package com.atlassian.bamboo.user;

import bucket.user.DefaultUserAccessor;
import com.atlassian.bamboo.author.AuthorDao;
import com.atlassian.bamboo.author.ExtendedAuthor;
import com.atlassian.bamboo.comment.CommentDao;
import com.atlassian.bamboo.configuration.AdministrationConfiguration;
import com.atlassian.bamboo.labels.LabelDao;
import com.atlassian.bamboo.security.GlobalApplicationSecureObject;
import com.atlassian.bamboo.security.acegi.acls.AclDao;
import com.atlassian.bamboo.security.acegi.acls.BambooPermission;
import com.atlassian.bamboo.security.acegi.acls.GroupPrincipalSid;
import com.atlassian.bamboo.security.acegi.acls.HibernateAclImpl;
import com.atlassian.bamboo.security.acegi.acls.HibernateObjectIdentityImpl;
import com.atlassian.core.bean.EntityObject;
import com.atlassian.core.exception.InfrastructureException;
import com.atlassian.spring.container.ContainerManager;
import com.atlassian.user.EntityException;
import com.atlassian.user.Group;
import com.atlassian.user.User;
import com.atlassian.user.search.page.Pager;
import com.atlassian.user.search.page.PagerUtils;
import com.opensymphony.module.propertyset.PropertySet;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.acegisecurity.Authentication;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.acls.AccessControlEntry;
import org.acegisecurity.acls.Acl;
import org.acegisecurity.acls.MutableAcl;
import org.acegisecurity.acls.MutableAclService;
import org.acegisecurity.acls.OwnershipAcl;
import org.acegisecurity.acls.domain.AclAuthorizationStrategy;
import org.acegisecurity.acls.sid.GrantedAuthoritySid;
import org.acegisecurity.acls.sid.PrincipalSid;
import org.acegisecurity.acls.sid.Sid;
import org.acegisecurity.adapters.PrincipalAcegiUserToken;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.springframework.dao.DataAccessException;

/* loaded from: input_file:com/atlassian/bamboo/user/BambooUserManagerImpl.class */
public class BambooUserManagerImpl extends DefaultUserAccessor implements BambooUserManager {
    private static final Logger log = Logger.getLogger(BambooUserManagerImpl.class);
    private AuthorDao authorDao;
    private CommentDao commentDao;
    private LabelDao labelDao;
    private AclDao aclDao;
    private MutableAclService aclService;
    private AclAuthorizationStrategy aclAuthorizationStrategy;
    private LoginInformationManager loginInformationManager;

    public BambooUser getBambooUser(String str) {
        return getBambooUser(getUser(str));
    }

    public BambooUser getBambooUser(User user) {
        if (user != null) {
            return new DefaultBambooUser(user);
        }
        return null;
    }

    public User getUser(String str) {
        User user = super.getUser(str);
        if (log.isDebugEnabled() && user == null) {
            log.debug("User " + str + " not found.");
        }
        return user;
    }

    public BambooUser addUser(String str, String str2, String str3, String str4, String str5, List<String> list) {
        return addUser(str, str2, str3, str4, str5, list, null);
    }

    public BambooUser addUser(String str, String str2, String str3, String str4, String str5, List<String> list, ExtendedAuthor extendedAuthor) {
        String[] stringListToArray = stringListToArray(list);
        User addUser = stringListToArray == null ? addUser(str, str2, str3, str4) : addUser(str, str2, str3, str4, stringListToArray);
        PropertySet propertySet = getPropertySet(addUser);
        if (str5 != null) {
            propertySet.setString("bamboo.user.contact.jabber", str5);
        }
        propertySet.setString("bamboo.user.contact.preference", "both");
        propertySet.setString("bamboo.user.contact.transportPreference", "multipart");
        DefaultBambooUser defaultBambooUser = new DefaultBambooUser(addUser);
        if (extendedAuthor != null) {
            extendedAuthor.setLinkedUserName(str);
            this.authorDao.save((EntityObject) extendedAuthor);
        }
        return defaultBambooUser;
    }

