package net.unit8.bouncr.api.resource;

import enkan.collection.Parameters;
import enkan.component.BeansConverter;
import enkan.security.bouncr.UserPermissionPrincipal;
import enkan.util.BeanBuilder;
import enkan.util.ThreadingUtils;
import enkan.util.jpa.EntityTransactionManager;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.inject.Inject;
import javax.persistence.CacheStoreMode;
import javax.persistence.EntityGraph;
import javax.persistence.EntityManager;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.JoinType;
import javax.persistence.criteria.Root;
import kotowari.restful.Decision;
import kotowari.restful.DecisionPoint;
import kotowari.restful.component.BeansValidator;
import kotowari.restful.data.Problem;
import kotowari.restful.data.RestContext;
import kotowari.restful.resource.AllowedMethods;
import net.unit8.apistandard.resourcefilter.ResourceFilter;
import net.unit8.bouncr.api.boundary.BouncrProblem;
import net.unit8.bouncr.api.boundary.UserUpdateRequest;
import net.unit8.bouncr.api.logging.ActionRecord;
import net.unit8.bouncr.api.service.SignInService;
import net.unit8.bouncr.api.service.UserProfileService;
import net.unit8.bouncr.component.BouncrConfiguration;
import net.unit8.bouncr.component.StoreProvider;
import net.unit8.bouncr.component.config.HookPoint;
import net.unit8.bouncr.domain.VerificationTargetSet;
import net.unit8.bouncr.entity.ActionType;
import net.unit8.bouncr.entity.User;
import net.unit8.bouncr.entity.UserProfileVerification;

@AllowedMethods({"GET", "PUT", "DELETE"})
/* loaded from: input_file:net/unit8/bouncr/api/resource/UserResource.class */
public class UserResource {

    @Inject
    private BeansConverter converter;

    @Inject
    private BeansValidator validator;

    @Inject
    private BouncrConfiguration config;

    @Inject
    private StoreProvider storeProvider;

    @Decision(value = DecisionPoint.MALFORMED, method = {"PUT"})
    public Problem validateUpdateRequest(UserUpdateRequest userUpdateRequest, RestContext restContext, EntityManager entityManager) {
        if (userUpdateRequest == null) {
            return (Problem) BeanBuilder.builder(Problem.valueOf(400, "request is empty")).set((v0, v1) -> {
                v0.setType(v1);
            }, BouncrProblem.MALFORMED.problemUri()).build();
        }
        Problem problem = (Problem) BeanBuilder.builder(Problem.fromViolations(this.validator.validate(userUpdateRequest))).set((v0, v1) -> {
            v0.setType(v1);
        }, BouncrProblem.MALFORMED.problemUri()).build();
        this.config.getHookRepo().runHook(HookPoint.BEFORE_VALIDATE_USER_PROFILES, userUpdateRequest.getUserProfiles());
        problem.getViolations().addAll(new UserProfileService(entityManager).validateUserProfile(userUpdateRequest.getUserProfiles()));
        if (problem.getViolations().isEmpty()) {
            restContext.putValue(userUpdateRequest);
        }
        if (problem.getViolations().isEmpty()) {
            return null;
        }
        return problem;
    }

    @Decision(DecisionPoint.AUTHORIZED)
    public boolean isAuthorized(UserPermissionPrincipal userPermissionPrincipal) {
        return userPermissionPrincipal != null;
    }

    @Decision(value = DecisionPoint.ALLOWED, method = {"GET"})
    public boolean isGetAllowed(UserPermissionPrincipal userPermissionPrincipal, Parameters parameters) {
        return Optional.ofNullable(userPermissionPrincipal).filter(userPermissionPrincipal2 -> {
            return userPermissionPrincipal2.hasPermission("user:read") || userPermissionPrincipal2.hasPermission("any_user:read") || (userPermissionPrincipal2.hasPermission("my:read") && Objects.equals(userPermissionPrincipal2.getName(), parameters.get("account")));
        }).isPresent();
    }

