package controllers;

import com.avaje.ebean.Junction;
import com.avaje.ebean.annotation.Transactional;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.feth.play.module.mail.Mailer;
import com.feth.play.module.pa.PlayAuthenticate;
import controllers.annotation.AnonymousCheck;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.naming.AuthenticationException;
import javax.naming.CommunicationException;
import javax.naming.NamingException;
import jxl.write.WriteException;
import models.Attachment;
import models.AuthInfo;
import models.CandidateUser;
import models.Email;
import models.Issue;
import models.NotificationMail;
import models.Organization;
import models.Project;
import models.PullRequest;
import models.RecentProject;
import models.User;
import models.UserCredential;
import models.UserSetting;
import models.UserVerification;
import models.enumeration.Operation;
import models.enumeration.UserState;
import models.support.LdapUser;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.apache.shiro.util.ByteSource;
import org.joda.time.LocalDateTime;
import play.Configuration;
import play.Logger;
import play.Play;
import play.core.enhancers.PropertiesEnhancer;
import play.data.Form;
import play.i18n.Messages;
import play.libs.Json;
import play.mvc.BodyParser;
import play.mvc.Controller;
import play.mvc.Http;
import play.mvc.Result;
import utils.AccessControl;
import utils.CacheStore;
import utils.Config;
import utils.Constants;
import utils.ErrorViews;
import utils.HtmlUtil;
import utils.HttpUtil;
import utils.LdapService;
import utils.PasswordReset;
import utils.ReservedWordsValidator;
import views.html.common.usermenu_tab_content_list;
import views.html.user.edit;
import views.html.user.edit_emails;
import views.html.user.edit_notifications;
import views.html.user.edit_password;
import views.html.user.edit_token;
import views.html.user.login;
import views.html.user.signup;
import views.html.user.userFiles;
import views.html.user.verified;
import views.html.user.view;

@PropertiesEnhancer.GeneratedAccessor
@PropertiesEnhancer.RewrittenAccessor
/* loaded from: input_file:controllers/UserApp.class */
public class UserApp extends Controller {
    public static final String SESSION_USERID = "userId";
    public static final String SESSION_LOGINID = "loginId";
    public static final String SESSION_USERNAME = "userName";
    public static final String SESSION_KEY = "key";
    public static final String TOKEN = "yobi.token";
    public static final String TOKEN_SEPARATOR = ":";
    public static final int TOKEN_LENGTH = 2;
    public static final int MAX_AGE = 2592000;
    private static final int AVATAR_FILE_LIMIT_SIZE = 1024000;
    public static final int MAX_FETCH_USERS = 10;
    private static final int HASH_ITERATIONS = 1024;
    public static final int DAYS_AGO = 14;
    public static final int UNDEFINED = 0;
    public static final String DAYS_AGO_COOKIE = "daysAgo";
    public static final String DEFAULT_GROUP = "own";
    public static final String DEFAULT_SELECTED_TAB = "projects";
    public static final String TOKEN_USER = "TOKEN_USER";
    public static final String USER_TOKEN_HEADER = "Yona-Token";
    public static final String FLASH_MESSAGE_KEY = "message";
    public static final String FLASH_ERROR_KEY = "error";
    public static final String DEFAULT_AVATAR_URL = routes.Assets.at("images/default-avatar-128.png").url();
    public static final boolean useSocialLoginOnly = Configuration.root().getBoolean("application.use.social.login.only", false).booleanValue();
    private static boolean usingEmailVerification = Configuration.root().getBoolean("application.use.email.verification", false).booleanValue();

    @PropertiesEnhancer.GeneratedAccessor
    @PropertiesEnhancer.RewrittenAccessor
    /* renamed from: controllers.UserApp$4, reason: invalid class name */
    /* loaded from: input_file:controllers/UserApp$4.class */
    static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] $SwitchMap$controllers$UserApp$UserInfoFormTabType = new int[UserInfoFormTabType.values().length];

