package com.epam.ta.reportportal.core.user.impl;

import com.epam.ta.reportportal.auth.authenticator.UserAuthenticator;
import com.epam.ta.reportportal.commons.EntityUtils;
import com.epam.ta.reportportal.commons.Predicates;
import com.epam.ta.reportportal.commons.ReportPortalUser;
import com.epam.ta.reportportal.commons.validation.BusinessRule;
import com.epam.ta.reportportal.commons.validation.Suppliers;
import com.epam.ta.reportportal.core.events.activity.CreateInvitationLinkEvent;
import com.epam.ta.reportportal.core.events.activity.UserCreatedEvent;
import com.epam.ta.reportportal.core.integration.GetIntegrationHandler;
import com.epam.ta.reportportal.core.project.CreateProjectHandler;
import com.epam.ta.reportportal.core.project.GetProjectHandler;
import com.epam.ta.reportportal.core.project.ProjectUserHandler;
import com.epam.ta.reportportal.core.user.CreateUserHandler;
import com.epam.ta.reportportal.dao.RestorePasswordBidRepository;
import com.epam.ta.reportportal.dao.UserCreationBidRepository;
import com.epam.ta.reportportal.dao.UserRepository;
import com.epam.ta.reportportal.entity.Metadata;
import com.epam.ta.reportportal.entity.enums.IntegrationGroupEnum;
import com.epam.ta.reportportal.entity.integration.Integration;
import com.epam.ta.reportportal.entity.project.Project;
import com.epam.ta.reportportal.entity.project.ProjectRole;
import com.epam.ta.reportportal.entity.project.ProjectUtils;
import com.epam.ta.reportportal.entity.user.ProjectUser;
import com.epam.ta.reportportal.entity.user.RestorePasswordBid;
import com.epam.ta.reportportal.entity.user.User;
import com.epam.ta.reportportal.entity.user.UserCreationBid;
import com.epam.ta.reportportal.entity.user.UserRole;
import com.epam.ta.reportportal.entity.user.UserType;
import com.epam.ta.reportportal.exception.ReportPortalException;
import com.epam.ta.reportportal.util.UserUtils;
import com.epam.ta.reportportal.util.email.MailServiceFactory;
import com.epam.ta.reportportal.ws.converter.builders.UserBuilder;
import com.epam.ta.reportportal.ws.converter.converters.RestorePasswordBidConverter;
import com.epam.ta.reportportal.ws.converter.converters.UserConverter;
import com.epam.ta.reportportal.ws.converter.converters.UserCreationBidConverter;
import com.epam.ta.reportportal.ws.model.ErrorType;
import com.epam.ta.reportportal.ws.model.OperationCompletionRS;
import com.epam.ta.reportportal.ws.model.YesNoRS;
import com.epam.ta.reportportal.ws.model.activity.UserActivityResource;
import com.epam.ta.reportportal.ws.model.user.CreateUserBidRS;
import com.epam.ta.reportportal.ws.model.user.CreateUserRQ;
import com.epam.ta.reportportal.ws.model.user.CreateUserRQConfirm;
import com.epam.ta.reportportal.ws.model.user.CreateUserRQFull;
import com.epam.ta.reportportal.ws.model.user.CreateUserRS;
import com.epam.ta.reportportal.ws.model.user.ResetPasswordRQ;
import com.epam.ta.reportportal.ws.model.user.RestorePasswordRQ;
import com.google.common.collect.Maps;
import java.util.HashMap;
import java.util.Optional;
import java.util.function.Predicate;
import javax.persistence.PersistenceException;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.hibernate.exception.ConstraintViolationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Service
/* loaded from: input_file:com/epam/ta/reportportal/core/user/impl/CreateUserHandlerImpl.class */
public class CreateUserHandlerImpl implements CreateUserHandler {
    public static final String BID_TYPE = "type";
    public static final String INTERNAL_BID_TYPE = "internal";
    private final UserRepository userRepository;
    private final UserAuthenticator userAuthenticator;
    private final MailServiceFactory emailServiceFactory;
    private final UserCreationBidRepository userCreationBidRepository;
    private final RestorePasswordBidRepository restorePasswordBidRepository;
    private final CreateProjectHandler createProjectHandler;
    private final GetProjectHandler getProjectHandler;
    private final ProjectUserHandler projectUserHandler;
    private final GetIntegrationHandler getIntegrationHandler;
    private final ThreadPoolTaskExecutor emailExecutorService;
    private final PasswordEncoder passwordEncoder;
    private final ApplicationEventPublisher eventPublisher;

