package org.yamcs.cli;

import com.beust.jcommander.IStringConverter;
import com.beust.jcommander.Parameter;
import com.beust.jcommander.ParameterException;
import com.beust.jcommander.Parameters;
import com.google.protobuf.util.JsonFormat;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
import org.rocksdb.RocksDB;
import org.yamcs.http.HttpServer;
import org.yamcs.http.api.IamApi;
import org.yamcs.protobuf.Mdb;
import org.yamcs.security.Directory;
import org.yamcs.security.DirectoryDb;
import org.yamcs.security.User;
import org.yamcs.security.protobuf.Clearance;
import org.yamcs.utils.TimeEncoding;

@Parameters(commandDescription = "User operations")
/* loaded from: input_file:org/yamcs/cli/UsersCli.class */
public class UsersCli extends Command {

    @Parameters(commandDescription = "Add a role to a user")
    /* loaded from: input_file:org/yamcs/cli/UsersCli$AddRole.class */
    private class AddRole extends Command {

        @Parameter(description = "The name of the user.")
        private List<String> username;

        @Parameter(names = {"--role"}, required = true, description = "Role to be added.")
        private String role;

        AddRole() {
            super("add-role", UsersCli.this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.yamcs.cli.Command
        public void execute() throws Exception {
            RocksDB.loadLibrary();
            Directory directory = new Directory();
            if (this.username == null) {
                console.println("username not specified");
                exit(-1);
            }
            User user = directory.getUser(this.username.get(0));
            if (user == null) {
                console.println("invalid user '" + this.username.get(0) + "'");
                exit(-1);
            }
            user.addRole(this.role, false);
            directory.updateUserProperties(user);
        }
    }

    @Parameters(commandDescription = "Check a user's password")
    /* loaded from: input_file:org/yamcs/cli/UsersCli$CheckPassword.class */
    private class CheckPassword extends Command {

        @Parameter
        private List<String> username;

        CheckPassword() {
            super("check-password", UsersCli.this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.yamcs.cli.Command
        public void execute() throws Exception {
            char[] charArray;
            RocksDB.loadLibrary();
            Directory directory = new Directory();
            if (this.username == null) {
                console.println("username not specified");
                exit(-1);
            }
            User user = directory.getUser(this.username.get(0));
            if (user == null) {
                console.println("invalid user '" + this.username.get(0) + "'");
                exit(-1);
            }
            if (user.isExternallyManaged()) {
                console.println("credentials of user '" + this.username.get(0) + "' are not managed by Yamcs");
                exit(-1);
            }
            String str = System.getenv("YAMCSADMIN_PASSWORD");
            if (str == null) {
                console.print("Enter password: ");
                charArray = console.readPassword(false);
            } else {
                charArray = str.trim().toCharArray();
            }
            if (directory.validateUserPassword(user.getName(), charArray)) {
                console.println("Password correct");
            } else {
                console.println("Password incorrect");
                exit(-1);
            }
        }
    }

    @Parameters(commandDescription = "Create a new user")
    /* loaded from: input_file:org/yamcs/cli/UsersCli$CreateUser.class */
    private class CreateUser extends Command {

        @Parameter(description = "The name of the new user.")
        private List<String> username;

        @Parameter(names = {"--email"}, description = "User email.")
        private String email;

        @Parameter(names = {"--display-name"}, description = "Displayed name of the user.")
        private String displayName;

        @Parameter(names = {"--inactive"}, description = "Add this flag to prevent Yamcs from activating the user.")
        private boolean inactive;

        @Parameter(names = {"--superuser"}, description = "Add this flag to grant the user superuser privileges.")
        private boolean superuser;

        @Parameter(names = {"--no-password"}, description = "Add this flag to indicate that this user should not have a password. This will also bypass the password prompt.")
        private boolean noPassword;

        @Parameter(names = {"--clearance"}, description = "Clearance level of the user", converter = SignificanceLevelConverter.class)
        private Mdb.SignificanceInfo.SignificanceLevelType clearance;