        static {
            try {
                $SwitchMap$controllers$UserApp$UserInfoFormTabType[UserInfoFormTabType.PASSWORD.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$controllers$UserApp$UserInfoFormTabType[UserInfoFormTabType.NOTIFICATIONS.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$controllers$UserApp$UserInfoFormTabType[UserInfoFormTabType.EMAILS.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$controllers$UserApp$UserInfoFormTabType[UserInfoFormTabType.TOKEN_RESET.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$controllers$UserApp$UserInfoFormTabType[UserInfoFormTabType.TOKEN.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$controllers$UserApp$UserInfoFormTabType[UserInfoFormTabType.PROFILE.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    @PropertiesEnhancer.GeneratedAccessor
    @PropertiesEnhancer.RewrittenAccessor
    /* loaded from: input_file:controllers/UserApp$UserInfoFormTabType.class */
    private enum UserInfoFormTabType {
        PROFILE("profile"),
        PASSWORD("password"),
        NOTIFICATIONS("notifications"),
        EMAILS("emails"),
        TOKEN("token"),
        TOKEN_RESET("token_reset");

        private String tabId;

        UserInfoFormTabType(String str) {
            this.tabId = str;
        }

        public String value() {
            return this.tabId;
        }

        public static UserInfoFormTabType fromString(String str) throws IllegalArgumentException {
            for (UserInfoFormTabType userInfoFormTabType : values()) {
                if (userInfoFormTabType.value().equalsIgnoreCase(str)) {
                    return userInfoFormTabType;
                }
            }
            throw new IllegalArgumentException("Invalid tabId");
        }
    }

    @AnonymousCheck
    public static Result users(String str) {
        if (!StringUtils.defaultString(request().getHeader("referer"), Issue.TO_BE_ASSIGNED).endsWith("members") || !request().accepts("application/json")) {
            return status(406);
        }
        if (StringUtils.isEmpty(str)) {
            return ok(Json.toJson(new ArrayList()));
        }
        ArrayList arrayList = new ArrayList();
        Junction disjunction = User.find.select("loginId, name").where().ne("state", UserState.DELETED).disjunction();
        disjunction.icontains(SESSION_LOGINID, str);
        disjunction.icontains("name", str);
        disjunction.endJunction();
        int findRowCount = disjunction.findRowCount();
        if (findRowCount > 10) {
            disjunction.setMaxRows(10);
            response().setHeader("Content-Range", "items 10/" + findRowCount);
        }
        for (User user : disjunction.findList()) {
            HashMap hashMap = new HashMap();
            hashMap.put(Constants.INFO, String.format("<img class='mention_image' src='%s'>", user.avatarUrl()) + String.format("<b class='mention_name'>%s</b>", user.getName()) + String.format("<span class='mention_username'> @%s</span>", user.getLoginId()));
            hashMap.put(SESSION_LOGINID, user.getLoginId());
            arrayList.add(hashMap);
        }
        return ok(Json.toJson(arrayList));
    }

    public static void noCache(Http.Response response) {
        response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
        response.setHeader("Pragma", "no-cache");
        response.setHeader("Expires", "0");
    }

    public static Result loginForm() {
        noCache(response());
        if (!currentUser().isAnonymous()) {
            return redirect(routes.Application.index());
        }
        String queryString = request().getQueryString("redirectUrl");
        String url = routes.UserApp.loginForm().url();
        String header = request().getHeader("Referer");
        if (StringUtils.isEmpty(queryString) && !StringUtils.equals(url, header)) {
            queryString = request().getHeader("Referer");
        }
        if (!PlayAuthenticate.isLoggedIn(session())) {
            return ok(login.render("title.login", Form.form(AuthInfo.class), queryString));
        }
        linkWithExistedOrCreateLocalUser();
        return redirect(queryString);
    }

    public static Result logout() {
        processLogout();
        flash(Constants.SUCCESS, "user.logout.success");
        return redirect(request().getHeader("Referer"));
    }

    public static Result login() {
        noCache(response());
        if (!useSocialLoginOnly) {
            return HttpUtil.isJSONPreferred(request()).booleanValue() ? loginByAjaxRequest() : loginByFormRequest();
        }
        flash("error", Messages.get("app.warn.support.social.login.only", new Object[0]));
        return Application.index();
    }

