package org.mobicents.servlet.restcomm.http;

import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.sun.jersey.core.util.MultivaluedMapImpl;
import com.thoughtworks.xstream.XStream;
import java.net.URI;
import java.util.ArrayList;
import javax.annotation.PostConstruct;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import org.apache.commons.configuration.Configuration;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.joda.time.DateTime;
import org.mobicents.servlet.restcomm.dao.ClientsDao;
import org.mobicents.servlet.restcomm.dao.DaoManager;
import org.mobicents.servlet.restcomm.entities.Account;
import org.mobicents.servlet.restcomm.entities.AccountList;
import org.mobicents.servlet.restcomm.entities.Client;
import org.mobicents.servlet.restcomm.entities.RestCommResponse;
import org.mobicents.servlet.restcomm.entities.Sid;
import org.mobicents.servlet.restcomm.http.SecuredEndpoint;
import org.mobicents.servlet.restcomm.http.converter.AccountConverter;
import org.mobicents.servlet.restcomm.http.converter.AccountListConverter;
import org.mobicents.servlet.restcomm.http.converter.RestCommResponseConverter;
import org.mobicents.servlet.restcomm.http.exceptions.AuthorizationException;
import org.mobicents.servlet.restcomm.http.exceptions.InsufficientPermission;
import org.mobicents.servlet.restcomm.util.StringUtils;

/* loaded from: input_file:org/mobicents/servlet/restcomm/http/AccountsEndpoint.class */
public class AccountsEndpoint extends SecuredEndpoint {
    protected Configuration configuration;
    protected Gson gson;
    protected XStream xstream;
    protected ClientsDao clientDao;

    public AccountsEndpoint() {
    }

    public AccountsEndpoint(ServletContext servletContext, HttpServletRequest httpServletRequest) {
        super(servletContext, httpServletRequest);
    }

    @PostConstruct
    void init() {
        this.configuration = (Configuration) this.context.getAttribute(Configuration.class.getName());
        this.configuration = this.configuration.subset("runtime-settings");
        super.init(this.configuration);
        this.clientDao = ((DaoManager) this.context.getAttribute(DaoManager.class.getName())).getClientsDao();
        AccountConverter accountConverter = new AccountConverter(this.configuration);
        GsonBuilder gsonBuilder = new GsonBuilder();
        gsonBuilder.registerTypeAdapter(Account.class, accountConverter);
        gsonBuilder.setPrettyPrinting();
        this.gson = gsonBuilder.create();
        this.xstream = new XStream();
        this.xstream.alias("RestcommResponse", RestCommResponse.class);
        this.xstream.registerConverter(accountConverter);
        this.xstream.registerConverter(new AccountListConverter(this.configuration));
        this.xstream.registerConverter(new RestCommResponseConverter(this.configuration));
        checkAuthenticatedAccount();
    }

