package org.sonar.server.user.ws;

import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import java.util.Collections;
import java.util.List;
import javax.annotation.CheckForNull;
import javax.annotation.Nullable;
import org.sonar.api.server.ws.Change;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.core.util.Protobuf;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDto;
import org.sonar.server.user.ExternalIdentity;
import org.sonar.server.user.NewUser;
import org.sonar.server.user.UserSession;
import org.sonar.server.user.UserUpdater;
import org.sonar.server.user.index.UserIndexDefinition;
import org.sonar.server.ws.WsUtils;
import org.sonarqube.ws.Users;

/* loaded from: input_file:org/sonar/server/user/ws/CreateAction.class */
public class CreateAction implements UsersWsAction {
    private final DbClient dbClient;
    private final UserUpdater userUpdater;
    private final UserSession userSession;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/sonar/server/user/ws/CreateAction$Builder.class */
    public static class Builder {
        private String login;
        private String password;
        private String name;
        private String email;
        private List<String> scmAccounts;
        private boolean local;

        private Builder() {
            this.scmAccounts = Collections.emptyList();
            this.local = true;
        }

        public Builder setLogin(String str) {
            this.login = str;
            return this;
        }

        public Builder setPassword(@Nullable String str) {
            this.password = str;
            return this;
        }

        public Builder setName(String str) {
            this.name = str;
            return this;
        }

        public Builder setEmail(@Nullable String str) {
            this.email = str;
            return this;
        }

        public Builder setScmAccounts(List<String> list) {
            this.scmAccounts = list;
            return this;
        }

        public Builder setLocal(boolean z) {
            this.local = z;
            return this;
        }

        public CreateRequest build() {
            Preconditions.checkArgument(!Strings.isNullOrEmpty(this.login), "Login is mandatory and must not be empty");
            Preconditions.checkArgument(!Strings.isNullOrEmpty(this.name), "Name is mandatory and must not be empty");
            Preconditions.checkArgument((this.local && Strings.isNullOrEmpty(this.password)) ? false : true, "Password is mandatory and must not be empty");
            Preconditions.checkArgument(this.local || Strings.isNullOrEmpty(this.password), "Password should only be set on local user");
            return new CreateRequest(this);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/sonar/server/user/ws/CreateAction$CreateRequest.class */
    public static class CreateRequest {
        private final String login;
        private final String password;
        private final String name;
        private final String email;
        private final List<String> scmAccounts;
        private final boolean local;

        private CreateRequest(Builder builder) {
            this.login = builder.login;
            this.password = builder.password;
            this.name = builder.name;
            this.email = builder.email;
            this.scmAccounts = builder.scmAccounts;
            this.local = builder.local;
        }

        public String getLogin() {
            return this.login;
        }

        @CheckForNull
        public String getPassword() {
            return this.password;
        }

        public String getName() {
            return this.name;
        }

        @CheckForNull
        public String getEmail() {
            return this.email;
        }

        public List<String> getScmAccounts() {
            return this.scmAccounts;
        }

        public boolean isLocal() {
            return this.local;
        }

        public static Builder builder() {
            return new Builder();
        }
    }

    public CreateAction(DbClient dbClient, UserUpdater userUpdater, UserSession userSession) {
        this.dbClient = dbClient;
        this.userUpdater = userUpdater;
        this.userSession = userSession;
    }

    public void define(WebService.NewController newController) {
        WebService.NewAction handler = newController.createAction("create").setDescription("Create a user.<br/>If a deactivated user account exists with the given login, it will be reactivated.<br/>Requires Administer System permission").setSince("3.7").setChangelog(new Change[]{new Change("6.3", "The password is only mandatory when creating local users, and should not be set on non local users"), new Change("6.3", "The 'infos' message is no more returned when a user is reactivated")}).setPost(true).setResponseExample(getClass().getResource("create-example.json")).setHandler(this);
        handler.createParam("login").setRequired(true).setMaximumLength(Integer.valueOf(UserUpdater.LOGIN_MAX_LENGTH)).setDescription("User login").setExampleValue("myuser");
        handler.createParam("password").setDescription("User password. Only mandatory when creating local user, otherwise it should not be set").setExampleValue("mypassword");
        handler.createParam("name").setRequired(true).setMaximumLength(Integer.valueOf(UserUpdater.NAME_MAX_LENGTH)).setDescription("User name").setExampleValue("My Name");
        handler.createParam(UserIndexDefinition.FIELD_EMAIL).setMaximumLength(100).setDescription("User email").setExampleValue("myname@email.com");
        handler.createParam(UserIndexDefinition.FIELD_SCM_ACCOUNTS).setDescription("Comma-separated list of SCM accounts. This parameter is deprecated, please use '%s' instead", new Object[]{"scmAccount"}).setDeprecatedKey("scm_accounts", "6.0").setDeprecatedSince("6.1").setExampleValue("myscmaccount1,myscmaccount2");
        handler.createParam("scmAccount").setDescription("List of SCM accounts. To set several values, the parameter must be called once for each value.").setExampleValue("scmAccount=firstValue&scmAccount=secondValue&scmAccount=thirdValue");
        handler.createParam("local").setDescription("Specify if the user should be authenticated from SonarQube server or from an external authentication system. Password should not be set when local is set to false.").setSince("6.3").setDefaultValue("true").setBooleanPossibleValues();
    }