    private static Result loginByFormRequest() {
        Form bindFromRequest = Form.form(AuthInfo.class).bindFromRequest(new String[0]);
        if (bindFromRequest.hasErrors()) {
            flash(Constants.WARNING, "user.login.required");
            return badRequest(login.render("title.login", bindFromRequest, null));
        }
        User findByLoginKey = User.findByLoginKey(((AuthInfo) bindFromRequest.get()).getLoginIdOrEmail());
        if (isUsingSignUpConfirm() && User.findByLoginId(findByLoginKey.getLoginId()).getState() == UserState.LOCKED) {
            flash(Constants.WARNING, "user.locked");
            return redirect(getLoginFormURLWithRedirectURL());
        }
        if (User.findByLoginId(findByLoginKey.getLoginId()).getState() == UserState.DELETED) {
            flash(Constants.WARNING, "user.deleted");
            return redirect(getLoginFormURLWithRedirectURL());
        }
        User user = User.anonymous;
        User authenticateWithLdap = LdapService.useLdap ? authenticateWithLdap(((AuthInfo) bindFromRequest.get()).getLoginIdOrEmail(), ((AuthInfo) bindFromRequest.get()).getPassword()) : authenticateWithPlainPassword(findByLoginKey.getLoginId(), ((AuthInfo) bindFromRequest.get()).getPassword());
        if (!authenticateWithLdap.isAnonymous()) {
            authenticateWithLdap.refresh();
        }
        if (authenticateWithLdap.isLocked()) {
            flash(Constants.WARNING, "user.locked");
            return logout();
        }
        if (authenticateWithLdap.isAnonymous()) {
            flash(Constants.WARNING, "user.login.invalid");
            return redirect(getLoginFormURLWithRedirectURL());
        }
        addUserInfoToSession(authenticateWithLdap);
        if (((AuthInfo) bindFromRequest.get()).getRememberMe()) {
            setupRememberMe(authenticateWithLdap);
        }
        authenticateWithLdap.setLang(Http.Context.current().lang().code());
        authenticateWithLdap.update();
        String redirectURLFromParams = getRedirectURLFromParams();
        return StringUtils.isEmpty(redirectURLFromParams) ? redirect(routes.Application.index()) : redirect(encodedPath(redirectURLFromParams));
    }

    private static String encodedPath(String str) {
        String[] split = str.split("/");
        if (split.length == 0) {
            return "/";
        }
        String[] strArr = new String[split.length];
        for (int i = 0; i < split.length; i++) {
            strArr[i] = HttpUtil.encodeUrlString(split[i]);
        }
        return String.join("/", strArr);
    }

    private static Result loginByAjaxRequest() {
        Form bindFromRequest = Form.form(AuthInfo.class).bindFromRequest(new String[0]);
        if (bindFromRequest.hasErrors()) {
            return badRequest(getObjectNodeWithMessage("user.login.required"));
        }
        User findByLoginKey = User.findByLoginKey(((AuthInfo) bindFromRequest.get()).getLoginIdOrEmail());
        if (isUsingSignUpConfirm() && User.findByLoginId(findByLoginKey.getLoginId()).getState() == UserState.LOCKED) {
            return forbidden(getObjectNodeWithMessage("user.locked"));
        }
        if (User.findByLoginId(findByLoginKey.getLoginId()).getState() == UserState.DELETED) {
            return notFound(getObjectNodeWithMessage("user.deleted"));
        }
        User user = User.anonymous;
        User authenticateWithLdap = LdapService.useLdap ? authenticateWithLdap(((AuthInfo) bindFromRequest.get()).getLoginIdOrEmail(), ((AuthInfo) bindFromRequest.get()).getPassword()) : authenticateWithPlainPassword(findByLoginKey.getLoginId(), ((AuthInfo) bindFromRequest.get()).getPassword());
        if (authenticateWithLdap.isLocked()) {
            return forbidden(getObjectNodeWithMessage("user.locked"));
        }
        if (authenticateWithLdap.isAnonymous()) {
            return forbidden(getObjectNodeWithMessage("user.login.invalid"));
        }
        if (((AuthInfo) bindFromRequest.get()).getRememberMe()) {
            setupRememberMe(authenticateWithLdap);
        }
        authenticateWithLdap.refresh();
        authenticateWithLdap.setLang(Http.Context.current().lang().code());
        authenticateWithLdap.update();
        addUserInfoToSession(authenticateWithLdap);
        return ok("{}");
    }

