package io.gravitee.management.service.impl;

import com.auth0.jwt.JWTSigner;
import com.auth0.jwt.JWTVerifier;
import io.gravitee.common.data.domain.Page;
import io.gravitee.common.utils.UUID;
import io.gravitee.management.model.InlinePictureEntity;
import io.gravitee.management.model.NewApplicationEntity;
import io.gravitee.management.model.NewExternalUserEntity;
import io.gravitee.management.model.PictureEntity;
import io.gravitee.management.model.RegisterUserEntity;
import io.gravitee.management.model.RoleEntity;
import io.gravitee.management.model.UpdateUserEntity;
import io.gravitee.management.model.UrlPictureEntity;
import io.gravitee.management.model.UserEntity;
import io.gravitee.management.model.UserRoleEntity;
import io.gravitee.management.model.application.ApplicationSettings;
import io.gravitee.management.model.application.SimpleApplicationSettings;
import io.gravitee.management.model.common.Pageable;
import io.gravitee.management.model.parameters.Key;
import io.gravitee.management.model.permissions.RoleScope;
import io.gravitee.management.model.search.Indexable;
import io.gravitee.management.service.ApiService;
import io.gravitee.management.service.ApplicationService;
import io.gravitee.management.service.AuditService;
import io.gravitee.management.service.EmailService;
import io.gravitee.management.service.InvitationService;
import io.gravitee.management.service.MembershipService;
import io.gravitee.management.service.NotifierService;
import io.gravitee.management.service.ParameterService;
import io.gravitee.management.service.RoleService;
import io.gravitee.management.service.UserService;
import io.gravitee.management.service.builder.EmailNotificationBuilder;
import io.gravitee.management.service.common.JWTHelper;
import io.gravitee.management.service.exceptions.DefaultRoleNotFoundException;
import io.gravitee.management.service.exceptions.EmailFormatInvalidException;
import io.gravitee.management.service.exceptions.StillPrimaryOwnerException;
import io.gravitee.management.service.exceptions.TechnicalManagementException;
import io.gravitee.management.service.exceptions.UserAlreadyExistsException;
import io.gravitee.management.service.exceptions.UserNotFoundException;
import io.gravitee.management.service.exceptions.UserNotInternallyManagedException;
import io.gravitee.management.service.impl.search.SearchResult;
import io.gravitee.management.service.notification.NotificationParamsBuilder;
import io.gravitee.management.service.notification.PortalHook;
import io.gravitee.management.service.search.SearchEngineService;
import io.gravitee.management.service.search.query.QueryBuilder;
import io.gravitee.repository.exceptions.TechnicalException;
import io.gravitee.repository.management.api.UserRepository;
import io.gravitee.repository.management.api.search.UserCriteria;
import io.gravitee.repository.management.api.search.builder.PageableBuilder;
import io.gravitee.repository.management.model.Audit;
import io.gravitee.repository.management.model.MembershipDefaultReferenceId;
import io.gravitee.repository.management.model.MembershipReferenceType;
import io.gravitee.repository.management.model.User;
import io.gravitee.repository.management.model.UserStatus;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import javax.mail.internet.AddressException;
import javax.mail.internet.InternetAddress;
import javax.xml.bind.DatatypeConverter;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.env.ConfigurableEnvironment;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/gravitee/management/service/impl/UserServiceImpl.class */
public class UserServiceImpl extends AbstractService implements UserService {
    private static final String IDP_SOURCE_GRAVITEE = "gravitee";

    @Autowired
    private UserRepository userRepository;

    @Autowired
    private ConfigurableEnvironment environment;

    @Autowired
    private EmailService emailService;

    @Autowired
    private ApplicationService applicationService;

    @Autowired
    private RoleService roleService;

    @Autowired
    private MembershipService membershipService;

    @Autowired
    private AuditService auditService;

    @Autowired
    private NotifierService notifierService;

    @Autowired
    private ApiService apiService;

    @Autowired
    private ParameterService parameterService;

    @Autowired
    private SearchEngineService searchEngineService;

    @Autowired
    private InvitationService invitationService;

    @Value("${user.avatar:${gravitee.home}/assets/default_user_avatar.png}")
    private String defaultAvatar;

    @Value("${user.login.defaultApplication:true}")
    private boolean defaultApplicationForFirstConnection;

