package pl.edu.icm.yadda.aas.usercatalog.service.impl;

import java.util.Iterator;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.edu.icm.yadda.aas.usercatalog.model.Group;
import pl.edu.icm.yadda.aas.usercatalog.model.Role;
import pl.edu.icm.yadda.aas.usercatalog.model.User;
import pl.edu.icm.yadda.aas.usercatalog.model.UserProfile;
import pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade;
import pl.edu.icm.yadda.service2.YaddaErrorCodeConstants;
import pl.edu.icm.yadda.service2.exception.ServiceException;
import pl.edu.icm.yadda.service2.user.UserCatalog;
import pl.edu.icm.yadda.service2.user.credential.Credential;
import pl.edu.icm.yadda.service2.user.credential.LoginPasswordCredential;
import pl.edu.icm.yadda.service2.user.exception.CredentialNotFoundException;
import pl.edu.icm.yadda.service2.user.exception.CrossDomainOperationException;
import pl.edu.icm.yadda.service2.user.exception.DomainNotSupportedException;
import pl.edu.icm.yadda.service2.user.exception.GroupExistsException;
import pl.edu.icm.yadda.service2.user.exception.GroupNotFoundException;
import pl.edu.icm.yadda.service2.user.exception.InvalidCredentialException;
import pl.edu.icm.yadda.service2.user.exception.UserExistsException;
import pl.edu.icm.yadda.service2.user.exception.UserNotFoundException;
import pl.edu.icm.yadda.service2.user.model.GroupName;
import pl.edu.icm.yadda.service2.user.model.UserData;
import pl.edu.icm.yadda.service2.user.roles.IRoleDictionary;
import pl.edu.icm.yadda.tools.initializer.UnsupportedOperationException;

/* loaded from: input_file:WEB-INF/lib/yadda-user-api-1.12.6-SNAPSHOT.jar:pl/edu/icm/yadda/aas/usercatalog/service/impl/UserEditorGateway.class */
public class UserEditorGateway implements IUserEditorFacade {
    protected UserCatalog userCatalog;
    protected IRoleDictionary roleDictionary;
    protected final Logger log = LoggerFactory.getLogger(getClass());
    protected String defaultDomain = "YADDA";
    protected boolean cascadeGroupDeletion = false;

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public void addUserToGroup(String str, String str2) throws ServiceException {
        UserData loadUser = this.userCatalog.loadUser(str, this.defaultDomain, new UserData.UserDataParts[0]);
        if (loadUser == null) {
            throw new ServiceException("no user registered with login: " + str);
        }
        try {
            this.userCatalog.assignUser(loadUser.getId(), new GroupName(this.defaultDomain, str2));
        } catch (CrossDomainOperationException e) {
            throw new ServiceException(e);
        } catch (GroupNotFoundException e2) {
            throw new ServiceException(e2);
        } catch (UserNotFoundException e3) {
            throw new ServiceException(e3);
        }
    }

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public void changePassword(String str, String str2) throws ServiceException {
        try {
            UserData loadUser = this.userCatalog.loadUser(str, this.defaultDomain, UserData.UserDataParts.SAFE_SENSITIVE_DATA);
            String id = loadUser.getId();
            if (loadUser.getCredentials() != null) {
                for (Credential credential : loadUser.getCredentials()) {
                    if (credential instanceof LoginPasswordCredential) {
                        this.userCatalog.deleteCredential(credential.getId());
                    }
                }
            }
            LoginPasswordCredential loginPasswordCredential = new LoginPasswordCredential();
            loginPasswordCredential.setUserId(id);
            loginPasswordCredential.setPassword(str2);
            loginPasswordCredential.setStatus(Credential.STATUS.ACTIVE);
            this.userCatalog.addCredential(loginPasswordCredential);
        } catch (CredentialNotFoundException e) {
            throw new ServiceException(e);
        } catch (InvalidCredentialException e2) {
            throw new ServiceException(e2);
        } catch (UserNotFoundException e3) {
            throw new ServiceException(e3);
        }
    }