    @Decision(value = DecisionPoint.ALLOWED, method = {"PUT"})
    public boolean isPutAllowed(UserPermissionPrincipal userPermissionPrincipal, Parameters parameters) {
        return Optional.ofNullable(userPermissionPrincipal).filter(userPermissionPrincipal2 -> {
            return userPermissionPrincipal2.hasPermission("user:update") || userPermissionPrincipal2.hasPermission("any_user:update") || (userPermissionPrincipal2.hasPermission("my:update") && Objects.equals(userPermissionPrincipal2.getName(), parameters.get("account")));
        }).isPresent();
    }

    @Decision(value = DecisionPoint.ALLOWED, method = {"DELETE"})
    public boolean isDeleteAllowed(UserPermissionPrincipal userPermissionPrincipal, Parameters parameters) {
        return Optional.ofNullable(userPermissionPrincipal).filter(userPermissionPrincipal2 -> {
            return userPermissionPrincipal2.hasPermission("user:delete") || userPermissionPrincipal2.hasPermission("any_user:delete") || (userPermissionPrincipal2.hasPermission("my:delete") && Objects.equals(userPermissionPrincipal2.getName(), parameters.get("account")));
        }).isPresent();
    }

    @Decision(DecisionPoint.EXISTS)
    public boolean exists(Parameters parameters, RestContext restContext, EntityManager entityManager) {
        CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
        CriteriaQuery createQuery = criteriaBuilder.createQuery(User.class);
        Root from = createQuery.from(User.class);
        from.fetch("userProfileValues", JoinType.LEFT);
        createQuery.where(criteriaBuilder.equal(from.get("account"), parameters.get("account")));
        List list = (List) ThreadingUtils.some(parameters.get("embed"), str -> {
            return new ResourceFilter().parse(str);
        }).orElse(Collections.emptyList());
        EntityGraph createEntityGraph = entityManager.createEntityGraph(User.class);
        createEntityGraph.addAttributeNodes(new String[]{"account", "userProfileValues"});
        if (list.stream().anyMatch(resourceField -> {
            return resourceField.getName().equalsIgnoreCase("groups");
        })) {
            from.fetch("groups", JoinType.LEFT);
            createQuery.distinct(true);
            createEntityGraph.addAttributeNodes(new String[]{"groups"});
            createEntityGraph.addSubgraph("groups").addAttributeNodes(new String[]{"name", "description"});
        }
        User user = (User) entityManager.createQuery(createQuery).setHint("javax.persistence.cache.storeMode", CacheStoreMode.REFRESH).setHint("javax.persistence.fetchgraph", createEntityGraph).getResultStream().findAny().orElse(null);
        if (user != null) {
            user.setUnverifiedProfiles((List) new UserProfileService(entityManager).findUserProfileVerifications(user.getAccount()).stream().map((v0) -> {
                return v0.getUserProfileField();
            }).filter((v0) -> {
                return Objects.nonNull(v0);
            }).map((v0) -> {
                return v0.getJsonName();
            }).collect(Collectors.toList()));
            restContext.putValue(user);
        }
        return user != null;
    }

    @Decision(value = DecisionPoint.CONFLICT, method = {"PUT"})
    public boolean conflict(UserUpdateRequest userUpdateRequest, User user, RestContext restContext, EntityManager entityManager) {
        Set<Problem.Violation> validateProfileUniqueness = new UserProfileService(entityManager).validateProfileUniqueness(userUpdateRequest.getUserProfiles(), user);
        if (!validateProfileUniqueness.isEmpty()) {
            Problem problem = (Problem) BeanBuilder.builder(Problem.valueOf(409)).set((v0, v1) -> {
                v0.setType(v1);
            }, BouncrProblem.CONFLICT.problemUri()).build();
            problem.getViolations().addAll(validateProfileUniqueness);
            restContext.setMessage(problem);
        }
        return !validateProfileUniqueness.isEmpty();
    }

    @Decision(DecisionPoint.HANDLE_OK)
    public User handleOk(User user, Parameters parameters, EntityManager entityManager) {
        if (((List) ThreadingUtils.some(parameters.get("embed"), str -> {
            return new ResourceFilter().parse(str);
        }).orElse(Collections.emptyList())).stream().anyMatch(resourceField -> {
            return resourceField.getName().equalsIgnoreCase("permissions");
        })) {
            user.setPermissions(new ArrayList((Set) new SignInService(entityManager, this.storeProvider, this.config).getPermissionsByRealm(user).values().stream().flatMap((v0) -> {
                return v0.stream();
            }).collect(Collectors.toSet())));
        }
        return user;
    }

