package org.gbif.ipt.service.admin.impl;

import com.google.common.collect.Sets;
import com.google.inject.Inject;
import com.google.inject.Singleton;
import com.thoughtworks.xstream.XStream;
import java.io.EOFException;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import org.gbif.ipt.config.AppConfig;
import org.gbif.ipt.config.DataDir;
import org.gbif.ipt.model.Resource;
import org.gbif.ipt.model.User;
import org.gbif.ipt.model.converter.PasswordConverter;
import org.gbif.ipt.service.AlreadyExistingException;
import org.gbif.ipt.service.BaseManager;
import org.gbif.ipt.service.DeletionNotAllowedException;
import org.gbif.ipt.service.InvalidConfigException;
import org.gbif.ipt.service.admin.UserAccountManager;
import org.gbif.ipt.service.manage.ResourceManager;
import org.gbif.ipt.utils.FileUtils;

@Singleton
/* loaded from: input_file:WEB-INF/classes/org/gbif/ipt/service/admin/impl/UserAccountManagerImpl.class */
public class UserAccountManagerImpl extends BaseManager implements UserAccountManager {
    public static final String PERSISTENCE_FILE = "users.xml";
    private Map<String, User> users;
    private boolean allowSimplifiedAdminLogin;
    private String onlyAdminEmail;
    private final XStream xstream;
    private ResourceManager resourceManager;
    private User setupUser;

    @Inject
    public UserAccountManagerImpl(AppConfig appConfig, DataDir dataDir, ResourceManager resourceManager, PasswordConverter passwordConverter) {
        super(appConfig, dataDir);
        this.users = new LinkedHashMap();
        this.allowSimplifiedAdminLogin = true;
        this.xstream = new XStream();
        this.resourceManager = resourceManager;
        defineXstreamMapping(passwordConverter);
    }

    private User addUser(User user) {
        if (user != null) {
            if (user.getRole() == User.Role.Admin) {
                this.log.debug("Adding admin " + user.getEmail());
                if (this.allowSimplifiedAdminLogin) {
                    if (this.onlyAdminEmail == null) {
                        this.onlyAdminEmail = user.getEmail();
                    } else {
                        this.onlyAdminEmail = null;
                        this.allowSimplifiedAdminLogin = false;
                    }
                }
            } else {
                this.log.debug("Adding user " + user.getEmail());
            }
            this.users.put(user.getEmail().toLowerCase(), user);
        }
        return user;
    }

    @Override // org.gbif.ipt.service.admin.UserAccountManager
    public User authenticate(String str, String str2) {
        if (this.allowSimplifiedAdminLogin && str != null && str.equalsIgnoreCase("admin")) {
            str = this.onlyAdminEmail;
        }
        User user = get(str);
        if (user == null || user.getPassword() == null || !user.getPassword().equals(str2)) {
            return null;
        }
        return user;
    }

    @Override // org.gbif.ipt.service.admin.UserAccountManager
    public void create(User user) throws AlreadyExistingException, IOException {
        if (user != null) {
            if (get(user.getEmail()) != null) {
                throw new AlreadyExistingException();
            }
            addUser(user);
            save();
        }
    }

    private void defineXstreamMapping(PasswordConverter passwordConverter) {
        this.xstream.alias("user", User.class);
        this.xstream.useAttributeFor(User.class, "email");
        this.xstream.useAttributeFor(User.class, "password");
        this.xstream.useAttributeFor(User.class, "firstname");
        this.xstream.useAttributeFor(User.class, "lastname");
        this.xstream.useAttributeFor(User.class, "role");
        this.xstream.useAttributeFor(User.class, "lastLogin");
        this.xstream.registerConverter(passwordConverter);
    }

    @Override // org.gbif.ipt.service.admin.UserAccountManager
    public User delete(String str) throws DeletionNotAllowedException, IOException {
        User user;
        if (str == null || (user = get(str)) == null) {
            return null;
        }
        if (user.getRole() == User.Role.Admin) {
            boolean z = true;
            Iterator<User> it = this.users.values().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                User next = it.next();
                if (next.getRole() == User.Role.Admin && !next.equals(user)) {
                    z = false;
                    break;
                }
            }
            if (z) {
                this.log.warn("Last admin cannot be deleted");
                throw new DeletionNotAllowedException(DeletionNotAllowedException.Reason.LAST_ADMIN);
            }
        }
        HashSet hashSet = new HashSet();
        for (Resource resource : this.resourceManager.list()) {
            User user2 = get(resource.getCreator().getEmail());
            if (user2 != null && user2.equals(user)) {
                hashSet.add(resource.getShortname());
            }
        }
        HashSet hashSet2 = new HashSet();
        for (Resource resource2 : this.resourceManager.list(user)) {
            HashSet newHashSet = Sets.newHashSet();
            User user3 = get(resource2.getCreator().getEmail());
            if (user3 != null && user3.hasManagerRights()) {
                newHashSet.add(user3);
            }
            Iterator<User> it2 = resource2.getManagers().iterator();
            while (it2.hasNext()) {
                User user4 = get(it2.next().getEmail());
                if (user4 != null && !newHashSet.contains(user4)) {
                    newHashSet.add(user4);
                }
            }
            newHashSet.remove(user);
            if (newHashSet.isEmpty()) {
                hashSet2.add(resource2.getShortname());
            }
        }
        if (!hashSet2.isEmpty()) {
            throw new DeletionNotAllowedException(DeletionNotAllowedException.Reason.LAST_RESOURCE_MANAGER, hashSet2.toString());
        }
        if (!hashSet.isEmpty()) {
            throw new DeletionNotAllowedException(DeletionNotAllowedException.Reason.IS_RESOURCE_CREATOR, hashSet.toString());
        }
        if (!remove(str)) {
            return null;
        }
        for (Resource resource3 : this.resourceManager.list(user)) {
            resource3.getManagers().remove(user);
            this.resourceManager.save(resource3);
        }
        save();
        return user;
    }

