package org.georchestra.console.ws.backoffice.users;

import java.io.IOException;
import java.text.Normalizer;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.time.LocalDate;
import java.time.format.DateTimeParseException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.UUID;
import java.util.stream.Collectors;
import javax.mail.MessagingException;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.georchestra.console.dao.AdvancedDelegationDao;
import org.georchestra.console.dao.DelegationDao;
import org.georchestra.console.dto.SimpleAccount;
import org.georchestra.console.mailservice.EmailFactory;
import org.georchestra.console.model.AdminLogType;
import org.georchestra.console.model.DelegationEntry;
import org.georchestra.console.ws.backoffice.users.GDPRAccountWorker;
import org.georchestra.console.ws.backoffice.utils.RequestUtil;
import org.georchestra.console.ws.backoffice.utils.ResponseUtil;
import org.georchestra.console.ws.utils.LogUtils;
import org.georchestra.ds.DataServiceException;
import org.georchestra.ds.orgs.Org;
import org.georchestra.ds.orgs.OrgsDao;
import org.georchestra.ds.roles.RoleDao;
import org.georchestra.ds.users.Account;
import org.georchestra.ds.users.AccountDao;
import org.georchestra.ds.users.AccountFactory;
import org.georchestra.ds.users.DuplicatedEmailException;
import org.georchestra.ds.users.DuplicatedUidException;
import org.georchestra.ds.users.ProtectedUserFilter;
import org.georchestra.ds.users.UserRule;
import org.georchestra.ds.users.UserSchema;
import org.georchestra.lib.file.FileUtils;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.ldap.NameNotFoundException;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
/* loaded from: input_file:WEB-INF/classes/org/georchestra/console/ws/backoffice/users/UsersController.class */
public class UsersController {
    private static final String BASE_MAPPING = "/private";
    private static final String REQUEST_MAPPING = "/private/users";
    private static final String PUBLIC_REQUEST_MAPPING = "/public/users";

    @Value("${gdpr.allowAccountDeletion:true}")
    private Boolean gdprAllowAccountDeletion;
    private AccountDao accountDao;

    @Autowired
    private OrgsDao orgDao;

    @Autowired
    private RoleDao roleDao;

    @Autowired
    private DelegationDao delegationDao;

    @Autowired
    private AdvancedDelegationDao advancedDelegationDao;

    @Autowired
    private GDPRAccountWorker gdprInfoWorker;

    @Autowired
    private Boolean warnUserIfUidModified = false;
    private UserRule userRule;

    @Autowired
    private EmailFactory emailFactory;

    @Autowired
    protected LogUtils logUtils;
    private static final Log LOG = LogFactory.getLog(UsersController.class.getName());
    private static GrantedAuthority ROLE_SUPERUSER = AdvancedDelegationDao.ROLE_SUPERUSER;

    public void setEmailFactory(EmailFactory emailFactory) {
        this.emailFactory = emailFactory;
    }

    public void setOrgDao(OrgsDao orgsDao) {
        this.orgDao = orgsDao;
    }

    public void setDelegationDao(DelegationDao delegationDao) {
        this.delegationDao = delegationDao;
    }

    public void setAdvancedDelegationDao(AdvancedDelegationDao advancedDelegationDao) {
        this.advancedDelegationDao = advancedDelegationDao;
    }

    public void setRoleDao(RoleDao roleDao) {
        this.roleDao = roleDao;
    }

    public void setWarnUserIfUidModified(boolean z) {
        this.warnUserIfUidModified = Boolean.valueOf(z);
    }

    public void setGdprAllowAccountDeletion(Boolean bool) {
        this.gdprAllowAccountDeletion = bool;
    }

    @Autowired
    public UsersController(AccountDao accountDao, UserRule userRule) {
        this.accountDao = accountDao;
        this.userRule = userRule;
    }

