package com.appiancorp.suite.cfg.adminconsole.migration;

import com.appiancorp.common.config.ApplicationContextHolder;
import com.appiancorp.common.config.ConfigObject;
import com.appiancorp.common.config.FatalConfigurationException;
import com.appiancorp.common.initialize.DefaultMigrationFlag;
import com.appiancorp.common.initialize.MigrationFlag;
import com.appiancorp.common.monitoring.ProductMetricsAggregatedDataCollector;
import com.appiancorp.exceptions.InsufficientPrivilegesException;
import com.appiancorp.exceptions.ObjectNotFoundException;
import com.appiancorp.security.SecurityConfiguration;
import com.appiancorp.security.auth.SpringSecurityContextHelper;
import com.appiancorp.security.auth.rememberme.RememberMeConfiguration;
import com.appiancorp.security.external.ExternalSystem;
import com.appiancorp.security.external.config.ExternalSystemConfiguration;
import com.appiancorp.security.external.service.ExternalSystemService;
import com.appiancorp.suite.EncryptionServiceConfiguration;
import com.appiancorp.suite.SuiteConfiguration;
import com.appiancorp.suite.cfg.AdminSecurityConfiguration;
import com.appiancorp.suite.cfg.ConfigurationFactory;
import com.appiancorp.suite.cfg.CustomBrandingConfiguration;
import com.appiancorp.suite.cfg.LandingPageConfiguration;
import com.appiancorp.suite.cfg.LdapConfiguration;
import com.appiancorp.suite.cfg.PluginManagementConfiguration;
import com.appiancorp.suite.cfg.adminconsole.administeredproperty.AdministeredProperty;
import com.appiancorp.suiteapi.common.ServiceLocator;
import com.appiancorp.suiteapi.common.exceptions.AppianException;
import com.appiancorp.suiteapi.common.exceptions.ErrorCode;
import com.appiancorp.suiteapi.common.paging.PagingInfo;
import com.appiancorp.suiteapi.content.ContentService;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Stopwatch;
import com.google.common.collect.ImmutableMap;
import com.google.common.primitives.Ints;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.function.Supplier;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.NoSuchBeanDefinitionException;

/* loaded from: input_file:com/appiancorp/suite/cfg/adminconsole/migration/AdminConsoleMigrations.class */
public class AdminConsoleMigrations extends ConfigObject {
    private static final Logger LOG = Logger.getLogger(AdminConsoleMigrations.class);
    static final String MIGRATION_FLAG_BASE_NAME = "AdminConsoleMigration";
    private static final int MIGRATION_RUN = 1;
    private ExternalSystemConfiguration externalSystemConfiguration;
    private PortalApplicationMigrationConfiguration portalApplicationMigrationConfiguration;
    private EncryptionServiceConfiguration encryptionServiceConfiguration;
    private SecurityConfiguration securityConfiguration;
    private SuiteConfiguration suiteConfig;
    private Runnable ldapMigration;
    private Runnable ldapMultipleServerUrlMigration;
    private Runnable ldapLowercaseUsernameMigration;
    Map<String, Supplier<Runnable>> migrations;
    private ContentService contentService;

    @VisibleForTesting
    Runnable rememberMeMigration;
    private final Runnable externalSystemsMigration;
    private final Runnable customBrandingSitenameMigration;
    private final Runnable defaultLandingPageMigration;
    private final Runnable encryptionApiAccessListMigration;
    private final Runnable passwordComplexityProperties;

    public AdminConsoleMigrations() {
        this((ExternalSystemConfiguration) ConfigurationFactory.getConfiguration(ExternalSystemConfiguration.class), (PortalApplicationMigrationConfiguration) ConfigurationFactory.getConfiguration(PortalApplicationMigrationConfiguration.class), (EncryptionServiceConfiguration) ConfigurationFactory.getConfiguration(EncryptionServiceConfiguration.class), (SecurityConfiguration) ConfigurationFactory.getConfiguration(SecurityConfiguration.class), (LdapConfiguration.LdapCustomPropertiesConfiguration) ConfigurationFactory.getConfiguration(LdapConfiguration.LdapCustomPropertiesConfiguration.class), (SuiteConfiguration) ConfigurationFactory.getConfiguration(SuiteConfiguration.class));
    }

