package io.datarouter.auth.web;

import io.datarouter.auth.config.DatarouterAuthFiles;
import io.datarouter.auth.config.DatarouterAuthPaths;
import io.datarouter.auth.service.DatarouterUserEditService;
import io.datarouter.auth.service.DatarouterUserInfo;
import io.datarouter.auth.service.DatarouterUserService;
import io.datarouter.auth.storage.permissionrequest.DatarouterPermissionRequest;
import io.datarouter.auth.storage.permissionrequest.DatarouterPermissionRequestDao;
import io.datarouter.email.email.DatarouterHtmlEmailService;
import io.datarouter.httpclient.client.DatarouterService;
import io.datarouter.storage.config.DatarouterAdministratorEmailService;
import io.datarouter.storage.config.DatarouterProperties;
import io.datarouter.util.DateTool;
import io.datarouter.util.string.StringTool;
import io.datarouter.web.handler.BaseHandler;
import io.datarouter.web.handler.mav.Mav;
import io.datarouter.web.handler.mav.imp.GlobalRedirectMav;
import io.datarouter.web.handler.mav.imp.InContextRedirectMav;
import io.datarouter.web.handler.mav.imp.MessageMav;
import io.datarouter.web.handler.types.optional.OptionalLong;
import io.datarouter.web.handler.types.optional.OptionalString;
import io.datarouter.web.user.authenticate.PermissionRequestAdditionalEmailsSupplier;
import io.datarouter.web.user.authenticate.config.DatarouterAuthenticationConfig;
import io.datarouter.web.user.databean.DatarouterUser;
import io.datarouter.web.user.detail.DatarouterUserExternalDetailService;
import io.datarouter.web.user.role.DatarouterUserRole;
import j2html.TagCreator;
import j2html.tags.ContainerTag;
import j2html.tags.DomContent;
import java.time.ZoneId;
import java.util.Comparator;
import java.util.Date;
import java.util.Objects;
import java.util.Set;
import javax.inject.Inject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/datarouter/auth/web/DatarouterPermissionRequestHandler.class */
public class DatarouterPermissionRequestHandler extends BaseHandler {
    private static final Logger logger = LoggerFactory.getLogger(DatarouterPermissionRequestHandler.class);
    private static final String P_REASON = "reason";
    private static final String EMAIL_TITLE = "Permission Request";

    @Inject
    private DatarouterAuthenticationConfig authenticationConfig;

    @Inject
    private DatarouterPermissionRequestDao datarouterPermissionRequestDao;

    @Inject
    private DatarouterUserService datarouterUserService;

    @Inject
    private DatarouterHtmlEmailService htmlEmailService;

    @Inject
    private DatarouterProperties datarouterProperties;

    @Inject
    private DatarouterAuthFiles files;

    @Inject
    private DatarouterAuthPaths paths;

    @Inject
    private DatarouterUserEditService userEditService;

    @Inject
    private DatarouterUserInfo datarouterUserInfo;

    @Inject
    private DatarouterAdministratorEmailService administratorEmailService;

    @Inject
    private DatarouterUserExternalDetailService userExternalDetailService;

    @Inject
    private PermissionRequestAdditionalEmailsSupplier permissionRequestAdditionalEmails;

    @Inject
    private DatarouterService datarouterService;

    /* loaded from: input_file:io/datarouter/auth/web/DatarouterPermissionRequestHandler$PermissionRequestDto.class */
    public static class PermissionRequestDto {
        public final String requestTime;
        public final String requestText;
        public final String resolutionTime;
        public final String resolution;

        public PermissionRequestDto(Date date, String str, Date date2, String str2, ZoneId zoneId) {
            this.requestTime = DateTool.formatDateWithZone(date, zoneId);
            this.requestText = str;
            this.resolutionTime = date2 == null ? null : DateTool.formatDateWithZone(date2, zoneId);
            this.resolution = str2;
        }
    }

    /* loaded from: input_file:io/datarouter/auth/web/DatarouterPermissionRequestHandler$SuccessAndMessageDto.class */
    private static class SuccessAndMessageDto {
        public final Boolean success;
        public final String message;

        protected SuccessAndMessageDto() {
            this.success = true;
            this.message = "";
        }

        protected SuccessAndMessageDto(boolean z, String str) {
            this.success = Boolean.valueOf(z);
            this.message = (String) Objects.requireNonNull(str);
        }
    }