    @Autowired
    public CreateUserHandlerImpl(PasswordEncoder passwordEncoder, UserRepository userRepository, UserAuthenticator userAuthenticator, MailServiceFactory mailServiceFactory, UserCreationBidRepository userCreationBidRepository, RestorePasswordBidRepository restorePasswordBidRepository, CreateProjectHandler createProjectHandler, GetProjectHandler getProjectHandler, ProjectUserHandler projectUserHandler, GetIntegrationHandler getIntegrationHandler, ThreadPoolTaskExecutor threadPoolTaskExecutor, ApplicationEventPublisher applicationEventPublisher) {
        this.passwordEncoder = passwordEncoder;
        this.userRepository = userRepository;
        this.createProjectHandler = createProjectHandler;
        this.projectUserHandler = projectUserHandler;
        this.userAuthenticator = userAuthenticator;
        this.emailServiceFactory = mailServiceFactory;
        this.userCreationBidRepository = userCreationBidRepository;
        this.restorePasswordBidRepository = restorePasswordBidRepository;
        this.getProjectHandler = getProjectHandler;
        this.getIntegrationHandler = getIntegrationHandler;
        this.emailExecutorService = threadPoolTaskExecutor;
        this.eventPublisher = applicationEventPublisher;
    }

    @Override // com.epam.ta.reportportal.core.user.CreateUserHandler
    @Transactional
    public CreateUserRS createUserByAdmin(CreateUserRQFull createUserRQFull, ReportPortalUser reportPortalUser, String str) {
        User user = (User) this.userRepository.findRawById(reportPortalUser.getUserId()).orElseThrow(() -> {
            return new ReportPortalException(ErrorType.USER_NOT_FOUND, new Object[]{reportPortalUser.getUsername()});
        });
        BusinessRule.expect(user.getRole(), Predicates.equalTo(UserRole.ADMINISTRATOR)).verify(ErrorType.ACCESS_DENIED, new Object[]{Suppliers.formattedSupplier("Only administrator can create new user. Your role is - {}", new Object[]{user.getRole()})});
        normalize(createUserRQFull);
        Pair<UserActivityResource, CreateUserRS> saveUser = saveUser(createUserRQFull, user, false);
        this.emailExecutorService.execute(() -> {
            this.emailServiceFactory.getDefaultEmailService(true).sendCreateUserConfirmationEmail(createUserRQFull, str);
        });
        return (CreateUserRS) saveUser.getValue();
    }

    private void normalize(CreateUserRQFull createUserRQFull) {
        String normalizeLogin = normalizeLogin(createUserRQFull.getLogin());
        String normalizeEmail = normalizeEmail(createUserRQFull.getEmail());
        createUserRQFull.setLogin(normalizeLogin);
        createUserRQFull.setEmail(normalizeEmail);
    }

    private String normalizeLogin(String str) {
        String normalized = getNormalized(str);
        validateLogin(str, normalized);
        return normalized;
    }

    private void validateLogin(String str, String str2) {
        BusinessRule.expect(Boolean.valueOf(this.userRepository.findByLogin(str2).isPresent()), Predicates.equalTo(Boolean.FALSE)).verify(ErrorType.USER_ALREADY_EXISTS, new Object[]{Suppliers.formattedSupplier("login='{}'", new Object[]{str})});
        BusinessRule.expect(str2, com.epam.ta.reportportal.util.Predicates.SPECIAL_CHARS_ONLY.negate()).verify(ErrorType.INCORRECT_REQUEST, new Object[]{Suppliers.formattedSupplier("Username '{}' consists only of special characters", new Object[]{str})});
    }

    private String normalizeEmail(String str) {
        String normalized = getNormalized(str);
        validateEmail(str, normalized);
        return normalized;
    }

