package com.normation.rudder.repository.ldap;

import com.normation.NamedZioLogger;
import com.normation.ZioLogger;
import com.normation.errors;
import com.normation.errors$;
import com.normation.errors$IOChainError$;
import com.normation.errors$PureToIoResult$;
import com.normation.eventlog.ModificationId;
import com.normation.inventory.ldap.core.LDAPConstants$;
import com.normation.ldap.sdk.BuildFilter$;
import com.normation.ldap.sdk.LDAPConnectionProvider;
import com.normation.ldap.sdk.LDAPEntry;
import com.normation.ldap.sdk.LDAPIOResult$;
import com.normation.ldap.sdk.RoLDAPConnection;
import com.normation.ldap.sdk.RwLDAPConnection;
import com.normation.rudder.domain.RudderLDAPConstants$;
import com.normation.rudder.domain.archives.RuleArchiveId;
import com.normation.rudder.domain.policies.AddRuleDiff;
import com.normation.rudder.domain.policies.DeleteRuleDiff;
import com.normation.rudder.domain.policies.ModifyRuleDiff;
import com.normation.rudder.domain.policies.Rule;
import com.normation.rudder.domain.policies.RuleId;
import com.normation.rudder.repository.EventLogRepository;
import com.normation.rudder.repository.GitPath;
import com.normation.rudder.repository.GitRuleArchiver;
import com.normation.rudder.repository.RoNodeGroupRepository;
import com.normation.rudder.repository.WoRuleRepository;
import com.normation.rudder.services.user.PersonIdentService;
import com.unboundid.ldap.sdk.Filter;
import org.joda.time.DateTime;
import org.joda.time.format.ISODateTimeFormat;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import scala.Function0;
import scala.Function1;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Some;
import scala.Tuple2;
import scala.Tuple2$mcZZ$sp;
import scala.Tuple3;
import scala.UninitializedFieldError;
import scala.collection.BuildFrom;
import scala.collection.BuildFrom$;
import scala.collection.StringOps$;
import scala.collection.immutable.Nil$;
import scala.collection.immutable.Seq;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxedUnit;
import scala.runtime.BoxesRunTime;
import scala.runtime.Nothing$;
import scala.runtime.ScalaRunTime$;
import scala.runtime.Statics;
import zio.CanFail$;
import zio.UIO$;
import zio.ZIO;
import zio.ZIO$;
import zio.syntax$;

