it.hasNext()) {
                DomainId domainId2 = new DomainId(it.next().getId().longValue());
                Iterator<UserRoles> it2 = jpaRoleStoreImpl.getUserRoles(domainId2).iterator();
                while (it2.hasNext()) {
                    log(domainId2, it2.next());
                }
            }
            try {
                this.logFileWriter.close();
            } catch (IOException e) {
                DatabaseSetup.logger.log(Level.SEVERE, "Could not close migration log file " + this.logFile.getAbsolutePath() + " - migration log may have been lost.", (Throwable) e);
            }
            DatabaseSetup.logger.info("Finished migrating domain roles to canonical user names");
        }

        private void logHeader(String str) {
            try {
                this.logFileWriter.append('[');
                this.logFileWriter.append((CharSequence) str);
                this.logFileWriter.append((CharSequence) "]\ndomainId,userId,roleNames\n");
                this.logFileWriter.flush();
            } catch (IOException e) {
                throw new RuntimeException("Could not write to migration log file, so aborting migration", e);
            }
        }

        private void log(DomainId domainId, UserRoles userRoles) {
            try {
                this.logFileWriter.append((CharSequence) String.valueOf(domainId.id));
                this.logFileWriter.append(',');
                this.logFileWriter.append((CharSequence) userRoles.user.getName());
                for (Role role : userRoles.roles) {
                    this.logFileWriter.append(',');
                    this.logFileWriter.append((CharSequence) role.getId());
                }
                this.logFileWriter.append('\n');
                this.logFileWriter.flush();
            } catch (IOException e) {
                throw new RuntimeException("Could not write to migration log file, so aborting migration", e);
            }
        }

        private void migrateTo87SecurityTokenUserNames() {
            String str;
            String userExists;
            DatabaseSetup.logger.info("Migrating security tokens to canonical user names...");
            AuthenticationRecordStoreImpl authenticationRecordStoreImpl = new AuthenticationRecordStoreImpl(DatabaseSetup.this.roleEntityManagerFactory);
            for (AuthenticationRecord authenticationRecord : authenticationRecordStoreImpl.getTokens()) {
                if (authenticationRecord != null && (userExists = DatabaseSetup.this.credentialsStore.userExists((str = authenticationRecord.userId.name))) != null && !userExists.equals(str)) {
                    authenticationRecordStoreImpl.deleteToken(authenticationRecord.token);
                    authenticationRecordStoreImpl.storeToken(authenticationRecord.token, userExists, authenticationRecord.expiry, authenticationRecord.description);
                    DatabaseSetup.this.auditService.log(Level.INFO, "databaseSetup_tokenMigrated", AuditAction.ALTER_ROLES, (Domain) null, (Environment) null, User.DEFAULT_USER, userExists, str);
                }
            }
            DatabaseSetup.logger.info("Finished migrating security tokens to canonical user names");
        }
    }

    public DatabaseSetup(File file, String str, EntityManagerFactory entityManagerFactory, EntityManagerFactory entityManagerFactory2, EntityManagerFactory entityManagerFactory3, ServerDetailService serverDetailService) throws Exception {
        this(file, str, entityManagerFactory, entityManagerFactory2, entityManagerFactory3, serverDetailService, createAuditService(entityManagerFactory));
    }

    private DatabaseSetup(File file, String str, EntityManagerFactory entityManagerFactory, EntityManagerFactory entityManagerFactory2, EntityManagerFactory entityManagerFactory3, ServerDetailService serverDetailService, AuditService auditService) throws Exception {
        this(file, str, entityManagerFactory, entityManagerFactory2, entityManagerFactory3, serverDetailService, createCredentialsStore(str, auditService), auditService);
    }

    DatabaseSetup(File file, String str, EntityManagerFactory entityManagerFactory, EntityManagerFactory entityManagerFactory2, EntityManagerFactory entityManagerFactory3, ServerDetailService serverDetailService, CredentialsStore credentialsStore, AuditService auditService) {
        this.installationDirectory = file;
        this.securityWorkingDirectory = str;
        this.auditEntityManager = entityManagerFactory.createEntityManager();
        this.domainEntityManagerFactory = entityManagerFactory2;
        this.domainEntityManager = entityManagerFactory2.createEntityManager();
        this.roleEntityManagerFactory = entityManagerFactory3;
        this.serverDetailService = serverDetailService;
        this.credentialsStore = credentialsStore;
        this.auditService = auditService;
    }

    private static AuditService createAuditService(EntityManagerFactory entityManagerFactory) {
        return new HibernateAuditService(LoggerName.Migration, null, new SystemTimestampService(), new HibernateAuditEntryManagerImpl(entityManagerFactory));
    }