    private void validateEmail(String str, String str2) {
        BusinessRule.expect(Boolean.valueOf(UserUtils.isEmailValid(str2)), Predicates.equalTo(true)).verify(ErrorType.BAD_REQUEST_ERROR, new Object[]{Suppliers.formattedSupplier("email='{}'", new Object[]{str})});
        BusinessRule.expect(Boolean.valueOf(this.userRepository.findByEmail(str2).isPresent()), Predicates.equalTo(Boolean.FALSE)).verify(ErrorType.USER_ALREADY_EXISTS, new Object[]{Suppliers.formattedSupplier("email='{}'", new Object[]{str})});
    }

    private String getNormalized(String str) {
        return EntityUtils.normalizeId(str.trim());
    }

    private Pair<UserActivityResource, CreateUserRS> saveUser(CreateUserRQFull createUserRQFull, User user, boolean z) {
        Project raw = this.getProjectHandler.getRaw(EntityUtils.normalizeId(createUserRQFull.getDefaultProject()));
        ProjectRole projectRole = (ProjectRole) ProjectRole.forName(createUserRQFull.getProjectRole()).orElseThrow(() -> {
            return new ReportPortalException(ErrorType.ROLE_NOT_FOUND, new Object[]{createUserRQFull.getProjectRole()});
        });
        User convert = convert(createUserRQFull);
        try {
            this.userRepository.save(convert);
            this.eventPublisher.publishEvent(new UserCreatedEvent(getUserActivityResource(convert), user.getId(), user.getLogin(), z));
            this.userAuthenticator.authenticate(convert);
            this.projectUserHandler.assign(convert, raw, projectRole, user, false);
            this.projectUserHandler.assign(convert, this.createProjectHandler.createPersonal(convert), ProjectRole.PROJECT_MANAGER, user, z);
            CreateUserRS createUserRS = new CreateUserRS();
            createUserRS.setId(convert.getId());
            createUserRS.setLogin(convert.getLogin());
            return Pair.of(UserConverter.TO_ACTIVITY_RESOURCE.apply(convert, raw.getId()), createUserRS);
        } catch (Exception e) {
            throw new ReportPortalException("Error while User creating: " + e.getMessage(), e);
        } catch (PersistenceException e2) {
            if (e2.getCause() instanceof ConstraintViolationException) {
                BusinessRule.fail().withError(ErrorType.RESOURCE_ALREADY_EXISTS, new Object[]{e2.getCause().getConstraintName()});
            }
            throw new ReportPortalException("Error while User creating: " + e2.getMessage(), e2);
        }
    }

    private UserActivityResource getUserActivityResource(User user) {
        UserActivityResource userActivityResource = new UserActivityResource();
        userActivityResource.setId(user.getId());
        userActivityResource.setFullName(user.getLogin());
        return userActivityResource;
    }

    private User convert(CreateUserRQFull createUserRQFull) {
        return new UserBuilder().addCreateUserFullRQ(createUserRQFull).addUserRole((UserRole) UserRole.findByName(createUserRQFull.getAccountRole()).orElseThrow(() -> {
            return new ReportPortalException(ErrorType.BAD_REQUEST_ERROR, new Object[]{"Incorrect specified Account Role parameter."});
        })).addPassword(this.passwordEncoder.encode(createUserRQFull.getPassword())).get();
    }

    @Override // com.epam.ta.reportportal.core.user.CreateUserHandler
    @Transactional
    public CreateUserRS createUser(CreateUserRQConfirm createUserRQConfirm, String str) {
        UserCreationBid userCreationBid = (UserCreationBid) this.userCreationBidRepository.findByUuidAndType(str, INTERNAL_BID_TYPE).orElseThrow(() -> {
            return new ReportPortalException(ErrorType.INCORRECT_REQUEST, new Object[]{"Impossible to register user. UUID expired or already registered."});
        });
        CreateUserRQFull convertToCreateRequest = convertToCreateRequest(createUserRQConfirm, userCreationBid);
        normalize(convertToCreateRequest);
        BusinessRule.expect(convertToCreateRequest.getEmail(), Predicate.isEqual(userCreationBid.getEmail())).verify(ErrorType.INCORRECT_REQUEST, new Object[]{"Email from bid not match."});
        Pair<UserActivityResource, CreateUserRS> saveUser = saveUser(convertToCreateRequest, userCreationBid.getInvitingUser(), true);
        this.userCreationBidRepository.deleteAllByEmail(convertToCreateRequest.getEmail());
        return (CreateUserRS) saveUser.getValue();
    }

