package org.apache.isis.extensions.secman.jdo.dom.user;

import java.util.Collection;
import java.util.Collections;
import java.util.Optional;
import java.util.function.Consumer;
import javax.annotation.Nullable;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import lombok.NonNull;
import org.apache.isis.applib.query.Query;
import org.apache.isis.applib.services.eventbus.EventBusService;
import org.apache.isis.applib.services.factory.FactoryService;
import org.apache.isis.applib.services.queryresultscache.QueryResultsCache;
import org.apache.isis.applib.services.repository.RepositoryService;
import org.apache.isis.commons.internal.base._Casts;
import org.apache.isis.commons.internal.base._NullSafe;
import org.apache.isis.commons.internal.collections._Sets;
import org.apache.isis.commons.internal.exceptions._Exceptions;
import org.apache.isis.core.config.IsisConfiguration;
import org.apache.isis.extensions.secman.api.SecmanConfiguration;
import org.apache.isis.extensions.secman.api.encryption.PasswordEncryptionService;
import org.apache.isis.extensions.secman.api.events.UserCreatedEvent;
import org.apache.isis.extensions.secman.api.role.ApplicationRole;
import org.apache.isis.extensions.secman.api.tenancy.ApplicationTenancy;
import org.apache.isis.extensions.secman.api.user.AccountType;
import org.apache.isis.extensions.secman.api.user.ApplicationUserStatus;
import org.apache.isis.extensions.secman.model.dom.user.ApplicationUser_lock;
import org.apache.isis.extensions.secman.model.dom.user.ApplicationUser_unlock;
import org.springframework.stereotype.Repository;

@Repository
@Named("isis.ext.secman.ApplicationUserRepository")
/* loaded from: input_file:org/apache/isis/extensions/secman/jdo/dom/user/ApplicationUserRepository.class */
public class ApplicationUserRepository implements org.apache.isis.extensions.secman.api.user.ApplicationUserRepository<ApplicationUser> {

    @Inject
    private FactoryService factoryService;

    @Inject
    private RepositoryService repository;

    @Inject
    private SecmanConfiguration configBean;

    @Inject
    private Optional<PasswordEncryptionService> passwordEncryptionService;

    @Inject
    protected IsisConfiguration isisConfiguration;

    @Inject
    private EventBusService eventBusService;

    @Inject
    private Provider<QueryResultsCache> queryResultsCacheProvider;

    /* renamed from: newApplicationUser, reason: merged with bridge method [inline-methods] */
    public ApplicationUser m20newApplicationUser() {
        return (ApplicationUser) this.factoryService.detachedEntity(new ApplicationUser());
    }

    /* renamed from: findOrCreateUserByUsername, reason: merged with bridge method [inline-methods] */
    public ApplicationUser m19findOrCreateUserByUsername(String str) {
        return (ApplicationUser) ((QueryResultsCache) this.queryResultsCacheProvider.get()).execute(() -> {
            return findByUsername(str).orElseGet(() -> {
                return (ApplicationUser) newDelegateUser(str, null);
            });
        }, ApplicationUserRepository.class, "findOrCreateUserByUsername", new Object[]{str});
    }

    public Optional<ApplicationUser> findByUsernameCached(String str) {
        return (Optional) ((QueryResultsCache) this.queryResultsCacheProvider.get()).execute(this::findByUsername, ApplicationUserRepository.class, "findByUsernameCached", str);
    }

    public Optional<ApplicationUser> findByUsername(String str) {
        return this.repository.uniqueMatch(Query.named(ApplicationUser.class, "findByUsername").withParameter("username", str));
    }

    public Optional<ApplicationUser> findByEmailAddressCached(String str) {
        return (Optional) ((QueryResultsCache) this.queryResultsCacheProvider.get()).execute(this::findByEmailAddress, ApplicationUserRepository.class, "findByEmailAddressCached", str);
    }

    public Optional<ApplicationUser> findByEmailAddress(String str) {
        return this.repository.uniqueMatch(Query.named(ApplicationUser.class, "findByEmailAddress").withParameter("emailAddress", str));
    }

    public Collection<ApplicationUser> find(String str) {
        return (Collection) this.repository.allMatches(Query.named(ApplicationUser.class, "find").withParameter("regex", String.format("(?i).*%s.*", str.replace("*", ".*").replace("?", ".")))).stream().collect(_Sets.toUnmodifiableSorted());
    }

