package de.adorsys.ledgers.um.impl.service;

import de.adorsys.ledgers.um.api.domain.AccountAccessBO;
import de.adorsys.ledgers.um.api.domain.AisConsentBO;
import de.adorsys.ledgers.um.api.domain.ScaUserDataBO;
import de.adorsys.ledgers.um.api.domain.UserBO;
import de.adorsys.ledgers.um.api.domain.UserRoleBO;
import de.adorsys.ledgers.um.api.service.ScaUserDataService;
import de.adorsys.ledgers.um.api.service.UserService;
import de.adorsys.ledgers.um.db.domain.AccountAccess;
import de.adorsys.ledgers.um.db.domain.AisConsentEntity;
import de.adorsys.ledgers.um.db.domain.ScaUserDataEntity;
import de.adorsys.ledgers.um.db.domain.UserEntity;
import de.adorsys.ledgers.um.db.repository.AisConsentRepository;
import de.adorsys.ledgers.um.db.repository.UserRepository;
import de.adorsys.ledgers.um.impl.converter.AisConsentMapper;
import de.adorsys.ledgers.um.impl.converter.UserConverter;
import de.adorsys.ledgers.util.Ids;
import de.adorsys.ledgers.util.PasswordEnc;
import de.adorsys.ledgers.util.exception.UserManagementErrorCode;
import de.adorsys.ledgers.util.exception.UserManagementModuleException;
import de.adorsys.ledgers.util.tan.encriptor.TanEncryptor;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageRequest;
import org.springframework.data.domain.Pageable;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Transactional
@Service
/* loaded from: input_file:de/adorsys/ledgers/um/impl/service/UserServiceImpl.class */
public class UserServiceImpl implements UserService {
    private static final Logger log = LoggerFactory.getLogger(UserServiceImpl.class);
    private static final String USER_WITH_LOGIN_NOT_FOUND = "User with login=%s not found";
    private static final String USER_WITH_ID_NOT_FOUND = "User with id=%s not found";
    private static final String CONSENT_WITH_ID_S_NOT_FOUND = "Consent with id=%s not found";
    private final UserRepository userRepository;
    private final ScaUserDataService scaUserDataService;
    private final AisConsentRepository consentRepository;
    private final UserConverter userConverter;
    private final PasswordEnc passwordEnc;
    private final TanEncryptor tanEncryptor;
    private final AisConsentMapper aisConsentMapper;

    public UserBO create(UserBO userBO) {
        checkUserAlreadyExists(userBO);
        checkDuplicateScaMethods(userBO.getScaUserData());
        UserEntity userPO = this.userConverter.toUserPO(userBO);
        if (userPO.getId() == null) {
            userPO.setId(Ids.id());
        }
        userPO.setPin(this.passwordEnc.encode(userPO.getId(), userBO.getPin()));
        hashStaticTan(userPO);
        return convertToUserBoAndDecodeTan((UserEntity) this.userRepository.save(userPO));
    }

    public List<UserBO> listUsers(int i, int i2) {
        return this.userConverter.toUserBOList(this.userRepository.findAll(PageRequest.of(i, i2)).getContent());
    }

    public UserBO findById(String str) {
        return convertToUserBoAndDecodeTan((UserEntity) this.userRepository.findById(str).orElseThrow(UserManagementModuleException.getModuleExceptionSupplier(str, UserManagementErrorCode.USER_NOT_FOUND, USER_WITH_ID_NOT_FOUND)));
    }

    public UserBO findByLogin(String str) {
        return this.userConverter.toUserBO(getUser(str));
    }

    public UserBO updateScaData(List<ScaUserDataBO> list, String str) {
        log.info("Retrieving user by login={}", str);
        UserEntity userEntity = (UserEntity) this.userRepository.findFirstByLogin(str).orElseThrow(UserManagementModuleException.getModuleExceptionSupplier(str, UserManagementErrorCode.USER_NOT_FOUND, USER_WITH_LOGIN_NOT_FOUND));
        checkDuplicateScaMethods(list);
        this.scaUserDataService.ifScaChangedEmailNotValid(this.userConverter.toUserBO(userEntity).getScaUserData(), list);
        List<ScaUserDataEntity> scaUserDataListEntity = this.userConverter.toScaUserDataListEntity(list);
        userEntity.getScaUserData().clear();
        userEntity.getScaUserData().addAll(scaUserDataListEntity);
        hashStaticTan(userEntity);
        log.info("{} sca methods would be updated", Integer.valueOf(scaUserDataListEntity.size()));
        return convertToUserBoAndDecodeTan((UserEntity) this.userRepository.save(userEntity));
    }

    public UserBO updateAccountAccess(String str, List<AccountAccessBO> list) {
        log.info("Retrieving user by login={}", str);
        UserEntity userEntity = (UserEntity) this.userRepository.findFirstByLogin(str).orElseThrow(UserManagementModuleException.getModuleExceptionSupplier(str, UserManagementErrorCode.USER_NOT_FOUND, USER_WITH_LOGIN_NOT_FOUND));
        List<AccountAccess> accountAccessListEntity = this.userConverter.toAccountAccessListEntity(list);
        userEntity.getAccountAccesses().clear();
        userEntity.getAccountAccesses().addAll(accountAccessListEntity);
        log.info("{} account accesses would be updated", Integer.valueOf(accountAccessListEntity.size()));
        return convertToUserBoAndDecodeTan((UserEntity) this.userRepository.save(userEntity));
    }

    public AisConsentBO storeConsent(AisConsentBO aisConsentBO) {
        return this.aisConsentMapper.toAisConsentBO((AisConsentEntity) this.consentRepository.findById(aisConsentBO.getId()).orElse(this.consentRepository.save(this.aisConsentMapper.toAisConsentPO(aisConsentBO))));
    }

