package com.atlassian.jira.rpc.soap.service;

import com.atlassian.crowd.embedded.api.CrowdService;
import com.atlassian.crowd.embedded.api.Group;
import com.atlassian.crowd.embedded.api.User;
import com.atlassian.crowd.exception.InvalidCredentialException;
import com.atlassian.crowd.exception.InvalidUserException;
import com.atlassian.crowd.exception.OperationNotPermittedException;
import com.atlassian.crowd.exception.UserNotFoundException;
import com.atlassian.crowd.exception.runtime.OperationFailedException;
import com.atlassian.crowd.model.user.UserTemplate;
import com.atlassian.jira.bc.JiraServiceContextImpl;
import com.atlassian.jira.bc.filter.SearchRequestService;
import com.atlassian.jira.bc.group.GroupRemoveChildMapper;
import com.atlassian.jira.bc.group.GroupService;
import com.atlassian.jira.bc.user.UserService;
import com.atlassian.jira.config.properties.ApplicationProperties;
import com.atlassian.jira.exception.CreateException;
import com.atlassian.jira.exception.PermissionException;
import com.atlassian.jira.rpc.exception.RemoteException;
import com.atlassian.jira.rpc.exception.RemotePermissionException;
import com.atlassian.jira.rpc.exception.RemoteValidationException;
import com.atlassian.jira.rpc.soap.beans.RemoteFilter;
import com.atlassian.jira.rpc.soap.beans.RemoteGroup;
import com.atlassian.jira.rpc.soap.beans.RemoteUser;
import com.atlassian.jira.rpc.soap.util.RemoteEntityFactory;
import com.atlassian.jira.rpc.soap.util.SoapUtils;
import com.atlassian.jira.security.GlobalPermissionManager;
import com.atlassian.jira.security.PermissionManager;
import com.atlassian.jira.security.groups.GroupManager;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.user.util.UserManager;
import com.atlassian.jira.user.util.UserUtil;
import com.atlassian.jira.util.ErrorCollection;
import com.atlassian.jira.util.SimpleErrorCollection;
import com.google.common.collect.Lists;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;

/* loaded from: input_file:com/atlassian/jira/rpc/soap/service/UserServiceImpl.class */
public class UserServiceImpl implements UserService {
    private PermissionManager permissionManager;
    private SearchRequestService searchRequestService;
    private final UserManager userManager;
    private final GroupManager groupManager;
    private ApplicationProperties applicationProperties;
    private final GroupService groupService;
    private com.atlassian.jira.bc.user.UserService userService;
    private final RemoteEntityFactory remoteEntityFactory;
    private final CrowdService crowdService;
    private final GlobalPermissionManager globalPermissionManager;
    private final UserUtil userUtil;
    public static final String __PARANAMER_DATA = "<init> com.atlassian.jira.bc.filter.SearchRequestService,com.atlassian.jira.user.util.UserManager,com.atlassian.jira.security.groups.GroupManager,com.atlassian.jira.security.PermissionManager,com.atlassian.jira.config.properties.ApplicationProperties,com.atlassian.jira.bc.user.UserService,com.atlassian.jira.bc.group.GroupService,com.atlassian.jira.rpc.soap.util.RemoteEntityFactory,com.atlassian.crowd.embedded.api.CrowdService,com.atlassian.jira.security.GlobalPermissionManager,com.atlassian.jira.user.util.UserUtil searchRequestService,userManager,groupManager,permissionManager,applicationProperties,userService,groupService,remoteEntityFactory,crowdService,globalPermissionManager,userUtil \nisRemoteUserPermittedToEditSelectedUser com.atlassian.crowd.embedded.api.User,com.atlassian.crowd.embedded.api.User admin,updatedUser \ngetFavouriteFilters com.atlassian.crowd.embedded.api.User user \ncreateGroup com.atlassian.crowd.embedded.api.User,java.lang.String,com.atlassian.jira.rpc.soap.beans.RemoteUser admin,groupName,firstUser \ngetGroup com.atlassian.crowd.embedded.api.User,java.lang.String admin,groupName \nupdateGroup com.atlassian.crowd.embedded.api.User,com.atlassian.jira.rpc.soap.beans.RemoteGroup admin,remoteGroup \ncreateUser com.atlassian.crowd.embedded.api.User,java.lang.String,java.lang.String,java.lang.String,java.lang.String remoteUser,username,password,fullName,email \ngetUser com.atlassian.crowd.embedded.api.User,java.lang.String currentUser,username \nsetUserPassword com.atlassian.crowd.embedded.api.User,com.atlassian.jira.rpc.soap.beans.RemoteUser,java.lang.String admin,remoteUser,newPassword \nupdateUser com.atlassian.crowd.embedded.api.User,com.atlassian.jira.rpc.soap.beans.RemoteUser admin,remoteUser \naddUserToGroup com.atlassian.crowd.embedded.api.User,com.atlassian.jira.rpc.soap.beans.RemoteGroup,com.atlassian.jira.rpc.soap.beans.RemoteUser admin,remoteGroup,remoteUser \ndeleteGroup com.atlassian.crowd.embedded.api.User,java.lang.String,java.lang.String admin,groupName,swapGroupName \ndeleteUser com.atlassian.crowd.embedded.api.User,java.lang.String remoteUser,username \nremoveUserFromGroup com.atlassian.crowd.embedded.api.User,com.atlassian.jira.rpc.soap.beans.RemoteGroup,com.atlassian.jira.rpc.soap.beans.RemoteUser admin,remoteGroup,remoteUser \n";

