package com.atlassian.jira.user.util;

import com.atlassian.application.api.ApplicationKey;
import com.atlassian.collectors.CollectorsUtil;
import com.atlassian.crowd.embedded.api.CrowdService;
import com.atlassian.crowd.embedded.api.Group;
import com.atlassian.crowd.embedded.api.User;
import com.atlassian.crowd.exception.InvalidCredentialException;
import com.atlassian.crowd.exception.OperationNotPermittedException;
import com.atlassian.crowd.exception.runtime.OperationFailedException;
import com.atlassian.crowd.search.EntityDescriptor;
import com.atlassian.crowd.search.builder.QueryBuilder;
import com.atlassian.crowd.search.query.membership.MembershipQuery;
import com.atlassian.jira.application.ApplicationRoleManager;
import com.atlassian.jira.bc.EntityNotFoundException;
import com.atlassian.jira.bc.JiraServiceContext;
import com.atlassian.jira.bc.JiraServiceContextImpl;
import com.atlassian.jira.bc.filter.SearchRequestService;
import com.atlassian.jira.bc.issue.search.SearchService;
import com.atlassian.jira.bc.license.JiraLicenseService;
import com.atlassian.jira.bc.portal.PortalPageService;
import com.atlassian.jira.bc.project.component.MutableProjectComponent;
import com.atlassian.jira.bc.project.component.ProjectComponent;
import com.atlassian.jira.bc.project.component.ProjectComponentManager;
import com.atlassian.jira.bc.projectroles.ProjectRoleService;
import com.atlassian.jira.bc.user.UserService;
import com.atlassian.jira.component.ComponentAccessor;
import com.atlassian.jira.config.properties.ApplicationProperties;
import com.atlassian.jira.entity.property.EntityPropertyType;
import com.atlassian.jira.entity.property.JsonEntityPropertyManager;
import com.atlassian.jira.exception.AddException;
import com.atlassian.jira.exception.CreateException;
import com.atlassian.jira.exception.PermissionException;
import com.atlassian.jira.exception.RemoveException;
import com.atlassian.jira.issue.comparator.UserCachingComparator;
import com.atlassian.jira.issue.search.SearchException;
import com.atlassian.jira.issue.security.IssueSecurityLevelManager;
import com.atlassian.jira.issue.subscription.SubscriptionManager;
import com.atlassian.jira.issue.vote.VoteManager;
import com.atlassian.jira.issue.watchers.WatcherManager;
import com.atlassian.jira.jql.builder.JqlQueryBuilder;
import com.atlassian.jira.license.LicenseCountService;
import com.atlassian.jira.notification.NotificationSchemeManager;
import com.atlassian.jira.notification.type.SingleUser;
import com.atlassian.jira.permission.GlobalPermissionKey;
import com.atlassian.jira.plugin.userformat.UserNameUserFormat;
import com.atlassian.jira.project.Project;
import com.atlassian.jira.project.ProjectManager;
import com.atlassian.jira.security.GlobalPermissionManager;
import com.atlassian.jira.security.PermissionManager;
import com.atlassian.jira.security.login.LoginManager;
import com.atlassian.jira.sharing.SharePermissionDeleteUtils;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.user.ApplicationUsers;
import com.atlassian.jira.user.UserDetails;
import com.atlassian.jira.user.UserHistoryManager;
import com.atlassian.jira.user.util.UserUtil;
import com.atlassian.jira.util.SimpleErrorCollection;
import com.atlassian.jira.util.dbc.Assertions;
import com.atlassian.seraph.spi.rememberme.RememberMeTokenDao;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.commons.lang3.StringUtils;
import org.ofbiz.core.entity.GenericEntityException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/jira/user/util/UserUtilImpl.class */
public class UserUtilImpl implements UserUtil {
    public static final String USERNAME = "username";
    public static final String EMAIL = "email";
    public static final String DISPLAY_NAME = "fullname";
    public static final String DIRECTORY_NAME = "directoryName";
    public static final String DIRECTORY_ID = "directoryId";
    public static final String PASSWORD_TOKEN = "password.token";
    public static final String PASSWORD_HOURS = "password.hours";
    public static final String SEND_EMAIL = "sendEmail";
    private static final Logger log = LoggerFactory.getLogger(UserUtilImpl.class);
    private final IssueSecurityLevelManager issueSecurityLevelManager;
    private final GlobalPermissionManager globalPermissionManager;
    private final CrowdService crowdService;
    private final PermissionManager permissionManager;
    private final ApplicationProperties applicationProperties;
    private final SearchService searchService;
    private final ProjectManager projectManager;
    private final ProjectRoleService projectRoleService;
    private final ProjectComponentManager componentManager;
    private final SubscriptionManager subscriptionManager;
    private final NotificationSchemeManager notificationSchemeManager;
    private final UserHistoryManager userHistoryManager;
    private final UserManager userManager;
    private final ApplicationRoleManager applicationRoleManager;
    private final JsonEntityPropertyManager jsonEntityPropertyManager;
    private final SharePermissionDeleteUtils sharePermissionDeleteUtils;
    private final LicenseCountService licenseCountService;

