package org.eclipse.kapua.service.user.internal;

import java.util.Objects;
import org.eclipse.kapua.KapuaDuplicateNameException;
import org.eclipse.kapua.KapuaDuplicateNameInAnotherAccountError;
import org.eclipse.kapua.KapuaEntityNotFoundException;
import org.eclipse.kapua.KapuaException;
import org.eclipse.kapua.KapuaIllegalArgumentException;
import org.eclipse.kapua.KapuaMaxNumberOfItemsReachedException;
import org.eclipse.kapua.commons.configuration.AbstractKapuaConfigurableResourceLimitedService;
import org.eclipse.kapua.commons.model.query.predicate.AttributePredicateImpl;
import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
import org.eclipse.kapua.commons.setting.system.SystemSetting;
import org.eclipse.kapua.commons.setting.system.SystemSettingKey;
import org.eclipse.kapua.commons.util.ArgumentValidator;
import org.eclipse.kapua.commons.util.CommonsValidationRegex;
import org.eclipse.kapua.event.ServiceEvent;
import org.eclipse.kapua.locator.KapuaLocator;
import org.eclipse.kapua.locator.KapuaProvider;
import org.eclipse.kapua.model.domain.Actions;
import org.eclipse.kapua.model.id.KapuaId;
import org.eclipse.kapua.model.query.KapuaListResult;
import org.eclipse.kapua.model.query.KapuaQuery;
import org.eclipse.kapua.service.authorization.AuthorizationService;
import org.eclipse.kapua.service.authorization.permission.PermissionFactory;
import org.eclipse.kapua.service.user.User;
import org.eclipse.kapua.service.user.UserCreator;
import org.eclipse.kapua.service.user.UserDomains;
import org.eclipse.kapua.service.user.UserFactory;
import org.eclipse.kapua.service.user.UserListResult;
import org.eclipse.kapua.service.user.UserQuery;
import org.eclipse.kapua.service.user.UserService;
import org.eclipse.kapua.service.user.UserStatus;
import org.eclipse.kapua.service.user.UserType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@KapuaProvider
/* loaded from: input_file:org/eclipse/kapua/service/user/internal/UserServiceImpl.class */
public class UserServiceImpl extends AbstractKapuaConfigurableResourceLimitedService<User, UserCreator, UserService, UserListResult, UserQuery, UserFactory> implements UserService {
    private static final Logger LOGGER = LoggerFactory.getLogger(UserServiceImpl.class);
    private static final KapuaLocator LOCATOR = KapuaLocator.getInstance();
    private static final AuthorizationService AUTHORIZATION_SERVICE = LOCATOR.getService(AuthorizationService.class);
    private static final PermissionFactory PERMISSION_FACTORY = LOCATOR.getFactory(PermissionFactory.class);

    public UserServiceImpl() {
        super(UserService.class.getName(), UserDomains.USER_DOMAIN, UserEntityManagerFactory.getInstance(), UserService.class, UserFactory.class);
    }

    public User create(UserCreator userCreator) throws KapuaException {
        ArgumentValidator.notNull(userCreator.getScopeId().getId(), "userCreator.scopeId");
        ArgumentValidator.notEmptyOrNull(userCreator.getName(), "userCreator.name");
        ArgumentValidator.match(userCreator.getName(), CommonsValidationRegex.NAME_REGEXP, "userCreator.name");
        ArgumentValidator.match(userCreator.getEmail(), CommonsValidationRegex.EMAIL_REGEXP, "userCreator.email");
        ArgumentValidator.notNull(userCreator.getUserType(), "userCreator.userType");
        ArgumentValidator.notNull(userCreator.getUserStatus(), "userCreator.userStatus");
        if (userCreator.getUserType() != UserType.INTERNAL) {
            ArgumentValidator.notEmptyOrNull(userCreator.getExternalId(), "userCreator.externalId");
        } else {
            ArgumentValidator.isEmptyOrNull(userCreator.getExternalId(), "userCreator.externalId");
        }
        int allowedChildEntities = allowedChildEntities(userCreator.getScopeId());
        if (allowedChildEntities <= 0) {
            LOGGER.info("Exceeded child limit - remaining: {}", Integer.valueOf(allowedChildEntities));
            throw new KapuaMaxNumberOfItemsReachedException("Users");
        }
        AUTHORIZATION_SERVICE.checkPermission(PERMISSION_FACTORY.newPermission(UserDomains.USER_DOMAIN, Actions.write, userCreator.getScopeId()));
        UserQueryImpl userQueryImpl = new UserQueryImpl(userCreator.getScopeId());
        userQueryImpl.setPredicate(new AttributePredicateImpl("name", userCreator.getName()));
        if (count(userQueryImpl) > 0) {
            throw new KapuaDuplicateNameException(userCreator.getName());
        }
        if (((User) KapuaSecurityUtils.doPrivileged(() -> {
            return m8findByName(userCreator.getName());
        })) != null) {
            throw new KapuaDuplicateNameInAnotherAccountError(userCreator.getName());
        }
        return (User) this.entityManagerSession.onTransactedInsert(entityManager -> {
            return UserDAO.create(entityManager, userCreator);
        });
    }