    @Value("${user.anonymize-on-delete.enabled:false}")
    private boolean anonymizeOnDelete;
    private final Logger LOGGER = LoggerFactory.getLogger(UserServiceImpl.class);
    private PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: io.gravitee.management.service.impl.UserServiceImpl$1, reason: invalid class name */
    /* loaded from: input_file:io/gravitee/management/service/impl/UserServiceImpl$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$io$gravitee$management$model$permissions$RoleScope = new int[RoleScope.values().length];

        static {
            try {
                $SwitchMap$io$gravitee$management$model$permissions$RoleScope[RoleScope.MANAGEMENT.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$gravitee$management$model$permissions$RoleScope[RoleScope.PORTAL.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    @Override // io.gravitee.management.service.UserService
    public UserEntity connect(String str) {
        try {
            this.LOGGER.debug("Connection of {}", str);
            Optional findById = this.userRepository.findById(str);
            if (!findById.isPresent()) {
                throw new UserNotFoundException(str);
            }
            User user = (User) findById.get();
            User user2 = new User(user);
            if (user.getLastConnectionAt() == null) {
                this.notifierService.trigger(PortalHook.USER_FIRST_LOGIN, new NotificationParamsBuilder().user(convert(user, false)).build());
                if (this.defaultApplicationForFirstConnection) {
                    this.LOGGER.debug("Create a default application for {}", str);
                    NewApplicationEntity newApplicationEntity = new NewApplicationEntity();
                    newApplicationEntity.setName("Default application");
                    newApplicationEntity.setDescription("My default application");
                    ApplicationSettings applicationSettings = new ApplicationSettings();
                    applicationSettings.setApp(new SimpleApplicationSettings());
                    newApplicationEntity.setSettings(applicationSettings);
                    this.applicationService.create(newApplicationEntity, str);
                }
            }
            user.setLastConnectionAt(new Date());
            user.setUpdatedAt(user.getLastConnectionAt());
            User user3 = (User) this.userRepository.update(user);
            this.auditService.createPortalAuditLog(Collections.singletonMap(Audit.AuditProperties.USER, str), User.AuditEvent.USER_CONNECTED, user.getUpdatedAt(), user2, user);
            Indexable convert = convert(user3, true);
            this.searchEngineService.index(convert);
            return convert;
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to connect {}", str, e);
            throw new TechnicalManagementException("An error occurs while trying to connect " + str, e);
        }
    }

    @Override // io.gravitee.management.service.UserService
    public UserEntity findById(String str) {
        try {
            this.LOGGER.debug("Find user by ID: {}", str);
            Optional findById = this.userRepository.findById(str);
            if (findById.isPresent()) {
                return convert((User) findById.get(), false);
            }
            throw new UserNotFoundException(str);
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to find user using its ID {}", str, e);
            throw new TechnicalManagementException("An error occurs while trying to find user using its ID " + str, e);
        }
    }

    @Override // io.gravitee.management.service.UserService
    public UserEntity findByIdWithRoles(String str) {
        try {
            this.LOGGER.debug("Find user by ID: {}", str);
            Optional findById = this.userRepository.findById(str);
            if (findById.isPresent()) {
                return convert((User) findById.get(), true);
            }
            throw new UserNotFoundException(str);
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to find user using its ID {}", str, e);
            throw new TechnicalManagementException("An error occurs while trying to find user using its ID " + str, e);
        }
    }

    @Override // io.gravitee.management.service.UserService
    public UserEntity findBySource(String str, String str2, boolean z) {
        try {
            this.LOGGER.debug("Find user by source[{}] user[{}]", str, str2);
            Optional findBySource = this.userRepository.findBySource(str, str2);
            if (findBySource.isPresent()) {
                return convert((User) findBySource.get(), z);
            }
            throw new UserNotFoundException(str2);
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to find user using source[{}], user[{}]", new Object[]{str, str2, e});
            throw new TechnicalManagementException("An error occurs while trying to find user using source " + str + ':' + str2, e);
        }
    }

