package de.rtb.pcon.ui.controllers;

import com.fasterxml.jackson.annotation.JsonProperty;
import de.rtb.pcon.model.Area;
import de.rtb.pcon.model.appmanagement.User;
import de.rtb.pcon.model.appmanagement.User_;
import de.rtb.pcon.repositories.AreaRepository;
import de.rtb.pcon.repositories.UserRepository;
import de.rtb.pcon.ui.controllers.model.UiArea;
import de.rtb.pcon.ui.services.SecurityService;
import de.rtb.pcontrol.utils.LoggerUtils;
import jakarta.servlet.http.HttpServletResponse;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Collectors;
import java.util.stream.StreamSupport;
import org.apache.commons.collections4.IteratorUtils;
import org.apache.commons.lang3.StringUtils;
import org.hibernate.metamodel.mapping.EntityIdentifierMapping;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.jdbc.core.namedparam.MapSqlParameterSource;
import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping(path = {"/api/pcon/ui/admin/users"})
@RestController
@PreAuthorize("hasRole('ROLE_ADMIN_USERS')")
/* loaded from: input_file:BOOT-INF/classes/de/rtb/pcon/ui/controllers/AdminUsersController.class */
public class AdminUsersController {

    @Autowired
    private NamedParameterJdbcTemplate jdbcTemplate;

    @Autowired
    private AreaRepository areaRepo;

    @Autowired
    private UserRepository userRepo;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    private SecurityService securityService;
    private static final Logger actionLogger = LoggerFactory.getLogger("de.rtb.pcontrol.audit.actions..SecurityController");
    private static final String SQL_FETCH_USERS = "SELECT usa_id, usa_login, usa_enabled, usa_firstname, usa_lastname, usa_email, usa_timezone, array_agg(distinct user_role.usr_role) as roles, array_agg(distinct area_x_user.area_id) as areas FROM %1$s.user_authentication LEFT JOIN %1$s.user_role ON user_role.usr_user_id = user_authentication.usa_id LEFT JOIN %1$s.area_x_user ON area_x_user.user_id = user_authentication.usa_id GROUP BY usa_id".formatted("control");

    /* loaded from: input_file:BOOT-INF/classes/de/rtb/pcon/ui/controllers/AdminUsersController$UserRowMapper.class */
    static class UserRowMapper implements RowMapper<UserWithRolesAndAreaIdsDto> {
        UserRowMapper() {
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.springframework.jdbc.core.RowMapper
        public UserWithRolesAndAreaIdsDto mapRow(ResultSet resultSet, int i) throws SQLException {
            UserWithRolesAndAreaIdsDto userWithRolesAndAreaIdsDto = new UserWithRolesAndAreaIdsDto();
            userWithRolesAndAreaIdsDto.setId(Integer.valueOf(resultSet.getInt("usa_id")));
            userWithRolesAndAreaIdsDto.setLogin(resultSet.getString("usa_login"));
            userWithRolesAndAreaIdsDto.setEnabled(resultSet.getBoolean("usa_enabled"));
            userWithRolesAndAreaIdsDto.setFirstName(resultSet.getString("usa_firstname"));
            userWithRolesAndAreaIdsDto.setLastName(resultSet.getString("usa_lastname"));
            userWithRolesAndAreaIdsDto.setEmail(resultSet.getString("usa_email"));
            userWithRolesAndAreaIdsDto.setTimeZone(resultSet.getString("usa_timezone"));
            userWithRolesAndAreaIdsDto.setRoles(Arrays.stream((String[]) resultSet.getArray(User_.ROLES).getArray()).filter((v0) -> {
                return Objects.nonNull(v0);
            }).toList());
            userWithRolesAndAreaIdsDto.setAreaIds(Arrays.stream((Integer[]) resultSet.getArray(User_.AREAS).getArray()).filter((v0) -> {
                return Objects.nonNull(v0);
            }).toList());
            return userWithRolesAndAreaIdsDto;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/classes/de/rtb/pcon/ui/controllers/AdminUsersController$UserWithRolesAndAreaIdsDto.class */
    public static class UserWithRolesAndAreaIdsDto {
        private Integer id;
        private String login;
        private boolean enabled;
        private String password;
        private String firstName;
        private String lastName;
        private String email;
        private String timeZone;
        private List<String> roles;

        @JsonProperty(User_.AREAS)
        private List<Integer> areaIds;

