package com.zimbra.cs.service.admin;

import com.zimbra.common.service.ServiceException;
import com.zimbra.common.soap.AdminConstants;
import com.zimbra.common.soap.Element;
import com.zimbra.common.util.StringUtil;
import com.zimbra.common.util.ZimbraLog;
import com.zimbra.cs.account.Account;
import com.zimbra.cs.account.AccountServiceException;
import com.zimbra.cs.account.DataSource;
import com.zimbra.cs.account.Domain;
import com.zimbra.cs.account.Provisioning;
import com.zimbra.cs.account.accesscontrol.AdminRight;
import com.zimbra.cs.account.accesscontrol.Rights;
import com.zimbra.cs.account.accesscontrol.TargetType;
import com.zimbra.cs.ldap.LdapConstants;
import com.zimbra.cs.mailbox.ACL;
import com.zimbra.cs.mailbox.Folder;
import com.zimbra.cs.mailbox.MailItem;
import com.zimbra.cs.mailbox.MailServiceException;
import com.zimbra.cs.mailbox.Mailbox;
import com.zimbra.cs.mailbox.MailboxManager;
import com.zimbra.cs.mailbox.Metadata;
import com.zimbra.cs.service.admin.AdminRightCheckPoint;
import com.zimbra.cs.util.BuildInfoGenerated;
import com.zimbra.soap.JaxbUtil;
import com.zimbra.soap.ZimbraSoapContext;
import com.zimbra.soap.admin.message.CreateGalSyncAccountRequest;
import com.zimbra.soap.admin.type.DataSourceType;
import com.zimbra.soap.admin.type.GalMode;
import com.zimbra.soap.type.AccountBy;
import com.zimbra.soap.type.AccountSelector;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:com/zimbra/cs/service/admin/CreateGalSyncAccount.class */
public class CreateGalSyncAccount extends AdminDocumentHandler {
    private static final Set<String> emptySet = Collections.emptySet();

    @Override // com.zimbra.soap.DocumentHandler
    public boolean domainAuthSufficient(Map<String, Object> map) {
        return true;
    }

