package com.netsync.smp.logic;

import com.netsync.smp.dao.UserRepository;
import com.netsync.smp.domain.AuditTrailActions;
import com.netsync.smp.domain.AuditTrailObjectTypes;
import com.netsync.smp.domain.HashedPassword;
import com.netsync.smp.domain.User;
import com.netsync.smp.domain.frontend.PasswordResult;
import com.netsync.smp.domain.frontend.SmpPassword;
import com.netsync.smp.exception.SmpIllegalDataException;
import com.netsync.smp.exception.SmpNotAuthorizedException;
import com.netsync.smp.exception.SmpNotFoundException;
import com.netsync.smp.web.security.CurrentUser;
import java.util.Hashtable;
import java.util.List;
import java.util.regex.Pattern;
import javax.annotation.PostConstruct;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.ldap.core.AttributesMapper;
import org.springframework.ldap.core.ContextSource;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.core.support.LdapContextSource;
import org.springframework.ldap.pool.factory.PoolingContextSource;
import org.springframework.ldap.pool.validation.DefaultDirContextValidator;
import org.springframework.ldap.query.LdapQueryBuilder;
import org.springframework.ldap.transaction.compensating.manager.TransactionAwareContextSourceProxy;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:WEB-INF/classes/com/netsync/smp/logic/UserDataFacade.class */
public class UserDataFacade {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) UserDataFacade.class);

    @Value("${users.default_password}")
    protected String default_password;

    @Value("${users.password_regex}")
    protected String password_regex;

    @Value("${users.password_rules}")
    protected String password_rules;

    @Value("${ldap.domain}")
    protected String ldapDomain;

    @Value("${ldap.hostname}")
    protected String ldapHostname;

    @Value("${ldap.port}")
    protected String ldapPort;

    @Value("${ldap.base}")
    protected String ldapBase;

    @Value("${ldap.username}")
    protected String ldapUserDn;

    @Value("${ldap.password}")
    protected String ldapPassword;

    @Value("${ldap.url}")
    protected String ldapURL;

    @Value("${ldap.disabled:false}")
    protected boolean ldapDisabled;
    protected Pattern pattern;
    protected UserRepository repo;
    protected AuditTrailDataFacade auditFacade;

    /* loaded from: input_file:WEB-INF/classes/com/netsync/smp/logic/UserDataFacade$Person.class */
    public static class Person {
        private String fullName;
        private String lastName;
        private String userId;

        public String getFullName() {
            return this.fullName;
        }

        public String getLastName() {
            return this.lastName;
        }

        public String getUserId() {
            return this.userId;
        }

        public void setFullName(String str) {
            this.fullName = str;
        }

        public void setLastName(String str) {
            this.lastName = str;
        }

        public void setUserId(String str) {
            this.userId = str;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof Person)) {
                return false;
            }
            Person person = (Person) obj;
            if (!person.canEqual(this)) {
                return false;
            }
            String fullName = getFullName();
            String fullName2 = person.getFullName();
            if (fullName == null) {
                if (fullName2 != null) {
                    return false;
                }
            } else if (!fullName.equals(fullName2)) {
                return false;
            }
            String lastName = getLastName();
            String lastName2 = person.getLastName();
            if (lastName == null) {
                if (lastName2 != null) {
                    return false;
                }
            } else if (!lastName.equals(lastName2)) {
                return false;
            }
            String userId = getUserId();
            String userId2 = person.getUserId();
            return userId == null ? userId2 == null : userId.equals(userId2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof Person;
        }

        public int hashCode() {
            String fullName = getFullName();
            int hashCode = (1 * 59) + (fullName == null ? 0 : fullName.hashCode());
            String lastName = getLastName();
            int hashCode2 = (hashCode * 59) + (lastName == null ? 0 : lastName.hashCode());
            String userId = getUserId();
            return (hashCode2 * 59) + (userId == null ? 0 : userId.hashCode());
        }

        public String toString() {
            return "UserDataFacade.Person(fullName=" + getFullName() + ", lastName=" + getLastName() + ", userId=" + getUserId() + ")";
        }
    }

