package inc.yukawa.chain.modules.main.service.user;

import com.google.common.collect.Lists;
import inc.yukawa.chain.base.core.anno.ChainRequest;
import inc.yukawa.chain.base.core.anno.ChainService;
import inc.yukawa.chain.base.core.domain.change.Change;
import inc.yukawa.chain.base.core.domain.entity.Keyed;
import inc.yukawa.chain.base.core.domain.info.Info;
import inc.yukawa.chain.base.core.domain.notification.Notification;
import inc.yukawa.chain.base.core.domain.person.Person;
import inc.yukawa.chain.base.core.domain.result.EditResult;
import inc.yukawa.chain.base.core.domain.result.QueryResult;
import inc.yukawa.chain.base.core.domain.result.ResultDetail;
import inc.yukawa.chain.base.mono.dao.MonoWriteDao;
import inc.yukawa.chain.base.mono.repos.CrudRepository;
import inc.yukawa.chain.base.service.InterceptedRepoAspect;
import inc.yukawa.chain.kafka.util.MergingBeanUtilsBean;
import inc.yukawa.chain.modules.main.core.aspect.UsersAspect;
import inc.yukawa.chain.modules.main.core.domain.org.Org;
import inc.yukawa.chain.modules.main.core.domain.org.OrgFilter;
import inc.yukawa.chain.modules.main.core.domain.user.CredentialsChange;
import inc.yukawa.chain.modules.main.core.domain.user.User;
import inc.yukawa.chain.modules.main.core.domain.user.UserFilter;
import inc.yukawa.chain.modules.main.core.event.user.UserEvent;
import inc.yukawa.chain.modules.main.service.excel.ExcelConverter;
import inc.yukawa.chain.modules.main.service.org.OrgRepoBase;
import inc.yukawa.chain.security.domain.Account;
import inc.yukawa.chain.security.domain.Credentials;
import inc.yukawa.chain.security.domain.GroupContext;
import java.lang.reflect.InvocationTargetException;
import java.nio.file.AccessDeniedException;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import org.apache.commons.lang3.RandomStringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.dao.DataAccessException;
import org.springframework.kafka.core.KafkaTemplate;
import org.springframework.util.Assert;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import reactor.core.scheduler.Schedulers;
import reactor.util.function.Tuples;

@ChainService("Users")
/* loaded from: input_file:inc/yukawa/chain/modules/main/service/user/UserService.class */
public class UserService extends InterceptedRepoAspect<String, User, UserFilter> implements UsersAspect {
    private static final Logger LOG = LoggerFactory.getLogger(UserService.class);
    private final ExcelConverter excelConverter;
    private final OrgRepoBase<Org, OrgFilter> orgRepo;
    private final KafkaTemplate<String, Notification> notificationTemplate;
    private final MonoWriteDao<String, UserEvent> userEvtDao;
    private final TokenService tokenService;

    @Value("${chain.main.user.evt.enabled:true}")
    private boolean evtEnabled;

    @Value("${chain.main.user.register.enabled}")
    private boolean registerEnabled;

    @Value("${chain.main.user.register.createCompanyOrg}")
    private boolean registerCreateOrg;

    @Value("${chain.main.user.register.groups}")
    private Set<String> registerUserGroups;

    @Value("${chain.main.user.default.orgId:#{null}}")
    protected String defaultOrgId;

    @Value("${chain.main.user.default.password.length}")
    private int passwordLength;

    @Value("${chain.main.user.default.password.type}")
    private String passwordType;

    @Value("${chain.main.user.default.password.reset.enabled:true}")
    private boolean selfResetEnabled;

    @Value("${chain.main.user.default.password.reset.viaEmailLink:true}")
    private boolean resetViaEmailLink;

    @Value("${chain.main.user.default.password.reset.email.linkPrefix:https://example.com/user/reset-password?token=}")
    private String emailLinkPrefix;

    @Value("${chain.main.user.default.password.change.selfOnly:false}")
    private boolean changePassForSelfOnly;

