package io.datarouter.auth.web.service;

import io.datarouter.auth.model.dto.HistoryChange;
import io.datarouter.auth.service.DatarouterUserService;
import io.datarouter.auth.storage.user.datarouteruser.DatarouterUser;
import io.datarouter.auth.storage.user.datarouteruser.DatarouterUserDao;
import io.datarouter.auth.storage.user.permissionrequest.DatarouterPermissionRequestDao;
import io.datarouter.auth.storage.user.permissionrequest.PermissionRequest;
import io.datarouter.auth.storage.user.userhistory.DatarouterUserHistoryDao;
import io.datarouter.auth.storage.user.userhistory.DatarouterUserHistoryLog;
import io.datarouter.auth.storage.user.userhistory.DatarouterUserHistoryLogKey;
import io.datarouter.email.type.DatarouterEmailTypes;
import io.datarouter.instrumentation.changelog.ChangelogRecorder;
import io.datarouter.scanner.Scanner;
import io.datarouter.storage.config.properties.AdminEmail;
import io.datarouter.storage.servertype.ServerTypeDetector;
import io.datarouter.types.MilliTime;
import io.datarouter.web.email.DatarouterHtmlEmailService;
import j2html.TagCreator;
import j2html.tags.DomContent;
import j2html.tags.specialized.PTag;
import jakarta.inject.Inject;
import jakarta.inject.Singleton;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Function;

@Singleton
/* loaded from: input_file:io/datarouter/auth/web/service/DatarouterUserHistoryService.class */
public class DatarouterUserHistoryService {
    public static final String CHANGELOG_TYPE = "DatarouterUserHistory";

    @Inject
    private AdminEmail adminEmail;

    @Inject
    private ChangelogRecorder changelogRecorder;

    @Inject
    private DatarouterUserDao baseDatarouterUserDao;

    @Inject
    private DatarouterUserHistoryDao baseDatarouterUserHistoryDao;

    @Inject
    private DatarouterPermissionRequestDao permissionRequestDao;

    @Inject
    private DatarouterUserService datarouterUserService;

    @Inject
    private DatarouterHtmlEmailService htmlEmailService;

    @Inject
    private DatarouterUserEditService userEditService;

    @Inject
    private DatarouterEmailTypes.PermissionRequestEmailType permissionRequestEmailType;

    @Inject
    private ServerTypeDetector serverTypeDetector;

    public Map<PermissionRequest, Optional<HistoryChange>> getResolvedRequestToHistoryChangesMap(List<PermissionRequest> list) {
        Scanner batch = Scanner.of(list).map((v0) -> {
            return v0.toUserHistoryKey();
        }).map(optional -> {
            return (DatarouterUserHistoryLogKey) optional.orElse(null);
        }).include((v0) -> {
            return Objects.nonNull(v0);
        }).batch(100);
        DatarouterUserHistoryDao datarouterUserHistoryDao = this.baseDatarouterUserHistoryDao;
        datarouterUserHistoryDao.getClass();
        Map map = batch.map((v1) -> {
            return r1.getMulti(v1);
        }).concat((v0) -> {
            return Scanner.of(v0);
        }).toMap((v0) -> {
            return v0.getKey();
        }, datarouterUserHistoryLog -> {
            return new HistoryChange(datarouterUserHistoryLog.getChanges(), this.datarouterUserService.findUserById(datarouterUserHistoryLog.getEditor(), false));
        });
        return Scanner.of(list).deduplicateConsecutive().toMap(Function.identity(), permissionRequest -> {
            return permissionRequest.toUserHistoryKey().map(datarouterUserHistoryLogKey -> {
                return (HistoryChange) map.getOrDefault(datarouterUserHistoryLogKey, new HistoryChange(permissionRequest.getResolution().persistentString, Optional.empty()));
            });
        });
    }

    public void putAndRecordCreate(DatarouterUser datarouterUser, Long l, String str, String str2) {
        this.baseDatarouterUserDao.put(datarouterUser);
        this.baseDatarouterUserHistoryDao.put(new DatarouterUserHistoryLog(datarouterUser.getId(), datarouterUser.getCreated(), l, DatarouterUserHistoryLog.DatarouterUserChangeType.CREATE, str2));
        this.changelogRecorder.record(new ChangelogRecorder.DatarouterChangelogDtoBuilder(CHANGELOG_TYPE, datarouterUser.getUsername(), DatarouterUserHistoryLog.DatarouterUserChangeType.CREATE.persistentString, str).withComment(str2).build());
    }