    @RequestMapping(value = {REQUEST_MAPPING}, method = {RequestMethod.GET}, produces = {"application/json; charset=utf-8"})
    @PostFilter("hasPermission(filterObject, 'read')")
    @ResponseBody
    public List<SimpleAccount> findAll() throws DataServiceException {
        List<Account> findFilterBy = this.accountDao.findFilterBy(new ProtectedUserFilter(this.userRule.getListUidProtected()));
        Collections.sort(findFilterBy);
        List<Org> findAll = this.orgDao.findAll();
        HashMap hashMap = new HashMap();
        for (Org org2 : findAll) {
            hashMap.put(org2.getId(), org2.getName());
        }
        LinkedList linkedList = new LinkedList();
        for (Account account : findFilterBy) {
            SimpleAccount simpleAccount = new SimpleAccount(account);
            simpleAccount.setOrgName((String) hashMap.get(account.getOrg()));
            linkedList.add(simpleAccount);
        }
        linkedList.sort(Comparator.comparing((v0) -> {
            return v0.getSurname();
        }, Comparator.nullsLast((v0, v1) -> {
            return v0.compareToIgnoreCase(v1);
        })));
        return linkedList;
    }

    @RequestMapping(value = {"/private/users/{uid:.+}"}, method = {RequestMethod.GET}, produces = {"application/json; charset=utf-8"})
    @ResponseBody
    public Account findByUid(@PathVariable String str) throws AccessDeniedException, NameNotFoundException, DataServiceException {
        if (this.userRule.isProtected(str)) {
            throw new AccessDeniedException("The user is protected: " + str);
        }
        checkAuthorization(str);
        return this.accountDao.findByUID(str);
    }

    @GetMapping(value = {"/private/users/profile"}, produces = {"application/json; charset=utf-8"})
    @ResponseBody
    public String myProfile(HttpServletRequest httpServletRequest) throws JSONException, DataServiceException {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        List list = (List) authentication.getAuthorities().stream().map((v0) -> {
            return v0.getAuthority();
        }).map(str -> {
            return str.replaceFirst("ROLE_", "");
        }).collect(Collectors.toList());
        Account findByUID = this.accountDao.findByUID(authentication.getName());
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("uid", authentication.getName());
        jSONObject.put("roles", (Collection<?>) list);
        jSONObject.put("org", findByUID.getOrg());
        return jSONObject.toString();
    }

    @RequestMapping(value = {REQUEST_MAPPING}, method = {RequestMethod.POST}, produces = {"application/json; charset=utf-8"})
    @ResponseBody
    public Account create(HttpServletRequest httpServletRequest) throws IOException, DuplicatedEmailException, DataServiceException, DuplicatedUidException {
        DelegationEntry findOne;
        Account createAccountFromRequestBody = createAccountFromRequestBody(httpServletRequest.getInputStream());
        String name = SecurityContextHolder.getContext().getAuthentication().getName();
        if (!callerIsSuperUser() && (findOne = this.delegationDao.findOne(name)) != null && !Arrays.asList(findOne.getOrgs()).contains(createAccountFromRequestBody.getOrg())) {
            throw new AccessDeniedException("Org not under delegation");
        }
        if (this.userRule.isProtected(createAccountFromRequestBody.getUid())) {
            throw new AccessDeniedException("The user is protected: " + createAccountFromRequestBody.getUid());
        }
        this.accountDao.insert(createAccountFromRequestBody);
        this.roleDao.addUser("USER", createAccountFromRequestBody);
        this.orgDao.linkUser(createAccountFromRequestBody);
        this.logUtils.createLog(createAccountFromRequestBody.getUid(), AdminLogType.USER_CREATED, null);
        return createAccountFromRequestBody;
    }

    public boolean callerIsSuperUser() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication != null && authentication.getAuthorities().contains(ROLE_SUPERUSER);
    }