    private CreateUserRQFull convertToCreateRequest(CreateUserRQConfirm createUserRQConfirm, UserCreationBid userCreationBid) {
        CreateUserRQFull createUserRQFull = new CreateUserRQFull();
        createUserRQFull.setLogin(createUserRQConfirm.getLogin());
        createUserRQFull.setEmail(createUserRQConfirm.getEmail());
        createUserRQFull.setFullName(createUserRQConfirm.getFullName());
        createUserRQFull.setPassword(createUserRQConfirm.getPassword());
        createUserRQFull.setDefaultProject(userCreationBid.getProjectName());
        createUserRQFull.setAccountRole(UserRole.USER.name());
        createUserRQFull.setProjectRole(userCreationBid.getRole());
        return createUserRQFull;
    }

    @Override // com.epam.ta.reportportal.core.user.CreateUserHandler
    public CreateUserBidRS createUserBid(CreateUserRQ createUserRQ, ReportPortalUser reportPortalUser, String str) {
        Project project = this.getProjectHandler.get(EntityUtils.normalizeId(createUserRQ.getDefaultProject()));
        BusinessRule.expect(Boolean.valueOf(this.userRepository.existsById(reportPortalUser.getUserId())), BooleanUtils::isTrue).verify(ErrorType.USER_NOT_FOUND, new Object[]{reportPortalUser.getUsername()});
        Integration orElseThrow = this.getIntegrationHandler.getEnabledByProjectIdOrGlobalAndIntegrationGroup(project.getId(), IntegrationGroupEnum.NOTIFICATION).orElseThrow(() -> {
            return new ReportPortalException(ErrorType.EMAIL_CONFIGURATION_IS_INCORRECT, new Object[]{"Please configure email server in Report Portal settings."});
        });
        createUserRQ.setEmail(normalizeEmail(createUserRQ.getEmail()));
        if (reportPortalUser.getUserRole() != UserRole.ADMINISTRATOR) {
            ProjectUser findUserConfigByLogin = ProjectUtils.findUserConfigByLogin(project, reportPortalUser.getUsername());
            BusinessRule.expect(findUserConfigByLogin, Predicates.not(Predicates.isNull())).verify(ErrorType.ACCESS_DENIED, new Object[]{Suppliers.formattedSupplier("'{}' is not your project", new Object[]{project.getName()})});
            BusinessRule.expect(findUserConfigByLogin.getProjectRole(), Predicate.isEqual(ProjectRole.PROJECT_MANAGER)).verify(ErrorType.ACCESS_DENIED, new Object[0]);
        }
        createUserRQ.setRole(((ProjectRole) ProjectRole.forName(createUserRQ.getRole()).orElseThrow(() -> {
            return new ReportPortalException(ErrorType.ROLE_NOT_FOUND, new Object[]{createUserRQ.getRole()});
        })).name());
        UserCreationBid apply = UserCreationBidConverter.TO_USER.apply(createUserRQ, project);
        apply.setMetadata(getUserCreationBidMetadata());
        apply.setInvitingUser((User) this.userRepository.getById(reportPortalUser.getUserId()));
        try {
            this.userCreationBidRepository.save(apply);
            StringBuilder append = new StringBuilder(str).append("/ui/#registration?uuid=").append(apply.getUuid());
            this.emailExecutorService.execute(() -> {
                this.emailServiceFactory.getEmailService(orElseThrow, false).sendCreateUserConfirmationEmail("User registration confirmation", new String[]{apply.getEmail()}, append.toString());
            });
            this.eventPublisher.publishEvent(new CreateInvitationLinkEvent(reportPortalUser.getUserId(), reportPortalUser.getUsername(), project.getId()));
            CreateUserBidRS createUserBidRS = new CreateUserBidRS();
            createUserBidRS.setMessage("Bid for user creation with email '" + createUserRQ.getEmail() + "' is successfully registered. Confirmation info will be send on provided email. Expiration: 1 day.");
            createUserBidRS.setBid(apply.getUuid());
            createUserBidRS.setBackLink(append.toString());
            return createUserBidRS;
        } catch (Exception e) {
            throw new ReportPortalException("Error while user creation bid registering.", e);
        }
    }