    public UserUtilImpl(IssueSecurityLevelManager issueSecurityLevelManager, GlobalPermissionManager globalPermissionManager, CrowdService crowdService, PermissionManager permissionManager, ApplicationProperties applicationProperties, SearchService searchService, ProjectManager projectManager, ProjectRoleService projectRoleService, ProjectComponentManager projectComponentManager, SubscriptionManager subscriptionManager, NotificationSchemeManager notificationSchemeManager, UserHistoryManager userHistoryManager, UserManager userManager, LicenseCountService licenseCountService, ApplicationRoleManager applicationRoleManager, JsonEntityPropertyManager jsonEntityPropertyManager, SharePermissionDeleteUtils sharePermissionDeleteUtils) {
        this.issueSecurityLevelManager = issueSecurityLevelManager;
        this.globalPermissionManager = globalPermissionManager;
        this.permissionManager = permissionManager;
        this.applicationProperties = applicationProperties;
        this.searchService = searchService;
        this.projectManager = projectManager;
        this.projectRoleService = projectRoleService;
        this.componentManager = projectComponentManager;
        this.subscriptionManager = subscriptionManager;
        this.notificationSchemeManager = notificationSchemeManager;
        this.userHistoryManager = userHistoryManager;
        this.userManager = userManager;
        this.crowdService = crowdService;
        this.licenseCountService = licenseCountService;
        this.applicationRoleManager = applicationRoleManager;
        this.jsonEntityPropertyManager = jsonEntityPropertyManager;
        this.sharePermissionDeleteUtils = sharePermissionDeleteUtils;
    }

    protected SearchRequestService getSearchRequestService() {
        return (SearchRequestService) ComponentAccessor.getComponent(SearchRequestService.class);
    }

    protected PortalPageService getPortalPageService() {
        return (PortalPageService) ComponentAccessor.getComponent(PortalPageService.class);
    }

    protected JiraServiceContext getServiceContext(ApplicationUser applicationUser) {
        return new JiraServiceContextImpl(applicationUser);
    }

    public ApplicationUser createUserNoNotification(String str, String str2, String str3, String str4) throws PermissionException, CreateException {
        return createUser(new UserDetails(str, str4).withPassword(str2).withEmail(str3), false, 1, null);
    }

    public ApplicationUser createUserNoNotification(String str, String str2, String str3, String str4, Long l) throws PermissionException, CreateException {
        return createUser(new UserDetails(str, str4).withPassword(str2).withEmail(str3).withDirectory(l), false, 1, null);
    }

    public ApplicationUser createUserWithNotification(String str, String str2, String str3, String str4, int i) throws PermissionException, CreateException {
        return createUser(new UserDetails(str, str4).withPassword(str2).withEmail(str3).withDirectory((Long) null), true, i, null);
    }

    public ApplicationUser createUserWithNotification(String str, String str2, String str3, String str4, Long l, int i) throws PermissionException, CreateException {
        return createUser(new UserDetails(str, str4).withPassword(str2).withEmail(str3).withDirectory(l), true, i, null);
    }

