package org.apache.archiva.redback.rest.services;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.inject.Inject;
import javax.inject.Named;
import javax.mail.internet.AddressException;
import javax.mail.internet.InternetAddress;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import net.sf.ehcache.CacheManager;
import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;
import org.apache.archiva.redback.components.cache.Cache;
import org.apache.archiva.redback.configuration.UserConfiguration;
import org.apache.archiva.redback.configuration.UserConfigurationKeys;
import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator;
import org.apache.archiva.redback.integration.mail.Mailer;
import org.apache.archiva.redback.integration.security.role.RedbackRoleConstants;
import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.archiva.redback.keys.KeyManager;
import org.apache.archiva.redback.keys.KeyManagerException;
import org.apache.archiva.redback.keys.KeyNotFoundException;
import org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.policy.MustChangePasswordException;
import org.apache.archiva.redback.policy.UserSecurityPolicy;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
import org.apache.archiva.redback.rest.api.model.ErrorMessage;
import org.apache.archiva.redback.rest.api.model.Operation;
import org.apache.archiva.redback.rest.api.model.Permission;
import org.apache.archiva.redback.rest.api.model.RegistrationKey;
import org.apache.archiva.redback.rest.api.model.ResetPasswordRequest;
import org.apache.archiva.redback.rest.api.model.Resource;
import org.apache.archiva.redback.rest.api.model.User;
import org.apache.archiva.redback.rest.api.model.UserRegistrationRequest;
import org.apache.archiva.redback.rest.api.services.RedbackServiceException;
import org.apache.archiva.redback.rest.api.services.UserService;
import org.apache.archiva.redback.rest.services.utils.PasswordValidator;
import org.apache.archiva.redback.role.RoleManager;
import org.apache.archiva.redback.role.RoleManagerException;
import org.apache.archiva.redback.system.SecuritySystem;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserManagerException;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service("userService#rest")
/* loaded from: input_file:WEB-INF/lib/redback-rest-services-2.4.jar:org/apache/archiva/redback/rest/services/DefaultUserService.class */
public class DefaultUserService implements UserService {
    private final Logger log = LoggerFactory.getLogger(getClass());
    private static final String VALID_USERNAME_CHARS = "[a-zA-Z_0-9\\-.@]*";
    private UserManager userManager;
    private SecuritySystem securitySystem;

    @Inject
    @Named("userConfiguration#default")
    private UserConfiguration config;

    @Inject
    private RoleManager roleManager;

    @Inject
    @Named("cache#userAssignments")
    private Cache userAssignmentsCache;

    @Inject
    @Named("cache#userPermissions")
    private Cache userPermissionsCache;

    @Inject
    @Named("cache#users")
    private Cache usersCache;

    @Inject
    private Mailer mailer;

    @Inject
    @Named("rbacManager#default")
    private RBACManager rbacManager;
    private HttpAuthenticator httpAuthenticator;

    @Inject
    private PasswordValidator passwordValidator;

    @Context
    private HttpServletRequest httpServletRequest;

