package org.thingsboard.server.controller;

import com.fasterxml.jackson.databind.JsonNode;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.servlet.http.HttpServletRequest;
import java.beans.ConstructorProperties;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import org.thingsboard.common.util.JacksonUtil;
import org.thingsboard.rule.engine.api.MailService;
import org.thingsboard.server.common.data.EntityType;
import org.thingsboard.server.common.data.User;
import org.thingsboard.server.common.data.UserActivationLink;
import org.thingsboard.server.common.data.UserEmailInfo;
import org.thingsboard.server.common.data.alarm.Alarm;
import org.thingsboard.server.common.data.exception.ThingsboardErrorCode;
import org.thingsboard.server.common.data.exception.ThingsboardException;
import org.thingsboard.server.common.data.id.AlarmId;
import org.thingsboard.server.common.data.id.CustomerId;
import org.thingsboard.server.common.data.id.DashboardId;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.id.UserId;
import org.thingsboard.server.common.data.mobile.MobileSessionInfo;
import org.thingsboard.server.common.data.page.PageData;
import org.thingsboard.server.common.data.page.PageLink;
import org.thingsboard.server.common.data.query.EntityDataPageLink;
import org.thingsboard.server.common.data.query.EntityDataQuery;
import org.thingsboard.server.common.data.query.EntityKey;
import org.thingsboard.server.common.data.query.EntityKeyType;
import org.thingsboard.server.common.data.query.EntityTypeFilter;
import org.thingsboard.server.common.data.query.TsValue;
import org.thingsboard.server.common.data.security.Authority;
import org.thingsboard.server.common.data.security.event.UserCredentialsInvalidationEvent;
import org.thingsboard.server.common.data.security.model.JwtPair;
import org.thingsboard.server.common.data.settings.UserDashboardAction;
import org.thingsboard.server.common.data.settings.UserDashboardsInfo;
import org.thingsboard.server.common.data.settings.UserSettings;
import org.thingsboard.server.common.data.settings.UserSettingsType;
import org.thingsboard.server.config.annotations.ApiOperation;
import org.thingsboard.server.dao.entity.BaseEntityService;
import org.thingsboard.server.dao.entity.EntityService;
import org.thingsboard.server.queue.util.TbCoreComponent;
import org.thingsboard.server.service.entitiy.user.TbUserService;
import org.thingsboard.server.service.query.EntityQueryService;
import org.thingsboard.server.service.queue.TbRuleEngineConsumerStats;
import org.thingsboard.server.service.security.model.SecurityUser;
import org.thingsboard.server.service.security.model.UserPrincipal;
import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
import org.thingsboard.server.service.security.permission.Operation;
import org.thingsboard.server.service.security.permission.Resource;

@RequestMapping({"/api"})
@TbCoreComponent
@RestController
/* loaded from: input_file:org/thingsboard/server/controller/UserController.class */
public class UserController extends BaseController {
    public static final String USER_ID = "userId";
    public static final String PATHS = "paths";
    public static final String YOU_DON_T_HAVE_PERMISSION_TO_PERFORM_THIS_OPERATION = "You don't have permission to perform this operation!";
    public static final String MOBILE_TOKEN_HEADER = "X-Mobile-Token";

    @Value("${security.user_token_access_enabled}")
    private boolean userTokenAccessEnabled;
    private final MailService mailService;
    private final JwtTokenFactory tokenFactory;
    private final ApplicationEventPublisher eventPublisher;
    private final TbUserService tbUserService;
    private final EntityQueryService entityQueryService;
    private final EntityService entityService;

    @RequestMapping(value = {"/user/{userId}"}, method = {RequestMethod.GET})
    @ApiOperation(value = "Get User (getUserById)", notes = "Fetch the User object based on the provided User Id. If the user has the authority of 'SYS_ADMIN', the server does not perform additional checks. If the user has the authority of 'TENANT_ADMIN', the server checks that the requested user is owned by the same tenant. If the user has the authority of 'CUSTOMER_USER', the server checks that the requested user is owned by the same customer.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    @ResponseBody
    public User getUserById(@PathVariable("userId") @Parameter(description = "A string value representing the user id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str) throws ThingsboardException {
        checkParameter(USER_ID, str);
        User checkUserId = checkUserId(new UserId(toUUID(str)), Operation.READ);
        checkUserInfo(checkUserId);
        return checkUserId;
    }

