package pl.decerto.hyperon.common.security;

import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import pl.decerto.hyperon.common.security.cache.UserCacheEntry;
import pl.decerto.hyperon.common.security.cache.UsersCacheManager;
import pl.decerto.hyperon.common.security.dao.ResetPasswordDao;
import pl.decerto.hyperon.common.security.dao.SystemUserPreferenceJPADao;
import pl.decerto.hyperon.common.security.dao.UserManagementDao;
import pl.decerto.hyperon.common.security.domain.ResetPasswordStatus;
import pl.decerto.hyperon.common.security.domain.ResetPasswordToken;
import pl.decerto.hyperon.common.security.domain.SystemRoleJPA;
import pl.decerto.hyperon.common.security.domain.SystemUserJPA;
import pl.decerto.hyperon.common.security.domain.SystemUserPreferenceJPA;
import pl.decerto.hyperon.common.security.domain.UserStatus;
import pl.decerto.hyperon.common.security.dto.SystemRole;
import pl.decerto.hyperon.common.security.dto.SystemUser;
import pl.decerto.hyperon.common.security.dto.SystemUserPreference;
import pl.decerto.hyperon.runtime.exception.HyperonIllegalStateException;

@Service
/* loaded from: input_file:BOOT-INF/lib/hyperon-common-1.12.0.jar:pl/decerto/hyperon/common/security/UserManagementServiceImpl.class */
public class UserManagementServiceImpl implements UserManagementService {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) UserManagementServiceImpl.class);
    private final UserManagementDao dao;
    private final SystemUserPreferenceJPADao prefDao;
    private final ResetPasswordDao resetPasswordDao;
    private final UsersCacheManager userCache;
    private final UserManagementMappers userManagementMappers;
    private final SystemRoleManagementService systemRoleManagementService;
    private final PasswordEncoder passwordEncoder;

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional(readOnly = true)
    public List<SystemUser> getUsers() {
        log.debug("fetching all users");
        Stream<SystemUserJPA> stream = this.dao.findAll2().stream();
        UserManagementMappers userManagementMappers = this.userManagementMappers;
        userManagementMappers.getClass();
        return (List) stream.map(userManagementMappers::fullUserToDto).collect(Collectors.toList());
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional(readOnly = true)
    public SystemUser getUserByLogin(String str) {
        return convertUser(this.dao.findByLogin(str));
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional(readOnly = true)
    public Optional<SystemUser> getUserByLoginWithIgnoreCase(String str) {
        return this.dao.findByLoginWithIgnoreCase(str.toLowerCase()).map(this::convertUser);
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional(readOnly = true)
    public SystemUser getUserByEmail(String str) {
        return convertUser(this.dao.findByEmail(str.toLowerCase()));
    }

    private SystemUser convertUser(SystemUserJPA systemUserJPA) {
        if (systemUserJPA == null) {
            return null;
        }
        if (!systemUserJPA.getPreferences().isEmpty()) {
            systemUserJPA.getPreferences().iterator().next();
        }
        if (!systemUserJPA.getRoles().isEmpty()) {
            systemUserJPA.getRoles().iterator().next();
        }
        log.info("user fetched: {}", systemUserJPA);
        return this.userManagementMappers.fullUserToDto(systemUserJPA);
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    public Optional<SystemUser> getUserByLoginCommonData(String str) {
        return Optional.ofNullable(this.dao.findByLogin(str)).map(systemUserJPA -> {
            log.info("user fetched: {}", systemUserJPA);
            return this.userManagementMappers.simpleUserToDto(systemUserJPA);
        });
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    public String passwordEncode(String str) {
        return this.passwordEncoder.encode(str);
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    public boolean isPasswordMatching(String str, SystemUser systemUser) {
        return this.passwordEncoder.matches(str, systemUser.getPassword());
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional
    public void add(SystemUser systemUser, boolean z) {
        log.info("creating user: {}", systemUser.getLogin());
        SystemUserJPA fullUserToModel = this.userManagementMappers.fullUserToModel(systemUser);
        fullUserToModel.setCreateDate(new Date());
        if (fullUserToModel.getStatus() == null) {
            fullUserToModel.setStatus(UserStatus.ACTIVE);
        }
        if (z) {
            fullUserToModel.setPassword(this.passwordEncoder.encode(systemUser.getPassword()));
        }
        this.dao.save(fullUserToModel);
        systemUser.setId(fullUserToModel.getId());
        systemUser.setCreateDate(fullUserToModel.getCreateDate());
        systemUser.setStatus(fullUserToModel.getStatus());
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional
    public void modify(SystemUser systemUser) {
        log.info("modifying user: {} id: {}", systemUser.getLogin(), Integer.valueOf(systemUser.getId()));
        SystemUserJPA systemUser2 = getSystemUser(Integer.valueOf(systemUser.getId()));
        systemUser2.setLogin(systemUser.getLogin());
        systemUser2.setFirstName(systemUser.getFirstName());
        systemUser2.setLastName(systemUser.getLastName());
        systemUser2.setEmail(systemUser.getEmail());
        systemUser2.setCreateDate(systemUser.getCreateDate());
        systemUser2.setStatus(systemUser.getStatus());
        systemUser2.getRoles().clear();
        systemUser2.onUpdate();
        Iterator<SystemRole> it = systemUser.getRoles().iterator();
        while (it.hasNext()) {
            systemUser2.addRole(this.userManagementMappers.simpleRoleToModel(it.next()));
        }
        systemUser2.getPreferences().clear();
        Iterator<SystemUserPreference> it2 = systemUser.getPreferences().iterator();
        while (it2.hasNext()) {
            systemUser2.addPreference(this.userManagementMappers.simplePreferenceToModel(it2.next()));
        }
        this.dao.save(systemUser2);
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional(readOnly = true)
    public SystemUser getUser(Integer num) {
        log.debug("user for id: {}", num);
        Optional<SystemUserJPA> findById = this.dao.findById(num);
        UserManagementMappers userManagementMappers = this.userManagementMappers;
        userManagementMappers.getClass();
        return (SystemUser) findById.map(userManagementMappers::fullUserToDto).orElse(null);
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional
    public void changePassword(Integer num, String str, boolean z) {
        log.info("changing password for user with id: {}", num);
        SystemUserJPA systemUser = getSystemUser(num);
        if (z) {
            systemUser.setPassword(this.passwordEncoder.encode(str));
        } else {
            systemUser.setPassword(str);
        }
    }

