package org.squashtest.tm.service.internal.security;

import java.util.Collection;
import java.util.HashSet;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.commons.lang3.StringUtils;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;
import org.squashtest.tm.core.foundation.logger.Logger;
import org.squashtest.tm.core.foundation.logger.LoggerFactory;
import org.squashtest.tm.domain.UnauthorizedPasswordChange;
import org.squashtest.tm.security.UserContextHolder;
import org.squashtest.tm.service.security.AdministratorAuthenticationService;

@Component("squashtest.core.security.AdministratorAuthenticationService")
/* loaded from: input_file:WEB-INF/lib/tm.service-9.0.0.RC3.jar:org/squashtest/tm/service/internal/security/AdministratorAuthenticationServiceImpl.class */
public class AdministratorAuthenticationServiceImpl implements AdministratorAuthenticationService {
    private static final Logger LOGGER = LoggerFactory.getLogger(AdministratorAuthenticationServiceImpl.class);

    @Inject
    @Named("squashtest.core.security.JdbcUserDetailsManager")
    private SquashUserDetailsManager userManager;

    @Inject
    @Lazy
    private PasswordEncoder encoder;

    @Inject
    @Lazy
    private AuthenticationProviderContext authenticationProviderContext;

    public void setUserDetailsManager(SquashUserDetailsManager squashUserDetailsManager) {
        this.userManager = squashUserDetailsManager;
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.encoder = passwordEncoder;
    }

    @Override // org.squashtest.tm.service.security.UserAuthenticationService
    public boolean canModifyUser() {
        return this.authenticationProviderContext.isInternalProviderEnabled();
    }

    @Override // org.squashtest.tm.service.security.UserAuthenticationService
    public void changeAuthenticatedUserPassword(String str, String str2) {
        this.userManager.changePassword(str, encode(str2));
    }

    @Override // org.squashtest.tm.service.security.UserAuthenticationService
    public boolean hasAuthenticatedUserLocalPassword() {
        return !StringUtils.isBlank(this.userManager.loadUserByUsername(UserContextHolder.getUsername()).getPassword());
    }

    private String encode(String str) {
        return this.encoder.encode(str);
    }

    @Override // org.squashtest.tm.service.security.AdministratorAuthenticationService
    public void createNewUserPassword(String str, String str2, boolean z, boolean z2, boolean z3, boolean z4, Collection<GrantedAuthority> collection) {
        this.userManager.createUser(new User(str, encode(str2), z, z2, z3, z4, collection));
    }

    @Override // org.squashtest.tm.service.security.UserAuthenticationService
    public void resetAuthenticatedUserPassword(String str) {
        resetUserPassword(UserContextHolder.getUsername(), str);
    }

    @Override // org.squashtest.tm.service.security.AdministratorAuthenticationService
    public void resetUserPassword(String str, String str2) {
        if (!canModifyUser()) {
            throw new UnauthorizedPasswordChange("The authentication service do not allow users to change their passwords using Squash");
        }
        User user = new User(str, encode(str2), this.userManager.loadUserByUsername(str).isEnabled(), true, true, true, new HashSet());
        LOGGER.debug("reset password for user {}", str);
        this.userManager.updateUser(user);
    }

    @Override // org.squashtest.tm.service.security.UserAuthenticationService
    public void changeUserlogin(String str, String str2) {
        this.userManager.changeUserLogin(str, str2);
    }

    @Override // org.squashtest.tm.service.security.AdministratorAuthenticationService
    public void deactivateAccount(String str) {
        if (!this.userManager.userExists(str)) {
            LOGGER.trace("User {} has no authentidation data, it can't be deactivated", str);
            return;
        }
        UserDetails loadUserByUsername = this.userManager.loadUserByUsername(str);
        User user = new User(str, loadUserByUsername.getPassword(), false, loadUserByUsername.isAccountNonExpired(), loadUserByUsername.isCredentialsNonExpired(), loadUserByUsername.isAccountNonLocked(), new HashSet());
        LOGGER.debug("Deactivate account for user {}", str);
        this.userManager.updateUser(user);
    }

    @Override // org.squashtest.tm.service.security.AdministratorAuthenticationService
    public void activateAccount(String str) {
        if (!this.userManager.userExists(str)) {
            LOGGER.trace("User {} has no authentidation data, it can't be activated", str);
            return;
        }
        UserDetails loadUserByUsername = this.userManager.loadUserByUsername(str);
        User user = new User(str, loadUserByUsername.getPassword(), true, loadUserByUsername.isAccountNonExpired(), loadUserByUsername.isCredentialsNonExpired(), loadUserByUsername.isAccountNonLocked(), new HashSet());
        LOGGER.debug("Activating account for user {}", str);
        this.userManager.updateUser(user);
    }

    @Override // org.squashtest.tm.service.security.AdministratorAuthenticationService
    public void deleteAccount(String str) {
        if (this.userManager.userExists(str)) {
            this.userManager.deleteUser(str);
        } else {
            LOGGER.trace("User {} has no authentidation data, it can't be deleted", str);
        }
    }

    @Override // org.squashtest.tm.service.security.AdministratorAuthenticationService
    public boolean userExists(String str) {
        return this.userManager.userExists(str);
    }

    @Override // org.squashtest.tm.service.security.AdministratorAuthenticationService
    public void createUser(UserDetails userDetails) {
        this.userManager.createUser(UserBuilder.duplicate(userDetails).password(encode(userDetails.getPassword())).build());
    }
}
