package com.zimbra.cs.account.ldap;

import com.zimbra.common.account.Key;
import com.zimbra.common.account.ZAttrProvisioning;
import com.zimbra.common.service.ServiceException;
import com.zimbra.common.util.Log;
import com.zimbra.common.util.ZimbraLog;
import com.zimbra.cs.account.Account;
import com.zimbra.cs.account.Domain;
import com.zimbra.cs.account.Provisioning;
import com.zimbra.cs.account.Server;
import com.zimbra.cs.account.ldap.AutoProvision;
import com.zimbra.cs.account.ldap.entry.LdapEntry;
import com.zimbra.cs.ldap.IAttributes;
import com.zimbra.cs.ldap.LdapClient;
import com.zimbra.cs.ldap.LdapDateUtil;
import com.zimbra.cs.ldap.LdapServerType;
import com.zimbra.cs.ldap.LdapUsage;
import com.zimbra.cs.ldap.SearchLdapOptions;
import com.zimbra.cs.ldap.ZAttributes;
import com.zimbra.cs.ldap.ZLdapContext;
import com.zimbra.cs.ldap.ZLdapFilter;
import com.zimbra.cs.ldap.ZLdapFilterFactory;
import com.zimbra.cs.service.admin.DeployZimlet;
import com.zimbra.cs.util.Zimbra;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;

/* loaded from: input_file:com/zimbra/cs/account/ldap/AutoProvisionEager.class */
public class AutoProvisionEager extends AutoProvision {
    private Provisioning.EagerAutoProvisionScheduler scheduler;

    private AutoProvisionEager(LdapProv ldapProv, Domain domain, Provisioning.EagerAutoProvisionScheduler eagerAutoProvisionScheduler) {
        super(ldapProv, domain);
        this.scheduler = eagerAutoProvisionScheduler;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void handleScheduledDomains(LdapProv ldapProv, Provisioning.EagerAutoProvisionScheduler eagerAutoProvisionScheduler) {
        ZLdapContext zLdapContext = null;
        try {
            try {
                Server localServer = ldapProv.getLocalServer();
                String[] autoProvScheduledDomains = localServer.getAutoProvScheduledDomains();
                zLdapContext = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.AUTO_PROVISION);
                for (String str : autoProvScheduledDomains) {
                    if (eagerAutoProvisionScheduler.isShutDownRequested()) {
                        ZimbraLog.autoprov.info("eager auto provision aborted");
                        LdapClient.closeContext(zLdapContext);
                        return;
                    }
                    try {
                        Domain domain = ldapProv.get(Key.DomainBy.name, str);
                        if (domain == null) {
                            ZimbraLog.autoprov.info("EAGER auto provision: no such domain " + str);
                        } else {
                            ldapProv.reload(domain, true);
                            if (autoProvisionEnabled(domain)) {
                                ZimbraLog.autoprov.info("Auto provisioning accounts on domain %s", new Object[]{str});
                                new AutoProvisionEager(ldapProv, domain, eagerAutoProvisionScheduler).handleBatch(zLdapContext);
                            } else {
                                ZimbraLog.autoprov.info("Domain %s is scheduled for EAGER auto provision but EAGER mode is not enabled on the domain.  Removing domain %s from %s on server %s", new Object[]{domain.getName(), domain.getName(), "zimbraAutoProvScheduledDomains", localServer.getName()});
                                localServer.removeAutoProvScheduledDomains(domain.getName());
                            }
                        }
                    } catch (Throwable th) {
                        if (th instanceof OutOfMemoryError) {
                            Zimbra.halt("Ran out of memory while auto provision accounts", th);
                        } else {
                            ZimbraLog.autoprov.warn("Unable to auto provision accounts for domain %s", str, th);
                        }
                    }
                }
                LdapClient.closeContext(zLdapContext);
            } catch (ServiceException e) {
                ZimbraLog.autoprov.warn("Unable to auto provision accounts", e);
                LdapClient.closeContext(zLdapContext);
            }
        } catch (Throwable th2) {
            LdapClient.closeContext(zLdapContext);
            throw th2;
        }
    }

    private void handleBatch(ZLdapContext zLdapContext) throws ServiceException {
        if (!autoProvisionEnabled(this.domain)) {
            throw ServiceException.FAILURE("EAGER auto provision is not enabled on domain " + this.domain.getName(), (Throwable) null);
        }
        try {
            if (lockDomain(zLdapContext)) {
                createAccountBatch();
            } else {
                ZimbraLog.autoprov.info("EAGER auto provision unable to lock domain: skip domain " + this.domain.getName() + " on server " + this.prov.getLocalServer().getName());
            }
        } finally {
            unlockDomain(zLdapContext);
        }
    }