    @Nonnull
    public ApplicationUser createUser(@Nonnull UserDetails userDetails, boolean z, int i, @Nullable Set<ApplicationKey> set) throws PermissionException, CreateException {
        UserService.CreateUserRequest skipValidation = UserService.CreateUserRequest.withUserDetails((ApplicationUser) null, userDetails.getUsername(), userDetails.getPassword(), userDetails.getEmailAddress(), userDetails.getDisplayName()).inDirectory((Long) userDetails.getDirectoryId().orElse(null)).sendNotification(z).withApplicationAccess(set).withEventUserEvent(i).skipValidation();
        UserService userService = (UserService) ComponentAccessor.getComponent(UserService.class);
        return userService.createUser(userService.validateCreateUser(skipValidation));
    }

    public void removeUser(ApplicationUser applicationUser, ApplicationUser applicationUser2) {
        if (applicationUser2 == null) {
            return;
        }
        SimpleErrorCollection simpleErrorCollection = new SimpleErrorCollection();
        try {
            if (!this.userManager.getUserState(applicationUser2).isInMultipleDirectories()) {
                log.debug("Removing user references for: " + applicationUser2.getId());
                removeUserReferences(applicationUser, applicationUser2, simpleErrorCollection);
            }
            try {
                Iterator it = this.crowdService.search(getGroupMembershipQuery(applicationUser2)).iterator();
                while (it.hasNext()) {
                    this.crowdService.removeUserFromGroup(applicationUser2.getDirectoryUser(), this.crowdService.getGroup((String) it.next()));
                }
                this.crowdService.removeUser(applicationUser2.getDirectoryUser());
                clearCache();
            } catch (OperationNotPermittedException e) {
                throw new PermissionException(e);
            }
        } catch (Exception e2) {
            log.error("There was an error trying to remove user: " + applicationUser2.getDisplayName(), e2);
            throw new RuntimeException(e2);
        }
    }

    private void removeUserReferences(ApplicationUser applicationUser, ApplicationUser applicationUser2, SimpleErrorCollection simpleErrorCollection) throws RemoveException, GenericEntityException {
        this.projectRoleService.removeAllRoleActorsByNameAndType(applicationUser2.getKey(), "atlassian-user-role-actor", simpleErrorCollection);
        this.permissionManager.removeUserPermissions(applicationUser2);
        removeWatchesForUser(applicationUser2);
        removeVotesForUser(applicationUser2);
        this.subscriptionManager.deleteSubscriptionsForUser(applicationUser2);
        this.notificationSchemeManager.removeEntities(SingleUser.DESC, applicationUser2.getName());
        removeComponentLeadsForUser(applicationUser2);
        getSearchRequestService().deleteAllFiltersForUser(getServiceContext(applicationUser), applicationUser2);
        getPortalPageService().deleteAllPortalPagesForUser(applicationUser2);
        this.userHistoryManager.removeHistoryForUser(applicationUser2);
        this.jsonEntityPropertyManager.deleteByEntity(EntityPropertyType.USER_PROPERTY.getDbEntityName(), applicationUser2.getId());
        this.sharePermissionDeleteUtils.deleteUserPermissions(applicationUser2.getKey());
    }

    public long getNumberOfReportedIssuesIgnoreSecurity(ApplicationUser applicationUser, ApplicationUser applicationUser2) throws SearchException {
        return this.searchService.searchCountOverrideSecurity(applicationUser, JqlQueryBuilder.newBuilder().where().reporterUser(applicationUser2.getUsername()).buildQuery());
    }

    public long getNumberOfAssignedIssuesIgnoreSecurity(ApplicationUser applicationUser, ApplicationUser applicationUser2) throws SearchException {
        return this.searchService.searchCountOverrideSecurity(applicationUser, JqlQueryBuilder.newBuilder().where().assigneeUser(applicationUser2.getUsername()).buildQuery());
    }

    public Collection<ProjectComponent> getComponentsUserLeads(ApplicationUser applicationUser) {
        return this.componentManager.findComponentsByLead(applicationUser.getUsername());
    }

    public Collection<Project> getProjectsLeadBy(ApplicationUser applicationUser) {
        return this.projectManager.getProjectsLeadBy(applicationUser);
    }

    public boolean isNonSysAdminAttemptingToDeleteSysAdmin(ApplicationUser applicationUser, ApplicationUser applicationUser2) {
        return this.permissionManager.hasPermission(44, applicationUser2) && !this.permissionManager.hasPermission(44, applicationUser);
    }