        CreateUser() {
            super("create", UsersCli.this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.yamcs.cli.Command
        public void execute() throws Exception {
            RocksDB.loadLibrary();
            Directory directory = new Directory();
            if (this.username == null) {
                console.println("username not specified");
                exit(-1);
            }
            if (directory.getUser(this.username.get(0)) != null) {
                console.println("user already exists: '" + this.username.get(0) + "'");
                exit(-1);
            }
            User user = new User(this.username.get(0), null);
            user.setDisplayName(this.displayName);
            user.setEmail(this.email);
            user.setSuperuser(this.superuser);
            if (this.clearance != null) {
                user.setClearance(Clearance.newBuilder().setLevel(this.clearance.name()).setIssueTime(TimeEncoding.toProtobufTimestamp(TimeEncoding.getWallclockTime())).m798build());
            }
            char[] cArr = null;
            if (!this.noPassword) {
                String str = System.getenv("YAMCSADMIN_PASSWORD");
                if (str == null) {
                    console.println("Enter password: ");
                    cArr = console.readPassword(false);
                    console.println("Confirm password: ");
                    if (!Arrays.equals(cArr, console.readPassword(false))) {
                        console.println("Password confirmation does not match\n");
                        exit(-1);
                    }
                } else {
                    cArr = str.trim().toCharArray();
                }
            }
            if (!this.inactive) {
                user.confirm();
            }
            directory.addUser(user);
            if (cArr != null) {
                directory.changePassword(user, cArr);
            }
        }
    }

    @Parameters(commandDescription = "Delete user")
    /* loaded from: input_file:org/yamcs/cli/UsersCli$DeleteUser.class */
    private class DeleteUser extends Command {

        @Parameter
        private List<String> username;

        DeleteUser() {
            super("delete", UsersCli.this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.yamcs.cli.Command
        public void execute() throws Exception {
            RocksDB.loadLibrary();
            Directory directory = new Directory();
            if (this.username == null) {
                console.println("username not specified");
                exit(-1);
            }
            User user = directory.getUser(this.username.get(0));
            if (user == null) {
                console.println("invalid user '" + this.username + "'");
                exit(-1);
            }
            directory.deleteUser(user);
        }
    }

    @Parameters(commandDescription = "Describe user details")
    /* loaded from: input_file:org/yamcs/cli/UsersCli$DescribeUser.class */
    private class DescribeUser extends Command {

        @Parameter
        private List<String> username;

        DescribeUser() {
            super("describe", UsersCli.this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.yamcs.cli.Command
        public void execute() throws Exception {
            RocksDB.loadLibrary();
            Directory directory = new Directory();
            if (this.username == null) {
                console.println("username not specified");
                exit(-1);
            }
            User user = directory.getUser(this.username.get(0));
            if (user == null) {
                console.println("invalid user '" + this.username + "'");
                exit(-1);
            }
            switch (getFormat()) {
                case JSON:
                    console.println(JsonFormat.printer().print(IamApi.toUserInfo(user, true, directory)));
                    return;
                default:
                    TableStringBuilder tableStringBuilder = new TableStringBuilder(2);
                    tableStringBuilder.addLine("id:", Long.valueOf(user.getId()));
                    tableStringBuilder.addLine("username:", user.getName());
                    tableStringBuilder.addLine("display name:", user.getDisplayName());
                    tableStringBuilder.addLine("email:", user.getEmail());
                    tableStringBuilder.addLine("active:", Boolean.valueOf(user.isActive()));
                    tableStringBuilder.addLine("superuser:", Boolean.valueOf(user.isSuperuser()));
                    tableStringBuilder.addLine("roles:", String.join(", ", user.getRoles()));
                    if (user.getClearance() != null) {
                        tableStringBuilder.addLine("clearance:", user.getClearance().getLevel());
                    }
                    tableStringBuilder.addLine("external:", Boolean.valueOf(user.isExternallyManaged()));
                    tableStringBuilder.addLine("created:", printInstant(user.getCreationTime()));
                    tableStringBuilder.addLine("confirmed:", printInstant(user.getConfirmationTime()));
                    tableStringBuilder.addLine("last login:", printInstant(user.getLastLoginTime()));
                    console.println(tableStringBuilder.toString());
                    return;
            }
        }

        private String printInstant(long j) {
            return j == Long.MIN_VALUE ? HttpServer.TYPE_URL_PREFIX : TimeEncoding.toString(j);
        }
    }

