package org.craftercms.profile.management.web;

import com.gargoylesoftware.htmlunit.svg.SvgFilter;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.xalan.xsltc.compiler.Constants;
import org.craftercms.profile.exceptions.AppAuthenticationFailedException;
import org.craftercms.profile.exceptions.ConflictRequestException;
import org.craftercms.profile.exceptions.RestException;
import org.craftercms.profile.impl.domain.Attribute;
import org.craftercms.profile.impl.domain.Tenant;
import org.craftercms.profile.management.model.FilterForm;
import org.craftercms.profile.management.model.ProfileUserAccountForm;
import org.craftercms.profile.management.model.VerifyAccount;
import org.craftercms.profile.management.services.EmailValidatorService;
import org.craftercms.profile.management.services.ProfileAccountService;
import org.craftercms.profile.management.services.TenantDAOService;
import org.craftercms.profile.management.services.impl.ProfileDAOServiceImpl;
import org.craftercms.profile.management.services.impl.ProfileServiceManager;
import org.craftercms.profile.management.util.ProfileAccountPaging;
import org.craftercms.profile.management.util.ProfileUserAccountValidator;
import org.craftercms.profile.management.util.TenantUtil;
import org.craftercms.security.api.RequestContext;
import org.craftercms.security.exception.AuthenticationRequiredException;
import org.openqa.selenium.remote.ErrorCodes;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.SessionAttributes;
import org.springframework.web.servlet.ModelAndView;

@SessionAttributes({"account"})
@Controller
/* loaded from: input_file:WEB-INF/classes/org/craftercms/profile/management/web/AccountController.class */
public class AccountController {
    private ProfileDAOServiceImpl profileDao;
    private TenantDAOService tenantDAOService;
    private ProfileAccountService profileAccountService;
    private ProfileAccountPaging profileAccountPaging;
    private ProfileUserAccountValidator profileUserAccountValidator;

    @Autowired
    private EmailValidatorService emailValidatorService;

    @RequestMapping(value = {"/init-get"}, method = {RequestMethod.GET})
    public String getAccounts(@RequestParam(required = false) String str) throws Exception {
        ProfileServiceManager.resetAppToken();
        return "redirect:/get";
    }

    @RequestMapping(value = {"/get"}, method = {RequestMethod.GET})
    public ModelAndView findAllAccounts(@RequestParam(required = false) String str) throws Exception {
        ModelAndView modelAndView = new ModelAndView();
        List<Tenant> allTenants = this.tenantDAOService.getAllTenants();
        if (allTenants == null) {
            throw new AppAuthenticationFailedException();
        }
        Map<String, String> tenantsMap = TenantUtil.getTenantsMap(allTenants);
        if (str == null || str.isEmpty()) {
            str = allTenants.get(0).getTenantName();
        }
        List<ProfileUserAccountForm> profileUsers = this.profileAccountService.getProfileUsers(str);
        FilterForm filterForm = new FilterForm();
        modelAndView.setViewName("accountlist");
        modelAndView.addObject("userList", profileUsers);
        modelAndView.addObject(SvgFilter.TAG_NAME, filterForm);
        modelAndView.addObject("tenantNames", tenantsMap);
        modelAndView.addObject("selectedTenantName", str);
        modelAndView.addObject("profileAccountPaging", this.profileAccountPaging);
        modelAndView.addObject("currentuser", RequestContext.getCurrent().getAuthenticationToken().getProfile());
        return modelAndView;
    }

    @RequestMapping(value = {"/next"}, method = {RequestMethod.GET})
    public ModelAndView findNextPage(@RequestParam String str) throws Exception {
        ModelAndView modelAndView = new ModelAndView();
        FilterForm filterForm = new FilterForm();
        List<Tenant> allTenants = this.tenantDAOService.getAllTenants();
        if (allTenants == null) {
            throw new AppAuthenticationFailedException();
        }
        Map<String, String> tenantsMap = TenantUtil.getTenantsMap(allTenants);
        List<ProfileUserAccountForm> nextUserPage = this.profileAccountService.getNextUserPage(str);
        modelAndView.setViewName("accountlist");
        modelAndView.addObject("userList", nextUserPage);
        modelAndView.addObject("profileAccountPaging", this.profileAccountPaging);
        modelAndView.addObject(SvgFilter.TAG_NAME, filterForm);
        modelAndView.addObject("tenantNames", tenantsMap);
        modelAndView.addObject("selectedTenantName", str);
        modelAndView.addObject("currentuser", RequestContext.getCurrent().getAuthenticationToken().getProfile());
        return modelAndView;
    }

