package org.openl.rules.webstudio.web.admin;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.faces.application.FacesMessage;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.ManagedProperty;
import javax.faces.bean.RequestScoped;
import javax.faces.component.UIComponent;
import javax.faces.context.FacesContext;
import javax.faces.model.SelectItem;
import javax.faces.validator.ValidatorException;
import javax.validation.constraints.Pattern;
import javax.validation.constraints.Size;
import org.hibernate.validator.constraints.NotBlank;
import org.hibernate.validator.constraints.NotEmpty;
import org.openl.rules.security.DefaultPrivileges;
import org.openl.rules.security.Group;
import org.openl.rules.security.Privilege;
import org.openl.rules.security.SimpleUser;
import org.openl.rules.security.User;
import org.openl.rules.webstudio.service.GroupManagementService;
import org.openl.rules.webstudio.service.UserManagementService;
import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

@ManagedBean
@RequestScoped
/* loaded from: input_file:templates/org.openl.rules.webstudio/webapps/webstudio/WEB-INF/classes/org/openl/rules/webstudio/web/admin/UsersBean.class */
public class UsersBean {
    public static final String VALIDATION_EMPTY = "Can not be empty";
    public static final String VALIDATION_MAX = "Must be less than 25";
    public static final String VALIDATION_USERNAME = "Invalid characters (valid: latin letters, numbers, _ and -)";
    public static final String VALIDATION_GROUPS = "Please select at least one group";

    @Size(max = 25, message = "Must be less than 25")
    private String firstName;

    @Size(max = 25, message = "Must be less than 25")
    private String lastName;

    @NotBlank(message = "Can not be empty")
    @Size(max = 25, message = "Must be less than 25")
    @Pattern(regexp = "([a-zA-Z0-9-_]*)?", message = VALIDATION_USERNAME)
    private String username;

    @NotBlank(message = "Can not be empty")
    @Size(max = 25, message = "Must be less than 25")
    private String password;

    @NotEmpty(message = VALIDATION_GROUPS)
    private List<String> groups;

    @ManagedProperty("#{userManagementService}")
    protected UserManagementService userManagementService;

    @ManagedProperty("#{groupManagementService}")
    protected GroupManagementService groupManagementService;

    public void validateUsername(FacesContext facesContext, UIComponent uIComponent, Object obj) {
        User user = null;
        try {
            user = this.userManagementService.loadUserByUsername((String) obj);
        } catch (UsernameNotFoundException e) {
        }
        if (user != null) {
            throw new ValidatorException(new FacesMessage("User with such name already exists"));
        }
    }

    public List<User> getUsers() {
        return this.userManagementService.getAllUsers();
    }

    public String[] getGroups(Object obj) {
        ArrayList arrayList = new ArrayList();
        for (Privilege privilege : ((User) obj).getAuthorities()) {
            if (privilege instanceof Group) {
                arrayList.add(privilege.getName());
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    public String[] getOnlyAdminGroups(Object obj) {
        if (!isOnlyAdmin(obj)) {
            return new String[0];
        }
        String name = DefaultPrivileges.PRIVILEGE_ADMINISTRATE.name();
        String name2 = DefaultPrivileges.PRIVILEGE_ALL.name();
        ArrayList arrayList = new ArrayList();
        for (Group group : ((User) obj).getAuthorities()) {
            if (group instanceof Group) {
                Group group2 = group;
                if (group2.hasPrivilege(name) || group2.hasPrivilege(name2)) {
                    arrayList.add(group2.getAuthority());
                }
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    private List<Privilege> getSelectedGroups() {
        ArrayList arrayList = new ArrayList();
        HashMap hashMap = new HashMap();
        if (this.groups != null) {
            for (String str : this.groups) {
                hashMap.put(str, this.groupManagementService.getGroupByName(str));
            }
            Iterator it = new ArrayList(hashMap.values()).iterator();
            while (it.hasNext()) {
                Group group = (Group) it.next();
                if (!hashMap.isEmpty()) {
                    removeIncludedGroups(group, hashMap);
                }
            }
            Iterator<Group> it2 = hashMap.values().iterator();
            while (it2.hasNext()) {
                arrayList.add(it2.next());
            }
        }
        return arrayList;
    }

    public void addUser() {
        this.userManagementService.addUser(new SimpleUser(this.firstName, this.lastName, this.username, new Md5PasswordEncoder().encodePassword(this.password, (Object) null), getSelectedGroups()));
    }

    public void editUser() {
        this.userManagementService.updateUser(new SimpleUser(this.firstName, this.lastName, this.username, (String) null, getSelectedGroups()));
    }

    private void removeIncludedGroups(Group group, Map<String, Group> map) {
        for (String str : new HashSet(map.keySet())) {
            if (!group.getName().equals(str) && (group.hasPrivilege(str) || group.hasPrivilege(DefaultPrivileges.PRIVILEGE_ALL.name()))) {
                Group group2 = map.get(str);
                if (group2 != null) {
                    removeIncludedGroups(group2, map);
                    map.remove(str);
                }
            }
        }
    }

    public boolean isOnlyAdmin(Object obj) {
        String name = DefaultPrivileges.PRIVILEGE_ADMINISTRATE.name();
        return (((User) obj).hasPrivilege(name) || ((User) obj).hasPrivilege(DefaultPrivileges.PRIVILEGE_ALL.name())) && this.userManagementService.getUsersByPrivilege(name).size() == 1;
    }

    public void deleteUser(String str) {
        this.userManagementService.deleteUser(str);
    }

    public String getFirstName() {
        return this.firstName;
    }

    public void setFirstName(String str) {
        this.firstName = str;
    }

    public String getLastName() {
        return this.lastName;
    }

    public void setLastName(String str) {
        this.lastName = str;
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public List<String> getGroups() {
        return this.groups;
    }

    public void setGroups(List<String> list) {
        this.groups = list;
    }

    public List<SelectItem> getGroupItems() {
        ArrayList arrayList = new ArrayList();
        for (Group group : this.groupManagementService.getGroups()) {
            arrayList.add(new SelectItem(group.getName(), group.getDisplayName()));
        }
        return arrayList;
    }

    public void setUserManagementService(UserManagementService userManagementService) {
        this.userManagementService = userManagementService;
    }

    public void setGroupManagementService(GroupManagementService groupManagementService) {
        this.groupManagementService = groupManagementService;
    }
}