    public void putAndRecordPasswordChange(DatarouterUser datarouterUser, DatarouterUser datarouterUser2, String str) {
        DatarouterUserHistoryLog datarouterUserHistoryLog = new DatarouterUserHistoryLog(datarouterUser.getId(), MilliTime.now(), datarouterUser2.getId(), DatarouterUserHistoryLog.DatarouterUserChangeType.RESET, "password");
        doPutAndRecordEdit(datarouterUser, datarouterUserHistoryLog, false);
        sendPasswordChangeEmail(datarouterUser, datarouterUserHistoryLog, str);
        this.changelogRecorder.record(new ChangelogRecorder.DatarouterChangelogDtoBuilder(CHANGELOG_TYPE, datarouterUser.getUsername(), DatarouterUserHistoryLog.DatarouterUserChangeType.RESET.persistentString, datarouterUser2.getUsername()).build());
    }

    public void putAndRecordTimezoneUpdate(DatarouterUser datarouterUser, DatarouterUser datarouterUser2, String str, String str2) {
        DatarouterUserHistoryLog datarouterUserHistoryLog = new DatarouterUserHistoryLog(datarouterUser.getId(), MilliTime.now(), datarouterUser2.getId(), DatarouterUserHistoryLog.DatarouterUserChangeType.EDIT, str);
        doPutAndRecordEdit(datarouterUser, datarouterUserHistoryLog, false);
        sendTimezoneUpdateEmail(datarouterUser, datarouterUserHistoryLog, str2);
        this.changelogRecorder.record(new ChangelogRecorder.DatarouterChangelogDtoBuilder(CHANGELOG_TYPE, datarouterUser.getUsername(), DatarouterUserHistoryLog.DatarouterUserChangeType.EDIT.persistentString, datarouterUser2.getUsername()).withComment(str).build());
    }

    public void putAndRecordPermissionChange(DatarouterUser datarouterUser, DatarouterUser datarouterUser2, String str, String str2) {
        DatarouterUserHistoryLog datarouterUserHistoryLog = new DatarouterUserHistoryLog(datarouterUser.getId(), MilliTime.now(), datarouterUser2.getId(), DatarouterUserHistoryLog.DatarouterUserChangeType.EDIT, str);
        doPutAndRecordEdit(datarouterUser, datarouterUserHistoryLog, true);
        sendPermissionChangeEmail(datarouterUser, datarouterUserHistoryLog, str2);
        this.changelogRecorder.record(new ChangelogRecorder.DatarouterChangelogDtoBuilder(CHANGELOG_TYPE, datarouterUser.getUsername(), DatarouterUserHistoryLog.DatarouterUserChangeType.EDIT.persistentString, datarouterUser2.getUsername()).withComment(str).build());
    }

    public void recordPermissionRequestDecline(DatarouterUser datarouterUser, DatarouterUser datarouterUser2, String str, MilliTime milliTime) {
        this.baseDatarouterUserHistoryDao.put(new DatarouterUserHistoryLog(datarouterUser.getId(), milliTime, datarouterUser2.getId(), DatarouterUserHistoryLog.DatarouterUserChangeType.INFO, str));
        this.changelogRecorder.record(new ChangelogRecorder.DatarouterChangelogDtoBuilder(CHANGELOG_TYPE, datarouterUser.getUsername(), DatarouterUserHistoryLog.DatarouterUserChangeType.INFO.persistentString, datarouterUser2.getUsername()).withComment(str).build());
    }

    public void recordSamlSignOnChanges(DatarouterUser datarouterUser, String str) {
        this.baseDatarouterUserHistoryDao.put(new DatarouterUserHistoryLog(datarouterUser.getId(), MilliTime.now(), 1L, DatarouterUserHistoryLog.DatarouterUserChangeType.EDIT, str));
        this.changelogRecorder.record(new ChangelogRecorder.DatarouterChangelogDtoBuilder(CHANGELOG_TYPE, datarouterUser.getUsername(), DatarouterUserHistoryLog.DatarouterUserChangeType.SAML.persistentString, this.adminEmail.get()).withComment(str).build());
    }

    public void recordMessage(DatarouterUser datarouterUser, DatarouterUser datarouterUser2, String str) {
        this.baseDatarouterUserHistoryDao.put(new DatarouterUserHistoryLog(datarouterUser.getId(), MilliTime.now(), datarouterUser2.getId(), DatarouterUserHistoryLog.DatarouterUserChangeType.INFO, str));
    }

