package com.sqldashboards.webby;

import io.micronaut.core.annotation.NonNull;
import io.micronaut.core.annotation.Nullable;
import io.micronaut.discovery.registration.RegistrationConfiguration;
import io.micronaut.http.HttpRequest;
import io.micronaut.http.HttpResponse;
import io.micronaut.http.HttpStatus;
import io.micronaut.http.annotation.Body;
import io.micronaut.http.annotation.Controller;
import io.micronaut.http.annotation.Delete;
import io.micronaut.http.annotation.Get;
import io.micronaut.http.annotation.Post;
import io.micronaut.http.annotation.Produces;
import io.micronaut.http.annotation.Put;
import io.micronaut.http.annotation.QueryValue;
import io.micronaut.http.exceptions.HttpStatusException;
import io.micronaut.http.server.util.HttpClientAddressResolver;
import io.micronaut.security.annotation.Secured;
import io.micronaut.security.authentication.Authentication;
import io.micronaut.security.rules.SecurityRule;
import jakarta.inject.Inject;
import jakarta.mail.MessagingException;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.security.Principal;
import java.time.Instant;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.Random;
import java.util.stream.Collectors;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Controller("/api/user")
@Secured({SecurityRule.IS_AUTHENTICATED})
/* loaded from: input_file:com/sqldashboards/webby/UserController.class */
public class UserController {
    private static Logger log = LoggerFactory.getLogger((Class<?>) UserController.class);

    @Inject
    UserRepository userRepository;

    @Inject
    TeamRepository teamRepository;

    @Inject
    DashboardRepository dashRepo;
    private final PasswordAuthentication pauth = new PasswordAuthentication();
    private final HttpClientAddressResolver addressResolver;

    @Inject
    UserService userService;

    /* loaded from: input_file:com/sqldashboards/webby/UserController$PublicTeamInfo.class */
    public static class PublicTeamInfo {
        private final long id;
        private final String name;

        public PublicTeamInfo(long j, String str) {
            this.id = j;
            this.name = str;
        }

        public long getId() {
            return this.id;
        }

        public String getName() {
            return this.name;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof PublicTeamInfo)) {
                return false;
            }
            PublicTeamInfo publicTeamInfo = (PublicTeamInfo) obj;
            if (!publicTeamInfo.canEqual(this) || getId() != publicTeamInfo.getId()) {
                return false;
            }
            String name = getName();
            String name2 = publicTeamInfo.getName();
            return name == null ? name2 == null : name.equals(name2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof PublicTeamInfo;
        }

        public int hashCode() {
            long id = getId();
            int i = (1 * 59) + ((int) ((id >>> 32) ^ id));
            String name = getName();
            return (i * 59) + (name == null ? 43 : name.hashCode());
        }

        public String toString() {
            long id = getId();
            getName();
            return "UserController.PublicTeamInfo(id=" + id + ", name=" + id + ")";
        }
    }

    /* loaded from: input_file:com/sqldashboards/webby/UserController$PublicUserOrTeamInfo.class */
    public static class PublicUserOrTeamInfo {
        private final long id;
        private final String name;
        private final Instant dateCreated;
        private final Instant dateUpdated;
        private final long starCount;
        private final List<String> members;
        private final RoleType myrole;

        PublicUserOrTeamInfo(User user, List<String> list, RoleType roleType) {
            this.id = user.getId().longValue();
            this.name = user.getName();
            this.dateCreated = user.getDateCreated();
            this.dateUpdated = user.getDateUpdated();
            this.starCount = user.getStarCount();
            this.members = list;
            this.myrole = roleType;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public PublicUserOrTeamInfo(Team team, List<String> list, RoleType roleType) {
            this.id = team.getId().longValue();
            this.name = team.getName();
            this.dateCreated = team.getDateCreated();
            this.dateUpdated = team.getDateUpdated();
            this.starCount = team.getStarCount();
            this.members = list;
            this.myrole = roleType;
        }

