package com.hazelcast.webmonitor.controller.internal;

import com.hazelcast.internal.auditlog.AuditlogService;
import com.hazelcast.webmonitor.auditlog.impl.EventLogTypeIds;
import com.hazelcast.webmonitor.controller.dto.UserCredentialsDTO;
import com.hazelcast.webmonitor.controller.dto.UserInfoDTO;
import com.hazelcast.webmonitor.model.sql.UserCredentialsModel;
import com.hazelcast.webmonitor.repositories.sql.UserDAO;
import com.hazelcast.webmonitor.security.spi.SecurityConfigApiException;
import com.hazelcast.webmonitor.security.spi.SecurityProvider;
import com.hazelcast.webmonitor.security.spi.impl.AuthenticationManagerImpl;
import com.hazelcast.webmonitor.service.StateManager;
import java.time.ZoneId;
import java.util.List;
import java.util.stream.Collectors;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/classes/com/hazelcast/webmonitor/controller/internal/UserController.class
 */
@RequestMapping(path = {"/api"})
@RestController
/* loaded from: input_file:com/hazelcast/webmonitor/controller/internal/UserController.class */
public class UserController extends BaseController {
    private final AuthenticationManagerImpl authenticationManagerImpl;
    private final UserDAO userDAO;

    public UserController(StateManager stateManager, AuthenticationManagerImpl authenticationManagerImpl, UserDAO userDAO, AuditlogService auditlogService) {
        super(stateManager, auditlogService);
        this.authenticationManagerImpl = authenticationManagerImpl;
        this.userDAO = userDAO;
    }

    @GetMapping(path = {"/self"})
    public UserInfoDTO self() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return new UserInfoDTO(authentication.getName(), (List) authentication.getAuthorities().stream().map((v0) -> {
            return v0.getAuthority();
        }).collect(Collectors.toList()), ((Long) this.userDAO.getLastLoginTime(authentication.getName()).map(localDateTime -> {
            return Long.valueOf(localDateTime.atZone(ZoneId.systemDefault()).toInstant().toEpochMilli());
        }).orElse(0L)).longValue());
    }

    @Secured({SecurityProvider.ROLE_ADMIN})
    @GetMapping(path = {"/users/{username}"})
    public UserCredentialsDTO getUser(@PathVariable(name = "username") String str) {
        UserCredentialsModel user = this.authenticationManagerImpl.getUser(str);
        return new UserCredentialsDTO(user.getUsername(), user.getRole());
    }

    @Secured({SecurityProvider.ROLE_ADMIN})
    @GetMapping(path = {"/users"})
    public List<String> getUsers() {
        return this.authenticationManagerImpl.getUsernames();
    }

    /* JADX WARN: Type inference failed for: r0v4, types: [com.hazelcast.internal.auditlog.EventBuilder] */
    @PostMapping(path = {"/users"})
    @Secured({SecurityProvider.ROLE_ADMIN})
    public void createUser(@RequestParam String str, @RequestParam String str2, @RequestParam String str3) {
        this.authenticationManagerImpl.createUser(str, str2, str3);
        configLogBuilder(EventLogTypeIds.CONFIG_USER_CREATED, "Create User in Default Security Provider").addParameter("createdUsername", str).addParameter("createdRole", str3).log();
    }

    /* JADX WARN: Type inference failed for: r0v4, types: [com.hazelcast.internal.auditlog.EventBuilder] */
    @PostMapping(path = {"/users/{username}"})
    @Secured({SecurityProvider.ROLE_ADMIN})
    public void updateUser(@PathVariable String str, @RequestParam String str2) {
        this.authenticationManagerImpl.updateUser(str, str2);
        configLogBuilder(EventLogTypeIds.CONFIG_USER_UPDATED, "Update User in Default Security Provider").addParameter("updatedUsername", str).addParameter("updatedRole", str2).log();
    }

    /* JADX WARN: Type inference failed for: r0v7, types: [com.hazelcast.internal.auditlog.EventBuilder] */
    @PostMapping(path = {"/users/{username}/actions/changePassword"})
    @Secured({SecurityProvider.ROLE_ADMIN})
    public void changePassword(@PathVariable String str, @RequestParam String str2, @RequestParam String str3) {
        if (!this.authenticationManagerImpl.checkPassword(currentUser(), str2)) {
            throw new SecurityConfigApiException("Your password is not correct.");
        }
        this.authenticationManagerImpl.changePassword(str, str3);
        configLogBuilder(EventLogTypeIds.CONFIG_USER_PASSWORD_CHANGED, "Change User Password in Default Security Provider").addParameter("updatedUsername", str).log();
    }

    /* JADX WARN: Type inference failed for: r0v10, types: [com.hazelcast.internal.auditlog.EventBuilder] */
    @PostMapping(path = {"/users/{username}/actions/delete"})
    @Secured({SecurityProvider.ROLE_ADMIN})
    public void deleteUser(@PathVariable String str, @RequestParam String str2) {
        String currentUser = currentUser();
        if (!this.authenticationManagerImpl.checkPassword(currentUser, str2)) {
            throw new SecurityConfigApiException("Your password is not correct.");
        }
        if (currentUser != null && currentUser.equals(str)) {
            throw new SecurityConfigApiException("You cannot delete the user you have logged in with.");
        }
        this.authenticationManagerImpl.deleteUser(str);
        configLogBuilder(EventLogTypeIds.CONFIG_USER_DELETED, "Delete User in Default Security Provider").addParameter("deletedUsername", str).log();
    }
}