    private static String getRedirectURLFromParams() {
        return HttpUtil.getFirstValueFromQuery(request().body().asFormUrlEncoded(), "redirectUrl");
    }

    private static String getLoginFormURLWithRedirectURL() {
        return routes.UserApp.loginForm().url() + "?redirectUrl=" + getRedirectURLFromParams();
    }

    private static ObjectNode getObjectNodeWithMessage(String str) {
        ObjectNode newObject = Json.newObject();
        newObject.put("message", str);
        return newObject;
    }

    public static User authenticateWithHashedPassword(String str, String str2) {
        return authenticate(str, str2, true);
    }

    public static User authenticateWithPlainPassword(String str, String str2) {
        return authenticate(str, str2, false);
    }

    public static Result signupForm() {
        return !currentUser().isAnonymous() ? redirect(routes.Application.index()) : ok(signup.render("title.signup", Form.form(User.class)));
    }

    @Transactional
    public static Result newUser() {
        Form bindFromRequest = Form.form(User.class).bindFromRequest(new String[0]);
        validate(bindFromRequest);
        if (bindFromRequest.hasErrors()) {
            return badRequest(signup.render("title.signup", bindFromRequest));
        }
        if (!NotificationMail.isAllowedEmailDomains(((User) bindFromRequest.get()).getEmail())) {
            flash(Constants.INFO, "user.unacceptable.email.domain");
            Logger.warn("Signup rejected: " + ((User) bindFromRequest.get()).getName() + " with " + ((User) bindFromRequest.get()).getEmail());
            return badRequest(signup.render("title.signup", bindFromRequest));
        }
        User createNewUser = createNewUser((User) bindFromRequest.get());
        if (isUsingEmailVerification()) {
            if (NotificationMail.isAllowedEmailDomains(createNewUser.getEmail())) {
                flash(Constants.INFO, "user.verification.mail.sent");
            } else {
                flash(Constants.INFO, "user.unacceptable.email.domain");
            }
        }
        if (createNewUser.getState() == UserState.LOCKED && isUsingSignUpConfirm()) {
            flash(Constants.INFO, "user.signup.requested");
        } else {
            addUserInfoToSession(createNewUser);
        }
        return redirect(routes.Application.index());
    }

    private static String newLoginIdWithoutDup(String str, int i) {
        String str2 = str + Issue.TO_BE_ASSIGNED + i;
        return User.findByLoginId(str2).isAnonymous() ? str2 : newLoginIdWithoutDup(str2, i + 1);
    }

    public static User createLocalUserWithOAuth(UserCredential userCredential) {
        if (userCredential.getEmail() == null || "null".equalsIgnoreCase(userCredential.getEmail())) {
            flash("error", Messages.get("app.warn.cannot.access.email.information", new Object[0]));
            Logger.error("Cannot confirm email address of " + userCredential.getId() + ": " + userCredential.getName());
            userCredential.delete();
            forceOAuthLogout();
            return User.anonymous;
        }
        if (!NotificationMail.isAllowedEmailDomains(userCredential.getEmail())) {
            flash(Constants.INFO, "user.unacceptable.email.domain");
            Logger.warn("Signup rejected: " + userCredential.getName() + " with " + userCredential.getEmail());
            userCredential.delete();
            forceOAuthLogout();
            return User.anonymous;
        }
        User createUserDelegate = createUserDelegate(new CandidateUser(userCredential.getName(), userCredential.getEmail()));
        createUserDelegate.refresh();
        createUserDelegate.setState(UserState.ACTIVE);
        createUserDelegate.update();
        userCredential.setLoginId(createUserDelegate.getLoginId());
        userCredential.setUser(createUserDelegate);
        userCredential.update();
        return createUserDelegate;
    }

    private static void forceOAuthLogout() {
        session().put("pa.url.orig", routes.Application.oAuthLogout().url());
    }

    private static User createUserDelegate(CandidateUser candidateUser) {
        String loginId = candidateUser.getLoginId();
        User user = new User();
        if (StringUtils.isBlank(loginId) || LdapService.USE_EMAIL_BASE_LOGIN) {
            loginId = generateLoginId(user, candidateUser.getEmail().substring(0, candidateUser.getEmail().indexOf("@")));
        }
        user.setLoginId(loginId);
        user.setName(candidateUser.getName());
        user.setEmail(candidateUser.getEmail());
        if (StringUtils.isEmpty(candidateUser.getPassword())) {
            user.setPassword(new SecureRandomNumberGenerator().nextBytes().toBase64());
        } else {
            user.setPassword(candidateUser.getPassword());
        }
        user.setIsGuest(candidateUser.isGuest());
        return createNewUser(user);
    }