        public long getId() {
            return this.id;
        }

        public String getName() {
            return this.name;
        }

        public Instant getDateCreated() {
            return this.dateCreated;
        }

        public Instant getDateUpdated() {
            return this.dateUpdated;
        }

        public long getStarCount() {
            return this.starCount;
        }

        public List<String> getMembers() {
            return this.members;
        }

        public RoleType getMyrole() {
            return this.myrole;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof PublicUserOrTeamInfo)) {
                return false;
            }
            PublicUserOrTeamInfo publicUserOrTeamInfo = (PublicUserOrTeamInfo) obj;
            if (!publicUserOrTeamInfo.canEqual(this) || getId() != publicUserOrTeamInfo.getId() || getStarCount() != publicUserOrTeamInfo.getStarCount()) {
                return false;
            }
            String name = getName();
            String name2 = publicUserOrTeamInfo.getName();
            if (name == null) {
                if (name2 != null) {
                    return false;
                }
            } else if (!name.equals(name2)) {
                return false;
            }
            Instant dateCreated = getDateCreated();
            Instant dateCreated2 = publicUserOrTeamInfo.getDateCreated();
            if (dateCreated == null) {
                if (dateCreated2 != null) {
                    return false;
                }
            } else if (!dateCreated.equals(dateCreated2)) {
                return false;
            }
            Instant dateUpdated = getDateUpdated();
            Instant dateUpdated2 = publicUserOrTeamInfo.getDateUpdated();
            if (dateUpdated == null) {
                if (dateUpdated2 != null) {
                    return false;
                }
            } else if (!dateUpdated.equals(dateUpdated2)) {
                return false;
            }
            List<String> members = getMembers();
            List<String> members2 = publicUserOrTeamInfo.getMembers();
            if (members == null) {
                if (members2 != null) {
                    return false;
                }
            } else if (!members.equals(members2)) {
                return false;
            }
            RoleType myrole = getMyrole();
            RoleType myrole2 = publicUserOrTeamInfo.getMyrole();
            return myrole == null ? myrole2 == null : myrole.equals(myrole2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof PublicUserOrTeamInfo;
        }

        public int hashCode() {
            long id = getId();
            int i = (1 * 59) + ((int) ((id >>> 32) ^ id));
            long starCount = getStarCount();
            int i2 = (i * 59) + ((int) ((starCount >>> 32) ^ starCount));
            String name = getName();
            int hashCode = (i2 * 59) + (name == null ? 43 : name.hashCode());
            Instant dateCreated = getDateCreated();
            int hashCode2 = (hashCode * 59) + (dateCreated == null ? 43 : dateCreated.hashCode());
            Instant dateUpdated = getDateUpdated();
            int hashCode3 = (hashCode2 * 59) + (dateUpdated == null ? 43 : dateUpdated.hashCode());
            List<String> members = getMembers();
            int hashCode4 = (hashCode3 * 59) + (members == null ? 43 : members.hashCode());
            RoleType myrole = getMyrole();
            return (hashCode4 * 59) + (myrole == null ? 43 : myrole.hashCode());
        }

        public String toString() {
            long id = getId();
            String name = getName();
            String valueOf = String.valueOf(getDateCreated());
            String valueOf2 = String.valueOf(getDateUpdated());
            long starCount = getStarCount();
            String.valueOf(getMembers());
            String.valueOf(getMyrole());
            return "UserController.PublicUserOrTeamInfo(id=" + id + ", name=" + id + ", dateCreated=" + name + ", dateUpdated=" + valueOf + ", starCount=" + valueOf2 + ", members=" + starCount + ", myrole=" + id + ")";
        }
    }

    public UserController(HttpClientAddressResolver httpClientAddressResolver) {
        this.addressResolver = httpClientAddressResolver;
    }

    @Secured({"ADMIN"})
    @Post("/admin")
    public HttpResponse<User> save(@Valid @Body User user, Authentication authentication) {
        log.info("save {} saving u-{}", DashboardController.u(authentication), user.getName());
        this.userService.ensureCanAddAndEditUsers(authentication, user);
        String password = user.getPassword();
        user.setPassword(this.pauth.hash(password));
        lowercaseEmailAndName(user);
        strictUserChecks(user, password, null);
        user.setOrigin("admin");
        User wipePass = wipePass(this.userRepository.save(user));
        return HttpResponse.created(wipePass).headers(mutableHttpHeaders -> {
            mutableHttpHeaders.location(toUri(wipePass));
        });
    }