    @Value("${chain.main.user.default.password.reset.email.sender}")
    private String resetPassSender;

    @Value("${chain.main.user.default.password.reset.email.templateName:resetPassword}")
    private String resetPassTemplateName;

    @Value("#{${chain.main.user.default.password.reset.email.subjects}}")
    private Map<String, String> resetPassSubjects;
    protected MergingBeanUtilsBean merger;

    public UserService(CrudRepository<String, User, UserFilter> crudRepository, ExcelConverter excelConverter, OrgRepoBase<Org, OrgFilter> orgRepoBase, KafkaTemplate<String, Notification> kafkaTemplate, MonoWriteDao<String, UserEvent> monoWriteDao, TokenService tokenService) {
        super(crudRepository);
        this.merger = new MergingBeanUtilsBean(MergingBeanUtilsBean.Strategy.PUT);
        this.excelConverter = excelConverter;
        this.orgRepo = orgRepoBase;
        this.notificationTemplate = kafkaTemplate;
        this.userEvtDao = monoWriteDao;
        this.tokenService = tokenService;
    }

    @ChainRequest("findUsers")
    public Mono<QueryResult<User>> queryUsers(UserFilter userFilter) {
        return query(userFilter);
    }

    public Mono<User> loadUser(String str) {
        return load(str);
    }

    @ChainRequest
    public Mono<User> loadUser(UserFilter userFilter) {
        return find(userFilter).singleOrEmpty();
    }

    @ChainRequest
    public Mono<EditResult> editUser(User user) {
        return asEdit("updateUser", update(user), user.getUsername());
    }

    @ChainRequest
    public Mono<EditResult> mergeUser(User user) {
        return asEdit("updateUser", merge(user), user.getUsername());
    }

    @ChainRequest
    public Mono<EditResult> createUser(User user) {
        return asEdit("createUser", create(user), user.getUsername());
    }

    public Mono<User> create(User user) {
        return super.create(user).flatMap(user2 -> {
            return onWrite(user2, "CREATE");
        });
    }

    public Mono<User> update(User user) {
        return super.update(user).flatMap(user2 -> {
            return onWrite(user2, "UPDATE");
        });
    }

    public Mono<User> merge(User user) {
        return super.merge(user).flatMap(user2 -> {
            return onWrite(user2, "MERGE");
        });
    }

    public Mono<User> mergePerson(User user) {
        return loadUser(new UserFilter(user.getUsername())).switchIfEmpty(Mono.error(new IllegalArgumentException("no such user: " + user.getUsername()))).map(user2 -> {
            Person person = user2.getPerson();
            mergeProps(user.getPerson(), person);
            User user2 = new User(user2.getUsername());
            user2.setUserId(user2.getUserId());
            user2.setPerson(person);
            return user2;
        }).flatMap(keyed -> {
            return super.merge(keyed);
        }).flatMap(user3 -> {
            return onWrite(user3, "MERGE");
        });
    }

    public Mono<User> put(User user) {
        return super.put(user).flatMap(user2 -> {
            return onWrite(user2, "PUT");
        });
    }

    public Mono<User> delete(User user) {
        return super.delete(user).flatMap(user2 -> {
            return onWrite(user, "DELETE");
        });
    }

    public Mono<User> deleteByKey(String str) {
        return super.deleteByKey(str).flatMap(user -> {
            return onWrite(new User(str), "DELETE");
        });
    }