    public static Result verifyUser(String str, String str2) {
        if (!currentUser().isAnonymous()) {
            return redirect(routes.Application.index());
        }
        UserVerification findbyLoginIdAndVerificationCode = UserVerification.findbyLoginIdAndVerificationCode(str, str2);
        if (findbyLoginIdAndVerificationCode != null && findbyLoginIdAndVerificationCode.isValidDate()) {
            User findByLoginId = User.findByLoginId(str);
            findByLoginId.setState(UserState.ACTIVE);
            findByLoginId.update();
            findbyLoginIdAndVerificationCode.invalidate();
            return ok(verified.render(Issue.TO_BE_ASSIGNED, str));
        }
        return notFound("Invalid verification");
    }

    private static void sendMailAfterUserCreation(User user) {
        if (NotificationMail.isAllowedEmailDomains(user.getEmail())) {
            Mailer.getCustomMailer(Configuration.root().getConfig("play-easymail")).sendMail(new Mailer.Mail(Messages.get("user.verification.signup.confirm", new Object[0]) + ": " + getServeIndexPageUrl(), getNewAccountMailBody(user), new String[]{Mailer.getEmailName(user.getEmail(), user.getName())}));
        } else {
            flash(Constants.INFO, "user.unacceptable.email.domain");
        }
    }

    private static Mailer.Mail.Body getNewAccountMailBody(User user) {
        String str = getServeIndexPageUrl() + routes.PasswordResetApp.lostPassword();
        StringBuilder sb = new StringBuilder();
        StringBuilder sb2 = new StringBuilder();
        if (isUsingEmailVerification()) {
            setVerificationMessage(user, sb, sb2);
        }
        setSignupInfomation(user, str, sb, sb2);
        return new Mailer.Mail.Body(sb2.toString(), sb.toString());
    }

    private static void setSignupInfomation(User user, String str, StringBuilder sb, StringBuilder sb2) {
        sb.append("URL: <a href='").append(getServeIndexPageUrl()).append("'>").append(getServeIndexPageUrl()).append("</a><br/>\n").append("ID: ").append(user.getLoginId()).append("<br/>\n").append("Email: ").append(user.getEmail()).append("<br/>\n<br/>\n").append("Password reset: <a href='").append(str).append("' target='_blank'>").append(str).append("</a><br/>\n");
        sb2.append("URL: ").append(getServeIndexPageUrl()).append(Constants.NEW_LINE_DELIMETER).append("ID: ").append(user.getLoginId()).append(Constants.NEW_LINE_DELIMETER).append("Email: ").append(user.getEmail()).append("\n\n").append("Password reset: ").append(str).append(Constants.NEW_LINE_DELIMETER);
    }

    private static void setVerificationMessage(User user, StringBuilder sb, StringBuilder sb2) {
        UserVerification findbyUser = UserVerification.findbyUser(user);
        if (findbyUser == null) {
            findbyUser = UserVerification.newVerification(user);
        }
        String str = getServeIndexPageUrl() + routes.UserApp.verifyUser(user.getLoginId(), findbyUser.getVerificationCode()).toString();
        sb.append("<h1>").append(Messages.get("user.verification", new Object[0])).append("</h1>\n");
        sb.append("<hr />\n");
        sb.append("<p><a href='").append(str).append("'>").append(Messages.get("user.verification.link.click", new Object[0])).append("</a></p>\n");
        sb.append("<br />\n");
        sb.append("<br />\n");
        sb2.append(Messages.get("user.verification", new Object[0])).append(Constants.NEW_LINE_DELIMETER);
        sb2.append("--------------------------\n");
        sb2.append(str).append(Constants.NEW_LINE_DELIMETER);
        sb2.append(Constants.NEW_LINE_DELIMETER);
        sb2.append(Constants.NEW_LINE_DELIMETER);
    }

    private static String getServeIndexPageUrl() {
        StringBuilder sb = new StringBuilder();
        if (request().secure()) {
            sb.append("https://");
        } else {
            sb.append("http://");
        }
        sb.append(Config.getHostport("localhost:9000"));
        return sb.toString();
    }

    private static String generateLoginId(User user, String str) {
        return User.findByLoginId(str).isAnonymous() ? str : User.findByLoginId(new StringBuilder().append(str).append("-yona").toString()).isAnonymous() ? str + "-yona" : newLoginIdWithoutDup(str, 2);
    }

