package com.zimbra.cs.account.accesscontrol;

import com.zimbra.common.account.Key;
import com.zimbra.common.localconfig.LC;
import com.zimbra.common.service.ServiceException;
import com.zimbra.cs.account.Account;
import com.zimbra.cs.account.AccountServiceException;
import com.zimbra.cs.account.Domain;
import com.zimbra.cs.account.MailTarget;
import com.zimbra.cs.account.NamedEntry;
import com.zimbra.cs.account.Provisioning;
import com.zimbra.cs.account.accesscontrol.ZimbraACE;
import com.zimbra.cs.account.cache.NamedEntryCache;
import com.zimbra.cs.account.grouphandler.GroupHandler;
import com.zimbra.cs.account.ldap.LdapProv;
import com.zimbra.cs.ldap.LdapClient;
import com.zimbra.cs.ldap.LdapException;
import com.zimbra.cs.ldap.LdapUtil;
import com.zimbra.cs.ldap.ZAttributes;
import com.zimbra.cs.ldap.ZLdapContext;
import com.zimbra.cs.ldap.ZLdapFilterFactory;
import com.zimbra.cs.ldap.ZSearchResultEntry;

/* loaded from: input_file:com/zimbra/cs/account/accesscontrol/ExternalGroup.class */
public class ExternalGroup extends NamedEntry {
    private static final NamedEntryCache<ExternalGroup> CACHE = new NamedEntryCache<>(LC.ldap_cache_group_maxsize.intValue(), LC.ldap_cache_group_maxage.intValue() * 60000);
    private final String dn;
    private final GroupHandler groupHandler;
    private final String zimbraDomainId;

    ExternalGroup(String str, String str2, String str3, String str4, ZAttributes zAttributes, GroupHandler groupHandler, Provisioning provisioning) throws LdapException {
        super(str3, str2, zAttributes.getAttrs(), null, provisioning);
        this.dn = str;
        this.groupHandler = groupHandler;
        this.zimbraDomainId = str4;
    }

    public String getDN() {
        return this.dn;
    }

    public String getZimbraDomainId() {
        return this.zimbraDomainId;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean inGroup(MailTarget mailTarget, boolean z) throws ServiceException {
        if (mailTarget instanceof Account) {
            return inGroup((Account) mailTarget, z);
        }
        return false;
    }

    boolean inGroup(Account account, boolean z) throws ServiceException {
        return this.groupHandler.inDelegatedAdminGroup(this, account, z);
    }

    private static GroupHandler getGroupHandler(Domain domain) {
        return GroupHandler.getHandler(domain.getExternalGroupHandlerClass());
    }

    private static ExternalGroup makeExternalGroup(Domain domain, GroupHandler groupHandler, String str, String str2, ZAttributes zAttributes) throws ServiceException {
        return new ExternalGroup(str2, ZimbraACE.ExternalGroupInfo.encode(domain.getId(), str), ZimbraACE.ExternalGroupInfo.encode(domain.getName(), str), domain.getId(), zAttributes, groupHandler, LdapProv.getInst());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ExternalGroup get(Key.DomainBy domainBy, String str, boolean z) throws ServiceException {
        ExternalGroup byName = Key.DomainBy.name == domainBy ? CACHE.getByName(str) : CACHE.getById(str);
        if (byName != null) {
            return byName;
        }
        ExternalGroup searchGroup = searchGroup(domainBy, str, z);
        if (searchGroup != null) {
            CACHE.put(searchGroup);
        }
        return searchGroup;
    }

    private static ExternalGroup searchGroup(Key.DomainBy domainBy, String str, boolean z) throws ServiceException {
        LdapProv inst = LdapProv.getInst();
        ZimbraACE.ExternalGroupInfo parse = ZimbraACE.ExternalGroupInfo.parse(str);
        String zimbraDmain = parse.getZimbraDmain();
        String externalGroupName = parse.getExternalGroupName();
        Domain domain = inst.get(domainBy, zimbraDmain);
        if (domain == null) {
            throw AccountServiceException.NO_SUCH_DOMAIN(zimbraDmain);
        }
        String externalGroupLdapSearchBase = domain.getExternalGroupLdapSearchBase();
        String externalGroupLdapSearchFilter = domain.getExternalGroupLdapSearchFilter();
        if (externalGroupLdapSearchBase == null) {
            externalGroupLdapSearchBase = "";
        }
        String computeDn = LdapUtil.computeDn(externalGroupName, externalGroupLdapSearchFilter);
        GroupHandler groupHandler = getGroupHandler(domain);
        ZLdapContext zLdapContext = null;
        try {
            zLdapContext = groupHandler.getExternalDelegatedAdminGroupsLdapContext(domain, z);
            ZSearchResultEntry searchForEntry = inst.getHelper().searchForEntry(externalGroupLdapSearchBase, ZLdapFilterFactory.FilterId.EXTERNAL_GROUP, computeDn, zLdapContext, new String[]{"mail"});
            if (searchForEntry == null) {
                LdapClient.closeContext(zLdapContext);
                return null;
            }
            ExternalGroup makeExternalGroup = makeExternalGroup(domain, groupHandler, externalGroupName, searchForEntry.getDN(), searchForEntry.getAttributes());
            LdapClient.closeContext(zLdapContext);
            return makeExternalGroup;
        } catch (Throwable th) {
            LdapClient.closeContext(zLdapContext);
            throw th;
        }
    }
}
