package com.dotcms.rest.api.v1.user;

import com.dotcms.api.system.user.UserService;
import com.dotcms.api.system.user.UserServiceFactory;
import com.dotcms.cms.login.LoginServiceAPI;
import com.dotcms.repackage.com.google.common.annotations.VisibleForTesting;
import com.dotcms.rest.ResponseEntityView;
import com.dotcms.rest.api.v1.authentication.IncorrectPasswordException;
import com.dotcms.util.CollectionsUtils;
import com.dotcms.util.SecurityUtils;
import com.dotmarketing.beans.Host;
import com.dotmarketing.business.APILocator;
import com.dotmarketing.business.Layout;
import com.dotmarketing.business.LayoutAPI;
import com.dotmarketing.business.NoSuchUserException;
import com.dotmarketing.business.PermissionAPI;
import com.dotmarketing.business.RoleAPI;
import com.dotmarketing.business.UserAPI;
import com.dotmarketing.business.UserProxyAPI;
import com.dotmarketing.business.web.HostWebAPI;
import com.dotmarketing.business.web.UserWebAPI;
import com.dotmarketing.business.web.WebAPILocator;
import com.dotmarketing.cms.login.factories.LoginFactory;
import com.dotmarketing.exception.DotDataException;
import com.dotmarketing.exception.DotSecurityException;
import com.dotmarketing.util.ActivityLogger;
import com.dotmarketing.util.AdminLogger;
import com.dotmarketing.util.UtilMethods;
import com.liferay.portal.PortalException;
import com.liferay.portal.SystemException;
import com.liferay.portal.language.LanguageUtil;
import com.liferay.portal.model.User;
import com.liferay.portal.util.WebKeys;
import com.liferay.util.StringPool;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/dotcms/rest/api/v1/user/UserResourceHelper.class */
public class UserResourceHelper implements Serializable {
    private final UserService userService;
    private final RoleAPI roleAPI;
    private final UserAPI userAPI;
    private final LayoutAPI layoutAPI;
    private final HostWebAPI hostWebAPI;
    private final UserWebAPI userWebAPI;
    private final PermissionAPI permissionAPI;
    private final UserProxyAPI userProxyAPI;
    private final LoginServiceAPI loginService;

    /* loaded from: input_file:com/dotcms/rest/api/v1/user/UserResourceHelper$SingletonHolder.class */
    private static class SingletonHolder {
        private static final UserResourceHelper INSTANCE = new UserResourceHelper();

        private SingletonHolder() {
        }
    }

    @VisibleForTesting
    public UserResourceHelper(UserService userService, RoleAPI roleAPI, UserAPI userAPI, LayoutAPI layoutAPI, HostWebAPI hostWebAPI, UserWebAPI userWebAPI, PermissionAPI permissionAPI, UserProxyAPI userProxyAPI, LoginServiceAPI loginServiceAPI) {
        this.userService = userService;
        this.roleAPI = roleAPI;
        this.userAPI = userAPI;
        this.layoutAPI = layoutAPI;
        this.hostWebAPI = hostWebAPI;
        this.userWebAPI = userWebAPI;
        this.permissionAPI = permissionAPI;
        this.userProxyAPI = userProxyAPI;
        this.loginService = loginServiceAPI;
    }

    public static UserResourceHelper getInstance() {
        return SingletonHolder.INSTANCE;
    }

    private UserResourceHelper() {
        this.userService = UserServiceFactory.getInstance().getUserService();
        this.roleAPI = APILocator.getRoleAPI();
        this.userAPI = APILocator.getUserAPI();
        this.layoutAPI = APILocator.getLayoutAPI();
        this.hostWebAPI = WebAPILocator.getHostWebAPI();
        this.userWebAPI = WebAPILocator.getUserWebAPI();
        this.permissionAPI = APILocator.getPermissionAPI();
        this.userProxyAPI = APILocator.getUserProxyAPI();
        this.loginService = APILocator.getLoginServiceAPI();
    }

    public void log(String str, String str2) {
        ActivityLogger.logInfo(UserResource.class, str, str2);
        AdminLogger.log(UserResource.class, str, str2);
    }

    public Map<String, Object> getUserList(String str, String str2, Map<String, String> map) throws Exception {
        return this.userService.getUsersList(str, str2, map);
    }