    @ChainRequest
    public Mono<EditResult> registerUser(User user) {
        if (!this.registerEnabled) {
            return Mono.error(new AccessDeniedException("User registration prohibited"));
        }
        Assert.hasLength(user.getUsername(), "Username is mandatory");
        Assert.isNull(user.getOrgIds(), "OrgIds can't be specified, as are generated");
        Assert.notNull(user.getAccount(), "Password is mandatory");
        Assert.notNull(user.getAccount().getCredentials(), "Password is mandatory");
        Assert.notNull(user.getAccount().getCredentials().getPassword(), "Password is mandatory");
        User user2 = new User();
        user2.setUsername(user.getUsername());
        user2.setAccount(user.getAccount());
        if (user.getAccount().getCredentials().getUsername() == null) {
            user2.getAccount().getCredentials().setUsername(user2.getUsername());
        }
        Change change = new Change(user2.getUsername(), new Date());
        user2.setChange(change);
        user2.setCreated(change);
        if (user.getPerson() != null) {
            user2.setPerson(user.getPerson());
        } else {
            user2.setPerson(new Person());
        }
        Org org = null;
        if (this.registerCreateOrg) {
            Assert.notNull(user.getPerson(), "CompanyName is mandatory");
            Assert.hasLength(user.getPerson().getCompanyName(), "CompanyName is mandatory");
            String generateOrgId = generateOrgId();
            user2.setDefaultOrgId(generateOrgId);
            user2.setOrgIds(Lists.newArrayList(new String[]{generateOrgId}));
            user2.setGroupContexts(new HashSet());
            if (this.registerUserGroups != null && !this.registerUserGroups.isEmpty()) {
                user2.getGroupContexts().add(new GroupContext(generateOrgId, this.registerUserGroups));
            }
            org = new Org();
            org.setOrgId(generateOrgId);
            org.setCompanyName(user2.getPerson().getCompanyName());
            org.setChange(change);
            org.setCreated(change);
            org.setInfo(new Info(user2.getPerson().getCompanyName(), user2.getPerson().getCompanyName(), ""));
            LOG.info("Creating new org: {}", org);
        } else {
            user2.setDefaultOrgId(this.defaultOrgId);
            user2.setOrgIds(Lists.newArrayList(new String[]{this.defaultOrgId}));
            user2.setGroupContexts(new HashSet());
            if (this.registerUserGroups != null && !this.registerUserGroups.isEmpty()) {
                user2.getGroupContexts().add(new GroupContext(this.defaultOrgId, this.registerUserGroups));
            }
        }
        LOG.info("Registering new user: {}", user2);
        return Mono.zip(createUser(user2), org == null ? Mono.just(new EditResult()) : doOrgCreate(org)).switchIfEmpty(Mono.error(new IllegalStateException("user creation error - no response"))).flatMap(tuple2 -> {
            return ((EditResult) tuple2.getT1()).hasError() ? Mono.error(new IllegalArgumentException(((EditResult) tuple2.getT1()).findError().toString())) : Mono.just((EditResult) tuple2.getT1());
        });
    }

    @ChainRequest
    public Mono<EditResult> deleteUser(String str) {
        return asEdit("deleteUser", deleteByKey(str), str);
    }

    @ChainRequest
    public Mono<byte[]> exportUsers(UserFilter userFilter) {
        return find(userFilter).collectList().map(list -> {
            return this.excelConverter.toExcel(list, userFilter.getFields(), userFilter.getHeaders());
        });
    }

    @ChainRequest
    public Mono<User> addGroups(String str, String str2, Set<String> set) {
        return modifyGroups(str, str2, set, "GROUPS_APPEND");
    }

    @ChainRequest
    public Mono<User> removeGroups(String str, String str2, Set<String> set) {
        return modifyGroups(str, str2, set, "GROUPS_REMOVE");
    }