    public SystemUserJPA getSystemUser(Integer num) {
        return this.dao.findById(num).orElseThrow(() -> {
            return new HyperonIllegalStateException("Missing system user with id: " + num);
        });
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional
    public void addOrUpdateResetPasswordToken(String str) {
        log.info("adding or updating password token for email: {}", str);
        ResetPasswordToken findByEmail = this.resetPasswordDao.findByEmail(str);
        if (findByEmail == null) {
            log.debug("token not found - creating new token for email: {}", str);
            findByEmail = new ResetPasswordToken();
            findByEmail.setEmail(str);
        }
        findByEmail.setToken(generateToken());
        findByEmail.setStatus(ResetPasswordStatus.NEW);
        this.resetPasswordDao.save(findByEmail);
    }

    private String generateToken() {
        return UUID.randomUUID().toString();
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional(readOnly = true)
    public ResetPasswordToken getPasswordTokenByEmail(String str) {
        log.debug("getting token for email: {}", str);
        return this.resetPasswordDao.findByEmail(str);
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional(readOnly = true)
    public SystemUser getUserByPasswordToken(String str) {
        ResetPasswordToken findByTokenAndStatus = this.resetPasswordDao.findByTokenAndStatus(str, ResetPasswordStatus.ACTIVE);
        if (findByTokenAndStatus == null) {
            return null;
        }
        return getUserByEmail(findByTokenAndStatus.getEmail());
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional
    public void persistPasswordToken(ResetPasswordToken resetPasswordToken) {
        log.info("saving password token for email: {}", resetPasswordToken.getEmail());
        this.resetPasswordDao.save(resetPasswordToken);
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional
    public void removeRoleFromUsers(List<SystemUser> list, SystemRole systemRole) {
        log.info("removing role {} from {} users", systemRole.getCode(), Integer.valueOf(list.size()));
        SystemRoleJPA complexRoleToModel = this.userManagementMappers.complexRoleToModel(this.systemRoleManagementService.getRoleByCode(systemRole.getCode()));
        Collection<SystemUserJPA> refreshUsers = refreshUsers(list);
        for (SystemUserJPA systemUserJPA : refreshUsers) {
            systemUserJPA.getRoles().remove(complexRoleToModel);
            systemUserJPA.onUpdate();
        }
        this.dao.saveAll((Iterable) refreshUsers);
    }

