package org.isisaddons.module.security.dom.user;

import java.util.List;
import java.util.concurrent.Callable;
import javax.inject.Inject;
import org.apache.isis.applib.AbstractFactoryAndRepository;
import org.apache.isis.applib.annotation.ActionSemantics;
import org.apache.isis.applib.annotation.DomainService;
import org.apache.isis.applib.annotation.MaxLength;
import org.apache.isis.applib.annotation.MemberOrder;
import org.apache.isis.applib.annotation.Named;
import org.apache.isis.applib.annotation.NotContributed;
import org.apache.isis.applib.annotation.Optional;
import org.apache.isis.applib.annotation.Programmatic;
import org.apache.isis.applib.query.QueryDefault;
import org.apache.isis.applib.services.queryresultscache.QueryResultsCache;
import org.apache.isis.applib.value.Password;
import org.isisaddons.module.security.dom.password.PasswordEncryptionService;
import org.isisaddons.module.security.dom.role.ApplicationRole;
import org.isisaddons.module.security.dom.role.ApplicationRoles;
import org.isisaddons.module.security.seed.scripts.IsisModuleSecurityRegularUserRoleAndPermissions;
import org.isisaddons.module.security.shiro.IsisModuleSecurityRealm;
import org.isisaddons.module.security.shiro.ShiroUtils;

@Named("Users")
@DomainService(menuOrder = "90.1", repositoryFor = ApplicationUser.class)
/* loaded from: input_file:org/isisaddons/module/security/dom/user/ApplicationUsers.class */
public class ApplicationUsers extends AbstractFactoryAndRepository {

    @Inject
    QueryResultsCache queryResultsCache;

    @Inject
    PasswordEncryptionService passwordEncryptionService;

    @Inject
    ApplicationRoles applicationRoles;

    public String iconName() {
        return "applicationUser";
    }

    @MemberOrder(sequence = "10.2")
    @ActionSemantics(ActionSemantics.Of.IDEMPOTENT)
    public ApplicationUser findOrCreateUserByUsername(@Named("Username") @MaxLength(30) final String str) {
        return (ApplicationUser) this.queryResultsCache.execute(new Callable<ApplicationUser>() { // from class: org.isisaddons.module.security.dom.user.ApplicationUsers.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.concurrent.Callable
            public ApplicationUser call() throws Exception {
                ApplicationUser findUserByUsername = ApplicationUsers.this.findUserByUsername(str);
                return findUserByUsername != null ? findUserByUsername : ApplicationUsers.this.newDelegateUser(str, null, null);
            }
        }, ApplicationUsers.class, "findUserByUsername", new Object[]{str});
    }

    @Programmatic
    public ApplicationUser findUserByUsername(@Named("Username") String str) {
        return (ApplicationUser) uniqueMatch(new QueryDefault(ApplicationUser.class, "findByUsername", new Object[]{"username", str}));
    }

    @MemberOrder(sequence = "10.3")
    @ActionSemantics(ActionSemantics.Of.SAFE)
    public List<ApplicationUser> findUsersByName(@Named("Name") String str) {
        return allMatches(new QueryDefault(ApplicationUser.class, "findByName", new Object[]{"nameRegex", "(?i).*" + str + ".*"}));
    }

    @MemberOrder(sequence = "10.4")
    @ActionSemantics(ActionSemantics.Of.NON_IDEMPOTENT)
    @NotContributed
    public ApplicationUser newDelegateUser(@Named("Name") @MaxLength(30) String str, @Named("Initial role") @Optional ApplicationRole applicationRole, @Named("Enabled?") @Optional Boolean bool) {
        ApplicationUser applicationUser = (ApplicationUser) newTransientInstance(ApplicationUser.class);
        applicationUser.setUsername(str);
        applicationUser.setStatus(ApplicationUserStatus.parse(bool));
        applicationUser.setAccountType(AccountType.DELEGATED);
        if (applicationRole != null) {
            applicationUser.addRole(applicationRole);
        }
        persistIfNotAlready(applicationUser);
        return applicationUser;
    }

    public boolean hideNewDelegateUser(String str, ApplicationRole applicationRole, Boolean bool) {
        return hasNoDelegateAuthenticationRealm();
    }

    public ApplicationRole default1NewDelegateUser() {
        return this.applicationRoles.findRoleByName(IsisModuleSecurityRegularUserRoleAndPermissions.ROLE_NAME);
    }

    @MemberOrder(sequence = "10.4")
    @ActionSemantics(ActionSemantics.Of.IDEMPOTENT)
    @NotContributed
    public ApplicationUser newLocalUser(@Named("Name") @MaxLength(30) String str, @Named("Password") @Optional Password password, @Named("Repeat password") @Optional Password password2, @Named("Initial role") @Optional ApplicationRole applicationRole, @Named("Enabled?") @Optional Boolean bool) {
        ApplicationUser findUserByUsername = findUserByUsername(str);
        if (findUserByUsername == null) {
            findUserByUsername = (ApplicationUser) newTransientInstance(ApplicationUser.class);
            findUserByUsername.setUsername(str);
            findUserByUsername.setStatus(ApplicationUserStatus.parse(bool));
            findUserByUsername.setAccountType(AccountType.LOCAL);
        }
        if (applicationRole != null) {
            findUserByUsername.addRole(applicationRole);
        }
        if (password != null) {
            findUserByUsername.updatePassword(password.getPassword());
        }
        persistIfNotAlready(findUserByUsername);
        return findUserByUsername;
    }

    public String validateNewLocalUser(String str, Password password, Password password2, ApplicationRole applicationRole, Boolean bool) {
        return ((ApplicationUser) newTransientInstance(ApplicationUser.class)).validateResetPassword(password, password2);
    }

    public ApplicationRole default3NewLocalUser() {
        return this.applicationRoles.findRoleByName(IsisModuleSecurityRegularUserRoleAndPermissions.ROLE_NAME);
    }

    @MemberOrder(sequence = "10.9")
    @ActionSemantics(ActionSemantics.Of.SAFE)
    public List<ApplicationUser> allUsers() {
        return allInstances(ApplicationUser.class, new long[0]);
    }

    @Programmatic
    public List<ApplicationUser> autoComplete(String str) {
        return findUsersByName(str);
    }

    private boolean hasNoDelegateAuthenticationRealm() {
        IsisModuleSecurityRealm isisModuleSecurityRealm = ShiroUtils.getIsisModuleSecurityRealm();
        return isisModuleSecurityRealm == null || !isisModuleSecurityRealm.hasDelegateAuthenticationRealm();
    }
}