    public void saveUser(String str, String str2, String str3, String str4, String str5, List<String> list) throws IllegalArgumentException {
        saveUser(str, str2, str3, str4, str5, list, null);
    }

    public void saveUser(String str, String str2, String str3, String str4, String str5, List<String> list, ExtendedAuthor extendedAuthor) throws IllegalArgumentException {
        saveUser(str, str2, str3, str4, str5, null, null, list, extendedAuthor, null);
    }

    public void saveUser(String str, String str2, String str3, String str4, String str5, List<String> list, ExtendedAuthor extendedAuthor, String str6) throws IllegalArgumentException {
        saveUser(str, str2, str3, str4, str5, null, null, list, extendedAuthor, str6);
    }

    public void saveUser(String str, String str2, String str3, String str4, String str5, String str6, String str7, List<String> list, ExtendedAuthor extendedAuthor, String str8) throws IllegalArgumentException {
        User user = getUser(str);
        if (user == null) {
            throw new IllegalArgumentException("Username " + str + " cannot be found");
        }
        if (!isReadOnly(user)) {
            user.setEmail(str3);
            user.setFullName(str4);
            saveUser(user);
        }
        setUserGroups(user, list);
        PropertySet propertySet = getPropertySet(user);
        if (str5 != null) {
            propertySet.setString("bamboo.user.contact.jabber", str5);
        }
        if (str6 != null) {
            propertySet.setString("bamboo.user.contact.preference", str6);
        }
        if (str7 != null) {
            propertySet.setString("bamboo.user.contact.transportPreference", str7);
        }
        if (StringUtils.isNotBlank(str8)) {
            propertySet.setString("bamboo.user.ide.port", str8);
        } else {
            propertySet.setString("bamboo.user.ide.port", "51235");
        }
        removeLinkedAuthorForUser(user);
        if (extendedAuthor != null) {
            extendedAuthor.setLinkedUserName(str);
            this.authorDao.save((EntityObject) extendedAuthor);
        }
        if (StringUtils.isNotEmpty(str2)) {
            if (isReadOnly(user)) {
                cannotAlterPassword(str, null);
                return;
            }
            try {
                alterPassword(user, str2);
            } catch (EntityException e) {
                cannotAlterPassword(str, e);
            }
        }
    }

    public void alterPassword(User user, String str) throws EntityException {
        this.loginInformationManager.resetCountForUser(user.getName());
        super.alterPassword(user, str);
    }

    public void saveNotificationPreferences(String str, String str2, String str3) {
        User user = getUser(str);
        if (user == null) {
            throw new IllegalArgumentException("Username " + str + " cannot be found");
        }
        PropertySet propertySet = getPropertySet(user);
        if (str2 != null) {
            propertySet.setString("bamboo.user.contact.preference", str2);
        }
        if (str3 != null) {
            propertySet.setString("bamboo.user.contact.transportPreference", str3);
        }
    }

    private void cannotAlterPassword(String str, EntityException entityException) {
        String str2 = "Could not alter password for user " + str;
        log.error(str2, entityException);
        throw new IllegalArgumentException(str2, entityException);
    }

    private void setUserGroups(User user, List<String> list) {
        ArrayList arrayList = new ArrayList();
        Pager<Group> groups = getGroups(user);
        if (groups != null && !groups.isEmpty()) {
            for (Group group : groups) {
                if (!isReadOnly(group)) {
                    arrayList.add(group.getName());
                }
            }
        }
        ArrayList arrayList2 = new ArrayList();
        if (list != null && !list.isEmpty()) {
            for (String str : list) {
                Group group2 = getGroup(str);
                if (group2 != null && !isReadOnly(group2)) {
                    arrayList2.add(str);
                }
            }
        }
        Collection subtractNewList = subtractNewList(arrayList, arrayList2);
        if (subtractNewList != null && !subtractNewList.isEmpty()) {
            Iterator it = subtractNewList.iterator();
            while (it.hasNext()) {
                removeMembership((String) it.next(), user.getName());
            }
        }
        Collection subtractNewList2 = subtractNewList(arrayList2, arrayList);
        if (subtractNewList2 == null || subtractNewList2.isEmpty()) {
            return;
        }
        Iterator it2 = subtractNewList2.iterator();
        while (it2.hasNext()) {
            addMembership((String) it2.next(), user.getName());
        }
    }