    public User update(User user) throws KapuaException {
        ArgumentValidator.notNull(user.getId().getId(), "user.id");
        ArgumentValidator.notNull(user.getScopeId(), "user.scopeId");
        ArgumentValidator.notEmptyOrNull(user.getName(), "user.name");
        ArgumentValidator.match(user.getName(), CommonsValidationRegex.NAME_REGEXP, "user.name");
        ArgumentValidator.match(user.getEmail(), CommonsValidationRegex.EMAIL_REGEXP, "user.email");
        if (user.getUserType() != UserType.INTERNAL) {
            ArgumentValidator.notEmptyOrNull(user.getExternalId(), "user.externalId");
        } else {
            ArgumentValidator.isEmptyOrNull(user.getExternalId(), "user.externalId");
        }
        AUTHORIZATION_SERVICE.checkPermission(PERMISSION_FACTORY.newPermission(UserDomains.USER_DOMAIN, Actions.write, user.getScopeId()));
        User m7find = m7find(user.getScopeId(), user.getId());
        if (m7find == null) {
            throw new KapuaEntityNotFoundException("user", user.getId());
        }
        if (user.getStatus() != UserStatus.ENABLED || user.getExpirationDate() != null || !m7find.getName().equals(user.getName())) {
            validateSystemUser(user.getName());
        }
        if (user.getId().equals(KapuaSecurityUtils.getSession().getUserId()) && user.getStatus().equals(UserStatus.DISABLED)) {
            throw new KapuaIllegalArgumentException("status", user.getStatus().name());
        }
        return (User) this.entityManagerSession.onTransactedResult(entityManager -> {
            if (!Objects.equals(m7find.getUserType(), user.getUserType())) {
                throw new KapuaIllegalArgumentException("userType", user.getUserType().toString());
            }
            if (Objects.equals(m7find.getExternalId(), user.getExternalId())) {
                return UserDAO.update(entityManager, user);
            }
            throw new KapuaIllegalArgumentException("externalId", user.getExternalId());
        });
    }

    public void delete(KapuaId kapuaId, KapuaId kapuaId2) throws KapuaException {
        ArgumentValidator.notNull(kapuaId2.getId(), "user.id");
        ArgumentValidator.notNull(kapuaId.getId(), "user.scopeId");
        AUTHORIZATION_SERVICE.checkPermission(PERMISSION_FACTORY.newPermission(UserDomains.USER_DOMAIN, Actions.delete, kapuaId));
        User m7find = m7find(kapuaId, kapuaId2);
        if (m7find == null) {
            throw new KapuaEntityNotFoundException("user", kapuaId2);
        }
        validateSystemUser(m7find.getName());
        validateSelf(m7find);
        this.entityManagerSession.onTransactedAction(entityManager -> {
            UserDAO.delete(entityManager, kapuaId, kapuaId2);
        });
    }

    public void delete(User user) throws KapuaException {
        ArgumentValidator.notNull(user, "user");
        delete(user.getScopeId(), user.getId());
    }

