package io.datarouter.web.user;

import io.datarouter.storage.config.Config;
import io.datarouter.storage.node.op.combo.IndexedSortedMapStorage;
import io.datarouter.web.user.databean.DatarouterUser;
import io.datarouter.web.user.databean.DatarouterUserKey;
import io.datarouter.web.user.role.DatarouterUserRole;
import io.datarouter.web.user.session.DatarouterSession;
import io.datarouter.web.util.PasswordTool;
import java.util.Objects;
import java.util.Set;
import javax.inject.Inject;
import javax.inject.Singleton;

@Singleton
/* loaded from: input_file:io/datarouter/web/user/DatarouterUserDao.class */
public class DatarouterUserDao {
    private final IndexedSortedMapStorage<DatarouterUserKey, DatarouterUser> userNode;

    @Inject
    public DatarouterUserDao(DatarouterUserNodes datarouterUserNodes) {
        this.userNode = datarouterUserNodes.getUserNode();
    }

    public DatarouterUser getAndValidateCurrentUser(DatarouterSession datarouterSession) {
        DatarouterUser userBySession = getUserBySession(datarouterSession);
        if (userBySession == null || !userBySession.getEnabled().booleanValue()) {
            throw new RuntimeException("Current user does not exist or is not enabled.");
        }
        return userBySession;
    }

    public DatarouterUser getUserBySession(DatarouterSession datarouterSession) {
        if (datarouterSession == null || datarouterSession.getUserId() == null) {
            return null;
        }
        return this.userNode.get(new DatarouterUserKey(datarouterSession.getUserId()), (Config) null);
    }

    public DatarouterUser getUserById(Long l) {
        return this.userNode.get(new DatarouterUserKey(l), (Config) null);
    }

    public static boolean canEditUser(DatarouterUser datarouterUser, DatarouterUser datarouterUser2) {
        if (datarouterUser.equals(datarouterUser2)) {
            return true;
        }
        return !datarouterUser.getRoles().contains(DatarouterUserRole.datarouterAdmin) && DatarouterUserRole.isUserAdmin(datarouterUser2) && datarouterUser2.getEnabled().booleanValue();
    }

    public static boolean canHavePassword(DatarouterUser datarouterUser) {
        return datarouterUser.getPasswordDigest() != null || datarouterUser.getRoles().contains(DatarouterUserRole.datarouterAdmin);
    }

    public static boolean isPasswordCorrect(DatarouterUser datarouterUser, String str) {
        if (datarouterUser == null || str == null) {
            return false;
        }
        return Objects.equals(datarouterUser.getPasswordDigest(), PasswordTool.digest(datarouterUser.getPasswordSalt(), str));
    }

    public boolean isPasswordCorrect(String str, String str2) {
        return isPasswordCorrect(this.userNode.lookupUnique(new DatarouterUser.DatarouterUserByUsernameLookup(str), (Config) null), str2);
    }

    public static Set<DatarouterUserRole> getAllowedUserRoles(DatarouterUser datarouterUser, String[] strArr) {
        Set<DatarouterUserRole> fromStringArray = DatarouterUserRole.fromStringArray(strArr);
        fromStringArray.retainAll(DatarouterUserRole.getPermissibleRolesForUser(datarouterUser));
        fromStringArray.add(DatarouterUserRole.requestor);
        return fromStringArray;
    }

    public void assertUserDoesNotExist(Long l, String str, String str2) {
        if (getUserById(l) != null) {
            throw new IllegalArgumentException("DatarouterUser already exists with id=" + l);
        }
        if (this.userNode.lookupUnique(new DatarouterUser.DatarouterUserByUserTokenLookup(str), (Config) null) != null) {
            throw new IllegalArgumentException("DatarouterUser already exists with userToken=" + str);
        }
        if (this.userNode.lookupUnique(new DatarouterUser.DatarouterUserByUsernameLookup(str2), (Config) null) != null) {
            throw new IllegalArgumentException("DatarouterUser already exists with username=" + str2);
        }
    }
}