    public void recordDeprovisions(List<DatarouterUser> list, Optional<DatarouterUser> optional) {
        MilliTime now = MilliTime.now();
        Long l = (Long) optional.map((v0) -> {
            return v0.getId();
        }).orElse(1L);
        Scanner map = Scanner.of(list).map(datarouterUser -> {
            return new DatarouterUserHistoryLog(datarouterUser.getId(), now, l, DatarouterUserHistoryLog.DatarouterUserChangeType.DEPROVISION, "deprovisioned");
        });
        DatarouterUserHistoryDao datarouterUserHistoryDao = this.baseDatarouterUserHistoryDao;
        datarouterUserHistoryDao.getClass();
        Map map2 = map.flush((v1) -> {
            r1.putMulti(v1);
        }).toMap(datarouterUserHistoryLog -> {
            return datarouterUserHistoryLog.getKey().getUserId();
        });
        Scanner map3 = Scanner.of(list).map((v0) -> {
            return v0.getId();
        });
        DatarouterPermissionRequestDao datarouterPermissionRequestDao = this.permissionRequestDao;
        datarouterPermissionRequestDao.getClass();
        Scanner map4 = ((Scanner) map3.listTo(datarouterPermissionRequestDao::scanOpenPermissionRequestsForUsers)).map(permissionRequest -> {
            return permissionRequest.decline(now.toInstant());
        });
        DatarouterPermissionRequestDao datarouterPermissionRequestDao2 = this.permissionRequestDao;
        datarouterPermissionRequestDao2.getClass();
        map4.flush((v1) -> {
            r1.putMulti(v1);
        });
        optional.ifPresent(datarouterUser2 -> {
            list.forEach(datarouterUser2 -> {
                sendDeprovisioningEmail(datarouterUser2, (DatarouterUserHistoryLog) map2.get(datarouterUser2.getId()), datarouterUser2);
            });
        });
        recordProvisioningChangelogs(list, optional, DatarouterUserHistoryLog.DatarouterUserChangeType.DEPROVISION);
    }

    public void recordRestores(List<DatarouterUser> list, Optional<DatarouterUser> optional) {
        MilliTime now = MilliTime.now();
        Long l = (Long) optional.map((v0) -> {
            return v0.getId();
        }).orElse(null);
        Scanner map = Scanner.of(list).map(datarouterUser -> {
            return new DatarouterUserHistoryLog(datarouterUser.getId(), now, l, DatarouterUserHistoryLog.DatarouterUserChangeType.RESTORE, "restored");
        });
        DatarouterUserHistoryDao datarouterUserHistoryDao = this.baseDatarouterUserHistoryDao;
        datarouterUserHistoryDao.getClass();
        map.flush((v1) -> {
            r1.putMulti(v1);
        });
        recordProvisioningChangelogs(list, optional, DatarouterUserHistoryLog.DatarouterUserChangeType.RESTORE);
    }

    public List<DatarouterUserHistoryLog> getHistoryForUser(Long l) {
        return this.baseDatarouterUserHistoryDao.scanWithPrefix(new DatarouterUserHistoryLogKey(l, (MilliTime) null)).list();
    }

    private void recordProvisioningChangelogs(List<DatarouterUser> list, Optional<DatarouterUser> optional, DatarouterUserHistoryLog.DatarouterUserChangeType datarouterUserChangeType) {
        Scanner map = Scanner.of(list).map((v0) -> {
            return v0.getUsername();
        }).map(str -> {
            return new ChangelogRecorder.DatarouterChangelogDtoBuilder(CHANGELOG_TYPE, str, datarouterUserChangeType.persistentString, (String) optional.map((v0) -> {
                return v0.getUsername();
            }).orElse(this.adminEmail.get()));
        }).map((v0) -> {
            return v0.build();
        });
        ChangelogRecorder changelogRecorder = this.changelogRecorder;
        changelogRecorder.getClass();
        map.forEach(changelogRecorder::record);
    }

    private void doPutAndRecordEdit(DatarouterUser datarouterUser, DatarouterUserHistoryLog datarouterUserHistoryLog, boolean z) {
        this.baseDatarouterUserDao.put(datarouterUser);
        this.baseDatarouterUserHistoryDao.put(datarouterUserHistoryLog);
        if (z) {
            Scanner scanOpenPermissionRequestsForUser = this.permissionRequestDao.scanOpenPermissionRequestsForUser(datarouterUserHistoryLog.getKey().getUserId());
            datarouterUserHistoryLog.getClass();
            Scanner map = scanOpenPermissionRequestsForUser.map(datarouterUserHistoryLog::resolvePermissionRequest);
            DatarouterPermissionRequestDao datarouterPermissionRequestDao = this.permissionRequestDao;
            datarouterPermissionRequestDao.getClass();
            map.flush((v1) -> {
                r1.putMulti(v1);
            });
        }
    }

