package org.craftercms.studio.controller.rest.v2;

import jakarta.servlet.http.HttpServletResponse;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotEmpty;
import jakarta.validation.constraints.NotNull;
import jakarta.validation.constraints.PositiveOrZero;
import java.beans.ConstructorProperties;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.commons.validation.ValidationException;
import org.craftercms.commons.validation.annotations.param.EsapiValidatedParam;
import org.craftercms.commons.validation.annotations.param.EsapiValidationType;
import org.craftercms.commons.validation.annotations.param.SqlSort;
import org.craftercms.commons.validation.annotations.param.ValidSiteId;
import org.craftercms.commons.validation.validators.impl.EsapiValidator;
import org.craftercms.studio.api.v1.exception.ServiceLayerException;
import org.craftercms.studio.api.v1.exception.security.AuthenticationException;
import org.craftercms.studio.api.v1.exception.security.PasswordDoesNotMatchException;
import org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException;
import org.craftercms.studio.api.v1.exception.security.UserExternallyManagedException;
import org.craftercms.studio.api.v1.exception.security.UserNotFoundException;
import org.craftercms.studio.api.v2.dal.QueryParameterNames;
import org.craftercms.studio.api.v2.dal.User;
import org.craftercms.studio.api.v2.service.security.UserService;
import org.craftercms.studio.api.v2.utils.StudioConfiguration;
import org.craftercms.studio.controller.rest.ValidationUtils;
import org.craftercms.studio.impl.v1.web.security.access.StudioAbstractAccessDecisionVoter;
import org.craftercms.studio.impl.v2.utils.PaginationUtils;
import org.craftercms.studio.model.AuthenticatedUser;
import org.craftercms.studio.model.Site;
import org.craftercms.studio.model.rest.ApiResponse;
import org.craftercms.studio.model.rest.ChangePasswordRequest;
import org.craftercms.studio.model.rest.CreateUserRequest;
import org.craftercms.studio.model.rest.EnableUsers;
import org.craftercms.studio.model.rest.PaginatedResultList;
import org.craftercms.studio.model.rest.ResetPasswordRequest;
import org.craftercms.studio.model.rest.Result;
import org.craftercms.studio.model.rest.ResultList;
import org.craftercms.studio.model.rest.ResultOne;
import org.craftercms.studio.model.rest.SetPasswordRequest;
import org.craftercms.studio.model.rest.UpdateUserRequest;
import org.craftercms.studio.model.rest.UserResponse;
import org.craftercms.studio.model.users.HasPermissionsRequest;
import org.craftercms.studio.model.users.UpdateUserPropertiesRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.util.CollectionUtils;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/api/2/users"})
@Validated
@RestController
/* loaded from: input_file:org/craftercms/studio/controller/rest/v2/UsersController.class */
public class UsersController {
    private static final Logger logger = LoggerFactory.getLogger(UsersController.class);
    private final UserService userService;
    private final StudioConfiguration studioConfiguration;

    @ConstructorProperties({"userService", "studioConfiguration"})
    public UsersController(UserService userService, StudioConfiguration studioConfiguration) {
        this.userService = userService;
        this.studioConfiguration = studioConfiguration;
    }

    @GetMapping
    public PaginatedResultList<UserResponse> getAllUsers(@RequestParam(value = "site_id", required = false) @ValidSiteId String str, @RequestParam(value = "keyword", required = false) @EsapiValidatedParam(type = EsapiValidationType.SEARCH_KEYWORDS) String str2, @PositiveOrZero @RequestParam(value = "offset", required = false, defaultValue = "0") int i, @PositiveOrZero @RequestParam(value = "limit", required = false, defaultValue = "10") int i2, @RequestParam(value = "sort", required = false, defaultValue = "id asc") @SqlSort(columns = "id username firstName lastName externally_managed email enabled") String str3) throws ServiceLayerException {
        int allUsersForSiteTotal;
        List<UserResponse> allUsersForSite;
        if (StringUtils.isEmpty(str)) {
            allUsersForSiteTotal = this.userService.getAllUsersTotal(str2);
            allUsersForSite = this.userService.getAllUsers(str2, i, i2, str3);
        } else {
            allUsersForSiteTotal = this.userService.getAllUsersForSiteTotal(1L, str, str2);
            allUsersForSite = this.userService.getAllUsersForSite(1L, str, str2, i, i2, str3);
        }
        PaginatedResultList<UserResponse> paginatedResultList = new PaginatedResultList<>();
        paginatedResultList.setTotal(allUsersForSiteTotal);
        paginatedResultList.setOffset(i);
        paginatedResultList.setLimit(CollectionUtils.isEmpty(allUsersForSite) ? 0 : allUsersForSite.size());
        paginatedResultList.setResponse(ApiResponse.OK);
        paginatedResultList.setEntities(ResultConstants.RESULT_KEY_USERS, allUsersForSite);
        return paginatedResultList;
    }

