package de.sep.sesam.restapi.service;

import de.sep.sesam.common.logging.ContextLogger;
import de.sep.sesam.common.logging.LogGroup;
import de.sep.sesam.common.logging.SesamComponent;
import de.sep.sesam.common.logging.messages.SecurityMessages;
import de.sep.sesam.common.logging.messages.SimpleMessage;
import de.sep.sesam.gui.common.DefaultGroupNames;
import de.sep.sesam.gui.common.DefaultRoleNames;
import de.sep.sesam.gui.common.DefaultUserNames;
import de.sep.sesam.model.Groups;
import de.sep.sesam.model.Permissions;
import de.sep.sesam.model.Users;
import de.sep.sesam.model.dto.GroupsDto;
import de.sep.sesam.model.type.UserOrigin;
import de.sep.sesam.restapi.authentication.SessionContext;
import de.sep.sesam.restapi.authentication.util.PasswordGenerator;
import de.sep.sesam.restapi.dao.DaoAccessor;
import de.sep.sesam.restapi.exception.ServiceException;
import de.sep.sesam.restapi.util.ContextLoggable;
import java.util.ArrayList;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:de/sep/sesam/restapi/service/ConsistencyCheckService.class */
public class ConsistencyCheckService implements ContextLoggable {

    @Autowired
    private DaoAccessor daos;
    private ContextLogger logger = new ContextLogger(getClass(), SesamComponent.SERVER);

    /* JADX WARN: Multi-variable type inference failed */
    public void checkDB() throws ServiceException {
        Permissions permissions = (Permissions) this.daos.getPermissionsDao().get(1L);
        if (permissions == null) {
            this.logger.error("checkDB", LogGroup.SECURITY, new SimpleMessage("Check DB for correct UI permissions set ... FAILED. Permissions table is empty. Please force an DB update."), new Object[0]);
        }
        if (SessionContext.SKIPRIGHT_AUTH.equals(permissions.getName())) {
            this.logger.info("checkDB", LogGroup.SECURITY, new SimpleMessage("Check DB for correct UI permissions set ... SUCCEEDED."), new Object[0]);
        } else {
            this.logger.error("checkDB", LogGroup.SECURITY, new SimpleMessage("Check DB for correct UI permissions set ...FAILED. Deprecated set of permissions detected. Please force an DB update."), new Object[0]);
        }
    }

    public void checkSystemUsers(boolean z) throws ServiceException {
        this.logger.debug("checkSystemUsers", LogGroup.SECURITY, new SimpleMessage("Checking {0} user; reset = {1}"), DefaultUserNames.ADMIN_USER, Boolean.valueOf(z));
        Users byNameInternal = this.daos.getUsersDao().getByNameInternal(DefaultUserNames.ADMIN_USER);
        if (byNameInternal == null) {
            Users users = new Users();
            users.setName(DefaultUserNames.ADMIN_USER);
            users.setEnabled(true);
            users.setPasswordExpired(false);
            users.setOrigin(UserOrigin.SYSTEM);
            users.setPassword(PasswordGenerator.generate());
            users.setUsercomment("Administrator user");
            this.logger.warn("checkSystemUsers", LogGroup.SECURITY, SecurityMessages.USER_GENERATED, DefaultUserNames.ADMIN_USER, users.getPassword());
            users.setLocked(false);
            this.daos.getUsersDao().create(users);
        } else if (z) {
            byNameInternal.setLocked(false);
            byNameInternal.setAccountExpired(false);
            byNameInternal.setEnabled(true);
            byNameInternal.setOrigin(UserOrigin.SYSTEM);
            byNameInternal.setPasswordExpired(false);
            byNameInternal.setPassword(PasswordGenerator.generate());
            this.logger.warn("checkSystemUsers", LogGroup.SECURITY, SecurityMessages.USER_RESET, DefaultUserNames.ADMIN_USER);
            this.daos.getUsersDao().update(byNameInternal);
        } else if (byNameInternal.getOrigin() != UserOrigin.SYSTEM) {
            byNameInternal.setOrigin(UserOrigin.SYSTEM);
            this.daos.getUsersDao().update(byNameInternal);
        }
        this.logger.debug("checkSystemUsers", LogGroup.SECURITY, new SimpleMessage("Checking {0} user"), DefaultUserNames.SESAM_USER, Boolean.valueOf(z));
        Users byNameInternal2 = this.daos.getUsersDao().getByNameInternal(DefaultUserNames.SESAM_USER);
        if (byNameInternal2 != null) {
            byNameInternal2.setLocked(false);
            byNameInternal2.setAccountExpired(false);
            byNameInternal2.setEnabled(true);
            byNameInternal2.setOrigin(UserOrigin.INTERNAL);
            byNameInternal2.setPasswordExpired(false);
            byNameInternal2.setUsercomment("Internal System user");
            this.daos.getUsersDao().update(byNameInternal2);
            return;
        }
        Users users2 = new Users();
        users2.setName(DefaultUserNames.SESAM_USER);
        users2.setEnabled(true);
        users2.setPasswordExpired(false);
        users2.setOrigin(UserOrigin.INTERNAL);
        users2.setPassword(PasswordGenerator.generate());
        users2.setUsercomment("Internal System user");
        this.logger.warn("checkSystemUsers", LogGroup.SECURITY, SecurityMessages.USER_GENERATED, users2.getName());
        users2.setLocked(false);
        this.daos.getUsersDao().create(users2);
    }