    @VisibleForTesting
    AdminConsoleMigrations(ExternalSystemConfiguration externalSystemConfiguration, PortalApplicationMigrationConfiguration portalApplicationMigrationConfiguration, EncryptionServiceConfiguration encryptionServiceConfiguration, SecurityConfiguration securityConfiguration, LdapConfiguration.LdapCustomPropertiesConfiguration ldapCustomPropertiesConfiguration, SuiteConfiguration suiteConfiguration) {
        this.ldapMigration = null;
        this.ldapMultipleServerUrlMigration = null;
        this.ldapLowercaseUsernameMigration = null;
        this.rememberMeMigration = () -> {
            try {
                LOG.debug("Migrating Remember Me settings into RDBMS...");
                RememberMeConfiguration rememberMeConfiguration = (RememberMeConfiguration) ApplicationContextHolder.getBean(RememberMeConfiguration.class);
                int saturatedCast = Ints.saturatedCast(TimeUnit.SECONDS.toDays(rememberMeConfiguration.getLifespanSec()));
                if (!rememberMeConfiguration.isEnabled()) {
                    saturatedCast = 0;
                }
                ((AdminSecurityConfiguration) ApplicationContextHolder.getBean(AdminSecurityConfiguration.class)).getAdministeredConfiguration().setValueAsAdministrator(AdminSecurityConfiguration.SecurityProperty.RememberMeTokenExpiration, Integer.valueOf(saturatedCast));
                LOG.info("Successfully migrated the Remember Me Spring configruation to the Appian Administration Console. The RememberMeConfiguration bean can now be safely removed from spring configruation files.");
            } catch (NoSuchBeanDefinitionException e) {
            }
            LOG.debug("Remember Me migration complete");
        };
        this.externalSystemsMigration = new Runnable() { // from class: com.appiancorp.suite.cfg.adminconsole.migration.AdminConsoleMigrations.1
            @Override // java.lang.Runnable
            public void run() {
                ExternalSystemService externalSystemService = (ExternalSystemService) ApplicationContextHolder.getBean("externalSystemService", ExternalSystemService.class);
                AdminConsoleMigrations.LOG.debug("Migrating secure credentials store properties into RDBMS...");
                for (String str : AdminConsoleMigrations.this.externalSystemConfiguration.getPerUserExternalSystemKeys()) {
                    try {
                        ExternalSystem byKey = externalSystemService.getByKey(str);
                        byKey.setShowPerUser(true);
                        externalSystemService.updateAllowAdministrator(byKey);
                    } catch (ObjectNotFoundException | InsufficientPrivilegesException e) {
                        AdminConsoleMigrations.LOG.error("Could not migrate per-user flag for system with key [" + str + "]");
                    }
                }
                for (ExternalSystem externalSystem : externalSystemService.getAll(new PagingInfo())) {
                    try {
                        externalSystem.setAllowedPlugins(AdminConsoleMigrations.this.externalSystemConfiguration.getPluginListFor(externalSystem.getKey()));
                        externalSystemService.updateAllowAdministrator(externalSystem);
                    } catch (InsufficientPrivilegesException e2) {
                        AdminConsoleMigrations.LOG.error("Could not migrate allowed plugins list for system with key [" + externalSystem.getKey() + "]");
                    }
                }
                AdminConsoleMigrations.LOG.debug("Secure credentials store migration complete");
            }
        };
        this.customBrandingSitenameMigration = new Runnable() { // from class: com.appiancorp.suite.cfg.adminconsole.migration.AdminConsoleMigrations.2
            @Override // java.lang.Runnable
            public void run() {
                CustomBrandingConfiguration customBrandingConfiguration = (CustomBrandingConfiguration) ApplicationContextHolder.getBean(CustomBrandingConfiguration.class);
                String appname = AdminConsoleMigrations.this.portalApplicationMigrationConfiguration.getAppname();
                customBrandingConfiguration.getAdministeredConfiguration().setValueAsAdministrator(CustomBrandingConfiguration.SITE_NAME, appname);
                if (AdminConsoleMigrations.LOG.isDebugEnabled()) {
                    AdminConsoleMigrations.LOG.debug("Set Custom Branding Sitename to: " + appname);
                }
            }
        };
        this.defaultLandingPageMigration = new Runnable() { // from class: com.appiancorp.suite.cfg.adminconsole.migration.AdminConsoleMigrations.3
            @Override // java.lang.Runnable
            public void run() {
                ((LandingPageConfiguration) ApplicationContextHolder.getBean(LandingPageConfiguration.class)).getAdministeredConfiguration().setValueAsAdministrator(LandingPageConfiguration.DEFAULT_LANDING_PAGE, "/" + AdminConsoleMigrations.this.suiteConfig.getDefaultEnvironmentFromCustomProperties().toString().toLowerCase(Locale.ENGLISH));
                AdminConsoleMigrations.LOG.info("Successfully migrated value of property conf.suite.DEFAULT_ENVIRONMENT to the Appian Administration Console. The property can be safely deleted from custom.properties now.");
            }
        };
        this.encryptionApiAccessListMigration = new Runnable() { // from class: com.appiancorp.suite.cfg.adminconsole.migration.AdminConsoleMigrations.4