        UserWithRolesAndAreaIdsDto() {
        }

        public Integer getId() {
            return this.id;
        }

        public void setId(Integer num) {
            this.id = num;
        }

        public String getLogin() {
            return this.login;
        }

        public void setLogin(String str) {
            this.login = str;
        }

        public boolean isEnabled() {
            return this.enabled;
        }

        public void setEnabled(boolean z) {
            this.enabled = z;
        }

        public String getPassword() {
            return this.password;
        }

        public void setPassword(String str) {
            this.password = str;
        }

        public String getFirstName() {
            return this.firstName;
        }

        public void setFirstName(String str) {
            this.firstName = str;
        }

        public String getLastName() {
            return this.lastName;
        }

        public void setLastName(String str) {
            this.lastName = str;
        }

        public String getEmail() {
            return this.email;
        }

        public void setEmail(String str) {
            this.email = str;
        }

        public String getTimeZone() {
            return this.timeZone;
        }

        public void setTimeZone(String str) {
            this.timeZone = str;
        }

        public List<String> getRoles() {
            return this.roles;
        }

        public void setRoles(List<String> list) {
            this.roles = list;
        }

        public List<Integer> getAreaIds() {
            return this.areaIds;
        }

        public void setAreaIds(List<Integer> list) {
            this.areaIds = list;
        }
    }

    @GetMapping
    public Collection<UserWithRolesAndAreaIdsDto> listUsers(HttpServletResponse httpServletResponse, @RequestParam(name = "page", defaultValue = "1") int i, @RequestParam(name = "size", defaultValue = "10") int i2, @RequestParam(name = "filter", required = false) String str) {
        HashMap hashMap = new HashMap();
        StringBuilder sb = new StringBuilder();
        sb.append("SELECT count (*) FROM control.user_authentication ");
        if (StringUtils.isNotBlank(str)) {
            sb.append("WHERE usa_login ILIKE :filter OR usa_firstname ILIKE :filter OR usa_lastname ILIKE :filter OR usa_email ILIKE :filter ");
            hashMap.put("filter", "%" + str + "%");
        }
        httpServletResponse.addHeader("page-total", Long.toString(-Math.floorDiv(-((Long) this.jdbcTemplate.queryForObject(sb.toString(), new MapSqlParameterSource(hashMap), Long.class)).longValue(), i2)));
        httpServletResponse.addHeader("page-current", Long.toString(i));
        httpServletResponse.addHeader("page-size", Long.toString(i2));
        HashMap hashMap2 = new HashMap();
        int i3 = (i - 1) * i2;
        StringBuilder sb2 = new StringBuilder();
        sb2.append("WITH users AS (" + SQL_FETCH_USERS + ") ");
        sb2.append("SELECT * FROM users ");
        if (StringUtils.isNotBlank(str)) {
            sb2.append("WHERE usa_login ILIKE :filter OR usa_firstname ILIKE :filter OR usa_lastname ILIKE :filter OR usa_email ILIKE :filter ");
            hashMap2.put("filter", "%" + str + "%");
        }
        sb2.append("ORDER BY usa_enabled desc, usa_firstname, usa_lastname, usa_login ");
        sb2.append("OFFSET :offset ");
        sb2.append("LIMIT :limit");
        hashMap2.put("limit", Integer.valueOf(i2));
        hashMap2.put("offset", Integer.valueOf(i3));
        return this.jdbcTemplate.query(sb2.toString(), new MapSqlParameterSource(hashMap2), new UserRowMapper());
    }

    @GetMapping({EntityIdentifierMapping.ID_ROLE_NAME})
    public ResponseEntity<UserWithRolesAndAreaIdsDto> getUser(@PathVariable("id") int i) {
        List query = this.jdbcTemplate.query(("WITH users AS (" + SQL_FETCH_USERS + ") ") + "SELECT * FROM users " + ("WHERE usa_id = " + i + " "), new MapSqlParameterSource(), new UserRowMapper());
        return query.isEmpty() ? ResponseEntity.notFound().build() : ResponseEntity.ok((UserWithRolesAndAreaIdsDto) query.get(0));
    }