    public String resetPassword(String str) throws ServiceException {
        Users byIdInternal = this.daos.getUsersDao().getByIdInternal(str);
        if (byIdInternal == null) {
            byIdInternal = this.daos.getUsersDao().getByNameInternal(str);
        }
        if (byIdInternal == null) {
            return null;
        }
        String generate = PasswordGenerator.generate();
        byIdInternal.setPassword(generate);
        byIdInternal.setPasswordExpired(false);
        this.daos.getUsersDao().update(byIdInternal);
        return generate;
    }

    public void checkAdminGroup() throws ServiceException {
        Groups byName = this.daos.getGroupsDao().getByName(DefaultGroupNames.ADMIN);
        if (byName == null) {
            byName = new Groups();
            byName.setName(DefaultGroupNames.ADMIN);
            byName.setUsercomment("Automatically generated administration group with all permissions");
            byName.setEnabled(true);
            this.daos.getGroupsDao().create(byName);
        } else {
            byName.setEnabled(true);
            this.daos.getGroupsDao().update(byName);
        }
        Users byNameInternal = this.daos.getUsersDao().getByNameInternal(DefaultUserNames.ADMIN_USER);
        Users byNameInternal2 = this.daos.getUsersDao().getByNameInternal(DefaultUserNames.SESAM_USER);
        GroupsDto details = this.daos.getGroupsDao().getDetails(byName.getId());
        boolean z = false;
        boolean z2 = false;
        for (Users users : details.getUsers()) {
            if (users.getId() != null && byNameInternal != null && users.getId().equals(byNameInternal.getId())) {
                z = true;
            }
            if (users.getId() != null && byNameInternal2 != null && users.getId().equals(byNameInternal2.getId())) {
                z2 = true;
            }
        }
        if (!z && byNameInternal != null) {
            details.getUsers().add(byNameInternal);
        }
        if (!z2 && byNameInternal2 != null) {
            details.getUsers().add(byNameInternal2);
        }
        details.setRoles(new ArrayList());
        details.getRoles().add(this.daos.getRolesDao().getByName(DefaultRoleNames.SUPERUSER_ROLE));
        this.daos.getGroupsDao().persistGroup(details);
    }

    @Override // de.sep.sesam.restapi.util.ContextLoggable, de.sep.sesam.restapi.dao.IGenericDao
    public ContextLogger logger() {
        return this.logger;
    }
}
