package com.cumulocity.model.user;

import com.cumulocity.model.acl.DevicePermission;
import com.cumulocity.model.application.Application;
import com.cumulocity.model.audit.AuditLogSource;
import com.cumulocity.model.audit.annotation.IncludeFieldInAuditLog;
import com.cumulocity.model.jpa.AbstractExtensiblePersistable;
import com.cumulocity.model.jpa.JpaDateTimeConverter;
import com.cumulocity.model.user.command.UserEmailAware;
import com.cumulocity.model.util.DateTimeUtils;
import com.google.common.base.Predicate;
import com.google.common.collect.Iterables;
import com.google.common.collect.Ordering;
import java.util.Comparator;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import javax.annotation.Nullable;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.EnumType;
import javax.persistence.Enumerated;
import javax.persistence.FetchType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
import javax.persistence.OneToMany;
import javax.persistence.PrePersist;
import javax.persistence.Table;
import javax.persistence.Transient;
import org.eclipse.persistence.annotations.Convert;
import org.eclipse.persistence.annotations.Converter;
import org.eclipse.persistence.annotations.OptimisticLocking;
import org.eclipse.persistence.annotations.OptimisticLockingType;
import org.joda.time.DateTime;
import org.svenson.JSONProperty;

@Table(name = "users")
@Entity
@IncludeFieldInAuditLog({"roles", "groups", "devicePermissions", "applications"})
@OptimisticLocking(type = OptimisticLockingType.ALL_COLUMNS)
/* loaded from: input_file:com/cumulocity/model/user/User.class */
public class User extends AbstractExtensiblePersistable<String> implements UserEmailAware, AuditLogSource {
    private static final long serialVersionUID = -3459815457227046252L;

    @Id
    @Column(name = "username")
    private String username;

    @Column(name = "password")
    private String password;

    @Column(name = "should_reset_password")
    private Boolean shouldResetPassword;

    @Convert("dateTimeConverter")
    @Column(name = "last_password_change", columnDefinition = "TIMESTAMP")
    @Converter(name = "dateTimeConverter", converterClass = JpaDateTimeConverter.class)
    private DateTime lastPasswordChange;

    @Column(name = "enabled")
    private Boolean enabled;

    @Column(name = "firstname")
    private String firstname;

    @Column(name = "lastname")
    private String lastname;

    @Column(name = "phone")
    private String phone;

    @Column(name = "email")
    private String email;

    @Column(name = "password_strength")
    @Enumerated(EnumType.STRING)
    private PasswordStrength passwordStrength;

    @Column(name = "password_encryption")
    @Enumerated(EnumType.ORDINAL)
    private PasswordEncryption passwordEncryption;

    @Column(name = "origin")
    @Enumerated(EnumType.STRING)
    private UserOrigin origin;

    @ManyToMany
    @JoinTable(name = "authorities", joinColumns = {@JoinColumn(name = "username", referencedColumnName = "username")}, inverseJoinColumns = {@JoinColumn(name = "authority", referencedColumnName = "authority")})
    private List<Authority> roles;

    @ManyToMany
    @JoinTable(name = "group_members", joinColumns = {@JoinColumn(name = "username", referencedColumnName = "username")}, inverseJoinColumns = {@JoinColumn(name = "group_id", referencedColumnName = "id")})
    private List<Group> groups;

    @JoinColumn(name = "user_id")
    @OneToMany(cascade = {CascadeType.ALL}, orphanRemoval = true, fetch = FetchType.EAGER)
    private List<DevicePermission> devicePermissions;

    @JoinColumn(name = "user_id")
    @OneToMany(cascade = {CascadeType.ALL}, orphanRemoval = true)
    private List<AuthenticationToken> authenticationTokens;

    @ManyToMany
    @JoinTable(name = "application_permission_user", joinColumns = {@JoinColumn(name = "user_id", referencedColumnName = "username")}, inverseJoinColumns = {@JoinColumn(name = "application_id", referencedColumnName = "ID")})
    private List<Application> applications;

    @Column(name = "two_factor_authentication_enabled")
    private Boolean twoFactorAuthenticationEnabled;

