package org.neo4j.server.security.auth;

import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.stream.Stream;
import org.neo4j.graphdb.Transaction;
import org.neo4j.internal.kernel.api.exceptions.ProcedureException;
import org.neo4j.internal.kernel.api.security.SecurityContext;
import org.neo4j.kernel.api.exceptions.Status;
import org.neo4j.kernel.api.procedure.SystemProcedure;
import org.neo4j.kernel.internal.GraphDatabaseAPI;
import org.neo4j.procedure.Context;
import org.neo4j.procedure.Description;
import org.neo4j.procedure.Mode;
import org.neo4j.procedure.Name;
import org.neo4j.procedure.Procedure;

/* loaded from: input_file:org/neo4j/server/security/auth/AuthProcedures.class */
public class AuthProcedures {

    @Context
    public SecurityContext securityContext;

    @Context
    public Transaction transaction;

    @Context
    public GraphDatabaseAPI graph;
    private static List<String> changeRequiredList = List.of("password_change_required");

    /* loaded from: input_file:org/neo4j/server/security/auth/AuthProcedures$UserResult.class */
    public static class UserResult {
        public final String username;
        public final List<String> roles = null;
        public final List<String> flags;

        UserResult(String str, boolean z) {
            this.username = str;
            this.flags = z ? AuthProcedures.changeRequiredList : Collections.emptyList();
        }
    }

    @Deprecated
    @Description("Create a new user.")
    @Procedure(name = "dbms.security.createUser", mode = Mode.DBMS, deprecatedBy = "Administration command: CREATE USER")
    @SystemProcedure
    public void createUser(@Name("username") String str, @Name("password") String str2, @Name(value = "requirePasswordChange", defaultValue = "true") boolean z) throws ProcedureException {
        Object[] objArr = new Object[3];
        objArr[0] = escapeParameter(str);
        objArr[1] = str2 == null ? "" : str2;
        objArr[2] = z ? "CHANGE REQUIRED" : "CHANGE NOT REQUIRED";
        runSystemCommand(String.format("CREATE USER %s SET PASSWORD '%s' %s", objArr), "dbms.security.createUser");
    }

    @Deprecated
    @Description("Delete the specified user.")
    @Procedure(name = "dbms.security.deleteUser", mode = Mode.DBMS, deprecatedBy = "Administration command: DROP USER")
    @SystemProcedure
    public void deleteUser(@Name("username") String str) throws ProcedureException {
        runSystemCommand(String.format("DROP USER %s", escapeParameter(str)), "dbms.security.deleteUser");
    }

    @Deprecated
    @Description("Change the current user's password.")
    @Procedure(name = "dbms.security.changePassword", mode = Mode.DBMS, deprecatedBy = "Administration command: ALTER CURRENT USER SET PASSWORD")
    @SystemProcedure
    public void changePassword(@Name("password") String str) throws ProcedureException {
        throw new ProcedureException(Status.Statement.FeatureDeprecationWarning, "This procedure is no longer available, use: 'ALTER CURRENT USER SET PASSWORD'", new Object[0]);
    }

    @Procedure(name = "dbms.showCurrentUser", mode = Mode.DBMS)
    @SystemProcedure
    @Description("Show the current user.")
    public Stream<UserResult> showCurrentUser() {
        this.securityContext.assertCredentialsNotExpired();
        return Stream.of(new UserResult(this.securityContext.subject().username(), false));
    }

    @Deprecated
    @Description("List all native users.")
    @Procedure(name = "dbms.security.listUsers", mode = Mode.DBMS, deprecatedBy = "Administration command: SHOW USERS")
    @SystemProcedure
    public Stream<UserResult> listUsers() throws ProcedureException {
        ArrayList arrayList = new ArrayList();
        try {
            this.transaction.execute("SHOW USERS").accept(resultRow -> {
                arrayList.add(new UserResult(resultRow.getString("user"), resultRow.getBoolean("passwordChangeRequired").booleanValue()));
                return true;
            });
        } catch (Exception e) {
            translateException(e, "dbms.security.listUsers");
        }
        return arrayList.isEmpty() ? showCurrentUser() : arrayList.stream();
    }

    private void runSystemCommand(String str, String str2) throws ProcedureException {
        try {
            this.transaction.execute(str).accept(resultRow -> {
                return true;
            });
        } catch (Exception e) {
            translateException(e, str2);
        }
    }

    private void translateException(Exception exc, String str) throws ProcedureException {
        Status statusCodeOf = Status.statusCodeOf(exc);
        if (statusCodeOf != null && statusCodeOf.equals(Status.Statement.NotSystemDatabaseError)) {
            throw new ProcedureException(Status.Procedure.ProcedureCallFailed, exc, String.format("This is an administration command and it should be executed against the system database: %s", str), new Object[0]);
        }
        throw new ProcedureException(Status.Procedure.ProcedureCallFailed, exc, exc.getMessage(), new Object[0]);
    }

    private String escapeParameter(String str) {
        Object[] objArr = new Object[1];
        objArr[0] = str == null ? "" : str;
        return String.format("`%s`", objArr);
    }
}