    @Override // org.gbif.ipt.service.admin.UserAccountManager
    public User get(String str) {
        if (str == null || !this.users.containsKey(str.toLowerCase())) {
            return null;
        }
        return this.users.get(str.toLowerCase());
    }

    public boolean remove(String str) {
        return (str == null || !this.users.containsKey(str.toLowerCase()) || this.users.remove(str.toLowerCase()) == null) ? false : true;
    }

    @Override // org.gbif.ipt.service.admin.UserAccountManager
    public User getSetupUser() {
        return this.setupUser;
    }

    @Override // org.gbif.ipt.service.admin.UserAccountManager
    public List<User> list() {
        ArrayList arrayList = new ArrayList(this.users.values());
        Collections.sort(arrayList, new Comparator<User>() { // from class: org.gbif.ipt.service.admin.impl.UserAccountManagerImpl.1
            @Override // java.util.Comparator
            public int compare(User user, User user2) {
                return (user.getFirstname() + " " + user.getLastname()).compareTo(user2.getFirstname() + " " + user2.getLastname());
            }
        });
        return arrayList;
    }

    @Override // org.gbif.ipt.service.admin.UserAccountManager
    public List<User> list(User.Role role) {
        ArrayList arrayList = new ArrayList();
        for (User user : this.users.values()) {
            if (user.getRole() == role) {
                arrayList.add(user);
            }
        }
        return arrayList;
    }

    @Override // org.gbif.ipt.service.admin.UserAccountManager
    public void load() throws InvalidConfigException {
        ObjectInputStream objectInputStream = null;
        try {
            try {
                objectInputStream = this.xstream.createObjectInputStream(FileUtils.getUtf8Reader(this.dataDir.configFile(PERSISTENCE_FILE)));
                this.users.clear();
                while (true) {
                    try {
                        addUser((User) objectInputStream.readObject());
                    } catch (EOFException e) {
                        if (objectInputStream != null) {
                            try {
                                objectInputStream.close();
                                return;
                            } catch (IOException e2) {
                                return;
                            }
                        }
                        return;
                    } catch (ClassNotFoundException e3) {
                        this.log.error(e3.getMessage(), e3);
                    }
                }
            } catch (Throwable th) {
                if (objectInputStream != null) {
                    try {
                        objectInputStream.close();
                    } catch (IOException e4) {
                    }
                }
                throw th;
            }
        } catch (FileNotFoundException e5) {
            this.log.warn("User accounts not existing, users.xml file missing  (This is normal when first setting up a new datadir)");
            if (objectInputStream != null) {
                try {
                    objectInputStream.close();
                } catch (IOException e6) {
                }
            }
        } catch (IOException e7) {
            this.log.error(e7.getMessage(), e7);
            throw new InvalidConfigException(InvalidConfigException.TYPE.USER_CONFIG, "Couldnt read user accounts: " + e7.getMessage());
        }
    }

    @Override // org.gbif.ipt.service.admin.UserAccountManager
    public synchronized void save() throws IOException {
        this.log.debug("Saving all " + this.users.size() + " user accounts...");
        ObjectOutputStream createObjectOutputStream = this.xstream.createObjectOutputStream(FileUtils.startNewUtf8File(this.dataDir.configFile(PERSISTENCE_FILE)), "users");
        Iterator<Map.Entry<String, User>> it = this.users.entrySet().iterator();
        while (it.hasNext()) {
            createObjectOutputStream.writeObject(it.next().getValue());
        }
        createObjectOutputStream.close();
    }

    @Override // org.gbif.ipt.service.admin.UserAccountManager
    public void save(User user) throws IOException {
        addUser(user);
        save();
    }

    @Override // org.gbif.ipt.service.admin.UserAccountManager
    public void setSetupUser(User user) {
        this.setupUser = user;
    }
}