    private void removeVotesForUser(ApplicationUser applicationUser) {
        VoteManager voteManager = ComponentAccessor.getVoteManager();
        if (this.applicationProperties.getOption("jira.option.voting")) {
            voteManager.removeVotesForUser(applicationUser);
        }
    }

    private void removeWatchesForUser(ApplicationUser applicationUser) {
        WatcherManager watcherManager = ComponentAccessor.getWatcherManager();
        if (this.applicationProperties.getOption("jira.option.watching")) {
            watcherManager.removeAllWatchesForUser(applicationUser);
        }
    }

    private void removeComponentLeadsForUser(ApplicationUser applicationUser) {
        for (ProjectComponent projectComponent : getComponentsUserLeads(applicationUser)) {
            MutableProjectComponent copy = MutableProjectComponent.copy(projectComponent);
            copy.setLead((String) null);
            if (projectComponent.getAssigneeType() == 1) {
                copy.setAssigneeType(0L);
            }
            try {
                this.componentManager.update(copy);
            } catch (EntityNotFoundException e) {
            }
        }
    }

    public void addUserToGroup(Group group, ApplicationUser applicationUser) throws PermissionException, AddException {
        doAddUserToGroup(group, applicationUser);
        clearCache();
    }

    private void clearCache() {
        try {
            if (this.issueSecurityLevelManager != null) {
                this.issueSecurityLevelManager.clearUsersLevels();
            }
        } catch (UnsupportedOperationException e) {
            log.debug("Unsupported operation was thrown when trying to clear the issue security level manager cache", e);
        }
    }

    void doAddUserToGroup(Group group, ApplicationUser applicationUser) throws PermissionException, AddException {
        validateParameters(group, applicationUser);
        if (this.crowdService.isUserMemberOfGroup(applicationUser.getDirectoryUser(), group)) {
            return;
        }
        try {
            this.crowdService.addUserToGroup(applicationUser.getDirectoryUser(), group);
        } catch (OperationFailedException e) {
            throw new AddException(e);
        } catch (OperationNotPermittedException e2) {
            throw new PermissionException(e2);
        }
    }

    public void addUserToGroups(Collection<Group> collection, ApplicationUser applicationUser) throws PermissionException, AddException {
        try {
            Iterator<Group> it = collection.iterator();
            while (it.hasNext()) {
                doAddUserToGroup(it.next(), applicationUser);
            }
        } finally {
            clearCache();
        }
    }

    public void removeUserFromGroup(Group group, ApplicationUser applicationUser) throws PermissionException, RemoveException {
        validateParameters(group, applicationUser);
        if (this.crowdService.isUserDirectGroupMember(applicationUser.getDirectoryUser(), group)) {
            try {
                this.crowdService.removeUserFromGroup(applicationUser.getDirectoryUser(), group);
            } catch (OperationFailedException e) {
                throw new RemoveException(e);
            } catch (OperationNotPermittedException e2) {
                throw new PermissionException(e2);
            }
        }
        clearCache();
    }

    public void removeUserFromGroups(Collection<Group> collection, ApplicationUser applicationUser) throws PermissionException, RemoveException {
        Iterator<Group> it = collection.iterator();
        while (it.hasNext()) {
            removeUserFromGroup(it.next(), applicationUser);
        }
        clearCache();
    }

    public UserUtil.PasswordResetToken generatePasswordResetToken(ApplicationUser applicationUser) {
        return new PasswordResetTokenBuilder(this.crowdService).generateToken(applicationUser);
    }

    public UserUtil.PasswordResetTokenValidation validatePasswordResetToken(ApplicationUser applicationUser, String str) {
        Assertions.notNull("user", applicationUser);
        UserUtil.PasswordResetTokenValidation.Status validateToken = new PasswordResetTokenBuilder(this.crowdService).validateToken(applicationUser, str);
        return () -> {
            return validateToken;
        };
    }

