package org.molgenis.omx.auth.controller;

import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.molgenis.framework.db.Database;
import org.molgenis.framework.db.DatabaseAccessException;
import org.molgenis.framework.db.DatabaseException;
import org.molgenis.framework.db.QueryRule;
import org.molgenis.framework.server.MolgenisRequest;
import org.molgenis.framework.ui.MolgenisPlugin;
import org.molgenis.omx.auth.Institute;
import org.molgenis.omx.auth.MolgenisUser;
import org.molgenis.omx.auth.service.AccountService;
import org.molgenis.omx.auth.service.CaptchaService;
import org.molgenis.omx.auth.service.MolgenisUserException;
import org.molgenis.omx.auth.service.MolgenisUserService;
import org.molgenis.omx.observ.target.OntologyTerm;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.servlet.tags.form.AbstractHtmlElementTag;

@RequestMapping({UserAccountController.URI})
@Controller
/* loaded from: input_file:WEB-INF/lib/molgenis-omx-auth-0.0.2.jar:org/molgenis/omx/auth/controller/UserAccountController.class */
public class UserAccountController extends MolgenisPlugin {
    public static final String URI = "/plugin/useraccount";

    @Autowired
    private Database database;

    @Autowired
    @Qualifier("unauthorizedDatabase")
    private Database unauthorizedDatabase;

    @Autowired
    private AccountService accountService;

    @Autowired
    private CaptchaService captchaService;

    public UserAccountController() {
        super(URI);
    }

    @RequestMapping(method = {RequestMethod.GET})
    public String showAccount(Model model) throws DatabaseException {
        model.addAttribute("user", getCurrentUser());
        return "view-useraccount";
    }

    @RequestMapping(value = {"/update"}, method = {RequestMethod.POST}, headers = {"Content-Type=application/x-www-form-urlencoded"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void updateAccount(HttpServletRequest httpServletRequest) throws Exception {
        MolgenisUserService molgenisUserService = MolgenisUserService.getInstance(this.database);
        if (StringUtils.isNotEmpty(httpServletRequest.getParameter("oldpwd")) || StringUtils.isNotEmpty(httpServletRequest.getParameter("newpwd")) || StringUtils.isNotEmpty(httpServletRequest.getParameter("newpwd2"))) {
            molgenisUserService.checkPassword(this.database.getLogin().getUserName(), httpServletRequest.getParameter("oldpwd"), httpServletRequest.getParameter("newpwd"), httpServletRequest.getParameter("newpwd2"));
        }
        MolgenisUser findById = molgenisUserService.findById(this.database.getLogin().getUserId());
        updateMolgenisUser(findById, new MolgenisRequest(httpServletRequest));
        molgenisUserService.update(findById);
    }

    @ExceptionHandler({DatabaseAccessException.class})
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    private void handleDatabaseAccessException(DatabaseAccessException databaseAccessException) {
    }

    @ExceptionHandler({CaptchaService.CaptchaException.class})
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    private void handleCaptchaException(CaptchaService.CaptchaException captchaException) {
    }

    private MolgenisUser updateMolgenisUser(MolgenisUser molgenisUser, MolgenisRequest molgenisRequest) throws MolgenisUserException, DatabaseException {
        if (!StringUtils.equals(molgenisRequest.getString("newpwd"), molgenisRequest.getString("newpwd2"))) {
            throw new MolgenisUserException("Passwords do not match.");
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("newpwd"))) {
            molgenisUser.setPassword(molgenisRequest.getString("newpwd"));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("emailaddress"))) {
            molgenisUser.setEmail(molgenisRequest.getString("emailaddress"));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("phone"))) {
            molgenisUser.setPhone(molgenisRequest.getString("phone"));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("fax"))) {
            molgenisUser.setFax(molgenisRequest.getString("fax"));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("tollFreePhone"))) {
            molgenisUser.setTollFreePhone(molgenisRequest.getString("tollFreePhone"));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("address"))) {
            molgenisUser.setAddress(molgenisRequest.getString("address"));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString(AbstractHtmlElementTag.TITLE_ATTRIBUTE))) {
            molgenisUser.setTitle(molgenisRequest.getString(AbstractHtmlElementTag.TITLE_ATTRIBUTE));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("lastname"))) {
            molgenisUser.setLastName(molgenisRequest.getString("lastname"));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("firstname"))) {
            molgenisUser.setFirstName(molgenisRequest.getString("firstname"));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("institute"))) {
            molgenisUser.setAffiliation_Id(getInstitute(molgenisRequest.getString("institute"), this.database));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("department"))) {
            molgenisUser.setDepartment(molgenisRequest.getString("department"));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("position"))) {
            molgenisUser.setRoles_Id(getRole(molgenisRequest.getString("position"), this.database));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("city"))) {
            molgenisUser.setCity(molgenisRequest.getString("city"));
        }
        if (StringUtils.isNotEmpty(molgenisRequest.getString("country"))) {
            molgenisUser.setCountry(molgenisRequest.getString("country"));
        }
        return molgenisUser;
    }

    private Integer getInstitute(String str, Database database) throws DatabaseException {
        if (str == null || str.isEmpty()) {
            return null;
        }
        List find = database.find(Institute.class, new QueryRule("Name", QueryRule.Operator.EQUALS, str));
        if (find.size() != 0) {
            if (find.size() == 1) {
                return ((Institute) find.get(0)).getId();
            }
            throw new DatabaseException("Multiple institutes named '" + str + "' found");
        }
        Institute institute = new Institute();
        institute.setName(str);
        database.add((Database) institute);
        return institute.getId();
    }

    private Integer getRole(String str, Database database) throws DatabaseException {
        if (str == null || str.isEmpty()) {
            return null;
        }
        List find = database.find(OntologyTerm.class, new QueryRule("Name", QueryRule.Operator.EQUALS, str));
        if (find.size() != 0) {
            if (find.size() == 1) {
                return ((OntologyTerm) find.get(0)).getId();
            }
            throw new DatabaseException("Multiple ontologyTerms for role '" + str + "' found");
        }
        OntologyTerm ontologyTerm = new OntologyTerm();
        ontologyTerm.setName(str);
        database.add((Database) ontologyTerm);
        return ontologyTerm.getId();
    }

    private MolgenisUser getCurrentUser() throws DatabaseException {
        return getMolgenisUserService().findById(this.database.getLogin().getUserId());
    }

    private MolgenisUserService getMolgenisUserService() {
        return MolgenisUserService.getInstance(this.database);
    }
}
