package org.trustedanalytics.usermanagement.users.service;

import java.util.Collection;
import java.util.Collections;
import java.util.Map;
import java.util.Optional;
import java.util.UUID;
import java.util.stream.Collectors;
import org.cloudfoundry.identity.uaa.scim.ScimGroup;
import org.cloudfoundry.identity.uaa.scim.ScimUser;
import org.trustedanalytics.uaa.UaaOperations;
import org.trustedanalytics.uaa.UserIdNamePair;
import org.trustedanalytics.usermanagement.common.EntityNotFoundException;
import org.trustedanalytics.usermanagement.invitations.service.AccessInvitationsService;
import org.trustedanalytics.usermanagement.invitations.service.InvitationsService;
import org.trustedanalytics.usermanagement.security.service.UserDetailsFinderImpl;
import org.trustedanalytics.usermanagement.users.model.User;
import org.trustedanalytics.usermanagement.users.model.UserRequest;
import org.trustedanalytics.usermanagement.users.model.UserRole;
import org.trustedanalytics.usermanagement.users.rest.AuthGatewayOperations;

/* loaded from: input_file:org/trustedanalytics/usermanagement/users/service/UaaUsersService.class */
public class UaaUsersService implements UsersService {
    private final UaaOperations uaaClient;
    private final InvitationsService invitationsService;
    private final AccessInvitationsService accessInvitationsService;
    private final AuthGatewayOperations authGatewayOperations;

    public UaaUsersService(UaaOperations uaaOperations, InvitationsService invitationsService, AccessInvitationsService accessInvitationsService, AuthGatewayOperations authGatewayOperations) {
        this.uaaClient = uaaOperations;
        this.invitationsService = invitationsService;
        this.accessInvitationsService = accessInvitationsService;
        this.authGatewayOperations = authGatewayOperations;
    }

    @Override // org.trustedanalytics.usermanagement.users.service.UsersService
    public Collection<User> getOrgUsers(String str) {
        return (Collection) this.uaaClient.getUsers().getResources().stream().map(scimUser -> {
            return new User(UUID.fromString(scimUser.getId()), scimUser.getUserName(), extractOrgRole(scimUser));
        }).collect(Collectors.toList());
    }

    private UserRole extractOrgRole(ScimUser scimUser) {
        return scimUser.getGroups().stream().anyMatch(group -> {
            return group.getDisplay().equals(UserDetailsFinderImpl.ADMIN_GROUP);
        }) ? UserRole.ADMIN : UserRole.USER;
    }

    @Override // org.trustedanalytics.usermanagement.users.service.UsersService
    public Optional<User> addOrgUser(UserRequest userRequest, String str, String str2) {
        Optional<UserIdNamePair> findUserIdByName = this.uaaClient.findUserIdByName(userRequest.getUsername());
        if (!findUserIdByName.isPresent()) {
            inviteUserToOrg(userRequest.getUsername(), str2, str, (UserRole) Optional.ofNullable(userRequest.getRole()).orElse(UserRole.USER));
        }
        return findUserIdByName.map(userIdNamePair -> {
            UUID guid = userIdNamePair.getGuid();
            this.authGatewayOperations.createUser(str, guid.toString());
            return new User(guid, userRequest.getUsername(), userRequest.getRole());
        });
    }

    private void inviteUserToOrg(String str, String str2, String str3, UserRole userRole) {
        if (this.accessInvitationsService.createOrUpdateInvitation(str, accessInvitations -> {
            accessInvitations.addOrgAccessInvitation(str3, userRole);
        }) == AccessInvitationsService.CreateOrUpdateState.CREATED) {
            this.invitationsService.sendInviteEmail(str, str2);
        }
    }

    @Override // org.trustedanalytics.usermanagement.users.service.UsersService
    public void deleteUserFromOrg(UUID uuid, String str) {
        if (getOrgUsers(str).stream().noneMatch(user -> {
            return uuid.equals(user.getGuid());
        })) {
            throw new EntityNotFoundException("The user does not exist", null);
        }
        this.uaaClient.deleteUser(uuid);
        this.authGatewayOperations.deleteUser(str, uuid.toString());
    }

    @Override // org.trustedanalytics.usermanagement.users.service.UsersService
    public UserRole updateOrgUserRole(UUID uuid, String str, UserRole userRole) {
        ScimGroup adminGroup = getAdminGroup();
        if (isGroupMember(adminGroup, uuid) && userRole.equals(UserRole.USER)) {
            this.uaaClient.removeUserFromGroup(adminGroup, uuid);
        } else if (!isGroupMember(adminGroup, uuid) && userRole.equals(UserRole.ADMIN)) {
            this.uaaClient.addUserToGroup(adminGroup, uuid);
        }
        return userRole;
    }

    @Override // org.trustedanalytics.usermanagement.users.service.UsersService
    public void updateUserRolesInOrgs(String str, UUID uuid) {
        ((Map) this.accessInvitationsService.getAccessInvitations(str).map((v0) -> {
            return v0.getOrgAccessInvitations();
        }).orElse(Collections.emptyMap())).forEach((str2, userRole) -> {
            updateOrgUserRole(uuid, str2, userRole);
        });
    }

    private ScimGroup getAdminGroup() {
        return this.uaaClient.getGroup(UserDetailsFinderImpl.ADMIN_GROUP).orElseThrow(() -> {
            return new EntityNotFoundException("Group tap.admin not found in UAA database");
        });
    }

    private boolean isGroupMember(ScimGroup scimGroup, UUID uuid) {
        return scimGroup.getMembers().stream().anyMatch(scimGroupMember -> {
            return scimGroupMember.getMemberId().equals(uuid.toString());
        });
    }
}
