package com.cenqua.fisheye.user;

import com.cenqua.crucible.model.Principal;
import com.cenqua.crucible.model.managers.CrucibleUserManager;
import com.cenqua.fisheye.AppConfig;
import com.cenqua.fisheye.LicensePolicyException;
import com.cenqua.fisheye.config.ConfigException;
import com.cenqua.fisheye.config.DB0Handle;
import com.cenqua.fisheye.config1.ConfigDocument;
import com.cenqua.fisheye.config1.SecurityType;
import com.cenqua.fisheye.infinitydb.InfinityDbHandle;
import com.cenqua.fisheye.license.LicenseException;
import com.cenqua.fisheye.license.LicenseInfo;
import com.cenqua.fisheye.logging.Logs;
import com.cenqua.fisheye.rep.DbException;
import com.cenqua.fisheye.rep.RepositoryHandle;
import com.cenqua.fisheye.user.BaseAuth;
import com.cenqua.fisheye.user.crowd.CrowdAuth;
import com.cenqua.fisheye.user.ldap.LDAPAuth;
import com.cenqua.fisheye.user.os.HostAuth;
import com.cenqua.fisheye.util.MD5;
import com.cenqua.fisheye.util.StringUtil;
import com.cenqua.fisheye.web.PreferenceManager;
import com.cenqua.fisheye.web.Watch;
import com.cenqua.fisheye.web.WatchEAV;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Random;
import java.util.TreeSet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.jsp.JspContext;

/* loaded from: input_file:fecru-2.1.0.M1/fisheye.jar:com/cenqua/fisheye/user/UserManager.class */
public class UserManager {
    private final AuthSynchroniser authSynch;
    public static final String USER_ATTR_KEY = "feuser";
    private static final String LASTUSER_SESSION_KEY = UserManager.class.getName() + ".LAST_USER";
    public static final String REMEMBERME_COOKIE_NAME = "remember";
    private static final int REMEMBERME_COOKIE_AGE = 31536000;
    private static final Random RANDOM;
    private static final int NRANDOM_BYTES = 16;
    private final DB0Handle dbHandle;
    private BaseAuth mAuth;
    private final AdminUserConfig adminUserConfig;
    private boolean mAutoImport = false;
    private Integer userCountCache = null;
    private final Object userCountCacheLock = new Object();

    /* loaded from: input_file:fecru-2.1.0.M1/fisheye.jar:com/cenqua/fisheye/user/UserManager$LastLogin.class */
    public static class LastLogin {
        public final String username;
        public final long tsCreated = System.currentTimeMillis();

        public LastLogin(String str) {
            this.username = str;
        }
    }

    public UserManager(DB0Handle dB0Handle, ConfigDocument.Config config, AdminUserConfig adminUserConfig) throws ConfigException, DbException {
        this.dbHandle = dB0Handle;
        this.adminUserConfig = adminUserConfig;
        upgradeData();
        this.authSynch = new AuthSynchroniser(this);
        reload(config);
    }

    public void startAuthSynch() {
        this.authSynch.startSynchroniser();
    }

    public void stopAuthSynch() {
        this.authSynch.stopSynchroniser();
    }

    public void notifyLicenseUpdate() {
        try {
            updateCrucibleUserCount();
        } catch (DbException e) {
            Logs.APP_LOG.error("Failed to update Crucible user count from updated license", e);
        }
    }

    private void upgradeData() throws DbException {
        updateCrucibleUserCount();
    }

    private void updateCrucibleUserCount() throws DbException {
        if (AppConfig.isCrucible()) {
            final LicenseInfo license = AppConfig.getsConfig().getLicense();
            if (license != null) {
                this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // com.cenqua.fisheye.config.DB0Handle.Writer
                    public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                        new FEUserEAV(infinityDbHandle.get()).updateInitialCrucibleUsers(license.getCrucibleLicense().isNumberOfUsersLimited() ? license.getCrucibleLicense().getMaxCrucibleUsers() : Integer.MAX_VALUE);
                        return null;
                    }
                });
            } else {
                Logs.APP_LOG.warn("No license info available, not updating Crucible user count.");
            }
        }
    }

    public void reload(ConfigDocument.Config config) throws ConfigException {
        stopAuthSynch();
        if (this.mAuth != null) {
            this.mAuth.close();
            this.mAuth = null;
            this.mAutoImport = false;
        }
        SecurityType security = config.getSecurity();
        if (security.isSetLdap()) {
            this.mAuth = new LDAPAuth(security.getLdap());
            this.mAutoImport = this.mAuth.getAutoAdd();
        } else if (security.isSetHostAuth()) {
            this.mAuth = new HostAuth(security.getHostAuth());
            this.mAutoImport = this.mAuth.getAutoAdd();
        } else if (security.isSetAjp()) {
            this.mAuth = new AJPAuth(security.getAjp());
            this.mAutoImport = this.mAuth.getAutoAdd();
        } else if (security.isSetCrowd()) {
            this.mAuth = new CrowdAuth(security.getCrowd());
            this.mAutoImport = this.mAuth.getAutoAdd();
        } else if (security.isSetCustom()) {
            this.mAuth = new CustomAuth(security.getCustom());
            this.mAutoImport = this.mAuth.getAutoAdd();
        } else {
            this.mAuth = null;
            this.mAutoImport = false;
        }
        if (this.mAuth == null || !this.mAuth.isResync()) {
            return;
        }
        this.authSynch.setInterval(this.mAuth.getResyncPeriod());
        startAuthSynch();
    }