            @Override // java.lang.Runnable
            public void run() {
                PluginManagementConfiguration pluginManagementConfiguration = (PluginManagementConfiguration) ApplicationContextHolder.getBean(PluginManagementConfiguration.class);
                Set<String> pluginList = AdminConsoleMigrations.this.encryptionServiceConfiguration.getPluginList();
                pluginManagementConfiguration.getAdministeredConfiguration().setValueAsAdministrator(PluginManagementConfiguration.PLUGIN_LIST_PROPERTY, pluginList);
                if (AdminConsoleMigrations.LOG.isDebugEnabled()) {
                    AdminConsoleMigrations.LOG.debug("Set API Encryption Plugin Access List to: " + StringUtils.join(pluginList, ","));
                }
                AdminConsoleMigrations.LOG.info("Successfully migrated value of property conf.security.ENCRYPTION_API_ACCESS_LIST to the Appian Administration Console. The property can be safely deleted from custom.properties now.");
            }
        };
        this.passwordComplexityProperties = new Runnable() { // from class: com.appiancorp.suite.cfg.adminconsole.migration.AdminConsoleMigrations.5
            @Override // java.lang.Runnable
            public void run() {
                for (AdministeredProperty<?> administeredProperty : ((AdminSecurityConfiguration) ApplicationContextHolder.getBean(AdminSecurityConfiguration.class)).getAllSupportedProperties()) {
                    Object propertyValue = AdminConsoleMigrations.this.securityConfiguration.getPropertyValue(administeredProperty.getKey());
                    if (propertyValue != null) {
                        administeredProperty.setValueFromStringAsAdministrator((String) propertyValue);
                        if (AdminConsoleMigrations.LOG.isInfoEnabled()) {
                            AdminConsoleMigrations.LOG.info("Successfully migrated value of property conf.security." + administeredProperty + " to the Appian Administration Console. The property can be safely deleted from custom.properties now.");
                        }
                    }
                }
            }
        };
        this.externalSystemConfiguration = externalSystemConfiguration;
        this.portalApplicationMigrationConfiguration = portalApplicationMigrationConfiguration;
        this.encryptionServiceConfiguration = encryptionServiceConfiguration;
        this.securityConfiguration = securityConfiguration;
        this.ldapMigration = new LdapMigration(ldapCustomPropertiesConfiguration);
        this.ldapMultipleServerUrlMigration = new LdapMultipleServerUrlMigration(ldapCustomPropertiesConfiguration);
        this.ldapLowercaseUsernameMigration = new LdapLowercaseUsernameMigration(suiteConfiguration);
        this.suiteConfig = suiteConfiguration;
        this.contentService = ServiceLocator.getContentService(ServiceLocator.getAdministratorServiceContext());
        this.migrations = ImmutableMap.builder().put("", () -> {
            return this.externalSystemsMigration;
        }).put("CustomBrandingSitename", () -> {
            return this.customBrandingSitenameMigration;
        }).put("EncryptionApiAccessList", () -> {
            return this.encryptionApiAccessListMigration;
        }).put("PasswordComplexityProperties", () -> {
            return this.passwordComplexityProperties;
        }).put("DefaultEnvironment", () -> {
            return this.defaultLandingPageMigration;
        }).put("LdapConfigurationProperties", () -> {
            return this.ldapMigration;
        }).put("LdapMultipleServerUrls", () -> {
            return this.ldapMultipleServerUrlMigration;
        }).put("LdapLowercaseUsername", () -> {
            return this.ldapLowercaseUsernameMigration;
        }).put("RememberMeProperties", () -> {
            return this.rememberMeMigration;
        }).put(SamlMigration.MIGRATION_KEY, () -> {
            return SamlMigration.getMigration();
        }).put(DefaultUserProfileVisibilityMigration.MIGRATION_KEY, () -> {
            return DefaultUserProfileVisibilityMigration.getMigration();
        }).put(SessionTimeoutMigration.MIGRATION_KEY, () -> {
            return SessionTimeoutMigration.getMigration();
        }).put(LdapPasswordResetMigration.MIGRATION_KEY, () -> {
            return LdapPasswordResetMigration.getMigration();
        }).put("MultipleIdpMigration", () -> {
            return MultipleIdpMigration.getMigration();
        }).put("IdpMetadataExpirationMigration", () -> {
            return IdpMetadataExpirationMigration.getMigration();
        }).put("QuickAppDataSourceMigration", () -> {
            return QuickAppDataSourceMigration.getMigration();
        }).put("RemoveMobileAppBannerMigration", () -> {
            return RemoveMobileAppBannerMigration.getMigration();
        }).put("RemoveMobileRequirePasscodeMigration", () -> {
            return RemoveMobileRequirePasscodeMigration.getMigration();
        }).put("RemoveMobileMinOsMigration", () -> {
            return RemoveMobileMinOsMigration.getMigration();
        }).put("DocumentExtractionComputeRegionMigration", () -> {
            return DocumentExtractionComputeRegionMigration.getMigration();
        }).put("DocumentExtractionOcrVendorMigration", () -> {
            return DocumentExtractionOcrVendorMigration.getMigration();
        }).build();
    }

