package org.syncope.core.rest.controller;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javassist.NotFoundException;
import javax.servlet.http.HttpServletResponse;
import org.hibernate.secure.HibernatePermission;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
import org.syncope.client.mod.UserMod;
import org.syncope.client.search.NodeCond;
import org.syncope.client.to.MembershipTO;
import org.syncope.client.to.UserTO;
import org.syncope.client.to.WorkflowFormTO;
import org.syncope.core.notification.NotificationManager;
import org.syncope.core.persistence.beans.user.SyncopeUser;
import org.syncope.core.persistence.dao.UserDAO;
import org.syncope.core.persistence.dao.UserSearchDAO;
import org.syncope.core.propagation.PropagationByResource;
import org.syncope.core.propagation.PropagationException;
import org.syncope.core.propagation.PropagationManager;
import org.syncope.core.rest.data.UserDataBinder;
import org.syncope.core.util.EntitlementUtil;
import org.syncope.core.workflow.UserWorkflowAdapter;
import org.syncope.core.workflow.WorkflowException;
import org.syncope.core.workflow.WorkflowResult;

@RequestMapping({"/user"})
@Controller
/* loaded from: input_file:WEB-INF/classes/org/syncope/core/rest/controller/UserController.class */
public class UserController {
    private static final Logger LOG = LoggerFactory.getLogger(UserController.class);

    @Autowired
    private UserDAO userDAO;

    @Autowired
    private UserSearchDAO searchDAO;

    @Autowired
    private UserDataBinder dataBinder;

    @Autowired
    private UserWorkflowAdapter wfAdapter;

    @Autowired
    private PropagationManager propagationManager;

    @Autowired
    private NotificationManager notificationManager;