    @Secured({"ADMIN"})
    @Put("/admin")
    public User updateAsAdmin(@Valid @Body User user, Authentication authentication) {
        log.info("updateAsAdmin {} saving u-{}", DashboardController.u(authentication), user.getName());
        lowercaseEmailAndName(user);
        String password = user.getPassword();
        String trim = password == null ? "" : password.trim();
        boolean z = trim.length() > 0;
        User user2 = this.userRepository.findById(user.getId()).get();
        if (z) {
            user.setPassword(this.pauth.hash(user.getPassword()));
        } else {
            user.setPassword(user2.getPassword());
        }
        strictUserChecks(user, z ? trim : null, user2);
        if (user2.isAdmin() && !user.isAdmin() && this.userRepository.count(RoleType.ADMIN) == 1) {
            UserService.BAD("Can't remove admin from last admin user.");
        }
        return this.userRepository.findById(((User) this.userRepository.update(user)).getId()).get();
    }

    @Secured({SecurityRule.IS_AUTHENTICATED})
    @Put("/")
    public HttpResponse<User> update(@Valid @Body User user, Authentication authentication) {
        log.info("update {} saving u-{}", DashboardController.u(authentication), user.getName());
        User curUser = this.userService.curUser(authentication);
        if (!curUser.isAdmin()) {
            if (curUser.getId() != user.getId()) {
                UserService.BAD("Can only update as user themselves or server admin.");
            }
            if (!curUser.getName().equals(user.getName())) {
                UserService.BAD("Only admin can change names.", authentication);
            }
        }
        User user2 = this.userRepository.findByName(user.getName()).get();
        String password = user.getPassword();
        if (password != null && password.isEmpty()) {
            password = null;
        }
        strictUserChecks(user, password, user2);
        if (user2.getEmail() != null && !user2.getEmail().equals(user.getEmail())) {
            user2.setEmailVerified(false);
        }
        User user3 = (User) this.userRepository.update(user2.performUserUpdate(user));
        user3.setEmailCode("");
        return HttpResponse.created(wipePass(user3));
    }

    @Secured({"ADMIN"})
    @Put("/roleType")
    public User setRoleType(@NonNull Long l, @NonNull RoleType roleType) {
        log.info("setRoleType u-{} {}", l, roleType);
        Optional<User> findById = this.userRepository.findById(l);
        if (!findById.isPresent()) {
            throw new HttpStatusException(HttpStatus.NOT_FOUND, "");
        }
        if (findById.get().isAdmin() && this.userRepository.count(RoleType.ADMIN) == 1) {
            UserService.BAD("Can't remove admin from last admin user.");
        }
        this.userRepository.update(l, roleType);
        return wipePass(this.userRepository.findById(l).get());
    }

    @Secured({"ADMIN"})
    @Put("/emailVerified")
    public User setEmailVerified(@NonNull Long l, @NonNull boolean z) {
        log.info("setEmailVerified u-{} {}", l, Boolean.valueOf(z));
        if (!this.userRepository.findById(l).isPresent()) {
            throw new HttpStatusException(HttpStatus.NOT_FOUND, "");
        }
        this.userRepository.update(l, z);
        return wipePass(this.userRepository.findById(l).get());
    }

    @Secured({SecurityRule.IS_AUTHENTICATED})
    @Put("/set-password")
    public User setPassword(@NonNull String str, @NonNull String str2, @NonNull String str3, @NonNull Authentication authentication) {
        log.info("setPassword {} saving u-{}", DashboardController.u(authentication), str);
        User curUser = this.userService.curUser(authentication);
        User user = this.userRepository.findByName(str).get();
        if (curUser.getId() != user.getId()) {
            UserService.BAD("Password update is not permitted.");
        }
        if (!User.isPasswordValid(str3)) {
            UserService.BAD("New password not valid.");
        }
        if (!this.pauth.authenticate(str2.toCharArray(), user.getPassword())) {
            UserService.BAD("Current password incorrect.");
        }
        user.setPassword(this.pauth.hash(str3));
        User user2 = (User) this.userRepository.update(user);
        user2.setEmailCode(null);
        user2.setRegIP(null);
        return wipePass(user2);
    }

    @Secured({"ADMIN"})
    @Delete("/{id}")
    public HttpResponse<?> delete(Long l) {
        log.info("delete u-{}", l);
        if (!this.userRepository.findById(l).isPresent()) {
            return HttpResponse.notFound();
        }
        this.userRepository.deleteById(l);
        return HttpResponse.noContent();
    }

    private static User lowercaseEmailAndName(User user) {
        user.setEmail(user.getEmail() == null ? "" : user.getEmail().toLowerCase());
        user.setName(user.getName() == null ? "" : user.getName().toLowerCase());
        return user;
    }