    private Account createFrom(Sid sid, MultivaluedMap<String, String> multivaluedMap) {
        validate(multivaluedMap);
        DateTime now = DateTime.now();
        String lowerCase = ((String) multivaluedMap.getFirst("EmailAddress")).toLowerCase();
        Sid generate = Sid.generate(Sid.Type.ACCOUNT, lowerCase);
        String str = lowerCase;
        if (multivaluedMap.containsKey("FriendlyName")) {
            str = (String) multivaluedMap.getFirst("FriendlyName");
        }
        Account.Type type = Account.Type.FULL;
        Account.Status status = Account.Status.ACTIVE;
        if (multivaluedMap.containsKey("Status")) {
            status = Account.Status.valueOf((String) multivaluedMap.getFirst("Status"));
        }
        String md5Hash = new Md5Hash((String) multivaluedMap.getFirst("Password")).toString();
        String str2 = (String) multivaluedMap.getFirst("Role");
        String addSuffixIfNotPresent = StringUtils.addSuffixIfNotPresent(this.configuration.getString("root-uri"), "/");
        StringBuilder sb = new StringBuilder();
        sb.append(addSuffixIfNotPresent).append(getApiVersion(null)).append("/Accounts/").append(generate.toString());
        return new Account(generate, now, now, lowerCase, str, sid, type, status, md5Hash, str2, URI.create(sb.toString()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Response getAccount(String str, MediaType mediaType) {
        Account account;
        checkPermission("RestComm:Read:Accounts");
        if (Sid.pattern.matcher(str).matches()) {
            try {
                account = this.accountsDao.getAccount(new Sid(str));
            } catch (Exception e) {
                return Response.status(Response.Status.NOT_FOUND).build();
            }
        } else {
            try {
                account = this.accountsDao.getAccount(str);
            } catch (Exception e2) {
                return Response.status(Response.Status.NOT_FOUND).build();
            }
        }
        secure(account, "RestComm:Read:Accounts", SecuredEndpoint.SecuredType.SECURED_ACCOUNT);
        if (account == null) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        if (MediaType.APPLICATION_XML_TYPE == mediaType) {
            return Response.ok(this.xstream.toXML(new RestCommResponse(account)), "application/xml").build();
        }
        if (MediaType.APPLICATION_JSON_TYPE == mediaType) {
            return Response.ok(this.gson.toJson(account), "application/json").build();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Response deleteAccount(String str) {
        checkPermission("RestComm:Delete:Accounts");
        Sid sid = this.userIdentityContext.getEffectiveAccount().getSid();
        Sid sid2 = new Sid(str);
        secure(this.accountsDao.getAccount(sid2), "RestComm:Delete:Accounts", SecuredEndpoint.SecuredType.SECURED_ACCOUNT);
        if (str.equalsIgnoreCase(sid.toString())) {
            return Response.status(Response.Status.BAD_REQUEST).build();
        }
        if (this.accountsDao.getAccount(sid2) == null) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        this.accountsDao.removeAccount(sid2);
        this.clientDao.removeClients(sid2);
        return Response.ok().build();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Response getAccounts(MediaType mediaType) {
        checkPermission("RestComm:Read:Accounts");
        Account effectiveAccount = this.userIdentityContext.getEffectiveAccount();
        if (effectiveAccount == null) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(effectiveAccount);
        arrayList.addAll(this.accountsDao.getAccounts(effectiveAccount.getSid()));
        if (MediaType.APPLICATION_XML_TYPE == mediaType) {
            return Response.ok(this.xstream.toXML(new RestCommResponse(new AccountList(arrayList))), "application/xml").build();
        }
        if (MediaType.APPLICATION_JSON_TYPE == mediaType) {
            return Response.ok(this.gson.toJson(arrayList), "application/json").build();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Response putAccount(MultivaluedMap<String, String> multivaluedMap, MediaType mediaType) {
        checkPermission("RestComm:Create:Accounts");
        Sid sid = this.userIdentityContext.getEffectiveAccount().getSid();
        try {
            Account createFrom = createFrom(sid, multivaluedMap);
            if (this.accountsDao.getAccount(createFrom.getSid()) != null || createFrom.getEmailAddress().equalsIgnoreCase("administrator@company.com")) {
                return Response.status(Response.Status.CONFLICT).entity("The email address used for the new account is already in use.").build();
            }
            Account account = this.accountsDao.getAccount(sid);
            if (!account.getStatus().equals(Account.Status.ACTIVE) || !isSecuredByPermission("RestComm:Create:Accounts")) {
                throw new InsufficientPermission();
            }
            if (!hasAccountRole(getAdministratorRole()) || !multivaluedMap.containsKey("Role")) {
                createFrom = createFrom.setRole(account.getRole());
            }
            this.accountsDao.addAccount(createFrom);
            MultivaluedMapImpl multivaluedMapImpl = new MultivaluedMapImpl();
            multivaluedMapImpl.add("Login", ((String) multivaluedMap.getFirst("EmailAddress")).split("@")[0]);
            multivaluedMapImpl.add("Password", multivaluedMap.getFirst("Password"));
            multivaluedMapImpl.add("FriendlyName", createFrom.getFriendlyName());
            multivaluedMapImpl.add("AccountSid", createFrom.getSid().toString());
            if (this.clientDao.getClient((String) multivaluedMapImpl.getFirst("Login")) == null) {
                this.clientDao.addClient(createClientFrom(createFrom.getSid(), multivaluedMapImpl));
            }
            if (MediaType.APPLICATION_JSON_TYPE == mediaType) {
                return Response.ok(this.gson.toJson(createFrom), "application/json").build();
            }
            if (MediaType.APPLICATION_XML_TYPE != mediaType) {
                return null;
            }
            return Response.ok(this.xstream.toXML(new RestCommResponse(createFrom)), "application/xml").build();
        } catch (NullPointerException e) {
            return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();
        }
    }

