package org.craftercms.studio.controller.rest.v2;

import java.beans.ConstructorProperties;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.studio.api.v1.exception.ServiceLayerException;
import org.craftercms.studio.api.v1.exception.security.AuthenticationException;
import org.craftercms.studio.api.v1.exception.security.PasswordDoesNotMatchException;
import org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException;
import org.craftercms.studio.api.v1.exception.security.UserExternallyManagedException;
import org.craftercms.studio.api.v1.exception.security.UserNotFoundException;
import org.craftercms.studio.api.v1.log.Logger;
import org.craftercms.studio.api.v1.log.LoggerFactory;
import org.craftercms.studio.api.v2.dal.QueryParameterNames;
import org.craftercms.studio.api.v2.dal.User;
import org.craftercms.studio.api.v2.service.security.UserService;
import org.craftercms.studio.api.v2.utils.StudioConfiguration;
import org.craftercms.studio.impl.v2.utils.PaginationUtils;
import org.craftercms.studio.model.AuthenticatedUser;
import org.craftercms.studio.model.rest.ApiResponse;
import org.craftercms.studio.model.rest.ChangePasswordRequest;
import org.craftercms.studio.model.rest.EnableUsers;
import org.craftercms.studio.model.rest.PaginatedResultList;
import org.craftercms.studio.model.rest.ResetPasswordRequest;
import org.craftercms.studio.model.rest.ResponseBody;
import org.craftercms.studio.model.rest.Result;
import org.craftercms.studio.model.rest.ResultList;
import org.craftercms.studio.model.rest.ResultOne;
import org.craftercms.studio.model.rest.SetPasswordRequest;
import org.craftercms.studio.model.users.HasPermissionsRequest;
import org.craftercms.studio.model.users.UpdateUserPropertiesRequest;
import org.springframework.http.HttpStatus;
import org.springframework.util.CollectionUtils;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/api/2/users"})
@RestController
/* loaded from: input_file:org/craftercms/studio/controller/rest/v2/UsersController.class */
public class UsersController {
    private static final Logger logger = LoggerFactory.getLogger(UsersController.class);
    private UserService userService;
    private StudioConfiguration studioConfiguration;

    @ConstructorProperties({"userService", "studioConfiguration"})
    public UsersController(UserService userService, StudioConfiguration studioConfiguration) {
        this.userService = userService;
        this.studioConfiguration = studioConfiguration;
    }

    @GetMapping
    public ResponseBody getAllUsers(@RequestParam(value = "site_id", required = false) String str, @RequestParam(value = "keyword", required = false) String str2, @RequestParam(value = "offset", required = false, defaultValue = "0") int i, @RequestParam(value = "limit", required = false, defaultValue = "10") int i2, @RequestParam(value = "sort", required = false, defaultValue = "") String str3) throws ServiceLayerException {
        int allUsersForSiteTotal;
        List<User> allUsersForSite;
        if (StringUtils.isEmpty(str)) {
            allUsersForSiteTotal = this.userService.getAllUsersTotal(str2);
            allUsersForSite = this.userService.getAllUsers(str2, i, i2, str3);
        } else {
            allUsersForSiteTotal = this.userService.getAllUsersForSiteTotal(1L, str, str2);
            allUsersForSite = this.userService.getAllUsersForSite(1L, str, str2, i, i2, str3);
        }
        ResponseBody responseBody = new ResponseBody();
        PaginatedResultList paginatedResultList = new PaginatedResultList();
        paginatedResultList.setTotal(allUsersForSiteTotal);
        paginatedResultList.setOffset(i);
        paginatedResultList.setLimit(CollectionUtils.isEmpty(allUsersForSite) ? 0 : allUsersForSite.size());
        paginatedResultList.setResponse(ApiResponse.OK);
        responseBody.setResult(paginatedResultList);
        paginatedResultList.setEntities(ResultConstants.RESULT_KEY_USERS, allUsersForSite);
        return responseBody;
    }