    public UserLogin validateCurrentUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        UserLogin currentUser = getCurrentUser(httpServletRequest);
        if (currentUser != null) {
            try {
                if (!userExists(currentUser.getUserName())) {
                    clearLoginTokens(currentUser, httpServletRequest, httpServletResponse);
                    return null;
                }
            } catch (DbException e) {
                Logs.APP_LOG.warn("Problem logging user out", e);
                return null;
            }
        }
        if (currentUser != null && this.mAuth != null && currentUser.getAuthTok().getAuthType() != this.mAuth.getAuthType()) {
            return currentUser;
        }
        if (currentUser != null && this.mAuth != null) {
            if (!this.mAuth.isRequestUserStillValid(currentUser, currentUser.getAuthTok(), httpServletRequest, httpServletResponse)) {
                try {
                    clearLoginTokens(currentUser, httpServletRequest, httpServletResponse);
                    return null;
                } catch (DbException e2) {
                    Logs.APP_LOG.warn("Problem logging user out", e2);
                    return null;
                }
            }
        }
        return currentUser;
    }

    public UserLogin getCurrentUser(HttpServletRequest httpServletRequest) {
        UserLogin userLogin = (UserLogin) httpServletRequest.getAttribute(USER_ATTR_KEY);
        if (userLogin != null) {
            return userLogin;
        }
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            return null;
        }
        return (UserLogin) session.getAttribute(USER_ATTR_KEY);
    }

    public UserLogin getCurrentUser(JspContext jspContext) {
        UserLogin userLogin = (UserLogin) jspContext.getAttribute(USER_ATTR_KEY, 2);
        if (userLogin != null) {
            return userLogin;
        }
        try {
            userLogin = (UserLogin) jspContext.getAttribute(USER_ATTR_KEY, 3);
        } catch (IllegalStateException e) {
        }
        return userLogin;
    }

    public LoginCookie preCookUrl(HttpServletRequest httpServletRequest, final String str, final boolean z) throws DbException {
        final UserLogin currentUser = getCurrentUser(httpServletRequest);
        if (currentUser == null) {
            return null;
        }
        return (LoginCookie) this.dbHandle.write(new DB0Handle.Writer<LoginCookie>() { // from class: com.cenqua.fisheye.user.UserManager.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public LoginCookie write(InfinityDbHandle infinityDbHandle) throws DbException {
                return new LoginEAV(infinityDbHandle.get()).addPreCookedUrlCookie(currentUser.getUsername(), UserManager.this.makeSecureRnd(), str, z);
            }
        });
    }

    public UserLogin login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, boolean z) throws DbException, LicensePolicyException {
        if (str2 == null || "".equals(str2)) {
            return null;
        }
        return loginWithSanitizedUserName(httpServletRequest, httpServletResponse, sanitize(str), str2, z);
    }

    private UserLogin loginWithSanitizedUserName(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, final String str, String str2, boolean z) throws DbException, LicensePolicyException {
        BaseAuth.AuthTok checkPassword;
        FEUser orImportUser = getOrImportUser(httpServletRequest, httpServletResponse, str, str2);
        if (orImportUser == null) {
            return null;
        }
        if (orImportUser.getAuthType() == 1) {
            String passwordHash = orImportUser.getPasswordHash();
            if (passwordHash == null || !MD5.hash(str2).equalsIgnoreCase(passwordHash)) {
                return null;
            }
            checkPassword = new BaseAuth.BuiltInAuthTok(orImportUser);
        } else {
            if (this.mAuth == null || this.mAuth.getAuthType() != orImportUser.getAuthType()) {
                Logs.APP_LOG.warn("cannot authenticate user " + str + " because user's auth type " + orImportUser.getAuthType() + " is not configured");
                return null;
            }
            checkPassword = this.mAuth.checkPassword(str, str2, httpServletRequest, httpServletResponse);
            if (checkPassword == null) {
                return null;
            }
        }
        LoginCookie loginCookie = null;
        if (z) {
            loginCookie = (LoginCookie) this.dbHandle.write(new DB0Handle.Writer<LoginCookie>() { // from class: com.cenqua.fisheye.user.UserManager.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // com.cenqua.fisheye.config.DB0Handle.Writer
                public LoginCookie write(InfinityDbHandle infinityDbHandle) throws DbException {
                    return new LoginEAV(infinityDbHandle.get()).addRememberMeCookie(str, UserManager.this.makeSecureRnd());
                }
            });
        }
        return doLogin(httpServletRequest, httpServletResponse, orImportUser, checkPassword, loginCookie);
    }

