package org.broadleafcommerce.openadmin.server.security.handler;

import java.util.Map;
import javax.annotation.Resource;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.broadleafcommerce.common.exception.ServiceException;
import org.broadleafcommerce.common.util.BLCSystemProperty;
import org.broadleafcommerce.openadmin.dto.Entity;
import org.broadleafcommerce.openadmin.dto.FieldMetadata;
import org.broadleafcommerce.openadmin.dto.PersistencePackage;
import org.broadleafcommerce.openadmin.dto.PersistencePerspective;
import org.broadleafcommerce.openadmin.dto.Property;
import org.broadleafcommerce.openadmin.server.dao.DynamicEntityDao;
import org.broadleafcommerce.openadmin.server.security.domain.AdminUser;
import org.broadleafcommerce.openadmin.server.security.remote.EntityOperationType;
import org.broadleafcommerce.openadmin.server.security.remote.SecurityVerifier;
import org.broadleafcommerce.openadmin.server.security.service.AdminSecurityService;
import org.broadleafcommerce.openadmin.server.service.handler.CustomPersistenceHandlerAdapter;
import org.broadleafcommerce.openadmin.server.service.persistence.module.RecordHelper;
import org.springframework.stereotype.Component;

@Component("blAdminUserCustomPersistenceHandler")
/* loaded from: input_file:org/broadleafcommerce/openadmin/server/security/handler/AdminUserCustomPersistenceHandler.class */
public class AdminUserCustomPersistenceHandler extends CustomPersistenceHandlerAdapter {
    private static final Log LOG = LogFactory.getLog(AdminUserCustomPersistenceHandler.class);

    @Resource(name = "blAdminSecurityService")
    protected AdminSecurityService adminSecurityService;

    @Resource(name = "blAdminSecurityRemoteService")
    protected SecurityVerifier adminRemoteSecurityService;

    protected boolean getRequireUniqueEmailAddress() {
        return BLCSystemProperty.resolveBooleanSystemProperty("admin.user.requireUniqueEmailAddress");
    }

    @Override // org.broadleafcommerce.openadmin.server.service.handler.CustomPersistenceHandlerAdapter, org.broadleafcommerce.openadmin.server.service.handler.CustomPersistenceHandler
    public Boolean willHandleSecurity(PersistencePackage persistencePackage) {
        return true;
    }

    @Override // org.broadleafcommerce.openadmin.server.service.handler.CustomPersistenceHandlerAdapter, org.broadleafcommerce.openadmin.server.service.handler.CustomPersistenceHandler
    public Boolean canHandleAdd(PersistencePackage persistencePackage) {
        try {
            return Boolean.valueOf(persistencePackage.getCeilingEntityFullyQualifiedClassname() != null && AdminUser.class.isAssignableFrom(Class.forName(persistencePackage.getCeilingEntityFullyQualifiedClassname())));
        } catch (ClassNotFoundException e) {
            throw new RuntimeException(e);
        }
    }

    @Override // org.broadleafcommerce.openadmin.server.service.handler.CustomPersistenceHandlerAdapter, org.broadleafcommerce.openadmin.server.service.handler.CustomPersistenceHandler
    public Boolean canHandleUpdate(PersistencePackage persistencePackage) {
        return canHandleAdd(persistencePackage);
    }

