package org.alfresco.repo.security.authentication;

import java.io.Serializable;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.providers.dao.User;
import net.sf.acegisecurity.providers.dao.UsernameNotFoundException;
import net.sf.acegisecurity.providers.encoding.PasswordEncoder;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.security.person.UserNameMatcher;
import org.alfresco.repo.tenant.MultiTAdminServiceImpl;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
import org.alfresco.service.cmr.search.SearchService;
import org.alfresco.service.namespace.NamespacePrefixResolver;
import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.namespace.QName;
import org.alfresco.service.namespace.RegexQNamePattern;
import org.springframework.dao.DataAccessException;

/* loaded from: input_file:WEB-INF/lib/alfresco-repository-3.2r2.jar:org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.class */
public class RepositoryAuthenticationDao implements MutableAuthenticationDao {
    private static final StoreRef STOREREF_USERS = new StoreRef("user", MultiTAdminServiceImpl.STORE_BASE_ID_USER);
    private NodeService nodeService;
    private TenantService tenantService;
    private NamespacePrefixResolver namespacePrefixResolver;
    private DictionaryService dictionaryService;
    private SearchService searchService;
    private RetryingTransactionHelper retryingTransactionHelper;
    private PasswordEncoder passwordEncoder;
    private UserNameMatcher userNameMatcher;

    public boolean getUserNamesAreCaseSensitive() {
        return this.userNameMatcher.getUserNamesAreCaseSensitive();
    }

    public void setUserNameMatcher(UserNameMatcher userNameMatcher) {
        this.userNameMatcher = userNameMatcher;
    }

    public void setDictionaryService(DictionaryService dictionaryService) {
        this.dictionaryService = dictionaryService;
    }

    public void setNamespaceService(NamespacePrefixResolver namespacePrefixResolver) {
        this.namespacePrefixResolver = namespacePrefixResolver;
    }

    public void setNodeService(NodeService nodeService) {
        this.nodeService = nodeService;
    }

    public void setRetryingTransactionHelper(RetryingTransactionHelper retryingTransactionHelper) {
        this.retryingTransactionHelper = retryingTransactionHelper;
    }

    public void setTenantService(TenantService tenantService) {
        this.tenantService = tenantService;
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    public void setSearchService(SearchService searchService) {
        this.searchService = searchService;
    }

    @Override // net.sf.acegisecurity.providers.dao.AuthenticationDao
    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException, DataAccessException {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull == null) {
            throw new UsernameNotFoundException("Could not find user by userName: " + str);
        }
        Map<QName, Serializable> properties = this.nodeService.getProperties(userOrNull);
        return new User((String) DefaultTypeConverter.INSTANCE.convert(String.class, properties.get(ContentModel.PROP_USER_USERNAME)), (String) DefaultTypeConverter.INSTANCE.convert(String.class, properties.get(ContentModel.PROP_PASSWORD)), getEnabled(userOrNull), !getAccountHasExpired(userOrNull), !getCredentialsHaveExpired(userOrNull), !getAccountlocked(userOrNull), new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_AUTHENTICATED")});
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    public org.alfresco.service.cmr.repository.NodeRef getUserOrNull(java.lang.String r7) {
        /*
            Method dump skipped, instructions count: 272
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.alfresco.repo.security.authentication.RepositoryAuthenticationDao.getUserOrNull(java.lang.String):org.alfresco.service.cmr.repository.NodeRef");
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public void createUser(String str, char[] cArr) throws AuthenticationException {
        this.tenantService.checkDomainUser(str);
        if (getUserOrNull(str) != null) {
            throw new AuthenticationException("User already exists: " + str);
        }
        NodeRef userFolderLocation = getUserFolderLocation(str);
        HashMap hashMap = new HashMap();
        hashMap.put(ContentModel.PROP_USER_USERNAME, str);
        hashMap.put(ContentModel.PROP_SALT, null);
        hashMap.put(ContentModel.PROP_PASSWORD, this.passwordEncoder.encodePassword(new String(cArr), null));
        hashMap.put(ContentModel.PROP_ACCOUNT_EXPIRES, false);
        hashMap.put(ContentModel.PROP_CREDENTIALS_EXPIRE, false);
        hashMap.put(ContentModel.PROP_ENABLED, true);
        hashMap.put(ContentModel.PROP_ACCOUNT_LOCKED, false);
        this.nodeService.createNode(userFolderLocation, ContentModel.ASSOC_CHILDREN, ContentModel.TYPE_USER, ContentModel.TYPE_USER, hashMap);
    }