/* compiled from: LDAPRuleRepository.scala */
@ScalaSignature(bytes = "\u0006\u0005\u0005eh\u0001B\u000b\u0017\u0001\u0005B\u0001\u0002\r\u0001\u0003\u0002\u0003\u0006I!\r\u0005\t/\u0001\u0011\t\u0011)A\u0005k!Aq\b\u0001B\u0001B\u0003%\u0001\t\u0003\u0005D\u0001\t\u0005\t\u0015!\u0003E\u0011!9\u0005A!A!\u0002\u0013A\u0005\u0002C&\u0001\u0005\u0003\u0005\u000b\u0011\u0002'\t\u0011=\u0003!\u0011!Q\u0001\nAC\u0001\u0002\u0017\u0001\u0003\u0002\u0003\u0006I!\u0017\u0005\u00069\u0002!\t!\u0018\u0005\u0006O\u0002!\t\u0005\u001b\u0005\u0007i\u0002\u0001K\u0011B;\t\u0011\u0005\u0015\u0002\u0001)C\u0005\u0003OAq!a\u0017\u0001\t\u0003\ni\u0006C\u0004\u0002h\u0001!\t%!\u001b\t\u000f\u0005M\u0004\u0001\"\u0001\u0002v!A\u0011q\u0012\u0001!\n\u0013\t\t\nC\u0004\u0002*\u0002!\t!a+\t\u000f\u0005U\u0006\u0001\"\u0001\u00028\"9\u0011\u0011\u0019\u0001\u0005\u0002\u0005\r\u0007bBAu\u0001\u0011\u0005\u00111\u001e\u0002\u0015/>dE)\u0011)Sk2,'+\u001a9pg&$xN]=\u000b\u0005]A\u0012\u0001\u00027eCBT!!\u0007\u000e\u0002\u0015I,\u0007o\\:ji>\u0014\u0018P\u0003\u0002\u001c9\u00051!/\u001e3eKJT!!\b\u0010\u0002\u00139|'/\\1uS>t'\"A\u0010\u0002\u0007\r|Wn\u0001\u0001\u0014\t\u0001\u0011\u0003\u0006\f\t\u0003G\u0019j\u0011\u0001\n\u0006\u0002K\u0005)1oY1mC&\u0011q\u0005\n\u0002\u0007\u0003:L(+\u001a4\u0011\u0005%RS\"\u0001\r\n\u0005-B\"\u0001E,p%VdWMU3q_NLGo\u001c:z!\tic&D\u0001\u001d\u0013\tyCD\u0001\bOC6,GMW5p\u0019><w-\u001a:\u0002)I|G\nR!Q%VdWMU3q_NLGo\u001c:z!\t\u00114'D\u0001\u0017\u0013\t!dC\u0001\u000bS_2#\u0015\t\u0015*vY\u0016\u0014V\r]8tSR|'/\u001f\t\u0004mibT\"A\u001c\u000b\u0005aJ\u0014aA:eW*\u0011q\u0003H\u0005\u0003w]\u0012a\u0003\u0014#B!\u000e{gN\\3di&|g\u000e\u0015:pm&$WM\u001d\t\u0003muJ!AP\u001c\u0003!I;H\nR!Q\u0007>tg.Z2uS>t\u0017A\u00033jM\u001al\u0015\r\u001d9feB\u0011!'Q\u0005\u0003\u0005Z\u0011a\u0002\u0014#B!\u0012KgMZ'baB,'/A\bhe>,\bOU3q_NLGo\u001c:z!\tIS)\u0003\u0002G1\t)\"k\u001c(pI\u0016<%o\\;q%\u0016\u0004xn]5u_JL\u0018\u0001D1di&|g\u000eT8hO\u0016\u0014\bCA\u0015J\u0013\tQ\u0005D\u0001\nFm\u0016tG\u000fT8h%\u0016\u0004xn]5u_JL\u0018!D4ji\u000e\u0013\u0018I]2iSZ,'\u000f\u0005\u0002*\u001b&\u0011a\n\u0007\u0002\u0010\u000f&$(+\u001e7f\u0003J\u001c\u0007.\u001b<fe\u0006\u0011\u0002/\u001a:t_:LE-\u001a8u'\u0016\u0014h/[2f!\t\tf+D\u0001S\u0015\t\u0019F+\u0001\u0003vg\u0016\u0014(BA+\u001b\u0003!\u0019XM\u001d<jG\u0016\u001c\u0018BA,S\u0005I\u0001VM]:p]&#WM\u001c;TKJ4\u0018nY3\u0002%\u0005,Ho\\#ya>\u0014Ho\u00148N_\u0012Lg-\u001f\t\u0003GiK!a\u0017\u0013\u0003\u000f\t{w\u000e\\3b]\u00061A(\u001b8jiz\"\u0012BX0aC\n\u001cG-\u001a4\u0011\u0005I\u0002\u0001\"\u0002\u0019\n\u0001\u0004\t\u0004\"B\f\n\u0001\u0004)\u0004\"B \n\u0001\u0004\u0001\u0005\"B\"\n\u0001\u0004!\u0005\"B$\n\u0001\u0004A\u0005\"B&\n\u0001\u0004a\u0005\"B(\n\u0001\u0004\u0001\u0006\"\u0002-\n\u0001\u0004I\u0016A\u00037pO\u001e,'OT1nKV\t\u0011\u000e\u0005\u0002kc:\u00111n\u001c\t\u0003Y\u0012j\u0011!\u001c\u0006\u0003]\u0002\na\u0001\u0010:p_Rt\u0014B\u00019%\u0003\u0019\u0001&/\u001a3fM&\u0011!o\u001d\u0002\u0007'R\u0014\u0018N\\4\u000b\u0005A$\u0013A\u00058pI\u0016\u0014V\u000f\\3OC6,W\t_5tiN$rA^A\u0002\u0003\u001b\t\t\u0002E\u0002x}fs!\u0001\u001f?\u000f\u0005e\\hB\u00017{\u0013\u0005y\u0012BA\u000f\u001f\u0013\tiH$\u0001\u0004feJ|'o]\u0005\u0004\u007f\u0006\u0005!\u0001C%P%\u0016\u001cX\u000f\u001c;\u000b\u0005ud\u0002bBA\u0003\u0017\u0001\u0007\u0011qA\u0001\u0004G>t\u0007c\u0001\u001c\u0002\n%\u0019\u00111B\u001c\u0003!I{G\nR!Q\u0007>tg.Z2uS>t\u0007BBA\b\u0017\u0001\u0007\u0011.\u0001\u0003oC6,\u0007bBA\n\u0017\u0001\u0007\u0011QC\u0001\u0003S\u0012\u0004B!a\u0006\u0002\"5\u0011\u0011\u0011\u0004\u0006\u0005\u00037\ti\"\u0001\u0005q_2L7-[3t\u0015\r\tyBG\u0001\u0007I>l\u0017-\u001b8\n\t\u0005\r\u0012\u0011\u0004\u0002\u0007%VdW-\u00133\u0002%%tG/\u001a:oC2$U\r\\3uKJ+H.\u001a\u000b\r\u0003S\t\t$a\r\u0002D\u00055\u0013q\u000b\t\u0005oz\fY\u0003\u0005\u0003\u0002\u0018\u00055\u0012\u0002BA\u0018\u00033\u0011a\u0002R3mKR,'+\u001e7f\t&4g\rC\u0004\u0002\u00141\u0001\r!!\u0006\t\u000f\u0005UB\u00021\u0001\u00028\u0005)Qn\u001c3JIB!\u0011\u0011HA \u001b\t\tYDC\u0002\u0002>q\t\u0001\"\u001a<f]RdwnZ\u0005\u0005\u0003\u0003\nYD\u0001\bN_\u0012Lg-[2bi&|g.\u00133\t\u000f\u0005\u0015C\u00021\u0001\u0002H\u0005)\u0011m\u0019;peB!\u0011\u0011HA%\u0013\u0011\tY%a\u000f\u0003\u0015\u00153XM\u001c;BGR|'\u000fC\u0004\u0002P1\u0001\r!!\u0015\u0002\rI,\u0017m]8o!\u0011\u0019\u00131K5\n\u0007\u0005UCE\u0001\u0004PaRLwN\u001c\u0005\u0007\u00033b\u0001\u0019A-\u0002\u0015\r\fG\u000e\\*zgR,W.\u0001\teK2,G/Z*zgR,WNU;mKRQ\u0011\u0011FA0\u0003C\n\u0019'!\u001a\t\u000f\u0005MQ\u00021\u0001\u0002\u0016!9\u0011QG\u0007A\u0002\u0005]\u0002bBA#\u001b\u0001\u0007\u0011q\t\u0005\b\u0003\u001fj\u0001\u0019AA)\u0003\u0019!W\r\\3uKRQ\u0011\u0011FA6\u0003[\ny'!\u001d\t\u000f\u0005Ma\u00021\u0001\u0002\u0016!9\u0011Q\u0007\bA\u0002\u0005]\u0002bBA#\u001d\u0001\u0007\u0011q\t\u0005\b\u0003\u001fr\u0001\u0019AA)\u0003\u0019\u0019'/Z1uKRQ\u0011qOA@\u0003\u0013\u000bY)!$\u0011\t]t\u0018\u0011\u0010\t\u0005\u0003/\tY(\u0003\u0003\u0002~\u0005e!aC!eIJ+H.\u001a#jM\u001aDq!!!\u0010\u0001\u0004\t\u0019)\u0001\u0003sk2,\u0007\u0003BA\f\u0003\u000bKA!a\"\u0002\u001a\t!!+\u001e7f\u0011\u001d\t)d\u0004a\u0001\u0003oAq!!\u0012\u0010\u0001\u0004\t9\u0005C\u0004\u0002P=\u0001\r!!\u0015\u0002\u001d%tG/\u001a:oC2,\u0006\u000fZ1uKRa\u00111SAO\u0003?\u000b\t+a)\u0002&B!qO`AK!\u0015\u0019\u00131KAL!\u0011\t9\"!'\n\t\u0005m\u0015\u0011\u0004\u0002\u000f\u001b>$\u0017NZ=Sk2,G)\u001b4g\u0011\u001d\t\t\t\u0005a\u0001\u0003\u0007Cq!!\u000e\u0011\u0001\u0004\t9\u0004C\u0004\u0002FA\u0001\r!a\u0012\t\u000f\u0005=\u0003\u00031\u0001\u0002R!1\u0011q\u0015\tA\u0002e\u000b!b]=ti\u0016l7)\u00197m\u0003\u0019)\b\u000fZ1uKRQ\u00111SAW\u0003_\u000b\t,a-\t\u000f\u0005\u0005\u0015\u00031\u0001\u0002\u0004\"9\u0011QG\tA\u0002\u0005]\u0002bBA##\u0001\u0007\u0011q\t\u0005\b\u0003\u001f\n\u0002\u0019AA)\u00031)\b\u000fZ1uKNK8\u000f^3n))\t\u0019*!/\u0002<\u0006u\u0016q\u0018\u0005\b\u0003\u0003\u0013\u0002\u0019AAB\u0011\u001d\t)D\u0005a\u0001\u0003oAq!!\u0012\u0013\u0001\u0004\t9\u0005C\u0004\u0002PI\u0001\r!!\u0015\u0002\u0013M<\u0018\r\u001d*vY\u0016\u001cH\u0003BAc\u0003'\u0004Ba\u001e@\u0002HB!\u0011\u0011ZAh\u001b\t\tYM\u0003\u0003\u0002N\u0006u\u0011\u0001C1sG\"Lg/Z:\n\t\u0005E\u00171\u001a\u0002\u000e%VdW-\u0011:dQ&4X-\u00133\t\u000f\u0005U7\u00031\u0001\u0002X\u00061a.Z<DeN\u0004b!!7\u0002d\u0006\re\u0002BAn\u0003?t1\u0001\\Ao\u0013\u0005)\u0013bAAqI\u00059\u0001/Y2lC\u001e,\u0017\u0002BAs\u0003O\u00141aU3r\u0015\r\t\t\u000fJ\u0001\u0019I\u0016dW\r^3TCZ,GMU;mK\u0006\u00138\r[5wK&#G\u0003BAw\u0003k\u0004Ba\u001e@\u0002pB\u00191%!=\n\u0007\u0005MHE\u0001\u0003V]&$\bbBA|)\u0001\u0007\u0011qY\u0001\nCJ\u001c\u0007.\u001b<f\u0013\u0012\u0004")
/* loaded from: input_file:WEB-INF/lib/rudder-core-6.2.20.jar:com/normation/rudder/repository/ldap/WoLDAPRuleRepository.class */
public class WoLDAPRuleRepository implements WoRuleRepository, NamedZioLogger {
    private final RoLDAPRuleRepository roLDAPRuleRepository;
    private final LDAPConnectionProvider<RwLDAPConnection> ldap;
    private final LDAPDiffMapper diffMapper;
    private final EventLogRepository actionLogger;
    private final GitRuleArchiver gitCrArchiver;
    private final PersonIdentService personIdentService;
    private final boolean autoExportOnModify;
    private Logger logEffect;
    private volatile boolean bitmap$init$0;