    @PostMapping(consumes = {"application/json"})
    @ResponseStatus(HttpStatus.CREATED)
    public ResultOne<UserResponse> createUser(@Valid @RequestBody CreateUserRequest createUserRequest) throws UserAlreadyExistsException, ServiceLayerException, AuthenticationException {
        UserResponse createUser = this.userService.createUser(buildUser(createUserRequest));
        ResultOne<UserResponse> resultOne = new ResultOne<>();
        resultOne.setResponse(ApiResponse.CREATED);
        resultOne.setEntity("user", createUser);
        return resultOne;
    }

    private User buildUser(CreateUserRequest createUserRequest) {
        User user = new User();
        user.setUsername(createUserRequest.getUsername());
        user.setPassword(createUserRequest.getPassword());
        user.setFirstName(createUserRequest.getFirstName());
        user.setLastName(createUserRequest.getLastName());
        user.setExternallyManaged(createUserRequest.isExternallyManaged());
        user.setEmail(createUserRequest.getEmail());
        user.setEnabled(createUserRequest.isEnabled());
        return user;
    }

    private User buildUser(UpdateUserRequest updateUserRequest) {
        User user = new User();
        user.setId(updateUserRequest.getId().longValue());
        user.setFirstName(updateUserRequest.getFirstName());
        user.setLastName(updateUserRequest.getLastName());
        user.setEmail(updateUserRequest.getEmail());
        user.setEnabled(updateUserRequest.isEnabled());
        return user;
    }

    @PatchMapping(consumes = {"application/json"})
    public ResultOne<UserResponse> updateUser(@Valid @RequestBody UpdateUserRequest updateUserRequest) throws ServiceLayerException, UserNotFoundException, AuthenticationException, UserExternallyManagedException {
        User buildUser = buildUser(updateUserRequest);
        this.userService.updateUser(buildUser);
        ResultOne<UserResponse> resultOne = new ResultOne<>();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity("user", new UserResponse(buildUser));
        return resultOne;
    }

    @DeleteMapping
    public Result deleteUsers(@RequestParam(value = "id", required = false) List<Long> list, @RequestParam(value = "username", required = false) List<String> list2) throws ServiceLayerException, AuthenticationException, UserNotFoundException, UserExternallyManagedException {
        ValidationUtils.validateAnyListNonEmpty(list, list2);
        this.userService.deleteUsers((List) Objects.requireNonNullElse(list, Collections.emptyList()), (List) Objects.requireNonNullElse(list2, Collections.emptyList()));
        Result result = new Result();
        result.setResponse(ApiResponse.DELETED);
        return result;
    }

    @GetMapping(value = {RequestMappingConstants.PATH_PARAM_ID}, consumes = {"*/*"}, produces = {"application/json"})
    public ResultOne<UserResponse> getUser(@PathVariable("id") String str) throws ServiceLayerException, UserNotFoundException, ValidationException {
        int i = -1;
        String str2 = StudioAbstractAccessDecisionVoter.DEFAULT_PERMISSION_VOTER_PATH;
        if (StringUtils.isNumeric(str)) {
            i = Integer.parseInt(str);
        } else {
            ValidationUtils.validateValue(new EsapiValidator(EsapiValidationType.USERNAME), str, "id");
            str2 = str;
        }
        User userByIdOrUsername = this.userService.getUserByIdOrUsername(i, str2);
        ResultOne<UserResponse> resultOne = new ResultOne<>();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity("user", new UserResponse(userByIdOrUsername));
        return resultOne;
    }

    @PatchMapping(value = {"/enable"}, consumes = {"application/json"})
    public ResultList<UserResponse> enableUsers(@Valid @RequestBody EnableUsers enableUsers) throws ServiceLayerException, UserNotFoundException, AuthenticationException, UserExternallyManagedException {
        ValidationUtils.validateEnableUsers(enableUsers);
        List<UserResponse> enableUsers2 = this.userService.enableUsers(enableUsers.getIds(), enableUsers.getUsernames(), true);
        ResultList<UserResponse> resultList = new ResultList<>();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities(ResultConstants.RESULT_KEY_USERS, enableUsers2);
        return resultList;
    }