    private NodeRef getUserFolderLocation(String str) {
        QName createQName = QName.createQName(NamespaceService.SYSTEM_MODEL_PREFIX, "system", this.namespacePrefixResolver);
        QName createQName2 = QName.createQName(NamespaceService.SYSTEM_MODEL_PREFIX, "people", this.namespacePrefixResolver);
        List<ChildAssociationRef> childAssocs = this.nodeService.getChildAssocs(this.nodeService.getRootNode(this.tenantService.getName(str, new StoreRef(STOREREF_USERS.getProtocol(), STOREREF_USERS.getIdentifier()))), RegexQNamePattern.MATCH_ALL, createQName);
        if (childAssocs.size() == 0) {
            throw new AlfrescoRuntimeException("Required authority system folder path not found: " + createQName);
        }
        List<ChildAssociationRef> childAssocs2 = this.nodeService.getChildAssocs(childAssocs.get(0).getChildRef(), RegexQNamePattern.MATCH_ALL, createQName2);
        if (childAssocs2.size() == 0) {
            throw new AlfrescoRuntimeException("Required user folder path not found: " + createQName2);
        }
        return childAssocs2.get(0).getChildRef();
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public void updateUser(String str, char[] cArr) throws AuthenticationException {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull == null) {
            throw new AuthenticationException("User name does not exist: " + str);
        }
        Map<QName, Serializable> properties = this.nodeService.getProperties(userOrNull);
        properties.remove(ContentModel.PROP_SALT);
        properties.put(ContentModel.PROP_SALT, null);
        properties.remove(ContentModel.PROP_PASSWORD);
        properties.put(ContentModel.PROP_PASSWORD, this.passwordEncoder.encodePassword(new String(cArr), null));
        this.nodeService.setProperties(userOrNull, properties);
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public void deleteUser(String str) throws AuthenticationException {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull == null) {
            throw new AuthenticationException("User name does not exist: " + str);
        }
        this.nodeService.deleteNode(userOrNull);
    }

    @Override // net.sf.acegisecurity.providers.dao.SaltSource
    public Object getSalt(UserDetails userDetails) {
        return null;
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public boolean userExists(String str) {
        return getUserOrNull(str) != null;
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public boolean getAccountExpires(String str) {
        Serializable property;
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull == null || (property = this.nodeService.getProperty(userOrNull, ContentModel.PROP_ACCOUNT_EXPIRES)) == null) {
            return false;
        }
        return DefaultTypeConverter.INSTANCE.booleanValue(property);
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public Date getAccountExpiryDate(String str) {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull != null && DefaultTypeConverter.INSTANCE.booleanValue(this.nodeService.getProperty(userOrNull, ContentModel.PROP_ACCOUNT_EXPIRES))) {
            return (Date) DefaultTypeConverter.INSTANCE.convert(Date.class, this.nodeService.getProperty(userOrNull, ContentModel.PROP_ACCOUNT_EXPIRY_DATE));
        }
        return null;
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public boolean getAccountHasExpired(String str) {
        return getAccountHasExpired(getUserOrNull(str));
    }

    private boolean getAccountHasExpired(NodeRef nodeRef) {
        Date date;
        return nodeRef != null && DefaultTypeConverter.INSTANCE.booleanValue(this.nodeService.getProperty(nodeRef, ContentModel.PROP_ACCOUNT_EXPIRES)) && (date = (Date) DefaultTypeConverter.INSTANCE.convert(Date.class, this.nodeService.getProperty(nodeRef, ContentModel.PROP_ACCOUNT_EXPIRY_DATE))) != null && date.compareTo(new Date()) < 1;
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public boolean getAccountlocked(String str) {
        return getAccountlocked(getUserOrNull(str));
    }