    @Override // io.gravitee.management.service.UserService
    public Set<UserEntity> findByIds(List<String> list) {
        try {
            this.LOGGER.debug("Find users by ID: {}", list);
            Set findByIds = this.userRepository.findByIds(list);
            if (!findByIds.isEmpty()) {
                return (Set) findByIds.stream().map(user -> {
                    return convert(user, false);
                }).collect(Collectors.toSet());
            }
            Optional<String> reduce = list.stream().reduce((str, str2) -> {
                return str + '/' + str2;
            });
            if (reduce.isPresent()) {
                throw new UserNotFoundException(reduce.get());
            }
            throw new UserNotFoundException("?");
        } catch (TechnicalException e) {
            Optional<String> reduce2 = list.stream().reduce((str3, str4) -> {
                return str3 + '/' + str4;
            });
            this.LOGGER.error("An error occurs while trying to find users using their ID {}", reduce2, e);
            throw new TechnicalManagementException("An error occurs while trying to find users using their ID " + reduce2, e);
        }
    }

    private void checkUserRegistrationEnabled() {
        if (!this.parameterService.findAsBoolean(Key.PORTAL_USERCREATION_ENABLED)) {
            throw new IllegalStateException("The user registration is disabled");
        }
    }

    @Override // io.gravitee.management.service.UserService
    public UserEntity finalizeRegistration(RegisterUserEntity registerUserEntity) {
        User user;
        try {
            String property = this.environment.getProperty("jwt.secret");
            if (property == null || property.isEmpty()) {
                throw new IllegalStateException("JWT secret is mandatory");
            }
            Map verify = new JWTVerifier(property).verify(registerUserEntity.getToken());
            String obj = verify.get(JWTHelper.Claims.ACTION).toString();
            if (JWTHelper.ACTION.USER_REGISTRATION.name().equals(obj)) {
                checkUserRegistrationEnabled();
            } else if (JWTHelper.ACTION.GROUP_INVITATION.name().equals(obj)) {
                String obj2 = verify.get(JWTHelper.Claims.EMAIL).toString();
                if (((List) this.invitationService.findAll().stream().filter(invitationEntity -> {
                    return invitationEntity.getEmail().equals(obj2);
                }).collect(Collectors.toList())).isEmpty()) {
                    throw new IllegalStateException("Invitation has been canceled");
                }
            }
            Object obj3 = verify.get(JWTHelper.Claims.SUBJECT);
            if (obj3 == null) {
                NewExternalUserEntity newExternalUserEntity = new NewExternalUserEntity();
                String obj4 = verify.get(JWTHelper.Claims.EMAIL).toString();
                newExternalUserEntity.setSource(IDP_SOURCE_GRAVITEE);
                newExternalUserEntity.setSourceId(obj4);
                newExternalUserEntity.setFirstname(registerUserEntity.getFirstname());
                newExternalUserEntity.setLastname(registerUserEntity.getLastname());
                newExternalUserEntity.setEmail(obj4);
                user = convert(create(newExternalUserEntity, true));
            } else {
                String obj5 = obj3.toString();
                this.LOGGER.debug("Create an internal user {}", obj5);
                user = (User) this.userRepository.findById(obj5).orElseThrow(() -> {
                    return new UserNotFoundException(obj5);
                });
                if (StringUtils.isNotBlank(user.getPassword())) {
                    throw new UserAlreadyExistsException(IDP_SOURCE_GRAVITEE, obj5);
                }
            }
            if (JWTHelper.ACTION.GROUP_INVITATION.name().equals(obj)) {
                String email = user.getEmail();
                String id = user.getId();
                this.invitationService.findAll().stream().filter(invitationEntity2 -> {
                    return invitationEntity2.getEmail().equals(email);
                }).forEach(invitationEntity3 -> {
                    this.invitationService.addMember(invitationEntity3.getReferenceType().name(), invitationEntity3.getReferenceId(), id, invitationEntity3.getApiRole(), invitationEntity3.getApplicationRole());
                    this.invitationService.delete(invitationEntity3.getId(), invitationEntity3.getReferenceId());
                });
            }
            user.setUpdatedAt(new Date());
            if (registerUserEntity.getPassword() != null) {
                user.setPassword(this.passwordEncoder.encode(registerUserEntity.getPassword()));
            }
            User user2 = (User) this.userRepository.update(user);
            this.auditService.createPortalAuditLog(Collections.singletonMap(Audit.AuditProperties.USER, user2.getId()), User.AuditEvent.USER_CREATED, user2.getUpdatedAt(), null, user2);
            Indexable convert = convert(user2, true);
            this.searchEngineService.index(convert);
            return convert;
        } catch (Exception e) {
            this.LOGGER.error("An error occurs while trying to create an internal user with the token {}", registerUserEntity.getToken(), e);
            throw new TechnicalManagementException(e.getMessage(), e);
        }
    }