    @PostMapping(value = {""}, consumes = {"application/json"})
    @ResponseStatus(HttpStatus.CREATED)
    public ResponseBody createUser(@RequestBody User user) throws UserAlreadyExistsException, ServiceLayerException, AuthenticationException {
        User createUser = this.userService.createUser(user);
        ResponseBody responseBody = new ResponseBody();
        ResultOne resultOne = new ResultOne();
        resultOne.setResponse(ApiResponse.CREATED);
        resultOne.setEntity("user", createUser);
        responseBody.setResult(resultOne);
        return responseBody;
    }

    @PatchMapping(value = {""}, consumes = {"application/json"})
    public ResponseBody updateUser(@RequestBody User user) throws ServiceLayerException, UserNotFoundException, AuthenticationException {
        this.userService.updateUser(user);
        ResponseBody responseBody = new ResponseBody();
        ResultOne resultOne = new ResultOne();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity("user", user);
        responseBody.setResult(resultOne);
        return responseBody;
    }

    @DeleteMapping
    public ResponseBody deleteUser(@RequestParam(value = "id", required = false) List<Long> list, @RequestParam(value = "username", required = false) List<String> list2) throws ServiceLayerException, AuthenticationException, UserNotFoundException {
        ValidationUtils.validateAnyListNonEmpty(list, list2);
        this.userService.deleteUsers(list != null ? list : Collections.emptyList(), list2 != null ? list2 : Collections.emptyList());
        ResponseBody responseBody = new ResponseBody();
        Result result = new Result();
        result.setResponse(ApiResponse.DELETED);
        responseBody.setResult(result);
        return responseBody;
    }

    @GetMapping(value = {RequestMappingConstants.PATH_PARAM_ID}, consumes = {"*/*"}, produces = {"application/json"})
    public ResponseBody getUser(@PathVariable("id") String str) throws ServiceLayerException, UserNotFoundException {
        int i = -1;
        String str2 = "";
        if (StringUtils.isNumeric(str)) {
            i = Integer.parseInt(str);
        } else {
            str2 = str;
        }
        User userByIdOrUsername = this.userService.getUserByIdOrUsername(i, str2);
        ResponseBody responseBody = new ResponseBody();
        ResultOne resultOne = new ResultOne();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity("user", userByIdOrUsername);
        responseBody.setResult(resultOne);
        return responseBody;
    }

    @PatchMapping(value = {RequestMappingConstants.ENABLE}, consumes = {"application/json"})
    public ResponseBody enableUsers(@RequestBody EnableUsers enableUsers) throws ServiceLayerException, UserNotFoundException, AuthenticationException {
        ValidationUtils.validateEnableUsers(enableUsers);
        List<User> enableUsers2 = this.userService.enableUsers(enableUsers.getIds(), enableUsers.getUsernames(), true);
        ResponseBody responseBody = new ResponseBody();
        ResultList resultList = new ResultList();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities(ResultConstants.RESULT_KEY_USERS, enableUsers2);
        responseBody.setResult(resultList);
        return responseBody;
    }

    @PatchMapping(value = {RequestMappingConstants.DISABLE}, consumes = {"application/json"})
    public ResponseBody disableUsers(@RequestBody EnableUsers enableUsers) throws ServiceLayerException, UserNotFoundException, AuthenticationException {
        ValidationUtils.validateEnableUsers(enableUsers);
        List<User> enableUsers2 = this.userService.enableUsers(enableUsers.getIds(), enableUsers.getUsernames(), false);
        ResponseBody responseBody = new ResponseBody();
        ResultList resultList = new ResultList();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities(ResultConstants.RESULT_KEY_USERS, enableUsers2);
        responseBody.setResult(resultList);
        return responseBody;
    }