    @VisibleForTesting
    AdminConsoleMigrations(ContentService contentService, ImmutableMap<String, Supplier<Runnable>> immutableMap) {
        this.ldapMigration = null;
        this.ldapMultipleServerUrlMigration = null;
        this.ldapLowercaseUsernameMigration = null;
        this.rememberMeMigration = () -> {
            try {
                LOG.debug("Migrating Remember Me settings into RDBMS...");
                RememberMeConfiguration rememberMeConfiguration = (RememberMeConfiguration) ApplicationContextHolder.getBean(RememberMeConfiguration.class);
                int saturatedCast = Ints.saturatedCast(TimeUnit.SECONDS.toDays(rememberMeConfiguration.getLifespanSec()));
                if (!rememberMeConfiguration.isEnabled()) {
                    saturatedCast = 0;
                }
                ((AdminSecurityConfiguration) ApplicationContextHolder.getBean(AdminSecurityConfiguration.class)).getAdministeredConfiguration().setValueAsAdministrator(AdminSecurityConfiguration.SecurityProperty.RememberMeTokenExpiration, Integer.valueOf(saturatedCast));
                LOG.info("Successfully migrated the Remember Me Spring configruation to the Appian Administration Console. The RememberMeConfiguration bean can now be safely removed from spring configruation files.");
            } catch (NoSuchBeanDefinitionException e) {
            }
            LOG.debug("Remember Me migration complete");
        };
        this.externalSystemsMigration = new Runnable() { // from class: com.appiancorp.suite.cfg.adminconsole.migration.AdminConsoleMigrations.1
            @Override // java.lang.Runnable
            public void run() {
                ExternalSystemService externalSystemService = (ExternalSystemService) ApplicationContextHolder.getBean("externalSystemService", ExternalSystemService.class);
                AdminConsoleMigrations.LOG.debug("Migrating secure credentials store properties into RDBMS...");
                for (String str : AdminConsoleMigrations.this.externalSystemConfiguration.getPerUserExternalSystemKeys()) {
                    try {
                        ExternalSystem byKey = externalSystemService.getByKey(str);
                        byKey.setShowPerUser(true);
                        externalSystemService.updateAllowAdministrator(byKey);
                    } catch (ObjectNotFoundException | InsufficientPrivilegesException e) {
                        AdminConsoleMigrations.LOG.error("Could not migrate per-user flag for system with key [" + str + "]");
                    }
                }
                for (ExternalSystem externalSystem : externalSystemService.getAll(new PagingInfo())) {
                    try {
                        externalSystem.setAllowedPlugins(AdminConsoleMigrations.this.externalSystemConfiguration.getPluginListFor(externalSystem.getKey()));
                        externalSystemService.updateAllowAdministrator(externalSystem);
                    } catch (InsufficientPrivilegesException e2) {
                        AdminConsoleMigrations.LOG.error("Could not migrate allowed plugins list for system with key [" + externalSystem.getKey() + "]");
                    }
                }
                AdminConsoleMigrations.LOG.debug("Secure credentials store migration complete");
            }
        };
        this.customBrandingSitenameMigration = new Runnable() { // from class: com.appiancorp.suite.cfg.adminconsole.migration.AdminConsoleMigrations.2
            @Override // java.lang.Runnable
            public void run() {
                CustomBrandingConfiguration customBrandingConfiguration = (CustomBrandingConfiguration) ApplicationContextHolder.getBean(CustomBrandingConfiguration.class);