    @Transactional
    public static Result resetUserPassword() {
        Form bindFromRequest = Form.form(User.class).bindFromRequest(new String[0]);
        if (bindFromRequest.hasErrors()) {
            return badRequest(ErrorViews.BadRequest.render("error.badrequest"));
        }
        User currentUser = currentUser();
        User user = (User) bindFromRequest.get();
        if (!isValidPassword(currentUser, user.getOldPassword())) {
            Form fill = new Form(User.class).fill(currentUser);
            flash(Constants.WARNING, "user.wrongPassword.alert");
            return badRequest(edit.render(fill, currentUser));
        }
        resetPassword(currentUser, user.getPassword());
        processLogout();
        flash(Constants.WARNING, "user.loginWithNewPassword");
        return redirect(routes.UserApp.loginForm());
    }

    public static Result resetUserVisitedList() {
        RecentProject.deleteAll(currentUser());
        flash(Constants.INFO, "userinfo.reset.visited.project.list.done");
        return redirect(routes.UserApp.editUserInfoForm());
    }

    public static boolean isValidPassword(User user, String str) {
        return user.getPassword().equals(hashedPassword(str, user.getPasswordSalt()));
    }

    @Transactional
    public static void resetPassword(User user, String str) {
        user.setPassword(hashedPassword(str, user.getPasswordSalt()));
        user.save();
    }

    @Transactional
    public static User currentUser() {
        User userFromSession = getUserFromSession();
        if (!userFromSession.isAnonymous()) {
            return userFromSession;
        }
        User findUserIfTokenExist = User.findUserIfTokenExist(userFromSession);
        return !findUserIfTokenExist.isAnonymous() ? findUserIfTokenExist : getUserFromContext();
    }

    private static User getUserFromSession() {
        String str = (String) session().get(SESSION_USERID);
        String str2 = (String) session().get(SESSION_KEY);
        if (str == null) {
            return User.anonymous;
        }
        if (!StringUtils.isNumeric(str)) {
            return invalidSession();
        }
        User user = null;
        if (str2 != null && Long.valueOf(str) != null) {
            user = (User) CacheStore.yonaUsers.getIfPresent(Long.valueOf(str));
        }
        return (user == null || user.isLocked()) ? invalidSession() : user;
    }

    private static User getUserFromContext() {
        Object obj = Http.Context.current().args.get(TOKEN_USER);
        if (obj instanceof User) {
            return (User) obj;
        }
        initTokenUser();
        User user = (User) Http.Context.current().args.get(TOKEN_USER);
        if (!user.isLocked()) {
            return user;
        }
        processLogout();
        return User.anonymous;
    }

    public static void initTokenUser() {
        User userFromToken = getUserFromToken();
        Http.Context.current().args.put(TOKEN_USER, userFromToken);
        if (userFromToken.isAnonymous() || !getUserFromSession().isAnonymous()) {
            return;
        }
        addUserInfoToSession(userFromToken);
    }

    private static User getUserFromToken() {
        Http.Cookie cookie = request().cookies().get(TOKEN);
        if (cookie == null) {
            return User.anonymous;
        }
        String[] split = StringUtils.split(cookie.value(), TOKEN_SEPARATOR);
        if (ArrayUtils.getLength(split) != 2) {
            return invalidToken();
        }
        User authenticateWithHashedPassword = authenticateWithHashedPassword(split[0], split[1]);
        return authenticateWithHashedPassword.isAnonymous() ? invalidToken() : authenticateWithHashedPassword;
    }

    private static User invalidSession() {
        session().clear();
        return User.anonymous;
    }

    private static User invalidToken() {
        response().discardCookie(TOKEN);
        return User.anonymous;
    }