    @RequestMapping(value = {"/private/users/{uid:.+}"}, method = {RequestMethod.PUT}, produces = {"application/json; charset=utf-8"})
    @ResponseBody
    public Account update(@PathVariable String str, HttpServletRequest httpServletRequest) throws IOException, NameNotFoundException, DataServiceException, DuplicatedEmailException, ParseException, JSONException, MessagingException {
        DelegationEntry findOne;
        if (this.userRule.isProtected(str)) {
            throw new AccessDeniedException("The user is protected, it cannot be updated: " + str);
        }
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        checkAuthorization(str);
        Account findByUID = this.accountDao.findByUID(str);
        Account modifyAccount = modifyAccount(AccountFactory.create(findByUID), httpServletRequest.getInputStream());
        boolean z = findByUID.isPending() && !modifyAccount.isPending();
        if (!modifyAccount.getOrg().equals(findByUID.getOrg())) {
            if (!authentication.getAuthorities().contains(ROLE_SUPERUSER) && !Arrays.asList(this.delegationDao.findOne(authentication.getName()).getOrgs()).contains(findByUID.getOrg())) {
                throw new AccessDeniedException("User not under delegation");
            }
            this.orgDao.unlinkUser(findByUID);
        }
        this.accountDao.update(findByUID, modifyAccount);
        this.logUtils.logChanges(modifyAccount, findByUID);
        if (!modifyAccount.getOrg().equals(findByUID.getOrg())) {
            if (!authentication.getAuthorities().contains(ROLE_SUPERUSER) && !Arrays.asList(this.delegationDao.findOne(authentication.getName()).getOrgs()).contains(modifyAccount.getOrg())) {
                throw new AccessDeniedException("User not under delegation");
            }
            this.orgDao.linkUser(modifyAccount);
        }
        if (this.accountDao.hasUserDnChanged(findByUID, modifyAccount)) {
            if (z) {
                this.emailFactory.sendAccountWasCreatedEmail(httpServletRequest.getSession().getServletContext(), modifyAccount.getEmail(), modifyAccount.getCommonName(), modifyAccount.getUid());
            }
            this.roleDao.modifyUser(findByUID, modifyAccount);
            if (z) {
                this.logUtils.createLog(modifyAccount.getUid(), AdminLogType.PENDING_USER_ACCEPTED, null);
            }
        }
        if (this.accountDao.hasUserLoginChanged(findByUID, modifyAccount) && (findOne = this.delegationDao.findOne(findByUID.getUid())) != null) {
            this.delegationDao.delete((DelegationDao) findOne);
            findOne.setUid(modifyAccount.getUid());
            this.delegationDao.save((DelegationDao) findOne);
        }
        if (this.accountDao.hasUserLoginChanged(findByUID, modifyAccount) && this.warnUserIfUidModified.booleanValue()) {
            this.emailFactory.sendAccountUidRenamedEmail(httpServletRequest.getSession().getServletContext(), modifyAccount.getEmail(), modifyAccount.getCommonName(), modifyAccount.getUid());
        }
        return modifyAccount;
    }

    @RequestMapping(value = {"/private/users/{uid:.+}"}, method = {RequestMethod.DELETE}, produces = {"application/json"})
    public void delete(@PathVariable String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, DataServiceException, NameNotFoundException {
        if (this.userRule.isProtected(str)) {
            throw new AccessDeniedException("The user is protected, it cannot be deleted: " + str);
        }
        checkAuthorization(str);
        deleteAccount(this.accountDao.findByUID(str));
        ResponseUtil.writeSuccess(httpServletResponse);
    }

    private void deleteAccount(Account account) throws DataServiceException {
        this.accountDao.delete(account);
        this.roleDao.deleteUser(account);
        if (this.delegationDao.findOne(account.getUid()) != null) {
            this.delegationDao.delete((DelegationDao) account.getUid());
        }
        if (account.isPending()) {
            this.logUtils.createLog(account.getUid(), AdminLogType.PENDING_USER_REFUSED, null);
        } else {
            this.logUtils.createLog(account.getUid(), AdminLogType.USER_DELETED, null);
        }
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/account/gdpr/delete"}, produces = {"application/json"})
    public ResponseEntity<DeletedUserDataInfo> deleteCurrentUserAndGDPRData(HttpServletResponse httpServletResponse) throws DataServiceException {
        if (!this.gdprAllowAccountDeletion.booleanValue()) {
            httpServletResponse.setStatus(404);
            return null;
        }
        String name = SecurityContextHolder.getContext().getAuthentication().getName();
        Account findByUID = this.accountDao.findByUID(name);
        if (this.userRule.isProtected(findByUID.getUid())) {
            throw new AccessDeniedException("The user is protected, it cannot be deleted: " + findByUID.getUid());
        }
        LOG.info(String.format("GDPR: user %s requested to delete his records", name));
        deleteAccount(findByUID);
        return new ResponseEntity<>(toPresentation(name, this.gdprInfoWorker.deleteAccountRecords(findByUID)), HttpStatus.OK);
    }