    public Collection<ApplicationUser> findByAtPath(String str) {
        return (Collection) this.repository.allMatches(Query.named(ApplicationUser.class, "findByAtPath").withParameter("atPath", str)).stream().collect(_Sets.toUnmodifiableSorted());
    }

    public Collection<ApplicationUser> findByRole(ApplicationRole applicationRole) {
        return (Collection) _NullSafe.stream(((org.apache.isis.extensions.secman.jdo.dom.role.ApplicationRole) _Casts.uncheckedCast(applicationRole)).getUsers()).collect(_Sets.toUnmodifiableSorted());
    }

    public Collection<ApplicationUser> findByTenancy(@NonNull ApplicationTenancy applicationTenancy) {
        if (applicationTenancy == null) {
            throw new NullPointerException("genericTenancy is marked non-null but is null");
        }
        return (Collection) findByAtPath(applicationTenancy.getPath()).stream().collect(_Sets.toUnmodifiableSorted());
    }

    public Collection<ApplicationUser> allUsers() {
        return (Collection) this.repository.allInstances(ApplicationUser.class).stream().collect(_Sets.toUnmodifiableSorted());
    }

    public Collection<ApplicationUser> findMatching(String str) {
        return (str == null || str.length() <= 0) ? Collections.emptySortedSet() : find(str);
    }

    public void enable(org.apache.isis.extensions.secman.api.user.ApplicationUser applicationUser) {
        if (applicationUser.getStatus() != ApplicationUserStatus.ENABLED) {
            ((ApplicationUser_unlock) this.factoryService.mixin(ApplicationUser_unlock.class, applicationUser)).act();
        }
    }

    public void disable(org.apache.isis.extensions.secman.api.user.ApplicationUser applicationUser) {
        if (applicationUser.getStatus() != ApplicationUserStatus.DISABLED) {
            ((ApplicationUser_lock) this.factoryService.mixin(ApplicationUser_lock.class, applicationUser)).act();
        }
    }

    public boolean isAdminUser(org.apache.isis.extensions.secman.api.user.ApplicationUser applicationUser) {
        return this.configBean.getAdminUserName().equals(applicationUser.getName());
    }

    public ApplicationUser newUser(@NonNull String str, @Nullable AccountType accountType, Consumer<ApplicationUser> consumer) {
        if (str == null) {
            throw new NullPointerException("username is marked non-null but is null");
        }
        ApplicationUser m20newApplicationUser = m20newApplicationUser();
        m20newApplicationUser.setUsername(str);
        m20newApplicationUser.setAccountType(accountType);
        consumer.accept(m20newApplicationUser);
        if (!m20newApplicationUser.getAccountType().equals(AccountType.LOCAL)) {
            m20newApplicationUser.setStatus(this.configBean.isAutoEnableIfDelegatedAndAuthenticated() ? ApplicationUserStatus.ENABLED : ApplicationUserStatus.DISABLED);
        }
        this.repository.persistAndFlush(m20newApplicationUser);
        this.eventBusService.post(UserCreatedEvent.of(m20newApplicationUser));
        return m20newApplicationUser;
    }

    public boolean updatePassword(org.apache.isis.extensions.secman.api.user.ApplicationUser applicationUser, String str) {
        if (!isPasswordFeatureEnabled(applicationUser)) {
            return false;
        }
        applicationUser.setEncryptedPassword(this.passwordEncryptionService.orElseThrow(_Exceptions::unexpectedCodeReach).encrypt(str));
        this.repository.persistAndFlush(applicationUser);
        return true;
    }

    public boolean isPasswordFeatureEnabled(org.apache.isis.extensions.secman.api.user.ApplicationUser applicationUser) {
        return applicationUser.isLocalAccount() && this.passwordEncryptionService != null && this.passwordEncryptionService.isPresent();
    }

    /* renamed from: newUser, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ org.apache.isis.extensions.secman.api.user.ApplicationUser m18newUser(@NonNull String str, @Nullable AccountType accountType, Consumer consumer) {
        return newUser(str, accountType, (Consumer<ApplicationUser>) consumer);
    }
}