    @Transactional
    @PutMapping
    public ResponseEntity<Object> putUser(@RequestBody UserWithRolesAndAreaIdsDto userWithRolesAndAreaIdsDto) {
        User user;
        if (userWithRolesAndAreaIdsDto.getId() == null || userWithRolesAndAreaIdsDto.getId().intValue() == 0) {
            user = new User();
            user.setAreas(new LinkedList());
        } else {
            Optional<User> findById = this.userRepo.findById(userWithRolesAndAreaIdsDto.getId());
            if (!findById.isPresent()) {
                return ResponseEntity.notFound().build();
            }
            user = findById.get();
        }
        ArrayList arrayList = new ArrayList();
        if ((!user.isEnabled()) == userWithRolesAndAreaIdsDto.isEnabled()) {
            arrayList.add("[enabled: '" + user.isEnabled() + "' -> '" + userWithRolesAndAreaIdsDto.isEnabled() + "']");
            user.setEnabled(userWithRolesAndAreaIdsDto.isEnabled());
        }
        if (!StringUtils.equals(user.getLogin(), userWithRolesAndAreaIdsDto.getLogin())) {
            arrayList.add("[login: '" + user.getLogin() + "' -> '" + userWithRolesAndAreaIdsDto.getLogin() + "']");
            user.setLogin(userWithRolesAndAreaIdsDto.getLogin());
        }
        if (!StringUtils.equals(user.getFirstName(), userWithRolesAndAreaIdsDto.getFirstName())) {
            arrayList.add("[first name: '" + user.getFirstName() + "' -> '" + userWithRolesAndAreaIdsDto.getFirstName() + "']");
            user.setFirstName(userWithRolesAndAreaIdsDto.getFirstName());
        }
        if (!StringUtils.equals(user.getLastName(), userWithRolesAndAreaIdsDto.getLastName())) {
            arrayList.add("[last name: '" + user.getLastName() + "' -> '" + userWithRolesAndAreaIdsDto.getLastName() + "']");
            user.setLastName(userWithRolesAndAreaIdsDto.getLastName());
        }
        if (!StringUtils.equals(user.getEmail(), userWithRolesAndAreaIdsDto.getEmail())) {
            arrayList.add("[e-mail: '" + user.getEmail() + "' -> '" + userWithRolesAndAreaIdsDto.getEmail() + "']");
            user.setEmail(userWithRolesAndAreaIdsDto.getEmail());
        }
        if (!StringUtils.equals(user.getTimeZoneName(), userWithRolesAndAreaIdsDto.getTimeZone())) {
            arrayList.add("[time zone: '" + user.getTimeZoneName() + "' -> '" + userWithRolesAndAreaIdsDto.getTimeZone() + "']");
            user.setTimeZoneName(userWithRolesAndAreaIdsDto.getTimeZone());
        }
        if (StringUtils.isNotEmpty(userWithRolesAndAreaIdsDto.getPassword())) {
            arrayList.add("[password: CHANGED]");
            user.setPasswordHash(this.passwordEncoder.encode(userWithRolesAndAreaIdsDto.getPassword()));
        }
        String logCollectionDiffBrief = LoggerUtils.logCollectionDiffBrief(user.getRoles(), userWithRolesAndAreaIdsDto.getRoles(), str -> {
            return str;
        });
        if (StringUtils.isNotEmpty(logCollectionDiffBrief)) {
            arrayList.add("roles [" + logCollectionDiffBrief + "]");
            user.setRoles(new HashSet(userWithRolesAndAreaIdsDto.getRoles()));
        }
        List<Area> list = IteratorUtils.toList(this.areaRepo.findAllById((Iterable) userWithRolesAndAreaIdsDto.getAreaIds()).iterator());
        String logCollectionDiffBrief2 = LoggerUtils.logCollectionDiffBrief((Collection) user.getAreas().stream().map((v0) -> {
            return v0.getId();
        }).collect(Collectors.toList()), userWithRolesAndAreaIdsDto.getAreaIds(), (v0) -> {
            return String.valueOf(v0);
        });
        if (StringUtils.isNotEmpty(logCollectionDiffBrief2)) {
            arrayList.add("areas [" + logCollectionDiffBrief2 + "]");
            user.setAreas(list);
        }
        if (actionLogger.isInfoEnabled()) {
            actionLogger.info("{} has changed properties of {}: {}.", StringUtils.capitalize(LoggerUtils.log(this.securityService.getCurrentUser())), LoggerUtils.log(user), arrayList.stream().collect(Collectors.joining(", ")));
        }
        if (user.getId() != null) {
            return ResponseEntity.ok().build();
        }
        this.userRepo.save(user);
        return ResponseEntity.status(HttpStatus.CREATED).build();
    }

    @Transactional(readOnly = true)
    @GetMapping({User_.AREAS})
    public Collection<UiArea> listAreas() {
        return StreamSupport.stream(this.areaRepo.findAll().spliterator(), false).map(UiArea::new).toList();
    }
}