    @RequestMapping(value = {"/user/tokenAccessEnabled"}, method = {RequestMethod.GET})
    @ApiOperation(value = "Check Token Access Enabled (isUserTokenAccessEnabled)", notes = "Checks that the system is configured to allow administrators to impersonate themself as other users. If the user who performs the request has the authority of 'SYS_ADMIN', it is possible to login as any tenant administrator. If the user who performs the request has the authority of 'TENANT_ADMIN', it is possible to login as any customer user. ")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    @ResponseBody
    public boolean isUserTokenAccessEnabled() {
        return this.userTokenAccessEnabled;
    }

    @RequestMapping(value = {"/user/{userId}/token"}, method = {RequestMethod.GET})
    @ApiOperation(value = "Get User Token (getUserToken)", notes = "Returns the token of the User based on the provided User Id. If the user who performs the request has the authority of 'SYS_ADMIN', it is possible to get the token of any tenant administrator. If the user who performs the request has the authority of 'TENANT_ADMIN', it is possible to get the token of any customer user that belongs to the same tenant. ")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    @ResponseBody
    public JwtPair getUserToken(@PathVariable("userId") @Parameter(description = "A string value representing the user id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str) throws ThingsboardException {
        checkParameter(USER_ID, str);
        if (!this.userTokenAccessEnabled) {
            throw new ThingsboardException(YOU_DON_T_HAVE_PERMISSION_TO_PERFORM_THIS_OPERATION, ThingsboardErrorCode.PERMISSION_DENIED);
        }
        UserId userId = new UserId(toUUID(str));
        SecurityUser currentUser = getCurrentUser();
        User checkUserId = checkUserId(userId, Operation.READ);
        return this.tokenFactory.createTokenPair(new SecurityUser(checkUserId, this.userService.findUserCredentialsByUserId(currentUser.getTenantId(), userId).isEnabled(), new UserPrincipal(UserPrincipal.Type.USER_NAME, checkUserId.getEmail())));
    }

    @RequestMapping(value = {"/user"}, method = {RequestMethod.POST})
    @ApiOperation(value = "Save Or update User (saveUser)", notes = "Create or update the User. When creating user, platform generates User Id as [time-based UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier#Version_1_(date-time_and_MAC_address)). The newly created User Id will be present in the response. Specify existing User Id to update the device. Referencing non-existing User Id will cause 'Not Found' error.\n\nDevice email is unique for entire platform setup.Remove 'id', 'tenantId' and optionally 'customerId' from the request body example (below) to create new User entity.\n\nAvailable for users with 'SYS_ADMIN', 'TENANT_ADMIN' or 'CUSTOMER_USER' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    @ResponseBody
    public User saveUser(@Parameter(description = "A JSON value representing the User.", required = true) @RequestBody User user, @RequestParam(required = false, defaultValue = "true") @Parameter(description = "Send activation email (or use activation link)", schema = @Schema(defaultValue = "true")) boolean z, HttpServletRequest httpServletRequest) throws ThingsboardException {
        if (!Authority.SYS_ADMIN.equals(getCurrentUser().getAuthority())) {
            user.setTenantId(getCurrentUser().getTenantId());
        }
        checkEntity((UserController) user.getId(), (UserId) user, Resource.USER);
        return this.tbUserService.save(getTenantId(), getCurrentUser().getCustomerId(), user, z, httpServletRequest, getCurrentUser());
    }