    public UserServiceImpl(SearchRequestService searchRequestService, UserManager userManager, GroupManager groupManager, PermissionManager permissionManager, ApplicationProperties applicationProperties, com.atlassian.jira.bc.user.UserService userService, GroupService groupService, RemoteEntityFactory remoteEntityFactory, CrowdService crowdService, GlobalPermissionManager globalPermissionManager, UserUtil userUtil) {
        this.searchRequestService = searchRequestService;
        this.userManager = userManager;
        this.groupManager = groupManager;
        this.permissionManager = permissionManager;
        this.applicationProperties = applicationProperties;
        this.userService = userService;
        this.groupService = groupService;
        this.remoteEntityFactory = remoteEntityFactory;
        this.crowdService = crowdService;
        this.globalPermissionManager = globalPermissionManager;
        this.userUtil = userUtil;
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public RemoteUser getUser(User user, String str) {
        ApplicationUser userByName = this.userManager.getUserByName(str);
        if (userByName == null) {
            return null;
        }
        return this.remoteEntityFactory.createUser(userByName.getDirectoryUser());
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public RemoteUser createUser(User user, String str, String str2, String str3, String str4) throws RemoteValidationException, RemotePermissionException {
        if (str != null) {
            str = str.trim();
        }
        UserService.CreateUserValidationResult validateCreateUserForAdminPasswordRequired = this.userService.validateCreateUserForAdminPasswordRequired(user, str, str2, str2, str4, str3);
        if (!validateCreateUserForAdminPasswordRequired.isValid()) {
            throw new RemoteValidationException("Error creating user", validateCreateUserForAdminPasswordRequired.getErrorCollection());
        }
        try {
            return this.remoteEntityFactory.createUser(this.userService.createUserWithNotification(validateCreateUserForAdminPasswordRequired));
        } catch (CreateException e) {
            throw new RemoteValidationException("cannot create user details, cause: " + e.getMessage(), (Throwable) e);
        } catch (PermissionException e2) {
            throw new RemoteValidationException("cannot create user details, cause: " + e2.getMessage(), (Throwable) e2);
        }
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public RemoteUser updateUser(User user, RemoteUser remoteUser) throws RemoteException {
        return getUser(user, updatedTheUserDetails(canUpdateUser(user, remoteUser), remoteUser).getName());
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public RemoteUser setUserPassword(User user, RemoteUser remoteUser, String str) throws RemoteException {
        User canUpdateUser = canUpdateUser(user, remoteUser);
        updatedTheUserPassword(canUpdateUser, str);
        return getUser(user, canUpdateUser.getName());
    }