    @Parameters(commandDescription = "List users")
    /* loaded from: input_file:org/yamcs/cli/UsersCli$ListUsers.class */
    private class ListUsers extends Command {
        ListUsers() {
            super("list", UsersCli.this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.yamcs.cli.Command
        public void execute() throws Exception {
            RocksDB.loadLibrary();
            Directory directory = new Directory();
            switch (getFormat()) {
                case JSON:
                    console.println(printJsonArray((List) directory.getUsers().stream().map(user -> {
                        return IamApi.toUserInfo(user, true, directory);
                    }).collect(Collectors.toList())));
                    return;
                default:
                    TableStringBuilder tableStringBuilder = new TableStringBuilder("username", "display name", "email", DirectoryDb.ACCOUNT_CNAME_ACTIVE, "superuser");
                    directory.getUsers().forEach(user2 -> {
                        tableStringBuilder.addLine(user2.getName(), user2.getDisplayName(), user2.getEmail(), Boolean.valueOf(user2.isActive()), Boolean.valueOf(user2.isSuperuser()));
                    });
                    console.println(tableStringBuilder.toString());
                    return;
            }
        }
    }

    @Parameters(commandDescription = "Remove an identity from a user")
    /* loaded from: input_file:org/yamcs/cli/UsersCli$RemoveIdentity.class */
    private class RemoveIdentity extends Command {

        @Parameter(description = "The name of the user.")
        private List<String> username;

        @Parameter(names = {"--identity"}, required = true, description = "Identity to be removed.")
        private String identity;

        RemoveIdentity() {
            super("remove-identity", UsersCli.this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.yamcs.cli.Command
        public void execute() throws Exception {
            RocksDB.loadLibrary();
            Directory directory = new Directory();
            if (this.username == null) {
                console.println("username not specified");
                exit(-1);
            }
            User user = directory.getUser(this.username.get(0));
            if (user == null) {
                console.println("invalid user '" + this.username.get(0) + "'");
                exit(-1);
            }
            user.deleteIdentity(this.identity);
            directory.updateUserProperties(user);
        }
    }

    @Parameters(commandDescription = "Remove a role from a user")
    /* loaded from: input_file:org/yamcs/cli/UsersCli$RemoveRole.class */
    private class RemoveRole extends Command {

        @Parameter(description = "The name of the user.")
        private List<String> username;

        @Parameter(names = {"--role"}, required = true, description = "Role to be removed.")
        private String role;

        RemoveRole() {
            super("remove-role", UsersCli.this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.yamcs.cli.Command
        public void execute() throws Exception {
            RocksDB.loadLibrary();
            Directory directory = new Directory();
            if (this.username == null) {
                console.println("username not specified");
                exit(-1);
            }
            User user = directory.getUser(this.username.get(0));
            if (user == null) {
                console.println("invalid user '" + this.username.get(0) + "'");
                exit(-1);
            }
            user.deleteRole(this.role);
            directory.updateUserProperties(user);
        }
    }

    @Parameters(commandDescription = "Reset a user's password")
    /* loaded from: input_file:org/yamcs/cli/UsersCli$ResetPassword.class */
    private class ResetPassword extends Command {

        @Parameter
        private List<String> username;