    @Inject
    public DefaultUserService(@Named("userManager#default") UserManager userManager, SecuritySystem securitySystem, @Named("httpAuthenticator#basic") HttpAuthenticator httpAuthenticator) {
        this.userManager = userManager;
        this.securitySystem = securitySystem;
        this.httpAuthenticator = httpAuthenticator;
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean createUser(User user) throws RedbackServiceException {
        try {
        } catch (UserNotFoundException e) {
            this.log.debug("user {} not exists", user.getUsername());
        } catch (UserManagerException e2) {
            throw new RedbackServiceException(new ErrorMessage(e2.getMessage()));
        }
        if (this.userManager.findUser(user.getUsername()) != null) {
            throw new RedbackServiceException(new ErrorMessage("user " + user.getUsername() + " already exists"));
        }
        if (StringUtils.isEmpty(user.getUsername())) {
            throw new RedbackServiceException(new ErrorMessage("username cannot be empty"));
        }
        if (StringUtils.isEmpty(user.getFullName())) {
            throw new RedbackServiceException(new ErrorMessage("fullName cannot be empty"));
        }
        if (StringUtils.isEmpty(user.getEmail())) {
            throw new RedbackServiceException(new ErrorMessage("email cannot be empty"));
        }
        try {
            org.apache.archiva.redback.users.User createUser = this.userManager.createUser(user.getUsername(), user.getFullName(), user.getEmail());
            createUser.setPassword(user.getPassword());
            createUser.setLocked(user.isLocked());
            createUser.setPasswordChangeRequired(user.isPasswordChangeRequired());
            createUser.setPermanent(user.isPermanent());
            createUser.setValidated(user.isValidated());
            org.apache.archiva.redback.users.User addUser = this.userManager.addUser(createUser);
            if (!user.isPasswordChangeRequired()) {
                addUser.setPasswordChangeRequired(false);
                try {
                    addUser = this.userManager.updateUser(addUser);
                    this.log.debug("user {} created", addUser.getUsername());
                } catch (UserNotFoundException e3) {
                    throw new RedbackServiceException(e3.getMessage());
                }
            }
            this.roleManager.assignRole(RedbackRoleConstants.REGISTERED_USER_ROLE_ID, addUser.getUsername());
            return Boolean.TRUE;
        } catch (RoleManagerException e4) {
            this.log.error("RoleProfile Error: {}", e4.getMessage(), e4);
            throw new RedbackServiceException(new ErrorMessage("assign.role.failure", null));
        } catch (UserManagerException e5) {
            throw new RedbackServiceException(new ErrorMessage(e5.getMessage()));
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean deleteUser(String str) throws RedbackServiceException {
        try {
            if (this.rbacManager.userAssignmentExists(str)) {
                this.rbacManager.removeUserAssignment(this.rbacManager.getUserAssignment(str));
            }
            try {
                try {
                    try {
                        this.userManager.deleteUser(str);
                        Boolean bool = Boolean.TRUE;
                        removeFromCache(str);
                        return bool;
                    } catch (UserManagerException e) {
                        throw new RedbackServiceException(new ErrorMessage(e.getMessage()));
                    }
                } catch (UserNotFoundException e2) {
                    this.log.error(e2.getMessage(), (Throwable) e2);
                    throw new RedbackServiceException(e2.getMessage());
                }
            } catch (Throwable th) {
                removeFromCache(str);
                throw th;
            }
        } catch (RbacManagerException e3) {
            this.log.error(e3.getMessage(), (Throwable) e3);
            throw new RedbackServiceException(e3.getMessage());
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public User getUser(String str) throws RedbackServiceException {
        try {
            return getSimpleUser(this.userManager.findUser(str));
        } catch (UserNotFoundException e) {
            return null;
        } catch (UserManagerException e2) {
            throw new RedbackServiceException(new ErrorMessage(e2.getMessage()));
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public List<User> getUsers() throws RedbackServiceException {
        try {
            List<org.apache.archiva.redback.users.User> users = this.userManager.getUsers();
            ArrayList arrayList = new ArrayList(users.size());
            Iterator<org.apache.archiva.redback.users.User> it = users.iterator();
            while (it.hasNext()) {
                arrayList.add(getSimpleUser(it.next()));
            }
            return arrayList;
        } catch (UserManagerException e) {
            throw new RedbackServiceException(new ErrorMessage(e.getMessage()));
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean updateMe(User user) throws RedbackServiceException {
        RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
        if (redbackRequestInformation == null || redbackRequestInformation.getUser() == null) {
            this.log.warn("RedbackRequestInformation from ThreadLocal is null");
            throw new RedbackServiceException(new ErrorMessage("you must be logged to update your profile"), Response.Status.FORBIDDEN.getStatusCode());
        }
        if (user == null) {