    @Override // io.gravitee.management.service.UserService
    public PictureEntity getPicture(String str) {
        UserEntity findById = findById(str);
        if (findById.getPicture() != null) {
            String picture = findById.getPicture();
            if (picture.matches("^(http|https)://.*$")) {
                return new UrlPictureEntity(picture);
            }
            try {
                InlinePictureEntity inlinePictureEntity = new InlinePictureEntity();
                inlinePictureEntity.setType(picture.split(";", 2)[0].split(":")[1]);
                inlinePictureEntity.setContent(DatatypeConverter.parseBase64Binary(picture.split(",", 2)[1]));
                return inlinePictureEntity;
            } catch (Exception e) {
                this.LOGGER.warn("Unable to get user picture for id[{}]", str);
            }
        }
        InlinePictureEntity inlinePictureEntity2 = new InlinePictureEntity();
        inlinePictureEntity2.setType("image/png");
        try {
            inlinePictureEntity2.setContent(IOUtils.toByteArray(new FileInputStream(this.defaultAvatar)));
        } catch (IOException e2) {
            this.LOGGER.error("Default icon for API does not exist", e2);
        }
        return inlinePictureEntity2;
    }

    @Override // io.gravitee.management.service.UserService
    public UserEntity create(NewExternalUserEntity newExternalUserEntity, boolean z) {
        try {
            this.LOGGER.debug("Create an external user {}", newExternalUserEntity);
            if (this.userRepository.findBySource(newExternalUserEntity.getSource(), newExternalUserEntity.getSourceId()).isPresent()) {
                throw new UserAlreadyExistsException(newExternalUserEntity.getSource(), newExternalUserEntity.getSourceId());
            }
            User convert = convert(newExternalUserEntity);
            convert.setId(UUID.toString(UUID.random()));
            convert.setStatus(UserStatus.ACTIVE);
            convert.setCreatedAt(new Date());
            convert.setUpdatedAt(convert.getCreatedAt());
            User user = (User) this.userRepository.create(convert);
            this.auditService.createPortalAuditLog(Collections.singletonMap(Audit.AuditProperties.USER, convert.getId()), User.AuditEvent.USER_CREATED, convert.getCreatedAt(), null, convert);
            if (z) {
                addDefaultMembership(user);
            }
            Indexable convert2 = convert(user, true);
            this.searchEngineService.index(convert2);
            return convert2;
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to create an external user {}", newExternalUserEntity, e);
            throw new TechnicalManagementException("An error occurs while trying to create an external user" + newExternalUserEntity, e);
        }
    }

    private void addDefaultMembership(User user) {
        io.gravitee.repository.management.model.RoleScope[] roleScopeArr = {io.gravitee.repository.management.model.RoleScope.MANAGEMENT, io.gravitee.repository.management.model.RoleScope.PORTAL};
        List<RoleEntity> findDefaultRoleByScopes = this.roleService.findDefaultRoleByScopes(roleScopeArr);
        if (findDefaultRoleByScopes == null || findDefaultRoleByScopes.isEmpty()) {
            throw new DefaultRoleNotFoundException(roleScopeArr);
        }
        for (RoleEntity roleEntity : findDefaultRoleByScopes) {
            switch (AnonymousClass1.$SwitchMap$io$gravitee$management$model$permissions$RoleScope[roleEntity.getScope().ordinal()]) {
                case 1:
                    this.membershipService.addOrUpdateMember(new MembershipService.MembershipReference(MembershipReferenceType.MANAGEMENT, MembershipDefaultReferenceId.DEFAULT.name()), new MembershipService.MembershipUser(user.getId(), null), new MembershipService.MembershipRole(io.gravitee.repository.management.model.RoleScope.MANAGEMENT, roleEntity.getName()));
                    break;
                case 2:
                    this.membershipService.addOrUpdateMember(new MembershipService.MembershipReference(MembershipReferenceType.PORTAL, MembershipDefaultReferenceId.DEFAULT.name()), new MembershipService.MembershipUser(user.getId(), null), new MembershipService.MembershipRole(io.gravitee.repository.management.model.RoleScope.PORTAL, roleEntity.getName()));
                    break;
            }
        }
    }

    @Override // io.gravitee.management.service.UserService
    public UserEntity register(NewExternalUserEntity newExternalUserEntity) {
        checkUserRegistrationEnabled();
        return createAndSendEmail(newExternalUserEntity, JWTHelper.ACTION.USER_REGISTRATION);
    }