    @GetMapping({"/{id}/sites"})
    public ResponseBody getUserSites(@PathVariable("id") String str, @RequestParam(value = "offset", required = false, defaultValue = "0") int i, @RequestParam(value = "limit", required = false, defaultValue = "10") int i2) throws ServiceLayerException, UserNotFoundException {
        int i3 = -1;
        String str2 = "";
        if (StringUtils.isNumeric(str)) {
            i3 = Integer.parseInt(str);
        } else {
            str2 = str;
        }
        List paginate = PaginationUtils.paginate(this.userService.getUserSites(i3, str2), i, i2, "siteId");
        PaginatedResultList paginatedResultList = new PaginatedResultList();
        paginatedResultList.setResponse(ApiResponse.OK);
        paginatedResultList.setTotal(r0.size());
        paginatedResultList.setOffset(i);
        paginatedResultList.setLimit(i2);
        paginatedResultList.setEntities(ResultConstants.RESULT_KEY_SITES, paginate);
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(paginatedResultList);
        return responseBody;
    }

    @GetMapping({"/{id}/sites/{site}/roles"})
    public ResponseBody getUserSiteRoles(@PathVariable("id") String str, @PathVariable("site") String str2) throws ServiceLayerException, UserNotFoundException {
        int i = -1;
        String str3 = "";
        if (StringUtils.isNumeric(str)) {
            i = Integer.parseInt(str);
        } else {
            str3 = str;
        }
        List<String> userSiteRoles = this.userService.getUserSiteRoles(i, str3, str2);
        ResultList resultList = new ResultList();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities(ResultConstants.RESULT_KEY_ROLES, userSiteRoles);
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(resultList);
        return responseBody;
    }

    @GetMapping({RequestMappingConstants.ME})
    public ResponseBody getCurrentUser() throws AuthenticationException, ServiceLayerException {
        AuthenticatedUser currentUser = this.userService.getCurrentUser();
        ResultOne resultOne = new ResultOne();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity(ResultConstants.RESULT_KEY_CURRENT_USER, currentUser);
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(resultOne);
        return responseBody;
    }

    @GetMapping({"/me/sites"})
    public ResponseBody getCurrentUserSites(@RequestParam(value = "offset", required = false, defaultValue = "0") int i, @RequestParam(value = "limit", required = false, defaultValue = "10") int i2) throws AuthenticationException, ServiceLayerException {
        List paginate = PaginationUtils.paginate(this.userService.getCurrentUserSites(), i, i2, "siteId");
        PaginatedResultList paginatedResultList = new PaginatedResultList();
        paginatedResultList.setResponse(ApiResponse.OK);
        paginatedResultList.setTotal(r0.size());
        paginatedResultList.setOffset(i);
        paginatedResultList.setLimit(i2);
        paginatedResultList.setEntities(ResultConstants.RESULT_KEY_SITES, paginate);
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(paginatedResultList);
        return responseBody;
    }

    @GetMapping({"/me/sites/{site}/roles"})
    public ResponseBody getCurrentUserSiteRoles(@PathVariable("site") String str) throws AuthenticationException, ServiceLayerException {
        List<String> currentUserSiteRoles = this.userService.getCurrentUserSiteRoles(str);
        ResultList resultList = new ResultList();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities(ResultConstants.RESULT_KEY_ROLES, currentUserSiteRoles);
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(resultList);
        return responseBody;
    }

    @GetMapping({"/me/logout/sso/url"})
    @ResponseStatus(HttpStatus.SERVICE_UNAVAILABLE)
    public ResponseBody getCurrentUserSsoLogoutUrl() {
        Result result = new Result();
        result.setResponse(ApiResponse.DEPRECATED);
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(result);
        return responseBody;
    }