    @Override // com.normation.NamedZioLogger
    public NamedZioLogger logPure() {
        NamedZioLogger logPure;
        logPure = logPure();
        return logPure;
    }

    @Override // com.normation.ZioLogger
    public final <T> ZIO<Object, Nothing$, BoxedUnit> logAndForgetResult(Function1<Logger, T> function1) {
        ZIO<Object, Nothing$, BoxedUnit> logAndForgetResult;
        logAndForgetResult = logAndForgetResult(function1);
        return logAndForgetResult;
    }

    @Override // com.normation.ZioLogger
    public final ZIO<Object, Nothing$, BoxedUnit> trace(Function0<String> function0) {
        ZIO<Object, Nothing$, BoxedUnit> trace;
        trace = trace(function0);
        return trace;
    }

    @Override // com.normation.ZioLogger
    public final ZIO<Object, Nothing$, BoxedUnit> debug(Function0<String> function0) {
        ZIO<Object, Nothing$, BoxedUnit> debug;
        debug = debug(function0);
        return debug;
    }

    @Override // com.normation.ZioLogger
    public final ZIO<Object, Nothing$, BoxedUnit> info(Function0<String> function0) {
        ZIO<Object, Nothing$, BoxedUnit> info;
        info = info(function0);
        return info;
    }

    @Override // com.normation.ZioLogger
    public final ZIO<Object, Nothing$, BoxedUnit> error(Function0<String> function0) {
        ZIO<Object, Nothing$, BoxedUnit> error;
        error = error(function0);
        return error;
    }

    @Override // com.normation.ZioLogger
    public final ZIO<Object, Nothing$, BoxedUnit> warn(Function0<String> function0) {
        ZIO<Object, Nothing$, BoxedUnit> warn;
        warn = warn(function0);
        return warn;
    }

    @Override // com.normation.ZioLogger
    public final ZIO<Object, Nothing$, BoxedUnit> trace(Function0<String> function0, Throwable th) {
        ZIO<Object, Nothing$, BoxedUnit> trace;
        trace = trace(function0, th);
        return trace;
    }

    @Override // com.normation.ZioLogger
    public final ZIO<Object, Nothing$, BoxedUnit> debug(Function0<String> function0, Throwable th) {
        ZIO<Object, Nothing$, BoxedUnit> debug;
        debug = debug(function0, th);
        return debug;
    }

    @Override // com.normation.ZioLogger
    public final ZIO<Object, Nothing$, BoxedUnit> info(Function0<String> function0, Throwable th) {
        ZIO<Object, Nothing$, BoxedUnit> info;
        info = info(function0, th);
        return info;
    }

    @Override // com.normation.ZioLogger
    public final ZIO<Object, Nothing$, BoxedUnit> warn(Function0<String> function0, Throwable th) {
        ZIO<Object, Nothing$, BoxedUnit> warn;
        warn = warn(function0, th);
        return warn;
    }