    public void removeUser(User user) {
        removeLinkedAuthorForUser(user);
        removePrincipalPermission(new PrincipalSid(user.getName()));
        super.removeUser(user);
    }

    public void removeGroup(Group group) {
        removePrincipalPermission(new GroupPrincipalSid(group.getName()));
        super.removeGroup(group);
    }

    private void removeLinkedAuthorForUser(User user) {
        for (EntityObject entityObject : this.authorDao.getLinkedAuthorsForUser(user)) {
            entityObject.setLinkedUserName((String) null);
            this.authorDao.save(entityObject);
        }
    }

    private void removePrincipalPermission(Sid sid) {
        for (AccessControlEntry accessControlEntry : this.aclDao.findAcesForSid(sid)) {
            MutableAcl acl = accessControlEntry.getAcl();
            acl.deleteAce(accessControlEntry.getId());
            this.aclDao.save(acl);
        }
        List<OwnershipAcl> findAclsOwnedBySid = this.aclDao.findAclsOwnedBySid(sid);
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        PrincipalSid principalSid = authentication != null ? new PrincipalSid(authentication) : null;
        for (OwnershipAcl ownershipAcl : findAclsOwnedBySid) {
            ownershipAcl.setOwner(principalSid);
            this.aclDao.save(ownershipAcl);
        }
    }

    public List<String> getGroupNamesAsList(User user) {
        Pager groups = getGroups(user);
        return groups != null ? PagerUtils.toListOfEntityNames(groups) : Collections.emptyList();
    }

    public void setMembership(Group group, List<String> list) {
        List<String> memberNamesAsList = getMemberNamesAsList(group);
        Collection subtractNewList = subtractNewList(memberNamesAsList, list);
        if (subtractNewList != null && !subtractNewList.isEmpty()) {
            Iterator it = subtractNewList.iterator();
            while (it.hasNext()) {
                removeMembership(group, getUser((String) it.next()));
            }
        }
        Collection subtractNewList2 = subtractNewList(list, memberNamesAsList);
        if (subtractNewList2 == null || subtractNewList2.isEmpty()) {
            return;
        }
        Iterator it2 = subtractNewList2.iterator();
        while (it2.hasNext()) {
            addMembership(group, getUser((String) it2.next()));
        }
    }

    public List<String> getMemberNamesAsList(Group group) {
        Pager memberNames = getMemberNames(group);
        return memberNames != null ? PagerUtils.toList(memberNames) : Collections.emptyList();
    }

    public static <T> Collection<T> subtractNewList(Collection<T> collection, Collection<T> collection2) {
        return collection2 == null ? collection : collection == null ? Collections.emptyList() : CollectionUtils.subtract(collection, collection2);
    }

    public static String[] stringListToArray(Collection<String> collection) {
        if (collection == null || collection.isEmpty()) {
            return null;
        }
        String[] strArr = new String[collection.size()];
        int i = 0;
        Iterator<String> it = collection.iterator();
        while (it.hasNext()) {
            strArr[i] = it.next();
            i++;
        }
        return strArr;
    }

    public BambooUser injectUser(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) {
        try {
            User createUser = getUserManager().createUser(str.toLowerCase());
            createUser.setPassword(str2);
            createUser.setEmail(str3);
            createUser.setFullName(str4);
            getUserManager().saveUser(createUser);
            PropertySet propertySet = getPropertySet(createUser);
            if (str5 != null) {
                propertySet.setString("bamboo.user.contact.jabber", str5);
            }
            if (str6 != null) {
                propertySet.setString("bamboo.user.contact.preference", str6);
            }
            if (str7 != null) {
                propertySet.setString("bamboo.user.contact.transportPreference", str7);
            }
            if (str8 != null) {
                propertySet.setString("bamboo.user.ide.port", str8);
            } else {
                propertySet.setString("bamboo.user.ide.port", "51235");
            }
            return new DefaultBambooUser(createUser);
        } catch (EntityException e) {
            throw new InfrastructureException(e);
        }
    }