    private User canUpdateUser(User user, RemoteUser remoteUser) throws RemoteValidationException {
        if (user != null && user.getName().equals(remoteUser.getName())) {
            return user;
        }
        if (!isAdministrator(user) && !isSystemAdministrator(user)) {
            throw new RemoteValidationException("The user: " + nameOf(user) + " does not have permission to update the user: " + remoteUser.getName());
        }
        ApplicationUser userByName = this.userManager.getUserByName(remoteUser.getName());
        if (userByName == null) {
            throw new RemoteValidationException("No user could be found with the name: " + remoteUser.getName());
        }
        if (!isRemoteUserPermittedToEditSelectedUser(user, userByName.getDirectoryUser())) {
            throw new RemoteValidationException("The user: " + nameOf(user) + " does not have permission to update the user: " + remoteUser.getName());
        }
        if (this.userManager.canUpdateUser(userByName)) {
            return userByName.getDirectoryUser();
        }
        throw new RemoteValidationException("The user: " + remoteUser.getName() + " is in a read-only directory");
    }

    private User updatedTheUserDetails(User user, RemoteUser remoteUser) throws RemoteException {
        UserTemplate userTemplate = new UserTemplate(user);
        userTemplate.setDisplayName(remoteUser.getFullname());
        userTemplate.setEmailAddress(remoteUser.getEmail());
        try {
            return this.crowdService.updateUser(userTemplate);
        } catch (OperationFailedException e) {
            throw new RemoteException(e.toString());
        } catch (InvalidUserException e2) {
            throw new RemoteException(e2.toString());
        } catch (OperationNotPermittedException e3) {
            throw new RemoteException(e3.toString());
        }
    }

    private void updatedTheUserPassword(User user, String str) throws RemoteException {
        try {
            this.userUtil.changePassword(user, str);
        } catch (PermissionException e) {
            throw new RemoteException(e.toString());
        } catch (InvalidCredentialException e2) {
            throw new RemoteException(e2.toString());
        } catch (UserNotFoundException e3) {
            throw new RemoteException(e3.toString());
        } catch (OperationNotPermittedException e4) {
            throw new RemoteException(e4.toString());
        }
    }

    public boolean isRemoteUserPermittedToEditSelectedUser(User user, User user2) {
        return isSystemAdministrator(user) || !isSystemAdministrator(user2);
    }

    private boolean isSystemAdministrator(User user) {
        return this.globalPermissionManager.hasPermission(44, user);
    }