    @RequestMapping(method = {RequestMethod.GET}, value = {"/verifyPassword/{userId}"})
    @Transactional(readOnly = true)
    @PreAuthorize("hasRole('USER_READ')")
    public ModelAndView verifyPassword(@PathVariable("userId") Long l, @RequestParam("password") String str) throws NotFoundException, UnauthorizedRoleException {
        return new ModelAndView().addObject(Boolean.valueOf(this.dataBinder.verifyPassword(l, str)));
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/count"})
    @Transactional(readOnly = true, rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('USER_LIST')")
    public ModelAndView count() {
        return new ModelAndView().addObject(this.userDAO.count(EntitlementUtil.getRoleIds(EntitlementUtil.getOwnedEntitlementNames())));
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/search/count"})
    @Transactional(readOnly = true, rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('USER_READ')")
    public ModelAndView searchCount(@RequestBody NodeCond nodeCond) throws InvalidSearchConditionException {
        if (nodeCond.checkValidity()) {
            return new ModelAndView().addObject(this.searchDAO.count(EntitlementUtil.getRoleIds(EntitlementUtil.getOwnedEntitlementNames()), nodeCond));
        }
        LOG.error("Invalid search condition: {}", nodeCond);
        throw new InvalidSearchConditionException();
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/list"})
    @Transactional(readOnly = true, rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('USER_LIST')")
    public List<UserTO> list() {
        List<SyncopeUser> findAll = this.userDAO.findAll(EntitlementUtil.getRoleIds(EntitlementUtil.getOwnedEntitlementNames()));
        ArrayList arrayList = new ArrayList(findAll.size());
        Iterator<SyncopeUser> it = findAll.iterator();
        while (it.hasNext()) {
            arrayList.add(this.dataBinder.getUserTO(it.next()));
        }
        return arrayList;
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/list/{page}/{size}"})
    @Transactional(readOnly = true, rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('USER_LIST')")
    public List<UserTO> list(@PathVariable("page") int i, @PathVariable("size") int i2) {
        List<SyncopeUser> findAll = this.userDAO.findAll(EntitlementUtil.getRoleIds(EntitlementUtil.getOwnedEntitlementNames()), i, i2);
        ArrayList arrayList = new ArrayList(findAll.size());
        Iterator<SyncopeUser> it = findAll.iterator();
        while (it.hasNext()) {
            arrayList.add(this.dataBinder.getUserTO(it.next()));
        }
        return arrayList;
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/read/{userId}"})
    @Transactional(readOnly = true, rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('USER_READ')")
    public UserTO read(@PathVariable("userId") Long l) throws NotFoundException, UnauthorizedRoleException {
        return this.dataBinder.getUserTO(l);
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/read"})
    @Transactional(readOnly = true, rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('USER_READ')")
    public UserTO read(@RequestParam("username") String str) throws NotFoundException, UnauthorizedRoleException {
        return this.dataBinder.getUserTO(str);
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/search"})
    @Transactional(readOnly = true, rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('USER_READ')")
    public List<UserTO> search(@RequestBody NodeCond nodeCond) throws InvalidSearchConditionException {
        LOG.debug("User search called with condition {}", nodeCond);
        if (!nodeCond.checkValidity()) {
            LOG.error("Invalid search condition: {}", nodeCond);
            throw new InvalidSearchConditionException();
        }
        List<SyncopeUser> search = this.searchDAO.search(EntitlementUtil.getRoleIds(EntitlementUtil.getOwnedEntitlementNames()), nodeCond);
        ArrayList arrayList = new ArrayList(search.size());
        Iterator<SyncopeUser> it = search.iterator();
        while (it.hasNext()) {
            arrayList.add(this.dataBinder.getUserTO(it.next()));
        }
        return arrayList;
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/search/{page}/{size}"})
    @Transactional(readOnly = true, rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('USER_READ')")
    public List<UserTO> search(@RequestBody NodeCond nodeCond, @PathVariable("page") int i, @PathVariable("size") int i2) throws InvalidSearchConditionException {
        LOG.debug("User search called with condition {}", nodeCond);
        if (!nodeCond.checkValidity()) {
            LOG.error("Invalid search condition: {}", nodeCond);
            throw new InvalidSearchConditionException();
        }
        List<SyncopeUser> search = this.searchDAO.search(EntitlementUtil.getRoleIds(EntitlementUtil.getOwnedEntitlementNames()), nodeCond, i, i2);
        ArrayList arrayList = new ArrayList(search.size());
        Iterator<SyncopeUser> it = search.iterator();
        while (it.hasNext()) {
            arrayList.add(this.dataBinder.getUserTO(it.next()));
        }
        return arrayList;
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/create"})
    @PreAuthorize("hasRole('USER_CREATE')")
    public UserTO create(HttpServletResponse httpServletResponse, @RequestBody UserTO userTO) throws PropagationException, UnauthorizedRoleException, WorkflowException, NotFoundException {
        LOG.debug("User create called with {}", userTO);
        HashSet hashSet = new HashSet(userTO.getMemberships().size());
        Iterator<MembershipTO> it = userTO.getMemberships().iterator();
        while (it.hasNext()) {
            hashSet.add(Long.valueOf(it.next().getRoleId()));
        }
        hashSet.removeAll(EntitlementUtil.getRoleIds(EntitlementUtil.getOwnedEntitlementNames()));
        if (!hashSet.isEmpty()) {
            throw new UnauthorizedRoleException(hashSet);
        }
        WorkflowResult<Map.Entry<Long, Boolean>> create = this.wfAdapter.create(userTO);
        this.propagationManager.execute(this.propagationManager.getCreateTaskIds(create, userTO.getPassword(), userTO.getVirtualAttributes()));
        this.notificationManager.createTasks(new WorkflowResult<>(create.getResult().getKey(), create.getPropByRes(), create.getPerformedTasks()));
        UserTO userTO2 = this.dataBinder.getUserTO(create.getResult().getKey());
        LOG.debug("About to return created user\n{}", userTO2);
        httpServletResponse.setStatus(201);
        return userTO2;
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/activate"})
    @PreAuthorize("hasRole('USER_UPDATE')")
    public UserTO activate(@RequestBody UserTO userTO) throws WorkflowException, NotFoundException, UnauthorizedRoleException, PropagationException {
        WorkflowResult<Long> activate = this.wfAdapter.activate(Long.valueOf(userTO.getId()), userTO.getToken());
        this.propagationManager.execute(this.propagationManager.getUpdateTaskIds(activate, Boolean.TRUE));
        this.notificationManager.createTasks(activate);
        UserTO userTO2 = this.dataBinder.getUserTO(activate.getResult());
        LOG.debug("About to return activated user\n{}", userTO2);
        return userTO2;
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/update"})
    @PreAuthorize("hasRole('USER_UPDATE')")
    public UserTO update(@RequestBody UserMod userMod) throws NotFoundException, PropagationException, UnauthorizedRoleException, WorkflowException {
        LOG.debug("User update called with {}", userMod);
        WorkflowResult<Long> update = this.wfAdapter.update(userMod);
        this.propagationManager.execute(this.propagationManager.getUpdateTaskIds(update, userMod.getPassword(), userMod.getVirtualAttributesToBeRemoved(), userMod.getVirtualAttributesToBeUpdated(), null));
        this.notificationManager.createTasks(update);
        UserTO userTO = this.dataBinder.getUserTO(update.getResult());
        LOG.debug("About to return updated user\n{}", userTO);
        return userTO;
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/suspend/{userId}"})
    @PreAuthorize("hasRole('USER_UPDATE')")
    public UserTO suspend(@PathVariable("userId") Long l) throws NotFoundException, WorkflowException, UnauthorizedRoleException, PropagationException {
        LOG.debug("About to suspend " + l);
        WorkflowResult<Long> suspend = this.wfAdapter.suspend(l);
        this.propagationManager.execute(this.propagationManager.getUpdateTaskIds(suspend, Boolean.FALSE));
        this.notificationManager.createTasks(suspend);
        UserTO userTO = this.dataBinder.getUserTO(suspend.getResult());
        LOG.debug("About to return suspended user\n{}", userTO);
        return userTO;
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/reactivate/{userId}"})
    @PreAuthorize("hasRole('USER_UPDATE')")
    public UserTO reactivate(@PathVariable("userId") Long l) throws NotFoundException, WorkflowException, UnauthorizedRoleException, PropagationException {
        LOG.debug("About to reactivate " + l);
        WorkflowResult<Long> reactivate = this.wfAdapter.reactivate(l);
        this.propagationManager.execute(this.propagationManager.getUpdateTaskIds(reactivate, Boolean.TRUE));
        this.notificationManager.createTasks(reactivate);
        UserTO userTO = this.dataBinder.getUserTO(reactivate.getResult());
        LOG.debug("About to return suspended user\n{}", userTO);
        return userTO;
    }

