package com.el.edp.iam.support.repository.service;

import com.el.core.domain.PagingResult;
import com.el.edp.iam.api.java.EdpIamCredentialService;
import com.el.edp.iam.api.java.EdpIamNewUser;
import com.el.edp.iam.api.java.EdpIamUser;
import com.el.edp.iam.api.java.EdpIamUserInfo;
import com.el.edp.iam.api.java.EdpIamUserOpsService;
import com.el.edp.iam.api.java.EdpIamUserQuery;
import com.el.edp.iam.api.java.EdpIamUserWithRoles;
import com.el.edp.iam.spi.java.EdpIamUserIdentifier;
import com.el.edp.iam.spi.java.event.EdpIamUserChangeEvent;
import com.el.edp.iam.spi.java.event.EdpIamUserCreateEvent;
import com.el.edp.iam.support.repository.account.EdpIamCredentials;
import com.el.edp.iam.support.repository.mapper.EdpIamRoleMapper;
import com.el.edp.iam.support.repository.mapper.EdpIamUserMapper;
import com.el.edp.iam.support.repository.mapper.entity.EdpIamUserEntity;
import com.el.edp.iam.support.repository.mapper.view.EdpIamUserRole;
import com.el.edp.iam.support.util.EdpIamOp;
import com.el.edp.util.EdpCrudOp;
import com.el.edp.util.EdpOpException;
import com.el.edp.util.EdpValidationError;
import java.time.DateTimeException;
import java.time.ZoneId;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.transaction.annotation.Transactional;

/* loaded from: input_file:com/el/edp/iam/support/repository/service/EdpIamDefaultUserOpsService.class */
public class EdpIamDefaultUserOpsService implements EdpIamUserOpsService {
    private static final Logger log = LoggerFactory.getLogger(EdpIamDefaultUserOpsService.class);
    private final ApplicationEventPublisher eventPublisher;
    private final EdpIamCredentialService credentialService;
    private final EdpIamUserIdentifier userIdentifier;
    private final EdpIamUserMapper userMapper;
    private final EdpIamRoleMapper roleMapper;

    @Override // com.el.edp.iam.api.java.EdpIamUserOpsService
    public List<EdpValidationError> validateNewUser(EdpIamNewUser edpIamNewUser) {
        ArrayList arrayList = new ArrayList(validateUser(edpIamNewUser));
        if (!this.credentialService.checkPasswordStrength(edpIamNewUser.getPassword())) {
            arrayList.add(EdpValidationError.of("password", EdpIamOp.NG_POOR_PASSWORD));
        }
        return arrayList;
    }

    @Override // com.el.edp.iam.api.java.EdpIamUserOpsService
    @Transactional
    public long createUser(EdpIamNewUser edpIamNewUser) {
        EdpIamUserEntity of = EdpIamUserEntity.of(edpIamNewUser);
        of.setSalt(this.credentialService.generateRandomSalt());
        of.setPassword(this.credentialService.hashCredentials(of.getPassword(), of.getSalt()));
        if (1 != this.userMapper.createUser(of)) {
            throw new EdpOpException(EdpCrudOp.NG_CREATE);
        }
        log.info("[EDP-IAM] user-{} is created.", of.m168getId());
        this.eventPublisher.publishEvent(new EdpIamUserCreateEvent(of));
        return of.m168getId().longValue();
    }

    @Override // com.el.edp.iam.api.java.EdpIamUserOpsService
    public PagingResult<? extends EdpIamUserWithRoles> findUserWithRoles(EdpIamUserQuery edpIamUserQuery) {
        List<EdpIamUserEntity> findUsers = this.userMapper.findUsers(edpIamUserQuery);
        if (!findUsers.isEmpty()) {
            Set<EdpIamUserRole> rolesBy = this.roleMapper.getRolesBy((String) findUsers.stream().map((v0) -> {
                return v0.m168getId();
            }).map((v0) -> {
                return String.valueOf(v0);
            }).collect(Collectors.joining(",")));
            findUsers.forEach(edpIamUserEntity -> {
                edpIamUserEntity.setRoles((Set) rolesBy.stream().filter(edpIamUserRole -> {
                    return edpIamUserRole.getUserId().equals(edpIamUserEntity.m168getId());
                }).map(edpIamUserRole2 -> {
                    return edpIamUserRole2;
                }).collect(Collectors.toSet()));
            });
        }
        return PagingResult.of(findUsers, edpIamUserQuery.getTotal());
    }

    @Override // com.el.edp.iam.api.java.EdpIamUserOpsService
    public Optional<? extends EdpIamUser> getUser(long j) {
        return Optional.ofNullable(this.userMapper.getUser(j));
    }

