package info.magnolia.cms.security;

import info.magnolia.cms.beans.config.ContentRepository;
import info.magnolia.cms.core.Content;
import info.magnolia.cms.core.HierarchyManager;
import info.magnolia.cms.core.ItemType;
import info.magnolia.cms.core.MetaData;
import info.magnolia.cms.core.Path;
import info.magnolia.cms.core.search.Query;
import info.magnolia.cms.i18n.MessagesManager;
import info.magnolia.cms.security.auth.Entity;
import info.magnolia.context.MgnlContext;
import info.magnolia.importexport.DataTransporter;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import javax.jcr.PathNotFoundException;
import javax.jcr.RepositoryException;
import javax.security.auth.Subject;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:info/magnolia/cms/security/MgnlUserManager.class */
public class MgnlUserManager implements UserManager {
    private static final Logger log = LoggerFactory.getLogger(MgnlUserManager.class);
    public static final String PROPERTY_EMAIL = "email";
    public static final String PROPERTY_LANGUAGE = "language";
    public static final String PROPERTY_LASTACCESS = "lastaccess";
    public static final String PROPERTY_PASSWORD = "pswd";
    public static final String PROPERTY_TITLE = "title";
    public static final String NODE_ACLUSERS = "acl_users";
    private String realmName;
    private int maxFailedLoginAttempts;
    private long lockTimePeriod;

    public String getName() {
        return getRealmName();
    }

    public void setName(String str) {
        this.realmName = str;
    }

    public String getRealmName() {
        return this.realmName;
    }

    @Override // info.magnolia.cms.security.UserManager
    public void setMaxFailedLoginAttempts(int i) {
        this.maxFailedLoginAttempts = i;
    }

    @Override // info.magnolia.cms.security.UserManager
    public int getMaxFailedLoginAttempts() {
        return this.maxFailedLoginAttempts;
    }

    @Override // info.magnolia.cms.security.UserManager
    public void setLockTimePeriod(long j) {
        this.lockTimePeriod = j;
    }

    @Override // info.magnolia.cms.security.UserManager
    public long getLockTimePeriod() {
        return this.lockTimePeriod;
    }

    @Override // info.magnolia.cms.security.UserManager
    public User getUser(String str) {
        try {
            return getFromRepository(str);
        } catch (RepositoryException e) {
            log.info("Unable to load user [\"{} \"] due to: ", str, e);
            return null;
        }
    }

    @Override // info.magnolia.cms.security.UserManager
    public User getUser(Subject subject) throws UnsupportedOperationException {
        if (subject == null) {
            log.debug("subject not set.");
            return new DummyUser();
        }
        Iterator it = subject.getPrincipals(Entity.class).iterator();
        if (!it.hasNext()) {
            log.debug("user name not contained in principal set.");
            return new DummyUser();
        }
        String str = (String) ((Entity) it.next()).getProperty("name");
        try {
            return getFromRepository(str);
        } catch (PathNotFoundException e) {
            log.error("user not registered in magnolia itself [\"{}\"]", str);
            return new DummyUser();
        } catch (Exception e2) {
            log.error("can't get jcr-node of current user", e2);
            return new DummyUser();
        }
    }

    protected User getFromRepository(String str) throws RepositoryException {
        Content findUserNode = findUserNode(this.realmName, str);
        if (findUserNode != null) {
            return newUserInstance(findUserNode);
        }
        log.debug("User not found: [{}]", str);
        return null;
    }

    protected Content findUserNode(String str, String str2) throws RepositoryException {
        String str3 = ("where jcr:path = '/" + str + DataTransporter.SLASH + str2 + "'") + " or jcr:path like '/" + str + "/%/" + str2 + "'";
        if ("all".equals(str)) {
            str3 = "where jcr:path like '%/" + str2 + "'";
        }
        Collection<Content> content = getHierarchyManager().getQueryManager().createQuery("select * from " + ItemType.USER + " " + str3, Query.SQL).execute().getContent(ItemType.USER.getSystemName());
        if (content.size() == 1) {
            return content.iterator().next();
        }
        if (content.size() <= 1) {
            return null;
        }
        log.error("More than one user found with name [{}] in realm [{}]", str2, str);
        return null;
    }

    @Override // info.magnolia.cms.security.UserManager
    public User getSystemUser() throws UnsupportedOperationException {
        throw new UnsupportedOperationException();
    }

    @Override // info.magnolia.cms.security.UserManager
    public User getAnonymousUser() throws UnsupportedOperationException {
        throw new UnsupportedOperationException();
    }