    @RequestMapping(method = {RequestMethod.DELETE}, value = {"/delete/{userId}"})
    @PreAuthorize("hasRole('USER_DELETE')")
    public void delete(@PathVariable("userId") Long l) throws NotFoundException, WorkflowException, PropagationException, UnauthorizedRoleException {
        LOG.debug("User delete called with {}", l);
        this.notificationManager.createTasks(new WorkflowResult<>(l, (PropagationByResource) null, HibernatePermission.DELETE));
        this.propagationManager.execute(this.propagationManager.getDeleteTaskIds(l));
        this.wfAdapter.delete(l);
        LOG.debug("User successfully deleted: {}", l);
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/execute/workflow/{taskId}"})
    @PreAuthorize("hasRole('USER_UPDATE')")
    public UserTO executeWorkflow(@RequestBody UserTO userTO, @PathVariable("taskId") String str) throws WorkflowException, NotFoundException, UnauthorizedRoleException, PropagationException {
        LOG.debug("About to execute {} on {}", str, Long.valueOf(userTO.getId()));
        WorkflowResult<Long> execute = this.wfAdapter.execute(userTO, str);
        this.propagationManager.execute(this.propagationManager.getUpdateTaskIds(execute, null));
        this.notificationManager.createTasks(execute);
        UserTO userTO2 = this.dataBinder.getUserTO(execute.getResult());
        LOG.debug("About to return updated user\n{}", userTO2);
        return userTO2;
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/workflow/form/list"})
    @Transactional(readOnly = true, rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('WORKFLOW_FORM_LIST')")
    public List<WorkflowFormTO> getForms() {
        return this.wfAdapter.getForms();
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/workflow/form/{userId}"})
    @Transactional(readOnly = true, rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('WORKFLOW_FORM_READ') and hasRole('USER_READ')")
    public WorkflowFormTO getFormForUser(@PathVariable("userId") Long l) throws UnauthorizedRoleException, NotFoundException, WorkflowException {
        return this.wfAdapter.getForm(this.dataBinder.getUserFromId(l).getWorkflowId());
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/workflow/form/claim/{taskId}"})
    @Transactional(rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('WORKFLOW_FORM_CLAIM')")
    public WorkflowFormTO claimForm(@PathVariable("taskId") String str) throws NotFoundException, WorkflowException {
        return this.wfAdapter.claimForm(str, SecurityContextHolder.getContext().getAuthentication().getName());
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/workflow/form/submit"})
    @Transactional(rollbackFor = {Throwable.class})
    @PreAuthorize("hasRole('WORKFLOW_FORM_SUBMIT')")
    public UserTO submitForm(@RequestBody WorkflowFormTO workflowFormTO) throws NotFoundException, WorkflowException, PropagationException, UnauthorizedRoleException {
        LOG.debug("About to process form {}", workflowFormTO);
        WorkflowResult<Map.Entry<Long, String>> submitForm = this.wfAdapter.submitForm(workflowFormTO, SecurityContextHolder.getContext().getAuthentication().getName());
        this.propagationManager.execute(this.propagationManager.getUpdateTaskIds(new WorkflowResult<>(submitForm.getResult().getKey(), submitForm.getPropByRes(), submitForm.getPerformedTasks()), submitForm.getResult().getValue(), null, null, Boolean.TRUE));
        UserTO userTO = this.dataBinder.getUserTO(submitForm.getResult().getKey());
        LOG.debug("About to return user after form processing\n{}", userTO);
        return userTO;
    }
}
