package de.adorsys.ledgers.middleware.impl.service;

import de.adorsys.ledgers.deposit.api.domain.DepositAccountDetailsBO;
import de.adorsys.ledgers.deposit.api.service.DepositAccountService;
import de.adorsys.ledgers.middleware.api.domain.account.AccountReferenceTO;
import de.adorsys.ledgers.middleware.api.domain.sca.ScaInfoTO;
import de.adorsys.ledgers.middleware.api.domain.um.AccountAccessTO;
import de.adorsys.ledgers.middleware.api.domain.um.ScaUserDataTO;
import de.adorsys.ledgers.middleware.api.domain.um.UserRoleTO;
import de.adorsys.ledgers.middleware.api.domain.um.UserTO;
import de.adorsys.ledgers.middleware.api.exception.MiddlewareErrorCode;
import de.adorsys.ledgers.middleware.api.exception.MiddlewareModuleException;
import de.adorsys.ledgers.middleware.api.service.MiddlewareUserManagementService;
import de.adorsys.ledgers.middleware.impl.converter.PageMapper;
import de.adorsys.ledgers.middleware.impl.converter.UserMapper;
import de.adorsys.ledgers.um.api.domain.AccountAccessBO;
import de.adorsys.ledgers.um.api.domain.UserBO;
import de.adorsys.ledgers.um.api.service.UserService;
import de.adorsys.ledgers.util.domain.CustomPageImpl;
import de.adorsys.ledgers.util.domain.CustomPageableImpl;
import java.time.LocalDateTime;
import java.util.List;
import java.util.Optional;
import org.apache.commons.collections4.CollectionUtils;
import org.mapstruct.factory.Mappers;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageRequest;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Transactional
@Service
/* loaded from: input_file:de/adorsys/ledgers/middleware/impl/service/MiddlewareUserManagementServiceImpl.class */
public class MiddlewareUserManagementServiceImpl implements MiddlewareUserManagementService {
    private static final Logger log = LoggerFactory.getLogger(MiddlewareUserManagementServiceImpl.class);
    private static final int NANO_TO_SECOND = 1000000000;
    private final UserService userService;
    private final DepositAccountService depositAccountService;
    private final AccessService accessService;
    private final UserMapper userTOMapper = (UserMapper) Mappers.getMapper(UserMapper.class);
    private final PageMapper pageMapper;

    @Value("${sca.multilevel.enabled:false}")
    private boolean multilevelScaEnable;

    public UserTO create(UserTO userTO) {
        return this.userTOMapper.toUserTO(this.userService.create(this.userTOMapper.toUserBO(userTO)));
    }

    public UserTO findById(String str) {
        return this.userTOMapper.toUserTO(this.userService.findById(str));
    }

    public UserTO findByUserLogin(String str) {
        return this.userTOMapper.toUserTO(this.userService.findByLogin(str));
    }

    public UserTO updateScaData(String str, List<ScaUserDataTO> list) {
        return this.userTOMapper.toUserTO(this.userService.updateScaData(this.userTOMapper.toScaUserDataListBO(list), str));
    }

    public void updateAccountAccess(ScaInfoTO scaInfoTO, String str, AccountAccessTO accountAccessTO) {
        DepositAccountDetailsBO accountDetailsByIbanAndCurrency = this.depositAccountService.getAccountDetailsByIbanAndCurrency(accountAccessTO.getIban(), accountAccessTO.getCurrency(), LocalDateTime.now(), false);
        if (!accountDetailsByIbanAndCurrency.isEnabled()) {
            throw MiddlewareModuleException.builder().errorCode(MiddlewareErrorCode.PAYMENT_PROCESSING_FAILURE).devMsg(String.format("Operation is Rejected as account: %s is %s", accountDetailsByIbanAndCurrency.getAccount().getIban(), accountDetailsByIbanAndCurrency.getAccount().getAccountStatus())).build();
        }
        UserTO findById = findById(scaInfoTO.getUserId());
        if (!this.accessService.userHasAccessToAccount(findById, accountAccessTO.getIban())) {
            log.error("Branch: {} has no access to account: {}", findById.getLogin(), accountAccessTO.getIban());
            throw MiddlewareModuleException.builder().errorCode(MiddlewareErrorCode.INSUFFICIENT_PERMISSION).devMsg(String.format("Current Branch does have no access to the requested account: %s", accountAccessTO.getIban())).build();
        }
        UserTO findById2 = findById(str);
        if (findById.getBranch().equals(findById2.getBranch())) {
            this.accessService.updateAccountAccess(this.userTOMapper.toUserBO(findById2), this.userTOMapper.toAccountAccessBO(accountAccessTO));
        } else {
            log.error("User id: {} with Branch: {} is not from branch: {}", new Object[]{findById2.getId(), findById2.getBranch(), findById.getLogin()});
            throw MiddlewareModuleException.builder().errorCode(MiddlewareErrorCode.INSUFFICIENT_PERMISSION).devMsg(String.format("Requested user: %s is not a part of the branch: %s", findById2.getLogin(), scaInfoTO.getUserLogin())).build();
        }
    }