    /* renamed from: find, reason: merged with bridge method [inline-methods] */
    public User m7find(KapuaId kapuaId, KapuaId kapuaId2) throws KapuaException {
        ArgumentValidator.notNull(kapuaId, "scopeId");
        ArgumentValidator.notNull(kapuaId2, "userId");
        AUTHORIZATION_SERVICE.checkPermission(PERMISSION_FACTORY.newPermission(UserDomains.USER_DOMAIN, Actions.read, kapuaId));
        return (User) this.entityManagerSession.onResult(entityManager -> {
            return UserDAO.find(entityManager, kapuaId, kapuaId2);
        });
    }

    /* renamed from: findByName, reason: merged with bridge method [inline-methods] */
    public User m8findByName(String str) throws KapuaException {
        ArgumentValidator.notEmptyOrNull(str, "name");
        return (User) this.entityManagerSession.onResult(entityManager -> {
            return checkReadAccess(UserDAO.findByName(entityManager, str));
        });
    }

    public User findByExternalId(String str) throws KapuaException {
        ArgumentValidator.notEmptyOrNull(str, "externalId");
        return (User) this.entityManagerSession.onResult(entityManager -> {
            return checkReadAccess(UserDAO.findByExternalId(entityManager, str));
        });
    }

    public UserListResult query(KapuaQuery<User> kapuaQuery) throws KapuaException {
        ArgumentValidator.notNull(kapuaQuery, "query");
        ArgumentValidator.notNull(kapuaQuery.getScopeId(), "query.scopeId");
        AUTHORIZATION_SERVICE.checkPermission(PERMISSION_FACTORY.newPermission(UserDomains.USER_DOMAIN, Actions.read, kapuaQuery.getScopeId()));
        return (UserListResult) this.entityManagerSession.onResult(entityManager -> {
            return UserDAO.query(entityManager, kapuaQuery);
        });
    }

    public long count(KapuaQuery<User> kapuaQuery) throws KapuaException {
        ArgumentValidator.notNull(kapuaQuery, "query");
        ArgumentValidator.notNull(kapuaQuery.getScopeId(), "query.scopeId");
        AUTHORIZATION_SERVICE.checkPermission(PERMISSION_FACTORY.newPermission(UserDomains.USER_DOMAIN, Actions.read, kapuaQuery.getScopeId()));
        return ((Long) this.entityManagerSession.onResult(entityManager -> {
            return Long.valueOf(UserDAO.count(entityManager, kapuaQuery));
        })).longValue();
    }

    private User checkReadAccess(User user) throws KapuaException {
        if (user != null) {
            AUTHORIZATION_SERVICE.checkPermission(PERMISSION_FACTORY.newPermission(UserDomains.USER_DOMAIN, Actions.read, user.getScopeId()));
        }
        return user;
    }

    private void validateSystemUser(String str) throws KapuaException {
        String string = SystemSetting.getInstance().getString(SystemSettingKey.SYS_ADMIN_USERNAME);
        if (string.equals(str)) {
            throw new KapuaIllegalArgumentException("name", string);
        }
    }

    private void validateSelf(User user) throws KapuaException {
        if (user.getId().equals(KapuaSecurityUtils.getSession().getUserId())) {
            throw new KapuaIllegalArgumentException("name", user.getName());
        }
    }

    public void onKapuaEvent(ServiceEvent serviceEvent) throws KapuaException {
        if (serviceEvent == null) {
        }
        LOGGER.info("UserService: received kapua event from {}, operation {}", serviceEvent.getService(), serviceEvent.getOperation());
        if ("account".equals(serviceEvent.getService()) && "delete".equals(serviceEvent.getOperation())) {
            deleteUserByAccountId(serviceEvent.getScopeId(), serviceEvent.getEntityId());
        }
    }

    private void deleteUserByAccountId(KapuaId kapuaId, KapuaId kapuaId2) throws KapuaException {
        for (User user : query((KapuaQuery<User>) new UserQueryImpl(kapuaId2)).getItems()) {
            delete(user.getScopeId(), user.getId());
        }
    }

    /* renamed from: query, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ KapuaListResult m6query(KapuaQuery kapuaQuery) throws KapuaException {
        return query((KapuaQuery<User>) kapuaQuery);
    }
}
