package org.glowroot.ui;

import com.fasterxml.jackson.databind.Module;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.base.Optional;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Lists;
import com.google.common.collect.Ordering;
import io.netty.handler.codec.http.HttpResponseStatus;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.annotation.Nullable;
import org.glowroot.common.config.ImmutableUserConfig;
import org.glowroot.common.config.RoleConfig;
import org.glowroot.common.config.UserConfig;
import org.glowroot.common.repo.ConfigRepository;
import org.glowroot.common.util.ObjectMappers;
import org.immutables.value.Value;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@JsonService
/* loaded from: input_file:WEB-INF/lib/glowroot-ui-0.9.16.jar:org/glowroot/ui/UserConfigJsonService.class */
class UserConfigJsonService {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) UserConfigJsonService.class);
    private static final ObjectMapper mapper = ObjectMappers.create(new Module[0]);
    private static final Ordering<UserConfig> orderingByName = new Ordering<UserConfig>() { // from class: org.glowroot.ui.UserConfigJsonService.1
        @Override // com.google.common.collect.Ordering, java.util.Comparator
        public int compare(UserConfig userConfig, UserConfig userConfig2) {
            return userConfig.username().compareToIgnoreCase(userConfig2.username());
        }
    };
    private final ConfigRepository configRepository;

    /* JADX INFO: Access modifiers changed from: package-private */
    @Value.Immutable
    /* loaded from: input_file:WEB-INF/lib/glowroot-ui-0.9.16.jar:org/glowroot/ui/UserConfigJsonService$AllRolesResponse.class */
    public interface AllRolesResponse {
        ImmutableList<String> allRoles();

        boolean ldapAvailable();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Value.Immutable
    /* loaded from: input_file:WEB-INF/lib/glowroot-ui-0.9.16.jar:org/glowroot/ui/UserConfigJsonService$UserConfigDto.class */
    public static abstract class UserConfigDto {
        /* JADX INFO: Access modifiers changed from: package-private */
        public abstract String username();

        /* JADX INFO: Access modifiers changed from: package-private */
        public abstract boolean ldap();

        /* JADX INFO: Access modifiers changed from: package-private */
        @Value.Default
        public String newPassword() {
            return "";
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public abstract ImmutableList<String> roles();

        /* JADX INFO: Access modifiers changed from: package-private */
        public abstract Optional<String> version();

        /* JADX INFO: Access modifiers changed from: private */
        public UserConfig convert(@Nullable UserConfig userConfig) throws GeneralSecurityException {
            String newPassword = newPassword();
            return ImmutableUserConfig.builder().username(username()).ldap(ldap()).passwordHash((ldap() || username().equalsIgnoreCase("anonymous")) ? "" : newPassword.isEmpty() ? ((UserConfig) Preconditions.checkNotNull(userConfig)).passwordHash() : PasswordHash.createHash(newPassword)).roles(roles()).build();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static UserConfigDto create(UserConfig userConfig) {
            return ImmutableUserConfigDto.builder().username(userConfig.username()).ldap(userConfig.ldap()).roles(userConfig.roles()).version(userConfig.version()).build();
        }
    }

    @Value.Immutable
    /* loaded from: input_file:WEB-INF/lib/glowroot-ui-0.9.16.jar:org/glowroot/ui/UserConfigJsonService$UserConfigRequest.class */
    interface UserConfigRequest {
        Optional<String> username();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Value.Immutable
    /* loaded from: input_file:WEB-INF/lib/glowroot-ui-0.9.16.jar:org/glowroot/ui/UserConfigJsonService$UserConfigResponse.class */
    public interface UserConfigResponse {
        UserConfigDto config();

        ImmutableList<String> allRoles();

        boolean ldapAvailable();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public UserConfigJsonService(ConfigRepository configRepository) {
        this.configRepository = configRepository;
    }

    @GET(path = "/backend/admin/users", permission = "admin:view:user")
    String getUserConfig(@BindRequest UserConfigRequest userConfigRequest) throws Exception {
        Optional<String> username = userConfigRequest.username();
        if (username.isPresent()) {
            return getUserConfigInternal(username.get());
        }
        ArrayList newArrayList = Lists.newArrayList();
        Iterator it = orderingByName.immutableSortedCopy(this.configRepository.getUserConfigs()).iterator();
        while (it.hasNext()) {
            newArrayList.add(UserConfigDto.create((UserConfig) it.next()));
        }
        return mapper.writeValueAsString(newArrayList);
    }

    @GET(path = "/backend/admin/all-role-names", permission = "admin:edit:user")
    String getAllRoleNames() throws Exception {
        return mapper.writeValueAsString(ImmutableAllRolesResponse.builder().allRoles(getAllRoleNamesInternal()).ldapAvailable(!this.configRepository.getLdapConfig().url().isEmpty()).build());
    }

    @POST(path = "/backend/admin/users/add", permission = "admin:edit:user")
    String addUser(@BindRequest UserConfigDto userConfigDto) throws Exception {
        UserConfig convert = userConfigDto.convert(null);
        try {
            this.configRepository.insertUserConfig(convert);
            return getUserConfigInternal(convert.username());
        } catch (ConfigRepository.DuplicateUsernameException e) {
            logger.debug(e.getMessage(), (Throwable) e);
            throw new JsonServiceException(HttpResponseStatus.CONFLICT, "username");
        }
    }

    @POST(path = "/backend/admin/users/update", permission = "admin:edit:user")
    String updateUser(@BindRequest UserConfigDto userConfigDto) throws Exception {
        UserConfig userConfig = this.configRepository.getUserConfig(userConfigDto.username());
        if (userConfig == null) {
            throw new ConfigRepository.UserNotFoundException();
        }
        UserConfig convert = userConfigDto.convert(userConfig);
        try {
            this.configRepository.updateUserConfig(convert, userConfigDto.version().get());
            return getUserConfigInternal(convert.username());
        } catch (ConfigRepository.DuplicateUsernameException e) {
            logger.debug(e.getMessage(), (Throwable) e);
            throw new JsonServiceException(HttpResponseStatus.CONFLICT, "username");
        }
    }

    @POST(path = "/backend/admin/users/remove", permission = "admin:edit:user")
    String removeUser(@BindRequest UserConfigRequest userConfigRequest) throws Exception {
        try {
            this.configRepository.deleteUserConfig(userConfigRequest.username().get());
            return "{}";
        } catch (ConfigRepository.CannotDeleteLastUserException e) {
            logger.debug(e.getMessage(), (Throwable) e);
            return "{\"errorCannotDeleteLastUser\":true}";
        }
    }

    private String getUserConfigInternal(String str) throws Exception {
        UserConfig userConfig = this.configRepository.getUserConfig(str);
        if (userConfig == null) {
            throw new JsonServiceException(HttpResponseStatus.NOT_FOUND);
        }
        return mapper.writeValueAsString(ImmutableUserConfigResponse.builder().config(UserConfigDto.create(userConfig)).allRoles(getAllRoleNamesInternal()).ldapAvailable(!this.configRepository.getLdapConfig().url().isEmpty()).build());
    }

    private List<String> getAllRoleNamesInternal() throws Exception {
        ArrayList newArrayList = Lists.newArrayList();
        Iterator<RoleConfig> it = this.configRepository.getRoleConfigs().iterator();
        while (it.hasNext()) {
            newArrayList.add(it.next().name());
        }
        return newArrayList;
    }
}