            throw new RedbackServiceException(new ErrorMessage("user parameter is mandatory"), Response.Status.BAD_REQUEST.getStatusCode());
        }
        if (!StringUtils.equals(redbackRequestInformation.getUser().getUsername(), user.getUsername())) {
            throw new RedbackServiceException(new ErrorMessage("you can update only your profile"), Response.Status.FORBIDDEN.getStatusCode());
        }
        if (StringUtils.isEmpty(user.getPreviousPassword())) {
            throw new RedbackServiceException(new ErrorMessage("previous password is empty"), Response.Status.BAD_REQUEST.getStatusCode());
        }
        User user2 = getUser(user.getUsername());
        try {
            if (!this.securitySystem.getPolicy().getPasswordEncoder().isPasswordValid(this.securitySystem.getUserManager().findUser(user.getUsername(), false).getEncodedPassword(), user.getPreviousPassword())) {
                throw new RedbackServiceException(new ErrorMessage("password.provided.does.not.match.existing"), Response.Status.BAD_REQUEST.getStatusCode());
            }
            user2.setFullName(user.getFullName());
            user2.setEmail(user.getEmail());
            if (StringUtils.isNotBlank(user.getPassword())) {
                this.passwordValidator.validatePassword(user.getPassword(), user.getUsername());
                user2.setPassword(user.getPassword());
            }
            updateUser(user2);
            return Boolean.TRUE;
        } catch (UserNotFoundException e) {
            throw new RedbackServiceException(new ErrorMessage("user not found"), Response.Status.BAD_REQUEST.getStatusCode());
        } catch (UserManagerException e2) {
            throw new RedbackServiceException(new ErrorMessage(e2.getMessage()));
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean updateUser(User user) throws RedbackServiceException {
        try {
            org.apache.archiva.redback.users.User findUser = this.userManager.findUser(user.getUsername(), false);
            findUser.setFullName(user.getFullName());
            findUser.setEmail(user.getEmail());
            findUser.setValidated(user.isValidated());
            findUser.setLocked(user.isLocked());
            findUser.setPassword(user.getPassword());
            findUser.setPasswordChangeRequired(user.isPasswordChangeRequired());
            findUser.setPermanent(user.isPermanent());
            this.userManager.updateUser(findUser);
            return Boolean.TRUE;
        } catch (UserNotFoundException e) {
            throw new RedbackServiceException(e.getMessage());
        } catch (UserManagerException e2) {
            throw new RedbackServiceException(new ErrorMessage(e2.getMessage()));
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public int removeFromCache(String str) throws RedbackServiceException {
        if (this.userAssignmentsCache != null) {
            this.userAssignmentsCache.remove(str);
        }
        if (this.userPermissionsCache != null) {
            this.userPermissionsCache.remove(str);
        }
        if (this.usersCache != null) {
            this.usersCache.remove(str);
        }
        CacheManager cacheManager = CacheManager.getInstance();
        for (String str2 : cacheManager.getCacheNames()) {
            if (StringUtils.startsWith(str2, "org.apache.archiva.redback.rbac.jdo")) {
                cacheManager.getCache(str2).removeAll();
            }
        }
        return 0;
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public User getGuestUser() throws RedbackServiceException {
        try {
            return getSimpleUser(this.userManager.getGuestUser());
        } catch (Exception e) {
            return null;
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public User createGuestUser() throws RedbackServiceException {
        User guestUser = getGuestUser();
        try {
            if (guestUser != null) {
                return guestUser;
            }
            try {
                try {
                    this.securitySystem.getPolicy().setEnabled(false);
                    org.apache.archiva.redback.users.User createGuestUser = this.userManager.createGuestUser();
                    createGuestUser.setPasswordChangeRequired(false);
                    org.apache.archiva.redback.users.User updateUser = this.userManager.updateUser(createGuestUser, false);
                    this.roleManager.assignRole(this.config.getString(UserConfigurationKeys.DEFAULT_GUEST), updateUser.getUsername());
                    User simpleUser = getSimpleUser(updateUser);
                    if (!this.securitySystem.getPolicy().isEnabled()) {
                        this.securitySystem.getPolicy().setEnabled(true);
                    }
                    return simpleUser;
                } catch (UserNotFoundException e) {
                    this.log.error(e.getMessage(), (Throwable) e);
                    throw new RedbackServiceException(e.getMessage());
                }
            } catch (RoleManagerException e2) {
                this.log.error(e2.getMessage(), (Throwable) e2);
                throw new RedbackServiceException(e2.getMessage());
            } catch (UserManagerException e3) {
                throw new RedbackServiceException(new ErrorMessage(e3.getMessage()));
            }
        } catch (Throwable th) {
            if (!this.securitySystem.getPolicy().isEnabled()) {
                this.securitySystem.getPolicy().setEnabled(true);
            }
            throw th;
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean ping() throws RedbackServiceException {
        return Boolean.TRUE;
    }