    @BaseHandler.Handler(defaultHandler = true)
    private Mav showForm(OptionalString optionalString, OptionalString optionalString2) {
        if (!this.authenticationConfig.useDatarouterAuthentication()) {
            return new MessageMav(noDatarouterAuthentication());
        }
        Mav mav = new Mav(this.files.jsp.authentication.permissionRequestJsp);
        mav.put("serviceName", this.datarouterService.getServiceName());
        mav.put("permissionRequestPath", this.paths.permissionRequest.toSlashedString());
        mav.put("defaultSpecifics", optionalString.map(str -> {
            StringBuilder append = new StringBuilder("I tried to go to this URL: ").append(str).append(".");
            String str = " These are its allowed roles at the time of this request: ";
            " These are its allowed roles at the time of this request: ".getClass();
            return append.append((String) optionalString2.map(str::concat).orElse("")).toString();
        }));
        mav.put("currentRequest", (DatarouterPermissionRequest) this.datarouterPermissionRequestDao.scanOpenPermissionRequestsForUser(getCurrentUser().getId()).max(Comparator.comparing(datarouterPermissionRequest -> {
            return datarouterPermissionRequest.getKey().getRequestTime();
        })).orElse(null));
        mav.put("email", this.administratorEmailService.getAdministratorEmailAddressesCsv((Set) this.permissionRequestAdditionalEmails.get()));
        mav.put("submitPath", this.paths.permissionRequest.submit.join("/"));
        mav.put("declinePath", this.paths.permissionRequest.declineAll.join("/"));
        return mav;
    }

    @BaseHandler.Handler
    private Mav submit(OptionalString optionalString) {
        if (!this.authenticationConfig.useDatarouterAuthentication()) {
            return new MessageMav(noDatarouterAuthentication());
        }
        String required = this.params.required(P_REASON);
        if (StringTool.isEmpty(required)) {
            throw new IllegalArgumentException("Reason is required.");
        }
        String str = (String) optionalString.orElse("");
        DatarouterUser currentUser = getCurrentUser();
        this.datarouterPermissionRequestDao.createPermissionRequest(new DatarouterPermissionRequest(currentUser.getId(), new Date(), "reason: " + required + ", specifics: " + str, null, null));
        sendRequestEmail(currentUser, required, str);
        return currentUser.getRoles().size() > 1 ? new InContextRedirectMav(this.request, this.paths.home) : showForm(new OptionalString((String) null), new OptionalString((String) null));
    }

    @BaseHandler.Handler
    private Mav declineAll(OptionalLong optionalLong, OptionalString optionalString) {
        if (!this.authenticationConfig.useDatarouterAuthentication()) {
            return new MessageMav(noDatarouterAuthentication());
        }
        DatarouterUser currentUser = getCurrentUser();
        if (!((Long) optionalLong.orElse(currentUser.getId())).equals(currentUser.getId()) && !currentUser.getRoles().contains(DatarouterUserRole.DATAROUTER_ADMIN.getRole())) {
            return new MessageMav("You do not have permission to decline this request.");
        }
        this.datarouterPermissionRequestDao.declineAll((Long) optionalLong.orElse(currentUser.getId()));
        DatarouterUser datarouterUser = currentUser;
        if (!((Long) optionalLong.orElse(currentUser.getId())).equals(getCurrentUser().getId())) {
            datarouterUser = this.datarouterUserInfo.getUserById((Long) optionalLong.get(), true).get();
        }
        sendDeclineEmail(datarouterUser, currentUser);
        return optionalString.isEmpty() ? currentUser.getRoles().size() > 1 ? new InContextRedirectMav(this.request, this.paths.home) : showForm(new OptionalString((String) null), new OptionalString((String) null)) : new GlobalRedirectMav((String) optionalString.get());
    }