    public void handle(Request request, Response response) throws Exception {
        this.userSession.checkLoggedIn().checkIsSystemAdministrator();
        CreateRequest wsRequest = toWsRequest(request);
        Preconditions.checkArgument(EmailValidator.isValidIfPresent(wsRequest.getEmail()), "Email '%s' is not valid", new Object[]{wsRequest.getEmail()});
        WsUtils.writeProtobuf(doHandle(wsRequest), request, response);
    }

    private Users.CreateWsResponse doHandle(CreateRequest createRequest) {
        DbSession openSession = this.dbClient.openSession(false);
        Throwable th = null;
        try {
            String login = createRequest.getLogin();
            NewUser.Builder password = NewUser.builder().setLogin(login).setName(createRequest.getName()).setEmail(createRequest.getEmail()).setScmAccounts(createRequest.getScmAccounts()).setPassword(createRequest.getPassword());
            if (!createRequest.isLocal()) {
                password.setExternalIdentity(new ExternalIdentity(ExternalIdentity.SQ_AUTHORITY, login, login));
            }
            UserDto selectByLogin = this.dbClient.userDao().selectByLogin(openSession, login);
            if (selectByLogin == null) {
                Users.CreateWsResponse buildResponse = buildResponse(this.userUpdater.createAndCommit(openSession, password.build(), userDto -> {
                }, new UserDto[0]));
                if (openSession != null) {
                    if (0 != 0) {
                        try {
                            openSession.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        openSession.close();
                    }
                }
                return buildResponse;
            }
            Preconditions.checkArgument(!selectByLogin.isActive(), "An active user with login '%s' already exists", new Object[]{login});
            Users.CreateWsResponse buildResponse2 = buildResponse(this.userUpdater.reactivateAndCommit(openSession, selectByLogin, password.build(), userDto2 -> {
            }, new UserDto[0]));
            if (openSession != null) {
                if (0 != 0) {
                    try {
                        openSession.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                } else {
                    openSession.close();
                }
            }
            return buildResponse2;
        } catch (Throwable th4) {
            if (openSession != null) {
                if (0 != 0) {
                    try {
                        openSession.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    openSession.close();
                }
            }
            throw th4;
        }
    }

    private static Users.CreateWsResponse buildResponse(UserDto userDto) {
        Users.CreateWsResponse.User.Builder addAllScmAccounts = Users.CreateWsResponse.User.newBuilder().setLogin(userDto.getLogin()).setName(userDto.getName()).setActive(userDto.isActive()).setLocal(userDto.isLocal()).addAllScmAccounts(userDto.getScmAccountsAsList());
        String emptyToNull = Strings.emptyToNull(userDto.getEmail());
        addAllScmAccounts.getClass();
        Protobuf.setNullable(emptyToNull, addAllScmAccounts::setEmail);
        return Users.CreateWsResponse.newBuilder().setUser(addAllScmAccounts).build();
    }

    private static CreateRequest toWsRequest(Request request) {
        return CreateRequest.builder().setLogin(request.mandatoryParam("login")).setPassword(request.param("password")).setName(request.param("name")).setEmail(request.param(UserIndexDefinition.FIELD_EMAIL)).setScmAccounts(getScmAccounts(request)).setLocal(request.mandatoryParamAsBoolean("local")).build();
    }

    private static List<String> getScmAccounts(Request request) {
        if (request.hasParam("scmAccount")) {
            return request.multiParam("scmAccount");
        }
        List<String> paramAsStrings = request.paramAsStrings(UserIndexDefinition.FIELD_SCM_ACCOUNTS);
        return paramAsStrings != null ? paramAsStrings : Collections.emptyList();
    }
}