    private User getSimpleUser(org.apache.archiva.redback.users.User user) {
        if (user == null) {
            return null;
        }
        return new User(user);
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean createAdminUser(User user) throws RedbackServiceException {
        if (isAdminUserExists().booleanValue()) {
            return Boolean.FALSE;
        }
        try {
            org.apache.archiva.redback.users.User createUser = this.userManager.createUser("admin", user.getFullName(), user.getEmail());
            createUser.setPassword(user.getPassword());
            createUser.setLocked(false);
            createUser.setPasswordChangeRequired(false);
            createUser.setPermanent(true);
            createUser.setValidated(true);
            this.userManager.addUser(createUser);
            this.roleManager.assignRole("system-administrator", createUser.getUsername());
            return Boolean.TRUE;
        } catch (RoleManagerException e) {
            throw new RedbackServiceException(e.getMessage());
        } catch (UserManagerException e2) {
            throw new RedbackServiceException(new ErrorMessage(e2.getMessage()));
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean isAdminUserExists() throws RedbackServiceException {
        try {
            this.userManager.findUser(this.config.getString(UserConfigurationKeys.DEFAULT_ADMIN));
            return Boolean.TRUE;
        } catch (UserNotFoundException e) {
            return Boolean.FALSE;
        } catch (UserManagerException e2) {
            Throwable cause = e2.getCause();
            if (cause == null || !(cause instanceof UserNotFoundException)) {
                throw new RedbackServiceException(new ErrorMessage(e2.getMessage()));
            }
            return Boolean.FALSE;
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean resetPassword(ResetPasswordRequest resetPasswordRequest) throws RedbackServiceException {
        String username = resetPasswordRequest.getUsername();
        if (StringUtils.isEmpty(username)) {
            throw new RedbackServiceException(new ErrorMessage("username.cannot.be.empty"));
        }
        UserManager userManager = this.securitySystem.getUserManager();
        KeyManager keyManager = this.securitySystem.getKeyManager();
        UserSecurityPolicy policy = this.securitySystem.getPolicy();
        try {
            org.apache.archiva.redback.users.User findUser = userManager.findUser(username);
            AuthenticationKey createKey = keyManager.createKey(username, "Password Reset Request", policy.getUserValidationSettings().getEmailValidationTimeout());
            String applicationUrl = resetPasswordRequest.getApplicationUrl();
            if (StringUtils.isBlank(applicationUrl)) {
                applicationUrl = getBaseUrl();
            }
            this.mailer.sendPasswordResetEmail(Arrays.asList(findUser.getEmail()), createKey, applicationUrl);
            this.log.info("password reset request for username {}", username);
            return Boolean.TRUE;
        } catch (KeyManagerException e) {
            this.log.info("Unable to issue password reset.", (Throwable) e);
            throw new RedbackServiceException(new ErrorMessage("password.reset.email.generation.failure"));
        } catch (UserNotFoundException e2) {
            this.log.info("Password Reset on non-existant user [{}].", username);
            throw new RedbackServiceException(new ErrorMessage("password.reset.failure"));
        } catch (UserManagerException e3) {
            throw new RedbackServiceException(new ErrorMessage(e3.getMessage()));
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public RegistrationKey registerUser(UserRegistrationRequest userRegistrationRequest) throws RedbackServiceException {
        User user = userRegistrationRequest.getUser();
        if (user == null) {
            throw new RedbackServiceException(new ErrorMessage("invalid.user.credentials", null));
        }
        UserSecurityPolicy policy = this.securitySystem.getPolicy();
        boolean isEmailValidationRequired = policy.getUserValidationSettings().isEmailValidationRequired();
        if (isEmailValidationRequired) {
            validateCredentialsLoose(user);
        } else {
            validateCredentialsStrict(user);
        }
        try {
            if (this.userManager.userExists(user.getUsername())) {
                throw new RedbackServiceException(new ErrorMessage("user.already.exists", new String[]{user.getUsername()}));
            }
            org.apache.archiva.redback.users.User createUser = this.userManager.createUser(user.getUsername(), user.getFullName(), user.getEmail());
            createUser.setPassword(user.getPassword());
            createUser.setValidated(false);
            createUser.setLocked(false);
            this.roleManager.assignRole(RedbackRoleConstants.REGISTERED_USER_ROLE_ID, createUser.getUsername());
            if (!isEmailValidationRequired) {
                try {
                    this.userManager.addUser(createUser);
                    return new RegistrationKey("-1");
                } catch (UserManagerException e) {
                    throw new RedbackServiceException(new ErrorMessage(e.getMessage()));
                }
            }
            createUser.setLocked(true);
            try {
                try {
                    AuthenticationKey createKey = this.securitySystem.getKeyManager().createKey(createUser.getUsername(), "New User Email Validation", policy.getUserValidationSettings().getEmailValidationTimeout());
                    String applicationUrl = userRegistrationRequest.getApplicationUrl();
                    if (StringUtils.isBlank(applicationUrl)) {
                        applicationUrl = getBaseUrl();
                    }
                    this.log.debug("register user {} with email {} and app url {}", createUser.getUsername(), createUser.getEmail(), applicationUrl);
                    this.mailer.sendAccountValidationEmail(Arrays.asList(createUser.getEmail()), createKey, applicationUrl);
                    policy.setEnabled(false);
                    this.userManager.addUser(createUser);
                    RegistrationKey registrationKey = new RegistrationKey(createKey.getKey());
                    policy.setEnabled(true);
                    return registrationKey;
                } catch (Throwable th) {
                    policy.setEnabled(true);