    @PatchMapping(value = {RequestMappingConstants.DISABLE}, consumes = {"application/json"})
    public ResultList<UserResponse> disableUsers(@Valid @RequestBody EnableUsers enableUsers) throws ServiceLayerException, UserNotFoundException, AuthenticationException, UserExternallyManagedException {
        ValidationUtils.validateEnableUsers(enableUsers);
        List<UserResponse> enableUsers2 = this.userService.enableUsers(enableUsers.getIds(), enableUsers.getUsernames(), false);
        ResultList<UserResponse> resultList = new ResultList<>();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities(ResultConstants.RESULT_KEY_USERS, enableUsers2);
        return resultList;
    }

    @GetMapping({"/{id}/sites"})
    public PaginatedResultList<Site> getUserSites(@PathVariable("id") @NotNull String str, @PositiveOrZero @RequestParam(value = "offset", required = false, defaultValue = "0") int i, @PositiveOrZero @RequestParam(value = "limit", required = false, defaultValue = "10") int i2) throws ServiceLayerException, UserNotFoundException, ValidationException {
        int i3 = -1;
        String str2 = StudioAbstractAccessDecisionVoter.DEFAULT_PERMISSION_VOTER_PATH;
        if (StringUtils.isNumeric(str)) {
            i3 = Integer.parseInt(str);
        } else {
            ValidationUtils.validateValue(new EsapiValidator(EsapiValidationType.USERNAME), str, "id");
            str2 = str;
        }
        List paginate = PaginationUtils.paginate(this.userService.getUserSites(i3, str2), i, i2, "siteId");
        PaginatedResultList<Site> paginatedResultList = new PaginatedResultList<>();
        paginatedResultList.setResponse(ApiResponse.OK);
        paginatedResultList.setTotal(r0.size());
        paginatedResultList.setOffset(i);
        paginatedResultList.setLimit(i2);
        paginatedResultList.setEntities(ResultConstants.RESULT_KEY_SITES, paginate);
        return paginatedResultList;
    }

    @GetMapping({"/{id}/sites/{site}/roles"})
    public ResultList<String> getUserSiteRoles(@PathVariable("id") @NotNull String str, @PathVariable("site") @NotNull @ValidSiteId String str2) throws ServiceLayerException, UserNotFoundException, ValidationException {
        int i = -1;
        String str3 = StudioAbstractAccessDecisionVoter.DEFAULT_PERMISSION_VOTER_PATH;
        if (StringUtils.isNumeric(str)) {
            i = Integer.parseInt(str);
        } else {
            ValidationUtils.validateValue(new EsapiValidator(EsapiValidationType.USERNAME), str, "id");
            str3 = str;
        }
        List list = this.userService.getUserSiteRoles(i, str3, str2).stream().map((v0) -> {
            return v0.toString();
        }).toList();
        ResultList<String> resultList = new ResultList<>();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities(ResultConstants.RESULT_KEY_ROLES, list);
        return resultList;
    }

    @GetMapping({RequestMappingConstants.ME})
    public ResultOne<AuthenticatedUser> getCurrentUser() throws AuthenticationException, ServiceLayerException {
        AuthenticatedUser currentUser = this.userService.getCurrentUser();
        ResultOne<AuthenticatedUser> resultOne = new ResultOne<>();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity(ResultConstants.RESULT_KEY_CURRENT_USER, currentUser);
        return resultOne;
    }

    @GetMapping({"/me/sites"})
    public PaginatedResultList<Site> getCurrentUserSites(@PositiveOrZero @RequestParam(value = "offset", required = false, defaultValue = "0") int i, @PositiveOrZero @RequestParam(value = "limit", required = false, defaultValue = "10") int i2) throws AuthenticationException, ServiceLayerException {
        List paginate = PaginationUtils.paginate(this.userService.getCurrentUserSites(), i, i2, "siteId");
        PaginatedResultList<Site> paginatedResultList = new PaginatedResultList<>();
        paginatedResultList.setResponse(ApiResponse.OK);
        paginatedResultList.setTotal(r0.size());
        paginatedResultList.setOffset(i);
        paginatedResultList.setLimit(i2);
        paginatedResultList.setEntities(ResultConstants.RESULT_KEY_SITES, paginate);
        return paginatedResultList;
    }

    @GetMapping({"/me/sites/{site}/roles"})
    public ResultList<String> getCurrentUserSiteRoles(@PathVariable("site") @NotBlank @ValidSiteId String str) throws AuthenticationException, ServiceLayerException {
        List<String> currentUserSiteRoles = this.userService.getCurrentUserSiteRoles(str);
        ResultList<String> resultList = new ResultList<>();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities(ResultConstants.RESULT_KEY_ROLES, currentUserSiteRoles);
        return resultList;
    }