    @GetMapping({RequestMappingConstants.FORGOT_PASSWORD})
    public ResponseBody forgotPassword(@RequestParam(value = "username", required = true) String str) throws ServiceLayerException {
        try {
            this.userService.forgotPassword(str);
        } catch (UserExternallyManagedException | UserNotFoundException e) {
            logger.error("Error processing user's forgot password request", e, new Object[0]);
        }
        ResponseBody responseBody = new ResponseBody();
        ResultOne resultOne = new ResultOne();
        resultOne.setEntity("message", "If the user exists, a password recovery email has been sent to them.");
        resultOne.setResponse(ApiResponse.OK);
        responseBody.setResult(resultOne);
        return responseBody;
    }

    @PostMapping({"/me/change_password"})
    public ResponseBody changePassword(@RequestBody ChangePasswordRequest changePasswordRequest) throws PasswordDoesNotMatchException, ServiceLayerException, UserExternallyManagedException, AuthenticationException, UserNotFoundException {
        User changePassword = this.userService.changePassword(changePasswordRequest.getUsername(), changePasswordRequest.getCurrent(), changePasswordRequest.getNewPassword());
        ResponseBody responseBody = new ResponseBody();
        ResultOne resultOne = new ResultOne();
        resultOne.setEntity("user", changePassword);
        resultOne.setResponse(ApiResponse.OK);
        responseBody.setResult(resultOne);
        return responseBody;
    }

    @PostMapping({RequestMappingConstants.SET_PASSWORD})
    public ResponseBody setPassword(@RequestBody SetPasswordRequest setPasswordRequest) throws UserNotFoundException, UserExternallyManagedException, ServiceLayerException {
        int intValue = ((Integer) this.studioConfiguration.getProperty(StudioConfiguration.SECURITY_SET_PASSWORD_DELAY, Integer.class)).intValue();
        try {
            TimeUnit.SECONDS.sleep(intValue);
        } catch (InterruptedException e) {
            logger.debug("Interrupted while delaying request by " + intValue + " seconds.", e, new Object[0]);
        }
        User password = this.userService.setPassword(setPasswordRequest.getToken(), setPasswordRequest.getNewPassword());
        ResponseBody responseBody = new ResponseBody();
        ResultOne resultOne = new ResultOne();
        resultOne.setEntity("user", password);
        resultOne.setResponse(ApiResponse.OK);
        responseBody.setResult(resultOne);
        return responseBody;
    }

    @PostMapping({"/{id}/reset_password"})
    public ResponseBody resetPassword(@PathVariable("id") String str, @RequestBody ResetPasswordRequest resetPasswordRequest) throws UserNotFoundException, UserExternallyManagedException, ServiceLayerException {
        this.userService.resetPassword(resetPasswordRequest.getUsername(), resetPasswordRequest.getNewPassword());
        ResponseBody responseBody = new ResponseBody();
        Result result = new Result();
        result.setResponse(ApiResponse.OK);
        responseBody.setResult(result);
        return responseBody;
    }

    @GetMapping(value = {RequestMappingConstants.VALIDATE_TOKEN}, produces = {"application/json"})
    public ResponseBody validateToken(HttpServletResponse httpServletResponse, @RequestParam(value = "token", required = true) String str) throws UserNotFoundException, UserExternallyManagedException, ServiceLayerException {
        int intValue = ((Integer) this.studioConfiguration.getProperty(StudioConfiguration.SECURITY_SET_PASSWORD_DELAY, Integer.class)).intValue();
        try {
            TimeUnit.SECONDS.sleep(intValue);
        } catch (InterruptedException e) {
            logger.debug("Interrupted while delaying request by " + intValue + " seconds.", e, new Object[0]);
        }
        boolean validateToken = this.userService.validateToken(str);
        ResponseBody responseBody = new ResponseBody();
        Result result = new Result();
        if (validateToken) {
            result.setResponse(ApiResponse.OK);
        } else {
            result.setResponse(ApiResponse.UNAUTHORIZED);
            httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
        }
        responseBody.setResult(result);
        return responseBody;
    }

