package com.formkiq.server.service;

import com.formkiq.server.config.DateService;
import com.formkiq.server.dao.FolderDao;
import com.formkiq.server.dao.UserDao;
import com.formkiq.server.domain.Folder;
import com.formkiq.server.domain.FolderAccess;
import com.formkiq.server.domain.User;
import com.formkiq.server.domain.UserSetting;
import com.formkiq.server.domain.type.FolderPermission;
import com.formkiq.server.domain.type.FolderStatus;
import com.formkiq.server.domain.type.UserDTO;
import com.formkiq.server.domain.type.UserListDTO;
import com.formkiq.server.domain.type.UserRole;
import com.formkiq.server.domain.type.UserSettings;
import com.formkiq.server.domain.type.UserStatus;
import java.util.Date;
import java.util.List;
import java.util.UUID;
import org.apache.commons.lang3.time.DateUtils;
import org.apache.commons.validator.routines.EmailValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;

@Service
/* loaded from: input_file:com/formkiq/server/service/UserServiceImpl.class */
public class UserServiceImpl implements UserService {
    private static final int DEFAULT_EXPIRY_MINUTES = 1440;

    @Autowired
    private DateService dateservice;

    @Autowired
    private FolderDao folderDao;

    @Autowired
    private FolderService folderservice;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    private SpringSecurityService securityService;

    @Autowired
    private SystemPropertyService systemPropertyService;

    @Autowired
    private UserDao userDao;

    @Override // com.formkiq.server.service.UserService
    public User createUser(String str, String str2, UserStatus userStatus, UserRole userRole) throws PreconditionFailedException {
        if (!this.securityService.isAdmin() && this.systemPropertyService.isInviteOnly() && !UserStatus.INVITE.equals(userStatus)) {
            throw new PreconditionFailedException("User can only be created via invite");
        }
        if (!EmailValidator.getInstance().isValid(str)) {
            throw new PreconditionFailedException("Invalid Email " + str);
        }
        if (StringUtils.isEmpty(str2)) {
            throw new PreconditionFailedException("Password required");
        }
        if (userStatus == null) {
            throw new PreconditionFailedException("UserStatus required");
        }
        if (userRole == null) {
            throw new PreconditionFailedException("UserRole required");
        }
        if (this.userDao.findUser(str) != null) {
            throw new PreconditionFailedException("Email already registered");
        }
        User user = new User();
        user.setEmail(str);
        user.setStatus(userStatus);
        user.setRole(userRole);
        setUserPassword(user, str2);
        User saveUser = this.userDao.saveUser(user);
        this.folderservice.saveFolder(saveUser, null, str);
        return saveUser;
    }

    @Override // com.formkiq.server.service.UserService
    public void deleteUser(String str) {
        if (StringUtils.isEmpty(str)) {
            throw new PreconditionFailedException("Invalid Email");
        }
        User findUser = this.userDao.findUser(str);
        if (findUser == null) {
            throw new PreconditionFailedException("Email " + str + " not found");
        }
        if (UserRole.ROLE_ADMIN.equals(findUser.getRole()) && this.userDao.getAdminUserCount() == 1) {
            throw new PreconditionFailedException("Cannot delete, only admin");
        }
        this.userDao.deleteUser(findUser);
    }

    @Override // com.formkiq.server.service.UserService
    public void deleteUserSettings(String str, UserSettings userSettings) {
        User findUser = this.userDao.findUser(str);
        if (findUser == null) {
            throw new PreconditionFailedException("User not found");
        }
        UserSetting findUserSetting = this.userDao.findUserSetting(findUser, userSettings);
        if (findUserSetting == null) {
            throw new PreconditionFailedException("Setting not found");
        }
        this.userDao.deleteUserSetting(findUserSetting);
    }

    @Override // com.formkiq.server.service.UserService
    public UserDetails findActiveUser(String str, String str2) throws AuthenticationFailureException {
        User user = null;
        if (!StringUtils.isEmpty(str) && !StringUtils.isEmpty(str2)) {
            user = findActiveUserByEmail(str);
            if (!isMatch(str2, user.getPassword())) {
                user = null;
            }
        }
        if (user == null) {
            throw new AuthenticationFailureException("Authentication failed. Please verify your email address and password and try again.");
        }
        return user;
    }

    @Override // com.formkiq.server.service.UserService
    public User findActiveUserByEmail(String str) {
        User findUser = this.userDao.findUser(str);
        if (findUser == null) {
            throw new AuthenticationFailureException("Authentication failed. Please verify your email address and password and try again.");
        }
        if (UserStatus.ACTIVE.equals(findUser.getStatus())) {
            return findUser;
        }
        throw new AuthenticationFailureException("Authentication failed. User account is disabled.");
    }

    @Override // com.formkiq.server.service.UserService
    public UserDTO findUser(String str, boolean z) throws AuthenticationFailureException {
        UserDTO userDTO = null;
        if (!StringUtils.isEmpty(str)) {
            userDTO = this.userDao.findUserDTO(str);
            if (userDTO != null && !z) {
                userDTO.setPassword(null);
            }
        }
        if (userDTO == null) {
            throw new AuthenticationFailureException("Authentication failed. Please verify your email address and password and try again.");
        }
        return userDTO;
    }