    @RequestMapping(value = {"/user/sendActivationMail"}, method = {RequestMethod.POST})
    @ApiOperation(value = "Send or re-send the activation email", notes = "Force send the activation email to the user. Useful to resend the email if user has accidentally deleted it. \n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    @ResponseStatus(HttpStatus.OK)
    public void sendActivationEmail(@RequestParam("email") @Parameter(description = "Email of the user", required = true) String str, HttpServletRequest httpServletRequest) throws ThingsboardException {
        SecurityUser currentUser = getCurrentUser();
        User user = (User) checkNotNull((UserController) this.userService.findUserByEmail(currentUser.getTenantId(), str));
        this.accessControlService.checkPermission(currentUser, Resource.USER, Operation.READ, user.getId(), user);
        UserActivationLink activationLink = this.tbUserService.getActivationLink(currentUser.getTenantId(), currentUser.getCustomerId(), user.getId(), httpServletRequest);
        try {
            this.mailService.sendActivationEmail(activationLink.value(), activationLink.ttlMs(), str);
        } catch (Exception e) {
            throw new ThingsboardException("Couldn't send user activation email", ThingsboardErrorCode.GENERAL);
        }
    }

    @ApiOperation(value = "Get activation link (getActivationLink)", notes = "Get the activation link for the user. The base url for activation link is configurable in the general settings of system administrator. \n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    @GetMapping(value = {"/user/{userId}/activationLink"}, produces = {"text/plain"})
    @ResponseBody
    public String getActivationLink(@PathVariable("userId") @Parameter(description = "A string value representing the user id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str, HttpServletRequest httpServletRequest) throws ThingsboardException {
        return getActivationLinkInfo(str, httpServletRequest).value();
    }

    @GetMapping({"/user/{userId}/activationLinkInfo"})
    @ApiOperation(value = "Get activation link info (getActivationLinkInfo)", notes = "Get the activation link info for the user. The base url for activation link is configurable in the general settings of system administrator. \n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    public UserActivationLink getActivationLinkInfo(@PathVariable("userId") @Parameter(description = "A string value representing the user id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str, HttpServletRequest httpServletRequest) throws ThingsboardException {
        checkParameter(USER_ID, str);
        UserId userId = new UserId(toUUID(str));
        checkUserId(userId, Operation.READ);
        SecurityUser currentUser = getCurrentUser();
        return this.tbUserService.getActivationLink(currentUser.getTenantId(), currentUser.getCustomerId(), userId, httpServletRequest);
    }

    @RequestMapping(value = {"/user/{userId}"}, method = {RequestMethod.DELETE})
    @ApiOperation(value = "Delete User (deleteUser)", notes = "Deletes the User, it's credentials and all the relations (from and to the User). Referencing non-existing User Id will cause an error. \n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    @ResponseStatus(HttpStatus.OK)
    public void deleteUser(@PathVariable("userId") @Parameter(description = "A string value representing the user id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str) throws ThingsboardException {
        checkParameter(USER_ID, str);
        UserId userId = new UserId(toUUID(str));
        User checkUserId = checkUserId(userId, Operation.DELETE);
        if (checkUserId.getAuthority() == Authority.SYS_ADMIN && getCurrentUser().getId().equals(userId)) {
            throw new ThingsboardException("Sysadmin is not allowed to delete himself", ThingsboardErrorCode.PERMISSION_DENIED);
        }
        this.tbUserService.delete(getTenantId(), getCurrentUser().getCustomerId(), checkUserId, getCurrentUser());
    }

    @RequestMapping(value = {"/users"}, params = {"pageSize", "page"}, method = {RequestMethod.GET})
    @ApiOperation(value = "Get Users (getUsers)", notes = "Returns a page of users owned by tenant or customer. The scope depends on authority of the user that performs the request.You can specify parameters to filter the results. The result is wrapped with PageData object that allows you to iterate over result set using pagination. See the 'Model' tab of the Response Class for more details. \n\nAvailable for users with 'TENANT_ADMIN' or 'CUSTOMER_USER' authority.")
    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
    @ResponseBody
    public PageData<User> getUsers(@RequestParam @Parameter(description = "Maximum amount of entities in a one page", required = true) int i, @RequestParam @Parameter(description = "Sequence number of page starting from 0", required = true) int i2, @RequestParam(required = false) @Parameter(description = "The case insensitive 'substring' filter based on the user email.") String str, @RequestParam(required = false) @Parameter(description = "Property of entity to sort by", schema = @Schema(allowableValues = {"createdTime", "firstName", "lastName", "email"})) String str2, @RequestParam(required = false) @Parameter(description = "Sort order. ASC (ASCENDING) or DESC (DESCENDING)", schema = @Schema(allowableValues = {"ASC", "DESC"})) String str3) throws ThingsboardException {
        PageLink createPageLink = createPageLink(i, i2, str, str2, str3);
        SecurityUser currentUser = getCurrentUser();
        return Authority.TENANT_ADMIN.equals(currentUser.getAuthority()) ? (PageData) checkNotNull((UserController) this.userService.findUsersByTenantId(currentUser.getTenantId(), createPageLink)) : (PageData) checkNotNull((UserController) this.userService.findCustomerUsers(currentUser.getTenantId(), currentUser.getCustomerId(), createPageLink));
    }