    public Map<String, Object> doLoginAs(User user, String str, String str2, String str3) throws DotDataException, NoSuchUserException, DotSecurityException {
        Host findDefaultHost;
        if (!UtilMethods.isSet(str)) {
            throw new DotDataException("The 'Login As' user ID is required.", "loginas.error.requireduserid", new Object[0]);
        }
        if (str.equalsIgnoreCase(user.getUserId())) {
            throw new DotDataException("Current user [" + user.getUserId() + "] trying to log in as himself.", "loginas.error.selfloginas", new Object[0]);
        }
        if (!this.roleAPI.doesUserHaveRole(user, this.roleAPI.findRoleByFQN("System --> Login As"))) {
            SecurityUtils.delayRequest(10L, SecurityUtils.DelayStrategy.TIME_SEC);
            throw new DotDataException("Current user [" + user.getUserId() + "] does not have the proper 'Login As' role.", "loginas.error.missingloginasrole", new Object[0]);
        }
        User systemUser = this.userAPI.getSystemUser();
        User loadUserById = this.userAPI.loadUserById(str, systemUser, false);
        List<Layout> loadLayoutsForUser = this.layoutAPI.loadLayoutsForUser(loadUserById);
        if (loadLayoutsForUser == null || loadLayoutsForUser.size() == 0 || !UtilMethods.isSet(loadLayoutsForUser.get(0).getId())) {
            throw new DotDataException("User [" + loadUserById.getUserId() + "] does not have any layouts.", "loginas.error.nolayouts", new Object[0]);
        }
        if (this.roleAPI.doesUserHaveRole(loadUserById, this.roleAPI.findRoleByFQN("System --> Administrator")) || this.roleAPI.doesUserHaveRole(loadUserById, APILocator.getRoleAPI().loadCMSAdminRole())) {
            if (!UtilMethods.isSet(str2)) {
                throw new DotDataException("The 'Login As' user password is required.", "loginas.error.missingloginaspwd", new Object[0]);
            }
            if (!LoginFactory.passwordMatch(str2, user)) {
                throw new DotDataException("The 'Login As' user password is invalid.", "loginas.error.invalidloginascredentials", new Object[0]);
            }
        }
        if (UtilMethods.isSet(str3)) {
            findDefaultHost = this.hostWebAPI.findByName(str3, systemUser, false);
            if (findDefaultHost == null) {
                findDefaultHost = this.hostWebAPI.findByAlias(str3, systemUser, false);
            }
            if (findDefaultHost == null) {
                findDefaultHost = this.hostWebAPI.findDefaultHost(systemUser, false);
            }
        } else {
            findDefaultHost = this.hostWebAPI.findDefaultHost(systemUser, false);
        }
        return CollectionsUtils.map(WebKeys.PRINCIPAL_USER_ID, user.getUserId(), WebKeys.USER_ID, str, com.dotmarketing.util.WebKeys.CURRENT_HOST, findDefaultHost);
    }

    public Map<String, Object> doLogoutAs(String str, User user, String str2) throws DotDataException, DotSecurityException {
        Host findDefaultHost;
        if (!UtilMethods.isSet(str)) {
            throw new DotDataException("Current user [" + user.getUserId() + "] is not logged in as a different user.");
        }
        User systemUser = this.userAPI.getSystemUser();
        if (UtilMethods.isSet(str2)) {
            findDefaultHost = this.hostWebAPI.findByName(str2, systemUser, false);
            if (findDefaultHost == null) {
                findDefaultHost = this.hostWebAPI.findByAlias(str2, systemUser, false);
            }
            if (findDefaultHost == null) {
                findDefaultHost = this.hostWebAPI.findDefaultHost(systemUser, false);
            }
        } else {
            findDefaultHost = this.hostWebAPI.findDefaultHost(systemUser, false);
        }
        return CollectionsUtils.map(com.dotmarketing.util.WebKeys.CURRENT_HOST, findDefaultHost);
    }

    public ResponseEntityView getLoginAsUsers(User user, String str, boolean z) throws Exception {
        List<User> usersByName = this.userAPI.getUsersByName(str, 1, 100, user, false);
        ArrayList arrayList = new ArrayList();
        List<String> list = CollectionsUtils.list(this.roleAPI.loadRoleByKey("Administrator").getId(), this.roleAPI.loadCMSAdminRole().getId());
        String userId = user != null ? user.getUserId() : StringPool.BLANK;
        for (User user2 : usersByName) {
            if (!userId.equalsIgnoreCase(user2.getUserId())) {
                Map<String, Object> map = user2.toMap();
                if (this.roleAPI.doesUserHaveRoles(user2.getUserId(), list)) {
                    map.put("requestPassword", true);
                }
                arrayList.add(map);
            }
        }
        Map map2 = CollectionsUtils.map("users", arrayList);
        if (z) {
            map2.put("nUsers", Long.valueOf(this.userAPI.getCountUsersByNameOrEmail(StringPool.BLANK)));
        }
        return new ResponseEntityView(map2);
    }

    public User updateUser(UpdateUserForm updateUserForm, User user, HttpServletRequest httpServletRequest, Locale locale) throws DotSecurityException, DotDataException, IncorrectPasswordException {
        HttpSession session = httpServletRequest.getSession();
        boolean z = false;
        try {
            User user2 = (User) this.userAPI.loadUserById(updateUserForm.getUserId(), this.userAPI.getSystemUser(), false).clone();
            user2.setModified(false);
            user2.setFirstName(updateUserForm.getGivenName());
            user2.setLastName(updateUserForm.getSurname());
            if (null != updateUserForm.getEmail()) {
                user2.setEmailAddress(updateUserForm.getEmail());
            }
            if (null != updateUserForm.getNewPassword()) {
                user2.setPassword(updateUserForm.getNewPassword());
                z = true;
            }
            if (user2.getUserId().equalsIgnoreCase(user.getUserId())) {
                if (!this.loginService.passwordMatch(updateUserForm.getCurrentPassword(), user)) {
                    throw new IncorrectPasswordException();
                }
                this.userAPI.save(user2, this.userAPI.getSystemUser(), z, false);
                session.setAttribute(com.dotmarketing.util.WebKeys.CMS_USER, user2);
            } else {
                if (!this.permissionAPI.doesUserHavePermission(this.userProxyAPI.getUserProxy(user2, user, false), 2, user, false)) {
                    throw new DotSecurityException(LanguageUtil.get(locale, "User-Doesnot-Have-Permission"));
                }
                this.userAPI.save(user2, user, z, !this.userWebAPI.isLoggedToBackend(httpServletRequest));
            }
            return user2;
        } catch (PortalException | SystemException e) {
            throw new RuntimeException((Throwable) e);
        }
    }
}