    @GetMapping(value = {"/me/properties"}, produces = {"application/json"})
    public ResponseBody getUserProperties(@RequestParam(required = false, defaultValue = "") String str) throws ServiceLayerException {
        ResultOne resultOne = new ResultOne();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity(QueryParameterNames.PROPERTIES, this.userService.getUserProperties(str));
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(resultOne);
        return responseBody;
    }

    @PostMapping(value = {"/me/properties"}, consumes = {"application/json"}, produces = {"application/json"})
    public ResponseBody updateUserProperties(@Valid @RequestBody UpdateUserPropertiesRequest updateUserPropertiesRequest) throws ServiceLayerException {
        ResultOne resultOne = new ResultOne();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity(QueryParameterNames.PROPERTIES, this.userService.updateUserProperties(updateUserPropertiesRequest.getSiteId(), updateUserPropertiesRequest.getProperties()));
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(resultOne);
        return responseBody;
    }

    @DeleteMapping(value = {"/me/properties"}, produces = {"application/json"})
    public ResponseBody deleteUserProperties(@RequestParam(required = false, defaultValue = "") String str, @RequestParam List<String> list) throws ServiceLayerException {
        ResultOne resultOne = new ResultOne();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity(QueryParameterNames.PROPERTIES, this.userService.deleteUserProperties(str, list));
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(resultOne);
        return responseBody;
    }

    @GetMapping(value = {"/me/sites/{site}/permissions"}, produces = {"application/json"})
    public ResponseBody getCurrentUserSitePermissions(@PathVariable("site") String str) throws AuthenticationException, ServiceLayerException, UserNotFoundException, ExecutionException {
        List<String> currentUserSitePermissions = this.userService.getCurrentUserSitePermissions(str);
        ResultList resultList = new ResultList();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities("permissions", currentUserSitePermissions);
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(resultList);
        return responseBody;
    }

    @PostMapping(value = {"/me/sites/{site}/has_permissions"}, consumes = {"application/json"}, produces = {"application/json"})
    public ResponseBody checkCurrentUserHasSitePermissions(@PathVariable("site") String str, @RequestBody HasPermissionsRequest hasPermissionsRequest) throws ServiceLayerException, UserNotFoundException, ExecutionException {
        Map<String, Boolean> hasCurrentUserSitePermissions = this.userService.hasCurrentUserSitePermissions(str, hasPermissionsRequest.getPermissions());
        ResultOne resultOne = new ResultOne();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity("permissions", hasCurrentUserSitePermissions);
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(resultOne);
        return responseBody;
    }

    @GetMapping(value = {"/me/global/permissions"}, produces = {"application/json"})
    public ResponseBody getCurrentUserGlobalPermissions() throws AuthenticationException, ServiceLayerException, UserNotFoundException, ExecutionException {
        List<String> currentUserGlobalPermissions = this.userService.getCurrentUserGlobalPermissions();
        ResultList resultList = new ResultList();
        resultList.setResponse(ApiResponse.OK);
        resultList.setEntities("permissions", currentUserGlobalPermissions);
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(resultList);
        return responseBody;
    }

    @PostMapping(value = {"/me/global/has_permissions"}, consumes = {"application/json"}, produces = {"application/json"})
    public ResponseBody checkCurrentUserHasGlobalPermissions(@RequestBody HasPermissionsRequest hasPermissionsRequest) throws ServiceLayerException, UserNotFoundException, ExecutionException {
        Map<String, Boolean> hasCurrentUserGlobalPermissions = this.userService.hasCurrentUserGlobalPermissions(hasPermissionsRequest.getPermissions());
        ResultOne resultOne = new ResultOne();
        resultOne.setResponse(ApiResponse.OK);
        resultOne.setEntity("permissions", hasCurrentUserGlobalPermissions);
        ResponseBody responseBody = new ResponseBody();
        responseBody.setResult(resultOne);
        return responseBody;
    }
}
