package io.datarouter.auth.service;

import io.datarouter.auth.storage.account.DatarouterAccountKey;
import io.datarouter.auth.storage.useraccountmap.BaseDatarouterUserAccountMapDao;
import io.datarouter.auth.storage.useraccountmap.DatarouterUserAccountMap;
import io.datarouter.auth.storage.useraccountmap.DatarouterUserAccountMapKey;
import io.datarouter.auth.storage.userhistory.DatarouterUserHistory;
import io.datarouter.httpclient.client.DatarouterService;
import io.datarouter.scanner.Scanner;
import io.datarouter.storage.config.DatarouterAdministratorEmailService;
import io.datarouter.util.BooleanTool;
import io.datarouter.web.user.DatarouterSessionDao;
import io.datarouter.web.user.authenticate.PermissionRequestAdditionalEmailsSupplier;
import io.datarouter.web.user.databean.DatarouterUser;
import io.datarouter.web.user.role.DatarouterUserRole;
import io.datarouter.web.user.session.service.Role;
import io.datarouter.web.util.PasswordTool;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import javax.inject.Inject;
import javax.inject.Singleton;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:io/datarouter/auth/service/DatarouterUserEditService.class */
public class DatarouterUserEditService {
    private static final Logger logger = LoggerFactory.getLogger(DatarouterUserEditService.class);

    @Inject
    private DatarouterAdministratorEmailService adminEmailService;

    @Inject
    private BaseDatarouterUserAccountMapDao datarouterUserAccountMapDao;

    @Inject
    private DatarouterUserHistoryService userHistoryService;

    @Inject
    private DatarouterSessionDao datarouterSessionDao;

    @Inject
    private DatarouterUserService datarouterUserService;

    @Inject
    private PermissionRequestAdditionalEmailsSupplier permissionRequestAdditionalEmails;

    @Inject
    private DatarouterService datarouterService;

    public void editUser(DatarouterUser datarouterUser, DatarouterUser datarouterUser2, Set<Role> set, Boolean bool, String str, Set<DatarouterAccountKey> set2) {
        DatarouterUserHistory datarouterUserHistory = new DatarouterUserHistory(datarouterUser.getId(), new Date(), datarouterUser2.getId(), DatarouterUserHistory.DatarouterUserChangeType.EDIT, null);
        ArrayList arrayList = new ArrayList();
        HashSet hashSet = new HashSet(datarouterUser.getRoles());
        boolean contains = hashSet.contains(DatarouterUserRole.DATAROUTER_ADMIN.getRole());
        if (contains && !set.contains(DatarouterUserRole.DATAROUTER_ADMIN.getRole()) && !datarouterUser.equals(datarouterUser2)) {
            throw new RuntimeException("cannot disable datarouterAdmin user");
        }
        Set<Role> allowedUserRoles = this.datarouterUserService.getAllowedUserRoles(datarouterUser2, set);
        boolean z = false;
        if (!allowedUserRoles.equals(hashSet)) {
            arrayList.add(change("roles", hashSet, allowedUserRoles));
            datarouterUser.setRoles(allowedUserRoles);
            z = true;
        }
        boolean z2 = false;
        if (!BooleanTool.nullSafeSame(bool, datarouterUser.getEnabled())) {
            if (contains) {
                throw new RuntimeException("cannot disable datarouterAdmin user");
            }
            arrayList.add(change("enabled", datarouterUser.getEnabled(), bool));
            datarouterUser.setEnabled(bool);
            z2 = true;
        }
        Optional<String> handleAccountChanges = handleAccountChanges(datarouterUser, set2);
        arrayList.getClass();
        handleAccountChanges.ifPresent((v1) -> {
            r1.add(v1);
        });
        if (arrayList.size() <= 0) {
            logger.warn("User {} submitted edit request for user {}, but no changes were made.", datarouterUser2.toString(), datarouterUser.toString());
            return;
        }
        datarouterUserHistory.setChanges(String.join(", ", arrayList));
        this.userHistoryService.recordRoleEdit(datarouterUser, datarouterUserHistory, str);
        if (z || z2) {
            List list = this.datarouterSessionDao.scan().include(datarouterSession -> {
                return datarouterSession.getUserToken().equals(datarouterUser.getUserToken());
            }).list();
            if (!z2) {
                list.forEach(datarouterSession2 -> {
                    datarouterSession2.setRoles(datarouterUser.getRoles());
                });
                this.datarouterSessionDao.putMulti(list);
            } else {
                Scanner map = Scanner.of(list).map((v0) -> {
                    return v0.getKey();
                });
                DatarouterSessionDao datarouterSessionDao = this.datarouterSessionDao;
                datarouterSessionDao.getClass();
                map.flush((v1) -> {
                    r1.deleteMulti(v1);
                });
            }
        }
    }

