package pl.matsuo.core.web.controller.user;

import java.util.Arrays;
import java.util.Date;
import java.util.List;
import java.util.function.Function;
import javax.validation.Valid;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.util.MultiValueMap;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import pl.matsuo.core.exception.RestProcessingException;
import pl.matsuo.core.model.api.Initializer;
import pl.matsuo.core.model.organization.Person;
import pl.matsuo.core.model.query.QueryBuilder;
import pl.matsuo.core.model.user.User;
import pl.matsuo.core.model.user.initializer.UserInitializer;
import pl.matsuo.core.service.session.SessionState;
import pl.matsuo.core.util.SecurityUtil;
import pl.matsuo.core.web.controller.AbstractSimpleController;

@RequestMapping({"/users"})
@RestController
/* loaded from: input_file:WEB-INF/lib/matsuo-web-0.1.1.jar:pl/matsuo/core/web/controller/user/UserController.class */
public class UserController extends AbstractSimpleController<User> {

    @Autowired
    protected SessionState sessionState;
    protected Integer minimalPasswordLength = 8;

    @Override // pl.matsuo.core.web.controller.AbstractSearchController
    protected List<Function<User, String>> queryMatchers() {
        return Arrays.asList((v0) -> {
            return v0.getUsername();
        }, QueryBuilder.sub((v0) -> {
            return v0.getPerson();
        }, (v0) -> {
            return v0.getFirstName();
        }), QueryBuilder.sub((v0) -> {
            return v0.getPerson();
        }, (v0) -> {
            return v0.getLastName();
        }));
    }

    @Override // pl.matsuo.core.web.controller.AbstractSearchController
    protected List<? extends Initializer<User>> entityInitializers() {
        return Arrays.asList(new UserInitializer());
    }

    @Override // pl.matsuo.core.web.controller.AbstractController
    @RequestMapping(method = {RequestMethod.POST}, consumes = {"application/json"})
    @ResponseStatus(HttpStatus.CREATED)
    public HttpEntity<User> create(@Valid @RequestBody User user, @Value("#{request.requestURL}") StringBuffer stringBuffer) {
        user.setPerson((Person) this.database.create(user.getPerson()));
        if (user.getPassword().length() < this.minimalPasswordLength.intValue()) {
            throw new RestProcessingException("password_too_short");
        }
        user.setPassword(SecurityUtil.passwordHash(user.getPassword()));
        User user2 = (User) this.database.create(user);
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setLocation(childLocation(stringBuffer, user2.getId()));
        return new HttpEntity<>((MultiValueMap<String, String>) httpHeaders);
    }

    @RequestMapping(value = {"updatePassword"}, method = {RequestMethod.PUT}, consumes = {"application/json"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void updatePassword(@RequestBody IChangePasswordParams iChangePasswordParams) {
        User user = (User) this.database.findById(User.class, iChangePasswordParams.getId(), new Initializer[0]);
        if (iChangePasswordParams.getNewPassword().length() < this.minimalPasswordLength.intValue()) {
            throw new RestProcessingException("password_too_short");
        }
        if (!iChangePasswordParams.getNewPassword().equals(iChangePasswordParams.getConfirmationPassword())) {
            throw new RestProcessingException("password_confirmation_not_match");
        }
        user.setPassword(SecurityUtil.passwordHash(iChangePasswordParams.getNewPassword()));
        user.setLastPasswordChangeTime(new Date());
        this.database.update(user);
    }

    @RequestMapping(value = {"updateOwnPassword"}, method = {RequestMethod.PUT}, consumes = {"application/json"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void updateOwnPassword(@RequestBody IChangePasswordParams iChangePasswordParams) {
        if (!this.sessionState.getUser().getPassword().equals(SecurityUtil.passwordHash(iChangePasswordParams.getActualPassword()))) {
            throw new RestProcessingException("wrong_password");
        }
        iChangePasswordParams.setId(this.sessionState.getUser().getId());
        updatePassword(iChangePasswordParams);
    }

    @RequestMapping(value = {"blockUser"}, method = {RequestMethod.PUT}, consumes = {"application/json"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void blockUser(@RequestBody IBlockUserParams iBlockUserParams) {
        User user = (User) this.database.findById(User.class, iBlockUserParams.getId(), new Initializer[0]);
        user.setBlocked(iBlockUserParams.getBlock().booleanValue());
        this.database.update(user);
    }

    @Override // pl.matsuo.core.web.controller.AbstractController
    @RequestMapping(method = {RequestMethod.PUT}, consumes = {"application/json"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void update(@RequestBody User user) {
        user.setPassword(((User) this.database.findById(User.class, user.getId(), new Initializer[0])).getPassword());
        this.database.update(user.getPerson());
        this.database.update(user);
    }
}