    @Override // com.normation.ZioLogger
    public final ZIO<Object, Nothing$, BoxedUnit> error(Function0<String> function0, Throwable th) {
        ZIO<Object, Nothing$, BoxedUnit> error;
        error = error(function0, th);
        return error;
    }

    @Override // com.normation.ZioLogger
    public final <T> ZIO<Object, Nothing$, BoxedUnit> ifTraceEnabled(ZIO<Object, Nothing$, T> zio2) {
        ZIO<Object, Nothing$, BoxedUnit> ifTraceEnabled;
        ifTraceEnabled = ifTraceEnabled(zio2);
        return ifTraceEnabled;
    }

    @Override // com.normation.ZioLogger
    public final <T> ZIO<Object, Nothing$, BoxedUnit> ifDebugEnabled(ZIO<Object, Nothing$, T> zio2) {
        ZIO<Object, Nothing$, BoxedUnit> ifDebugEnabled;
        ifDebugEnabled = ifDebugEnabled(zio2);
        return ifDebugEnabled;
    }

    @Override // com.normation.ZioLogger
    public final <T> ZIO<Object, Nothing$, BoxedUnit> ifInfoEnabled(ZIO<Object, Nothing$, T> zio2) {
        ZIO<Object, Nothing$, BoxedUnit> ifInfoEnabled;
        ifInfoEnabled = ifInfoEnabled(zio2);
        return ifInfoEnabled;
    }

    @Override // com.normation.ZioLogger
    public final <T> ZIO<Object, Nothing$, BoxedUnit> ifWarnEnabled(ZIO<Object, Nothing$, T> zio2) {
        ZIO<Object, Nothing$, BoxedUnit> ifWarnEnabled;
        ifWarnEnabled = ifWarnEnabled(zio2);
        return ifWarnEnabled;
    }

    @Override // com.normation.ZioLogger
    public final <T> ZIO<Object, Nothing$, BoxedUnit> ifErrorEnabled(ZIO<Object, Nothing$, T> zio2) {
        ZIO<Object, Nothing$, BoxedUnit> ifErrorEnabled;
        ifErrorEnabled = ifErrorEnabled(zio2);
        return ifErrorEnabled;
    }

    @Override // com.normation.NamedZioLogger, com.normation.ZioLogger
    public final Logger logEffect() {
        if (!this.bitmap$init$0) {
            throw new UninitializedFieldError("Uninitialized field: /home/jenkins/workspace/rudder-release/rudder-build/webapp/sources/rudder/rudder-core/src/main/scala/com/normation/rudder/repository/ldap/LDAPRuleRepository.scala: 120");
        }
        Logger logger = this.logEffect;
        return this.logEffect;
    }

    @Override // com.normation.NamedZioLogger
    public final void com$normation$NamedZioLogger$_setter_$logEffect_$eq(Logger logger) {
        this.logEffect = logger;
        this.bitmap$init$0 = true;
    }

    @Override // com.normation.NamedZioLogger
    public String loggerName() {
        return getClass().getName();
    }

    private ZIO<Object, errors.RudderError, Object> nodeRuleNameExists(RoLDAPConnection roLDAPConnection, String str, String str2) {
        return roLDAPConnection.searchSub(this.roLDAPRuleRepository.rudderDit().RULES().dn(), BuildFilter$.MODULE$.AND(ScalaRunTime$.MODULE$.wrapRefArray(new Filter[]{BuildFilter$.MODULE$.AND(ScalaRunTime$.MODULE$.wrapRefArray(new Filter[]{BuildFilter$.MODULE$.IS(RudderLDAPConstants$.MODULE$.OC_RULE()), BuildFilter$.MODULE$.EQ(LDAPConstants$.MODULE$.A_NAME(), str), BuildFilter$.MODULE$.NOT(BuildFilter$.MODULE$.EQ(RudderLDAPConstants$.MODULE$.A_RULE_UUID(), str2))}))})), Nil$.MODULE$).flatMap(seq -> {
            switch (seq.size()) {
                case 0:
                    return syntax$.MODULE$.ToZio(BoxesRunTime.boxToBoolean(false)).succeed();
                case 1:
                    return syntax$.MODULE$.ToZio(BoxesRunTime.boxToBoolean(true)).succeed();
                default:
                    return this.logPure().error(() -> {
                        return new StringBuilder(30).append("More than one rule has name '").append(str).append("'").toString();
                    }).$times$greater(() -> {
                        return syntax$.MODULE$.ToZio(BoxesRunTime.boxToBoolean(true)).succeed();
                    });
            }
        });
    }