    private DeletedUserDataInfo toPresentation(String str, GDPRAccountWorker.DeletedAccountSummary deletedAccountSummary) {
        return DeletedUserDataInfo.builder().account(str).metadata(Integer.valueOf(deletedAccountSummary.getMetadataRecords())).metadata(Integer.valueOf(deletedAccountSummary.getMetadataRecords())).ogcStats(Integer.valueOf(deletedAccountSummary.getOgcStatsRecords())).build();
    }

    @RequestMapping(value = {"/public/users/requiredFields"}, method = {RequestMethod.GET})
    public void getUserCreationRequiredFields(HttpServletResponse httpServletResponse) throws IOException {
        try {
            JSONArray jSONArray = new JSONArray();
            jSONArray.put("uid");
            jSONArray.put("mail");
            jSONArray.put(UserSchema.SURNAME_KEY);
            jSONArray.put(UserSchema.GIVEN_NAME_KEY);
            ResponseUtil.buildResponse(httpServletResponse, jSONArray.toString(4), 200);
        } catch (Exception e) {
            LOG.error(e.getMessage());
            ResponseUtil.buildResponse(httpServletResponse, ResponseUtil.buildResponseMessage(false, e.getMessage()), 500);
            throw new IOException(e);
        }
    }

    private Account modifyAccount(Account account, ServletInputStream servletInputStream) throws IOException, JSONException, ParseException, IllegalArgumentException {
        JSONObject jSONObject = new JSONObject(FileUtils.asString(servletInputStream));
        String fieldValue = RequestUtil.getFieldValue(jSONObject, UserSchema.GIVEN_NAME_KEY);
        if (fieldValue != null) {
            account.setGivenName(fieldValue);
        }
        String fieldValue2 = RequestUtil.getFieldValue(jSONObject, UserSchema.SURNAME_KEY);
        if (fieldValue2 != null) {
            account.setSurname(fieldValue2);
        }
        String fieldValue3 = RequestUtil.getFieldValue(jSONObject, "mail");
        if (fieldValue3 != null) {
            account.setEmail(fieldValue3);
        }
        String fieldValue4 = RequestUtil.getFieldValue(jSONObject, UserSchema.POSTAL_ADDRESS_KEY);
        if (fieldValue4 != null) {
            account.setPostalAddress(fieldValue4);
        }
        String fieldValue5 = RequestUtil.getFieldValue(jSONObject, UserSchema.POST_OFFICE_BOX_KEY);
        if (fieldValue5 != null) {
            account.setPostOfficeBox(fieldValue5);
        }
        String fieldValue6 = RequestUtil.getFieldValue(jSONObject, UserSchema.POSTAL_CODE_KEY);
        if (fieldValue6 != null) {
            account.setPostalCode(fieldValue6);
        }
        String fieldValue7 = RequestUtil.getFieldValue(jSONObject, UserSchema.STREET_KEY);
        if (fieldValue7 != null) {
            account.setStreet(fieldValue7);
        }
        String fieldValue8 = RequestUtil.getFieldValue(jSONObject, UserSchema.LOCALITY_KEY);
        if (fieldValue8 != null) {
            account.setLocality(fieldValue8);
