package de.whitefrog.frogr.auth.repository;

import de.whitefrog.frogr.auth.model.BaseUser;
import de.whitefrog.frogr.auth.model.Role;
import de.whitefrog.frogr.auth.rest.oauth.Authenticator;
import de.whitefrog.frogr.exception.MissingRequiredException;
import de.whitefrog.frogr.exception.PersistException;
import de.whitefrog.frogr.model.Base;
import de.whitefrog.frogr.model.FieldList;
import de.whitefrog.frogr.model.SaveContext;
import de.whitefrog.frogr.repository.BaseModelRepository;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import javax.validation.ConstraintViolation;
import javax.validation.ConstraintViolationException;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.Validate;
import org.neo4j.graphdb.Node;
import org.neo4j.graphdb.Result;
import org.neo4j.helpers.collection.Iterators;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/whitefrog/frogr/auth/repository/BaseUserRepository.class */
public class BaseUserRepository<U extends BaseUser> extends BaseModelRepository<U> {
    private static final Logger logger = LoggerFactory.getLogger(BaseUserRepository.class);
    private Role roles = new Role();

    public Role getRoles() {
        return this.roles;
    }

    public String generateHash(String str) {
        return DigestUtils.sha1Hex(str);
    }

    public U login(String str, String str2) {
        Validate.notEmpty(str);
        Validate.notEmpty(str2);
        HashMap hashMap = new HashMap();
        hashMap.put(BaseUser.Login, str);
        hashMap.put(BaseUser.Password, generateHash(str2));
        Result execute = graph().execute("match (m:" + label().name() + ") where m.login = {login} and m.password = {password} return m", hashMap);
        try {
            if (!execute.hasNext()) {
                throw new RuntimeException("Wrong username or password");
            }
            U createModel = createModel((Node) ((Map) Iterators.single(execute)).get("m"), FieldList.parseFields(BaseUser.AccessToken));
            if (createModel.getAccessToken() == null) {
                createModel.setAccessToken(UUID.randomUUID().toString());
            }
            Authenticator.updateLastApiAccess(createModel.getAccessToken());
            save((Base) createModel);
            execute.close();
            return createModel;
        } catch (Throwable th) {
            execute.close();
            throw th;
        }
    }

    public void register(U u) {
        u.setRole(Role.User);
        save((Base) u);
    }

    public void save(SaveContext<U> saveContext) throws PersistException {
        BaseUser model = saveContext.model();
        if (model.getPersisted()) {
            model.setPassword(null);
        } else {
            if (StringUtils.isEmpty(model.getPassword())) {
                throw new MissingRequiredException("must provide a password");
            }
            Set<ConstraintViolation> validateProperty = service().validator().validateProperty(model, BaseUser.Password, new Class[0]);
            if (!validateProperty.isEmpty()) {
                for (ConstraintViolation constraintViolation : validateProperty) {
                    logger.error(constraintViolation.getPropertyPath().toString() + " " + constraintViolation.getMessage());
                }
                throw new ConstraintViolationException("violations storing " + saveContext.model(), validateProperty);
            }
            model.setPassword(generateHash(model.getPassword()));
        }
        super.save(saveContext);
    }

    public void validateModel(SaveContext<U> saveContext) {
        BaseUser model = saveContext.model();
        if (!model.getPersisted()) {
            if (model.getPassword() == null || model.getPassword().isEmpty()) {
                throw new MissingRequiredException("must provide a password");
            }
            if (model.getRole() == null) {
                throw new MissingRequiredException("no role specified");
            }
        }
        if (!saveContext.fieldChanged(BaseUser.Password)) {
            super.validateModel(saveContext);
        } else {
            saveContext.model().addCheckedField(BaseUser.Password);
            super.validateModel(saveContext);
        }
    }
}