    private ZIO<Object, errors.RudderError, DeleteRuleDiff> internalDeleteRule(String str, String str2, String str3, Option<String> option, boolean z) {
        return this.roLDAPRuleRepository.ruleMutex().writeLock().apply(() -> {
            return this.ldap.flatMap(rwLDAPConnection -> {
                return LDAPIOResult$.MODULE$.StrictOption(rwLDAPConnection.get(this.roLDAPRuleRepository.rudderDit().RULES().configRuleDN(str), Nil$.MODULE$)).notOptional(StringOps$.MODULE$.format$extension(Predef$.MODULE$.augmentString("rule with ID '%s' is not present"), ScalaRunTime$.MODULE$.genericWrapArray(new Object[]{str}))).flatMap(lDAPEntry -> {
                    return errors$IOChainError$.MODULE$.chainError$extension(errors$.MODULE$.IOChainError(errors$PureToIoResult$.MODULE$.toIO$extension(errors$.MODULE$.PureToIoResult(this.roLDAPRuleRepository.mapper().entry2Rule(lDAPEntry)))), () -> {
                        return StringOps$.MODULE$.format$extension(Predef$.MODULE$.augmentString("Error when transforming LDAP entry into a rule for id %s. Entry: %s"), ScalaRunTime$.MODULE$.genericWrapArray(new Object[]{new RuleId(str), lDAPEntry}));
                    }).flatMap(rule -> {
                        ZIO succeed;
                        Tuple2$mcZZ$sp tuple2$mcZZ$sp = new Tuple2$mcZZ$sp(rule.isSystem(), z);
                        if (tuple2$mcZZ$sp != null) {
                            boolean _1$mcZ$sp = tuple2$mcZZ$sp._1$mcZ$sp();
                            boolean _2$mcZ$sp = tuple2$mcZZ$sp._2$mcZ$sp();
                            if (true == _1$mcZ$sp && false == _2$mcZ$sp) {
                                succeed = syntax$.MODULE$.ToZio(new errors.Unexpected(new StringBuilder(31).append("System Rule '").append(str).append("' can't be deleted").toString())).fail();
                                return succeed.flatMap(rule -> {
                                    return errors$IOChainError$.MODULE$.chainError$extension(errors$.MODULE$.IOChainError(rwLDAPConnection.delete(this.roLDAPRuleRepository.rudderDit().RULES().configRuleDN(str), rwLDAPConnection.delete$default$2())), () -> {
                                        return StringOps$.MODULE$.format$extension(Predef$.MODULE$.augmentString("Error when deleting rule with ID %s"), ScalaRunTime$.MODULE$.genericWrapArray(new Object[]{new RuleId(str)}));
                                    }).map(seq -> {
                                        return new Tuple2(seq, new DeleteRuleDiff(rule));
                                    }).flatMap(tuple2 -> {
                                        if (tuple2 == null) {
                                            throw new MatchError(tuple2);
                                        }
                                        Seq seq2 = (Seq) tuple2.mo8743_1();
                                        DeleteRuleDiff deleteRuleDiff = (DeleteRuleDiff) tuple2.mo8742_2();
                                        return this.actionLogger.saveDeleteRule(str2, str3, deleteRuleDiff, option).flatMap(eventLog -> {
                                            return ZIO$.MODULE$.when(() -> {
                                                return this.autoExportOnModify && seq2.nonEmpty() && !rule.isSystem();
                                            }, () -> {
                                                return this.personIdentService.getPersonIdentOrDefault(str3).flatMap(personIdent -> {
                                                    return this.gitCrArchiver.deleteRule(str, new Some(new Tuple3(new ModificationId(str2), personIdent, option))).map(obj -> {
                                                        return new GitPath($anonfun$internalDeleteRule$14(((GitPath) obj).value()));
                                                    });
                                                });
                                            }).map(boxedUnit -> {
                                                return deleteRuleDiff;
                                            });
                                        });
                                    });
                                });
                            }
                        }
                        if (tuple2$mcZZ$sp != null) {
                            boolean _1$mcZ$sp2 = tuple2$mcZZ$sp._1$mcZ$sp();
                            boolean _2$mcZ$sp2 = tuple2$mcZZ$sp._2$mcZ$sp();
                            if (false == _1$mcZ$sp2 && true == _2$mcZ$sp2) {
                                succeed = syntax$.MODULE$.ToZio(new errors.Inconsistency(new StringBuilder(54).append("Non-system Rule '").append(str).append("' can not be deleted with that method").toString())).fail();
                                return succeed.flatMap(rule2 -> {
                                    return errors$IOChainError$.MODULE$.chainError$extension(errors$.MODULE$.IOChainError(rwLDAPConnection.delete(this.roLDAPRuleRepository.rudderDit().RULES().configRuleDN(str), rwLDAPConnection.delete$default$2())), () -> {
                                        return StringOps$.MODULE$.format$extension(Predef$.MODULE$.augmentString("Error when deleting rule with ID %s"), ScalaRunTime$.MODULE$.genericWrapArray(new Object[]{new RuleId(str)}));
                                    }).map(seq -> {
                                        return new Tuple2(seq, new DeleteRuleDiff(rule));
                                    }).flatMap(tuple2 -> {
                                        if (tuple2 == null) {
                                            throw new MatchError(tuple2);
                                        }
                                        Seq seq2 = (Seq) tuple2.mo8743_1();
                                        DeleteRuleDiff deleteRuleDiff = (DeleteRuleDiff) tuple2.mo8742_2();
                                        return this.actionLogger.saveDeleteRule(str2, str3, deleteRuleDiff, option).flatMap(eventLog -> {
                                            return ZIO$.MODULE$.when(() -> {
                                                return this.autoExportOnModify && seq2.nonEmpty() && !rule.isSystem();
                                            }, () -> {
                                                return this.personIdentService.getPersonIdentOrDefault(str3).flatMap(personIdent -> {
                                                    return this.gitCrArchiver.deleteRule(str, new Some(new Tuple3(new ModificationId(str2), personIdent, option))).map(obj -> {
                                                        return new GitPath($anonfun$internalDeleteRule$14(((GitPath) obj).value()));
                                                    });
                                                });
                                            }).map(boxedUnit -> {
                                                return deleteRuleDiff;
                                            });
                                        });
                                    });
                                });
                            }
                        }
                        succeed = syntax$.MODULE$.ToZio(rule).succeed();
                        return succeed.flatMap(rule22 -> {
                            return errors$IOChainError$.MODULE$.chainError$extension(errors$.MODULE$.IOChainError(rwLDAPConnection.delete(this.roLDAPRuleRepository.rudderDit().RULES().configRuleDN(str), rwLDAPConnection.delete$default$2())), () -> {
                                return StringOps$.MODULE$.format$extension(Predef$.MODULE$.augmentString("Error when deleting rule with ID %s"), ScalaRunTime$.MODULE$.genericWrapArray(new Object[]{new RuleId(str)}));
                            }).map(seq -> {
                                return new Tuple2(seq, new DeleteRuleDiff(rule));
                            }).flatMap(tuple2 -> {
                                if (tuple2 == null) {
                                    throw new MatchError(tuple2);
                                }
                                Seq seq2 = (Seq) tuple2.mo8743_1();
                                DeleteRuleDiff deleteRuleDiff = (DeleteRuleDiff) tuple2.mo8742_2();
                                return this.actionLogger.saveDeleteRule(str2, str3, deleteRuleDiff, option).flatMap(eventLog -> {
                                    return ZIO$.MODULE$.when(() -> {
                                        return this.autoExportOnModify && seq2.nonEmpty() && !rule.isSystem();
                                    }, () -> {
                                        return this.personIdentService.getPersonIdentOrDefault(str3).flatMap(personIdent -> {
                                            return this.gitCrArchiver.deleteRule(str, new Some(new Tuple3(new ModificationId(str2), personIdent, option))).map(obj -> {
                                                return new GitPath($anonfun$internalDeleteRule$14(((GitPath) obj).value()));
                                            });
                                        });
                                    }).map(boxedUnit -> {
                                        return deleteRuleDiff;
                                    });
                                });
                            });
                        });
                    });
                });
            });
        });
    }