        }
        String fieldValue9 = RequestUtil.getFieldValue(jSONObject, UserSchema.TELEPHONE_KEY);
        if (fieldValue9 != null) {
            account.setPhone(fieldValue9);
        }
        String fieldValue10 = RequestUtil.getFieldValue(jSONObject, UserSchema.FACSIMILE_KEY);
        if (fieldValue10 != null) {
            account.setFacsimile(fieldValue10);
        }
        String fieldValue11 = RequestUtil.getFieldValue(jSONObject, "title");
        if (fieldValue11 != null) {
            account.setTitle(fieldValue11);
        }
        String fieldValue12 = RequestUtil.getFieldValue(jSONObject, "description");
        if (fieldValue12 != null) {
            account.setDescription(fieldValue12);
        }
        account.setManager(RequestUtil.getFieldValue(jSONObject, UserSchema.MANAGER_KEY));
        String fieldValue13 = RequestUtil.getFieldValue(jSONObject, UserSchema.NOTE_KEY);
        if (fieldValue13 != null) {
            account.setNote(fieldValue13);
        }
        String fieldValue14 = RequestUtil.getFieldValue(jSONObject, UserSchema.CONTEXT_KEY);
        if (fieldValue14 != null) {
            account.setContext(fieldValue14);
        }
        String fieldValue15 = RequestUtil.getFieldValue(jSONObject, "saslUser");
        if (fieldValue15 != null) {
            account.setSASLUser(fieldValue15);
        }
        account.setCommonName(AccountFactory.formatCommonName(account.getGivenName(), account.getSurname()));
        String fieldValue16 = RequestUtil.getFieldValue(jSONObject, "uid");
        if (fieldValue16 != null) {
            account.setUid(fieldValue16);
        }
        String fieldValue17 = RequestUtil.getFieldValue(jSONObject, "org");
        if (fieldValue17 != null) {
            account.setOrg(fieldValue17);
        }
        String fieldValue18 = RequestUtil.getFieldValue(jSONObject, UserSchema.SHADOW_EXPIRE_KEY);
        if (fieldValue18 != null) {
            if ("".equals(fieldValue18)) {
                account.setShadowExpire(null);
            } else {
                account.setShadowExpire(new SimpleDateFormat("yyyy-MM-dd").parse(fieldValue18));
            }
        }
        String fieldValue19 = RequestUtil.getFieldValue(jSONObject, UserSchema.PRIVACY_POLICY_AGREEMENT_DATE_KEY);
        if (fieldValue19 != null) {
            if ("".equals(fieldValue19)) {
                account.setPrivacyPolicyAgreementDate(null);
            } else {
                try {
                    account.setPrivacyPolicyAgreementDate(LocalDate.parse(fieldValue19));
                } catch (DateTimeParseException e) {
                    LOG.error(e.getMessage());
                    throw new IllegalArgumentException(e);
                }
            }
        }
        try {
            account.setPending(jSONObject.getBoolean("pending"));
        } catch (JSONException e2) {
        }
        return account;
    }