    @ChainRequest
    public Flux<User> synchronizeRoles(UserFilter userFilter) {
        return find(userFilter).flatMap(this::synchronizeRoles);
    }

    public Mono<User> synchronizeRoles(User user) {
        return this.repo.putEvent("SYNCHRONIZE", new User(user.getUsername())).map((v0) -> {
            return v0.getPayload();
        });
    }

    protected Mono<User> modifyGroups(String str, String str2, Set<String> set, String str3) {
        Objects.requireNonNull(str, "username");
        Objects.requireNonNull(str2, "orgId");
        Objects.requireNonNull(set, "groups");
        Keyed user = new User(str);
        user.setGroupContexts(new HashSet());
        user.getGroupContexts().add(new GroupContext(str2, set));
        return this.repo.putEvent(str3, user).map((v0) -> {
            return v0.getPayload();
        });
    }

    public static <T> Mono<EditResult> asEdit(String str, Mono<T> mono, String str2) {
        Mono map = mono.map(obj -> {
            EditResult editResult = new EditResult(str, obj.getClass(), str2);
            if (obj instanceof User) {
                editResult.addMessage(ResultDetail.info(((User) obj).getUserId(), "OK", "userId"));
            }
            return editResult;
        });
        Class<DataAccessException> cls = DataAccessException.class;
        Objects.requireNonNull(DataAccessException.class);
        return map.onErrorResume((v1) -> {
            return r1.isInstance(v1);
        }, th -> {
            LOG.info("{} failed for '{}', reason: {}: '{}'", new Object[]{str, str2, th.getClass().getSimpleName(), th.getMessage()});
            return Mono.just(new EditResult(str, th.getClass(), str2, ResultDetail.error(th)));
        }).doOnError(th2 -> {
            LOG.error(str + " failed: " + th2.getMessage(), th2);
        });
    }

    private String generateOrgId() {
        return RandomStringUtils.randomAlphabetic(6).toLowerCase();
    }

    @ChainRequest
    public Mono<EditResult> changePassword(Credentials credentials) {
        Objects.requireNonNull(credentials.getUsername(), "Username is mandatory!");
        Objects.requireNonNull(credentials.getPassword(), "Password is mandatory!");
        if (this.changePassForSelfOnly) {
            throw new IllegalArgumentException("Only self password change is supported");
        }
        String username = credentials.getUsername();
        String password = credentials.getPassword();
        User user = new User(username);
        user.setAccount(new Account(new Credentials(username, password), (Set) null));
        return asEdit("changePassword", syncCredentials(user), username);
    }

    @ChainRequest
    public Mono<EditResult> selfChangePassword(CredentialsChange credentialsChange) {
        Objects.requireNonNull(credentialsChange.getUsername(), "Username is mandatory!");
        Objects.requireNonNull(credentialsChange.getPassword(), "Password is mandatory!");
        Objects.requireNonNull(credentialsChange.getOldPassword(), "Old password is mandatory!");
        String username = credentialsChange.getUsername();
        String password = credentialsChange.getPassword();
        String oldPassword = credentialsChange.getOldPassword();
        User user = new User(username);
        user.setAccount(new Account(new Credentials(username, password), (Set) null));
        return asEdit("selfChangePassword", syncCredentialsIfOldPassMatches(user, oldPassword), username);
    }

    @ChainRequest
    public Mono<EditResult> editUserProfile(User user) {
        Objects.requireNonNull(user.getUsername(), "Username is mandatory");
        Objects.requireNonNull(user.getPerson(), "User.person is mandatory");
        User user2 = new User(user.getUsername());
        user2.setPerson(user.getPerson());
        return asEdit("editUserProfile", merge(user2), user.key());
    }

    @ChainRequest
    public Mono<EditResult> selfPersonMerge(User user) {
        Objects.requireNonNull(user.getUsername(), "Username is mandatory");
        Objects.requireNonNull(user.getPerson(), "User.person is mandatory");
        User user2 = new User(user.getUsername());
        user2.setPerson(user.getPerson());
        return asEdit("selfPersonMerge", mergePerson(user2), user.key());
    }

    @ChainRequest
    public Mono<EditResult> selfResetPassword(User user, String str) {
        if (this.selfResetEnabled) {
            return triggerResetPassword(user, str);
        }
        throw new IllegalStateException("Resetting password is disabled");
    }