    public UserLogin login(final HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, final LoginCookieToken loginCookieToken) throws DbException {
        LoginCookie loginCookie;
        FEUser user;
        BaseAuth.AuthTok recreateAuth;
        if (loginCookieToken == null || (loginCookie = (LoginCookie) this.dbHandle.write(new DB0Handle.Writer<LoginCookie>() { // from class: com.cenqua.fisheye.user.UserManager.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public LoginCookie write(InfinityDbHandle infinityDbHandle) throws DbException {
                LoginEAV loginEAV = new LoginEAV(infinityDbHandle.get());
                LoginCookie findCookie = loginEAV.findCookie(loginCookieToken.getUsername(), loginCookieToken.getLoginId());
                if (findCookie == null) {
                    return null;
                }
                if (!findCookie.matches(loginCookieToken, httpServletRequest)) {
                    Logs.APP_LOG.info("attempt to login using expired/invalid token " + loginCookieToken.getUsername() + " from " + httpServletRequest.getRemoteAddr() + " to URL " + httpServletRequest.getRequestURI());
                    return null;
                }
                if (findCookie.getType() == 1) {
                    findCookie.setRnd(UserManager.this.makeSecureRnd());
                    loginEAV.updateCookie(findCookie);
                }
                return findCookie;
            }
        })) == null || (user = getUser(loginCookie.getUsername())) == null) {
            return null;
        }
        if (user.getAuthType() == 1) {
            recreateAuth = new BaseAuth.BuiltInAuthTok(user);
        } else {
            if (this.mAuth == null || this.mAuth.getAuthType() != user.getAuthType()) {
                Logs.APP_LOG.warn("cannot authenticate user " + user.getUsername() + " because user's auth type " + user.getAuthType() + " is not configured");
                return null;
            }
            recreateAuth = this.mAuth.recreateAuth(user.getUsername());
            if (recreateAuth == null) {
                Logs.APP_LOG.info("cannot re-authenticate user " + user.getUsername() + " they will need to login again");
                return null;
            }
        }
        return doLogin(httpServletRequest, httpServletResponse, user, recreateAuth, loginCookie);
    }

    private FEUser getOrImportDelegatedUser(BaseAuth.AuthTok authTok) throws DbException, LicensePolicyException {
        FEUser user = getUser(sanitize(authTok.getUsername()));
        if (user == null && this.mAutoImport) {
            user = importUser(authTok);
        }
        return user;
    }

    private FEUser getOrImportUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) throws DbException, LicensePolicyException {
        BaseAuth.AuthTok checkPassword;
        String sanitize = sanitize(str);
        FEUser user = getUser(sanitize);
        if (user == null && this.mAutoImport && (checkPassword = this.mAuth.checkPassword(sanitize, str2, httpServletRequest, httpServletResponse)) != null) {
            user = importUser(checkPassword);
        }
        return user;
    }

    private FEUser importUser(BaseAuth.AuthTok authTok) throws DbException, LicensePolicyException {
        Logs.APP_LOG.info("auto-import user: " + authTok.getUsername());
        FEUser fEUser = new FEUser(sanitize(authTok.getUsername()));
        fEUser.setEmail(authTok.getEmail());
        fEUser.setDisplayName(authTok.getDisplayName());
        fEUser.setAuthType(this.mAuth.getAuthType());
        addUserImpl(fEUser, null);
        return fEUser;
    }

    private FEUser reimportUser(BaseAuth.AuthTok authTok) throws DbException, LicensePolicyException {
        Logs.APP_LOG.info("auto-reimport user: " + authTok.getUsername());
        FEUser user = getUser(sanitize(authTok.getUsername()));
        user.setEmail(authTok.getEmail());
        user.setDisplayName(authTok.getDisplayName());
        user.setAuthType(this.mAuth.getAuthType());
        updateUser(user);
        return user;
    }

    public void resyncAuth() throws Exception {
        resyncAuth(false);
    }

    public void resyncAuth(boolean z) throws Exception {
        BaseAuth.AuthTok recreateAuth;
        if (this.mAuth == null) {
            return;
        }
        List<String> allUserNames = this.mAuth.getAllUserNames();
        LinkedHashSet<String> linkedHashSet = new LinkedHashSet(allUserNames.size());
        Iterator<String> it2 = allUserNames.iterator();
        while (it2.hasNext()) {
            linkedHashSet.add(sanitize(it2.next()));
        }
        if (linkedHashSet == null || linkedHashSet.size() <= 0) {
            Logs.APP_LOG.info("not resynchronising users: no users found on " + FEUser.AUTH_NAMES.get(this.mAuth.getAuthType()) + " server");
            return;
        }
        Logs.APP_LOG.info("resynchronising users with " + FEUser.AUTH_NAMES.get(this.mAuth.getAuthType()));
        Iterator<String> it3 = getAllUsernames().iterator();
        while (it3.hasNext()) {
            String sanitize = sanitize(it3.next());
            if (!linkedHashSet.contains(sanitize)) {
                FEUser user = getUser(sanitize);
                if (user.getAuthType() == this.mAuth.getAuthType()) {
                    deleteUser(user);
                    Logs.APP_LOG.info("deleted user " + sanitize);
                }
            }
        }
        for (String str : linkedHashSet) {
            FEUser user2 = getUser(str);
            if (user2 == null) {
                BaseAuth.AuthTok recreateAuth2 = this.mAuth.recreateAuth(str);
                if (recreateAuth2 != null) {
                    importUser(recreateAuth2);
                }
            } else if (user2.getAuthType() != this.mAuth.getAuthType()) {
                Logs.APP_LOG.warn("Could not import user '" + str + "'. User already exists on " + FEUser.AUTH_NAMES.get(user2.getAuthType()));
            } else if (z && (recreateAuth = this.mAuth.recreateAuth(str)) != null) {
                reimportUser(recreateAuth);
            }
        }
    }