    @Override // com.zimbra.cs.account.ldap.AutoProvision
    Account handle() throws ServiceException {
        throw new UnsupportedOperationException();
    }

    private static boolean autoProvisionEnabled(Domain domain) {
        return domain.getMultiAttrSet("zimbraAutoProvMode").contains(ZAttrProvisioning.AutoProvMode.EAGER.name());
    }

    private void createAccountBatch() throws ServiceException {
        long currentTimeMillis = System.currentTimeMillis();
        ArrayList arrayList = new ArrayList();
        boolean searchAccounts = searchAccounts(arrayList, this.domain.getAutoProvBatchSize());
        ZimbraLog.autoprov.info("%d external LDAP entries returned as search result", new Object[]{Integer.valueOf(arrayList.size())});
        int i = 0;
        for (AutoProvision.ExternalEntry externalEntry : arrayList) {
            if (this.scheduler.isShutDownRequested()) {
                ZimbraLog.autoprov.info("eager auto provision aborted");
                return;
            }
            try {
                String mapName = mapName(externalEntry.getAttrs(), null);
                ZimbraLog.autoprov.info("auto creating account in EAGER mode: " + mapName + ", dn=\"" + externalEntry.getDN() + "\"");
                if (createAccount(mapName, externalEntry, null, ZAttrProvisioning.AutoProvMode.EAGER) == null) {
                    i++;
                }
            } catch (ServiceException e) {
                ZimbraLog.autoprov.warn("unable to auto create account, dn=\"" + externalEntry.getDN() + "\"", e);
                i++;
            }
        }
        if (searchAccounts && arrayList.size() == i) {
            ZimbraLog.autoprov.info("search result contains unsuccessful external entries, increasing batch size by %d", new Object[]{Integer.valueOf(i)});
            this.domain.setAutoProvBatchSize(this.domain.getAutoProvBatchSize() + i);
            ZimbraLog.autoprov.info("batch size is %d now", new Object[]{Integer.valueOf(this.domain.getAutoProvBatchSize())});
        }
        if (searchAccounts) {
            return;
        }
        String generalizedTimeWithMs = LdapDateUtil.toGeneralizedTimeWithMs(new Date(currentTimeMillis));
        ZimbraLog.autoprov.info("Auto Provisioning has finished for now, setting last polled timestamp: " + generalizedTimeWithMs);
        this.domain.setAutoProvLastPolledTimestampAsString(generalizedTimeWithMs);
    }

    private boolean lockDomain(ZLdapContext zLdapContext) throws ServiceException {
        Server localServer = this.prov.getLocalServer();
        ZLdapFilter domainLockedForEagerAutoProvision = ZLdapFilterFactory.getInstance().domainLockedForEagerAutoProvision();
        HashMap hashMap = new HashMap();
        hashMap.put("zimbraAutoProvLock", localServer.getId());
        boolean testAndModifyEntry = this.prov.getHelper().testAndModifyEntry(zLdapContext, ((LdapEntry) this.domain).getDN(), domainLockedForEagerAutoProvision, hashMap, this.domain);
        this.prov.reload(this.domain, true);
        Log log = ZimbraLog.autoprov;
        Object[] objArr = new Object[1];
        objArr[0] = testAndModifyEntry ? "successful" : DeployZimlet.sFAILED;
        log.debug("lock domain %s", objArr);
        return testAndModifyEntry;
    }

    private void unlockDomain(ZLdapContext zLdapContext) throws ServiceException {
        HashMap hashMap = new HashMap();
        hashMap.put("zimbraAutoProvLock", "");
        this.prov.getHelper().modifyAttrs(zLdapContext, ((LdapEntry) this.domain).getDN(), hashMap, this.domain);
        this.prov.reload(this.domain, true);
        ZimbraLog.autoprov.debug("domain unlocked");
    }

    private boolean searchAccounts(final List<AutoProvision.ExternalEntry> list, int i) throws ServiceException {
        boolean searchAutoProvDirectory = AutoProvision.searchAutoProvDirectory(this.prov, this.domain, null, null, this.domain.getAutoProvLastPolledTimestampAsString(), getAttrsToFetch(), i, new SearchLdapOptions.SearchLdapVisitor(false) { // from class: com.zimbra.cs.account.ldap.AutoProvisionEager.1
            @Override // com.zimbra.cs.ldap.SearchLdapOptions.SearchLdapVisitor
            public void visit(String str, IAttributes iAttributes) throws SearchLdapOptions.StopIteratingException {
                list.add(new AutoProvision.ExternalEntry(str, (ZAttributes) iAttributes));
            }
        }, true);
        ZimbraLog.autoprov.debug("searched external LDAP source, hit size limit ? %s", new Object[]{Boolean.valueOf(searchAutoProvDirectory)});
        return searchAutoProvDirectory;
    }
}
