package com.atlassian.jira.bc.user;

import com.atlassian.crowd.embedded.api.Directory;
import com.atlassian.crowd.embedded.api.OperationType;
import com.atlassian.jira.bc.user.UserService;
import com.atlassian.jira.plugin.user.PasswordPolicyManager;
import com.atlassian.jira.plugin.user.WebErrorMessage;
import com.atlassian.jira.security.JiraAuthenticationContext;
import com.atlassian.jira.security.PermissionManager;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.user.util.UserManager;
import com.atlassian.jira.util.ErrorCollection;
import com.atlassian.jira.util.I18nHelper;
import com.atlassian.jira.util.SimpleErrorCollection;
import com.atlassian.jira.util.SimpleWarningCollection;
import com.atlassian.jira.util.WarningCollection;
import com.google.common.collect.ImmutableList;
import com.opensymphony.util.TextUtils;
import java.util.Collection;
import java.util.List;
import java.util.Optional;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/atlassian/jira/bc/user/UserValidationHelper.class */
public class UserValidationHelper {
    private final I18nHelper.BeanFactory i18nFactory;
    private final JiraAuthenticationContext jiraAuthenticationContext;
    private final PermissionManager permissionManager;
    private final UserManager userManager;
    private final PasswordPolicyManager passwordPolicyManager;

    /* loaded from: input_file:com/atlassian/jira/bc/user/UserValidationHelper$Validations.class */
    class Validations {
        private final int MAX_FIELD_LENGTH = 255;
        private final char[] INVALID_USERNAME_CHARS = {'<', '>', '&'};
        private final ErrorCollection errors = new SimpleErrorCollection();
        private final WarningCollection warnings = new SimpleWarningCollection();
        private final I18nHelper i18nBean;

        public Validations(Optional<ApplicationUser> optional) {
            if (optional.isPresent()) {
                this.i18nBean = UserValidationHelper.this.i18nFactory.getInstance(optional.get());
            } else {
                this.i18nBean = UserValidationHelper.this.jiraAuthenticationContext.getI18nHelper();
            }
        }

        public ErrorCollection getErrors() {
            return this.errors;
        }

        public WarningCollection getWarnings() {
            return this.warnings;
        }

        private void addErrorMessage(String str) {
            this.errors.addErrorMessage(this.i18nBean.getText(str));
        }

        private void addErrorMessage(String str, Object obj) {
            this.errors.addErrorMessage(this.i18nBean.getText(str, obj));
        }

        private void addError(String str, String str2) {
            this.errors.addError(str, this.i18nBean.getText(str2));
        }

        public boolean hasWritableDirectory() {
            if (UserValidationHelper.this.userManager.hasWritableDirectory()) {
                return true;
            }
            addErrorMessage("admin.errors.cannot.add.user.all.directories.read.only");
            return false;
        }

        public boolean writableDirectory(Long l) {
            Directory directory = UserValidationHelper.this.userManager.getDirectory(l);
            if (directory == null) {
                addErrorMessage("admin.errors.cannot.add.user.no.such.directory", l);
                return false;
            }
            if (directory.getAllowedOperations().contains(OperationType.CREATE_USER)) {
                return true;
            }
            addErrorMessage("admin.errors.cannot.add.user.read.only.directory", directory.getName());
            return false;
        }

        public boolean hasCreateAccess(@Nonnull ApplicationUser applicationUser) {
            if (UserValidationHelper.this.permissionManager.hasPermission(0, applicationUser)) {
                return true;
            }
            addErrorMessage("admin.errors.user.no.permission.to.create");
            return false;
        }

        public boolean passwordRequired(String str, boolean z) {
            if (!StringUtils.isEmpty(str)) {
                return true;
            }
            this.errors.addError(UserService.FieldName.PASSWORD, this.i18nBean.getText(z ? "signup.error.password.required" : "signup.error.password.required.without.confirmation"));
            return false;
        }