    @RequestMapping(value = {"/prev"}, method = {RequestMethod.GET})
    public ModelAndView findPrevPage(@RequestParam String str) throws Exception {
        ModelAndView modelAndView = new ModelAndView();
        FilterForm filterForm = new FilterForm();
        List<Tenant> allTenants = this.tenantDAOService.getAllTenants();
        if (allTenants == null) {
            throw new AppAuthenticationFailedException();
        }
        Map<String, String> tenantsMap = TenantUtil.getTenantsMap(allTenants);
        List<ProfileUserAccountForm> prevUserPage = this.profileAccountService.getPrevUserPage(str);
        modelAndView.setViewName("accountlist");
        modelAndView.addObject("userList", prevUserPage);
        modelAndView.addObject(SvgFilter.TAG_NAME, filterForm);
        modelAndView.addObject("tenantNames", tenantsMap);
        modelAndView.addObject("selectedTenantName", str);
        modelAndView.addObject("profileAccountPaging", this.profileAccountPaging);
        modelAndView.addObject("currentuser", RequestContext.getCurrent().getAuthenticationToken().getProfile());
        return modelAndView;
    }

    @RequestMapping(value = {"/search"}, method = {RequestMethod.GET})
    public ModelAndView searchProfiles(@ModelAttribute("filter") FilterForm filterForm, @RequestParam String str) throws Exception {
        ModelAndView modelAndView = new ModelAndView();
        List<Tenant> allTenants = this.tenantDAOService.getAllTenants();
        if (allTenants == null) {
            throw new AppAuthenticationFailedException();
        }
        Map<String, String> tenantsMap = TenantUtil.getTenantsMap(allTenants);
        List<ProfileUserAccountForm> searchProfileUsers = this.profileAccountService.getSearchProfileUsers(filterForm, str);
        modelAndView.setViewName("accountlist");
        modelAndView.addObject("userList", searchProfileUsers);
        modelAndView.addObject(SvgFilter.TAG_NAME, filterForm);
        modelAndView.addObject("tenantNames", tenantsMap);
        modelAndView.addObject("selectedTenantName", str);
        modelAndView.addObject("profileAccountPaging", this.profileAccountPaging);
        modelAndView.addObject("currentuser", RequestContext.getCurrent().getAuthenticationToken().getProfile());
        return modelAndView;
    }

    @RequestMapping(value = {"/new"}, method = {RequestMethod.GET})
    public ModelAndView newForm(@RequestParam(required = false) String str) throws Exception {
        List<Tenant> allTenants = this.tenantDAOService.getAllTenants();
        if (allTenants == null) {
            throw new AppAuthenticationFailedException();
        }
        Tenant selectedTenantObject = getSelectedTenantObject(allTenants, str);
        ProfileUserAccountForm createNewProfileUserAccountForm = this.profileAccountService.createNewProfileUserAccountForm(selectedTenantObject);
        Map<String, String> tenantsMap = TenantUtil.getTenantsMap(allTenants);
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("new");
        modelAndView.addObject("account", createNewProfileUserAccountForm);
        modelAndView.addObject(Constants.ATTRIBUTE_LIST_FIELD, selectedTenantObject.getSchema().getAttributes());
        modelAndView.addObject("tenantNames", tenantsMap);
        return modelAndView;
    }

    @RequestMapping(value = {"/new"}, method = {RequestMethod.POST})
    public String newAccount(@ModelAttribute("account") ProfileUserAccountForm profileUserAccountForm, BindingResult bindingResult, Model model, HttpServletRequest httpServletRequest) throws Exception {
        validateNewAccount(profileUserAccountForm, bindingResult, profileUserAccountForm.getTenantName());
        if (bindingResult.hasErrors()) {
            Map<String, String> tenantsMap = TenantUtil.getTenantsMap(this.tenantDAOService.getAllTenants());
            Tenant tenantByName = this.tenantDAOService.getTenantByName(profileUserAccountForm.getTenantName());
            model.addAttribute("account", profileUserAccountForm);
            model.addAttribute(Constants.ATTRIBUTE_LIST_FIELD, tenantByName.getSchema().getAttributes());
            model.addAttribute("tenantNames", tenantsMap);
            model.addAttribute("currentuser", RequestContext.getCurrent().getAuthenticationToken().getProfile());
            return "new";
        }
        try {
            this.profileAccountService.createUserAccount(profileUserAccountForm, httpServletRequest);
            model.addAttribute("selectedTenantName", profileUserAccountForm.getTenantName());
            return "redirect:/get";
        } catch (ConflictRequestException e) {
            bindingResult.rejectValue("username", "user.validation.fields.errors.user.already.exist", null, "user.validation.fields.errors.user.already.exist");
            Map<String, String> tenantsMap2 = TenantUtil.getTenantsMap(this.tenantDAOService.getAllTenants());
            Tenant tenantByName2 = this.tenantDAOService.getTenantByName(profileUserAccountForm.getTenantName());
            model.addAttribute("account", profileUserAccountForm);
            model.addAttribute(Constants.ATTRIBUTE_LIST_FIELD, tenantByName2.getSchema().getAttributes());
            model.addAttribute("tenantNames", tenantsMap2);
            return "new";
        }
    }