    private Collection<SystemUserJPA> refreshUsers(List<SystemUser> list) {
        List<SystemUserJPA> findAllById = this.dao.findAllById((Iterable) list.stream().map((v0) -> {
            return v0.getId();
        }).collect(Collectors.toList()));
        log.debug("found {} users", Integer.valueOf(list.size()));
        return findAllById;
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional
    public void addRoleToUsers(List<SystemUser> list, SystemRole systemRole) {
        log.info("adding role {} to {} users", systemRole.getCode(), Integer.valueOf(list.size()));
        SystemRoleJPA complexRoleToModel = this.userManagementMappers.complexRoleToModel(systemRole);
        refreshUsers(list).forEach(systemUserJPA -> {
            systemUserJPA.addRole(complexRoleToModel);
            systemUserJPA.onUpdate();
            this.dao.saveAndFlush(systemUserJPA);
        });
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional(readOnly = true)
    public List<ResetPasswordToken> getPasswordTokensByStatus(ResetPasswordStatus resetPasswordStatus) {
        log.trace("fetching password tokens for status {}", resetPasswordStatus);
        List<ResetPasswordToken> findAllByStatus = this.resetPasswordDao.findAllByStatus(resetPasswordStatus);
        log.trace("found {} password tokens for status {}", Integer.valueOf(findAllByStatus.size()), resetPasswordStatus);
        return findAllByStatus;
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional
    public SystemUser modifyOrCreateSystemUserPreference(String str, String str2, String str3) {
        return (SystemUser) getUserByLoginCommonData(str).map(systemUser -> {
            return modifyOrCreateSystemUserPreference(systemUser, str2, str3);
        }).orElse(null);
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional
    public SystemUser modifyOrCreateSystemUserPreference(SystemUser systemUser, String str, String str2) {
        if (systemUser != null) {
            if (!this.prefDao.findValue(systemUser.getId(), str.trim()).isEmpty()) {
                this.prefDao.updateValue(systemUser.getId(), str.trim(), StringUtils.trim(str2));
                this.userCache.reloadPreferences(systemUser.getLogin());
            } else {
                createNewPreference(systemUser, str, str2);
            }
        } else {
            log.warn("user is null - aborting");
        }
        return systemUser;
    }

    private void createNewPreference(SystemUser systemUser, String str, String str2) {
        log.debug("creating new preference {} with value {} for user {}", str, str2, systemUser.getLogin());
        SystemUserPreferenceJPA systemUserPreferenceJPA = new SystemUserPreferenceJPA();
        systemUserPreferenceJPA.setKey(str.trim());
        systemUserPreferenceJPA.setValue(str2.trim());
        SystemUserJPA systemUserJPA = new SystemUserJPA();
        systemUserJPA.setId(systemUser.getId());
        systemUserPreferenceJPA.setUser(systemUserJPA);
        this.prefDao.save(systemUserPreferenceJPA);
        this.userCache.addPreference(systemUser.getLogin(), str, str2);
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional
    public void importUser(SystemUser systemUser) {
        log.debug("enter importUser({})", systemUser);
        SystemUserJPA findByLogin = this.dao.findByLogin(systemUser.getLogin());
        if (findByLogin == null) {
            log.debug("Adding imported user {}", systemUser);
            add(systemUser, false);
            return;
        }
        if (!systemUser.nothingChanged(this.userManagementMappers.fullUserToDto(findByLogin))) {
            systemUser.setId(findByLogin.getId());
            systemUser.setCreateDate(findByLogin.getCreateDate());
            modify(systemUser);
            if (!findByLogin.getPassword().equals(systemUser.getPassword())) {
                changePassword(Integer.valueOf(findByLogin.getId()), systemUser.getPassword(), false);
            }
            log.debug("Updating imported user {}", systemUser);
        }
        log.debug("No changes for imported user {}", systemUser);
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    public List<String> getUsersToFilter() {
        return this.dao.getLogins(UserStatus.ACTIVE);
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    @Transactional
    public SystemUser removeSystemUserPreference(String str, String str2, String str3) {
        return (SystemUser) getUserByLoginCommonData(str).map(systemUser -> {
            removeUserPreference(systemUser, str, str2);
            return systemUser;
        }).orElse(null);
    }

    private void removeUserPreference(SystemUser systemUser, String str, String str2) {
        if (!this.prefDao.findValue(systemUser.getId(), str2).isEmpty()) {
            log.debug("removing preference {} for user {}", str2, systemUser.getLogin());
            this.prefDao.removePreference(systemUser.getId(), str2);
            this.userCache.reloadPreferences(str);
        }
    }

    @Override // pl.decerto.hyperon.common.security.UserManagementService
    public UserCacheEntry getUserCacheEntry(String str) {
        return this.userCache.getUserCacheEntry(str);
    }

    public UserManagementServiceImpl(UserManagementDao userManagementDao, SystemUserPreferenceJPADao systemUserPreferenceJPADao, ResetPasswordDao resetPasswordDao, UsersCacheManager usersCacheManager, UserManagementMappers userManagementMappers, SystemRoleManagementService systemRoleManagementService, PasswordEncoder passwordEncoder) {
        this.dao = userManagementDao;
        this.prefDao = systemUserPreferenceJPADao;
        this.resetPasswordDao = resetPasswordDao;
        this.userCache = usersCacheManager;
        this.userManagementMappers = userManagementMappers;
        this.systemRoleManagementService = systemRoleManagementService;
        this.passwordEncoder = passwordEncoder;
    }
}