    private boolean isAdministrator(User user) {
        return this.globalPermissionManager.hasPermission(0, user);
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public void deleteUser(User user, String str) throws RemoteException {
        UserService.DeleteUserValidationResult validateDeleteUser = this.userService.validateDeleteUser(user, str);
        if (!validateDeleteUser.isValid()) {
            throw new RemoteValidationException("Error removing user", validateDeleteUser.getErrorCollection());
        }
        try {
            this.userService.removeUser(user, validateDeleteUser);
        } catch (Exception e) {
            throw new RemoteException("Unable to delete user, cause: " + e.getMessage(), e);
        }
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public RemoteGroup getGroup(User user, String str) throws RemoteException {
        if (!this.permissionManager.hasPermission(0, user)) {
            throw new RemotePermissionException("You do not have permission to get a group.");
        }
        if (str == null) {
            throw new RemoteValidationException("group name cannot be null, needs a value");
        }
        Group group = this.groupManager.getGroup(str);
        if (group == null) {
            throw new RemoteValidationException("no group found for that groupName: " + str);
        }
        return this.remoteEntityFactory.createGroup(group);
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public RemoteGroup createGroup(User user, String str, RemoteUser remoteUser) throws RemoteException {
        if (!this.permissionManager.hasPermission(0, user)) {
            throw new RemotePermissionException("You do not have permission to create a group.");
        }
        if (this.applicationProperties.getOption("jira.option.user.externalmanagement")) {
            throw new RemoteValidationException("Cannot create group, as external user management is enabled. Contact your administrator.");
        }
        if (str == null) {
            throw new RemoteValidationException("group cannot be created, group name cannot be null, needs a value");
        }
        ApplicationUser applicationUser = null;
        if (remoteUser != null) {
            applicationUser = this.userManager.getUserByName(remoteUser.getName());
            if (applicationUser == null) {
                throw new RemoteValidationException("group cannot be created, first user '" + remoteUser.getName() + "' for this group doesn't exist");
            }
        }
        try {
            Group createGroup = this.groupManager.createGroup(str);
            if (applicationUser != null) {
                this.groupManager.addUserToGroup(applicationUser.getDirectoryUser(), createGroup);
            }
            return this.remoteEntityFactory.createGroup(createGroup);
        } catch (Exception e) {
            throw new RemoteValidationException("Group '" + str + "' cannot be created. " + e.getMessage(), e);
        }
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public void addUserToGroup(User user, RemoteGroup remoteGroup, RemoteUser remoteUser) throws RemoteException {
        SimpleErrorCollection simpleErrorCollection = new SimpleErrorCollection();
        ArrayList newArrayList = Lists.newArrayList(new String[]{remoteGroup.getName()});
        JiraServiceContextImpl jiraServiceContextImpl = new JiraServiceContextImpl(user, simpleErrorCollection);
        if (!this.groupService.validateAddUserToGroup(jiraServiceContextImpl, newArrayList, remoteUser.getName()) || !this.groupService.addUsersToGroups(jiraServiceContextImpl, newArrayList, Lists.newArrayList(new String[]{remoteUser.getName()}))) {
            throw new RemoteValidationException("Can not add user '" + remoteUser.getName() + "' to group '" + remoteGroup.getName() + "'.", (ErrorCollection) simpleErrorCollection);
        }
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public void removeUserFromGroup(User user, RemoteGroup remoteGroup, RemoteUser remoteUser) throws RemoteException {
        SimpleErrorCollection simpleErrorCollection = new SimpleErrorCollection();
        ArrayList newArrayList = Lists.newArrayList(new String[]{remoteGroup.getName()});
        JiraServiceContextImpl jiraServiceContextImpl = new JiraServiceContextImpl(user, simpleErrorCollection);
        if (this.groupService.validateRemoveUserFromGroups(jiraServiceContextImpl, newArrayList, remoteUser.getName())) {
            GroupRemoveChildMapper groupRemoveChildMapper = new GroupRemoveChildMapper();
            groupRemoveChildMapper.register(remoteUser.getName(), remoteGroup.getName());
            if (this.groupService.removeUsersFromGroups(jiraServiceContextImpl, groupRemoveChildMapper)) {
                return;
            }
        }
        throw new RemoteValidationException("Can not remove user '" + remoteUser.getName() + "' from group '" + remoteGroup.getName() + "'.", (ErrorCollection) simpleErrorCollection);
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public RemoteGroup updateGroup(User user, RemoteGroup remoteGroup) throws RemoteException {
        SimpleErrorCollection simpleErrorCollection = new SimpleErrorCollection();
        JiraServiceContextImpl jiraServiceContextImpl = new JiraServiceContextImpl(user, simpleErrorCollection);
        Group group = getGroup(remoteGroup);
        addUsersToGroup(remoteGroup, jiraServiceContextImpl, getUsersToAddToGroup(remoteGroup, group), simpleErrorCollection);
        removeUsersFromGroup(group, remoteGroup, jiraServiceContextImpl, simpleErrorCollection);
        return this.remoteEntityFactory.createGroup(group);
    }