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public void deleteGroup(String str) throws ServiceException {
        try {
            this.userCatalog.deleteGroup(new GroupName(this.defaultDomain, str), false);
        } catch (GroupNotFoundException e) {
            throw new ServiceException(e);
        }
    }

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public void deleteRole(String str) throws ServiceException {
        if (this.roleDictionary.isReadOnly()) {
            throw new ServiceException(YaddaErrorCodeConstants.ERROR_UNSUPPORTED, "Role dictionary is read-only!");
        }
        this.roleDictionary.removeRole(str);
    }

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public void deleteUser(String str) throws ServiceException {
        try {
            this.userCatalog.deleteUser(str, this.defaultDomain);
        } catch (UserNotFoundException e) {
            throw new ServiceException(e);
        }
    }

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public void removeUserFromGroup(String str, String str2) throws ServiceException {
        UserData loadUser = this.userCatalog.loadUser(str, this.defaultDomain, new UserData.UserDataParts[0]);
        if (loadUser == null) {
            throw new ServiceException("no user registered with login: " + str);
        }
        try {
            this.userCatalog.unassignUser(loadUser.getId(), new GroupName(this.defaultDomain, str2));
        } catch (CrossDomainOperationException e) {
            throw new ServiceException(e);
        } catch (GroupNotFoundException e2) {
            throw new ServiceException(e2);
        } catch (UserNotFoundException e3) {
            throw new ServiceException(e3);
        }
    }

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public void setUserEnabled(String str, boolean z) throws ServiceException {
        throw new ServiceException(new UnsupportedOperationException());
    }

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public void storeGroup(Group group, boolean z) throws ServiceException {
        if (group == null) {
            throw new ServiceException("unable to store null group!");
        }
        pl.edu.icm.yadda.service2.user.model.Group loadGroup = this.userCatalog.loadGroup(new GroupName(this.defaultDomain, group.getName()));
        if (loadGroup == null) {
            try {
                this.userCatalog.addGroup(UserCatalogGatewayHelper.convert(group, this.defaultDomain, this.userCatalog));
                return;
            } catch (DomainNotSupportedException e) {
                throw new ServiceException(e);
            } catch (GroupExistsException e2) {
                throw new ServiceException(e2);
            }
        }
        if (!z) {
            throw new ServiceException("group " + group.getName() + " already exists!");
        }
        try {
            pl.edu.icm.yadda.service2.user.model.Group convert = UserCatalogGatewayHelper.convert(group, this.defaultDomain, this.userCatalog);
            convert.setId(loadGroup.getId());
            this.userCatalog.updateGroup(convert);
        } catch (GroupNotFoundException e3) {
            throw new ServiceException(e3);
        }
    }

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public void storeRole(Role role, boolean z) throws ServiceException {
        if (this.roleDictionary.isReadOnly()) {
            throw new ServiceException(YaddaErrorCodeConstants.ERROR_UNSUPPORTED, "Role dictionary is read-only!");
        }
        this.roleDictionary.addRole(role.getName());
    }