    public List<UserTO> listUsers(int i, int i2) {
        long nanoTime = System.nanoTime();
        List<UserTO> userTOList = this.userTOMapper.toUserTOList(this.userService.listUsers(i, i2));
        log.info("Retrieving: {} users in {} seconds", Integer.valueOf(userTOList.size()), Double.valueOf((System.nanoTime() - nanoTime) / 1.0E9d));
        return userTOList;
    }

    public CustomPageImpl<UserTO> getUsersByBranchAndRoles(String str, List<UserRoleTO> list, String str2, CustomPageableImpl customPageableImpl) {
        PageMapper pageMapper = this.pageMapper;
        Page findByBranchAndUserRolesIn = this.userService.findByBranchAndUserRolesIn(str, this.userTOMapper.toUserRoleBO(list), str2, PageRequest.of(customPageableImpl.getPage(), customPageableImpl.getSize()));
        UserMapper userMapper = this.userTOMapper;
        userMapper.getClass();
        return pageMapper.toCustomPageImpl(findByBranchAndUserRolesIn.map(userMapper::toUserTO));
    }

    public int countUsersByBranch(String str) {
        return this.userService.countUsersByBranch(str);
    }

    public UserTO updateUser(String str, UserTO userTO) {
        if (!this.userService.findById((String) Optional.ofNullable(userTO.getId()).orElseThrow(() -> {
            return MiddlewareModuleException.builder().errorCode(MiddlewareErrorCode.REQUEST_VALIDATION_FAILURE).devMsg("User id is not present in request!").build();
        })).getBranch().equals(str)) {
            throw MiddlewareModuleException.builder().errorCode(MiddlewareErrorCode.INSUFFICIENT_PERMISSION).devMsg("User doesn't belong to your branch!").build();
        }
        return this.userTOMapper.toUserTO(this.userService.updateUser(this.userTOMapper.toUserBO(userTO)));
    }

    public boolean checkMultilevelScaRequired(String str, String str2) {
        if (!this.multilevelScaEnable) {
            return false;
        }
        UserBO findByLogin = this.userService.findByLogin(str);
        if (findByLogin.hasAccessToAccount(str2)) {
            return this.accessService.resolveScaWeightByDebtorAccount(findByLogin.getAccountAccesses(), str2) < 100;
        }
        throw MiddlewareModuleException.builder().errorCode(MiddlewareErrorCode.INSUFFICIENT_PERMISSION).devMsg("User doesn't have access to the requested account").build();
    }

    public boolean checkMultilevelScaRequired(String str, List<AccountReferenceTO> list) {
        if (!this.multilevelScaEnable) {
            return false;
        }
        UserBO findByLogin = this.userService.findByLogin(str);
        if (CollectionUtils.isEmpty(list)) {
            return findByLogin.getAccountAccesses().stream().anyMatch(accountAccessBO -> {
                return accountAccessBO.getScaWeight() < 100;
            });
        }
        if (list.stream().allMatch(accountReferenceTO -> {
            return ((Boolean) Optional.ofNullable(accountReferenceTO.getCurrency()).map(currency -> {
                return Boolean.valueOf(findByLogin.hasAccessToAccount(accountReferenceTO.getIban(), currency));
            }).orElse(Boolean.valueOf(findByLogin.hasAccessToAccount(accountReferenceTO.getIban())))).booleanValue();
        })) {
            return findByLogin.getAccountAccesses().stream().filter(accountAccessBO2 -> {
                return contained(accountAccessBO2, list);
            }).anyMatch(accountAccessBO3 -> {
                return accountAccessBO3.getScaWeight() < 100;
            });
        }
        throw MiddlewareModuleException.builder().errorCode(MiddlewareErrorCode.INSUFFICIENT_PERMISSION).devMsg("User doesn't have access to the requested account").build();
    }

    private boolean contained(AccountAccessBO accountAccessBO, List<AccountReferenceTO> list) {
        return list.stream().anyMatch(accountReferenceTO -> {
            return ((Boolean) Optional.ofNullable(accountReferenceTO.getCurrency()).map(currency -> {
                return Boolean.valueOf(accountAccessBO.getCurrency().equals(currency) && accountAccessBO.getIban().equalsIgnoreCase(accountReferenceTO.getIban()));
            }).orElse(Boolean.valueOf(accountAccessBO.getIban().equalsIgnoreCase(accountReferenceTO.getIban())))).booleanValue();
        });
    }

    public MiddlewareUserManagementServiceImpl(UserService userService, DepositAccountService depositAccountService, AccessService accessService, PageMapper pageMapper) {
        this.userService = userService;
        this.depositAccountService = depositAccountService;
        this.accessService = accessService;
        this.pageMapper = pageMapper;
    }
}