    private void removeUsersFromGroup(Group group, RemoteGroup remoteGroup, JiraServiceContextImpl jiraServiceContextImpl, ErrorCollection errorCollection) throws RemoteValidationException {
        GroupRemoveChildMapper groupRemoveChildMapper = getGroupRemoveChildMapper(group, remoteGroup);
        if (!this.groupService.validateRemoveUsersFromGroups(jiraServiceContextImpl, groupRemoveChildMapper) || !this.groupService.removeUsersFromGroups(jiraServiceContextImpl, groupRemoveChildMapper)) {
            throw new RemoteValidationException("Errors during update group. Error with removing users from the group.", errorCollection);
        }
    }

    private void addUsersToGroup(RemoteGroup remoteGroup, JiraServiceContextImpl jiraServiceContextImpl, Collection<String> collection, ErrorCollection errorCollection) throws RemoteValidationException {
        ArrayList newArrayList = Lists.newArrayList(new String[]{remoteGroup.getName()});
        if (this.groupService.validateAddUsersToGroup(jiraServiceContextImpl, newArrayList, collection).isSuccess()) {
            this.groupService.addUsersToGroups(jiraServiceContextImpl, newArrayList, collection);
        }
        if (errorCollection.hasAnyErrors()) {
            throw new RemoteValidationException("Errors during update group. Error with adding users to the group.", errorCollection);
        }
    }

    private GroupRemoveChildMapper getGroupRemoveChildMapper(Group group, RemoteGroup remoteGroup) {
        GroupRemoveChildMapper groupRemoveChildMapper = new GroupRemoveChildMapper(Lists.newArrayList(new String[]{remoteGroup.getName()}));
        Iterator it = this.groupManager.getUsersInGroup(group.getName()).iterator();
        while (it.hasNext()) {
            String name = ((User) it.next()).getName();
            if (!groupContainsUserWithUsername(name, remoteGroup)) {
                groupRemoveChildMapper.register(name);
            }
        }
        return groupRemoveChildMapper;
    }

    private Collection<String> getUsersToAddToGroup(RemoteGroup remoteGroup, Group group) {
        ApplicationUser userByName;
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < remoteGroup.getUsers().length; i++) {
            RemoteUser remoteUser = remoteGroup.getUsers()[i];
            if (remoteUser != null && ((userByName = this.userManager.getUserByName(remoteUser.getName())) == null || !this.groupManager.isUserInGroup(userByName.getDirectoryUser(), group))) {
                arrayList.add(remoteUser.getName());
            }
        }
        return arrayList;
    }

    private boolean groupContainsUserWithUsername(String str, RemoteGroup remoteGroup) {
        for (int i = 0; i < remoteGroup.getUsers().length; i++) {
            RemoteUser remoteUser = remoteGroup.getUsers()[i];
            if (remoteUser.getName() != null && remoteUser.getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    private Group getGroup(RemoteGroup remoteGroup) throws RemotePermissionException, RemoteValidationException {
        Group group = this.groupManager.getGroup(remoteGroup.getName());
        if (group == null) {
            throw new RemoteValidationException("group cannot be updated, because it doesn't exist.");
        }
        return group;
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public void deleteGroup(User user, String str, String str2) throws RemoteException {
        SimpleErrorCollection simpleErrorCollection = new SimpleErrorCollection();
        JiraServiceContextImpl jiraServiceContextImpl = new JiraServiceContextImpl(user, simpleErrorCollection);
        if (!this.groupService.validateDelete(jiraServiceContextImpl, str, str2)) {
            throw new RemoteValidationException("Error validating group deletion.", (ErrorCollection) simpleErrorCollection);
        }
        if (!this.groupService.delete(jiraServiceContextImpl, str, str2)) {
            throw new RemoteValidationException("Error deleting group.", (ErrorCollection) simpleErrorCollection);
        }
    }

    @Override // com.atlassian.jira.rpc.soap.service.UserService
    public RemoteFilter[] getFavouriteFilters(User user) throws RemoteException {
        return SoapUtils.getFilters(this.searchRequestService.getFavouriteFilters(user));
    }

    private static String nameOf(User user) {
        return user != null ? user.getName() : "(null)";
    }
}