    @RequestMapping(value = {"/users/info"}, method = {RequestMethod.GET})
    @ApiOperation(value = "Find users by query (findUsersByQuery)", notes = "Returns page of user data objects. Search is been executed by email, firstName and lastName fields. You can specify parameters to filter the results. The result is wrapped with PageData object that allows you to iterate over result set using pagination. See the 'Model' tab of the Response Class for more details. \n\nAvailable for users with 'TENANT_ADMIN' or 'CUSTOMER_USER' authority.")
    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
    @ResponseBody
    public PageData<UserEmailInfo> findUsersByQuery(@RequestParam @Parameter(description = "Maximum amount of entities in a one page", required = true) int i, @RequestParam @Parameter(description = "Sequence number of page starting from 0", required = true) int i2, @RequestParam(required = false) @Parameter(description = "The case insensitive 'substring' filter based on the user email.") String str, @RequestParam(required = false) @Parameter(description = "Property of entity to sort by", schema = @Schema(allowableValues = {"createdTime", "firstName", "lastName", "email"})) String str2, @RequestParam(required = false) @Parameter(description = "Sort order. ASC (ASCENDING) or DESC (DESCENDING)", schema = @Schema(allowableValues = {"ASC", "DESC"})) String str3) throws ThingsboardException {
        SecurityUser currentUser = getCurrentUser();
        EntityTypeFilter entityTypeFilter = new EntityTypeFilter();
        entityTypeFilter.setEntityType(EntityType.USER);
        return this.entityQueryService.findEntityDataByQuery(currentUser, new EntityDataQuery(entityTypeFilter, new EntityDataPageLink(i, i2, str, createEntityDataSortOrder(str2, str3)), Arrays.asList(new EntityKey(EntityKeyType.ENTITY_FIELD, "firstName"), new EntityKey(EntityKeyType.ENTITY_FIELD, "lastName"), new EntityKey(EntityKeyType.ENTITY_FIELD, "email")), (List) null, (List) null)).mapData(entityData -> {
            Map map = (Map) entityData.getLatest().get(EntityKeyType.ENTITY_FIELD);
            return new UserEmailInfo(UserId.fromString(entityData.getEntityId().getId().toString()), ((TsValue) map.get("email")).getValue(), ((TsValue) map.get("firstName")).getValue(), ((TsValue) map.get("lastName")).getValue());
        });
    }

    @RequestMapping(value = {"/tenant/{tenantId}/users"}, params = {"pageSize", "page"}, method = {RequestMethod.GET})
    @ApiOperation(value = "Get Tenant Users (getTenantAdmins)", notes = "Returns a page of users owned by tenant. You can specify parameters to filter the results. The result is wrapped with PageData object that allows you to iterate over result set using pagination. See the 'Model' tab of the Response Class for more details. \n\nAvailable for users with 'SYS_ADMIN' authority.")
    @PreAuthorize("hasAuthority('SYS_ADMIN')")
    @ResponseBody
    public PageData<User> getTenantAdmins(@PathVariable("tenantId") @Parameter(description = "A string value representing the tenant id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'", required = true) String str, @RequestParam @Parameter(description = "Maximum amount of entities in a one page", required = true) int i, @RequestParam @Parameter(description = "Sequence number of page starting from 0", required = true) int i2, @RequestParam(required = false) @Parameter(description = "The case insensitive 'substring' filter based on the user email.") String str2, @RequestParam(required = false) @Parameter(description = "Property of entity to sort by", schema = @Schema(allowableValues = {"createdTime", "firstName", "lastName", "email"})) String str3, @RequestParam(required = false) @Parameter(description = "Sort order. ASC (ASCENDING) or DESC (DESCENDING)", schema = @Schema(allowableValues = {"ASC", "DESC"})) String str4) throws ThingsboardException {
        checkParameter(TbRuleEngineConsumerStats.TENANT_ID_TAG, str);
        return (PageData) checkNotNull((UserController) this.userService.findTenantAdmins(TenantId.fromUUID(toUUID(str)), createPageLink(i, i2, str2, str3, str4)));
    }