    @RequestMapping(value = {"/tenant_attributes_and_roles"}, method = {RequestMethod.GET})
    public ModelAndView getTenantByTenantName(@ModelAttribute("account") ProfileUserAccountForm profileUserAccountForm) throws Exception {
        Tenant tenantByName = this.tenantDAOService.getTenantByName(profileUserAccountForm.getTenantName());
        profileUserAccountForm.initTenantValues(tenantByName);
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("profileattributes");
        modelAndView.addObject("account", profileUserAccountForm);
        modelAndView.addObject(Constants.ATTRIBUTE_LIST_FIELD, tenantByName.getSchema().getAttributes());
        modelAndView.addObject("currentuser", RequestContext.getCurrent().getAuthenticationToken().getProfile());
        return modelAndView;
    }

    @RequestMapping(value = {"/update"}, method = {RequestMethod.POST})
    public String updateAccount(@ModelAttribute("account") ProfileUserAccountForm profileUserAccountForm, BindingResult bindingResult, Model model) throws Exception {
        validateUpdateAccount(profileUserAccountForm, bindingResult);
        if (!bindingResult.hasErrors()) {
            this.profileAccountService.updateUserAccount(profileUserAccountForm);
            model.addAttribute("selectedTenantName", profileUserAccountForm.getTenantName());
            return "redirect:/get";
        }
        Tenant tenantByName = this.tenantDAOService.getTenantByName(profileUserAccountForm.getTenantName());
        model.addAttribute("account", profileUserAccountForm);
        model.addAttribute("tenantName", tenantByName.getTenantName());
        model.addAttribute(Constants.ATTRIBUTE_LIST_FIELD, tenantByName.getSchema().getAttributes());
        return "update";
    }

    @RequestMapping(value = {"/item"}, method = {RequestMethod.GET})
    public ModelAndView findAccount(@RequestParam(required = false) String str, @RequestParam(required = false) String str2) throws Exception {
        ProfileUserAccountForm userForUpdate = this.profileAccountService.getUserForUpdate(str, str2);
        userForUpdate.setProtectedFromDisabled(ProfileServiceManager.isProtectedToKeepActive(str));
        Tenant tenantByName = this.tenantDAOService.getTenantByName(userForUpdate.getTenantName());
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("update");
        modelAndView.addObject("account", userForUpdate);
        modelAndView.addObject("tenantName", tenantByName.getTenantName());
        modelAndView.addObject(Constants.ATTRIBUTE_LIST_FIELD, tenantByName.getSchema().getAttributes());
        return modelAndView;
    }

    @RequestMapping(value = {"/verify-account"}, method = {RequestMethod.GET})
    public ModelAndView getVerifyAccount(@RequestParam(required = false) String str) {
        ModelAndView modelAndView = new ModelAndView();
        VerifyAccount verifyAccount = new VerifyAccount();
        verifyAccount.setToken(str);
        modelAndView.setViewName("verify-account");
        modelAndView.addObject("verifyAccount", verifyAccount);
        return modelAndView;
    }

    @RequestMapping(value = {"/verify-account"}, method = {RequestMethod.POST})
    public ModelAndView verifyAccount(@RequestParam String str, Model model, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AppAuthenticationFailedException {
        ModelAndView modelAndView = new ModelAndView();
        if (str != null && !str.equals("")) {
            this.profileAccountService.verifyAccount(str);
            modelAndView.setViewName("verify-account");
            httpServletRequest.setAttribute(ErrorCodes.SUCCESS_STRING, true);
            return modelAndView;
        }
        VerifyAccount verifyAccount = new VerifyAccount();
        httpServletRequest.getSession().setAttribute("tokenError", "Token is required");
        httpServletRequest.setAttribute("error", "true");
        verifyAccount.setToken(str);
        modelAndView.setViewName("verify-account");
        modelAndView.addObject("verifyAccount", verifyAccount);
        return modelAndView;
    }

    @ExceptionHandler({AuthenticationRequiredException.class})
    public String loginRequiredException() {
        return "redirect:/login?logout=true";
    }

    @ExceptionHandler({AppAuthenticationFailedException.class})
    public String logoutException() {
        return "redirect:/login?logout=true";
    }

    @ExceptionHandler({RestException.class})
    public String Exception() {
        return "redirect:/get";
    }