    @Override // com.normation.rudder.repository.WoRuleRepository
    public ZIO<Object, errors.RudderError, DeleteRuleDiff> deleteSystemRule(String str, String str2, String str3, Option<String> option) {
        return internalDeleteRule(str, str2, str3, option, true);
    }

    @Override // com.normation.rudder.repository.WoRuleRepository
    public ZIO<Object, errors.RudderError, DeleteRuleDiff> delete(String str, String str2, String str3, Option<String> option) {
        return internalDeleteRule(str, str2, str3, option, false);
    }

    @Override // com.normation.rudder.repository.WoRuleRepository
    public ZIO<Object, errors.RudderError, AddRuleDiff> create(Rule rule, String str, String str2, Option<String> option) {
        return this.roLDAPRuleRepository.ruleMutex().writeLock().apply(() -> {
            return this.ldap.flatMap(rwLDAPConnection -> {
                return rwLDAPConnection.exists(this.roLDAPRuleRepository.rudderDit().RULES().configRuleDN(rule.id())).flatMap(obj -> {
                    return $anonfun$create$3(this, rule, rwLDAPConnection, str, str2, option, BoxesRunTime.unboxToBoolean(obj));
                });
            });
        });
    }

    private ZIO<Object, errors.RudderError, Option<ModifyRuleDiff>> internalUpdate(Rule rule, String str, String str2, Option<String> option, boolean z) {
        return this.roLDAPRuleRepository.ruleMutex().writeLock().apply(() -> {
            return this.ldap.flatMap(rwLDAPConnection -> {
                return LDAPIOResult$.MODULE$.StrictOption(rwLDAPConnection.get(this.roLDAPRuleRepository.rudderDit().RULES().configRuleDN(rule.id()), Nil$.MODULE$)).notOptional(new StringBuilder(59).append("Cannot update rule with id ").append(rule.id()).append(" : there is no rule with that id").toString()).flatMap(lDAPEntry -> {
                    return errors$IOChainError$.MODULE$.chainError$extension(errors$.MODULE$.IOChainError(errors$PureToIoResult$.MODULE$.toIO$extension(errors$.MODULE$.PureToIoResult(this.roLDAPRuleRepository.mapper().entry2Rule(lDAPEntry)))), () -> {
                        return new StringBuilder(63).append("Error when transforming LDAP entry into a Rule for id ").append(rule.id()).append(". Entry: ").append(lDAPEntry).toString();
                    }).flatMap(rule2 -> {
                        ZIO unit;
                        Tuple2$mcZZ$sp tuple2$mcZZ$sp = new Tuple2$mcZZ$sp(rule2.isSystem(), z);
                        if (tuple2$mcZZ$sp != null) {
                            boolean _1$mcZ$sp = tuple2$mcZZ$sp._1$mcZ$sp();
                            boolean _2$mcZ$sp = tuple2$mcZZ$sp._2$mcZ$sp();
                            if (true == _1$mcZ$sp && false == _2$mcZ$sp) {
                                unit = LDAPIOResult$.MODULE$.ToFailureMsg(new StringBuilder(37).append("System rule '").append(rule2.name()).append("' (").append(rule2.id()).append(") can not be modified").toString()).fail();
                                return unit.flatMap(boxedUnit -> {
                                    return this.nodeRuleNameExists(rwLDAPConnection, rule.name(), rule.id()).flatMap(obj -> {
                                        return $anonfun$internalUpdate$7(this, rule, rwLDAPConnection, lDAPEntry, str, str2, option, BoxesRunTime.unboxToBoolean(obj));
                                    });
                                });
                            }
                        }
                        if (tuple2$mcZZ$sp != null) {
                            boolean _1$mcZ$sp2 = tuple2$mcZZ$sp._1$mcZ$sp();
                            boolean _2$mcZ$sp2 = tuple2$mcZZ$sp._2$mcZ$sp();
                            if (false == _1$mcZ$sp2 && true == _2$mcZ$sp2) {
                                unit = LDAPIOResult$.MODULE$.ToFailureMsg("You can't modify a non-system rule with updateSystem method").fail();
                                return unit.flatMap(boxedUnit2 -> {
                                    return this.nodeRuleNameExists(rwLDAPConnection, rule.name(), rule.id()).flatMap(obj -> {
                                        return $anonfun$internalUpdate$7(this, rule, rwLDAPConnection, lDAPEntry, str, str2, option, BoxesRunTime.unboxToBoolean(obj));
                                    });
                                });
                            }
                        }
                        unit = UIO$.MODULE$.unit();
                        return unit.flatMap(boxedUnit22 -> {
                            return this.nodeRuleNameExists(rwLDAPConnection, rule.name(), rule.id()).flatMap(obj -> {
                                return $anonfun$internalUpdate$7(this, rule, rwLDAPConnection, lDAPEntry, str, str2, option, BoxesRunTime.unboxToBoolean(obj));
                            });
                        });
                    });
                });
            });
        });
    }

    @Override // com.normation.rudder.repository.WoRuleRepository
    public ZIO<Object, errors.RudderError, Option<ModifyRuleDiff>> update(Rule rule, String str, String str2, Option<String> option) {
        return internalUpdate(rule, str, str2, option, false);
    }

    @Override // com.normation.rudder.repository.WoRuleRepository
    public ZIO<Object, errors.RudderError, Option<ModifyRuleDiff>> updateSystem(Rule rule, String str, String str2, Option<String> option) {
        return internalUpdate(rule, str, str2, option, true);
    }