        public boolean validateConfirmPassword(String str, String str2) {
            if (!StringUtils.isNotEmpty(str2) && !StringUtils.isNotEmpty(str)) {
                return true;
            }
            if (str != null && str.equals(str2)) {
                return true;
            }
            addError(UserService.FieldName.CONFIRM_PASSWORD, "signup.error.password.mustmatch");
            return false;
        }

        public List<WebErrorMessage> validatePasswordPolicy(String str, String str2, String str3, String str4) {
            Collection<WebErrorMessage> checkPolicy = UserValidationHelper.this.passwordPolicyManager.checkPolicy(str2, str3, str4, str);
            if (!checkPolicy.isEmpty()) {
                addError(UserService.FieldName.PASSWORD, "signup.error.password.rejected");
            }
            return ImmutableList.copyOf(checkPolicy);
        }

        public boolean validateEmailAddress(String str) {
            if (StringUtils.isEmpty(str)) {
                addError(UserService.FieldName.EMAIL, "signup.error.email.required");
                return false;
            }
            if (str.length() > 255) {
                addError(UserService.FieldName.EMAIL, "signup.error.email.greater.than.max.chars");
                return false;
            }
            if (TextUtils.verifyEmail(str)) {
                return true;
            }
            addError(UserService.FieldName.EMAIL, "signup.error.email.valid");
            return false;
        }

        public boolean validateDisplayName(String str) {
            if (StringUtils.isEmpty(str)) {
                addError(UserService.FieldName.FULLNAME, "signup.error.fullname.required");
                return false;
            }
            if (str.length() <= 255) {
                return true;
            }
            addError(UserService.FieldName.FULLNAME, "signup.error.full.name.greater.than.max.chars");
            return false;
        }

        public boolean hasValidUsername(String str, Long l) {
            if (hasRequiredUsername(str) && validateUsernamePolicy(str)) {
                return usernameDoesNotExist(l, str);
            }
            return false;
        }

        public boolean hasRequiredUsername(String str) {
            if (!StringUtils.isEmpty(str)) {
                return true;
            }
            addError(UserService.FieldName.NAME, "signup.error.username.required");
            return false;
        }

        public boolean validateUsernamePolicy(String str) {
            if (str.length() > 255) {
                addError(UserService.FieldName.NAME, "signup.error.username.greater.than.max.chars");
                return false;
            }
            if (!StringUtils.containsAny(str, this.INVALID_USERNAME_CHARS)) {
                return true;
            }
            addError(UserService.FieldName.NAME, "signup.error.username.invalid.chars");
            return false;
        }

        public boolean usernameDoesNotExist(Long l, @Nonnull String str) {
            if (l != null) {
                if (UserValidationHelper.this.userManager.findUserInDirectory(str, l) == null) {
                    return true;
                }
                addError(UserService.FieldName.NAME, "signup.error.username.exists");
                return false;
            }
            if (UserValidationHelper.this.userManager.getUserByName(str) == null) {
                return true;
            }
            addError(UserService.FieldName.NAME, "signup.error.username.exists");
            return false;
        }

        public boolean hasWritableDefaultCreateDirectory() {
            if (UserValidationHelper.this.userManager.getDefaultCreateDirectory().isPresent()) {
                return true;
            }
            addErrorMessage("admin.errors.cannot.add.user.all.directories.read.only");
            return false;
        }
    }

    public UserValidationHelper(I18nHelper.BeanFactory beanFactory, JiraAuthenticationContext jiraAuthenticationContext, PermissionManager permissionManager, UserManager userManager, PasswordPolicyManager passwordPolicyManager) {
        this.i18nFactory = beanFactory;
        this.jiraAuthenticationContext = jiraAuthenticationContext;
        this.permissionManager = permissionManager;
        this.userManager = userManager;
        this.passwordPolicyManager = passwordPolicyManager;
    }

    public Validations validations(@Nullable ApplicationUser applicationUser) {
        return new Validations(Optional.ofNullable(applicationUser));
    }
}