    public UserLogin tryRequestDelegatedLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws DbException, LicensePolicyException {
        BaseAuth.AuthTok checkRequest;
        FEUser orImportDelegatedUser;
        if (this.mAuth == null || (checkRequest = this.mAuth.checkRequest(httpServletRequest, httpServletResponse)) == null || (orImportDelegatedUser = getOrImportDelegatedUser(checkRequest)) == null) {
            return null;
        }
        if (this.mAuth.getAuthType() != orImportDelegatedUser.getAuthType()) {
            Logs.APP_LOG.warn("cannot authenticate user " + orImportDelegatedUser.getUsername() + " because user's auth type " + orImportDelegatedUser.getAuthType() + " is not what is configured, " + this.mAuth.getAuthType());
            return null;
        }
        UserLogin userLogin = new UserLogin(orImportDelegatedUser, checkRequest, null);
        httpServletRequest.setAttribute(USER_ATTR_KEY, userLogin);
        PreferenceManager.touchCookie(httpServletRequest, httpServletResponse);
        httpServletRequest.getSession(true).setAttribute(USER_ATTR_KEY, userLogin);
        return userLogin;
    }

    public UserLogin createTrustedUserLogin(String str, boolean z, boolean z2) throws LicensePolicyException, DbException {
        UserLogin createTrustedUserLoginImpl = createTrustedUserLoginImpl(str, z2);
        if (!z && createTrustedUserLoginImpl == null) {
            createTrustedUserLoginImpl = createTrustedUserLoginImpl(sanitize(str), z2);
        }
        return createTrustedUserLoginImpl;
    }

    public UserLogin createTrustedUserLogin(String str) throws DbException, LicensePolicyException {
        return createTrustedUserLogin(str, true, true);
    }

    private UserLogin createTrustedUserLoginImpl(String str, boolean z) throws DbException, LicensePolicyException {
        BaseAuth.AuthTok recreateAuth;
        FEUser user = getUser(str);
        if (user != null && user.getAuthType() == 1) {
            return new UserLogin(user, new BaseAuth.BuiltInAuthTok(user), null);
        }
        if (this.mAuth == null || (recreateAuth = this.mAuth.recreateAuth(str)) == null) {
            return null;
        }
        if (user == null) {
            if (!z) {
                return null;
            }
            user = getOrImportDelegatedUser(recreateAuth);
        }
        return new UserLogin(user, recreateAuth, null);
    }

    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws DbException {
        UserLogin currentUser = getCurrentUser(httpServletRequest);
        clearLoginTokens(currentUser, httpServletRequest, httpServletResponse);
        if (currentUser == null || this.mAuth == null) {
            return;
        }
        this.mAuth.logout(currentUser, httpServletRequest, httpServletResponse);
    }

    private void clearLoginTokens(UserLogin userLogin, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws DbException {
        httpServletRequest.removeAttribute(USER_ATTR_KEY);
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            session.removeAttribute(USER_ATTR_KEY);
            if (userLogin != null) {
                session.setAttribute(LASTUSER_SESSION_KEY, new LastLogin(userLogin.getUsername()));
            }
        }
        PreferenceManager.touchCookie(httpServletRequest, httpServletResponse);
        Cookie newRememberMeHttpCookie = newRememberMeHttpCookie(httpServletRequest, "");
        newRememberMeHttpCookie.setMaxAge(0);
        httpServletResponse.addCookie(newRememberMeHttpCookie);
        if (userLogin == null || userLogin.getCookie() == null) {
            return;
        }
        final LoginCookie cookie = userLogin.getCookie();
        this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.5
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                new LoginEAV(infinityDbHandle.get()).invalidateCookie(cookie.getUsername(), cookie.getLoginId());
                return null;
            }
        });
    }

    public void logout2(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z, boolean z2) throws DbException {
        LastLogin lastLogin;
        PreferenceManager.touchCookie(httpServletRequest, httpServletResponse);
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null || (lastLogin = (LastLogin) session.getAttribute(LASTUSER_SESSION_KEY)) == null) {
            return;
        }
        session.removeAttribute(LASTUSER_SESSION_KEY);
        session.invalidate();
        if (System.currentTimeMillis() > lastLogin.tsCreated + 120000) {
            return;
        }
        String str = lastLogin.username;
        Logs.APP_LOG.debug("level2 logout for " + str);
        logout2User(str, z, z2);
    }

