package it.at7.gemini.auth.events;

import it.at7.gemini.auth.core.AuthEntityOperationContext;
import it.at7.gemini.auth.core.UserRef;
import it.at7.gemini.auth.exceptions.AuthException;
import it.at7.gemini.core.EntityRecord;
import it.at7.gemini.core.events.BeforeCreateRecord;
import it.at7.gemini.core.events.BeforeDeleteRecord;
import it.at7.gemini.core.events.BeforeInsertField;
import it.at7.gemini.core.events.BeforeUpdateRecord;
import it.at7.gemini.core.events.EventContext;
import it.at7.gemini.core.events.Events;
import it.at7.gemini.core.events.OnUpdateField;
import it.at7.gemini.exceptions.GeminiException;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.util.StringUtils;

@Events(entityName = UserRef.NAME, order = -100)
/* loaded from: input_file:it/at7/gemini/auth/events/UserEvents.class */
public class UserEvents {

    @Value("${gemini.auth.userchecks:true}")
    private boolean CHECK_USER;
    static final /* synthetic */ boolean $assertionsDisabled;

    @BeforeInsertField(field = UserRef.FIELDS.DISPLAY_NAME)
    public String defaultDisplayName(EventContext eventContext) {
        EntityRecord entityRecord = eventContext.getEntityRecord();
        String str = (String) entityRecord.get(UserRef.FIELDS.DISPLAY_NAME);
        return StringUtils.isEmpty(str) ? (String) entityRecord.get(UserRef.FIELDS.USERNAME) : str;
    }

    @BeforeUpdateRecord
    public void checkUserPermission(EventContext eventContext) throws GeminiException {
        if (this.CHECK_USER) {
            Optional<AuthEntityOperationContext> extractAuthOperationContext = AuthEntityOperationContext.extractAuthOperationContext(eventContext);
            if (extractAuthOperationContext.isPresent()) {
                AuthEntityOperationContext authEntityOperationContext = extractAuthOperationContext.get();
                Optional persistedEntityRecord = eventContext.getPersistedEntityRecord();
                if (!$assertionsDisabled && !persistedEntityRecord.isPresent()) {
                    throw new AssertionError();
                }
                EntityRecord entityRecord = (EntityRecord) persistedEntityRecord.get();
                String username = authEntityOperationContext.getUsername();
                if (!username.equals("Admin") && !username.equals(entityRecord.get(UserRef.FIELDS.USERNAME))) {
                    throw AuthException.OPEARTION_NOT_PERMITTED_FOR_USER(username);
                }
            }
        }
    }

    @BeforeCreateRecord
    @BeforeDeleteRecord
    public void checkAdminPermission(EventContext eventContext) throws GeminiException {
        if (this.CHECK_USER) {
            Optional<AuthEntityOperationContext> extractAuthOperationContext = AuthEntityOperationContext.extractAuthOperationContext(eventContext);
            if (extractAuthOperationContext.isPresent() && !extractAuthOperationContext.get().getUsername().equals("Admin")) {
                throw AuthException.ADMIN_REQUIRED();
            }
        }
    }

    @OnUpdateField(field = UserRef.FIELDS.USERNAME)
    public void cannotUpdateUsername(EventContext eventContext) throws AuthException {
        Optional persistedEntityRecord = eventContext.getPersistedEntityRecord();
        if (!$assertionsDisabled && !persistedEntityRecord.isPresent()) {
            throw new AssertionError();
        }
        EntityRecord entityRecord = eventContext.getEntityRecord();
        EntityRecord entityRecord2 = (EntityRecord) persistedEntityRecord.get();
        Object obj = entityRecord.get(UserRef.FIELDS.USERNAME);
        if (obj != null && !entityRecord2.get(UserRef.FIELDS.USERNAME).equals(obj)) {
            throw AuthException.CANNOT_CHANGE_USERNAME();
        }
    }

    static {
        $assertionsDisabled = !UserEvents.class.desiredAssertionStatus();
    }
}