    @Override // io.gravitee.management.service.UserService
    public UserEntity create(NewExternalUserEntity newExternalUserEntity) {
        return createAndSendEmail(newExternalUserEntity, JWTHelper.ACTION.USER_CREATION);
    }

    private UserEntity createAndSendEmail(NewExternalUserEntity newExternalUserEntity, JWTHelper.ACTION action) {
        try {
            new InternetAddress(newExternalUserEntity.getEmail()).validate();
            try {
                if (this.userRepository.findBySource(IDP_SOURCE_GRAVITEE, newExternalUserEntity.getEmail()).isPresent()) {
                    throw new UserAlreadyExistsException(IDP_SOURCE_GRAVITEE, newExternalUserEntity.getEmail());
                }
                newExternalUserEntity.setSource(IDP_SOURCE_GRAVITEE);
                newExternalUserEntity.setSourceId(newExternalUserEntity.getEmail());
                UserEntity create = create(newExternalUserEntity, true);
                Map<String, Object> tokenRegistrationParams = getTokenRegistrationParams(create, NotificationParamsBuilder.REGISTRATION_PATH, action);
                this.notifierService.trigger(JWTHelper.ACTION.USER_REGISTRATION.equals(action) ? PortalHook.USER_REGISTERED : PortalHook.USER_CREATED, tokenRegistrationParams);
                EmailService emailService = this.emailService;
                EmailNotificationBuilder emailNotificationBuilder = new EmailNotificationBuilder().to(create.getEmail());
                Object[] objArr = new Object[2];
                objArr[0] = JWTHelper.ACTION.USER_REGISTRATION.equals(action) ? "registration" : "creation";
                objArr[1] = create.getDisplayName();
                emailService.sendAsyncEmailNotification(emailNotificationBuilder.subject(String.format("User %s - %s", objArr)).template(EmailNotificationBuilder.EmailTemplate.USER_REGISTRATION).params(tokenRegistrationParams).build());
                return create;
            } catch (TechnicalException e) {
                this.LOGGER.error("An error occurs while trying to create user {}", newExternalUserEntity.getEmail(), e);
                throw new TechnicalManagementException(e.getMessage(), e);
            }
        } catch (AddressException e2) {
            throw new EmailFormatInvalidException(newExternalUserEntity.getEmail());
        }
    }

    @Override // io.gravitee.management.service.UserService
    public Map<String, Object> getTokenRegistrationParams(UserEntity userEntity, String str, JWTHelper.ACTION action) {
        HashMap hashMap = new HashMap();
        hashMap.put(JWTHelper.Claims.ISSUER, this.environment.getProperty("jwt.issuer", JWTHelper.DefaultValues.DEFAULT_JWT_ISSUER));
        hashMap.put(JWTHelper.Claims.SUBJECT, userEntity.getId());
        hashMap.put(JWTHelper.Claims.EMAIL, userEntity.getEmail());
        hashMap.put(JWTHelper.Claims.FIRSTNAME, userEntity.getFirstname());
        hashMap.put(JWTHelper.Claims.LASTNAME, userEntity.getLastname());
        hashMap.put(JWTHelper.Claims.ACTION, action);
        JWTSigner.Options options = new JWTSigner.Options();
        options.setExpirySeconds((Integer) this.environment.getProperty("user.creation.token.expire-after", Integer.class, Integer.valueOf(JWTHelper.DefaultValues.DEFAULT_JWT_EMAIL_REGISTRATION_EXPIRE_AFTER)));
        options.setIssuedAt(true);
        options.setJwtId(true);
        String property = this.environment.getProperty("jwt.secret");
        if (property == null || property.isEmpty()) {
            throw new IllegalStateException("JWT secret is mandatory");
        }
        String sign = new JWTSigner(property).sign(hashMap, options);
        String property2 = this.environment.getProperty("portalURL");
        if (property2 != null && property2.endsWith("/")) {
            property2 = property2.substring(0, property2.length() - 1);
        }
        return new NotificationParamsBuilder().user(userEntity).token(sign).registrationUrl(property2 + str + sign).build();
    }

