package org.exist.xquery.functions.xmldb;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.exist.dom.QName;
import org.exist.security.internal.aider.UserAider;
import org.exist.xmldb.LocalCollection;
import org.exist.xmldb.UserManagementService;
import org.exist.xmldb.XmldbURI;
import org.exist.xquery.BasicFunction;
import org.exist.xquery.FunctionSignature;
import org.exist.xquery.XPathException;
import org.exist.xquery.XQueryContext;
import org.exist.xquery.functions.securitymanager.AccountManagementFunction;
import org.exist.xquery.value.FunctionParameterSequenceType;
import org.exist.xquery.value.Sequence;
import org.exist.xquery.value.SequenceType;
import org.xmldb.api.base.XMLDBException;

@Deprecated
/* loaded from: input_file:WEB-INF/lib/exist.jar:org/exist/xquery/functions/xmldb/XMLDBCreateUser.class */
public class XMLDBCreateUser extends BasicFunction {
    protected static final Logger logger = LogManager.getLogger((Class<?>) XMLDBCreateUser.class);
    public static final FunctionSignature[] signatures = {new FunctionSignature(new QName("create-user", XMLDBModule.NAMESPACE_URI, "xmldb"), "Create a new user, $user-id, in the database. The XQuery owner must have appropriate privileges to do this, e.g. having DBA role. $user-id is the username, $password is the password, $groups is the sequence of group memberships. The first group in the sequence is the primary group.$home-collection-uri is the home collection URI.Collection URIs can be specified either as a simple collection path or an XMLDB URI.", new SequenceType[]{new FunctionParameterSequenceType("user-id", 22, 2, "The user-id"), new FunctionParameterSequenceType("password", 22, 2, "The password"), new FunctionParameterSequenceType("groups", 22, 6, "The group memberships"), new FunctionParameterSequenceType("home-collection-uri", 22, 3, "The home collection URI")}, new SequenceType(11, 1), "$home-collection-uri has no effect since 2.0. You should use the sm:create-account function from the SecurityManager module instead."), new FunctionSignature(new QName("create-user", XMLDBModule.NAMESPACE_URI, "xmldb"), "Create a new user, $user-id, in the database. The XQuery owner must have appropriate privileges to do this, e.g. having DBA role. $user-id is the username, $password is the password, $groups is the sequence of group memberships. The first group in the sequence is the primary group.Collection URIs can be specified either as a simple collection path or an XMLDB URI.", new SequenceType[]{new FunctionParameterSequenceType("user-id", 22, 2, "The user-id"), new FunctionParameterSequenceType("password", 22, 2, "The password"), new FunctionParameterSequenceType("groups", 22, 6, "The group memberships")}, new SequenceType(11, 1), AccountManagementFunction.FNS_CREATE_ACCOUNT_WITH_PERSONAL_GROUP_WITH_METADATA)};

    public XMLDBCreateUser(XQueryContext xQueryContext, FunctionSignature functionSignature) {
        super(xQueryContext, functionSignature);
    }

    @Override // org.exist.xquery.BasicFunction
    public Sequence eval(Sequence[] sequenceArr, Sequence sequence) throws XPathException {
        if (!this.context.getSubject().hasDbaRole()) {
            XPathException xPathException = new XPathException(this, "Permission denied, calling user '" + this.context.getSubject().getName() + "' must be a DBA to call this function.");
            logger.error("Invalid user", (Throwable) xPathException);
            throw xPathException;
        }
        String stringValue = sequenceArr[0].getStringValue();
        String stringValue2 = sequenceArr[1].getStringValue();
        logger.info("Attempting to create user " + stringValue);
        UserAider userAider = new UserAider(stringValue);
        userAider.setPassword(stringValue2);
        Sequence sequence2 = sequenceArr[2];
        int itemCount = sequence2.getItemCount();
        for (int i = 0; i < itemCount; i++) {
            userAider.addGroup(sequence2.itemAt(i).getStringValue());
        }
        LocalCollection localCollection = null;
        try {
            try {
                localCollection = new LocalCollection(this.context.getSubject(), this.context.getBroker().getBrokerPool(), XmldbURI.ROOT_COLLECTION_URI);
                ((UserManagementService) localCollection.getService("UserManagementService", "1.0")).addAccount(userAider);
                if (null != localCollection) {
                    try {
                        localCollection.close();
                    } catch (XMLDBException e) {
                    }
                }
                return Sequence.EMPTY_SEQUENCE;
            } catch (XMLDBException e2) {
                logger.error("Failed to create user: " + stringValue);
                if (logger.isDebugEnabled()) {
                    logger.debug("Failed to create user: " + stringValue, (Throwable) e2);
                }
                throw new XPathException(this, "Failed to create new user '" + stringValue + "' by " + this.context.getSubject().getName(), e2);
            }
        } catch (Throwable th) {
            if (null != localCollection) {
                try {
                    localCollection.close();
                } catch (XMLDBException e3) {
                }
            }
            throw th;
        }
    }
}
