package com.atlassian.crowd.embedded.atlassianuser;

import com.atlassian.crowd.embedded.api.CrowdDirectoryService;
import com.atlassian.crowd.embedded.api.CrowdService;
import com.atlassian.crowd.embedded.api.OperationType;
import com.atlassian.crowd.exception.InvalidCredentialException;
import com.atlassian.crowd.exception.InvalidUserException;
import com.atlassian.crowd.exception.OperationNotPermittedException;
import com.atlassian.crowd.exception.runtime.UserNotFoundException;
import com.atlassian.crowd.manager.permission.PermissionManager;
import com.atlassian.crowd.model.user.UserTemplate;
import com.atlassian.crowd.search.EntityDescriptor;
import com.atlassian.crowd.search.builder.QueryBuilder;
import com.atlassian.crowd.util.SecureRandomStringUtils;
import com.atlassian.user.Entity;
import com.atlassian.user.EntityException;
import com.atlassian.user.User;
import com.atlassian.user.impl.DefaultUser;
import com.atlassian.user.impl.DuplicateEntityException;
import com.atlassian.user.impl.EntityMissingException;
import com.atlassian.user.impl.EntityValidationException;
import com.atlassian.user.repository.RepositoryIdentifier;
import com.atlassian.user.search.page.DefaultPager;
import com.atlassian.user.search.page.Pager;
import com.atlassian.user.search.page.Pagers;
import com.atlassian.user.security.authentication.InvalidPasswordException;
import com.atlassian.user.security.password.Credential;
import com.google.common.base.Preconditions;
import com.google.common.collect.Lists;
import javax.inject.Inject;
import org.springframework.transaction.annotation.Transactional;

@Transactional
/* loaded from: input_file:com/atlassian/crowd/embedded/atlassianuser/EmbeddedCrowdUserManagerImpl.class */
public class EmbeddedCrowdUserManagerImpl implements EmbeddedCrowdUserManager {
    private static final String DEFAULT_BLANK = "-";
    private static final int RANDOM_PASSWORD_LENGTH = 22;

    @Inject
    private RepositoryIdentifier repositoryIdentifier;

    @Inject
    private CrowdService crowdService;

    @Inject
    private CrowdDirectoryService crowdDirectoryService;

    @Inject
    private PermissionManager permissionManager;

    public RepositoryIdentifier getIdentifier() {
        return this.repositoryIdentifier;
    }

    public RepositoryIdentifier getRepository(Entity entity) {
        if (getUser(entity.getName()) != null) {
            return this.repositoryIdentifier;
        }
        return null;
    }

    public boolean isCreative() {
        return this.crowdDirectoryService.findAllDirectories().stream().filter((v0) -> {
            return v0.isActive();
        }).anyMatch(directory -> {
            return this.permissionManager.hasPermission(directory, OperationType.CREATE_USER);
        });
    }

    public Pager<User> getUsers() {
        return Pagers.newDefaultPager(Conversions.transform(this.crowdService.search(QueryBuilder.queryFor(com.atlassian.crowd.embedded.api.User.class, EntityDescriptor.user()).returningAtMost(-1)), Conversions.TO_ATLASSIAN_USER));
    }

    public Pager<String> getUserNames() {
        return new DefaultPager(Lists.newArrayList(this.crowdService.search(QueryBuilder.queryFor(String.class, EntityDescriptor.user()).returningAtMost(-1)).iterator()));
    }

    public User getUser(String str) {
        Preconditions.checkNotNull(str, "username must not be null.");
        return Conversions.TO_ATLASSIAN_USER.apply(this.crowdService.getUser(str));
    }

    public User createUser(String str) throws EntityException {
        return createUser(new DefaultUser(str, DEFAULT_BLANK, DEFAULT_BLANK), Credential.NONE);
    }

    public User createUser(User user, Credential credential) throws EntityException, IllegalArgumentException {
        if (getUser(user.getName()) != null) {
            throw new DuplicateEntityException("User with name [" + user.getName() + "] already exists in this repository (" + getIdentifier().getName() + ")");
        }
        if (Credential.NONE.equals(credential)) {
            credential = createRandomCredential();
        }
        if (credential.isEncrypted()) {
            throw new IllegalArgumentException("Cannot create a user with an already encrypted credential");
        }
        try {
            return Conversions.TO_ATLASSIAN_USER.apply(this.crowdService.addUser(toEcUserTemplate(user), credential.getValue()));
        } catch (InvalidCredentialException e) {
            throw new InvalidPasswordException(e);
        } catch (InvalidUserException e2) {
            throw new EntityValidationException(e2);
        } catch (OperationNotPermittedException e3) {
            throw new EntityException(e3);
        }
    }

    private Credential createRandomCredential() {
        return Credential.unencrypted(SecureRandomStringUtils.getInstance().randomAlphanumericString(RANDOM_PASSWORD_LENGTH));
    }

    private UserTemplate toEcUserTemplate(User user) {
        UserTemplate userTemplate = new UserTemplate(user.getName());
        userTemplate.setDisplayName(user.getFullName());
        userTemplate.setEmailAddress(user.getEmail());
        userTemplate.setActive(user.isEnabled());
        return userTemplate;
    }

    public void alterPassword(User user, String str) throws EntityException {
        try {
            this.crowdService.updateUserCredential(getCrowdUser(user), str);
        } catch (InvalidCredentialException e) {
            throw new InvalidPasswordException(e);
        } catch (UserNotFoundException e2) {
            throw new EntityMissingException(e2);
        } catch (OperationNotPermittedException e3) {
            throw new EntityException(e3);
        }
    }

    public User saveUser(User user) throws EntityException, IllegalArgumentException {
        try {
            return Conversions.TO_ATLASSIAN_USER.apply(this.crowdService.updateUser(toEcUserTemplate(user)));
        } catch (OperationNotPermittedException e) {
            throw new EntityException(e);
        } catch (InvalidUserException e2) {
            throw new EntityException(e2);
        }
    }

    public void removeUser(User user) throws EntityException, IllegalArgumentException {
        try {
            com.atlassian.crowd.embedded.api.User crowdUser = getCrowdUser(user);
            if (crowdUser == null) {
                throw new IllegalArgumentException("User [" + user.getName() + "] is not managed by embedded crowd");
            }
            this.crowdService.removeUser(crowdUser);
        } catch (OperationNotPermittedException e) {
            throw new EntityException(e);
        }
    }

    private com.atlassian.crowd.embedded.api.User getCrowdUser(User user) throws IllegalArgumentException {
        Preconditions.checkNotNull(user, "User should not be null");
        return user instanceof com.atlassian.crowd.model.user.User ? (com.atlassian.crowd.model.user.User) user : this.crowdService.getUser(user.getName());
    }

    public boolean isReadOnly(User user) {
        com.atlassian.crowd.embedded.api.User crowdUser = getCrowdUser(user);
        return (crowdUser == null || this.crowdDirectoryService.findDirectoryById(crowdUser.getDirectoryId()).getAllowedOperations().contains(OperationType.CREATE_USER)) ? false : true;
    }

    public User renameUser(User user, String str) throws EntityException {
        try {
            return Conversions.TO_ATLASSIAN_USER.apply(this.crowdService.renameUser(getCrowdUser(user), str));
        } catch (InvalidUserException | OperationNotPermittedException e) {
            throw new EntityException(e);
        }
    }

    public User onExternalUserRename(String str, String str2) {
        return getUser(str2);
    }
}