    @RequestMapping(value = {"/customer/{customerId}/users"}, params = {"pageSize", "page"}, method = {RequestMethod.GET})
    @ApiOperation(value = "Get Customer Users (getCustomerUsers)", notes = "Returns a page of users owned by customer. You can specify parameters to filter the results. The result is wrapped with PageData object that allows you to iterate over result set using pagination. See the 'Model' tab of the Response Class for more details. \n\nAvailable for users with 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAuthority('TENANT_ADMIN')")
    @ResponseBody
    public PageData<User> getCustomerUsers(@PathVariable("customerId") @Parameter(description = "A string value representing the customer id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'", required = true) String str, @RequestParam @Parameter(description = "Maximum amount of entities in a one page", required = true) int i, @RequestParam @Parameter(description = "Sequence number of page starting from 0", required = true) int i2, @RequestParam(required = false) @Parameter(description = "The case insensitive 'substring' filter based on the user email.") String str2, @RequestParam(required = false) @Parameter(description = "Property of entity to sort by", schema = @Schema(allowableValues = {"createdTime", "firstName", "lastName", "email"})) String str3, @RequestParam(required = false) @Parameter(description = "Sort order. ASC (ASCENDING) or DESC (DESCENDING)", schema = @Schema(allowableValues = {"ASC", "DESC"})) String str4) throws ThingsboardException {
        checkParameter("customerId", str);
        CustomerId customerId = new CustomerId(toUUID(str));
        checkCustomerId(customerId, Operation.READ);
        PageLink createPageLink = createPageLink(i, i2, str2, str3, str4);
        return (PageData) checkNotNull((UserController) this.userService.findCustomerUsers(getCurrentUser().getTenantId(), customerId, createPageLink));
    }

    @RequestMapping(value = {"/user/{userId}/userCredentialsEnabled"}, method = {RequestMethod.POST})
    @ApiOperation(value = "Enable/Disable User credentials (setUserCredentialsEnabled)", notes = "Enables or Disables user credentials. Useful when you would like to block user account without deleting it. You can specify parameters to filter the results. The result is wrapped with PageData object that allows you to iterate over result set using pagination. See the 'Model' tab of the Response Class for more details. \n\nAvailable for users with 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    @ResponseBody
    public void setUserCredentialsEnabled(@PathVariable("userId") @Parameter(description = "A string value representing the user id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str, @RequestParam(required = false, defaultValue = "true") @Parameter(description = "Enable (\"true\") or disable (\"false\") the credentials.", schema = @Schema(defaultValue = "true")) boolean z) throws ThingsboardException {
        checkParameter(USER_ID, str);
        UserId userId = new UserId(toUUID(str));
        checkUserId(userId, Operation.WRITE);
        this.userService.setUserCredentialsEnabled(getCurrentUser().getTenantId(), userId, z);
        if (z) {
            return;
        }
        this.eventPublisher.publishEvent(new UserCredentialsInvalidationEvent(userId));
    }

