package com.atlassian.jira.web.action.user;

import com.atlassian.crowd.embedded.api.CrowdService;
import com.atlassian.crowd.embedded.api.User;
import com.atlassian.crowd.exception.FailedAuthenticationException;
import com.atlassian.jira.plugin.user.PasswordPolicyManager;
import com.atlassian.jira.plugin.user.WebErrorMessage;
import com.atlassian.jira.security.type.SingleUser;
import com.atlassian.jira.security.xsrf.RequiresXsrfCheck;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.user.util.UserManager;
import com.atlassian.jira.user.util.UserUtil;
import com.atlassian.jira.util.dbc.Assertions;
import com.atlassian.jira.web.action.JiraWebActionSupport;
import com.atlassian.jira.web.action.admin.user.UserPasswordActionHelper;
import com.opensymphony.util.TextUtils;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:com/atlassian/jira/web/action/user/ChangePassword.class */
public class ChangePassword extends JiraWebActionSupport {
    private String current;
    private String password;
    private String confirm;
    private String username;
    private final UserUtil userUtil;
    private final UserManager userManager;
    private final CrowdService crowdService;
    private final PasswordPolicyManager passwordPolicyManager;
    private final List<WebErrorMessage> passwordErrors = new ArrayList();

    public ChangePassword(UserUtil userUtil, UserManager userManager, CrowdService crowdService, PasswordPolicyManager passwordPolicyManager) {
        this.userUtil = userUtil;
        this.userManager = userManager;
        this.crowdService = crowdService;
        this.passwordPolicyManager = passwordPolicyManager;
    }

    public String doDefault() throws Exception {
        ApplicationUser loggedInApplicationUser = getLoggedInApplicationUser();
        if (loggedInApplicationUser == null || !loggedInApplicationUser.getUsername().equals(this.username)) {
            return "error";
        }
        if (this.userManager.userCanUpdateOwnDetails(loggedInApplicationUser)) {
            return super.doDefault();
        }
        addErrorMessage(getText("editprofile.not.allowed"));
        return "error";
    }

    protected void doValidation() {
        ApplicationUser applicationUser = (ApplicationUser) Assertions.notNull(SingleUser.DESC, getLoggedInApplicationUser());
        if (applicationUser == null) {
            addErrorMessage(getText("changepassword.could.not.find.user"));
            return;
        }
        if (!this.userManager.userCanUpdateOwnDetails(applicationUser)) {
            addErrorMessage(getText("editprofile.not.allowed"));
            return;
        }
        try {
            this.crowdService.authenticate(applicationUser.getUsername(), this.current);
        } catch (Exception e) {
            addErrorMessage(getText("changepassword.could.not.find.user"));
        } catch (FailedAuthenticationException e2) {
            addError("current", getText("changepassword.current.password.incorrect"));
        }
        if (!TextUtils.stringSet(this.password)) {
            addError("password", getText("changepassword.new.password.required"));
            return;
        }
        if (!this.password.equals(this.confirm)) {
            addError("confirm", getText("changepassword.new.password.confirmation.does.not.match"));
            return;
        }
        Collection<WebErrorMessage> checkPolicy = this.passwordPolicyManager.checkPolicy(applicationUser, this.current, this.password);
        if (checkPolicy.isEmpty()) {
            return;
        }
        addError("password", getText("changepassword.new.password.rejected"));
        Iterator<WebErrorMessage> it = checkPolicy.iterator();
        while (it.hasNext()) {
            this.passwordErrors.add(it.next());
        }
    }

    @RequiresXsrfCheck
    protected String doExecute() throws Exception {
        User loggedInUser = getLoggedInUser();
        if (loggedInUser == null || !loggedInUser.getName().equals(this.username)) {
            return "error";
        }
        new UserPasswordActionHelper(this, this.userUtil).setPassword(loggedInUser, this.password);
        return invalidInput() ? "error" : returnComplete();
    }

    public boolean canUpdateUserPassword() {
        return this.userManager.canUpdateUserPassword(getLoggedInUser());
    }

    public String doSuccess() {
        return "success";
    }

    public void setCurrent(String str) {
        this.current = str;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public List<WebErrorMessage> getPasswordErrors() {
        return this.passwordErrors;
    }

    public void setConfirm(String str) {
        this.confirm = str;
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }
}