    @Override // com.normation.rudder.repository.WoRuleRepository
    public ZIO<Object, errors.RudderError, RuleArchiveId> swapRules(Seq<Rule> seq) {
        String dateTime = DateTime.now().toString(ISODateTimeFormat.dateTime());
        LDAPEntry ruleModel = this.roLDAPRuleRepository.rudderDit().ARCHIVES().ruleModel(dateTime);
        return this.roLDAPRuleRepository.ruleMutex().writeLock().apply(() -> {
            return this.roLDAPRuleRepository.getAll(true).flatMap(seq2 -> {
                return this.ldap.flatMap(rwLDAPConnection -> {
                    return rwLDAPConnection.move(this.roLDAPRuleRepository.rudderDit().RULES().dn(), ruleModel.dn().getParent(), new Some(ruleModel.dn().getRDN())).flatMap(lDIFChangeRecord -> {
                        return rwLDAPConnection.save(this.roLDAPRuleRepository.rudderDit().RULES().model(), rwLDAPConnection.save$default$2(), rwLDAPConnection.save$default$3()).flatMap(lDIFChangeRecord -> {
                            return ZIO$.MODULE$.foreach((ZIO$) seq, rule -> {
                                return this.saveCR$1(rwLDAPConnection, rule);
                            }, (BuildFrom<ZIO$, B, ZIO$>) BuildFrom$.MODULE$.buildFromIterableOps()).flatMap(seq2 -> {
                                return ZIO$.MODULE$.foreach((ZIO$) seq2.filter(rule2 -> {
                                    return BoxesRunTime.boxToBoolean(rule2.isSystem());
                                }), rule3 -> {
                                    return this.saveCR$1(rwLDAPConnection, rule3);
                                }, (BuildFrom<ZIO$, B, ZIO$>) BuildFrom$.MODULE$.buildFromIterableOps()).map(seq2 -> {
                                    return new RuleArchiveId($anonfun$swapRules$13(dateTime, seq2));
                                });
                            });
                        });
                    }).catchAll(lDAPRudderError -> {
                        errors.Chained chained = new errors.Chained("Error when importing CRs, trying to restore old CR", lDAPRudderError);
                        return this.logPure().error(() -> {
                            return chained.msg();
                        }).$times$greater(() -> {
                            return this.restore$1(rwLDAPConnection, seq2).foldM(lDAPRudderError -> {
                                return syntax$.MODULE$.ToZio(new errors.Chained(StringOps$.MODULE$.format$extension(Predef$.MODULE$.augmentString("Error when rollbacking corrupted import for rules, expect other errors. Archive ID: '%s'"), ScalaRunTime$.MODULE$.genericWrapArray(new Object[]{dateTime})), chained)).fail();
                            }, seq2 -> {
                                return this.logPure().info(() -> {
                                    return "Rollback rules";
                                }).$times$greater(() -> {
                                    return syntax$.MODULE$.ToZio(new errors.Chained("Rollbacked imported rules to previous state", chained)).fail();
                                });
                            }, CanFail$.MODULE$.canFail());
                        });
                    }, CanFail$.MODULE$.canFail()).map(obj -> {
                        return new RuleArchiveId($anonfun$swapRules$21(dateTime, ((RuleArchiveId) obj).value()));
                    });
                });
            });
        });
    }

    @Override // com.normation.rudder.repository.WoRuleRepository
    public ZIO<Object, errors.RudderError, BoxedUnit> deleteSavedRuleArchiveId(String str) {
        return this.roLDAPRuleRepository.ruleMutex().writeLock().apply(() -> {
            return this.ldap.flatMap(rwLDAPConnection -> {
                return rwLDAPConnection.delete(this.roLDAPRuleRepository.rudderDit().ARCHIVES().ruleModel(str).dn(), rwLDAPConnection.delete$default$2()).map(seq -> {
                    $anonfun$deleteSavedRuleArchiveId$3(seq);
                    return BoxedUnit.UNIT;
                });
            });
        });
    }

    public static final /* synthetic */ String $anonfun$internalDeleteRule$14(String str) {
        return str;
    }

    public static final /* synthetic */ String $anonfun$create$19(String str) {
        return str;
    }

    public static final /* synthetic */ ZIO $anonfun$create$7(WoLDAPRuleRepository woLDAPRuleRepository, Rule rule, RwLDAPConnection rwLDAPConnection, String str, String str2, Option option, boolean z) {
        return ZIO$.MODULE$.when(() -> {
            return z;
        }, () -> {
            return LDAPIOResult$.MODULE$.ToFailureMsg(StringOps$.MODULE$.format$extension(Predef$.MODULE$.augmentString("Cannot create a rule with name %s : there is already a rule with the same name"), ScalaRunTime$.MODULE$.genericWrapArray(new Object[]{rule.name()}))).fail();
        }).map(boxedUnit -> {
            return new Tuple2(boxedUnit, woLDAPRuleRepository.roLDAPRuleRepository.mapper().rule2Entry(rule));
        }).flatMap(tuple2 -> {
            if (tuple2 == null) {
                throw new MatchError(tuple2);
            }
            LDAPEntry lDAPEntry = (LDAPEntry) tuple2.mo8742_2();
            return errors$IOChainError$.MODULE$.chainError$extension(errors$.MODULE$.IOChainError(rwLDAPConnection.save(lDAPEntry, rwLDAPConnection.save$default$2(), rwLDAPConnection.save$default$3())), () -> {
                return new StringBuilder(44).append("Error when saving rule entry in repository: ").append(lDAPEntry).toString();
            }).flatMap(lDIFChangeRecord -> {
                return errors$PureToIoResult$.MODULE$.toIO$extension(errors$.MODULE$.PureToIoResult(woLDAPRuleRepository.diffMapper.addChangeRecords2RuleDiff(lDAPEntry.dn(), lDIFChangeRecord))).flatMap(addRuleDiff -> {
                    return woLDAPRuleRepository.actionLogger.saveAddRule(str, str2, addRuleDiff, option).flatMap(eventLog -> {
                        return ZIO$.MODULE$.when(() -> {
                            return woLDAPRuleRepository.autoExportOnModify && !rule.isSystem();
                        }, () -> {
                            return woLDAPRuleRepository.personIdentService.getPersonIdentOrDefault(str2).flatMap(personIdent -> {
                                return woLDAPRuleRepository.gitCrArchiver.archiveRule(rule, new Some(new Tuple3(new ModificationId(str), personIdent, option))).map(obj -> {
                                    return new GitPath($anonfun$create$19(((GitPath) obj).value()));
                                });
                            });
                        }).map(boxedUnit2 -> {
                            return addRuleDiff;
                        });
                    });
                });
            });
        });
    }