    public boolean isDeletable(User user) {
        List findCommentByUser = this.commentDao.findCommentByUser(user.getName());
        if (findCommentByUser != null && !findCommentByUser.isEmpty()) {
            return false;
        }
        List findLabellingByUser = this.labelDao.findLabellingByUser(user.getName());
        return (findLabellingByUser == null || findLabellingByUser.isEmpty()) && !isReadOnly(user);
    }

    public boolean isReadOnly(User user) {
        try {
            if (!isExternalReadOnly()) {
                if (!getUserManager().isReadOnly(user)) {
                    return false;
                }
            }
            return true;
        } catch (EntityException e) {
            log.error(e, e);
            return false;
        }
    }

    protected boolean isExternalReadOnly() {
        AdministrationConfiguration administrationConfiguration = (AdministrationConfiguration) ContainerManager.getComponent("administrationConfiguration");
        return administrationConfiguration != null && administrationConfiguration.isEnableExternalUserManagement();
    }

    public boolean isReadOnly(Group group) {
        try {
            return getGroupManager().isReadOnly(group);
        } catch (EntityException e) {
            log.error(e, e);
            return false;
        }
    }

    public void setupInitialAdminUser(String str, String str2, String str3, String str4) {
        SecurityContextHolder.getContext().setAuthentication(new PrincipalAcegiUserToken("USER_TOKEN_KEY", str, str2, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_ADMIN")}, new DefaultBambooUser(addUser(str, str2, str3, str4, new String[]{"bamboo-admin"}))));
        GroupPrincipalSid groupPrincipalSid = new GroupPrincipalSid("bamboo-admin");
        HibernateAclImpl hibernateAclImpl = new HibernateAclImpl(new HibernateObjectIdentityImpl(GlobalApplicationSecureObject.INSTANCE), (Acl) null, true, groupPrincipalSid);
        hibernateAclImpl.setAclAuthorizationStrategy(this.aclAuthorizationStrategy);
        hibernateAclImpl.insertAce((Serializable) null, BambooPermission.ADMINISTRATION, groupPrincipalSid, true);
        hibernateAclImpl.insertAce((Serializable) null, BambooPermission.CREATE, groupPrincipalSid, true);
        hibernateAclImpl.insertAce((Serializable) null, BambooPermission.READ, groupPrincipalSid, true);
        hibernateAclImpl.insertAce((Serializable) null, BambooPermission.READ, new GrantedAuthoritySid("ROLE_USER"), true);
        hibernateAclImpl.insertAce((Serializable) null, BambooPermission.READ, new GrantedAuthoritySid("ROLE_ANONYMOUS"), true);
        this.aclService.updateAcl(hibernateAclImpl);
        SecurityContextHolder.clearContext();
    }

    public void setAuthorDao(AuthorDao authorDao) {
        this.authorDao = authorDao;
    }

    public void setCommentDao(CommentDao commentDao) {
        this.commentDao = commentDao;
    }

    public void setLabelDao(LabelDao labelDao) {
        this.labelDao = labelDao;
    }

    public void setAclDao(AclDao aclDao) {
        this.aclDao = aclDao;
    }

    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException, DataAccessException {
        User user = getUser(str);
        if (user != null) {
            return new DefaultBambooUser(user);
        }
        return null;
    }

    public void setAclService(MutableAclService mutableAclService) {
        this.aclService = mutableAclService;
    }

    public void setAclAuthorizationStrategy(AclAuthorizationStrategy aclAuthorizationStrategy) {
        this.aclAuthorizationStrategy = aclAuthorizationStrategy;
    }

    public void setLoginInformationManager(LoginInformationManager loginInformationManager) {
        this.loginInformationManager = loginInformationManager;
    }
}
