package org.sonar.server.user.ws;

import com.google.common.base.Strings;
import java.util.Collections;
import java.util.List;
import org.sonar.api.server.ws.Change;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.core.util.Protobuf;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDto;
import org.sonar.server.rule.index.RuleIndex;
import org.sonar.server.user.ExternalIdentity;
import org.sonar.server.user.NewUser;
import org.sonar.server.user.UserSession;
import org.sonar.server.user.UserUpdater;
import org.sonar.server.user.index.UserIndexDefinition;
import org.sonar.server.ws.WsUtils;
import org.sonarqube.ws.WsUsers;
import org.sonarqube.ws.client.user.CreateRequest;

/* loaded from: input_file:org/sonar/server/user/ws/CreateAction.class */
public class CreateAction implements UsersWsAction {
    private final DbClient dbClient;
    private final UserUpdater userUpdater;
    private final UserSession userSession;

    public CreateAction(DbClient dbClient, UserUpdater userUpdater, UserSession userSession) {
        this.dbClient = dbClient;
        this.userUpdater = userUpdater;
        this.userSession = userSession;
    }

    public void define(WebService.NewController newController) {
        WebService.NewAction handler = newController.createAction(org.sonar.server.measure.custom.ws.CreateAction.ACTION).setDescription("Create a user.<br/>If a deactivated user account exists with the given login, it will be reactivated.<br/>Requires Administer System permission").setSince("3.7").setChangelog(new Change[]{new Change("6.3", "The password is only mandatory when creating local users, and should not be set on non local users"), new Change("6.3", "The 'infos' message is no more returned when a user is reactivated")}).setPost(true).setHandler(this);
        handler.createParam(UserIndexDefinition.FIELD_LOGIN).setDescription("User login").setRequired(true).setExampleValue("myuser");
        handler.createParam("password").setDescription("User password. Only mandatory when creating local user, otherwise it should not be set").setExampleValue("mypassword");
        handler.createParam("name").setDescription("User name").setRequired(true).setExampleValue("My Name");
        handler.createParam(UserIndexDefinition.FIELD_EMAIL).setDescription("User email").setExampleValue("myname@email.com");
        handler.createParam(UserIndexDefinition.FIELD_SCM_ACCOUNTS).setDescription("This parameter is deprecated, please use '%s' instead", new Object[]{"scmAccount"}).setDeprecatedKey("scm_accounts", "6.0").setDeprecatedSince("6.1").setExampleValue("myscmaccount1,myscmaccount2");
        handler.createParam("scmAccount").setDescription("SCM accounts. To set several values, the parameter must be called once for each value.").setExampleValue("scmAccount=firstValue&scmAccount=secondValue&scmAccount=thirdValue");
        handler.createParam("local").setDescription("Specify if the user should be authenticated from SonarQube server or from an external authentication system. Password should not be set when local is set to false.").setSince("6.3").setDefaultValue(RuleIndex.FACET_OLD_DEFAULT).setBooleanPossibleValues();
    }

    public void handle(Request request, Response response) throws Exception {
        this.userSession.checkLoggedIn().checkIsSystemAdministrator();
        WsUtils.writeProtobuf(doHandle(toWsRequest(request)), request, response);
    }

    private WsUsers.CreateWsResponse doHandle(CreateRequest createRequest) {
        DbSession openSession = this.dbClient.openSession(false);
        Throwable th = null;
        try {
            NewUser.Builder password = NewUser.builder().setLogin(createRequest.getLogin()).setName(createRequest.getName()).setEmail(createRequest.getEmail()).setScmAccounts(createRequest.getScmAccounts()).setPassword(createRequest.getPassword());
            if (!createRequest.isLocal()) {
                password.setExternalIdentity(new ExternalIdentity(ExternalIdentity.SQ_AUTHORITY, createRequest.getLogin()));
            }
            UserDto create = this.userUpdater.create(openSession, password.build());
            openSession.commit();
            WsUsers.CreateWsResponse buildResponse = buildResponse(create);
            if (openSession != null) {
                if (0 != 0) {
                    try {
                        openSession.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    openSession.close();
                }
            }
            return buildResponse;
        } catch (Throwable th3) {
            if (openSession != null) {
                if (0 != 0) {
                    try {
                        openSession.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    openSession.close();
                }
            }
            throw th3;
        }
    }

    private static WsUsers.CreateWsResponse buildResponse(UserDto userDto) {
        WsUsers.CreateWsResponse.User.Builder addAllScmAccounts = WsUsers.CreateWsResponse.User.newBuilder().setLogin(userDto.getLogin()).setName(userDto.getName()).setActive(userDto.isActive()).setLocal(userDto.isLocal()).addAllScmAccounts(userDto.getScmAccountsAsList());
        String emptyToNull = Strings.emptyToNull(userDto.getEmail());
        addAllScmAccounts.getClass();
        Protobuf.setNullable(emptyToNull, addAllScmAccounts::setEmail);
        return WsUsers.CreateWsResponse.newBuilder().setUser(addAllScmAccounts).build();
    }

    private static CreateRequest toWsRequest(Request request) {
        return CreateRequest.builder().setLogin(request.mandatoryParam(UserIndexDefinition.FIELD_LOGIN)).setPassword(request.param("password")).setName(request.param("name")).setEmail(request.param(UserIndexDefinition.FIELD_EMAIL)).setScmAccounts(getScmAccounts(request)).setLocal(request.mandatoryParamAsBoolean("local")).build();
    }

    private static List<String> getScmAccounts(Request request) {
        if (request.hasParam("scmAccount")) {
            return request.multiParam("scmAccount");
        }
        List<String> paramAsStrings = request.paramAsStrings(UserIndexDefinition.FIELD_SCM_ACCOUNTS);
        return paramAsStrings != null ? paramAsStrings : Collections.emptyList();
    }
}