    @GetMapping({"/me/logout/sso/url"})
    @ResponseStatus(HttpStatus.SERVICE_UNAVAILABLE)
    public Result getCurrentUserSsoLogoutUrl() {
        Result result = new Result();
        result.setResponse(ApiResponse.DEPRECATED);
        return result;
    }

    @GetMapping({RequestMappingConstants.FORGOT_PASSWORD})
    public ResultOne<String> forgotPassword(@RequestParam("username") @NotBlank String str) {
        int intValue = ((Integer) this.studioConfiguration.getProperty(StudioConfiguration.SECURITY_SET_PASSWORD_DELAY, Integer.class)).intValue();
        try {
            TimeUnit.SECONDS.sleep(intValue);
            ValidationUtils.validateValue(new EsapiValidator(EsapiValidationType.USERNAME), str, "username");
            this.userService.forgotPassword(str);
        } catch (InterruptedException e) {
            logger.debug("Interrupted while delaying request by '{}' seconds", Integer.valueOf(intValue), e);
        } catch (ServiceLayerException e2) {
            logger.error("Failed to process forgot password for user '{}'", str, e2);
        } catch (ValidationException e3) {
            logger.error("Validation error while processing forgot password for user '{}'", str, e3);
        }
        ResultOne<String> resultOne = new ResultOne<>();
        resultOne.setEntity("message", "If the user exists, a password recovery email has been sent to them.");
        resultOne.setResponse(ApiResponse.OK);
        return resultOne;
    }

    @PostMapping({"/me/change_password"})
    public ResultOne<UserResponse> changePassword(@Valid @RequestBody ChangePasswordRequest changePasswordRequest) throws PasswordDoesNotMatchException, ServiceLayerException, UserExternallyManagedException, AuthenticationException, UserNotFoundException {
        int intValue = ((Integer) this.studioConfiguration.getProperty(StudioConfiguration.SECURITY_SET_PASSWORD_DELAY, Integer.class)).intValue();
        try {
            TimeUnit.SECONDS.sleep(intValue);
        } catch (InterruptedException e) {
            logger.debug("Interrupted while delaying request by '{}' seconds", Integer.valueOf(intValue), e);
        }
        UserResponse changePassword = this.userService.changePassword(changePasswordRequest.getUsername(), changePasswordRequest.getCurrent(), changePasswordRequest.getNewPassword());
        ResultOne<UserResponse> resultOne = new ResultOne<>();
        resultOne.setEntity("user", changePassword);
        resultOne.setResponse(ApiResponse.OK);
        return resultOne;
    }

    @PostMapping({RequestMappingConstants.SET_PASSWORD})
    public ResultOne<UserResponse> setPassword(@Valid @RequestBody SetPasswordRequest setPasswordRequest) throws UserNotFoundException, UserExternallyManagedException, ServiceLayerException {
        int intValue = ((Integer) this.studioConfiguration.getProperty(StudioConfiguration.SECURITY_SET_PASSWORD_DELAY, Integer.class)).intValue();
        try {
            TimeUnit.SECONDS.sleep(intValue);
        } catch (InterruptedException e) {
            logger.debug("Interrupted while delaying request by '{}' seconds", Integer.valueOf(intValue), e);
        }
        UserResponse password = this.userService.setPassword(setPasswordRequest.getToken(), setPasswordRequest.getNewPassword());
        ResultOne<UserResponse> resultOne = new ResultOne<>();
        resultOne.setEntity("user", password);
        resultOne.setResponse(ApiResponse.OK);
        return resultOne;
    }

    @PostMapping({"/{id}/reset_password"})
    public Result resetPassword(@PathVariable("id") @NotBlank @EsapiValidatedParam(type = EsapiValidationType.USERNAME) String str, @Valid @RequestBody ResetPasswordRequest resetPasswordRequest) throws UserNotFoundException, UserExternallyManagedException, ServiceLayerException {
        this.userService.resetPassword(resetPasswordRequest.getUsername(), resetPasswordRequest.getNewPassword());
        Result result = new Result();
        result.setResponse(ApiResponse.OK);
        return result;
    }

