package com.google.gerrit.pgm.init;

import com.google.common.base.Strings;
import com.google.common.collect.ImmutableSet;
import com.google.gerrit.common.TimeUtil;
import com.google.gerrit.extensions.client.AuthType;
import com.google.gerrit.pgm.init.VersionedAuthorizedKeysOnInit;
import com.google.gerrit.pgm.init.api.AllUsersNameOnInitProvider;
import com.google.gerrit.pgm.init.api.ConsoleUI;
import com.google.gerrit.pgm.init.api.InitFlags;
import com.google.gerrit.pgm.init.api.InitStep;
import com.google.gerrit.pgm.init.api.SequencesOnInit;
import com.google.gerrit.reviewdb.client.Account;
import com.google.gerrit.reviewdb.client.AccountGroup;
import com.google.gerrit.reviewdb.client.AccountSshKey;
import com.google.gerrit.reviewdb.server.ReviewDb;
import com.google.gerrit.server.account.AccountState;
import com.google.gerrit.server.account.externalids.ExternalId;
import com.google.gerrit.server.config.AllUsersName;
import com.google.gerrit.server.group.InternalGroup;
import com.google.gerrit.server.index.account.AccountIndex;
import com.google.gerrit.server.index.account.AccountIndexCollection;
import com.google.gerrit.server.index.group.GroupIndex;
import com.google.gerrit.server.index.group.GroupIndexCollection;
import com.google.gwtorm.server.SchemaFactory;
import com.google.inject.Inject;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import org.apache.commons.validator.routines.EmailValidator;
import org.apache.sshd.common.config.keys.PublicKeyEntry;

/* loaded from: input_file:com/google/gerrit/pgm/init/InitAdminUser.class */
public class InitAdminUser implements InitStep {
    private final InitFlags flags;
    private final ConsoleUI ui;
    private final AllUsersNameOnInitProvider allUsers;
    private final AccountsOnInit accounts;
    private final VersionedAuthorizedKeysOnInit.Factory authorizedKeysFactory;
    private final ExternalIdsOnInit externalIds;
    private final SequencesOnInit sequencesOnInit;
    private final GroupsOnInit groupsOnInit;
    private SchemaFactory<ReviewDb> dbFactory;
    private AccountIndexCollection accountIndexCollection;
    private GroupIndexCollection groupIndexCollection;

    @Inject
    InitAdminUser(InitFlags initFlags, ConsoleUI consoleUI, AllUsersNameOnInitProvider allUsersNameOnInitProvider, AccountsOnInit accountsOnInit, VersionedAuthorizedKeysOnInit.Factory factory, ExternalIdsOnInit externalIdsOnInit, SequencesOnInit sequencesOnInit, GroupsOnInit groupsOnInit) {
        this.flags = initFlags;
        this.ui = consoleUI;
        this.allUsers = allUsersNameOnInitProvider;
        this.accounts = accountsOnInit;
        this.authorizedKeysFactory = factory;
        this.externalIds = externalIdsOnInit;
        this.sequencesOnInit = sequencesOnInit;
        this.groupsOnInit = groupsOnInit;
    }

    @Override // com.google.gerrit.pgm.init.api.InitStep
    public void run() {
    }

    @Inject(optional = true)
    void set(SchemaFactory<ReviewDb> schemaFactory) {
        this.dbFactory = schemaFactory;
    }

    @Inject(optional = true)
    void set(AccountIndexCollection accountIndexCollection) {
        this.accountIndexCollection = accountIndexCollection;
    }

    @Inject(optional = true)
    void set(GroupIndexCollection groupIndexCollection) {
        this.groupIndexCollection = groupIndexCollection;
    }