    @RequestMapping(value = {"/users/assign/{alarmId}"}, params = {"pageSize", "page"}, method = {RequestMethod.GET})
    @ApiOperation(value = "Get usersForAssign (getUsersForAssign)", notes = "Returns page of user data objects that can be assigned to provided alarmId. Search is been executed by email, firstName and lastName fields. You can specify parameters to filter the results. The result is wrapped with PageData object that allows you to iterate over result set using pagination. See the 'Model' tab of the Response Class for more details. \n\nAvailable for users with 'TENANT_ADMIN' or 'CUSTOMER_USER' authority.")
    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
    @ResponseBody
    public PageData<UserEmailInfo> getUsersForAssign(@PathVariable("alarmId") @Parameter(description = "A string value representing the alarm id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'", required = true) String str, @RequestParam @Parameter(description = "Maximum amount of entities in a one page", required = true) int i, @RequestParam @Parameter(description = "Sequence number of page starting from 0", required = true) int i2, @RequestParam(required = false) @Parameter(description = "The case insensitive 'substring' filter based on the user email.") String str2, @RequestParam(required = false) @Parameter(description = "Property of entity to sort by", schema = @Schema(allowableValues = {"createdTime", "firstName", "lastName", "email"})) String str3, @RequestParam(required = false) @Parameter(description = "Sort order. ASC (ASCENDING) or DESC (DESCENDING)", schema = @Schema(allowableValues = {"ASC", "DESC"})) String str4) throws ThingsboardException {
        PageData findCustomerUsers;
        checkParameter("alarmId", str);
        Alarm checkAlarmId = checkAlarmId(new AlarmId(toUUID(str)), Operation.READ);
        SecurityUser currentUser = getCurrentUser();
        TenantId tenantId = currentUser.getTenantId();
        CustomerId customerId = (CustomerId) this.entityService.fetchEntityCustomerId(tenantId, checkAlarmId.getOriginator()).orElse(BaseEntityService.NULL_CUSTOMER_ID);
        PageLink createPageLink = createPageLink(i, i2, str2, str3, str4);
        if (!Authority.TENANT_ADMIN.equals(currentUser.getAuthority())) {
            findCustomerUsers = this.userService.findCustomerUsers(tenantId, checkAlarmId.getCustomerId(), createPageLink);
        } else if (checkAlarmId.getCustomerId() == null) {
            findCustomerUsers = this.userService.findTenantAdmins(tenantId, createPageLink);
        } else {
            ArrayList arrayList = new ArrayList(Collections.singletonList(BaseEntityService.NULL_CUSTOMER_ID));
            if (!CustomerId.NULL_UUID.equals(customerId.getId())) {
                arrayList.add(customerId);
            }
            findCustomerUsers = this.userService.findUsersByCustomerIds(tenantId, arrayList, createPageLink);
        }
        return findCustomerUsers.mapData(user -> {
            return new UserEmailInfo(user.getId(), user.getEmail(), user.getFirstName(), user.getLastName());
        });
    }

    @PostMapping({"/user/settings"})
    @ApiOperation(value = "Save user settings (saveUserSettings)", notes = "Save user settings represented in json format for authorized user. ")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public JsonNode saveUserSettings(@RequestBody JsonNode jsonNode) throws ThingsboardException {
        SecurityUser currentUser = getCurrentUser();
        UserSettings userSettings = new UserSettings();
        userSettings.setType(UserSettingsType.GENERAL);
        userSettings.setSettings(jsonNode);
        userSettings.setUserId(currentUser.getId());
        return this.userSettingsService.saveUserSettings(currentUser.getTenantId(), userSettings).getSettings();
    }

    @PutMapping({"/user/settings"})
    @ApiOperation(value = "Update user settings (saveUserSettings)", notes = "Update user settings for authorized user. Only specified json elements will be updated.Example: you have such settings: {A:5, B:{C:10, D:20}}. Updating it with {B:{C:10, D:30}} will result in{A:5, B:{C:10, D:30}}. The same could be achieved by putting {B.D:30}")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public void putUserSettings(@RequestBody JsonNode jsonNode) throws ThingsboardException {
        SecurityUser currentUser = getCurrentUser();
        this.userSettingsService.updateUserSettings(currentUser.getTenantId(), currentUser.getId(), UserSettingsType.GENERAL, jsonNode);
    }