    @Override // com.zimbra.soap.DocumentHandler
    public Element handle(Element element, Map<String, Object> map) throws ServiceException {
        ZimbraSoapContext zimbraSoapContext = getZimbraSoapContext(map);
        Provisioning provisioning = Provisioning.getInstance();
        CreateGalSyncAccountRequest createGalSyncAccountRequest = (CreateGalSyncAccountRequest) JaxbUtil.elementToJaxb(element);
        String name = createGalSyncAccountRequest.getName();
        String domain = createGalSyncAccountRequest.getDomain();
        GalMode type = createGalSyncAccountRequest.getType();
        AccountSelector account = createGalSyncAccountRequest.getAccount();
        AccountBy by = account.getBy();
        String key = account.getKey();
        String password = createGalSyncAccountRequest.getPassword();
        String folder = createGalSyncAccountRequest.getFolder();
        String mailHost = createGalSyncAccountRequest.getMailHost();
        Domain domainByName = provisioning.getDomainByName(domain);
        if (domainByName == null) {
            throw AccountServiceException.NO_SUCH_DOMAIN(domain);
        }
        Account account2 = null;
        try {
            account2 = provisioning.get(by.toKeyAccountBy(), key, zimbraSoapContext.getAuthToken());
        } catch (ServiceException e) {
            ZimbraLog.gal.warn("error checking GalSyncAccount", e);
        }
        if (account2 == null) {
            if (by != AccountBy.name) {
                throw AccountServiceException.NO_SUCH_ACCOUNT(key);
            }
            for (String str : domainByName.getGalAccountId()) {
                Account accountById = provisioning.getAccountById(str);
                if (accountById != null && accountById.getMailHost().equals(mailHost)) {
                    throw AccountServiceException.ACCOUNT_EXISTS(accountById.getName());
                }
            }
            checkDomainRightByEmail(zimbraSoapContext, key, Rights.Admin.R_createAccount);
            HashMap hashMap = new HashMap();
            StringUtil.addToMultiMap(hashMap, "zimbraIsSystemResource", LdapConstants.LDAP_TRUE);
            StringUtil.addToMultiMap(hashMap, "zimbraIsSystemAccount", LdapConstants.LDAP_TRUE);
            StringUtil.addToMultiMap(hashMap, "zimbraHideInGal", LdapConstants.LDAP_TRUE);
            StringUtil.addToMultiMap(hashMap, "zimbraContactMaxNumEntries", BuildInfoGenerated.RELNUM);
            StringUtil.addToMultiMap(hashMap, "zimbraMailHost", mailHost);
            checkSetAttrsOnCreate(zimbraSoapContext, TargetType.account, key, hashMap);
            account2 = provisioning.createAccount(key, password, hashMap);
        }
        if (!Provisioning.onLocalServer(account2)) {
            return proxyRequest(element, map, provisioning.getServerByName(account2.getMailHost()));
        }
        addDataSource(element, zimbraSoapContext, account2, domainByName, folder, name, type);
        Element createElement = zimbraSoapContext.createElement(AdminConstants.CREATE_GAL_SYNC_ACCOUNT_RESPONSE);
        ToXML.encodeAccount(createElement, account2, false, emptySet, null);
        return createElement;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void addDataSource(Element element, ZimbraSoapContext zimbraSoapContext, Account account, Domain domain, String str, String str2, GalMode galMode) throws ServiceException {
        Folder createFolder;
        String name = account.getName();
        String id = account.getId();
        HashSet hashSet = new HashSet();
        hashSet.addAll(Arrays.asList(domain.getGalAccountId()));
        if (!hashSet.contains(id)) {
            hashSet.add(id);
            domain.setGalAccountId((String[]) hashSet.toArray(new String[0]));
        }
        if (str == null) {
            str = "/Contacts";
        } else if (str.length() > 0 && str.charAt(0) != '/') {
            str = "/" + str;
        }
        Mailbox mailboxByAccount = MailboxManager.getInstance().getMailboxByAccount(account);
        try {
            createFolder = mailboxByAccount.getFolderByPath(null, str);
        } catch (MailServiceException.NoSuchItemException e) {
            createFolder = mailboxByAccount.createFolder(null, str, new Folder.FolderOptions().setDefaultView(MailItem.Type.CONTACT));
        }
        int id2 = createFolder.getId();
        for (DataSource dataSource : account.getAllDataSources()) {
            if (dataSource.getFolderId() == id2) {
                throw MailServiceException.ALREADY_EXISTS("data source " + dataSource.getName() + " already contains folder " + str);
            }
        }
        mailboxByAccount.grantAccess(null, id2, domain.getId(), (byte) 4, ACL.stringToRights(Metadata.FN_RAW_SUBJ), null);
        Map<String, Object> attrs = AdminService.getAttrs(element, true);
        try {
            attrs.put("zimbraGalType", galMode.name());
            attrs.put("zimbraDataSourceFolderId", "" + id2);
            if (!attrs.containsKey("zimbraDataSourceEnabled")) {
                attrs.put("zimbraDataSourceEnabled", LdapConstants.LDAP_TRUE);
            }
            if (!attrs.containsKey("zimbraGalStatus")) {
                attrs.put("zimbraGalStatus", Provisioning.MAIL_STATUS_ENABLED);
            }
            Provisioning.getInstance().createDataSource(account, DataSourceType.gal, str2, attrs);
            ZimbraLog.security.info(ZimbraLog.encodeAttrs(new String[]{"cmd", "CreateGalSyncAccount", "name", name}));
        } catch (ServiceException e2) {
            ZimbraLog.gal.error("error creating datasource for GalSyncAccount", e2);
            throw e2;
        }
    }

    @Override // com.zimbra.cs.service.admin.AdminDocumentHandler, com.zimbra.cs.service.admin.AdminRightCheckPoint
    public void docRights(List<AdminRight> list, List<String> list2) {
        list.add(Rights.Admin.R_createAccount);
        list2.add(String.format(AdminRightCheckPoint.Notes.MODIFY_ENTRY, Rights.Admin.R_modifyAccount.getName(), "account"));
    }
}