    @GetMapping(value = {RequestMappingConstants.VALIDATE_TOKEN}, produces = {"application/json"})
    public Result validateToken(HttpServletResponse httpServletResponse, @RequestParam("token") @NotBlank String str) throws UserNotFoundException, UserExternallyManagedException, ServiceLayerException {
        int intValue = ((Integer) this.studioConfiguration.getProperty(StudioConfiguration.SECURITY_SET_PASSWORD_DELAY, Integer.class)).intValue();
        try {
            TimeUnit.SECONDS.sleep(intValue);
        } catch (InterruptedException e) {
            logger.debug("Interrupted while delaying request by '{}' seconds", Integer.valueOf(intValue), e);
        }
        boolean validateToken = this.userService.validateToken(str);
        Result result = new Result();
        if (validateToken) {
            result.setResponse(ApiResponse.OK);
        } else {
            result.setResponse(ApiResponse.UNAUTHORIZED);
            httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
        }
        return result;
    }

    @GetMapping(value = {"/me/properties"}, produces = {"application/json"})
    public ResultOne<Map<String, Map<String, String>>> getUserProperties(@RequestParam(required = false, defaultValue = "") @ValidSiteId String str) throws ServiceLayerException {
        ResultOne<Map<String, Map<String, String>>> resultOne = new ResultOne<>();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity(QueryParameterNames.PROPERTIES, this.userService.getUserProperties(str));
        return resultOne;
    }

    @PostMapping(value = {"/me/properties"}, consumes = {"application/json"}, produces = {"application/json"})
    public ResultOne<Map<String, String>> updateUserProperties(@Valid @RequestBody UpdateUserPropertiesRequest updateUserPropertiesRequest) throws ServiceLayerException {
        ResultOne<Map<String, String>> resultOne = new ResultOne<>();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity(QueryParameterNames.PROPERTIES, this.userService.updateUserProperties(updateUserPropertiesRequest.getSiteId(), updateUserPropertiesRequest.getProperties()));
        return resultOne;
    }

    @DeleteMapping(value = {"/me/properties"}, produces = {"application/json"})
    public ResultOne<Map<String, String>> deleteUserProperties(@RequestParam(required = false, defaultValue = "") @ValidSiteId String str, @RequestParam @Valid @NotEmpty List<String> list) throws ServiceLayerException {
        ResultOne<Map<String, String>> resultOne = new ResultOne<>();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity(QueryParameterNames.PROPERTIES, this.userService.deleteUserProperties(str, list));
        return resultOne;
    }

    @GetMapping(value = {"/me/sites/{site}/permissions"}, produces = {"application/json"})
    public ResultList<String> getCurrentUserSitePermissions(@PathVariable("site") @ValidSiteId String str) throws ServiceLayerException, UserNotFoundException, ExecutionException {
        List<String> currentUserSitePermissions = this.userService.getCurrentUserSitePermissions(str);
        ResultList<String> resultList = new ResultList<>();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities("permissions", currentUserSitePermissions);
        return resultList;
    }

    @PostMapping(value = {"/me/sites/{site}/has_permissions"}, consumes = {"application/json"}, produces = {"application/json"})
    public ResultOne<Map<String, Boolean>> checkCurrentUserHasSitePermissions(@PathVariable("site") @ValidSiteId String str, @Valid @RequestBody HasPermissionsRequest hasPermissionsRequest) throws ServiceLayerException, UserNotFoundException, ExecutionException {
        Map<String, Boolean> hasCurrentUserSitePermissions = this.userService.hasCurrentUserSitePermissions(str, hasPermissionsRequest.getPermissions());
        ResultOne<Map<String, Boolean>> resultOne = new ResultOne<>();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity("permissions", hasCurrentUserSitePermissions);
        return resultOne;
    }

    @GetMapping(value = {"/me/global/permissions"}, produces = {"application/json"})
    public ResultList<String> getCurrentUserGlobalPermissions() throws ServiceLayerException, UserNotFoundException, ExecutionException {
        List<String> currentUserGlobalPermissions = this.userService.getCurrentUserGlobalPermissions();
        ResultList<String> resultList = new ResultList<>();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities("permissions", currentUserGlobalPermissions);
        return resultList;
    }

    @PostMapping(value = {"/me/global/has_permissions"}, consumes = {"application/json"}, produces = {"application/json"})
    public ResultOne<Map<String, Boolean>> checkCurrentUserHasGlobalPermissions(@Valid @RequestBody HasPermissionsRequest hasPermissionsRequest) throws ServiceLayerException, UserNotFoundException, ExecutionException {
        Map<String, Boolean> hasCurrentUserGlobalPermissions = this.userService.hasCurrentUserGlobalPermissions(hasPermissionsRequest.getPermissions());
        ResultOne<Map<String, Boolean>> resultOne = new ResultOne<>();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity("permissions", hasCurrentUserGlobalPermissions);
        return resultOne;
    }
}