    @Override // io.gravitee.management.service.UserService
    public UserEntity update(String str, UpdateUserEntity updateUserEntity) {
        try {
            this.LOGGER.debug("Updating {}", updateUserEntity);
            Optional findById = this.userRepository.findById(str);
            if (!findById.isPresent()) {
                throw new UserNotFoundException(str);
            }
            User user = (User) findById.get();
            User user2 = new User(user);
            user.setUpdatedAt(new Date());
            if (updateUserEntity.getPicture() != null) {
                user.setPicture(updateUserEntity.getPicture());
            }
            if (updateUserEntity.getFirstname() != null) {
                user.setFirstname(updateUserEntity.getFirstname());
            }
            if (updateUserEntity.getLastname() != null) {
                user.setLastname(updateUserEntity.getLastname());
            }
            if (updateUserEntity.getEmail() != null) {
                user.setEmail(updateUserEntity.getEmail());
            }
            if (updateUserEntity.getStatus() != null) {
                user.setStatus(UserStatus.valueOf(updateUserEntity.getStatus()));
            }
            User user3 = (User) this.userRepository.update(user);
            this.auditService.createPortalAuditLog(Collections.singletonMap(Audit.AuditProperties.USER, user.getId()), User.AuditEvent.USER_UPDATED, user.getUpdatedAt(), user2, user);
            return convert(user3, true);
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to update {}", updateUserEntity, e);
            throw new TechnicalManagementException("An error occurs while trying update " + updateUserEntity, e);
        }
    }

    @Override // io.gravitee.management.service.UserService
    public Page<UserEntity> search(String str, Pageable pageable) {
        this.LOGGER.debug("search users");
        if (str == null || str.isEmpty()) {
            return search(new UserCriteria.Builder().statuses(new UserStatus[]{UserStatus.ACTIVE}).build(), pageable);
        }
        SearchResult search = this.searchEngineService.search(QueryBuilder.create(UserEntity.class).setQuery(str).setPage(pageable).build());
        return search.hasResults() ? new Page<>(new ArrayList(findByIds(search.getDocuments())), pageable.getPageNumber(), pageable.getPageSize(), search.getHits()) : new Page<>(Collections.emptyList(), 1, 0, 0L);
    }

    @Override // io.gravitee.management.service.UserService
    public Page<UserEntity> search(UserCriteria userCriteria, Pageable pageable) {
        try {
            this.LOGGER.debug("search users");
            Page search = this.userRepository.search(userCriteria, new PageableBuilder().pageNumber(pageable.getPageNumber() - 1).pageSize(pageable.getPageSize()).build());
            return new Page<>((List) search.getContent().stream().map(user -> {
                return convert(user, false);
            }).collect(Collectors.toList()), search.getPageNumber() + 1, (int) search.getPageElements(), search.getTotalElements());
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to search users", e);
            throw new TechnicalManagementException("An error occurs while trying to search users", e);
        }
    }

    @Override // io.gravitee.management.service.UserService
    public void delete(String str) {
        try {
            long count = this.apiService.findByUser(str, null).stream().filter(apiEntity -> {
                return apiEntity.getPrimaryOwner().getId().equals(str);
            }).count();
            long count2 = this.applicationService.findByUser(str).stream().filter(applicationListItem -> {
                return applicationListItem.getPrimaryOwner() != null;
            }).filter(applicationListItem2 -> {
                return applicationListItem2.getPrimaryOwner().getId().equals(str);
            }).count();
            if (count > 0 || count2 > 0) {
                throw new StillPrimaryOwnerException(count, count2);
            }
            Optional findById = this.userRepository.findById(str);
            if (!findById.isPresent()) {
                throw new UserNotFoundException(str);
            }
            this.membershipService.removeUser(str);
            User user = (User) findById.get();
            user.setSourceId("deleted-" + user.getSourceId());
            user.setStatus(UserStatus.ARCHIVED);
            user.setUpdatedAt(new Date());
            if (this.anonymizeOnDelete) {
                user.setFirstname("Unknown");
                user.setLastname("");
                user.setEmail("");
            }
            this.userRepository.update(user);
            this.searchEngineService.delete(convert((User) findById.get(), false));
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to delete user", e);
            throw new TechnicalManagementException("An error occurs while trying to delete user", e);
        }
    }