    @JoinColumn(name = "user_id")
    @OneToMany(cascade = {CascadeType.ALL}, orphanRemoval = true)
    private List<UserLastPassword> lastPasswords;

    public User() {
        this.roles = new LinkedList();
        this.groups = new LinkedList();
        this.devicePermissions = new LinkedList();
        this.authenticationTokens = new LinkedList();
        this.applications = new LinkedList();
        this.lastPasswords = new LinkedList();
    }

    public User(String str, Boolean bool) {
        this(str, null, bool);
    }

    public User(String str, String str2, Boolean bool) {
        this(str, str2, false, null, bool, null, null, null, null, null, UserOrigin.BASIC, null, PasswordEncryption.SHA, null);
    }

    public User(String str, String str2, PasswordEncryption passwordEncryption, Boolean bool) {
        this(str, str2, false, null, bool, null, null, null, null, null, UserOrigin.BASIC, null, passwordEncryption, null);
    }

    public User(String str, String str2, Boolean bool, DateTime dateTime, Boolean bool2, String str3, String str4, String str5, String str6, PasswordStrength passwordStrength, UserOrigin userOrigin, String str7, PasswordEncryption passwordEncryption, Boolean bool3) {
        this.roles = new LinkedList();
        this.groups = new LinkedList();
        this.devicePermissions = new LinkedList();
        this.authenticationTokens = new LinkedList();
        this.applications = new LinkedList();
        this.lastPasswords = new LinkedList();
        this.username = str;
        this.password = str2;
        this.shouldResetPassword = bool;
        this.lastPasswordChange = dateTime;
        this.enabled = bool2;
        this.firstname = str3;
        this.lastname = str4;
        this.phone = str5;
        this.email = str6;
        this.passwordStrength = passwordStrength;
        this.origin = userOrigin;
        this.attrs = str7;
        this.passwordEncryption = passwordEncryption;
        this.twoFactorAuthenticationEnabled = bool3;
    }

    public User(User user) {
        this(user.getUsername(), user.getPassword(), user.getShouldResetPassword(), user.getLastPasswordChange(), user.getEnabled(), user.getFirstname(), user.getLastname(), user.getPhone(), user.getEmail(), user.getPasswordStrength(), user.getOrigin(), user.getAttrs(), user.getPasswordEncryption(), user.getTwoFactorAuthenticationEnabled());
        this.roles.addAll(user.getRoles());
        this.groups.addAll(user.getGroups());
        this.devicePermissions.addAll(user.getDevicePermissions());
        this.applications.addAll(user.getApplications());
    }

    /* renamed from: getId, reason: merged with bridge method [inline-methods] */
    public String m22getId() {
        return getUsername();
    }

    public void setId(String str) {
        setUsername(str);
    }

    @Override // com.cumulocity.model.user.command.UserEmailAware
    public String getUserName() {
        return getUsername();
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public Boolean getEnabled() {
        return this.enabled;
    }

    public void setEnabled(Boolean bool) {
        this.enabled = bool;
    }

    public String getFirstname() {
        return this.firstname;
    }

    public void setFirstname(String str) {
        this.firstname = str;
    }

    public String getLastname() {
        return this.lastname;
    }

    public void setLastname(String str) {
        this.lastname = str;
    }

    public String getPhone() {
        return this.phone;
    }

    public void setPhone(String str) {
        this.phone = str;
    }

    @Override // com.cumulocity.model.user.command.UserEmailAware
    public String getEmail() {
        return this.email;
    }

    public void setEmail(String str) {
        this.email = str;
    }

    public PasswordStrength getPasswordStrength() {
        return this.passwordStrength;
    }

    public void setPasswordStrength(PasswordStrength passwordStrength) {
        this.passwordStrength = passwordStrength;
    }

    public UserOrigin getOrigin() {
        return this.origin;
    }

    public void setOrigin(UserOrigin userOrigin) {
        this.origin = userOrigin;
    }

    public List<Authority> getRoles() {
        return this.roles;
    }

    public void setRoles(List<Authority> list) {
        this.roles = list == null ? new LinkedList<>() : list;
    }

    public boolean hasRole(Authority authority) {
        return getRoles().contains(authority);
    }

    public boolean addRole(Authority authority) {
        return !hasRole(authority) && getRoles().add(authority);
    }

    public boolean removeRole(Authority authority) {
        return getRoles().remove(authority);
    }

    public List<Group> getGroups() {
        return this.groups;
    }

    public void setGroups(List<Group> list) {
        this.groups = list == null ? new LinkedList<>() : list;
    }

    public boolean hasGroup(Group group) {
        return getGroups().contains(group);
    }

    public boolean addGroup(Group group) {
        return !hasGroup(group) && getGroups().add(group);
    }

    public boolean removeGroup(Group group) {
        return getGroups().remove(group);
    }

    public List<DevicePermission> getDevicePermissions() {
        return this.devicePermissions;
    }

    public void setDevicePermissions(List<DevicePermission> list) {
        this.devicePermissions = list == null ? new LinkedList<>() : list;
    }

    public boolean hasDevicePermission(DevicePermission devicePermission) {
        return getDevicePermissions().contains(devicePermission);
    }

