package org.molgenis.security;

import org.molgenis.auth.GroupAuthority;
import org.molgenis.auth.MolgenisGroup;
import org.molgenis.auth.MolgenisUser;
import org.molgenis.auth.UserAuthority;
import org.molgenis.data.DataService;
import org.molgenis.security.account.AccountService;
import org.molgenis.security.core.runas.RunAsSystem;
import org.molgenis.security.core.utils.SecurityUtils;
import org.molgenis.ui.admin.user.UserAccountController;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Service
/* loaded from: input_file:WEB-INF/lib/molgenis-security-1.19.0-SNAPSHOT.jar:org/molgenis/security/MolgenisSecurityWebAppDatabasePopulatorServiceImpl.class */
public class MolgenisSecurityWebAppDatabasePopulatorServiceImpl implements MolgenisSecurityWebAppDatabasePopulatorService {
    private static final String USERNAME_ADMIN = "admin";

    @Value("${admin.password:@null}")
    private String adminPassword;

    @Value("${admin.email:molgenis+admin@gmail.com}")
    private String adminEmail;

    @Value("${anonymous.email:molgenis+anonymous@gmail.com}")
    private String anonymousEmail;
    private MolgenisUser userAdmin;
    private MolgenisUser anonymousUser;
    private MolgenisGroup allUsersGroup;

    @Override // org.molgenis.security.MolgenisSecurityWebAppDatabasePopulatorService
    @RunAsSystem
    @Transactional
    public void populateDatabase(DataService dataService, String str) {
        if (this.adminPassword == null) {
            throw new RuntimeException("please configure the admin.password property in your molgenis-server.properties");
        }
        this.userAdmin = new MolgenisUser();
        this.userAdmin.setUsername("admin");
        this.userAdmin.setPassword(this.adminPassword);
        this.userAdmin.setEmail(this.adminEmail);
        this.userAdmin.setActive(true);
        this.userAdmin.setSuperuser(true);
        this.userAdmin.setChangePassword(false);
        dataService.add("molgenisUser", this.userAdmin);
        this.anonymousUser = new MolgenisUser();
        this.anonymousUser.setUsername("anonymous");
        this.anonymousUser.setPassword("anonymous");
        this.anonymousUser.setEmail(this.anonymousEmail);
        this.anonymousUser.setActive(true);
        this.anonymousUser.setSuperuser(false);
        this.anonymousUser.setChangePassword(false);
        dataService.add("molgenisUser", this.anonymousUser);
        UserAuthority userAuthority = new UserAuthority();
        userAuthority.setMolgenisUser(this.anonymousUser);
        userAuthority.setRole(SecurityUtils.AUTHORITY_ANONYMOUS);
        dataService.add("UserAuthority", userAuthority);
        this.allUsersGroup = new MolgenisGroup();
        this.allUsersGroup.setName(AccountService.ALL_USER_GROUP);
        dataService.add("molgenisGroup", this.allUsersGroup);
        dataService.getRepository("molgenisGroup").flush();
        GroupAuthority groupAuthority = new GroupAuthority();
        groupAuthority.setMolgenisGroup(this.allUsersGroup);
        groupAuthority.setRole(SecurityUtils.AUTHORITY_PLUGIN_READ_PREFIX + str.toUpperCase());
        dataService.add("GroupAuthority", groupAuthority);
        GroupAuthority groupAuthority2 = new GroupAuthority();
        groupAuthority2.setMolgenisGroup(this.allUsersGroup);
        groupAuthority2.setRole(SecurityUtils.AUTHORITY_PLUGIN_WRITE_PREFIX + UserAccountController.ID.toUpperCase());
        dataService.add("GroupAuthority", groupAuthority2);
        GroupAuthority groupAuthority3 = new GroupAuthority();
        groupAuthority3.setMolgenisGroup(this.allUsersGroup);
        groupAuthority3.setRole(SecurityUtils.AUTHORITY_ENTITY_READ_PREFIX + "languages".toUpperCase());
        dataService.add("GroupAuthority", groupAuthority3);
    }

    @Override // org.molgenis.security.MolgenisSecurityWebAppDatabasePopulatorService
    public MolgenisUser getAnonymousUser() {
        return this.anonymousUser;
    }

    @Override // org.molgenis.security.MolgenisSecurityWebAppDatabasePopulatorService
    public MolgenisUser getUserAdmin() {
        return this.userAdmin;
    }

    @Override // org.molgenis.security.MolgenisSecurityWebAppDatabasePopulatorService
    public MolgenisGroup getAllUsersGroup() {
        return this.allUsersGroup;
    }
}
