package org.redpill.alfresco.ldap.security.authentication;

import java.util.HashMap;
import java.util.Iterator;
import org.alfresco.repo.policy.BehaviourFilter;
import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authentication.RepositoryAuthenticationDao;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.transaction.TransactionService;
import org.apache.log4j.Logger;
import org.redpill.alfresco.ldap.model.RlLdapModel;
import org.redpill.alfresco.ldap.service.LdapUserService;
import org.springframework.util.Assert;

/* loaded from: input_file:org/redpill/alfresco/ldap/security/authentication/CustomRepositoryAuthenticationDao.class */
public class CustomRepositoryAuthenticationDao extends RepositoryAuthenticationDao {
    private static final Logger LOG = Logger.getLogger(CustomRepositoryAuthenticationDao.class);
    protected String syncZoneId;
    protected LdapUserService ldapUserService;
    protected AuthorityService authorityService;
    protected BehaviourFilter behaviourFilter;
    protected TransactionService transactionService;

    public void setTransactionService(TransactionService transactionService) {
        super.setTransactionService(transactionService);
        setTransactionService(transactionService);
    }

    public void setBehaviourFilter(BehaviourFilter behaviourFilter) {
        this.behaviourFilter = behaviourFilter;
    }

    protected boolean shouldSkipCreate(NodeRef nodeRef, String str) {
        boolean z = false;
        if (0 == 0) {
            Iterator it = this.authorityService.getAuthorityZones(str).iterator();
            while (it.hasNext()) {
                if (((String) it.next()).startsWith("AUTH.EXT.")) {
                    if (LOG.isTraceEnabled()) {
                        LOG.trace("User " + str + " is originating from an external zone already. Will not move to LDAP.");
                    }
                    z = true;
                }
            }
            if (AuthenticationUtil.getAdminUserName().equals(str)) {
                LOG.info("Skipping admin user. Will not move to LDAP.");
                z = true;
            }
            if (AuthenticationUtil.getSystemUserName().equals(str) || (AuthenticationUtil.getSystemUserName() + "User").equals(str)) {
                LOG.info("Skipping sytem user. Will not move to LDAP.");
                z = true;
            }
        }
        return z;
    }

    public void createUser(final String str, final char[] cArr) throws AuthenticationException {
        super.createUser(str, cArr);
        final NodeRef userOrNull = getUserOrNull(str);
        if (userOrNull != null) {
            if (this.authorityService.getAuthorityZones(str).contains("AUTH.EXT." + this.syncZoneId)) {
                LOG.warn("user already in zone");
            }
            if (shouldSkipCreate(userOrNull, str)) {
                return;
            }
            this.transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() { // from class: org.redpill.alfresco.ldap.security.authentication.CustomRepositoryAuthenticationDao.1
                /* renamed from: execute, reason: merged with bridge method [inline-methods] */
                public Void m6execute() throws Throwable {
                    boolean isEnabled = CustomRepositoryAuthenticationDao.this.behaviourFilter.isEnabled(userOrNull);
                    if (isEnabled) {
                        CustomRepositoryAuthenticationDao.this.behaviourFilter.disableBehaviour(userOrNull);
                    }
                    String copyValueOf = String.copyValueOf(cArr);
                    HashMap hashMap = new HashMap();
                    CustomRepositoryAuthenticationDao.LOG.trace("Adding temporary password aspect for user " + str);
                    hashMap.put(RlLdapModel.PROP_TEMPORARY_PASSWORD, copyValueOf);
                    CustomRepositoryAuthenticationDao.this.nodeService.addAspect(userOrNull, RlLdapModel.ASPECT_TEMPORARY_PASSWORD, hashMap);
                    if (!isEnabled) {
                        return null;
                    }
                    CustomRepositoryAuthenticationDao.this.behaviourFilter.enableBehaviour(userOrNull);
                    return null;
                }
            }, false, true);
        }
    }

    public void setSyncZoneId(String str) {
        this.syncZoneId = str;
    }

    public void setLdapUserService(LdapUserService ldapUserService) {
        this.ldapUserService = ldapUserService;
    }

    public void setAuthorityService(AuthorityService authorityService) {
        this.authorityService = authorityService;
        super.setAuthorityService(authorityService);
    }

    public void afterPropertiesSet() throws Exception {
        super.afterPropertiesSet();
        Assert.hasText(this.syncZoneId);
        Assert.notNull(this.ldapUserService);
    }
}