    @ExceptionHandler({Throwable.class})
    public String handleException(Throwable th) {
        return "redirect:/error.jsp";
    }

    @RequestMapping({"/login"})
    public String login(Model model, @RequestParam(required = false) String str) {
        return "login";
    }

    @Autowired
    public void setProfileDAOService(ProfileDAOServiceImpl profileDAOServiceImpl) {
        this.profileDao = profileDAOServiceImpl;
    }

    @Autowired
    public void setTenantDAOService(TenantDAOService tenantDAOService) {
        this.tenantDAOService = tenantDAOService;
    }

    @Autowired
    public void setProfileAccountService(ProfileAccountService profileAccountService) {
        this.profileAccountService = profileAccountService;
    }

    @Autowired
    public void setProfileUserAccountValidator(ProfileUserAccountValidator profileUserAccountValidator) {
        this.profileUserAccountValidator = profileUserAccountValidator;
    }

    @Autowired
    public void setProfileAccountPaging(ProfileAccountPaging profileAccountPaging) {
        this.profileAccountPaging = profileAccountPaging;
    }

    private void validateNewAccount(ProfileUserAccountForm profileUserAccountForm, BindingResult bindingResult, String str) throws AppAuthenticationFailedException {
        Matcher matcher = Pattern.compile("[,\\s]|@.*@").matcher(profileUserAccountForm.getUsername());
        this.profileUserAccountValidator.validate(profileUserAccountForm, bindingResult);
        if (!profileUserAccountForm.getPassword().equals(profileUserAccountForm.getConfirmPassword())) {
            bindingResult.rejectValue("password", "user.validation.fields.errors.confirm.password", null, "user.validation.fields.errors.confirm.password");
        }
        if (profileUserAccountForm.getRoles() == null || profileUserAccountForm.getRoles().size() == 0) {
            bindingResult.rejectValue("roles", "user.validation.fields.errors.roles", null, "user.validation.fields.errors.roles");
        }
        if (matcher.find()) {
            bindingResult.rejectValue("username", "user.validation.error.empty.or.whitespace", null, "user.validation.error.empty.or.whitespace");
        }
        if (!profileUserAccountForm.getEmail().equals("") && !this.emailValidatorService.validateEmail(profileUserAccountForm.getEmail())) {
            bindingResult.rejectValue("email", "user.validation.fields.errors.email.format", null, "user.validation.fields.errors.email.format");
        }
        validateAttributes(profileUserAccountForm.getAttributes(), bindingResult, this.tenantDAOService.getTenantByName(str));
    }

    private void validateAttributes(Map<String, Object> map, BindingResult bindingResult, Tenant tenant) {
        if (tenant.getSchema().getAttributes() == null) {
            return;
        }
        for (Attribute attribute : tenant.getSchema().getAttributes()) {
            if (attribute.isRequired()) {
                Object obj = map.get(attribute.getName());
                if (obj == null) {
                    bindingResult.rejectValue("attributes[" + attribute.getName() + "]", "user.validation.attribute.error.empty.or.whitespace", null, "user.validation.attribute.error.empty.or.whitespace");
                } else if (attribute.getType() == null || attribute.getType().equalsIgnoreCase("text")) {
                    if (obj.equals("")) {
                        bindingResult.rejectValue("attributes[" + attribute.getName() + "]", "user.validation.attribute.error.empty.or.whitespace", null, "user.validation.attribute.error.empty.or.whitespace");
                    }
                }
            }
        }
    }

    private void validateUpdateAccount(ProfileUserAccountForm profileUserAccountForm, BindingResult bindingResult) throws AppAuthenticationFailedException {
        if (profileUserAccountForm.getEmail().equals("")) {
            bindingResult.rejectValue("email", "user.validation.error.empty.or.whitespace", null, "user.validation.error.empty.or.whitespace");
        } else if (!this.emailValidatorService.validateEmail(profileUserAccountForm.getEmail())) {
            bindingResult.rejectValue("email", "user.validation.fields.errors.email.format", null, "user.validation.fields.errors.email.format");
        }
        if (!profileUserAccountForm.getPassword().equals(profileUserAccountForm.getConfirmPassword())) {
            bindingResult.rejectValue("password", "user.validation.fields.errors.confirm.password", null, "user.validation.fields.errors.confirm.password");
        }
        validateAttributes(profileUserAccountForm.getAttributes(), bindingResult, this.tenantDAOService.getTenantByName(profileUserAccountForm.getTenantName()));
    }

    private Tenant getSelectedTenantObject(List<Tenant> list, String str) {
        if (list == null) {
            return null;
        }
        for (Tenant tenant : list) {
            if (tenant.getTenantName().equalsIgnoreCase(str)) {
                return tenant;
            }
        }
        return null;
    }
}