    @Override // io.gravitee.management.service.UserService
    public void resetPassword(String str) {
        try {
            this.LOGGER.debug("Resetting password of user id {}", str);
            Optional findById = this.userRepository.findById(str);
            if (!findById.isPresent()) {
                throw new UserNotFoundException(str);
            }
            User user = (User) findById.get();
            if (!IDP_SOURCE_GRAVITEE.equals(user.getSource())) {
                throw new UserNotInternallyManagedException(str);
            }
            user.setPassword((String) null);
            user.setUpdatedAt(new Date());
            this.userRepository.update(user);
            Map<String, Object> tokenRegistrationParams = getTokenRegistrationParams(convert(user, false), NotificationParamsBuilder.RESET_PASSWORD_PATH, JWTHelper.ACTION.RESET_PASSWORD);
            this.notifierService.trigger(PortalHook.PASSWORD_RESET, tokenRegistrationParams);
            this.auditService.createPortalAuditLog(Collections.singletonMap(Audit.AuditProperties.USER, user.getId()), User.AuditEvent.PASSWORD_RESET, user.getUpdatedAt(), null, null);
            this.emailService.sendAsyncEmailNotification(new EmailNotificationBuilder().to(user.getEmail()).subject("Password reset - " + convert(user, false).getDisplayName()).template(EmailNotificationBuilder.EmailTemplate.PASSWORD_RESET).params(tokenRegistrationParams).build());
        } catch (TechnicalException e) {
            String str2 = "An error occurs while trying to reset password for user " + str;
            this.LOGGER.error(str2, e);
            throw new TechnicalManagementException(str2, e);
        }
    }

    private User convert(NewExternalUserEntity newExternalUserEntity) {
        if (newExternalUserEntity == null) {
            return null;
        }
        User user = new User();
        user.setEmail(newExternalUserEntity.getEmail());
        user.setFirstname(newExternalUserEntity.getFirstname());
        user.setLastname(newExternalUserEntity.getLastname());
        user.setSource(newExternalUserEntity.getSource());
        user.setSourceId(newExternalUserEntity.getSourceId());
        user.setStatus(UserStatus.ACTIVE);
        return user;
    }

    private User convert(UserEntity userEntity) {
        if (userEntity == null) {
            return null;
        }
        User user = new User();
        user.setId(userEntity.getId());
        user.setEmail(userEntity.getEmail());
        user.setFirstname(userEntity.getFirstname());
        user.setLastname(userEntity.getLastname());
        user.setSource(userEntity.getSource());
        user.setSourceId(userEntity.getSourceId());
        if (userEntity.getStatus() != null) {
            user.setStatus(UserStatus.valueOf(userEntity.getStatus()));
        }
        return user;
    }

    private UserEntity convert(User user, boolean z) {
        if (user == null) {
            return null;
        }
        UserEntity userEntity = new UserEntity();
        userEntity.setId(user.getId());
        userEntity.setSource(user.getSource());
        userEntity.setSourceId(user.getSourceId());
        userEntity.setEmail(user.getEmail());
        userEntity.setFirstname(user.getFirstname());
        userEntity.setLastname(user.getLastname());
        userEntity.setPassword(user.getPassword());
        userEntity.setCreatedAt(user.getCreatedAt());
        userEntity.setUpdatedAt(user.getUpdatedAt());
        userEntity.setLastConnectionAt(user.getLastConnectionAt());
        userEntity.setPicture(user.getPicture());
        if (user.getStatus() != null) {
            userEntity.setStatus(user.getStatus().name());
        }
        if (z) {
            HashSet hashSet = new HashSet();
            RoleEntity role = this.membershipService.getRole(MembershipReferenceType.PORTAL, MembershipDefaultReferenceId.DEFAULT.name(), user.getId(), io.gravitee.repository.management.model.RoleScope.PORTAL);
            if (role != null) {
                hashSet.add(convert(role));
            }
            RoleEntity role2 = this.membershipService.getRole(MembershipReferenceType.MANAGEMENT, MembershipDefaultReferenceId.DEFAULT.name(), user.getId(), io.gravitee.repository.management.model.RoleScope.MANAGEMENT);
            if (role2 != null) {
                hashSet.add(convert(role2));
            }
            userEntity.setRoles(hashSet);
        }
        return userEntity;
    }

    private UserRoleEntity convert(RoleEntity roleEntity) {
        if (roleEntity == null) {
            return null;
        }
        UserRoleEntity userRoleEntity = new UserRoleEntity();
        userRoleEntity.setScope(roleEntity.getScope());
        userRoleEntity.setName(roleEntity.getName());
        userRoleEntity.setPermissions(roleEntity.getPermissions());
        return userRoleEntity;
    }
}