                String appname = AdminConsoleMigrations.this.portalApplicationMigrationConfiguration.getAppname();
                customBrandingConfiguration.getAdministeredConfiguration().setValueAsAdministrator(CustomBrandingConfiguration.SITE_NAME, appname);
                if (AdminConsoleMigrations.LOG.isDebugEnabled()) {
                    AdminConsoleMigrations.LOG.debug("Set Custom Branding Sitename to: " + appname);
                }
            }
        };
        this.defaultLandingPageMigration = new Runnable() { // from class: com.appiancorp.suite.cfg.adminconsole.migration.AdminConsoleMigrations.3
            @Override // java.lang.Runnable
            public void run() {
                ((LandingPageConfiguration) ApplicationContextHolder.getBean(LandingPageConfiguration.class)).getAdministeredConfiguration().setValueAsAdministrator(LandingPageConfiguration.DEFAULT_LANDING_PAGE, "/" + AdminConsoleMigrations.this.suiteConfig.getDefaultEnvironmentFromCustomProperties().toString().toLowerCase(Locale.ENGLISH));
                AdminConsoleMigrations.LOG.info("Successfully migrated value of property conf.suite.DEFAULT_ENVIRONMENT to the Appian Administration Console. The property can be safely deleted from custom.properties now.");
            }
        };
        this.encryptionApiAccessListMigration = new Runnable() { // from class: com.appiancorp.suite.cfg.adminconsole.migration.AdminConsoleMigrations.4
            @Override // java.lang.Runnable
            public void run() {
                PluginManagementConfiguration pluginManagementConfiguration = (PluginManagementConfiguration) ApplicationContextHolder.getBean(PluginManagementConfiguration.class);
                Set<String> pluginList = AdminConsoleMigrations.this.encryptionServiceConfiguration.getPluginList();
                pluginManagementConfiguration.getAdministeredConfiguration().setValueAsAdministrator(PluginManagementConfiguration.PLUGIN_LIST_PROPERTY, pluginList);
                if (AdminConsoleMigrations.LOG.isDebugEnabled()) {
                    AdminConsoleMigrations.LOG.debug("Set API Encryption Plugin Access List to: " + StringUtils.join(pluginList, ","));
                }
                AdminConsoleMigrations.LOG.info("Successfully migrated value of property conf.security.ENCRYPTION_API_ACCESS_LIST to the Appian Administration Console. The property can be safely deleted from custom.properties now.");
            }
        };
        this.passwordComplexityProperties = new Runnable() { // from class: com.appiancorp.suite.cfg.adminconsole.migration.AdminConsoleMigrations.5
            @Override // java.lang.Runnable
            public void run() {
                for (AdministeredProperty<?> administeredProperty : ((AdminSecurityConfiguration) ApplicationContextHolder.getBean(AdminSecurityConfiguration.class)).getAllSupportedProperties()) {
                    Object propertyValue = AdminConsoleMigrations.this.securityConfiguration.getPropertyValue(administeredProperty.getKey());
                    if (propertyValue != null) {
                        administeredProperty.setValueFromStringAsAdministrator((String) propertyValue);
                        if (AdminConsoleMigrations.LOG.isInfoEnabled()) {
                            AdminConsoleMigrations.LOG.info("Successfully migrated value of property conf.security." + administeredProperty + " to the Appian Administration Console. The property can be safely deleted from custom.properties now.");
                        }
                    }
                }
            }
        };
        this.contentService = contentService;
        this.migrations = immutableMap;
    }