    @Post("/validate-email")
    public HttpResponse<?> validateEmail(String str, Principal principal) {
        if (str == null || str.length() < 2) {
            UserService.BAD("Invalid Code.");
        }
        Optional<User> findByName = this.userRepository.findByName(principal.getName());
        if (findByName.isPresent()) {
            User user = findByName.get();
            log.info("validateEmail u-{}", user.getName());
            if (user.isEmailVerified()) {
                return HttpResponse.ok();
            }
            if (str != null && str.length() > 0 && user.getEmailCode().equals(str)) {
                user.setEmailVerified(true);
                user.setEmailCode("");
                return HttpResponse.ok();
            }
        }
        throw UserService.BAD("Invalid Code or Email.");
    }

    @Secured({SecurityRule.IS_ANONYMOUS})
    @Post("/register")
    public HttpResponse<User> register(@Valid @Body RegDetails regDetails, HttpRequest<?> httpRequest) {
        log.info("register u-{}", regDetails.getName());
        if (!Application.CONFIG.isAllow_user_self_registration()) {
            UserService.BAD("User self registration is not allowed on this server. Contact ADMIN.");
        }
        User user = regDetails.toUser();
        user.setRegIP(this.addressResolver.resolve(httpRequest));
        user.setEmailVerified(false);
        user.setRoleType(RoleType.EDITOR);
        user.setEmailCode((100000 + new Random().nextInt(899888)));
        String password = user.getPassword();
        user.setPassword(this.pauth.hash(user.getPassword()));
        lowercaseEmailAndName(user);
        String email = user.getEmail();
        if (email == null || email.length() < 6 || !email.contains("@")) {
            UserService.BAD("Email must be atleast 6 characters and contain @.");
        }
        if (user.getName().contains("admin") || user.getName().contains(Application.APPNAME)) {
            UserService.BAD("Username cannot contain 'admin' or 'pulse'.");
        }
        strictUserChecks(user, password, null);
        user.setOrigin(RegistrationConfiguration.PREFIX);
        User save = this.userRepository.save(user);
        String str = "Registration Code is: " + save.getEmailCode();
        try {
            if (Application.CONFIG.isSmtp_enabled()) {
                MailerMan.sendEmail(Application.CONFIG, "Registration Code", str, save.getEmail());
            }
        } catch (MessagingException | UnsupportedEncodingException e) {
            log.warn("Registration Code Email fail.", e);
            UserService.BAD("Error sending confirmation email..");
        }
        save.setEmailCode("");
        return HttpResponse.created(wipePass(save)).headers(mutableHttpHeaders -> {
            mutableHttpHeaders.location(toUri(save));
        });
    }

    private void strictUserChecks(User user, String str, @Nullable User user2) {
        String validationProblems = str == null ? "" : user.getValidationProblems(str);
        if (validationProblems.length() > 0) {
            UserService.BAD(validationProblems);
        }
        if (user.getName() != null && !user.getName().isEmpty() && ((user2 == null || !user.getName().equals(user2.getName())) && this.userRepository.findByName(user.getName()).isPresent())) {
            UserService.BAD("User with that name already exists.");
        }
        if (user.getEmail() == null || user.getEmail().isEmpty()) {
            return;
        }
        if ((user2 == null || !user.getEmail().equals(user2.getEmail())) && this.userRepository.findByEmail(user.getEmail()).isPresent()) {
            UserService.BAD("User with that email already exists.");
        }
    }

    @Get("/")
    @Secured({SecurityRule.IS_ANONYMOUS})
    @Produces({"application/json"})
    public String list() {
        return SqlHelper.executeQuery("select u.id,u.name,u.date_created,u.date_updated,u.star_count,'' as myrole FROM USERS u ORDER BY star_count DESC LIMIT 100;");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static User wipePass(User user) {
        user.setPassword(null);
        return user;
    }