    public void logout2User(final String str, final boolean z, final boolean z2) throws DbException {
        this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.6
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                LoginEAV loginEAV = new LoginEAV(infinityDbHandle.get());
                if (z) {
                    loginEAV.invalidateCookies(str, 1);
                }
                if (!z2) {
                    return null;
                }
                loginEAV.invalidateCookies(str, 2);
                return null;
            }
        });
    }

    private UserLogin doLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FEUser fEUser, BaseAuth.AuthTok authTok, LoginCookie loginCookie) {
        boolean z = loginCookie != null && loginCookie.getType() == 1;
        boolean z2 = loginCookie != null && loginCookie.getType() == 2;
        if (z) {
            Cookie newRememberMeHttpCookie = newRememberMeHttpCookie(httpServletRequest, loginCookie.encode());
            newRememberMeHttpCookie.setMaxAge(REMEMBERME_COOKIE_AGE);
            httpServletResponse.addCookie(newRememberMeHttpCookie);
        } else {
            Cookie newRememberMeHttpCookie2 = newRememberMeHttpCookie(httpServletRequest, "");
            newRememberMeHttpCookie2.setMaxAge(0);
            httpServletResponse.addCookie(newRememberMeHttpCookie2);
        }
        UserLogin userLogin = new UserLogin(fEUser, authTok, loginCookie);
        if (z2) {
            httpServletRequest.setAttribute(USER_ATTR_KEY, userLogin);
        } else {
            PreferenceManager.touchCookie(httpServletRequest, httpServletResponse);
            httpServletRequest.getSession(true).setAttribute(USER_ATTR_KEY, userLogin);
        }
        return userLogin;
    }

    private static Cookie newRememberMeHttpCookie(HttpServletRequest httpServletRequest, String str) {
        Cookie cookie = new Cookie(REMEMBERME_COOKIE_NAME, str + ";httpOnly");
        String contextPath = httpServletRequest.getContextPath();
        if (contextPath.length() == 0) {
            contextPath = "/";
        }
        cookie.setPath(contextPath);
        return cookie;
    }

    public String makeSecureRnd() {
        byte[] bArr = new byte[16];
        synchronized (RANDOM) {
            RANDOM.nextBytes(bArr);
        }
        return MD5.hexEncode(bArr);
    }

    public String makeSecureRnd(int i) {
        byte[] bArr = new byte[i];
        synchronized (RANDOM) {
            RANDOM.nextBytes(bArr);
        }
        return MD5.hexEncode(bArr).substring(0, i);
    }

    public List<String> getAllUsernames() throws DbException {
        return (List) this.dbHandle.read(new DB0Handle.Reader<List<String>>() { // from class: com.cenqua.fisheye.user.UserManager.7
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Reader
            public List<String> read(InfinityDbHandle infinityDbHandle) throws DbException {
                return new FEUserEAV(infinityDbHandle.get()).listAllUserNames();
            }
        });
    }

    public List<String> getAllCrucibleEnabledUsernames() throws DbException {
        return (List) this.dbHandle.read(new DB0Handle.Reader<List<String>>() { // from class: com.cenqua.fisheye.user.UserManager.8
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Reader
            public List<String> read(InfinityDbHandle infinityDbHandle) throws DbException {
                return new FEUserEAV(infinityDbHandle.get()).listAllCrucibleUserNames();
            }
        });
    }

    public List<String> getGroupsForUser(final String str) throws DbException {
        List<String> list = (List) this.dbHandle.read(new DB0Handle.Reader<List<String>>() { // from class: com.cenqua.fisheye.user.UserManager.9
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Reader
            public List<String> read(InfinityDbHandle infinityDbHandle) throws DbException {
                return new ArrayList(new FEGroupEAV(infinityDbHandle.get()).listGroupsForUser(str));
            }
        });
        FEUser user = getUser(str);
        if (user != null && this.mAuth != null && user.getAuthType() == this.mAuth.getAuthType() && this.mAuth.supportsGroups()) {
            list.addAll(this.mAuth.getGroupsForUser(str));
        }
        return list;
    }

    private boolean userInAnyGroup(UserLogin userLogin, List<String> list) throws DbException {
        String userName = userLogin.getUserName();
        Iterator<String> it2 = list.iterator();
        while (it2.hasNext()) {
            if (isUserInGroup(it2.next(), userName)) {
                return true;
            }
        }
        return false;
    }

    public boolean isUserInGroup(final String str, final String str2) throws DbException {
        if (((Boolean) this.dbHandle.read(new DB0Handle.Reader<Boolean>() { // from class: com.cenqua.fisheye.user.UserManager.10
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Reader
            public Boolean read(InfinityDbHandle infinityDbHandle) throws DbException {
                return Boolean.valueOf(new FEGroupEAV(infinityDbHandle.get()).isUserInGroup(str, str2));
            }
        })).booleanValue()) {
            return true;
        }
        if (this.mAuth == null || !this.mAuth.supportsGroups()) {
            return false;
        }
        return this.mAuth.isUserInGroup(str, str2);
    }