    @Override // com.el.edp.iam.api.java.EdpIamUserOpsService
    public Optional<? extends EdpIamUserWithRoles> getUserWithRoles(long j) {
        EdpIamUserEntity user = this.userMapper.getUser(j);
        if (user != null) {
            user.setRoles((Set) this.roleMapper.getRolesBy(String.valueOf(j)).stream().map(edpIamUserRole -> {
                return edpIamUserRole;
            }).collect(Collectors.toSet()));
        }
        return Optional.ofNullable(user);
    }

    @Override // com.el.edp.iam.api.java.EdpIamUserOpsService
    public List<EdpValidationError> validateUser(EdpIamUser edpIamUser) {
        checkTimezone(edpIamUser.getTimezone());
        return this.userIdentifier.validateUser(edpIamUser);
    }

    private void checkTimezone(String str) {
        try {
            ZoneId.of(str);
        } catch (DateTimeException e) {
            throw new IllegalArgumentException("[EDP-IAM] Invalid timezone: " + str);
        }
    }

    @Override // com.el.edp.iam.api.java.EdpIamUserOpsService
    @Transactional
    public void updateUser(EdpIamUserInfo edpIamUserInfo) {
        checkTimezone(edpIamUserInfo.getTimezone());
        edpIamUserInfo.setLogin(this.userIdentifier.resolveLoginNo(edpIamUserInfo));
        this.userIdentifier.validateUser(edpIamUserInfo);
        if (1 != this.userMapper.updateUserProfile(edpIamUserInfo)) {
            throw new EdpOpException(EdpCrudOp.NG_UPDATE);
        }
        log.info("[EDP-IAM] user-{} is updated.", edpIamUserInfo.m168getId());
        this.eventPublisher.publishEvent(EdpIamUserChangeEvent.userChangeEvent(edpIamUserInfo.m168getId().longValue()));
    }

    @Override // com.el.edp.iam.api.java.EdpIamUserOpsService
    @Transactional
    public void blockUser(long j) {
        if (1 != this.userMapper.blockUser(j)) {
            throw new EdpOpException(EdpCrudOp.NG_UPDATE);
        }
        log.info("[EDP-IAM] user-{} is blocked.", Long.valueOf(j));
        this.eventPublisher.publishEvent(EdpIamUserChangeEvent.userBlockEvent(j));
    }

    @Override // com.el.edp.iam.api.java.EdpIamUserOpsService
    @Transactional
    public void unblockUser(long j) {
        if (1 != this.userMapper.unblockUser(j)) {
            throw new EdpOpException(EdpCrudOp.NG_UPDATE);
        }
        log.info("[EDP-IAM] user-{} is unblocked.", Long.valueOf(j));
    }

    @Override // com.el.edp.iam.api.java.EdpIamUserOpsService
    @Transactional
    public void updatePassword(long j, String str, String str2) {
        checkPasswordStrength(str2);
        checkOldPassword(j, str);
        String generateRandomSalt = this.credentialService.generateRandomSalt();
        if (1 != this.userMapper.updateUserCredentials(j, EdpIamCredentials.of(this.credentialService.hashCredentials(str2, generateRandomSalt), generateRandomSalt))) {
            throw new EdpOpException(EdpCrudOp.NG_UPDATE);
        }
        log.info("[EDP-IAM] user-{}'s password is updated.", Long.valueOf(j));
    }

    private void checkPasswordStrength(String str) {
        if (!this.credentialService.checkPasswordStrength(str)) {
            throw new EdpOpException(EdpIamOp.NG_POOR_PASSWORD);
        }
    }

    private void checkOldPassword(long j, String str) {
        EdpIamCredentials userCredentials = this.userMapper.getUserCredentials(j);
        if (userCredentials == null) {
            throw new IllegalArgumentException("[EDP-IAM] Invalid user-" + j);
        }
        if (!this.credentialService.hashCredentials(str, userCredentials.getHashSalt()).equals(userCredentials.getHashedCredentials())) {
            throw new EdpOpException(EdpIamOp.NG_OLD_PASSWORD);
        }
    }

    public EdpIamDefaultUserOpsService(ApplicationEventPublisher applicationEventPublisher, EdpIamCredentialService edpIamCredentialService, EdpIamUserIdentifier edpIamUserIdentifier, EdpIamUserMapper edpIamUserMapper, EdpIamRoleMapper edpIamRoleMapper) {
        this.eventPublisher = applicationEventPublisher;
        this.credentialService = edpIamCredentialService;
        this.userIdentifier = edpIamUserIdentifier;
        this.userMapper = edpIamUserMapper;
        this.roleMapper = edpIamRoleMapper;
    }
}