    @AnonymousCheck
    public static Result userFiles() {
        String queryString = request().getQueryString("pageNum");
        String queryString2 = request().getQueryString("filter");
        int i = 1;
        if (StringUtils.isNotEmpty(queryString)) {
            i = Integer.parseInt(queryString);
        }
        return ok(userFiles.render("User Files", Attachment.findByUser(currentUser(), 50, i, queryString2)));
    }

    /* JADX WARN: Multi-variable type inference failed */
    @AnonymousCheck
    public static Result userInfo(String str, int i, String str2) {
        Organization findByName = Organization.findByName(str);
        if (findByName != null) {
            return redirect(routes.OrganizationApp.organization(findByName.getName()));
        }
        if (i == 0) {
            Http.Cookie cookie = request().cookie(DAYS_AGO_COOKIE);
            if (cookie == null || !StringUtils.isNotEmpty(cookie.value())) {
                i = 14;
                response().setCookie(DAYS_AGO_COOKIE, 14 + Issue.TO_BE_ASSIGNED);
            } else {
                i = Integer.parseInt(cookie.value());
            }
        } else {
            if (i < 0) {
                i = 1;
            }
            response().setCookie(DAYS_AGO_COOKIE, i + Issue.TO_BE_ASSIGNED);
        }
        User findByLoginId = User.findByLoginId(str);
        List arrayList = new ArrayList();
        List arrayList2 = new ArrayList();
        List arrayList3 = new ArrayList();
        HashMap hashMap = new HashMap();
        if (!Application.HIDE_PROJECT_LISTING || !currentUser().isAnonymous()) {
            arrayList3 = collectProjects(findByLoginId, hashMap);
            arrayList = getAclValidatedIssues(Issue.findRecentlyIssuesByDaysAgo(findByLoginId, i), hashMap);
            arrayList2 = getAclValidatedPullRequests(PullRequest.findOpendPullRequestsByDaysAgo(findByLoginId, i), hashMap);
            sortByLastPushedDateAndName(arrayList3);
        }
        return findByLoginId.isAnonymous() ? notFound(ErrorViews.NotFound.render("user.notExists.name")) : ok(view.render(findByLoginId, arrayList3, arrayList, arrayList2, i, str2));
    }

    private static void sortByLastPushedDateAndName(List<Project> list) {
        Collections.sort(list, new Comparator<Project>() { // from class: controllers.UserApp.1
            @Override // java.util.Comparator
            public int compare(Project project, Project project2) {
                if (project.getLastPushedDate() == null && project2.getLastPushedDate() == null) {
                    return project.getName().compareTo(project2.getName());
                }
                if (project.getLastPushedDate() == null) {
                    return 1;
                }
                if (project2.getLastPushedDate() == null) {
                    return -1;
                }
                int compareTo = project2.getLastPushedDate().compareTo(project.getLastPushedDate());
                return compareTo == 0 ? project.getName().compareTo(project2.getName()) : compareTo;
            }
        });
    }

    private static List<PullRequest> getAclValidatedPullRequests(List<PullRequest> list, Map<Long, Boolean> map) {
        ArrayList arrayList = new ArrayList();
        for (PullRequest pullRequest : list) {
            if (map.getOrDefault(pullRequest.getToProject().getId(), false).booleanValue()) {
                arrayList.add(pullRequest);
            } else if (AccessControl.isAllowed(currentUser(), pullRequest.getToProject().asResource(), Operation.READ)) {
                arrayList.add(pullRequest);
                map.putIfAbsent(pullRequest.getToProject().getId(), true);
            } else {
                map.putIfAbsent(pullRequest.getToProject().getId(), false);
            }
        }
        return arrayList;
    }

    private static List<Issue> getAclValidatedIssues(List<Issue> list, Map<Long, Boolean> map) {
        ArrayList arrayList = new ArrayList();
        for (Issue issue : list) {
            if (map.getOrDefault(issue.getProject().getId(), false).booleanValue()) {
                arrayList.add(issue);
            } else if (AccessControl.isAllowed(currentUser(), issue.getProject().asResource(), Operation.READ)) {
                arrayList.add(issue);
                map.putIfAbsent(issue.getProject().getId(), true);
            } else {
                map.putIfAbsent(issue.getProject().getId(), false);
            }
        }
        return arrayList;
    }