    public Map<String, GroupInfo> getGroupInfos() throws DbException {
        List<String> list = (List) this.dbHandle.read(new DB0Handle.Reader<List<String>>() { // from class: com.cenqua.fisheye.user.UserManager.11
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Reader
            public List<String> read(InfinityDbHandle infinityDbHandle) throws DbException {
                return new FEGroupEAV(infinityDbHandle.get()).listGroups();
            }
        });
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (String str : list) {
            GroupInfo groupInfo = new GroupInfo(str);
            groupInfo.setBuiltin(true);
            linkedHashMap.put(str, groupInfo);
        }
        if (this.mAuth != null && this.mAuth.supportsGroups()) {
            String str2 = FEUser.AUTH_NAMES.get(this.mAuth.getAuthType());
            for (String str3 : this.mAuth.listGroups()) {
                GroupInfo groupInfo2 = (GroupInfo) linkedHashMap.get(str3);
                if (groupInfo2 == null) {
                    groupInfo2 = new GroupInfo(str3);
                    linkedHashMap.put(str3, groupInfo2);
                }
                groupInfo2.setExternalSource(str2);
            }
        }
        return linkedHashMap;
    }

    public boolean builtInGroupExists(final String str) throws DbException {
        return ((Boolean) this.dbHandle.read(new DB0Handle.Reader<Boolean>() { // from class: com.cenqua.fisheye.user.UserManager.12
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Reader
            public Boolean read(InfinityDbHandle infinityDbHandle) throws DbException {
                return Boolean.valueOf(new FEGroupEAV(infinityDbHandle.get()).groupExists(str));
            }
        })).booleanValue();
    }

    public void addBuiltInGroup(final String str) throws DbException {
        this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.13
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                new FEGroupEAV(infinityDbHandle.get()).addGroup(str);
                return null;
            }
        });
    }

    public void deleteBuiltInGroup(final String str) throws DbException {
        this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.14
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                new FEGroupEAV(infinityDbHandle.get()).deleteGroup(str);
                return null;
            }
        });
    }

    public void addUserToBuiltInGroup(final String str, final String str2) throws DbException {
        this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.15
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                new FEGroupEAV(infinityDbHandle.get()).addUserToGroup(str, str2);
                return null;
            }
        });
    }

    public void removeUserFromBuiltInGroup(final String str, final String str2) throws DbException {
        this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.16
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                new FEGroupEAV(infinityDbHandle.get()).removeUserFromGroup(str, str2);
                return null;
            }
        });
    }

    public List<String> getUsersInGroup(final String str) throws DbException {
        return (List) this.dbHandle.write(new DB0Handle.Writer<List<String>>() { // from class: com.cenqua.fisheye.user.UserManager.17
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public List<String> write(InfinityDbHandle infinityDbHandle) throws DbException {
                TreeSet treeSet = new TreeSet(new FEGroupEAV(infinityDbHandle.get()).listUsersForGroup(str));
                if (UserManager.this.mAuth != null && UserManager.this.mAuth.supportsGroups()) {
                    FEUserEAV fEUserEAV = new FEUserEAV(infinityDbHandle.get());
                    for (String str2 : UserManager.this.mAuth.getUsersInGroup(str)) {
                        if (fEUserEAV.usernameExists(str2)) {
                            treeSet.add(str2);
                        }
                    }
                }
                return new ArrayList(treeSet);
            }
        });
    }

    public int getUserCount() throws DbException {
        int size;
        Integer num = this.userCountCache;
        if (num != null) {
            return num.intValue();
        }
        synchronized (this.userCountCacheLock) {
            size = getAllUsernames().size();
            this.userCountCache = Integer.valueOf(size);
        }
        return size;
    }

    public void renameUser(final String str, String str2) throws DbException {
        final String sanitize = sanitize(str2);
        this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.18
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                FEUserEAV fEUserEAV = new FEUserEAV(infinityDbHandle.get());
                if (!fEUserEAV.usernameExists(str)) {
                    throw new DbException("User " + str + " does not exist.");
                }
                if (fEUserEAV.usernameExists(sanitize)) {
                    throw new DbException("User " + sanitize + " already exists.");
                }
                new UserRenamer(infinityDbHandle.get()).rename(str, sanitize);
                return null;
            }
        });
    }

    public void addUser(FEUser fEUser, String str) throws DbException, LicensePolicyException {
        sanitize(fEUser);
        addUserImpl(fEUser, str);
    }