    private boolean getAccountlocked(NodeRef nodeRef) {
        Serializable property;
        if (nodeRef == null || (property = this.nodeService.getProperty(nodeRef, ContentModel.PROP_ACCOUNT_LOCKED)) == null) {
            return false;
        }
        return DefaultTypeConverter.INSTANCE.booleanValue(property);
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public boolean getCredentialsExpire(String str) {
        return getCredentialsExpired(getUserOrNull(str));
    }

    private boolean getCredentialsExpired(NodeRef nodeRef) {
        Serializable property;
        if (nodeRef == null || (property = this.nodeService.getProperty(nodeRef, ContentModel.PROP_CREDENTIALS_EXPIRE)) == null) {
            return false;
        }
        return DefaultTypeConverter.INSTANCE.booleanValue(property);
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public Date getCredentialsExpiryDate(String str) {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull != null && DefaultTypeConverter.INSTANCE.booleanValue(this.nodeService.getProperty(userOrNull, ContentModel.PROP_CREDENTIALS_EXPIRE))) {
            return (Date) DefaultTypeConverter.INSTANCE.convert(Date.class, this.nodeService.getProperty(userOrNull, ContentModel.PROP_CREDENTIALS_EXPIRY_DATE));
        }
        return null;
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public boolean getCredentialsHaveExpired(String str) {
        return getCredentialsHaveExpired(getUserOrNull(str));
    }

    private boolean getCredentialsHaveExpired(NodeRef nodeRef) {
        Date date;
        return nodeRef != null && DefaultTypeConverter.INSTANCE.booleanValue(this.nodeService.getProperty(nodeRef, ContentModel.PROP_CREDENTIALS_EXPIRE)) && (date = (Date) DefaultTypeConverter.INSTANCE.convert(Date.class, this.nodeService.getProperty(nodeRef, ContentModel.PROP_CREDENTIALS_EXPIRY_DATE))) != null && date.compareTo(new Date()) < 1;
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public boolean getEnabled(String str) {
        return getEnabled(getUserOrNull(str));
    }

    private boolean getEnabled(NodeRef nodeRef) {
        if (nodeRef == null) {
            return false;
        }
        Serializable property = this.nodeService.getProperty(nodeRef, ContentModel.PROP_ENABLED);
        if (property == null) {
            return true;
        }
        return DefaultTypeConverter.INSTANCE.booleanValue(property);
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public void setAccountExpires(String str, boolean z) {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull == null) {
            throw new AuthenticationException("User not found: " + str);
        }
        this.nodeService.setProperty(userOrNull, ContentModel.PROP_ACCOUNT_EXPIRES, Boolean.valueOf(z));
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public void setAccountExpiryDate(String str, Date date) {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull == null) {
            throw new AuthenticationException("User not found: " + str);
        }
        this.nodeService.setProperty(userOrNull, ContentModel.PROP_ACCOUNT_EXPIRY_DATE, date);
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public void setCredentialsExpire(String str, boolean z) {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull == null) {
            throw new AuthenticationException("User not found: " + str);
        }
        this.nodeService.setProperty(userOrNull, ContentModel.PROP_CREDENTIALS_EXPIRE, Boolean.valueOf(z));
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public void setCredentialsExpiryDate(String str, Date date) {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull == null) {
            throw new AuthenticationException("User not found: " + str);
        }
        this.nodeService.setProperty(userOrNull, ContentModel.PROP_CREDENTIALS_EXPIRY_DATE, date);
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public void setEnabled(String str, boolean z) {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull == null) {
            throw new AuthenticationException("User not found: " + str);
        }
        this.nodeService.setProperty(userOrNull, ContentModel.PROP_ENABLED, Boolean.valueOf(z));
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public void setLocked(String str, boolean z) {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull == null) {
            throw new AuthenticationException("User not found: " + str);
        }
        this.nodeService.setProperty(userOrNull, ContentModel.PROP_ACCOUNT_LOCKED, Boolean.valueOf(z));
    }

    @Override // org.alfresco.repo.security.authentication.MutableAuthenticationDao
    public String getMD4HashedPassword(String str) {
        NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull == null) {
            return null;
        }
        return (String) DefaultTypeConverter.INSTANCE.convert(String.class, this.nodeService.getProperty(userOrNull, ContentModel.PROP_PASSWORD));
    }
}