    @GetMapping({"/user/settings"})
    @ApiOperation(value = "Get user settings (getUserSettings)", notes = "Fetch the User settings based on authorized user. ")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public JsonNode getUserSettings() throws ThingsboardException {
        SecurityUser currentUser = getCurrentUser();
        UserSettings findUserSettings = this.userSettingsService.findUserSettings(currentUser.getTenantId(), currentUser.getId(), UserSettingsType.GENERAL);
        return findUserSettings == null ? JacksonUtil.newObjectNode() : findUserSettings.getSettings();
    }

    @RequestMapping(value = {"/user/settings/{paths}"}, method = {RequestMethod.DELETE})
    @ApiOperation(value = "Delete user settings (deleteUserSettings)", notes = "Delete user settings by specifying list of json element xpaths. \n Example: to delete B and C element in { \"A\": {\"B\": 5}, \"C\": 15} send A.B,C in jsonPaths request parameter")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public void deleteUserSettings(@PathVariable("paths") @Parameter(description = "paths") String str) throws ThingsboardException {
        checkParameter(USER_ID, str);
        SecurityUser currentUser = getCurrentUser();
        this.userSettingsService.deleteUserSettings(currentUser.getTenantId(), currentUser.getId(), UserSettingsType.GENERAL, Arrays.asList(str.split(",")));
    }

    @PutMapping({"/user/settings/{type}"})
    @ApiOperation(value = "Update user settings (saveUserSettings)", notes = "Update user settings for authorized user. Only specified json elements will be updated.Example: you have such settings: {A:5, B:{C:10, D:20}}. Updating it with {B:{C:10, D:30}} will result in{A:5, B:{C:10, D:30}}. The same could be achieved by putting {B.D:30}")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public void putUserSettings(@PathVariable("type") @Parameter(description = "Settings type, case insensitive, one of: \"general\", \"quick_links\", \"doc_links\" or \"dashboards\".") String str, @RequestBody JsonNode jsonNode) throws ThingsboardException {
        SecurityUser currentUser = getCurrentUser();
        UserSettingsType userSettingsType = (UserSettingsType) checkEnumParameter("Settings type", str, UserSettingsType::valueOf);
        checkNotReserved(str, userSettingsType);
        this.userSettingsService.updateUserSettings(currentUser.getTenantId(), currentUser.getId(), userSettingsType, jsonNode);
    }

    @GetMapping({"/user/settings/{type}"})
    @ApiOperation(value = "Get user settings (getUserSettings)", notes = "Fetch the User settings based on authorized user. ")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public JsonNode getUserSettings(@PathVariable("type") @Parameter(description = "Settings type, case insensitive, one of: \"general\", \"quick_links\", \"doc_links\" or \"dashboards\".") String str) throws ThingsboardException {
        SecurityUser currentUser = getCurrentUser();
        UserSettingsType userSettingsType = (UserSettingsType) checkEnumParameter("Settings type", str, UserSettingsType::valueOf);
        checkNotReserved(str, userSettingsType);
        UserSettings findUserSettings = this.userSettingsService.findUserSettings(currentUser.getTenantId(), currentUser.getId(), userSettingsType);
        return findUserSettings == null ? JacksonUtil.newObjectNode() : findUserSettings.getSettings();
    }

    @RequestMapping(value = {"/user/settings/{type}/{paths}"}, method = {RequestMethod.DELETE})
    @ApiOperation(value = "Delete user settings (deleteUserSettings)", notes = "Delete user settings by specifying list of json element xpaths. \n Example: to delete B and C element in { \"A\": {\"B\": 5}, \"C\": 15} send A.B,C in jsonPaths request parameter")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public void deleteUserSettings(@PathVariable("paths") @Parameter(description = "paths") String str, @PathVariable("type") @Parameter(description = "Settings type, case insensitive, one of: \"general\", \"quick_links\", \"doc_links\" or \"dashboards\".") String str2) throws ThingsboardException {
        checkParameter(USER_ID, str);
        UserSettingsType userSettingsType = (UserSettingsType) checkEnumParameter("Settings type", str2, UserSettingsType::valueOf);
        checkNotReserved(str2, userSettingsType);
        SecurityUser currentUser = getCurrentUser();
        this.userSettingsService.deleteUserSettings(currentUser.getTenantId(), currentUser.getId(), userSettingsType, Arrays.asList(str.split(",")));
    }