    @Override // com.formkiq.server.service.UserService
    public UserDetails findUserByEmail(String str) {
        return this.userDao.findUser(str);
    }

    @Override // com.formkiq.server.service.UserService
    public UserListDTO findUsers(String str) {
        return this.userDao.findUsers(str);
    }

    String generatedSecuredPasswordHash(String str) {
        return this.passwordEncoder.encode(str);
    }

    @Override // com.formkiq.server.service.UserService
    public String generateResetToken(String str) throws AuthenticationFailureException {
        User findActiveUserByEmail = findActiveUserByEmail(str);
        String generateSecurityToken = generateSecurityToken();
        String generatedSecuredPasswordHash = generatedSecuredPasswordHash(generateSecurityToken);
        Date now = this.dateservice.now();
        findActiveUserByEmail.setResetToken(generatedSecuredPasswordHash);
        findActiveUserByEmail.setResetInsertedDate(now);
        findActiveUserByEmail.setUpdatedDate(now);
        this.userDao.saveUser(findActiveUserByEmail);
        return generateSecurityToken;
    }

    @Override // com.formkiq.server.service.UserService
    public String generateSecurityToken() {
        return UUID.randomUUID().toString().replaceAll("-", "");
    }

    protected int getUserTokenExpiryInMinutes() {
        return DEFAULT_EXPIRY_MINUTES;
    }

    private boolean isMatch(String str, String str2) {
        return this.passwordEncoder.matches(str, str2);
    }

    @Override // com.formkiq.server.service.UserService
    public User saveUser(String str, String str2, UserRole userRole, UserStatus userStatus) {
        User createUser;
        User findUser = this.userDao.findUser(str);
        if (findUser != null) {
            if (userRole != null) {
                findUser.setRole(userRole);
            }
            if (userStatus != null) {
                findUser.setStatus(userStatus);
            }
            setUserPassword(findUser, str2);
            createUser = this.userDao.saveUser(findUser);
        } else {
            createUser = createUser(str, str2, userStatus, userRole);
        }
        return createUser;
    }

    @Override // com.formkiq.server.service.UserService
    public void saveUserSettings(String str, UserSettings userSettings, String str2) {
        User findUser = this.userDao.findUser(str);
        if (findUser == null) {
            throw new PreconditionFailedException("User not found");
        }
        UserSetting findUserSetting = this.userDao.findUserSetting(findUser, userSettings);
        if (findUserSetting == null) {
            findUserSetting = new UserSetting();
            findUserSetting.setUserid(findUser.getUserid());
            findUserSetting.setSetting(userSettings);
        }
        findUserSetting.setValue(str2);
        this.userDao.saveUserSetting(findUserSetting);
    }

    private void setUserPassword(User user, String str) {
        if (StringUtils.isEmpty(str)) {
            return;
        }
        user.setPassword(generatedSecuredPasswordHash(str));
    }

    @Override // com.formkiq.server.service.UserService
    public boolean shareFolderWithUser(UserDetails userDetails, String str, String str2, List<FolderPermission> list) {
        boolean z = false;
        FolderAccess folderAccess = null;
        if (!this.securityService.hasPermission(this.folderDao.findFolderAccess((User) userDetails, str2), FolderPermission.PERM_FORM_ADMIN)) {
            throw new FormAccessDeniedException();
        }
        User findUser = this.userDao.findUser(str);
        Folder findFolder = this.folderDao.findFolder(str2);
        if (findUser == null) {
            z = true;
            findUser = createUser(str, generateSecurityToken(), UserStatus.INVITE, UserRole.ROLE_USER);
        } else {
            folderAccess = this.folderDao.findFolderAccess(findUser, str2);
        }
        if (folderAccess == null || folderAccess.getFolderaccessid() == null) {
            folderAccess = new FolderAccess();
            folderAccess.setStatus(FolderStatus.ACTIVE);
        }
        folderAccess.setFolderid(findFolder.getFolderid());
        folderAccess.setUserid(findUser.getUserid());
        folderAccess.setPermissions(list);
        this.folderDao.saveFolderAccess(folderAccess);
        return z;
    }

    @Override // com.formkiq.server.service.UserService
    public void updateLastLogin(String str, Date date) {
        this.userDao.updateLastLogin(str, date);
    }

    @Override // com.formkiq.server.service.UserService
    public void updatePassword(String str, String str2, String str3) {
        User findUser;
        boolean z = false;
        if (!StringUtils.isEmpty(str2) && (findUser = this.userDao.findUser(str)) != null && isMatch(str2, findUser.getResetToken())) {
            if (findUser.getResetInsertedDate().after(DateUtils.addMinutes(this.dateservice.now(), -getUserTokenExpiryInMinutes()))) {
                findUser.setResetInsertedDate(null);
                findUser.setResetToken(null);
                setUserPassword(findUser, str3);
                this.userDao.saveUser(findUser);
                z = true;
            }
        }
        if (!z) {
            throw new PreconditionFailedException("Invalid Reset Token");
        }
    }
}
