package org.openmbee.mms.localuser.controllers;

import io.swagger.v3.oas.annotations.tags.Tag;
import java.util.ArrayList;
import java.util.List;
import org.openmbee.mms.core.exceptions.BadRequestException;
import org.openmbee.mms.core.exceptions.NotFoundException;
import org.openmbee.mms.core.exceptions.UnauthorizedException;
import org.openmbee.mms.core.utils.AuthenticationUtils;
import org.openmbee.mms.data.domains.global.User;
import org.openmbee.mms.localuser.security.UserCreateRequest;
import org.openmbee.mms.localuser.security.UserDetailsServiceImpl;
import org.openmbee.mms.localuser.security.UsersResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RestController
@Tag(name = "Auth")
/* loaded from: input_file:org/openmbee/mms/localuser/controllers/LocalUserController.class */
public class LocalUserController {
    private UserDetailsServiceImpl userDetailsService;

    @Autowired
    public LocalUserController(UserDetailsServiceImpl userDetailsServiceImpl) {
        this.userDetailsService = userDetailsServiceImpl;
    }

    @PostMapping(value = {"/user"}, consumes = {"application/json"})
    @PreAuthorize("hasAuthority('mmsadmin')")
    public UserCreateRequest createUser(@RequestBody UserCreateRequest userCreateRequest) {
        try {
            this.userDetailsService.m2loadUserByUsername(userCreateRequest.getUsername());
            throw new BadRequestException("User already exists");
        } catch (UsernameNotFoundException e) {
            this.userDetailsService.register(userCreateRequest);
            return userCreateRequest;
        }
    }

    @GetMapping({"/users"})
    @PreAuthorize("isAuthenticated()")
    public UsersResponse getUsers(@RequestParam(required = false) String str) {
        UsersResponse usersResponse = new UsersResponse();
        List<User> arrayList = new ArrayList();
        if (str != null) {
            arrayList.add(this.userDetailsService.m2loadUserByUsername(str).getUser());
        } else {
            arrayList = this.userDetailsService.getUsers();
        }
        usersResponse.setUsers(arrayList);
        return usersResponse;
    }

    @PostMapping(value = {"/password"}, consumes = {"application/json"})
    @PreAuthorize("isAuthenticated()")
    public Object updatePassword(@RequestBody UserCreateRequest userCreateRequest, Authentication authentication) {
        String name = authentication.getName();
        boolean hasGroup = AuthenticationUtils.hasGroup(authentication, "mmsadmin");
        if (!hasGroup) {
            try {
                if (!name.equals(userCreateRequest.getUsername())) {
                    throw new UnauthorizedException("Not authorized");
                }
            } catch (UsernameNotFoundException e) {
                if (hasGroup) {
                    throw new NotFoundException("User not found");
                }
                throw new UnauthorizedException("Not authorized");
            }
        }
        this.userDetailsService.changeUserPassword(userCreateRequest.getUsername(), userCreateRequest.getPassword(), hasGroup);
        return "";
    }
}