    @GetMapping({"/user/dashboards"})
    @ApiOperation(value = "Get information about last visited and starred dashboards (getLastVisitedDashboards)", notes = "Fetch the list of last visited and starred dashboards. Both lists are limited to 10 items.\n\nAvailable for users with 'TENANT_ADMIN' or 'CUSTOMER_USER' authority.")
    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
    public UserDashboardsInfo getUserDashboardsInfo() throws ThingsboardException {
        SecurityUser currentUser = getCurrentUser();
        return this.userSettingsService.findUserDashboardsInfo(currentUser.getTenantId(), currentUser.getId());
    }

    @RequestMapping(value = {"/user/dashboards/{dashboardId}/{action}"}, method = {RequestMethod.GET})
    @ApiOperation(value = "Report action of User over the dashboard (reportUserDashboardAction)", notes = "Report action of User over the dashboard. \n\nAvailable for users with 'TENANT_ADMIN' or 'CUSTOMER_USER' authority.")
    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
    @ResponseBody
    public UserDashboardsInfo reportUserDashboardAction(@PathVariable("dashboardId") @Parameter(description = "A string value representing the dashboard id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str, @PathVariable("action") @Parameter(description = "Dashboard action, one of: \"visit\", \"star\" or \"unstar\".") String str2) throws ThingsboardException {
        checkParameter(DashboardController.DASHBOARD_ID, str);
        checkParameter("action", str2);
        UserDashboardAction userDashboardAction = (UserDashboardAction) checkEnumParameter("Action", str2, UserDashboardAction::valueOf);
        DashboardId dashboardId = new DashboardId(toUUID(str));
        checkDashboardInfoId(dashboardId, Operation.READ);
        SecurityUser currentUser = getCurrentUser();
        return this.userSettingsService.reportUserDashboardAction(currentUser.getTenantId(), currentUser.getId(), dashboardId, userDashboardAction);
    }

    @GetMapping({"/user/mobile/session"})
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public MobileSessionInfo getMobileSession(@RequestHeader("X-Mobile-Token") String str, @AuthenticationPrincipal SecurityUser securityUser) {
        return this.userService.findMobileSession(securityUser.getTenantId(), securityUser.getId(), str);
    }

    @PostMapping({"/user/mobile/session"})
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public void saveMobileSession(@RequestBody MobileSessionInfo mobileSessionInfo, @RequestHeader("X-Mobile-Token") String str, @AuthenticationPrincipal SecurityUser securityUser) {
        this.userService.saveMobileSession(securityUser.getTenantId(), securityUser.getId(), str, mobileSessionInfo);
    }

    @DeleteMapping({"/user/mobile/session"})
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public void removeMobileSession(@RequestHeader("X-Mobile-Token") String str, @AuthenticationPrincipal SecurityUser securityUser) {
        this.userService.removeMobileSession(securityUser.getTenantId(), str);
    }

    private void checkNotReserved(String str, UserSettingsType userSettingsType) throws ThingsboardException {
        if (userSettingsType.isReserved()) {
            throw new ThingsboardException("Settings with type: " + str + " are reserved for internal use!", ThingsboardErrorCode.BAD_REQUEST_PARAMS);
        }
    }

    @ConstructorProperties({"mailService", "tokenFactory", "eventPublisher", "tbUserService", "entityQueryService", "entityService"})
    public UserController(MailService mailService, JwtTokenFactory jwtTokenFactory, ApplicationEventPublisher applicationEventPublisher, TbUserService tbUserService, EntityQueryService entityQueryService, EntityService entityService) {
        this.mailService = mailService;
        this.tokenFactory = jwtTokenFactory;
        this.eventPublisher = applicationEventPublisher;
        this.tbUserService = tbUserService;
        this.entityQueryService = entityQueryService;
        this.entityService = entityService;
    }
}