    private void sendPasswordChangeEmail(DatarouterUser datarouterUser, DatarouterUserHistoryLog datarouterUserHistoryLog, String str) {
        DatarouterUser userById = this.datarouterUserService.getUserById(datarouterUserHistoryLog.getEditor(), false);
        this.htmlEmailService.trySendJ2Html(this.htmlEmailService.startEmailBuilder().withSubject(this.userEditService.getPasswordChangedEmailSubject(datarouterUser)).withTitle("Password Changed").withTitleHref(str).withContent(TagCreator.div(new DomContent[]{TagCreator.p(String.format("Your user (%s) password has been changed by user %s (%s).", datarouterUser.getUsername(), userById.getId(), userById.getUsername())), TagCreator.p("Changes: " + datarouterUserHistoryLog.getChanges()), makeSignInParagraph(str)})).from(datarouterUser.getUsername()).to(datarouterUser.getUsername()));
    }

    private void sendTimezoneUpdateEmail(DatarouterUser datarouterUser, DatarouterUserHistoryLog datarouterUserHistoryLog, String str) {
        DatarouterUser userById = this.datarouterUserService.getUserById(datarouterUserHistoryLog.getEditor(), false);
        this.htmlEmailService.trySendJ2Html(this.htmlEmailService.startEmailBuilder().withSubject(this.userEditService.getTimezoneChangedEmailSubject(datarouterUser)).withTitle("Timezone Changed").withTitleHref(str).withContent(TagCreator.div(new DomContent[]{TagCreator.p(String.format("Your user (%s) timezone has been updated by %s", datarouterUser.getUsername(), userById.getUsername())), TagCreator.p("Changes: " + datarouterUserHistoryLog.getChanges()), makeSignInParagraph(str)})).from(datarouterUser.getUsername()).to(datarouterUser.getUsername()).to(userById.getUsername()));
    }

    private void sendPermissionChangeEmail(DatarouterUser datarouterUser, DatarouterUserHistoryLog datarouterUserHistoryLog, String str) {
        DatarouterUser userById = this.datarouterUserService.getUserById(datarouterUserHistoryLog.getEditor(), false);
        this.htmlEmailService.trySendJ2Html(this.htmlEmailService.startEmailBuilder().withSubject(this.userEditService.getPermissionRequestEmailSubject(datarouterUser)).withTitle("Permissions Changed").withTitleHref(str).withContent(TagCreator.div(new DomContent[]{TagCreator.p(String.format("%s permissions have been edited by %s", datarouterUser.getUsername(), userById.getUsername())), (PTag) TagCreator.p("Changes: " + datarouterUserHistoryLog.getChanges()).withStyle("white-space: pre-wrap"), makeSignInParagraph(str)})).from(datarouterUser.getUsername()).to(datarouterUser.getUsername()).to(userById.getUsername()).to(this.permissionRequestEmailType, this.serverTypeDetector.mightBeProduction()).toSubscribers(this.serverTypeDetector.mightBeProduction()).toAdmin(this.serverTypeDetector.mightBeDevelopment()));
    }

    private void sendDeprovisioningEmail(DatarouterUser datarouterUser, DatarouterUserHistoryLog datarouterUserHistoryLog, DatarouterUser datarouterUser2) {
        this.htmlEmailService.trySendJ2Html(this.htmlEmailService.startEmailBuilder().withSubject(this.userEditService.getPermissionRequestEmailSubject(datarouterUser)).withTitle("Permissions Changed").withContent(TagCreator.div(new DomContent[]{TagCreator.p(String.format("Your user (%s) has been %s by user %s (%s).", datarouterUser.getUsername(), datarouterUserHistoryLog.getChanges(), datarouterUser2.getId(), datarouterUser2.getUsername()))})).from(datarouterUser.getUsername()).to(datarouterUser.getUsername()));
    }

    private static PTag makeSignInParagraph(String str) {
        return TagCreator.p(new DomContent[]{TagCreator.text("Please sign in again to refresh your session: "), TagCreator.a("sign in").withHref(str)});
    }
}
