package org.squashtest.csp.tm.internal.service;

import javax.inject.Inject;
import org.springframework.osgi.extensions.annotation.ServiceReference;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.squashtest.csp.core.service.security.UserAuthenticationService;
import org.squashtest.csp.core.service.security.UserContextService;
import org.squashtest.csp.tm.domain.UnauthorizedPasswordChange;
import org.squashtest.csp.tm.domain.WrongPasswordException;
import org.squashtest.csp.tm.domain.users.User;
import org.squashtest.csp.tm.internal.repository.UserDao;
import org.squashtest.csp.tm.internal.repository.UsersGroupDao;
import org.squashtest.csp.tm.service.UserAccountService;

@Transactional
@Service("squashtest.tm.service.UserAccountService")
/* loaded from: input_file:org/squashtest/csp/tm/internal/service/UserAccountServiceImpl.class */
public class UserAccountServiceImpl implements UserAccountService {

    @Inject
    private UserDao userDao;

    @Inject
    private UsersGroupDao groupDao;
    private UserContextService userContextService;
    private UserAuthenticationService authService;

    @ServiceReference
    public void setUserContextService(UserContextService userContextService) {
        this.userContextService = userContextService;
    }

    @ServiceReference
    public void setUserAuthenticationService(UserAuthenticationService userAuthenticationService) {
        this.authService = userAuthenticationService;
    }

    @Override // org.squashtest.csp.tm.service.UserAccountService
    public void modifyUserFirstName(long j, String str) {
        User findById = this.userDao.findById(j);
        checkPermissions(findById);
        findById.setFirstName(str);
    }

    @Override // org.squashtest.csp.tm.service.UserAccountService
    public void modifyUserLastName(long j, String str) {
        User findById = this.userDao.findById(j);
        checkPermissions(findById);
        findById.setLastName(str);
    }

    @Override // org.squashtest.csp.tm.service.UserAccountService
    public void modifyUserLogin(long j, String str) {
        User findById = this.userDao.findById(j);
        checkPermissions(findById);
        findById.setLogin(str);
    }

    @Override // org.squashtest.csp.tm.service.UserAccountService
    public void modifyUserEmail(long j, String str) {
        User findById = this.userDao.findById(j);
        checkPermissions(findById);
        findById.setEmail(str);
    }

    @Override // org.squashtest.csp.tm.service.UserAccountService
    public User findCurrentUser() {
        return this.userDao.findUserByLogin(this.userContextService.getUsername());
    }

    @Override // org.squashtest.csp.tm.service.UserAccountService
    public void setCurrentUserEmail(String str) {
        this.userDao.findUserByLogin(this.userContextService.getUsername()).setEmail(str);
    }

    @Override // org.squashtest.csp.tm.service.UserAccountService
    public void setCurrentUserPassword(String str, String str2) {
        if (!this.authService.canModifyUser()) {
            throw new UnauthorizedPasswordChange("The authentication service do not allow users to change their passwords using Squash");
        }
        try {
            this.authService.setUserPassword(this.userContextService.getUsername(), str, str2);
        } catch (BadCredentialsException unused) {
            throw new WrongPasswordException("wrong password");
        }
    }

    private void checkPermissions(User user) {
        if (!user.getLogin().equals(this.userContextService.getUsername()) && !this.userContextService.hasRole("ROLE_ADMIN")) {
            throw new AccessDeniedException("Access is denied");
        }
    }
}