    @Override // info.magnolia.cms.security.UserManager
    public Collection<User> getAllUsers() {
        ArrayList arrayList = new ArrayList();
        try {
            updateUserListWithAllChildren(getHierarchyManager().getRoot().getContent(getRealmName()), arrayList);
        } catch (Exception e) {
            log.error("can't find user");
        }
        return arrayList;
    }

    public void updateUserListWithAllChildren(Content content, Collection<User> collection) {
        Collection<Content> children = content.getChildren(ItemType.USER);
        Collection<Content> children2 = content.getChildren(ItemType.NT_FOLDER);
        if (!children.isEmpty()) {
            Iterator<Content> it = children.iterator();
            while (it.hasNext()) {
                collection.add(newUserInstance(it.next()));
            }
        }
        if (children2.isEmpty()) {
            return;
        }
        Iterator<Content> it2 = children2.iterator();
        while (it2.hasNext()) {
            updateUserListWithAllChildren(it2.next(), collection);
        }
    }

    @Override // info.magnolia.cms.security.UserManager
    public User createUser(String str, String str2) {
        return createUser(null, str, str2);
    }

    @Override // info.magnolia.cms.security.UserManager
    public User createUser(String str, String str2, String str3) {
        validateUsername(str2);
        try {
            Content createUserNode = createUserNode(str, str2);
            createUserNode.createNodeData("name").setValue(str2);
            setPasswordProperty(createUserNode, str3);
            createUserNode.createNodeData("language").setValue(MessagesManager.FALLBACK_LOCALE);
            String handle = createUserNode.getHandle();
            Content createContent = createUserNode.createContent(NODE_ACLUSERS, ItemType.CONTENTNODE);
            Content createContent2 = createContent.createContent(Path.getUniqueLabel(createContent.getHierarchyManager(), createContent.getHandle(), "0"), ItemType.CONTENTNODE);
            createContent2.setNodeData("path", handle);
            createContent2.setNodeData("permissions", new Long(8L));
            addWrite(handle, "email", createContent);
            addWrite(handle, "language", createContent);
            addWrite(handle, PROPERTY_LASTACCESS, createContent);
            addWrite(handle, PROPERTY_PASSWORD, createContent);
            addWrite(handle, "title", createContent);
            addWrite(handle, MetaData.DEFAULT_META_NODE, createContent);
            if (getRealmName().equals(Realm.REALM_ADMIN)) {
                for (String str4 : new String[]{"acl_website", "acl_dms", "acl_data"}) {
                    Content createContent3 = createUserNode.createContent(str4, ItemType.CONTENTNODE.getSystemName());
                    Content createContent4 = createContent3.createContent("0", ItemType.CONTENTNODE.getSystemName());
                    createContent4.setNodeData("permissions", 8L);
                    createContent4.setNodeData("path", "/jcr:system");
                    Content createContent5 = createContent3.createContent("00", ItemType.CONTENTNODE.getSystemName());
                    createContent5.setNodeData("permissions", 8L);
                    createContent5.setNodeData("path", "/jcr:system/*");
                }
            }
            getHierarchyManager().save();
            return newUserInstance(createUserNode);
        } catch (Exception e) {
            log.info("can't create user [" + str2 + "]", e);
            return null;
        }
    }

    @Override // info.magnolia.cms.security.UserManager
    public void changePassword(User user, String str) {
        Content userNode = ((MgnlUser) user).getUserNode();
        try {
            setPasswordProperty(userNode, str);
            userNode.save();
        } catch (RepositoryException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    protected void setPasswordProperty(Content content, String str) throws RepositoryException {
        content.createNodeData(PROPERTY_PASSWORD).setValue(encodePassword(str));
    }

    protected String encodePassword(String str) {
        return new String(Base64.encodeBase64(str.getBytes()));
    }

    protected void validateUsername(String str) {
        if (StringUtils.isBlank(str)) {
            throw new IllegalArgumentException(str + " is not a valid username.");
        }
        if (Security.getUserManager().getUser(str) != null) {
            throw new IllegalArgumentException("User with name " + str + " already exists.");
        }
    }

    protected Content createUserNode(String str, String str2) throws RepositoryException {
        return getHierarchyManager().createContent(str == null ? DataTransporter.SLASH + getRealmName() : str, str2, ItemType.USER.getSystemName());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public HierarchyManager getHierarchyManager() {
        return MgnlContext.getSystemContext().getHierarchyManager(ContentRepository.USERS);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public MgnlUser userInstance(Content content) {
        return new MgnlUser(content);
    }

    protected User newUserInstance(Content content) {
        return userInstance(content);
    }

    private Content addWrite(String str, String str2, Content content) throws PathNotFoundException, RepositoryException, AccessDeniedException {
        Content createContent = content.createContent(Path.getUniqueLabel(content.getHierarchyManager(), content.getHandle(), "0"), ItemType.CONTENTNODE);
        createContent.setNodeData("path", str + DataTransporter.SLASH + str2);
        createContent.setNodeData("permissions", new Long(63L));
        return createContent;
    }
}
