package com.helger.photon.security.user;

import com.helger.commons.ValueEnforcer;
import com.helger.commons.annotation.Nonempty;
import com.helger.commons.annotation.ReturnsMutableCopy;
import com.helger.commons.annotation.ReturnsMutableObject;
import com.helger.commons.callback.CallbackList;
import com.helger.commons.collection.impl.ICommonsList;
import com.helger.commons.locale.LocaleHelper;
import com.helger.commons.state.EChange;
import com.helger.commons.string.StringHelper;
import com.helger.dao.DAOException;
import com.helger.photon.app.dao.AbstractPhotonMapBasedWALDAO;
import com.helger.photon.audit.AuditHelper;
import com.helger.photon.security.CSecurity;
import com.helger.photon.security.object.BusinessObjectHelper;
import com.helger.photon.security.password.GlobalPasswordSettings;
import com.helger.security.password.hash.PasswordHash;
import com.helger.security.password.salt.PasswordSalt;
import java.util.Locale;
import java.util.Map;
import javax.annotation.Nonnegative;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.concurrent.ThreadSafe;

@ThreadSafe
/* loaded from: input_file:WEB-INF/lib/ph-oton-security-8.2.1.jar:com/helger/photon/security/user/UserManager.class */
public class UserManager extends AbstractPhotonMapBasedWALDAO<IUser, User> {
    private final CallbackList<IUserModificationCallback> m_aCallbacks;

    public UserManager(@Nonnull @Nonempty String str) throws DAOException {
        super(User.class, str);
        this.m_aCallbacks = new CallbackList<>();
    }

    public void createDefaults() {
        if (!containsWithID(CSecurity.USER_ADMINISTRATOR_ID)) {
            this.m_aRWLock.writeLocked(() -> {
                return (User) internalCreateItem(new User(CSecurity.USER_ADMINISTRATOR_ID, CSecurity.USER_ADMINISTRATOR_LOGIN, CSecurity.USER_ADMINISTRATOR_EMAIL, GlobalPasswordSettings.createUserDefaultPasswordHash(new PasswordSalt(), "password"), "Administrator", (String) null, (String) null, (Locale) null, (Map) null, false));
            });
        }
        if (!containsWithID("user")) {
            this.m_aRWLock.writeLocked(() -> {
                return (User) internalCreateItem(new User("user", "User", CSecurity.USER_USER_EMAIL, GlobalPasswordSettings.createUserDefaultPasswordHash(new PasswordSalt(), "user"), "User", (String) null, (String) null, (Locale) null, (Map) null, false));
            });
        }
        if (containsWithID("guest")) {
            return;
        }
        this.m_aRWLock.writeLocked(() -> {
            return (User) internalCreateItem(new User("guest", "Guest", CSecurity.USER_GUEST_EMAIL, GlobalPasswordSettings.createUserDefaultPasswordHash(new PasswordSalt(), "guest"), "Guest", (String) null, (String) null, (Locale) null, (Map) null, false));
        });
    }

    @Nonnull
    @ReturnsMutableObject("design")
    public CallbackList<IUserModificationCallback> userModificationCallbacks() {
        return this.m_aCallbacks;
    }

    @Nullable
    public IUser createNewUser(@Nonnull @Nonempty String str, @Nullable String str2, @Nonnull String str3, @Nullable String str4, @Nullable String str5, @Nullable String str6, @Nullable Locale locale, @Nullable Map<String, String> map, boolean z) {
        ValueEnforcer.notEmpty(str, "LoginName");
        ValueEnforcer.notNull(str3, "PlainTextPassword");
        if (getUserOfLoginName(str) != null) {
            AuditHelper.onAuditCreateFailure(User.OT, "login-name-already-in-use", str);
            return null;
        }
        User user = new User(str, str2, GlobalPasswordSettings.createUserDefaultPasswordHash(new PasswordSalt(), str3), str4, str5, str6, locale, map, z);
        this.m_aRWLock.writeLocked(() -> {
            internalCreateItem(user);
        });
        AuditHelper.onAuditCreateSuccess(User.OT, user.getID(), str, str2, str4, str5, str6, locale, map, Boolean.valueOf(z));
        this.m_aCallbacks.forEach(iUserModificationCallback -> {
            iUserModificationCallback.onUserCreated(user, false);
        });
        return user;
    }