    public void finish() throws Exception {
        for (Map.Entry<String, Supplier<Runnable>> entry : this.migrations.entrySet()) {
            String key = entry.getKey();
            MigrationFlag createFlag = createFlag(key);
            if (!hasMigrationOccurred(createFlag)) {
                String str = key;
                if ("".equals(key)) {
                    str = "ExternalSystems";
                }
                if (LOG.isInfoEnabled()) {
                    LOG.info("Starting migration [" + str + "]");
                }
                Stopwatch createStarted = Stopwatch.createStarted();
                try {
                    try {
                        SpringSecurityContextHelper.runAsAdmin(entry.getValue().get());
                        createStarted.stop();
                        if (LOG.isInfoEnabled()) {
                            LOG.info("Migration [" + str + "] completed in " + createStarted.elapsed(TimeUnit.SECONDS) + " seconds");
                        }
                        ProductMetricsAggregatedDataCollector.recordData("startup.migration." + str + ".totalTimeMs", createStarted.elapsed(TimeUnit.MILLISECONDS));
                        createFlag.setMigrationOccurred(1);
                    } catch (Exception e) {
                        LOG.error("Migration [" + str + "] failed", e);
                        throw new FatalConfigurationException(e, ErrorCode.ADMIN_CONSOLE_MIGRATION_FAILED_GENERIC_ERROR, new Object[0]);
                    }
                } catch (Throwable th) {
                    createStarted.stop();
                    throw th;
                }
            }
        }
    }

    @VisibleForTesting
    Set<String> getMigrationKeys() {
        return this.migrations.keySet();
    }

    private MigrationFlag createFlag(String str) {
        return new DefaultMigrationFlag(this.contentService, MIGRATION_FLAG_BASE_NAME + str);
    }

    @VisibleForTesting
    boolean hasMigrationOccurred(String str) throws AppianException {
        return createFlag(str).hasMigrationOccurred(1);
    }

    private boolean hasMigrationOccurred(MigrationFlag migrationFlag) throws AppianException {
        return migrationFlag.hasMigrationOccurred(1);
    }
}