    public AisConsentBO loadConsent(String str) {
        return this.aisConsentMapper.toAisConsentBO((AisConsentEntity) this.consentRepository.findById(str).orElseThrow(UserManagementModuleException.getModuleExceptionSupplier(str, UserManagementErrorCode.CONSENT_NOT_FOUND, CONSENT_WITH_ID_S_NOT_FOUND)));
    }

    public Page<UserBO> findByBranchAndUserRolesIn(String str, List<UserRoleBO> list, String str2, Pageable pageable) {
        Page findByBranchAndUserRolesInAndLoginContaining = this.userRepository.findByBranchAndUserRolesInAndLoginContaining(str, this.userConverter.toUserRole(list), str2, pageable);
        UserConverter userConverter = this.userConverter;
        userConverter.getClass();
        Page<UserBO> map = findByBranchAndUserRolesInAndLoginContaining.map(userConverter::toUserBO);
        map.forEach(this::decodeStaticTanForUser);
        return map;
    }

    public int countUsersByBranch(String str) {
        return this.userRepository.countByBranch(str);
    }

    public UserBO updateUser(UserBO userBO) {
        checkDuplicateScaMethods(userBO.getScaUserData());
        checkAndResetValidityScaEmail(userBO);
        UserEntity userPO = this.userConverter.toUserPO(userBO);
        checkIfPasswordModifiedAndEncode(userPO);
        hashStaticTan(userPO);
        return convertToUserBoAndDecodeTan((UserEntity) this.userRepository.save(userPO));
    }

    public List<UserBO> findUsersByIban(String str) {
        List<UserBO> userBOList = this.userConverter.toUserBOList(this.userRepository.finUsersByIban(str));
        userBOList.forEach(userBO -> {
            userBO.setAccountAccesses((List) userBO.getAccountAccesses().stream().filter(accountAccessBO -> {
                return accountAccessBO.getIban().equals(str);
            }).collect(Collectors.toList()));
        });
        return userBOList;
    }

    private void checkDuplicateScaMethods(List<ScaUserDataBO> list) {
        List list2 = (List) Optional.ofNullable(list).orElse(Collections.emptyList());
        if (new HashSet(list2).size() != list2.size()) {
            throw UserManagementModuleException.builder().devMsg("Duplicating Sca Methods is forbidden!").errorCode(UserManagementErrorCode.DUPLICATE_SCA).build();
        }
    }

    private void checkIfPasswordModifiedAndEncode(UserEntity userEntity) {
        if (userEntity.getPin().equals(findById(userEntity.getId()).getPin())) {
            return;
        }
        userEntity.setPin(this.passwordEnc.encode(userEntity.getId(), userEntity.getPin()));
    }

    private void checkAndResetValidityScaEmail(UserBO userBO) {
        this.scaUserDataService.ifScaChangedEmailNotValid(findById(userBO.getId()).getScaUserData(), userBO.getScaUserData());
    }

    @NotNull
    public UserEntity getUser(String str) {
        return (UserEntity) this.userRepository.findFirstByLogin(str).orElseThrow(UserManagementModuleException.getModuleExceptionSupplier(str, UserManagementErrorCode.USER_NOT_FOUND, USER_WITH_LOGIN_NOT_FOUND));
    }

    private UserBO convertToUserBoAndDecodeTan(UserEntity userEntity) {
        UserBO userBO = this.userConverter.toUserBO(userEntity);
        decodeStaticTanForUser(userBO);
        return userBO;
    }

    private void decodeStaticTanForUser(UserBO userBO) {
        Optional.ofNullable(userBO.getScaUserData()).ifPresent(list -> {
            list.forEach(this::decodeStaticTan);
        });
    }

    private void decodeStaticTan(ScaUserDataBO scaUserDataBO) {
        if (scaUserDataBO.isUsesStaticTan() && StringUtils.isNotBlank(scaUserDataBO.getStaticTan())) {
            scaUserDataBO.setStaticTan(this.tanEncryptor.decryptTan(scaUserDataBO.getStaticTan()));
        }
    }

    private void hashStaticTan(UserEntity userEntity) {
        userEntity.getScaUserData().stream().filter(scaUserDataEntity -> {
            return StringUtils.isNotBlank(scaUserDataEntity.getStaticTan());
        }).forEach(scaUserDataEntity2 -> {
            scaUserDataEntity2.setStaticTan(this.tanEncryptor.encryptTan(scaUserDataEntity2.getStaticTan()));
        });
    }

    private void checkUserAlreadyExists(UserBO userBO) {
        if (this.userRepository.findByEmailOrLogin(userBO.getEmail(), userBO.getLogin()).isPresent()) {
            String format = String.format("User with this email or login already exists. Email %s. Login %s.", userBO.getEmail(), userBO.getLogin());
            log.error(format);
            throw UserManagementModuleException.builder().errorCode(UserManagementErrorCode.USER_ALREADY_EXISTS).devMsg(format).build();
        }
    }

    public UserServiceImpl(UserRepository userRepository, ScaUserDataService scaUserDataService, AisConsentRepository aisConsentRepository, UserConverter userConverter, PasswordEnc passwordEnc, TanEncryptor tanEncryptor, AisConsentMapper aisConsentMapper) {
        this.userRepository = userRepository;
        this.scaUserDataService = scaUserDataService;
        this.consentRepository = aisConsentRepository;
        this.userConverter = userConverter;
        this.passwordEnc = passwordEnc;
        this.tanEncryptor = tanEncryptor;
        this.aisConsentMapper = aisConsentMapper;
    }
}