    @Nullable
    public IUser createPredefinedUser(@Nonnull @Nonempty String str, @Nonnull @Nonempty String str2, @Nullable String str3, @Nonnull String str4, @Nullable String str5, @Nullable String str6, @Nullable String str7, @Nullable Locale locale, @Nullable Map<String, String> map, boolean z) {
        ValueEnforcer.notEmpty(str2, "LoginName");
        ValueEnforcer.notNull(str4, "PlainTextPassword");
        if (getUserOfLoginName(str2) != null) {
            AuditHelper.onAuditCreateFailure(User.OT, "login-name-already-in-use", str2, "predefined-user");
            return null;
        }
        User user = new User(str, str2, str3, GlobalPasswordSettings.createUserDefaultPasswordHash(new PasswordSalt(), str4), str5, str6, str7, locale, map, z);
        this.m_aRWLock.writeLocked(() -> {
            internalCreateItem(user);
        });
        AuditHelper.onAuditCreateSuccess(User.OT, user.getID(), "predefined-user", str2, str3, str5, str6, str7, locale, map, Boolean.valueOf(z));
        this.m_aCallbacks.forEach(iUserModificationCallback -> {
            iUserModificationCallback.onUserCreated(user, true);
        });
        return user;
    }

    @Nullable
    public IUser getUserOfID(@Nullable String str) {
        return (IUser) getOfID(str);
    }

    @Nullable
    public IUser getActiveUserOfID(@Nullable String str) {
        IUser iUser = (IUser) getOfID(str);
        if (iUser == null || iUser.isDeleted() || iUser.isDisabled()) {
            return null;
        }
        return iUser;
    }

    @Nullable
    public IUser getUserOfLoginName(@Nullable String str) {
        if (StringHelper.hasNoText(str)) {
            return null;
        }
        return (IUser) findFirst(iUser -> {
            return iUser.getLoginName().equals(str);
        });
    }

    @Nullable
    public IUser getUserOfEmailAddress(@Nullable String str) {
        if (StringHelper.hasNoText(str)) {
            return null;
        }
        return (IUser) findFirst(iUser -> {
            return str.equals(iUser.getEmailAddress());
        });
    }

    @Nullable
    public IUser getUserOfEmailAddressIgnoreCase(@Nullable String str) {
        if (StringHelper.hasNoText(str)) {
            return null;
        }
        return (IUser) findFirst(iUser -> {
            return str.equalsIgnoreCase(iUser.getEmailAddress());
        });
    }

    @Nonnull
    @ReturnsMutableCopy
    public ICommonsList<IUser> getAllActiveUsers() {
        return getAll(iUser -> {
            return !iUser.isDeleted() && iUser.isEnabled();
        });
    }

    @Nonnegative
    public int getActiveUserCount() {
        return getCount(iUser -> {
            return !iUser.isDeleted() && iUser.isEnabled();
        });
    }

    @Nonnull
    @ReturnsMutableCopy
    public ICommonsList<IUser> getAllDisabledUsers() {
        return getAll(iUser -> {
            return !iUser.isDeleted() && iUser.isDisabled();
        });
    }

    @Nonnull
    @ReturnsMutableCopy
    public ICommonsList<IUser> getAllNotDeletedUsers() {
        return getAll(iUser -> {
            return !iUser.isDeleted();
        });
    }

    @Nonnull
    @ReturnsMutableCopy
    public ICommonsList<IUser> getAllDeletedUsers() {
        return getAll(iUser -> {
            return iUser.isDeleted();
        });
    }

    public boolean containsAnyActiveUser() {
        return containsAny(iUser -> {
            return !iUser.isDeleted() && iUser.isEnabled();
        });
    }

    @Nonnull
    public EChange setUserData(@Nullable String str, @Nonnull @Nonempty String str2, @Nullable String str3, @Nullable String str4, @Nullable String str5, @Nullable String str6, @Nullable Locale locale, @Nullable Map<String, String> map, boolean z) {
        User user = (User) getOfID(str);
        if (user == null) {
            AuditHelper.onAuditModifyFailure(User.OT, str, "no-such-user-id");
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            if (user.setLoginName(str2).or(user.setEmailAddress(str3)).or(user.setFirstName(str4)).or(user.setLastName(str5)).or(user.setDescription(str6)).or(user.setDesiredLocale(locale)).or(user.setDisabled(z)).or(user.attrs().setAll(map)).isUnchanged()) {
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            BusinessObjectHelper.setLastModificationNow(user);
            internalUpdateItem(user);
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditModifySuccess(User.OT, LocaleHelper.STR_ALL, user.getID(), str2, str3, str4, str5, str6, locale, map, Boolean.valueOf(z));
            this.m_aCallbacks.forEach(iUserModificationCallback -> {
                iUserModificationCallback.onUserUpdated(user);
            });
            return EChange.CHANGED;
        } catch (Throwable th) {
            this.m_aRWLock.writeLock().unlock();
            throw th;
        }
    }

    @Nonnull
    public EChange setUserPassword(@Nullable String str, @Nonnull String str2) {
        User user = (User) getOfID(str);
        if (user == null) {
            AuditHelper.onAuditModifyFailure(User.OT, str, "no-such-user-id", "password");
            return EChange.UNCHANGED;
        }
        PasswordHash createUserDefaultPasswordHash = GlobalPasswordSettings.createUserDefaultPasswordHash(new PasswordSalt(), str2);
        this.m_aRWLock.writeLock().lock();
        try {
            if (user.setPasswordHash(createUserDefaultPasswordHash).isUnchanged()) {
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            BusinessObjectHelper.setLastModificationNow(user);
            internalUpdateItem(user);
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditModifySuccess(User.OT, "password", str);
            this.m_aCallbacks.forEach(iUserModificationCallback -> {
                iUserModificationCallback.onUserPasswordChanged(user);
            });
            return EChange.CHANGED;
        } catch (Throwable th) {
            this.m_aRWLock.writeLock().unlock();
            throw th;
        }
    }