                    throw th;
                }
            } catch (KeyManagerException e2) {
                this.log.error("Unable to register a new user.", (Throwable) e2);
                throw new RedbackServiceException(new ErrorMessage("cannot.register.user", null));
            } catch (UserManagerException e3) {
                throw new RedbackServiceException(new ErrorMessage(e3.getMessage()));
            }
        } catch (RoleManagerException e4) {
            this.log.error("RoleProfile Error: {}", e4.getMessage(), e4);
            throw new RedbackServiceException(new ErrorMessage("assign.role.failure", null));
        } catch (UserManagerException e5) {
            throw new RedbackServiceException(new ErrorMessage(e5.getMessage()));
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean validateUserFromKey(String str) throws RedbackServiceException {
        String str2 = null;
        try {
            AuthenticationKey findKey = this.securitySystem.getKeyManager().findKey(str);
            org.apache.archiva.redback.users.User findUser = this.securitySystem.getUserManager().findUser(findKey.getForPrincipal());
            findUser.setValidated(true);
            findUser.setLocked(false);
            findUser.setPasswordChangeRequired(true);
            findUser.setEncodedPassword("");
            str2 = findUser.getUsername();
            TokenBasedAuthenticationDataSource tokenBasedAuthenticationDataSource = new TokenBasedAuthenticationDataSource();
            tokenBasedAuthenticationDataSource.setPrincipal(str2);
            tokenBasedAuthenticationDataSource.setToken(findKey.getKey());
            tokenBasedAuthenticationDataSource.setEnforcePasswordChange(false);
            this.securitySystem.getUserManager().updateUser(findUser);
            this.httpAuthenticator.authenticate(tokenBasedAuthenticationDataSource, this.httpServletRequest.getSession(true));
            this.log.info("account validated for user {}", findUser.getUsername());
            return Boolean.TRUE;
        } catch (AuthenticationException e) {
            throw new RedbackServiceException(e.getMessage(), Response.Status.FORBIDDEN.getStatusCode());
        } catch (KeyNotFoundException e2) {
            this.log.info("Invalid key requested: {}", str);
            throw new RedbackServiceException(new ErrorMessage("cannot.find.key"));
        } catch (KeyManagerException e3) {
            throw new RedbackServiceException(new ErrorMessage("cannot.find.key.at.the.momment"));
        } catch (AccountLockedException e4) {
            throw new RedbackServiceException(e4.getMessage(), Response.Status.FORBIDDEN.getStatusCode());
        } catch (MustChangePasswordException e5) {
            throw new RedbackServiceException(e5.getMessage(), Response.Status.FORBIDDEN.getStatusCode());
        } catch (UserNotFoundException e6) {
            throw new RedbackServiceException(new ErrorMessage("cannot.find.user", new String[]{str2}));
        } catch (UserManagerException e7) {
            throw new RedbackServiceException(new ErrorMessage(e7.getMessage()));
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Collection<Permission> getCurrentUserPermissions() throws RedbackServiceException {
        RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
        String str = UserManager.GUEST_USERNAME;
        if (redbackRequestInformation == null || redbackRequestInformation.getUser() == null) {
            this.log.warn("RedbackRequestInformation from ThreadLocal is null");
        } else {
            str = redbackRequestInformation.getUser().getUsername();
        }
        return getUserPermissions(str);
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Collection<Operation> getCurrentUserOperations() throws RedbackServiceException {
        RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
        String str = UserManager.GUEST_USERNAME;
        if (redbackRequestInformation == null || redbackRequestInformation.getUser() == null) {
            this.log.warn("RedbackRequestInformation from ThreadLocal is null");
        } else {
            str = redbackRequestInformation.getUser().getUsername();
        }
        return getUserOperations(str);
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Collection<Operation> getUserOperations(String str) throws RedbackServiceException {
        Collection<Permission> userPermissions = getUserPermissions(str);
        ArrayList arrayList = new ArrayList(userPermissions.size());
        for (Permission permission : userPermissions) {
            if (permission.getOperation() != null) {
                Operation operation = new Operation();
                operation.setName(permission.getOperation().getName());
                arrayList.add(operation);
            }
        }
        return arrayList;
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Collection<Permission> getUserPermissions(String str) throws RedbackServiceException {
        try {
            Set<org.apache.archiva.redback.rbac.Permission> assignedPermissions = this.rbacManager.getAssignedPermissions(str);
            ArrayList arrayList = new ArrayList(assignedPermissions.size());
            for (org.apache.archiva.redback.rbac.Permission permission : assignedPermissions) {
                Permission permission2 = new Permission();
                permission2.setName(permission.getName());
                if (permission.getOperation() != null) {
                    Operation operation = new Operation();
                    operation.setName(permission.getOperation().getName());
                    permission2.setOperation(operation);
                }
                if (permission.getResource() != null) {
                    Resource resource = new Resource();
                    resource.setIdentifier(permission.getResource().getIdentifier());
                    resource.setPattern(permission.getResource().isPattern());
                    permission2.setResource(resource);
                }
                arrayList.add(permission2);
            }
            return arrayList;
        } catch (RbacObjectNotFoundException e) {
            this.log.error(e.getMessage(), (Throwable) e);
            throw new RedbackServiceException(e.getMessage());
        } catch (RbacManagerException e2) {
            this.log.error(e2.getMessage(), (Throwable) e2);
            throw new RedbackServiceException(e2.getMessage());
        }
    }

