package ovisex.handling.tool.admin.user;

import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import ovise.contract.Contract;
import ovise.domain.material.GenericMaterial;
import ovise.domain.material.UniqueKey;
import ovise.domain.model.role.DefaultRoles;
import ovise.domain.model.user.User;
import ovise.domain.model.user.UserMD;
import ovise.handling.business.AbstractBusinessProcessing;
import ovise.handling.business.BusinessProcessingException;
import ovise.handling.entity.MaterialAgent;
import ovise.handling.security.PasswordPolicy;
import ovise.handling.security.SecurityDomain;
import ovise.handling.security.access.RoleChecker;

/* loaded from: input_file:ovisex/handling/tool/admin/user/PasswordGenerationProcessing.class */
public class PasswordGenerationProcessing extends AbstractBusinessProcessing {
    static final long serialVersionUID = 9098147636810907054L;
    private List<UserMD> userMDs;
    private Map<User, String> userPasswordMap;

    public PasswordGenerationProcessing() {
        super("Passwörter erzeugen.");
        this.userMDs = new ArrayList();
        this.userPasswordMap = null;
    }

    @Override // ovise.handling.business.BusinessProcessing
    public Object getResult() throws BusinessProcessingException {
        return this;
    }

    @Override // ovise.handling.business.AbstractBusinessProcessing
    protected void doRun() throws BusinessProcessingException {
        ArrayList arrayList = new ArrayList();
        Iterator<UserMD> it = this.userMDs.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getUniqueKey());
        }
        HashMap hashMap = new HashMap();
        try {
            for (GenericMaterial genericMaterial : MaterialAgent.getSharedProxyInstance().findMaterials((UniqueKey[]) arrayList.toArray(new UniqueKey[0]))) {
                User user = (User) genericMaterial;
                if (!hasRole(user)) {
                    throw new BusinessProcessingException("Nutzer hat keine Rechte an '" + user + "'.");
                }
                hashMap.put(user.getLoginName(), user);
            }
            SecurityDomain instance = SecurityDomain.instance();
            PasswordPolicy passwordPolicy = instance.getPasswordPolicy();
            this.userPasswordMap = new HashMap();
            Iterator it2 = hashMap.entrySet().iterator();
            while (it2.hasNext()) {
                User user2 = (User) ((Map.Entry) it2.next()).getValue();
                try {
                    String createRandomPassword = passwordPolicy.createRandomPassword();
                    instance.changePassword(user2.getLoginName(), createRandomPassword, 0L);
                    this.userPasswordMap.put(user2, createRandomPassword);
                } catch (Exception e) {
                    throw new BusinessProcessingException("Fehler beim Passwort ermitteln.", e);
                }
            }
        } catch (Exception e2) {
            throw new BusinessProcessingException("Fehler beim Lesen der Nutzer.", e2);
        }
    }

    @Override // ovise.handling.business.AbstractBusinessProcessing
    protected String getAccessContext() {
        return "*,*,usrel|usreg";
    }

    void add(UserMD userMD) {
        Contract.checkNotNull(userMD);
        Contract.check(userMD.getUniqueKey().isValid(), "user muss gueltig sein bzw. existieren.");
        this.userMDs.add(userMD);
    }

    Map<User, String> getUsers() {
        return this.userPasswordMap;
    }

    private boolean hasRole(User user) {
        Principal principal = getPrincipal();
        return RoleChecker.hasRole(principal, DefaultRoles.GLOBAL_USER_EDITOR) ? true : RoleChecker.hasRole(principal, user.getOrganization().getShortcut(), DefaultRoles.LOCAL_USER_EDITOR);
    }
}