    /* loaded from: input_file:WEB-INF/classes/com/netsync/smp/logic/UserDataFacade$PersonAttributesMapper.class */
    public static class PersonAttributesMapper implements AttributesMapper<Person> {
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.springframework.ldap.core.AttributesMapper
        public Person mapFromAttributes(Attributes attributes) throws NamingException {
            Person person = new Person();
            if (attributes.get("cn") != null) {
                person.setFullName((String) attributes.get("cn").get());
            }
            if (attributes.get("sn") != null) {
                person.setLastName((String) attributes.get("sn").get());
            }
            if (attributes.get("sAMAccountName") != null) {
                person.setUserId((String) attributes.get("sAMAccountName").get());
            }
            return person;
        }
    }

    @Autowired
    public UserDataFacade(UserRepository userRepository, AuditTrailDataFacade auditTrailDataFacade) {
        this.repo = userRepository;
        this.auditFacade = auditTrailDataFacade;
    }

    @PostConstruct
    protected void postConstruct() {
        this.pattern = Pattern.compile(this.password_regex);
    }

    protected boolean passwordIsDifficult(String str) {
        return this.pattern.matcher(str).matches();
    }

    protected void checkCreateOrUpdate(User user) throws SmpIllegalDataException, SmpNotAuthorizedException {
        if (null == user) {
            throw new SmpIllegalDataException("Must be a valid User object");
        }
        if (!CurrentUser.isAdmin()) {
            throw new SmpNotAuthorizedException("create or update users");
        }
    }

    @Bean
    public ContextSource ldapContextSource() {
        if (this.ldapDisabled) {
            log.error("ldapContextSource: LDAP is disabled.");
            return null;
        }
        log.info("Creating LdapContextSource()");
        String str = this.ldapURL;
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.referral", "follow");
        LdapContextSource ldapContextSource = new LdapContextSource();
        ldapContextSource.setUrl(str);
        ldapContextSource.setBase(this.ldapBase);
        ldapContextSource.setUserDn(this.ldapUserDn);
        ldapContextSource.setPassword(this.ldapPassword);
        ldapContextSource.setBaseEnvironmentProperties(hashtable);
        ldapContextSource.afterPropertiesSet();
        log.info("LdapContextSource properties successfully set");
        log.info("Creating PoolingContextSource");
        PoolingContextSource poolingContextSource = new PoolingContextSource();
        poolingContextSource.setDirContextValidator(new DefaultDirContextValidator());
        poolingContextSource.setContextSource(ldapContextSource);
        poolingContextSource.setTestOnBorrow(true);
        poolingContextSource.setTestWhileIdle(true);
        log.info("PoolingContextSource properties successfully set");
        TransactionAwareContextSourceProxy transactionAwareContextSourceProxy = new TransactionAwareContextSourceProxy(poolingContextSource);
        log.info("Returning Proxy at end of LdapContextSource Constructor");
        return transactionAwareContextSourceProxy;
    }

    @Bean
    public LdapTemplate ldapTemplate() {
        if (!this.ldapDisabled) {
            return new LdapTemplate(ldapContextSource());
        }
        log.error("ldapTemplate: LDAP is disabled.");
        return null;
    }

    public boolean ldapUserExists(String str) {
        if (this.ldapDisabled) {
            throw new RuntimeException("LDAP is disabled.");
        }
        List search = ldapTemplate().search(LdapQueryBuilder.query().where("objectclass").is("person").and("sAMAccountName").is(str), new PersonAttributesMapper());
        return (search == null || search.isEmpty()) ? false : true;
    }

    public List<Person> searchLdapUser(String str) {
        if (this.ldapDisabled) {
            throw new RuntimeException("LDAP is disabled.");
        }
        log.info("Starting ldapUserExists check for " + str);
        List<Person> search = ldapTemplate().search(LdapQueryBuilder.query().where("objectclass").is("person").and("sAMAccountName").whitespaceWildcardsLike(str), new PersonAttributesMapper());
        log.info("Finished ldapUserExists check for " + str + " with # of results = " + search.size());
        return search;
    }

    public List<Person> getAllPersonNames() {
        if (this.ldapDisabled) {
            throw new RuntimeException("LDAP is disabled.");
        }
        return ldapTemplate().search(LdapQueryBuilder.query().where("objectclass").is("person"), new PersonAttributesMapper());
    }

