package com.orientechnologies.orient.core.metadata.security;

import com.orientechnologies.orient.core.db.document.ODatabaseDocument;
import com.orientechnologies.orient.core.exception.OSecurityException;
import com.orientechnologies.orient.core.hook.ODocumentHookAbstract;
import com.orientechnologies.orient.core.hook.ORecordHook;
import com.orientechnologies.orient.core.metadata.schema.OClass;
import com.orientechnologies.orient.core.record.impl.ODocument;
import com.orientechnologies.orient.core.security.OSecurityManager;
import io.vertx.ext.web.handler.FormLoginHandler;

/* loaded from: input_file:com/orientechnologies/orient/core/metadata/security/OUserTrigger.class */
public class OUserTrigger extends ODocumentHookAbstract {
    private OClass userClass;
    private OClass roleClass;

    public OUserTrigger(ODatabaseDocument oDatabaseDocument) {
        super(oDatabaseDocument);
        setIncludeClasses(OUser.CLASS_NAME, ORole.CLASS_NAME);
    }

    @Override // com.orientechnologies.orient.core.hook.ORecordHook
    public ORecordHook.DISTRIBUTED_EXECUTION_MODE getDistributedExecutionMode() {
        return ORecordHook.DISTRIBUTED_EXECUTION_MODE.TARGET_NODE;
    }

    @Override // com.orientechnologies.orient.core.hook.ODocumentHookAbstract
    public ORecordHook.RESULT onRecordBeforeCreate(ODocument oDocument) {
        init();
        return oDocument.getSchemaClass().isSubClassOf(this.userClass) ? encodePassword(oDocument) : ORecordHook.RESULT.RECORD_NOT_CHANGED;
    }

    @Override // com.orientechnologies.orient.core.hook.ODocumentHookAbstract
    public ORecordHook.RESULT onRecordBeforeUpdate(ODocument oDocument) {
        init();
        return oDocument.getSchemaClass().isSubClassOf(this.userClass) ? encodePassword(oDocument) : ORecordHook.RESULT.RECORD_NOT_CHANGED;
    }

    private ORecordHook.RESULT encodePassword(ODocument oDocument) {
        if (oDocument.field("name") == null) {
            throw new OSecurityException("User name not found");
        }
        String str = (String) oDocument.field(FormLoginHandler.DEFAULT_PASSWORD_PARAM);
        if (str == null) {
            throw new OSecurityException("User '" + oDocument.field("name") + "' has no password");
        }
        if (str.startsWith(OSecurityManager.ALGORITHM_PREFIX)) {
            return ORecordHook.RESULT.RECORD_NOT_CHANGED;
        }
        oDocument.field(FormLoginHandler.DEFAULT_PASSWORD_PARAM, (Object) OUser.encryptPassword(str));
        return ORecordHook.RESULT.RECORD_CHANGED;
    }

    private void init() {
        if (this.userClass == null) {
            this.userClass = this.database.getMetadata().getSchema().getClass(OUser.CLASS_NAME);
        }
        if (this.roleClass == null) {
            this.roleClass = this.database.getMetadata().getSchema().getClass(ORole.CLASS_NAME);
        }
    }
}