    @Override // com.google.gerrit.pgm.init.api.InitStep
    public void postRun() throws Exception {
        if (((AuthType) this.flags.cfg.getEnum(AuthType.values(), "auth", null, "type", null)) != AuthType.DEVELOPMENT_BECOME_ANY_ACCOUNT) {
            return;
        }
        ReviewDb open = this.dbFactory.open();
        Throwable th = null;
        try {
            try {
                if (!this.accounts.hasAnyAccount()) {
                    this.ui.header("Gerrit Administrator", new Object[0]);
                    if (this.ui.yesno(true, "Create administrator user", new Object[0])) {
                        Account.Id id = new Account.Id(this.sequencesOnInit.nextAccountId(open));
                        String readString = this.ui.readString("admin", "username", new Object[0]);
                        String readString2 = this.ui.readString("Administrator", "name", new Object[0]);
                        String readString3 = this.ui.readString("secret", "HTTP password", new Object[0]);
                        AccountSshKey readSshKey = readSshKey(id);
                        String readEmail = readEmail(readSshKey);
                        ArrayList arrayList = new ArrayList(2);
                        arrayList.add(ExternalId.createUsername(readString, id, readString3));
                        if (readEmail != null) {
                            arrayList.add(ExternalId.createEmail(id, readEmail));
                        }
                        this.externalIds.insert("Add external IDs for initial admin user", arrayList);
                        Account account = new Account(id, TimeUtil.nowTs());
                        account.setFullName(readString2);
                        account.setPreferredEmail(readEmail);
                        this.accounts.insert(account);
                        AccountGroup existingGroup = this.groupsOnInit.getExistingGroup(open, new AccountGroup.NameKey("Administrators"));
                        this.groupsOnInit.addGroupMember(open, existingGroup.getGroupUUID(), id);
                        if (readSshKey != null) {
                            VersionedAuthorizedKeysOnInit load = this.authorizedKeysFactory.create(id).load();
                            load.addKey(readSshKey.getSshPublicKey());
                            load.save("Add SSH key for initial admin user\n");
                        }
                        AccountState accountState = new AccountState(new AllUsersName(this.allUsers.get()), account, Collections.singleton(existingGroup.getGroupUUID()), arrayList, new HashMap());
                        Iterator<AccountIndex> it = this.accountIndexCollection.getWriteIndexes().iterator();
                        while (it.hasNext()) {
                            it.next().replace(accountState);
                        }
                        InternalGroup create = InternalGroup.create(existingGroup, ImmutableSet.of(id), ImmutableSet.of());
                        Iterator<GroupIndex> it2 = this.groupIndexCollection.getWriteIndexes().iterator();
                        while (it2.hasNext()) {
                            it2.next().replace(create);
                        }
                    }
                }
                if (open != null) {
                    if (0 == 0) {
                        open.close();
                        return;
                    }
                    try {
                        open.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (open != null) {
                if (th != null) {
                    try {
                        open.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    open.close();
                }
            }
            throw th4;
        }
    }

    private String readEmail(AccountSshKey accountSshKey) {
        String str = "admin@example.com";
        if (accountSshKey != null && accountSshKey.getComment() != null) {
            String trim = accountSshKey.getComment().trim();
            if (EmailValidator.getInstance().isValid(trim)) {
                str = trim;
            }
        }
        return readEmail(str);
    }

    private String readEmail(String str) {
        String readString = this.ui.readString(str, "email", new Object[0]);
        if (readString == null || EmailValidator.getInstance().isValid(readString)) {
            return readString;
        }
        this.ui.message("error: invalid email address\n", new Object[0]);
        return readEmail(str);
    }

    private AccountSshKey readSshKey(Account.Id id) throws IOException {
        Path path = Paths.get(System.getProperty("user.home"), PublicKeyEntry.STD_KEYFILE_FOLDER_NAME, "id_rsa.pub");
        String readString = this.ui.readString(Files.exists(path, new LinkOption[0]) ? path.toString() : "", "public SSH key file", new Object[0]);
        if (Strings.isNullOrEmpty(readString)) {
            return null;
        }
        return createSshKey(id, readString);
    }

    private AccountSshKey createSshKey(Account.Id id, String str) throws IOException {
        Path path = Paths.get(str, new String[0]);
        if (Files.exists(path, new LinkOption[0])) {
            return new AccountSshKey(new AccountSshKey.Id(id, 1), new String(Files.readAllBytes(path), StandardCharsets.UTF_8));
        }
        throw new IOException(String.format("Cannot add public SSH key: %s is not a file", str));
    }
}