    private Metadata getUserCreationBidMetadata() {
        HashMap newHashMapWithExpectedSize = Maps.newHashMapWithExpectedSize(1);
        newHashMapWithExpectedSize.put("type", INTERNAL_BID_TYPE);
        return new Metadata(newHashMapWithExpectedSize);
    }

    @Override // com.epam.ta.reportportal.core.user.CreateUserHandler
    public OperationCompletionRS createRestorePasswordBid(RestorePasswordRQ restorePasswordRQ, String str) {
        RestorePasswordBid restorePasswordBid;
        String normalizeId = EntityUtils.normalizeId(restorePasswordRQ.getEmail());
        BusinessRule.expect(Boolean.valueOf(UserUtils.isEmailValid(normalizeId)), Predicates.equalTo(true)).verify(ErrorType.BAD_REQUEST_ERROR, new Object[]{normalizeId});
        User user = (User) this.userRepository.findByEmail(normalizeId).orElseThrow(() -> {
            return new ReportPortalException(ErrorType.USER_NOT_FOUND, new Object[]{normalizeId});
        });
        Optional findByEmail = this.restorePasswordBidRepository.findByEmail(restorePasswordRQ.getEmail());
        if (findByEmail.isEmpty()) {
            BusinessRule.expect(user.getUserType(), Predicates.equalTo(UserType.INTERNAL)).verify(ErrorType.BAD_REQUEST_ERROR, new Object[]{"Unable to change password for external user"});
            restorePasswordBid = RestorePasswordBidConverter.TO_BID.apply(restorePasswordRQ);
            this.restorePasswordBidRepository.save(restorePasswordBid);
        } else {
            restorePasswordBid = (RestorePasswordBid) findByEmail.get();
        }
        this.emailServiceFactory.getDefaultEmailService(true).sendRestorePasswordEmail("Password recovery", new String[]{normalizeId}, str + "#login?reset=" + restorePasswordBid.getUuid(), user.getLogin());
        return new OperationCompletionRS("Email has been sent");
    }

    @Override // com.epam.ta.reportportal.core.user.CreateUserHandler
    public OperationCompletionRS resetPassword(ResetPasswordRQ resetPasswordRQ) {
        String email = ((RestorePasswordBid) this.restorePasswordBidRepository.findById(resetPasswordRQ.getUuid()).orElseThrow(() -> {
            return new ReportPortalException(ErrorType.ACCESS_DENIED, new Object[]{"The password change link is no longer valid."});
        })).getEmail();
        BusinessRule.expect(Boolean.valueOf(UserUtils.isEmailValid(email)), Predicates.equalTo(true)).verify(ErrorType.BAD_REQUEST_ERROR, new Object[]{email});
        User user = (User) this.userRepository.findByEmail(email).orElseThrow(() -> {
            return new ReportPortalException(ErrorType.USER_NOT_FOUND, new Object[0]);
        });
        BusinessRule.expect(user.getUserType(), Predicates.equalTo(UserType.INTERNAL)).verify(ErrorType.BAD_REQUEST_ERROR, new Object[]{"Unable to change password for external user"});
        user.setPassword(this.passwordEncoder.encode(resetPasswordRQ.getPassword()));
        this.userRepository.save(user);
        this.restorePasswordBidRepository.deleteById(resetPasswordRQ.getUuid());
        OperationCompletionRS operationCompletionRS = new OperationCompletionRS();
        operationCompletionRS.setResultMessage("Password has been changed");
        return operationCompletionRS;
    }

    @Override // com.epam.ta.reportportal.core.user.CreateUserHandler
    public YesNoRS isResetPasswordBidExist(String str) {
        return new YesNoRS(this.restorePasswordBidRepository.findById(str).isPresent());
    }
}