    private Account createAccountFromRequestBody(ServletInputStream servletInputStream) throws IllegalArgumentException, IOException {
        try {
            JSONObject jSONObject = new JSONObject(FileUtils.asString(servletInputStream));
            String fieldValue = RequestUtil.getFieldValue(jSONObject, UserSchema.GIVEN_NAME_KEY);
            String fieldValue2 = RequestUtil.getFieldValue(jSONObject, UserSchema.SURNAME_KEY);
            String fieldValue3 = RequestUtil.getFieldValue(jSONObject, "mail");
            String fieldValue4 = RequestUtil.getFieldValue(jSONObject, UserSchema.POSTAL_ADDRESS_KEY);
            String fieldValue5 = RequestUtil.getFieldValue(jSONObject, UserSchema.POST_OFFICE_BOX_KEY);
            String fieldValue6 = RequestUtil.getFieldValue(jSONObject, UserSchema.POSTAL_CODE_KEY);
            String fieldValue7 = RequestUtil.getFieldValue(jSONObject, UserSchema.STREET_KEY);
            String fieldValue8 = RequestUtil.getFieldValue(jSONObject, UserSchema.LOCALITY_KEY);
            String fieldValue9 = RequestUtil.getFieldValue(jSONObject, UserSchema.TELEPHONE_KEY);
            String fieldValue10 = RequestUtil.getFieldValue(jSONObject, UserSchema.FACSIMILE_KEY);
            String fieldValue11 = RequestUtil.getFieldValue(jSONObject, "title");
            String fieldValue12 = RequestUtil.getFieldValue(jSONObject, "description");
            String fieldValue13 = RequestUtil.getFieldValue(jSONObject, UserSchema.MANAGER_KEY);
            String fieldValue14 = RequestUtil.getFieldValue(jSONObject, UserSchema.NOTE_KEY);
            String fieldValue15 = RequestUtil.getFieldValue(jSONObject, UserSchema.CONTEXT_KEY);
            String fieldValue16 = RequestUtil.getFieldValue(jSONObject, "org");
            String fieldValue17 = RequestUtil.getFieldValue(jSONObject, UserSchema.SSH_KEY);
            String[] strArr = new String[0];
            String fieldValue18 = RequestUtil.getFieldValue(jSONObject, "saslUser");
            if (!StringUtils.isEmpty(fieldValue17)) {
                strArr = fieldValue17.split("\n");
            }
            if (fieldValue == null) {
                throw new IllegalArgumentException("First Name is required");
            }
            if (fieldValue2 == null) {
                throw new IllegalArgumentException("Last Name is required");
            }
            if (fieldValue3 == null) {
                throw new IllegalArgumentException("Email is required");
            }
            String fieldValue19 = RequestUtil.getFieldValue(jSONObject, "uid");
            if (!StringUtils.hasLength(fieldValue19)) {
                try {
                    fieldValue19 = createUid(fieldValue, fieldValue2);
                } catch (DataServiceException e) {
                    LOG.error(e.getMessage());
                    throw new IOException(e);
                }
            }
            String formatCommonName = AccountFactory.formatCommonName(fieldValue, fieldValue2);
            UUID uuid = null;
            String fieldValue20 = RequestUtil.getFieldValue(jSONObject, "georchestraObjectIdentifier");
            if (StringUtils.hasLength(fieldValue20)) {
                uuid = UUID.fromString(fieldValue20);
            }
            Account createFull = AccountFactory.createFull(uuid, fieldValue19, formatCommonName, fieldValue2, fieldValue, fieldValue3, fieldValue11, fieldValue9, fieldValue12, fieldValue4, fieldValue6, "", fieldValue5, "", fieldValue7, fieldValue8, fieldValue10, "", "", "", "", fieldValue13, fieldValue14, fieldValue15, fieldValue16, strArr, fieldValue18, null, null);
            String fieldValue21 = RequestUtil.getFieldValue(jSONObject, UserSchema.SHADOW_EXPIRE_KEY);
            if (StringUtils.hasLength(fieldValue21)) {
                try {
                    createFull.setShadowExpire(new SimpleDateFormat("yyyy-MM-dd").parse(fieldValue21));
                } catch (ParseException e2) {
                    LOG.error(e2.getMessage());
                    throw new IllegalArgumentException(e2);
                }
            }
            String fieldValue22 = RequestUtil.getFieldValue(jSONObject, UserSchema.PRIVACY_POLICY_AGREEMENT_DATE_KEY);
            if (StringUtils.hasLength(fieldValue22)) {
                try {
                    createFull.setPrivacyPolicyAgreementDate(LocalDate.parse(fieldValue22));
                } catch (DateTimeParseException e3) {
                    LOG.error(e3.getMessage());
                    throw new IllegalArgumentException(e3);
                }
            }
            return createFull;
        } catch (JSONException e4) {
            LOG.error(e4.getMessage());
            throw new IOException(e4);
        }
    }

    private String createUid(String str, String str2) throws DataServiceException {
        String normalizeString = normalizeString(str.toLowerCase().charAt(0) + str2.toLowerCase());
        return this.accountDao.exists(normalizeString) ? this.accountDao.generateUid(normalizeString) : normalizeString;
    }

    private void checkAuthorization(String str) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!authentication.getAuthorities().contains(AdvancedDelegationDao.ROLE_SUPERUSER) && !this.advancedDelegationDao.findUsersUnderDelegation(authentication.getName()).contains(str)) {
            throw new AccessDeniedException("User " + str + " not under delegation");
        }
    }

    public static String normalizeString(String str) {
        return Normalizer.normalize(str, Normalizer.Form.NFD).replaceAll("\\W", "");
    }

    public void setGdprInfoWorker(GDPRAccountWorker gDPRAccountWorker) {
        this.gdprInfoWorker = gDPRAccountWorker;
    }
}