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public void storeUser(User user, boolean z) throws ServiceException {
        if (user == null) {
            throw new ServiceException("unable to store null user!");
        }
        UserData loadUser = this.userCatalog.loadUser(user.getName(), this.defaultDomain, UserData.UserDataParts.SENSITIVE_DATA);
        if (loadUser == null) {
            try {
                UserData convert = UserCatalogGatewayHelper.convert(user, this.defaultDomain);
                String addUser = this.userCatalog.addUser(convert.getUser());
                if (convert.getCredentials() != null) {
                    for (Credential credential : convert.getCredentials()) {
                        credential.setUserId(addUser);
                        this.userCatalog.addCredential(credential);
                    }
                }
                if (convert.getDirectGroups() != null) {
                    Iterator<GroupName> it = convert.getDirectGroups().iterator();
                    while (it.hasNext()) {
                        this.userCatalog.assignUser(addUser, it.next());
                    }
                }
                return;
            } catch (CrossDomainOperationException e) {
                throw new ServiceException(e);
            } catch (DomainNotSupportedException e2) {
                throw new ServiceException(e2);
            } catch (GroupNotFoundException e3) {
                throw new ServiceException(e3);
            } catch (InvalidCredentialException e4) {
                throw new ServiceException(e4);
            } catch (UserExistsException e5) {
                throw new ServiceException(e5);
            } catch (UserNotFoundException e6) {
                throw new ServiceException(e6);
            }
        }
        if (!z) {
            throw new ServiceException("user " + user.getName() + " already exists!");
        }
        try {
            UserData convert2 = UserCatalogGatewayHelper.convert(user, this.defaultDomain);
            if (convert2.getUser().getId() == null) {
                convert2.getUser().setId(loadUser.getId());
            }
            this.userCatalog.updateUser(convert2.getUser());
            if (convert2.getCredentials() != null) {
                if (loadUser.getCredentials() != null) {
                    for (Credential credential2 : loadUser.getCredentials()) {
                        if (credential2.getId() != null) {
                            this.log.debug("removing credential " + credential2.getId() + " of user " + user.getName());
                            this.userCatalog.deleteCredential(credential2.getId());
                        } else {
                            this.log.debug("got unidentified credential " + credential2.getClass().getName() + ", which cannot be removed, probably removal is not supported!");
                        }
                    }
                }
                for (Credential credential3 : convert2.getCredentials()) {
                    credential3.setUserId(convert2.getUser().getId());
                    this.userCatalog.addCredential(credential3);
                }
            }
            updateGroupAssignments(convert2.getUser().getId(), loadUser.getDirectGroups(), convert2.getDirectGroups());
        } catch (CredentialNotFoundException e7) {
            throw new ServiceException(e7);
        } catch (CrossDomainOperationException e8) {
            throw new ServiceException(e8);
        } catch (GroupNotFoundException e9) {
            throw new ServiceException(e9);
        } catch (InvalidCredentialException e10) {
            throw new ServiceException(e10);
        } catch (UserNotFoundException e11) {
            throw new ServiceException(e11);
        }
    }

    protected void updateGroupAssignments(String str, Set<GroupName> set, Set<GroupName> set2) throws UserNotFoundException, GroupNotFoundException, CrossDomainOperationException {
        if (set == null || set.isEmpty()) {
            if (set2 == null || set2.isEmpty()) {
                return;
            }
            Iterator<GroupName> it = set2.iterator();
            while (it.hasNext()) {
                this.userCatalog.assignUser(str, it.next());
            }
            return;
        }
        if (set2 == null || set2.isEmpty()) {
            Iterator<GroupName> it2 = set.iterator();
            while (it2.hasNext()) {
                this.userCatalog.unassignUser(str, it2.next());
            }
            return;
        }
        for (GroupName groupName : set2) {
            if (!set.contains(groupName)) {
                this.userCatalog.assignUser(str, groupName);
            }
        }
        for (GroupName groupName2 : set) {
            if (!set2.contains(groupName2)) {
                this.userCatalog.unassignUser(str, groupName2);
            }
        }
    }

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public void storeUserProfile(UserProfile userProfile, boolean z) throws ServiceException {
        throw new ServiceException(new UnsupportedOperationException());
    }

    @Override // pl.edu.icm.yadda.service2.IYaddaServiceFacade
    public void checkVersion() {
        throw new RuntimeException(new UnsupportedOperationException());
    }

    public void setUserCatalog(UserCatalog userCatalog) {
        this.userCatalog = userCatalog;
    }

    public void setDefaultDomain(String str) {
        this.defaultDomain = str;
    }

    public void setCascadeGroupDeletion(boolean z) {
        this.cascadeGroupDeletion = z;
    }

    public void setRoleDictionary(IRoleDictionary iRoleDictionary) {
        this.roleDictionary = iRoleDictionary;
    }

    @Override // pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade
    public boolean canEditSecurityRoles() {
        return !this.roleDictionary.isReadOnly();
    }
}