    @Decision(DecisionPoint.PUT)
    public User update(UserUpdateRequest userUpdateRequest, User user, ActionRecord actionRecord, UserPermissionPrincipal userPermissionPrincipal, RestContext restContext, EntityManager entityManager) {
        UserProfileService userProfileService = new UserProfileService(entityManager);
        ArrayList arrayList = new ArrayList(userProfileService.convertToUserProfileValues(userUpdateRequest.getUserProfiles()));
        this.config.getHookRepo().runHook(HookPoint.BEFORE_UPDATE_USER, restContext);
        new EntityTransactionManager(entityManager).required(() -> {
            this.converter.copy(userUpdateRequest, user);
            ArrayList arrayList2 = new ArrayList();
            ArrayList arrayList3 = new ArrayList();
            user.getUserProfileValues().forEach(userProfileValue -> {
                arrayList.stream().filter(userProfileValue -> {
                    return userProfileValue.getUserProfileField().getId().equals(userProfileValue.getUserProfileField().getId());
                }).findAny().ifPresentOrElse(userProfileValue2 -> {
                    if (!Objects.equals(userProfileValue.getValue(), userProfileValue2.getValue())) {
                        userProfileValue.setValue(userProfileValue2.getValue());
                        arrayList3.add(userProfileValue);
                    }
                    arrayList.remove(userProfileValue2);
                }, () -> {
                    arrayList2.add(userProfileValue);
                });
            });
            arrayList.forEach(userProfileValue2 -> {
                userProfileValue2.setUser(user);
            });
            user.getUserProfileValues().addAll(arrayList);
            HashSet hashSet = new HashSet(userProfileService.findUserProfileVerifications(user.getAccount()));
            VerificationTargetSet verificationTargetSet = new VerificationTargetSet((Collection) userProfileService.createProfileVerification(Stream.concat(arrayList.stream(), arrayList3.stream())).stream().map(userProfileVerification -> {
                return (UserProfileVerification) hashSet.stream().filter(userProfileVerification -> {
                    return userProfileVerification.getUserProfileField().equals(userProfileVerification.getUserProfileField());
                }).findAny().orElseGet(() -> {
                    userProfileVerification.setUser(user);
                    entityManager.persist(userProfileVerification);
                    return userProfileVerification;
                });
            }).collect(Collectors.toSet()));
            if (!verificationTargetSet.isEmpty()) {
                restContext.putValue(verificationTargetSet);
            }
            this.config.getHookRepo().runHook(HookPoint.AFTER_UPDATE_USER, restContext);
        });
        actionRecord.setActionType(ActionType.USER_MODIFIED);
        actionRecord.setActor(userPermissionPrincipal.getName());
        actionRecord.setDescription(user.getAccount());
        entityManager.detach(user);
        return user;
    }

    @Decision(DecisionPoint.DELETE)
    public Void delete(User user, ActionRecord actionRecord, UserPermissionPrincipal userPermissionPrincipal, RestContext restContext, EntityManager entityManager) {
        EntityTransactionManager entityTransactionManager = new EntityTransactionManager(entityManager);
        CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
        CriteriaQuery createQuery = criteriaBuilder.createQuery(UserProfileVerification.class);
        createQuery.where(criteriaBuilder.equal(createQuery.from(UserProfileVerification.class).join("user").get("id"), user.getId()));
        this.config.getHookRepo().runHook(HookPoint.BEFORE_DELETE_USER, restContext);
        entityTransactionManager.required(() -> {
            Stream resultStream = entityManager.createQuery(createQuery).getResultStream();
            Objects.requireNonNull(entityManager);
            resultStream.forEach((v1) -> {
                r1.remove(v1);
            });
            entityManager.remove(user);
            this.config.getHookRepo().runHook(HookPoint.AFTER_DELETE_USER, restContext);
        });
        actionRecord.setActionType(ActionType.USER_DELETED);
        actionRecord.setActor(userPermissionPrincipal.getName());
        actionRecord.setDescription(user.getAccount());
        entityManager.detach(user);
        return null;
    }
}