    private void addUserImpl(final FEUser fEUser, final String str) throws DbException, LicensePolicyException {
        this.dbHandle.write(new DB0Handle.WriterE<Void, LicensePolicyException>() { // from class: com.cenqua.fisheye.user.UserManager.19
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.WriterE
            public Void write(InfinityDbHandle infinityDbHandle) throws LicensePolicyException, DbException {
                if (UserManager.this.userExists(fEUser.getUsername())) {
                    throw new DbException("User named " + fEUser.getUsername() + " already exists.");
                }
                LicenseInfo license = AppConfig.getsConfig().getLicense();
                if (license == null || license.getFisheyeLicense() == null) {
                    throw new LicensePolicyException("Could not add user " + fEUser.getUsername() + ". Your FishEye license is missing or invalid.");
                }
                if (license.getFisheyeLicense().isNumberOfUsersLimited()) {
                    int userCount = UserManager.this.getUserCount();
                    int maxNumberOfUsers = license.getFisheyeLicense().getMaxNumberOfUsers();
                    if (userCount >= maxNumberOfUsers) {
                        throw new LicensePolicyException("Could not add user " + fEUser.getUsername() + ". Your license does not permit more than " + maxNumberOfUsers + " users.");
                    }
                }
                FEUserEAV fEUserEAV = new FEUserEAV(infinityDbHandle.get());
                fEUser.setPasswordHash(str == null ? null : MD5.hash(str));
                fEUserEAV.update(fEUser);
                if (AppConfig.isCrucible()) {
                    try {
                        UserManager.this.setCrucibleEnabled(fEUser.getUsername(), true);
                    } catch (LicenseException e) {
                        Logs.APP_LOG.info("Newly-added user " + fEUser.getUsername() + " could not be made a Crucible user:" + e.getMessage());
                    }
                    Logs.APP_LOG.debug("adding user to DB");
                    try {
                        CrucibleUserManager.createUser(fEUser.getUsername());
                    } catch (Exception e2) {
                        throw new DbException("Unexpected error adding user named " + fEUser.getUsername() + " to the crucible database.", e2);
                    }
                }
                synchronized (UserManager.this.userCountCacheLock) {
                    UserManager.this.userCountCache = null;
                }
                return null;
            }
        });
    }

    private void sanitize(FEUser fEUser) {
        fEUser.setUsername(sanitize(fEUser.getUsername()));
    }

    private String sanitize(String str) {
        if (str == null) {
            return null;
        }
        return forceLowercase() ? str.toLowerCase(Locale.US) : str;
    }

    private boolean forceLowercase() {
        ConfigDocument.Config config = AppConfig.getsConfig().getConfig();
        if (config.isSetSecurity() && config.getSecurity().isSetUsernames()) {
            return config.getSecurity().getUsernames().getForceLowercase();
        }
        return false;
    }

    public void changePassword(final FEUser fEUser, final String str) throws DbException {
        this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.20
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                FEUserEAV fEUserEAV = new FEUserEAV(infinityDbHandle.get());
                fEUser.setPasswordHash(str == null ? null : MD5.hash(str));
                fEUserEAV.update(fEUser);
                return null;
            }
        });
    }

    public void updateUser(final FEUser fEUser) throws DbException {
        this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.21
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                new FEUserEAV(infinityDbHandle.get()).update(fEUser);
                return null;
            }
        });
    }

    public boolean userExists(final String str) throws DbException {
        return ((Boolean) this.dbHandle.read(new DB0Handle.Reader<Boolean>() { // from class: com.cenqua.fisheye.user.UserManager.22
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Reader
            public Boolean read(InfinityDbHandle infinityDbHandle) throws DbException {
                return Boolean.valueOf(new FEUserEAV(infinityDbHandle.get()).usernameExists(str));
            }
        })).booleanValue();
    }

    public static boolean userExistsForName(String str) throws DbException {
        return AppConfig.getsConfig().getUserManager().userExists(str);
    }

    public static FEUser getUserByName(String str) throws DbException {
        return AppConfig.getsConfig().getUserManager().getUser(str);
    }

    public FEUser getUser(final String str) throws DbException {
        return (FEUser) this.dbHandle.read(new DB0Handle.Reader<FEUser>() { // from class: com.cenqua.fisheye.user.UserManager.23
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Reader
            public FEUser read(InfinityDbHandle infinityDbHandle) throws DbException {
                return new FEUserEAV(infinityDbHandle.get()).load(str);
            }
        });
    }

    public String getUsernameByEmail(final String str) throws DbException {
        return (String) this.dbHandle.read(new DB0Handle.Reader<String>() { // from class: com.cenqua.fisheye.user.UserManager.24
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Reader
            public String read(InfinityDbHandle infinityDbHandle) throws DbException {
                return new FEUserEAV(infinityDbHandle.get()).getUsernameForEmail(str);
            }
        });
    }

    public void deleteUser(final FEUser fEUser) throws DbException {
        this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.25
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                String username = fEUser.getUsername();
                WatchEAV watchEAV = new WatchEAV(infinityDbHandle.get());
                Iterator<Watch> it2 = watchEAV.getWatchesForUser(username).iterator();
                while (it2.hasNext()) {
                    watchEAV.delete(it2.next().getId());
                }
                new FEUserEAV(infinityDbHandle.get()).delete(username);
                synchronized (UserManager.this.userCountCacheLock) {
                    UserManager.this.userCountCache = null;
                }
                return null;
            }
        });
    }