    public void validateCredentialsLoose(User user) throws RedbackServiceException {
        RedbackServiceException redbackServiceException = new RedbackServiceException("issues during validating user");
        if (StringUtils.isEmpty(user.getUsername())) {
            redbackServiceException.addErrorMessage(new ErrorMessage("username.required", null));
        } else if (!user.getUsername().matches(VALID_USERNAME_CHARS)) {
            redbackServiceException.addErrorMessage(new ErrorMessage("username.invalid.characters", null));
        }
        if (StringUtils.isEmpty(user.getFullName())) {
            redbackServiceException.addErrorMessage(new ErrorMessage("fullName.required", null));
        }
        if (StringUtils.isEmpty(user.getEmail())) {
            redbackServiceException.addErrorMessage(new ErrorMessage("email.required", null));
        }
        if (!StringUtils.equals(user.getPassword(), user.getConfirmPassword())) {
            redbackServiceException.addErrorMessage(new ErrorMessage("passwords.does.not.match", null));
        }
        try {
            if (!org.codehaus.plexus.util.StringUtils.isEmpty(user.getEmail())) {
                new InternetAddress(user.getEmail(), true);
            }
        } catch (AddressException e) {
            redbackServiceException.addErrorMessage(new ErrorMessage("email.invalid", null));
        }
        if (!redbackServiceException.getErrorMessages().isEmpty()) {
            throw redbackServiceException;
        }
    }