    @Nonnull
    public EChange updateUserLastLogin(@Nullable String str) {
        User user = (User) getOfID(str);
        if (user == null) {
            AuditHelper.onAuditModifyFailure(User.OT, str, "no-such-user-id", "update-last-login");
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            user.onSuccessfulLogin();
            internalUpdateItem(user);
            AuditHelper.onAuditModifySuccess(User.OT, "update-last-login", str);
            return EChange.CHANGED;
        } finally {
            this.m_aRWLock.writeLock().unlock();
        }
    }

    @Nonnull
    public EChange updateUserLastFailedLogin(@Nullable String str) {
        User user = (User) getOfID(str);
        if (user == null) {
            AuditHelper.onAuditModifyFailure(User.OT, str, "no-such-user-id", "update-last-failed-login");
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            user.onFailedLogin();
            internalUpdateItem(user);
            AuditHelper.onAuditModifySuccess(User.OT, "update-last-failed-login", str);
            this.m_aCallbacks.forEach(iUserModificationCallback -> {
                iUserModificationCallback.onUserLastFailedLoginUpdated(user);
            });
            return EChange.CHANGED;
        } finally {
            this.m_aRWLock.writeLock().unlock();
        }
    }

    @Nonnull
    public EChange deleteUser(@Nullable String str) {
        User user = (User) getOfID(str);
        if (user == null) {
            AuditHelper.onAuditDeleteFailure(User.OT, "no-such-user-id", str);
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            if (BusinessObjectHelper.setDeletionNow(user).isUnchanged()) {
                AuditHelper.onAuditDeleteFailure(User.OT, "already-deleted", str);
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            internalMarkItemDeleted(user);
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditDeleteSuccess(User.OT, str);
            this.m_aCallbacks.forEach(iUserModificationCallback -> {
                iUserModificationCallback.onUserDeleted(user);
            });
            return EChange.CHANGED;
        } catch (Throwable th) {
            this.m_aRWLock.writeLock().unlock();
            throw th;
        }
    }

    @Nonnull
    public EChange undeleteUser(@Nullable String str) {
        User user = (User) getOfID(str);
        if (user == null) {
            AuditHelper.onAuditUndeleteFailure(User.OT, str, "no-such-user-id");
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            if (BusinessObjectHelper.setUndeletionNow(user).isUnchanged()) {
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            internalMarkItemUndeleted(user);
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditUndeleteSuccess(User.OT, str);
            this.m_aCallbacks.forEach(iUserModificationCallback -> {
                iUserModificationCallback.onUserUndeleted(user);
            });
            return EChange.CHANGED;
        } catch (Throwable th) {
            this.m_aRWLock.writeLock().unlock();
            throw th;
        }
    }

    @Nonnull
    public EChange disableUser(@Nullable String str) {
        User user = (User) getOfID(str);
        if (user == null) {
            AuditHelper.onAuditModifyFailure(User.OT, str, "no-such-user-id", "disable");
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            if (user.setDisabled(true).isUnchanged()) {
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            internalUpdateItem(user);
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditModifySuccess(User.OT, "disable", str);
            this.m_aCallbacks.forEach(iUserModificationCallback -> {
                iUserModificationCallback.onUserEnabled(user, false);
            });
            return EChange.CHANGED;
        } catch (Throwable th) {
            this.m_aRWLock.writeLock().unlock();
            throw th;
        }
    }

    @Nonnull
    public EChange enableUser(@Nullable String str) {
        User user = (User) getOfID(str);
        if (user == null) {
            AuditHelper.onAuditModifyFailure(User.OT, str, "no-such-user-id", "enable");
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            if (user.setDisabled(false).isUnchanged()) {
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            internalUpdateItem(user);
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditModifySuccess(User.OT, "enable", str);
            this.m_aCallbacks.forEach(iUserModificationCallback -> {
                iUserModificationCallback.onUserEnabled(user, true);
            });
            return EChange.CHANGED;
        } catch (Throwable th) {
            this.m_aRWLock.writeLock().unlock();
            throw th;
        }
    }

    public boolean areUserIDAndPasswordValid(@Nullable String str, @Nullable String str2) {
        IUser iUser;
        if (str2 == null || (iUser = (IUser) getOfID(str)) == null) {
            return false;
        }
        return iUser.getPasswordHash().equals(GlobalPasswordSettings.createUserPasswordHash(iUser.getPasswordHash().getAlgorithmName(), iUser.getPasswordHash().getSalt(), str2));
    }
}