    /* JADX WARN: Type inference failed for: r0v6, types: [java.util.List, java.lang.Iterable<?>] */
    @Get("/private")
    @Secured({"ADMIN"})
    @Produces({"application/json"})
    public Iterable<?> listPrivate(Authentication authentication) {
        if (!this.userService.isAdmin(authentication)) {
            return Collections.emptyList();
        }
        ?? findAll2 = this.userRepository.findAll2();
        findAll2.stream().forEach(user -> {
            wipePass(user);
        });
        return findAll2;
    }

    @Get("/list-usernames")
    @Secured({SecurityRule.IS_ANONYMOUS})
    public List<String> listUsersnames() {
        return this.userRepository.findAllUserNames();
    }

    @Get("/list-assignable-teams/{userName}")
    @Secured({SecurityRule.IS_ANONYMOUS})
    @Produces({"application/json"})
    public List<PublicTeamInfo> listAssignableTeams(String str) {
        return (List) this.userService.getAssignableTeams(str).stream().map(team -> {
            return new PublicTeamInfo(team.getId().longValue(), team.getName());
        }).collect(Collectors.toList());
    }

    @Get("/get/{name}")
    @Secured({SecurityRule.IS_ANONYMOUS})
    @Produces({"application/json"})
    public Optional<PublicUserOrTeamInfo> get(String str, Authentication authentication) {
        log.info("get {} getting u-{}", DashboardController.u(authentication), str);
        Optional<User> findByName = this.userRepository.findByName(str);
        if (!findByName.isPresent()) {
            return Optional.empty();
        }
        return Optional.of(new PublicUserOrTeamInfo(findByName.get(), this.userService.findAllTeamNamesForUser(findByName.get()), authentication == null ? RoleType.NONE : this.userService.curUser(authentication).getRoleType()));
    }

    @Get("/get-private/{name}")
    @Secured({SecurityRule.IS_AUTHENTICATED})
    public User getPrivate(String str, Authentication authentication) {
        log.info("getPrivate {} getting u-{}", DashboardController.u(authentication), str);
        Optional<User> findByName = this.userRepository.findByName(str);
        if (!findByName.isPresent()) {
            UserService.BAD("User not found.");
        }
        User user = findByName.get();
        this.userService.ensureCanReadUserDetails(authentication, user);
        User wipePass = wipePass(user);
        if (!this.userService.curUser(authentication).isAdmin()) {
            wipePass.setEmailCode(null);
            wipePass.setRegIP(null);
        }
        return wipePass;
    }

    private URI toUri(User user) {
        return URI.create("/u/" + user.getName());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @NotNull
    public User curUser(@Nullable Authentication authentication) {
        return this.userService.curUser(authentication);
    }

    @Secured({SecurityRule.IS_AUTHENTICATED})
    @Post("/favourite/{id}")
    public void addFavourite(@NonNull @QueryValue Long l, @Nullable Authentication authentication) {
        Optional<Dashboard> findById = this.dashRepo.findById(l);
        if (findById.isPresent()) {
            this.dashRepo.addUserDashFavourite(l.longValue(), curUser(authentication).getId().longValue());
            adjustStarCount(findById.get(), 1);
        }
    }

    @Secured({SecurityRule.IS_AUTHENTICATED})
    @Delete("/favourite/{id}")
    public void deleteFavourite(@NonNull @QueryValue Long l, @Nullable Authentication authentication) {
        Optional<Dashboard> findById = this.dashRepo.findById(l);
        if (findById.isPresent()) {
            this.dashRepo.deleteUserDashFavourite(l.longValue(), curUser(authentication).getId().longValue());
            adjustStarCount(findById.get(), -1);
        }
    }

    private void adjustStarCount(Dashboard dashboard, int i) {
        if (dashboard.getTeam() != null) {
            this.dashRepo.adjustTeamStarcount(dashboard.getTeam().getId().longValue(), i);
        }
        if (dashboard.getUser() != null) {
            this.dashRepo.adjustUserStarcount(dashboard.getUser().getId().longValue(), i);
        } else if (dashboard.getCreator() != null) {
            this.dashRepo.adjustUserStarcount(dashboard.getCreator().getId().longValue(), i);
        }
    }

    @Get("/favourite")
    @Secured({SecurityRule.IS_AUTHENTICATED})
    public List<Long> get(@Nullable Authentication authentication) {
        return this.dashRepo.findFavouritesForUser(curUser(authentication).getId().longValue());
    }
}