    @Override // org.broadleafcommerce.openadmin.server.service.handler.CustomPersistenceHandlerAdapter, org.broadleafcommerce.openadmin.server.service.handler.CustomPersistenceHandler
    public Entity add(PersistencePackage persistencePackage, DynamicEntityDao dynamicEntityDao, RecordHelper recordHelper) throws ServiceException {
        this.adminRemoteSecurityService.securityCheck(persistencePackage, EntityOperationType.ADD);
        Entity entity = persistencePackage.getEntity();
        try {
            PersistencePerspective persistencePerspective = persistencePackage.getPersistencePerspective();
            AdminUser adminUser = (AdminUser) Class.forName(entity.getType()[0]).newInstance();
            Map<String, FieldMetadata> simpleMergedProperties = recordHelper.getSimpleMergedProperties(AdminUser.class.getName(), persistencePerspective);
            AdminUser adminUser2 = (AdminUser) recordHelper.createPopulatedInstance(adminUser, entity, simpleMergedProperties, false);
            Entity validateLegalUsernameAndEmail = validateLegalUsernameAndEmail(entity, adminUser2, true);
            if (validateLegalUsernameAndEmail != null) {
                return validateLegalUsernameAndEmail;
            }
            adminUser2.setUnencodedPassword(adminUser2.getPassword());
            adminUser2.setPassword(null);
            return recordHelper.getRecord(simpleMergedProperties, this.adminSecurityService.saveAdminUser(adminUser2), null, null);
        } catch (Exception e) {
            throw new ServiceException("Unable to add entity for " + entity.getType()[0], e);
        }
    }

    @Override // org.broadleafcommerce.openadmin.server.service.handler.CustomPersistenceHandlerAdapter, org.broadleafcommerce.openadmin.server.service.handler.CustomPersistenceHandler
    public Entity update(PersistencePackage persistencePackage, DynamicEntityDao dynamicEntityDao, RecordHelper recordHelper) throws ServiceException {
        Entity entity = persistencePackage.getEntity();
        try {
            Map<String, FieldMetadata> simpleMergedProperties = recordHelper.getSimpleMergedProperties(AdminUser.class.getName(), persistencePackage.getPersistencePerspective());
            AdminUser adminUser = (AdminUser) dynamicEntityDao.retrieve(Class.forName(entity.getType()[0]), recordHelper.getPrimaryKey(entity, simpleMergedProperties));
            dynamicEntityDao.detach(adminUser);
            Entity validateLegalUsernameAndEmail = validateLegalUsernameAndEmail(entity, adminUser, false);
            if (validateLegalUsernameAndEmail != null) {
                return validateLegalUsernameAndEmail;
            }
            String password = adminUser.getPassword();
            adminUser.setPassword(null);
            AdminUser adminUser2 = (AdminUser) recordHelper.createPopulatedInstance(adminUser, entity, simpleMergedProperties, false);
            Property property = entity.getPMap().get("password");
            if (property != null) {
                if (StringUtils.isNotEmpty(property.getValue())) {
                    adminUser2.setUnencodedPassword(property.getValue());
                    adminUser2.setPassword(null);
                } else {
                    adminUser2.setPassword(password);
                }
            }
            if (!this.adminRemoteSecurityService.getPersistentAdminUser().getId().equals(adminUser2.getId())) {
                this.adminRemoteSecurityService.securityCheck(persistencePackage, EntityOperationType.UPDATE);
            }
            return recordHelper.getRecord(simpleMergedProperties, this.adminSecurityService.saveAdminUser(adminUser2), null, null);
        } catch (Exception e) {
            throw new ServiceException("Unable to update entity for " + entity.getType()[0], e);
        }
    }

    protected Entity validateLegalUsernameAndEmail(Entity entity, AdminUser adminUser, boolean z) {
        String value = entity.findProperty("login").getValue();
        String value2 = entity.findProperty("email").getValue();
        boolean z2 = false;
        boolean z3 = !getRequireUniqueEmailAddress();
        if (!z) {
            if (StringUtils.equals(value, adminUser.getLogin())) {
                z2 = true;
            }
            if (!getRequireUniqueEmailAddress() || StringUtils.equals(value2, adminUser.getEmail())) {
                z3 = true;
            }
        }
        if (!z2 && this.adminSecurityService.readAdminUserByUserName(value) != null) {
            entity.addValidationError("login", "admin.nonUniqueUsernameError");
            return entity;
        }
        if (z3 || !CollectionUtils.isNotEmpty(this.adminSecurityService.readAdminUsersByEmail(value2))) {
            return null;
        }
        entity.addValidationError("email", "admin.nonUniqueEmailError");
        return entity;
    }
}