    public void validateCredentialsStrict(User user) throws RedbackServiceException {
        validateCredentialsLoose(user);
        try {
            org.apache.archiva.redback.users.User createUser = this.userManager.createUser(user.getUsername(), user.getFullName(), user.getEmail());
            user.setPassword(user.getPassword());
            this.securitySystem.getPolicy().validatePassword(createUser);
            if (org.codehaus.plexus.util.StringUtils.isEmpty(user.getPassword())) {
                throw new RedbackServiceException(new ErrorMessage("password.required", null));
            }
        } catch (UserManagerException e) {
            throw new RedbackServiceException(new ErrorMessage(e.getMessage()));
        }
    }

    private String getBaseUrl() {
        if (this.httpServletRequest == null || this.httpServletRequest == null) {
            return null;
        }
        return this.httpServletRequest.getScheme() + "://" + this.httpServletRequest.getServerName() + (this.httpServletRequest.getServerPort() == 80 ? "" : ":" + this.httpServletRequest.getServerPort()) + this.httpServletRequest.getContextPath();
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean unlockUser(String str) throws RedbackServiceException {
        User user = getUser(str);
        if (user == null) {
            return Boolean.FALSE;
        }
        user.setLocked(false);
        updateUser(user);
        return Boolean.TRUE;
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean lockUser(String str) throws RedbackServiceException {
        User user = getUser(str);
        if (user == null) {
            return Boolean.FALSE;
        }
        user.setLocked(true);
        updateUser(user);
        return Boolean.TRUE;
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean passwordChangeRequired(String str) throws RedbackServiceException {
        User user = getUser(str);
        if (user != null) {
            return Boolean.FALSE;
        }
        user.setPasswordChangeRequired(true);
        updateUser(user);
        return Boolean.TRUE;
    }

    @Override // org.apache.archiva.redback.rest.api.services.UserService
    public Boolean passwordChangeNotRequired(String str) throws RedbackServiceException {
        User user = getUser(str);
        if (user != null) {
            return Boolean.FALSE;
        }
        user.setPasswordChangeRequired(false);
        updateUser(user);
        return Boolean.TRUE;
    }
}
