package org.graylog2.users;

import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.inject.Inject;
import com.mongodb.BasicDBObject;
import com.mongodb.DBObject;
import java.util.ArrayList;
import java.util.List;
import org.bson.types.ObjectId;
import org.graylog2.Configuration;
import org.graylog2.database.MongoConnection;
import org.graylog2.database.PersistedServiceImpl;
import org.graylog2.database.ValidationException;
import org.graylog2.plugin.database.Persisted;
import org.graylog2.security.RestPermissions;
import org.graylog2.security.ldap.LdapEntry;
import org.graylog2.security.ldap.LdapSettings;
import org.graylog2.security.ldap.LdapSettingsImpl;
import org.graylog2.users.UserImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/graylog2/users/UserServiceImpl.class */
public class UserServiceImpl extends PersistedServiceImpl implements UserService {
    private static final Logger LOG = LoggerFactory.getLogger(UserServiceImpl.class);
    private final Configuration configuration;

    @Inject
    public UserServiceImpl(MongoConnection mongoConnection, Configuration configuration) {
        super(mongoConnection);
        this.configuration = configuration;
    }

    @Override // org.graylog2.users.UserService
    public User load(String str) {
        LOG.debug("Loading user {}", str);
        if (this.configuration.getRootUsername().equals(str)) {
            LOG.debug("User {} is the built-in admin user", str);
            return new UserImpl.LocalAdminUser(this.configuration);
        }
        BasicDBObject basicDBObject = new BasicDBObject();
        basicDBObject.put("username", (Object) str);
        List<DBObject> query = query(UserImpl.class, basicDBObject);
        if (query == null || query.isEmpty()) {
            return null;
        }
        if (query.size() > 1) {
            String str2 = "There was more than one matching user for username " + str + ". This should never happen.";
            LOG.error(str2);
            throw new RuntimeException(str2);
        }
        DBObject dBObject = query.get(0);
        Object obj = dBObject.get("_id");
        LOG.debug("Loaded user {}/{} from MongoDB", str, obj);
        return new UserImpl((ObjectId) obj, dBObject.toMap());
    }

    @Override // org.graylog2.users.UserService
    public User create() {
        return new UserImpl(Maps.newHashMap());
    }

    @Override // org.graylog2.users.UserService
    public List<User> loadAll() {
        List<DBObject> query = query(UserImpl.class, new BasicDBObject());
        ArrayList newArrayList = Lists.newArrayList();
        for (DBObject dBObject : query) {
            newArrayList.add(new UserImpl((ObjectId) dBObject.get("_id"), dBObject.toMap()));
        }
        return newArrayList;
    }

    @Override // org.graylog2.users.UserService
    public User syncFromLdapEntry(LdapEntry ldapEntry, LdapSettings ldapSettings, String str) {
        UserImpl userImpl = (UserImpl) load(str);
        if (userImpl == null) {
            userImpl = new UserImpl(Maps.newHashMap());
        }
        updateFromLdap(userImpl, ldapEntry, ldapSettings, str);
        try {
            save(userImpl);
            return userImpl;
        } catch (ValidationException e) {
            LOG.error("Cannot save user.", (Throwable) e);
            return null;
        }
    }

    @Override // org.graylog2.users.UserService
    public void updateFromLdap(UserImpl userImpl, LdapEntry ldapEntry, LdapSettings ldapSettings, String str) {
        String displayNameAttribute = ldapSettings.getDisplayNameAttribute();
        userImpl.setName(str);
        userImpl.setFullName(ldapEntry.get(displayNameAttribute));
        userImpl.setExternal(true);
        String email = ldapEntry.getEmail();
        if (Strings.isNullOrEmpty(email)) {
            LOG.debug("No email address found for user {} in LDAP. Using {}@localhost", str, str);
            userImpl.setEmail(str + "@localhost");
        } else {
            userImpl.setEmail(email);
        }
        if (Strings.isNullOrEmpty(userImpl.getHashedPassword())) {
            userImpl.setHashedPassword("User synced from LDAP.");
        }
        if (userImpl.getPermissions() == null) {
            if (ldapSettings.getDefaultGroup().equals(LdapSettingsImpl.DEFAULT_GROUP)) {
                userImpl.setPermissions(Lists.newArrayList(RestPermissions.readerPermissions(str)));
            } else {
                userImpl.setPermissions(Lists.newArrayList("*"));
            }
        }
    }

    @Override // org.graylog2.database.PersistedServiceImpl, org.graylog2.database.PersistedService
    public <T extends Persisted> String save(T t) throws ValidationException {
        if (t instanceof UserImpl.LocalAdminUser) {
            throw new IllegalStateException("Cannot modify local root user, this is a bug.");
        }
        return super.save(t);
    }

    @Override // org.graylog2.users.UserService
    public User getAdminUser() {
        return new UserImpl.LocalAdminUser(this.configuration);
    }
}