    public boolean hasPermissionToAccess(Principal principal, RepositoryHandle repositoryHandle) {
        return principal != null && !Principal.Anonymous.isAnon(principal) ? hasPermissionToAccessImpl((UserLogin) principal, repositoryHandle) : repositoryHandle.getCfg().isAnonAccessAllowed();
    }

    private boolean hasPermissionToAccessImpl(UserLogin userLogin, RepositoryHandle repositoryHandle) {
        try {
            List<String> allowedGroups = repositoryHandle.getCfg().getAllowedGroups();
            if ((allowedGroups.isEmpty() && this.mAuth == null) || userInAnyGroup(userLogin, allowedGroups)) {
                return true;
            }
            if (this.mAuth == null) {
                return false;
            }
            return this.mAuth.hasPermissionToAccess(userLogin.getAuthTok(), allowedGroups.isEmpty(), repositoryHandle);
        } catch (DbException e) {
            Logs.APP_LOG.warn("Could not do group check", e);
            return false;
        }
    }

    public boolean isCrucibleEnabled(String str) throws DbException {
        FEUser user = getUser(str);
        if (user == null) {
            return false;
        }
        return user.isCrucibleEnabled();
    }

    public void setCrucibleEnabled(final String str, final boolean z) throws DbException, LicenseException {
        if (AppConfig.isCrucible()) {
            this.dbHandle.write(new DB0Handle.WriterE<Void, LicenseException>() { // from class: com.cenqua.fisheye.user.UserManager.26
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // com.cenqua.fisheye.config.DB0Handle.WriterE
                public Void write(InfinityDbHandle infinityDbHandle) throws DbException, LicenseException {
                    FEUserEAV fEUserEAV = new FEUserEAV(infinityDbHandle.get());
                    FEUser load = fEUserEAV.load(str);
                    if (load == null || load.isCrucibleEnabled() == z) {
                        return null;
                    }
                    if (!z) {
                        fEUserEAV.setCrucibleEnabled(str, false);
                        return null;
                    }
                    LicenseInfo license = AppConfig.getsConfig().getLicense();
                    if (license.getCrucibleLicense().isNumberOfUsersLimited()) {
                        int countNumberOfCrucibleUsers = fEUserEAV.countNumberOfCrucibleUsers();
                        int maxCrucibleUsers = license.getCrucibleLicense().getMaxCrucibleUsers();
                        if (countNumberOfCrucibleUsers >= maxCrucibleUsers) {
                            throw new LicenseException("You have reached your maximum of " + maxCrucibleUsers + " Crucible users.");
                        }
                    }
                    fEUserEAV.setCrucibleEnabled(str, true);
                    return null;
                }
            });
        }
    }

    public boolean isLoginPossible() throws DbException {
        return this.mAutoImport || AppConfig.getsConfig().getConfig().getSecurity().getBuiltIn().getSignup().getEnabled() || getUserCount() > 0;
    }

    public boolean hasSysAdminPrivileges(String str) throws DbException {
        return this.adminUserConfig.isAdminUser(str) || this.adminUserConfig.isInAnAdminGroup(str, AppConfig.getsConfig().getUserManager());
    }

    public boolean hasSysAdminPrivileges(HttpServletRequest httpServletRequest) throws DbException {
        UserLogin currentUser = getCurrentUser(httpServletRequest);
        return currentUser != null && hasSysAdminPrivileges(currentUser.getName());
    }

    @Deprecated
    public Map<String, Map<String, String>> getAllLegacyAuthorMappings() throws DbException {
        return (Map) this.dbHandle.read(new DB0Handle.Reader<Map<String, Map<String, String>>>() { // from class: com.cenqua.fisheye.user.UserManager.27
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Reader
            public Map<String, Map<String, String>> read(InfinityDbHandle infinityDbHandle) throws DbException {
                return new FEUserEAV(infinityDbHandle.get()).listAllMappings();
            }
        });
    }

    public void deleteMapping(final String str) throws DbException {
        this.dbHandle.write(new DB0Handle.Writer<Void>() { // from class: com.cenqua.fisheye.user.UserManager.28
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.cenqua.fisheye.config.DB0Handle.Writer
            public Void write(InfinityDbHandle infinityDbHandle) throws DbException {
                new FEUserEAV(infinityDbHandle.get()).deleteAuthorMappings(str);
                return null;
            }
        });
    }

    public static String getDisplayNameForUser(String str) {
        String str2 = "";
        try {
            str2 = AppConfig.getsConfig().getUserManager().getUser(str).getDisplayName();
        } catch (DbException e) {
            Logs.APP_LOG.warn("Could not get displayname for username [" + str + "], using username instead");
        }
        if (StringUtil.nullOrEmpty(str2)) {
            str2 = str;
        }
        return str2;
    }

    static {
        long currentTimeMillis = System.currentTimeMillis();
        RANDOM = new SecureRandom();
        RANDOM.nextBytes(new byte[1]);
        Logs.PERF_LOG.debug("created SecureRandom in " + (System.currentTimeMillis() - currentTimeMillis) + "ms");
    }
}