    private Optional<String> handleAccountChanges(DatarouterUser datarouterUser, Set<DatarouterAccountKey> set) {
        Set set2 = (Set) this.datarouterUserAccountMapDao.scanKeysWithPrefix(new DatarouterUserAccountMapKey(datarouterUser.getId(), null)).collect(HashSet::new);
        Set set3 = (Set) set2.stream().filter(datarouterUserAccountMapKey -> {
            return !set.contains(datarouterUserAccountMapKey.getDatarouterAccountKey());
        }).collect(Collectors.toSet());
        Set set4 = (Set) set.stream().map(datarouterAccountKey -> {
            return new DatarouterUserAccountMap(datarouterUser.getId(), datarouterAccountKey.getAccountName());
        }).filter(datarouterUserAccountMap -> {
            return !set2.contains(datarouterUserAccountMap.getKey());
        }).collect(Collectors.toSet());
        if (set3.isEmpty() && set4.isEmpty()) {
            return Optional.empty();
        }
        if (!set3.isEmpty()) {
            this.datarouterUserAccountMapDao.deleteMulti(set3);
        }
        if (!set4.isEmpty()) {
            this.datarouterUserAccountMapDao.putMulti(set4);
        }
        return Optional.of(change("accounts", (String) set2.stream().map((v0) -> {
            return v0.getDatarouterAccountKey();
        }).map((v0) -> {
            return v0.getAccountName();
        }).sorted(String.CASE_INSENSITIVE_ORDER).collect(Collectors.joining(",")), (String) set.stream().map((v0) -> {
            return v0.getAccountName();
        }).sorted(String.CASE_INSENSITIVE_ORDER).collect(Collectors.joining(","))));
    }

    public void changePassword(DatarouterUser datarouterUser, DatarouterUser datarouterUser2, String str, String str2) {
        DatarouterUserHistory datarouterUserHistory = new DatarouterUserHistory(datarouterUser.getId(), new Date(), datarouterUser2.getId(), DatarouterUserHistory.DatarouterUserChangeType.RESET, null);
        updateUserPassword(datarouterUser, str);
        datarouterUserHistory.setChanges("password");
        this.userHistoryService.recordPasswordChange(datarouterUser, datarouterUserHistory, str2);
    }

    private void updateUserPassword(DatarouterUser datarouterUser, String str) {
        String generateSalt = PasswordTool.generateSalt();
        String digest = PasswordTool.digest(generateSalt, str);
        datarouterUser.setPasswordSalt(generateSalt);
        datarouterUser.setPasswordDigest(digest);
    }

    private static String change(String str, Object obj, Object obj2) {
        return String.valueOf(str) + ": " + obj + " => " + obj2;
    }

    public String getUserEditEmailRecipients(DatarouterUser... datarouterUserArr) {
        Set set = (Set) Arrays.stream(datarouterUserArr).map((v0) -> {
            return v0.getUsername();
        }).collect(Collectors.toSet());
        Set set2 = (Set) this.permissionRequestAdditionalEmails.get();
        set.getClass();
        set2.forEach((v1) -> {
            r1.add(v1);
        });
        List administratorEmailAddresses = this.adminEmailService.getAdministratorEmailAddresses();
        set.getClass();
        administratorEmailAddresses.forEach((v1) -> {
            r1.add(v1);
        });
        return String.join(",", set);
    }

    public String getPermissionRequestEmailSubject(DatarouterUser datarouterUser) {
        return String.format("Datarouter - Permission Request - %s - %s", this.datarouterService.getName(), datarouterUser.getUsername());
    }
}