    private Client createClientFrom(Sid sid, MultivaluedMap<String, String> multivaluedMap) {
        Client.Builder builder = Client.builder();
        Sid generate = Sid.generate(Sid.Type.CLIENT);
        String str = (String) multivaluedMap.getFirst("Password");
        builder.setSid(generate);
        builder.setAccountSid(sid);
        builder.setApiVersion(getApiVersion(multivaluedMap));
        builder.setLogin((String) multivaluedMap.getFirst("Login"));
        builder.setPassword(str);
        builder.setFriendlyName((String) multivaluedMap.getFirst("FriendlyName"));
        builder.setStatus(1);
        String addSuffixIfNotPresent = StringUtils.addSuffixIfNotPresent(this.configuration.getString("root-uri"), "/");
        StringBuilder sb = new StringBuilder();
        sb.append(addSuffixIfNotPresent).append(getApiVersion(multivaluedMap)).append("/Accounts/").append(sid.toString()).append("/Clients/").append(generate.toString());
        builder.setUri(URI.create(sb.toString()));
        return builder.build();
    }

    private Account update(Account account, MultivaluedMap<String, String> multivaluedMap) {
        Account account2 = account;
        boolean z = false;
        try {
            if (multivaluedMap.containsKey("FriendlyName")) {
                account2 = account2.setFriendlyName((String) multivaluedMap.getFirst("FriendlyName"));
            }
            if (multivaluedMap.containsKey("Password")) {
                if (account.getStatus() == Account.Status.UNINITIALIZED) {
                    z = true;
                }
                account2 = account2.setAuthToken(new Md5Hash(multivaluedMap.getFirst("Password")).toString());
            }
            if (multivaluedMap.containsKey("Auth_Token")) {
                account2 = account2.setAuthToken((String) multivaluedMap.getFirst("Auth_Token"));
                if (account.getStatus() == Account.Status.UNINITIALIZED) {
                    z = true;
                }
            }
            if (multivaluedMap.containsKey("Status")) {
                account2 = account2.setStatus(Account.Status.getValueOf(((String) multivaluedMap.getFirst("Status")).toLowerCase()));
            } else if (z) {
                account2 = account2.setStatus(Account.Status.ACTIVE);
            }
            if (multivaluedMap.containsKey("Role")) {
                this.userIdentityContext.getEffectiveAccount();
                if (!this.userIdentityContext.getEffectiveAccountRoles().contains(getAdministratorRole())) {
                    throw new AuthorizationException();
                }
                account2 = account2.setRole((String) multivaluedMap.getFirst("Role"));
            }
        } catch (AuthorizationException e) {
            throw e;
        } catch (Exception e2) {
            if (this.logger.isInfoEnabled()) {
                this.logger.info("Exception during Account update: " + e2.getStackTrace());
            }
        }
        return account2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Response updateAccount(String str, MultivaluedMap<String, String> multivaluedMap, MediaType mediaType) {
        checkPermission("RestComm:Modify:Accounts");
        Account account = null;
        try {
            account = this.accountsDao.getAccount(new Sid(str));
        } catch (Exception e) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("At update account, exception trying to get SID. Seems we have email as identifier");
            }
        }
        if (account == null) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("At update account, trying to get account using email as identifier");
            }
            account = this.accountsDao.getAccount(str);
        }
        if (account == null) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        Account update = update(account, multivaluedMap);
        secure(update, "RestComm:Modify:Accounts", SecuredEndpoint.SecuredType.SECURED_ACCOUNT);
        this.accountsDao.updateAccount(update);
        String emailAddress = update.getEmailAddress();
        if (emailAddress != null && !emailAddress.equals("")) {
            Client client = this.clientDao.getClient(emailAddress.split("@")[0]);
            if (client != null) {
                if (multivaluedMap.containsKey("Password")) {
                    client = client.setPassword((String) multivaluedMap.getFirst("Password"));
                }
                if (multivaluedMap.containsKey("FriendlyName")) {
                    client = client.setFriendlyName((String) multivaluedMap.getFirst("FriendlyName"));
                }
                this.clientDao.updateClient(client);
            }
        }
        if (MediaType.APPLICATION_JSON_TYPE == mediaType) {
            return Response.ok(this.gson.toJson(update), "application/json").build();
        }
        if (MediaType.APPLICATION_XML_TYPE != mediaType) {
            return null;
        }
        return Response.ok(this.xstream.toXML(new RestCommResponse(update)), "application/xml").build();
    }

    private void validate(MultivaluedMap<String, String> multivaluedMap) throws NullPointerException {
        if (!multivaluedMap.containsKey("EmailAddress")) {
            throw new NullPointerException("Email address can not be null.");
        }
        if (!multivaluedMap.containsKey("Password")) {
            throw new NullPointerException("Password can not be null.");
        }
    }
}