    public User createLdap(User user) throws SmpIllegalDataException, SmpNotAuthorizedException {
        if (this.ldapDisabled) {
            throw new RuntimeException("LDAP is disabled.");
        }
        checkCreateOrUpdate(user);
        if (null != user.getId() && !user.getId().isEmpty()) {
            throw new SmpIllegalDataException("ID must be empty to create");
        }
        if (this.repo.findOneByUserId(user.getUserId()) != null) {
            throw new SmpIllegalDataException("ID already exists");
        }
        this.auditFacade.LogAction(AuditTrailActions.Create, AuditTrailObjectTypes.User, user.getUserId());
        return this.repo.insert((UserRepository) user);
    }

    public User createLocal(User user) throws SmpIllegalDataException, SmpNotAuthorizedException {
        checkCreateOrUpdate(user);
        if (null != user.getId() && !user.getId().isEmpty()) {
            throw new SmpIllegalDataException("ID must be empty to create");
        }
        if (this.repo.findOneByUserId(user.getUserId()) != null) {
            throw new SmpIllegalDataException("ID already exists");
        }
        user.setHashedPassword(HashedPassword.fromClear(this.default_password));
        this.auditFacade.LogAction(AuditTrailActions.Create, AuditTrailObjectTypes.User, user.getUserId());
        return this.repo.insert((UserRepository) user);
    }

    public PasswordResult changePassword(SmpPassword smpPassword) {
        if (!passwordIsDifficult(smpPassword.getPassword())) {
            return new PasswordResult(false, this.password_rules);
        }
        User findOneByUserId = findOneByUserId(CurrentUser.get().getUserId());
        if (findOneByUserId.getHashedPassword() == null || findOneByUserId.getHashedPassword().getHash() == null || findOneByUserId.getHashedPassword().getHash().isEmpty()) {
            return new PasswordResult(false, "Cannot change password for LDAP users");
        }
        findOneByUserId.setHashedPassword(HashedPassword.fromClear(smpPassword.getPassword()));
        this.auditFacade.LogAction(AuditTrailActions.Update, AuditTrailObjectTypes.User, findOneByUserId.getUserId());
        this.repo.save((UserRepository) findOneByUserId);
        return new PasswordResult(true, "");
    }

    public PasswordResult resetPassword(String str) {
        User user = CurrentUser.get();
        User findOneById = findOneById(str);
        if (!user.isAdmin()) {
            return new PasswordResult(false, "Only admins can reset passwords.");
        }
        if (findOneById.getHashedPassword() == null || findOneById.getHashedPassword().getHash() == null || findOneById.getHashedPassword().getHash().isEmpty()) {
            return new PasswordResult(false, "You cannot change LDAP passwords.");
        }
        findOneById.setHashedPassword(HashedPassword.fromClear(this.default_password));
        this.auditFacade.LogAction(AuditTrailActions.Update, AuditTrailObjectTypes.User, findOneById.getUserId());
        this.repo.save((UserRepository) findOneById);
        return new PasswordResult(true, "");
    }

    public User update(User user) throws SmpIllegalDataException, SmpNotAuthorizedException, SmpNotFoundException {
        return update(user.getId(), user);
    }

    public User update(String str, User user) throws SmpIllegalDataException, SmpNotAuthorizedException, SmpNotFoundException {
        checkCreateOrUpdate(user);
        if (str == null || str.isEmpty()) {
            throw new SmpIllegalDataException("ID must be valid to create");
        }
        if (!str.equals(user.getId())) {
            throw new SmpIllegalDataException("URL ID must match payload ID");
        }
        User findOneById = this.repo.findOneById(user.getId());
        if (null == findOneById) {
            throw new SmpNotFoundException(str, "Users");
        }
        if (null != findOneById.getHashedPassword()) {
            user.setHashedPassword(findOneById.getHashedPassword());
        }
        this.auditFacade.LogAction(AuditTrailActions.Update, AuditTrailObjectTypes.User, user.getUserId());
        return this.repo.save((UserRepository) user);
    }

    public List<User> findAll() {
        return this.repo.findAll();
    }

    public User findOneById(String str) {
        return this.repo.findOneById(str);
    }

    public User findOneByUserId(String str) {
        log.info("Find user in database: " + str);
        return this.repo.findOneByUserId(str);
    }

    public void delete(String str) throws SmpNotAuthorizedException, SmpNotFoundException {
        if (!CurrentUser.isAdmin()) {
            throw new SmpNotAuthorizedException("delete users");
        }
        if (null == findOneById(str)) {
            throw new SmpNotFoundException(str, "Users");
        }
        this.repo.delete(str);
    }
}