    @BaseHandler.Handler
    private SuccessAndMessageDto declinePermissionRequests(String str) {
        long parseLong = Long.parseLong(str);
        if (!this.authenticationConfig.useDatarouterAuthentication()) {
            return new SuccessAndMessageDto(false, noDatarouterAuthentication());
        }
        DatarouterUser currentUser = getCurrentUser();
        if (parseLong != currentUser.getId().longValue() && !currentUser.getRoles().contains(DatarouterUserRole.DATAROUTER_ADMIN.getRole())) {
            return new SuccessAndMessageDto(false, "You do not have permission to decline this request.");
        }
        this.datarouterPermissionRequestDao.declineAll(Long.valueOf(parseLong));
        DatarouterUser datarouterUser = currentUser;
        if (parseLong != getCurrentUser().getId().longValue()) {
            datarouterUser = this.datarouterUserInfo.getUserById(Long.valueOf(parseLong), true).get();
        }
        sendDeclineEmail(datarouterUser, currentUser);
        return new SuccessAndMessageDto();
    }

    private DatarouterUser getCurrentUser() {
        return this.datarouterUserService.getAndValidateCurrentUser(getSessionInfo().getRequiredSession());
    }

    private void sendRequestEmail(DatarouterUser datarouterUser, String str, String str2) {
        String str3 = (String) this.userExternalDetailService.getUserProfileUrl(datarouterUser).orElse(null);
        String str4 = (String) this.userExternalDetailService.getUserProfileDescription().orElse("user profile");
        String username = datarouterUser.getUsername();
        String userEditEmailRecipients = this.userEditService.getUserEditEmailRecipients(datarouterUser);
        String build = this.htmlEmailService.startLinkBuilder().withLocalPath(this.paths.admin.editUser.toSlashedString()).withParam("userId", new StringBuilder().append(datarouterUser.getId()).toString()).build();
        DomContent[] domContentArr = new DomContent[1];
        ContainerTag tbody = TagCreator.tbody();
        ContainerTag createLabelValueTr = createLabelValueTr("Service", TagCreator.text(this.datarouterService.getServiceName()));
        DomContent[] domContentArr2 = new DomContent[2];
        domContentArr2[0] = TagCreator.text(String.valueOf(username) + " - ");
        domContentArr2[1] = str3 == null ? null : TagCreator.a("view " + str4).withHref(str3);
        domContentArr[0] = tbody.with(createLabelValueTr.with(createLabelValueTr("User", domContentArr2))).with(createLabelValueTr("Reason", TagCreator.text(str))).condWith(StringTool.notEmpty(str2), createLabelValueTr("Specifics", TagCreator.text(str2)));
        this.htmlEmailService.trySendJ2Html(username, userEditEmailRecipients, this.htmlEmailService.startEmailBuilder().withSubject(this.userEditService.getPermissionRequestEmailSubject(datarouterUser)).withTitle(EMAIL_TITLE).withTitleHref(build).withContent(TagCreator.div(new DomContent[]{(ContainerTag) TagCreator.table(domContentArr).withStyle("border-spacing: 0"), TagCreator.p(new DomContent[]{TagCreator.a("Edit user profile").withHref(build)})})));
    }

    private void sendDeclineEmail(DatarouterUser datarouterUser, DatarouterUser datarouterUser2) {
        this.htmlEmailService.trySendJ2Html(datarouterUser.getUsername(), this.userEditService.getUserEditEmailRecipients(datarouterUser), this.htmlEmailService.startEmailBuilder().withSubject(this.userEditService.getPermissionRequestEmailSubject(datarouterUser)).withTitle(EMAIL_TITLE).withTitleHref(this.htmlEmailService.startLinkBuilder().withLocalPath(this.paths.admin.editUser.toSlashedString()).withParam("userId", new StringBuilder().append(datarouterUser.getId()).toString()).build()).withContent(TagCreator.p(String.format("Permission requests declined for user %s by user %s", datarouterUser.getUsername(), datarouterUser2.getUsername()))));
    }

    private static ContainerTag createLabelValueTr(String str, DomContent... domContentArr) {
        return TagCreator.tr(new DomContent[]{TagCreator.td(new DomContent[]{TagCreator.b(String.valueOf(str) + ' ')}).withStyle("text-align: right"), TagCreator.td().with(domContentArr).withStyle("padding-left: 8px")}).withStyle("vertical-align: top");
    }

    private String noDatarouterAuthentication() {
        logger.warn("{} went to non-DR permission request page.", getSessionInfo().getRequiredSession().getUsername());
        return "This is only available when using datarouter authentication. Please email " + this.datarouterProperties.getAdministratorEmail() + " for assistance.";
    }
}