    private static CredentialsStore createCredentialsStore(String str, AuditService auditService) throws Exception {
        CredentialsStoreFactory credentialsStoreFactory = new CredentialsStoreFactory(str, new SecurityEnablementService(auditService, str));
        credentialsStoreFactory.init();
        CredentialsStore m61getObject = credentialsStoreFactory.m61getObject();
        if (m61getObject == null) {
            throw new RuntimeException("Could not create CredentialsStore for migration");
        }
        return m61getObject;
    }

    public void init() {
        try {
            String value = this.serverDetailService.getValue(ServerDetail.SERVER_RELEASE_KEY);
            if (value == null) {
                logger.severe("RTCP release from database is corrupt, so cannot ensure database has correct schema.");
            } else {
                checkSchemaVersionAndMigrateIfRequired(value);
            }
        } catch (ServerDetailService.DatabaseNotInitialisedException e) {
            initialiseDatabase();
        } catch (ServerDetailService.NoDetailFoundException e2) {
            initialiseDatabase();
        }
        initLogExpiry();
    }

    private void initialiseDatabase() {
        try {
            String releaseFromPropertiesFile = getReleaseFromPropertiesFile();
            logger.info("No RTCP release found in database - assume database is being created. Setting release to " + releaseFromPropertiesFile);
            this.serverDetailService.setValue(ServerDetail.SERVER_RELEASE_KEY, releaseFromPropertiesFile);
        } catch (IOException e) {
            logger.severe("No RTCP release found in database (assuming new database), but release not available through properties to initialise it. Cannot ensure initialisation of database is safe for future migration.");
        }
    }

    private void initLogExpiry() {
        String str = null;
        try {
            str = this.serverDetailService.getValue(ServerDetail.LOG_EXPIRY_KEY);
        } catch (ServerDetailService.ServerDetailException e) {
        }
        if (str == null) {
            this.serverDetailService.setValue(ServerDetail.LOG_EXPIRY_KEY, ServerDetail.DEFAULT_LOG_EXPIRY_VALUE);
        }
    }

    private void checkSchemaVersionAndMigrateIfRequired(String str) {
        try {
            String releaseFromPropertiesFile = getReleaseFromPropertiesFile();
            if (!str.equals(releaseFromPropertiesFile)) {
                if (str.equals("2.0.3") || str.startsWith("5.4.0")) {
                    EntityTransaction transaction = this.domainEntityManager.getTransaction();
                    transaction.begin();
                    EntityTransaction transaction2 = this.auditEntityManager.getTransaction();
                    transaction2.begin();
                    this.domainEntityManager.createNativeQuery("alter table DOMAIN alter column ID LONG AUTO_INCREMENT").executeUpdate();
                    this.auditEntityManager.createNativeQuery("alter table AUDITLOGRECORD alter column ID LONG AUTO_INCREMENT").executeUpdate();
                    this.auditEntityManager.createNativeQuery("alter table LOGENTRY alter column ID LONG AUTO_INCREMENT").executeUpdate();
                    markDatabaseMigrated(releaseFromPropertiesFile);
                    transaction2.commit();
                    transaction.commit();
                } else if (str.startsWith("5.5.0")) {
                    migrateTo87();
                    markDatabaseMigrated(releaseFromPropertiesFile);
                } else if (str.startsWith("8.0.0")) {
                    migrateTo87();
                    markDatabaseMigrated(releaseFromPropertiesFile);
                } else if (str.startsWith("8.0.1")) {
                    migrateTo87();
                    markDatabaseMigrated(releaseFromPropertiesFile);
                } else if (str.startsWith("8.5.0")) {
                    migrateTo87();
                    markDatabaseMigrated(releaseFromPropertiesFile);
                } else if (str.startsWith("8.5.1")) {
                    migrateTo87();
                    markDatabaseMigrated(releaseFromPropertiesFile);
                } else if (str.startsWith("8.6")) {
                    migrateTo87();
                    markDatabaseMigrated(releaseFromPropertiesFile);
                } else if (str.startsWith("8.7.0")) {
                    markDatabaseMigrated(releaseFromPropertiesFile);
                } else {
                    logger.severe("Cannot migrate from version " + str + " to " + releaseFromPropertiesFile);
                }
            }
        } catch (IOException e) {
            logger.severe("RTCP release not available through properties, so cannot ensure database has correct schema.");
        }
    }

    private void migrateTo87() {
        new MigrateTo87().migrate();
    }

    private void markDatabaseMigrated(String str) {
        this.serverDetailService.setValue(ServerDetail.SERVER_RELEASE_KEY, str);
        logger.info("Migrated workspace database to version " + str);
    }

    private String getReleaseFromPropertiesFile() throws IOException {
        return VersionUtils.getVersion().getRelease();
    }
}