    public void changePassword(ApplicationUser applicationUser, String str) throws PermissionException, InvalidCredentialException {
        Assertions.notNull("user", applicationUser);
        new PasswordResetTokenBuilder(this.crowdService).resetToken(applicationUser);
        ((RememberMeTokenDao) ComponentAccessor.getComponent(RememberMeTokenDao.class)).removeAllForUser(applicationUser.getName());
        ((LoginManager) ComponentAccessor.getComponent(LoginManager.class)).resetFailedLoginCount(applicationUser);
        try {
            this.crowdService.updateUserCredential(applicationUser.getDirectoryUser(), str);
        } catch (InvalidCredentialException e) {
            throw new RuntimeException((Throwable) e);
        } catch (OperationNotPermittedException e2) {
            throw new PermissionException(e2);
        }
    }

    public int getActiveUserCount() {
        return this.licenseCountService.totalBillableUsers();
    }

    public int getTotalUserCount() {
        return this.userManager.getTotalUserCount();
    }

    public void clearActiveUserCount() {
        this.licenseCountService.flush();
    }

    public boolean canActivateNumberOfUsers(int i) {
        Assertions.notNull("numUsers is null.", Integer.valueOf(i));
        if (i < 0) {
            throw new IllegalArgumentException("numUsers must be non-negative");
        }
        if (i == 0) {
            return true;
        }
        Set defaultApplicationKeys = this.applicationRoleManager.getDefaultApplicationKeys();
        if (defaultApplicationKeys.isEmpty()) {
            log.warn("No default Applications configured for JIRA. User won't be added to any groups.");
        }
        return defaultApplicationKeys.stream().allMatch(applicationKey -> {
            return this.applicationRoleManager.hasSeatsAvailable(applicationKey, i);
        });
    }

    @Nonnull
    public Collection<ApplicationUser> getUsers() {
        return this.userManager.getUsers();
    }

    @Nonnull
    public Collection<ApplicationUser> getAllApplicationUsers() {
        return this.userManager.getAllApplicationUsers();
    }

    private User getUserCwd(String str) {
        return this.crowdService.getUser(str);
    }

    public ApplicationUser getUser(String str) {
        if (StringUtils.isNotEmpty(str)) {
            return getUserByName(str);
        }
        return null;
    }

    public ApplicationUser getUserByKey(String str) {
        if (str == null) {
            return null;
        }
        return this.userManager.getUserByKey(str);
    }

    public ApplicationUser getUserByName(String str) {
        return this.userManager.getUserByName(str);
    }

    public ApplicationUser getUserObject(String str) {
        return getUser(str);
    }

    public boolean userExists(String str) {
        return StringUtils.isNotEmpty(str) && getUserCwd(str) != null;
    }

    public Collection<ApplicationUser> getAdministrators() {
        return getJiraAdministrators();
    }

    public Collection<ApplicationUser> getJiraAdministrators() {
        return getAllUsersInGroups(this.globalPermissionManager.getGroupsWithPermission(GlobalPermissionKey.ADMINISTER));
    }

    public Collection<ApplicationUser> getSystemAdministrators() {
        return getJiraSystemAdministrators();
    }

    public Collection<ApplicationUser> getJiraSystemAdministrators() {
        return getAllUsersInGroups(this.globalPermissionManager.getGroupsWithPermission(GlobalPermissionKey.SYSTEM_ADMIN));
    }

    public void addToJiraUsePermission(ApplicationUser applicationUser) {
        if (canActivateNumberOfUsers(1)) {
            Iterator it = ((Collection) this.applicationRoleManager.getDefaultApplicationKeys().stream().flatMap(applicationKey -> {
                return this.applicationRoleManager.getDefaultGroups(applicationKey).stream();
            }).collect(CollectorsUtil.toImmutableSet())).iterator();
            while (it.hasNext()) {
                try {
                    doAddUserToGroup((Group) it.next(), applicationUser);
                } catch (PermissionException | AddException e) {
                }
            }
            clearCache();
        }
    }

    public String getDisplayableNameSafely(ApplicationUser applicationUser) {
        if (applicationUser == null) {
            return null;
        }
        String displayName = applicationUser.getDisplayName();
        return StringUtils.isNotBlank(displayName) ? displayName : applicationUser.getUsername();
    }

    public SortedSet<ApplicationUser> getAllUsersInGroups(Collection<Group> collection) {
        return getUsersInGroups(collection);
    }