        ResetPassword() {
            super("reset-password", UsersCli.this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.yamcs.cli.Command
        public void execute() throws Exception {
            char[] charArray;
            RocksDB.loadLibrary();
            Directory directory = new Directory();
            if (this.username == null) {
                console.println("username not specified");
                exit(-1);
            }
            User user = directory.getUser(this.username.get(0));
            if (user == null) {
                console.println("invalid user '" + this.username.get(0) + "'");
                exit(-1);
            }
            if (user.isExternallyManaged()) {
                console.println("credentials of user '" + this.username.get(0) + "' are not managed by Yamcs");
                exit(-1);
            }
            String str = System.getenv("YAMCSADMIN_PASSWORD");
            if (str == null) {
                console.print("Enter new password: ");
                charArray = console.readPassword(false);
                console.print("Confirm new password: ");
                if (!Arrays.equals(charArray, console.readPassword(false))) {
                    console.println("Password confirmation does not match\n");
                    exit(-1);
                }
            } else {
                charArray = str.trim().toCharArray();
            }
            directory.changePassword(user, charArray);
            console.println("Password updated successfully");
        }
    }

    /* loaded from: input_file:org/yamcs/cli/UsersCli$SignificanceLevelConverter.class */
    public static class SignificanceLevelConverter implements IStringConverter<Mdb.SignificanceInfo.SignificanceLevelType> {
        /* renamed from: convert, reason: merged with bridge method [inline-methods] */
        public Mdb.SignificanceInfo.SignificanceLevelType m135convert(String str) {
            try {
                return Mdb.SignificanceInfo.SignificanceLevelType.valueOf(str.toUpperCase());
            } catch (IllegalArgumentException e) {
                throw new ParameterException("Unknown value for --clearance. Possible values: " + Arrays.asList(Mdb.SignificanceInfo.SignificanceLevelType.values()));
            }
        }
    }

    @Parameters(commandDescription = "Update a user")
    /* loaded from: input_file:org/yamcs/cli/UsersCli$UpdateUser.class */
    private class UpdateUser extends Command {

        @Parameter(description = "The name of the user.")
        private List<String> username;

        @Parameter(names = {"--display-name"}, description = "Displayed name of the user.")
        private String displayName;

        @Parameter(names = {"--email"}, description = "User email.")
        private String email;

        @Parameter(names = {"--active"}, arity = 1, description = "Activate this user.")
        private Boolean active;

        @Parameter(names = {"--superuser"}, arity = 1, description = "Grant superuser privileges")
        private Boolean superuser;

        @Parameter(names = {"--clearance"}, description = "Clearance level of the user", converter = SignificanceLevelConverter.class)
        private Mdb.SignificanceInfo.SignificanceLevelType clearance;

        UpdateUser() {
            super("update", UsersCli.this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.yamcs.cli.Command
        public void execute() throws Exception {
            RocksDB.loadLibrary();
            Directory directory = new Directory();
            if (this.username == null) {
                console.println("username not specified");
                exit(-1);
            }
            User user = directory.getUser(this.username.get(0));
            if (user == null) {
                console.println("invalid user '" + this.username.get(0) + "'");
                exit(-1);
            }
            if (this.displayName != null) {
                user.setDisplayName(this.displayName);
            }
            if (this.email != null) {
                user.setEmail(this.email);
            }
            if (this.active != null) {
                user.setActive(this.active.booleanValue());
            }
            if (this.superuser != null) {
                user.setSuperuser(this.superuser.booleanValue());
            }
            if (this.clearance != null) {
                user.setClearance(Clearance.newBuilder().setLevel(this.clearance.name()).setIssueTime(TimeEncoding.toProtobufTimestamp(TimeEncoding.getWallclockTime())).m798build());
            }
            directory.updateUserProperties(user);
        }
    }

    public UsersCli(YamcsAdminCli yamcsAdminCli) {
        super("users", yamcsAdminCli);
        addSubCommand(new AddRole());
        addSubCommand(new CheckPassword());
        addSubCommand(new CreateUser());
        addSubCommand(new DeleteUser());
        addSubCommand(new DescribeUser());
        addSubCommand(new ListUsers());
        addSubCommand(new RemoveIdentity());
        addSubCommand(new RemoveRole());
        addSubCommand(new ResetPassword());
        addSubCommand(new UpdateUser());
        TimeEncoding.setUp();
    }
}
