package org.codehaus.plexus.redback.struts2.action;

import com.opensymphony.xwork2.Action;
import java.util.Arrays;
import org.codehaus.plexus.redback.policy.PasswordRuleViolationException;
import org.codehaus.plexus.redback.system.DefaultSecuritySession;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystemConstants;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.redback.users.UserNotFoundException;
import org.codehaus.plexus.util.StringUtils;
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import org.codehaus.redback.integration.interceptor.SecureActionException;
import org.codehaus.redback.integration.model.EditUserCredentials;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;

@Scope("prototype")
@Controller("redback-account")
/* loaded from: input_file:WEB-INF/lib/redback-struts2-integration-1.3.jar:org/codehaus/plexus/redback/struts2/action/AccountAction.class */
public class AccountAction extends AbstractUserCredentialsAction implements CancellableAction {
    private static final String ACCOUNT_SUCCESS = "security-account-success";
    private EditUserCredentials user;
    private String oldPassword;

    public String show() {
        SecuritySession securitySession = getSecuritySession();
        if (!securitySession.isAuthenticated()) {
            addActionError(getText("cannot.show.account.login.required"));
            return "requires-authentication";
        }
        String username = securitySession.getUser().getUsername();
        if (username == null) {
            addActionError(getText("cannot.edit.user.null.username"));
            return Action.ERROR;
        }
        if (StringUtils.isEmpty(username)) {
            addActionError(getText("cannot.edit.user.empty.username"));
            return Action.ERROR;
        }
        UserManager userManager = this.securitySystem.getUserManager();
        if (!userManager.userExists(username)) {
            addActionError(getText("user.does.not.exist", Arrays.asList(username)));
            return Action.ERROR;
        }
        this.internalUser = this.user;
        try {
            User findUser = userManager.findUser(username);
            if (findUser == null) {
                addActionError(getText("cannot.operate.on.null.user"));
                return Action.ERROR;
            }
            this.user = new EditUserCredentials(findUser);
            return Action.INPUT;
        } catch (UserNotFoundException e) {
            addActionError(getText("cannot.get.user", Arrays.asList(username, e.getMessage())));
            return Action.ERROR;
        }
    }

    public String submit() {
        SecuritySession securitySession = getSecuritySession();
        if (!securitySession.isAuthenticated()) {
            addActionError(getText("cannot.show.account.login.required"));
            return "requires-authentication";
        }
        String username = securitySession.getUser().getUsername();
        if (username == null) {
            addActionError(getText("cannot.edit.user.null.username"));
            return Action.ERROR;
        }
        if (StringUtils.isEmpty(username)) {
            addActionError(getText("cannot.edit.user.empty.username"));
            return Action.ERROR;
        }
        if (this.user == null) {
            addActionError(getText("cannot.edit.user.null.credentials"));
            return Action.ERROR;
        }
        if (!this.user.getPassword().equals(this.user.getConfirmPassword())) {
            addFieldError("user.confirmPassword", getText("password.confimation.failed"));
            return Action.ERROR;
        }
        UserManager userManager = this.securitySystem.getUserManager();
        if (!userManager.userExists(username)) {
            addActionError(getText("user.does.not.exist", Arrays.asList(username)));
            return Action.ERROR;
        }
        this.internalUser = this.user;
        try {
            User findUser = userManager.findUser(username);
            if (findUser == null) {
                addActionError(getText("cannot.operate.on.null.user"));
                return Action.ERROR;
            }
            if (StringUtils.isNotEmpty(this.user.getPassword())) {
                if (!this.securitySystem.getPolicy().getPasswordEncoder().isPasswordValid(findUser.getEncodedPassword(), this.oldPassword)) {
                    addFieldError("oldPassword", getText("password.provided.does.not.match.existing"));
                    return Action.ERROR;
                }
                findUser.setPassword(this.user.getPassword());
            }
            findUser.setFullName(this.user.getFullName());
            findUser.setEmail(this.user.getEmail());
            findUser.setPassword(this.user.getPassword());
            userManager.updateUser(findUser);
            if (getSecuritySession().getUser().getUsername().equals(findUser.getUsername())) {
                this.session.put(SecuritySystemConstants.SECURITY_SESSION_KEY, new DefaultSecuritySession(getSecuritySession().getAuthenticationResult(), findUser));
                setSession(this.session);
            }
            return ACCOUNT_SUCCESS;
        } catch (PasswordRuleViolationException e) {
            processPasswordRuleViolations(e);
            return Action.ERROR;
        } catch (UserNotFoundException e2) {
            addActionError(getText("cannot.get.user", Arrays.asList(username, e2.getMessage())));
            return Action.ERROR;
        }
    }

    @Override // org.codehaus.plexus.redback.struts2.action.CancellableAction
    public String cancel() {
        return CancellableAction.CANCEL;
    }

    public EditUserCredentials getUser() {
        return this.user;
    }

    public void setUser(EditUserCredentials editUserCredentials) {
        this.user = editUserCredentials;
    }

    @Override // org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction
    public SecureActionBundle initSecureActionBundle() throws SecureActionException {
        SecureActionBundle secureActionBundle = new SecureActionBundle();
        secureActionBundle.setRequiresAuthentication(true);
        return secureActionBundle;
    }

    public void setOldPassword(String str) {
        this.oldPassword = str;
    }

    public boolean isSelf() {
        return true;
    }
}