    public SortedSet<ApplicationUser> getUsersInGroups(Collection<Group> collection) {
        Assertions.notNull("groups", collection);
        ArrayList newArrayListWithCapacity = Lists.newArrayListWithCapacity(collection.size());
        for (Group group : collection) {
            if (group != null) {
                newArrayListWithCapacity.add(group.getName());
            }
        }
        return getUsersInGroupNames(newArrayListWithCapacity);
    }

    public SortedSet<ApplicationUser> getAllUsersInGroupNames(Collection<String> collection) {
        Set<ApplicationUser> allUsersInGroupNamesUnsorted = getAllUsersInGroupNamesUnsorted(collection);
        TreeSet newTreeSet = Sets.newTreeSet(new UserCachingComparator());
        newTreeSet.addAll(allUsersInGroupNamesUnsorted);
        return newTreeSet;
    }

    public Set<ApplicationUser> getAllUsersInGroupNamesUnsorted(Collection<String> collection) {
        Assertions.notNull("groupNames", collection);
        HashSet newHashSet = Sets.newHashSet();
        for (String str : collection) {
            if (str != null) {
                newHashSet.addAll(ApplicationUsers.from(getGroupMembers(str)));
            }
        }
        return Collections.unmodifiableSet(newHashSet);
    }

    public SortedSet<ApplicationUser> getUsersInGroupNames(Collection<String> collection) {
        return getAllUsersInGroupNames(collection);
    }

    public SortedSet<Group> getGroupsForUser(String str) {
        Assertions.notNull(UserNameUserFormat.TYPE, str);
        TreeSet treeSet = new TreeSet();
        Iterator<Group> it = getGroupsForUserFromCrowd(str).iterator();
        while (it.hasNext()) {
            treeSet.add(it.next());
        }
        return Collections.unmodifiableSortedSet(treeSet);
    }

    public SortedSet<String> getGroupNamesForUser(String str) {
        Assertions.notNull(UserNameUserFormat.TYPE, str);
        TreeSet treeSet = new TreeSet();
        Iterator<String> it = getGroupNamesForUserFromCrowd(str).iterator();
        while (it.hasNext()) {
            treeSet.add(it.next());
        }
        return Collections.unmodifiableSortedSet(treeSet);
    }

    private Group getGroupCwd(String str) {
        return this.crowdService.getGroup(str);
    }

    public Group getGroup(String str) {
        if (StringUtils.isNotEmpty(str)) {
            return getGroupCwd(str);
        }
        return null;
    }

    public Group getGroupObject(@Nullable String str) {
        return getGroup(str);
    }

    private void validateParameters(Group group, ApplicationUser applicationUser) {
        if (group == null) {
            throw new IllegalArgumentException("Group must not be null if trying to add or delete a user from it.");
        }
        if (applicationUser == null) {
            throw new IllegalArgumentException("User must not be null if trying to add or delete them from a group.");
        }
    }

    JiraLicenseService getLicenseService() {
        return (JiraLicenseService) ComponentAccessor.getComponent(JiraLicenseService.class);
    }

    private Iterable<User> getGroupMembers(String str) {
        return this.crowdService.search(QueryBuilder.queryFor(User.class, EntityDescriptor.user()).childrenOf(EntityDescriptor.group()).withName(str).returningAtMost(-1));
    }

    private Iterable<Group> getGroupsForUserFromCrowd(String str) {
        return this.crowdService.search(QueryBuilder.queryFor(Group.class, EntityDescriptor.group()).parentsOf(EntityDescriptor.user()).withName(str).returningAtMost(-1));
    }

    private Iterable<String> getGroupNamesForUserFromCrowd(String str) {
        return this.crowdService.search(QueryBuilder.queryFor(String.class, EntityDescriptor.group()).parentsOf(EntityDescriptor.user()).withName(str).returningAtMost(-1));
    }

    private MembershipQuery<String> getGroupMembershipQuery(ApplicationUser applicationUser) {
        return QueryBuilder.queryFor(String.class, EntityDescriptor.group()).parentsOf(EntityDescriptor.user()).withName(applicationUser.getName()).returningAtMost(-1);
    }
}