    public static final /* synthetic */ ZIO $anonfun$create$3(WoLDAPRuleRepository woLDAPRuleRepository, Rule rule, RwLDAPConnection rwLDAPConnection, String str, String str2, Option option, boolean z) {
        return ZIO$.MODULE$.when(() -> {
            return z;
        }, () -> {
            return LDAPIOResult$.MODULE$.ToFailureMsg(new StringBuilder(74).append("Cannot create a rule with ID '").append(rule.id()).append("' : there is already a rule with the same id").toString()).fail();
        }).flatMap(boxedUnit -> {
            return woLDAPRuleRepository.nodeRuleNameExists(rwLDAPConnection, rule.name(), rule.id()).flatMap(obj -> {
                return $anonfun$create$7(woLDAPRuleRepository, rule, rwLDAPConnection, str, str2, option, BoxesRunTime.unboxToBoolean(obj));
            });
        });
    }

    public static final /* synthetic */ String $anonfun$internalUpdate$20(String str) {
        return str;
    }

    public static final /* synthetic */ ZIO $anonfun$internalUpdate$7(WoLDAPRuleRepository woLDAPRuleRepository, Rule rule, RwLDAPConnection rwLDAPConnection, LDAPEntry lDAPEntry, String str, String str2, Option option, boolean z) {
        return ZIO$.MODULE$.when(() -> {
            return z;
        }, () -> {
            return LDAPIOResult$.MODULE$.ToFailureMsg(new StringBuilder(59).append("Cannot update rule with name ").append(rule.name()).append(": this name is already in use.").toString()).fail();
        }).map(boxedUnit -> {
            return new Tuple2(boxedUnit, woLDAPRuleRepository.roLDAPRuleRepository.mapper().rule2Entry(rule));
        }).flatMap(tuple2 -> {
            if (tuple2 == null) {
                throw new MatchError(tuple2);
            }
            LDAPEntry lDAPEntry2 = (LDAPEntry) tuple2.mo8742_2();
            return errors$IOChainError$.MODULE$.chainError$extension(errors$.MODULE$.IOChainError(rwLDAPConnection.save(lDAPEntry2, true, rwLDAPConnection.save$default$3())), () -> {
                return new StringBuilder(44).append("Error when saving rule entry in repository: ").append(lDAPEntry2).toString();
            }).flatMap(lDIFChangeRecord -> {
                return errors$IOChainError$.MODULE$.chainError$extension(errors$.MODULE$.IOChainError(errors$PureToIoResult$.MODULE$.toIO$extension(errors$.MODULE$.PureToIoResult(woLDAPRuleRepository.diffMapper.modChangeRecords2RuleDiff(lDAPEntry, lDIFChangeRecord)))), () -> {
                    return StringOps$.MODULE$.format$extension(Predef$.MODULE$.augmentString("Error when mapping rule '%s' update to an diff: %s"), ScalaRunTime$.MODULE$.genericWrapArray(new Object[]{rule.id(), lDIFChangeRecord}));
                }).flatMap(option2 -> {
                    ZIO saveModifyRule;
                    if (None$.MODULE$.equals(option2)) {
                        saveModifyRule = UIO$.MODULE$.unit();
                    } else {
                        if (!(option2 instanceof Some)) {
                            throw new MatchError(option2);
                        }
                        saveModifyRule = woLDAPRuleRepository.actionLogger.saveModifyRule(str, str2, (ModifyRuleDiff) ((Some) option2).value(), option);
                    }
                    return saveModifyRule.flatMap(obj -> {
                        return ZIO$.MODULE$.when(() -> {
                            return woLDAPRuleRepository.autoExportOnModify && option2.isDefined() && !rule.isSystem();
                        }, () -> {
                            return woLDAPRuleRepository.personIdentService.getPersonIdentOrDefault(str2).flatMap(personIdent -> {
                                return woLDAPRuleRepository.gitCrArchiver.archiveRule(rule, new Some(new Tuple3(new ModificationId(str), personIdent, option))).map(obj -> {
                                    return new GitPath($anonfun$internalUpdate$20(((GitPath) obj).value()));
                                });
                            });
                        }).map(boxedUnit2 -> {
                            return option2;
                        });
                    });
                });
            });
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final ZIO saveCR$1(RwLDAPConnection rwLDAPConnection, Rule rule) {
        return rwLDAPConnection.save(this.roLDAPRuleRepository.mapper().rule2Entry(rule), rwLDAPConnection.save$default$2(), rwLDAPConnection.save$default$3());
    }

    private final ZIO restore$1(RwLDAPConnection rwLDAPConnection, Seq seq) {
        return rwLDAPConnection.delete(this.roLDAPRuleRepository.rudderDit().RULES().dn(), rwLDAPConnection.delete$default$2()).flatMap(seq2 -> {
            return ZIO$.MODULE$.foreach((ZIO$) seq, rule -> {
                return this.saveCR$1(rwLDAPConnection, rule);
            }, (BuildFrom<ZIO$, B, ZIO$>) BuildFrom$.MODULE$.buildFromIterableOps()).map(seq2 -> {
                return seq2;
            });
        });
    }

    public static final /* synthetic */ String $anonfun$swapRules$13(String str, Seq seq) {
        return str;
    }

    public static final /* synthetic */ String $anonfun$swapRules$21(String str, String str2) {
        return str;
    }

    public static final /* synthetic */ void $anonfun$deleteSavedRuleArchiveId$3(Seq seq) {
    }

    public WoLDAPRuleRepository(RoLDAPRuleRepository roLDAPRuleRepository, LDAPConnectionProvider<RwLDAPConnection> lDAPConnectionProvider, LDAPDiffMapper lDAPDiffMapper, RoNodeGroupRepository roNodeGroupRepository, EventLogRepository eventLogRepository, GitRuleArchiver gitRuleArchiver, PersonIdentService personIdentService, boolean z) {
        this.roLDAPRuleRepository = roLDAPRuleRepository;
        this.ldap = lDAPConnectionProvider;
        this.diffMapper = lDAPDiffMapper;
        this.actionLogger = eventLogRepository;
        this.gitCrArchiver = gitRuleArchiver;
        this.personIdentService = personIdentService;
        this.autoExportOnModify = z;
        ZioLogger.$init$(this);
        com$normation$NamedZioLogger$_setter_$logEffect_$eq(LoggerFactory.getLogger(loggerName()));
        Statics.releaseFence();
    }
}