    public boolean addDevicePermission(DevicePermission devicePermission) {
        return !hasDevicePermission(devicePermission) && getDevicePermissions().add(devicePermission);
    }

    public List<AuthenticationToken> getAuthenticationTokens() {
        return this.authenticationTokens;
    }

    public void setAuthenticationTokens(List<AuthenticationToken> list) {
        this.authenticationTokens = list;
    }

    public List<Application> getApplications() {
        return this.applications;
    }

    public void setApplications(List<Application> list) {
        this.applications = list;
    }

    public void addApplication(Application application) {
        this.applications.add(application);
    }

    public Boolean getShouldResetPassword() {
        return this.shouldResetPassword;
    }

    public void setShouldResetPassword(Boolean bool) {
        this.shouldResetPassword = bool;
    }

    public DateTime getLastPasswordChange() {
        return this.lastPasswordChange;
    }

    public void setLastPasswordChange(DateTime dateTime) {
        DateTimeUtils.checkChronologyUTC(dateTime);
        this.lastPasswordChange = dateTime;
    }

    @JSONProperty(ignore = true)
    public Object getLogSource() {
        return getUserName();
    }

    @PrePersist
    private void updateLastPasswordChangeDate() {
        if (this.lastPasswordChange == null) {
            this.lastPasswordChange = DateTimeUtils.nowUTC();
        }
    }

    @JSONProperty(ignore = true)
    @Transient
    public boolean hasTwoFactorAuthenticationEnabled() {
        return getTwoFactorAuthenticationEnabled() != null && getTwoFactorAuthenticationEnabled().booleanValue();
    }

    @Transient
    public void addLastPassword(String str) {
        this.lastPasswords.add(UserLastPassword.lastPassword().user(this).password(str).usedFrom(DateTimeUtils.nowUTC()).build());
    }

    @Transient
    public boolean removeLastPassword(String str) {
        return this.lastPasswords.remove(UserLastPassword.lastPassword().user(this).password(str).build());
    }

    @Transient
    public boolean lastPasswordContains(String str) {
        return this.lastPasswords.contains(UserLastPassword.lastPassword().user(this).password(str).build());
    }

    @Transient
    public void stripLastPasswordsToNNewest(Integer num) {
        this.lastPasswords = Ordering.from(new Comparator<UserLastPassword>() { // from class: com.cumulocity.model.user.User.1
            @Override // java.util.Comparator
            public int compare(UserLastPassword userLastPassword, UserLastPassword userLastPassword2) {
                return userLastPassword.getUsedFrom().compareTo(userLastPassword2.getUsedFrom());
            }
        }).greatestOf(this.lastPasswords, num.intValue());
    }

    @Transient
    public Set<Authority> getAllRoles() {
        HashSet hashSet = new HashSet();
        hashSet.addAll(this.roles);
        Iterator<Group> it = this.groups.iterator();
        while (it.hasNext()) {
            hashSet.addAll(it.next().getRoles());
        }
        return hashSet;
    }

    @Transient
    public boolean isDeviceUser() {
        Iterator<Group> it = this.groups.iterator();
        while (it.hasNext()) {
            if (DefaultGroup.DEVICE_GROUP.getName().equalsIgnoreCase(it.next().getName())) {
                return true;
            }
        }
        return false;
    }

    @Transient
    public boolean isSystemUser() {
        return Iterables.any(getAllRoles(), new Predicate<Authority>() { // from class: com.cumulocity.model.user.User.2
            public boolean apply(@Nullable Authority authority) {
                return DefaultAuthority.SYSTEM.getAuthority().equals(authority.getAuthority());
            }
        });
    }

    @JSONProperty(ignore = true)
    @Transient
    public boolean isSystem() {
        for (String str : DefaultAuthority.getSystemRoles()) {
            Iterator<Authority> it = getAllRoles().iterator();
            while (it.hasNext()) {
                if (str.equals(it.next().getAuthority())) {
                    return true;
                }
            }
        }
        return false;
    }

    public PasswordEncryption getPasswordEncryption() {
        return this.passwordEncryption;
    }

    public Boolean getTwoFactorAuthenticationEnabled() {
        return this.twoFactorAuthenticationEnabled;
    }

    public List<UserLastPassword> getLastPasswords() {
        return this.lastPasswords;
    }

    public void setPasswordEncryption(PasswordEncryption passwordEncryption) {
        this.passwordEncryption = passwordEncryption;
    }

    public void setTwoFactorAuthenticationEnabled(Boolean bool) {
        this.twoFactorAuthenticationEnabled = bool;
    }

    public void setLastPasswords(List<UserLastPassword> list) {
        this.lastPasswords = list;
    }
}