    @ChainRequest
    public Mono<EditResult> resetPassword(User user, String str) {
        return triggerResetPassword(user, str);
    }

    private Mono<EditResult> triggerResetPassword(User user, String str) {
        Objects.requireNonNull(user.key(), "Username or userId is mandatory!");
        if ("admin".equalsIgnoreCase(user.key())) {
            throw new IllegalArgumentException("Resetting of admin password is not supported");
        }
        UserFilter userFilter = new UserFilter(user.getUsername());
        userFilter.setUserId(userFilter.getUserId());
        Mono map = this.repo.read(userFilter).filter(user2 -> {
            return (user2.getPerson() == null || user2.getPerson().getEmail() == null) ? false : true;
        }).switchIfEmpty(Mono.error(new IllegalStateException("The user must have an email!"))).map(user3 -> {
            return Tuples.of(user3, resetPassNotificationFor(user3, str));
        });
        return asEdit("resetPassword", (this.resetViaEmailLink ? map.flatMap(tuple2 -> {
            ((Notification) tuple2.getT2()).getTemplateVars().put("resetLink", this.emailLinkPrefix + this.tokenService.resetPassToken(((User) tuple2.getT1()).getUsername()));
            return Mono.just(tuple2);
        }) : map.flatMap(tuple22 -> {
            ((User) tuple22.getT1()).setAccount(new Account(new Credentials(user.getUsername(), generatePassword()), (Set) null));
            ((Notification) tuple22.getT2()).getTemplateVars().put("password", ((User) tuple22.getT1()).getAccount().getPassword());
            return syncCredentials((User) tuple22.getT1()).thenReturn(tuple22);
        })).flatMap(tuple23 -> {
            return Mono.fromCallable(() -> {
                return this.notificationTemplate.sendDefault((Notification) tuple23.getT2());
            });
        }).thenReturn(user), user.getUsername());
    }

    private String generatePassword() {
        String str = this.passwordType;
        boolean z = -1;
        switch (str.hashCode()) {
            case -2000413939:
                if (str.equals("numeric")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return RandomStringUtils.randomNumeric(this.passwordLength);
            default:
                return RandomStringUtils.randomAlphabetic(this.passwordLength);
        }
    }

    protected Mono<User> syncCredentialsIfOldPassMatches(User user, String str) {
        throw new UnsupportedOperationException("Not implemented in kafka way");
    }

    protected Mono<User> syncCredentials(User user) {
        return this.repo.merge(user);
    }

    protected Mono<EditResult> doOrgCreate(Org org) {
        return this.orgRepo.create(org);
    }

    protected Mono<User> onWrite(User user, String str) {
        if (!this.evtEnabled || this.userEvtDao == null) {
            LOG.trace("Skipping evt broadcast as feature disabled");
            return Mono.just(user);
        }
        UserEvent userEvent = new UserEvent(str, user);
        LOG.debug("Publishing user evt: {}", userEvent);
        return this.userEvtDao.put(user.getUsername(), userEvent).subscribeOn(Schedulers.boundedElastic()).thenReturn(user);
    }

    protected <E> E mergeProps(E e, E e2) {
        try {
            this.merger.copyProperties(e2, e);
            return e2;
        } catch (IllegalAccessException | InvocationTargetException e3) {
            LOG.error("Merging error", e3);
            throw new IllegalStateException("Merging error", e3);
        }
    }

    private Notification resetPassNotificationFor(User user, String str) {
        Notification notification = new Notification();
        notification.setChannel("EMAIL");
        notification.setSender(this.resetPassSender);
        notification.setRecipients(Collections.singletonList(user.getPerson().getEmail()));
        notification.setSubject(this.resetPassSubjects.getOrDefault(str, this.resetPassSubjects.getOrDefault("en", "Password reset notification")));
        notification.setTemplateName(this.resetPassTemplateName);
        notification.setTemplateLang(str);
        HashMap hashMap = new HashMap();
        hashMap.put("person", user.getPerson() != null ? user.getPerson() : new Person());
        notification.setTemplateVars(hashMap);
        return notification;
    }
}