    private static void sortIssues(List<Issue> list) {
        Collections.sort(list, new Comparator<Issue>() { // from class: controllers.UserApp.2
            @Override // java.util.Comparator
            public int compare(Issue issue, Issue issue2) {
                return issue2.getUpdatedDate().compareTo(issue.getUpdatedDate());
            }
        });
    }

    private static void sortPullRequests(List<PullRequest> list) {
        Collections.sort(list, new Comparator<PullRequest>() { // from class: controllers.UserApp.3
            @Override // java.util.Comparator
            public int compare(PullRequest pullRequest, PullRequest pullRequest2) {
                return pullRequest2.getUpdated().compareTo(pullRequest.getUpdated());
            }
        });
    }

    private static List<Project> collectProjects(User user, Map<Long, Boolean> map) {
        ArrayList arrayList = new ArrayList();
        addProjectNotDupped(arrayList, Project.findProjectsByMember(user.getId()), map);
        return arrayList;
    }

    private static void addProjectNotDupped(List<Project> list, List<Project> list2, Map<Long, Boolean> map) {
        for (Project project : list2) {
            if (!list.contains(project)) {
                if (map.containsKey(project.getId())) {
                    if (map.get(project.getId()).booleanValue()) {
                        list.add(project);
                    }
                } else if (AccessControl.isAllowed(currentUser(), project.asResource(), Operation.READ)) {
                    list.add(project);
                    map.putIfAbsent(project.getId(), true);
                } else {
                    map.putIfAbsent(project.getId(), false);
                }
            }
        }
    }

    @AnonymousCheck(requiresLogin = true, displaysFlashMessage = true)
    public static Result editUserInfoForm() {
        User currentUser = currentUser();
        return ok(edit.render(new Form(User.class).fill(currentUser), currentUser));
    }

    @AnonymousCheck(requiresLogin = true, displaysFlashMessage = true)
    public static Result editUserInfoByTabForm(String str) {
        User currentUser = currentUser();
        Form fill = new Form(User.class).fill(currentUser);
        switch (AnonymousClass4.$SwitchMap$controllers$UserApp$UserInfoFormTabType[UserInfoFormTabType.fromString(str).ordinal()]) {
            case 1:
                return ok(edit_password.render(fill, currentUser));
            case TOKEN_LENGTH /* 2 */:
                return ok(edit_notifications.render(fill, currentUser));
            case 3:
                return ok(edit_emails.render(fill, currentUser));
            case 4:
                currentUser.setToken(null);
                break;
            case 5:
                break;
            case 6:
                return ok(edit.render(fill, currentUser));
            default:
                return ok(edit.render(fill, currentUser));
        }
        if (StringUtils.isEmpty(currentUser.getToken())) {
            currentUser.setToken(new Sha256Hash(LocalDateTime.now().toString()).toBase64());
            currentUser.save();
        }
        return ok(edit_token.render(fill, currentUser));
    }

    public static boolean isUsingEmailVerification() {
        return usingEmailVerification;
    }

    @Transactional
    @AnonymousCheck(requiresLogin = true, displaysFlashMessage = true)
    public static Result editUserInfo() {
        Form bindFromRequest = new Form(User.class).bindFromRequest(new String[]{"name", "email"});
        String str = (String) bindFromRequest.data().get("email");
        String defaultSanitize = HtmlUtil.defaultSanitize((String) bindFromRequest.data().get("name"));
        User currentUser = currentUser();
        if (StringUtils.isEmpty(str)) {
            bindFromRequest.reject("email", "user.wrongEmail.alert");
        } else if (!StringUtils.equals(currentUser.getEmail(), str) && User.isEmailExist(str)) {
            bindFromRequest.reject("email", "user.email.duplicate");
        }
        if (bindFromRequest.error("email") != null) {
            flash(Constants.WARNING, bindFromRequest.error("email").message());
            return badRequest(edit.render(bindFromRequest, currentUser));
        }
        currentUser.setEmail(str);
        currentUser.setName(HtmlUtil.defaultSanitize(defaultSanitize));
        try {
            Long valueOf = Long.valueOf((String) bindFromRequest.data().get("avatarId"));
            if (valueOf != null) {
                Attachment attachment = (Attachment) Attachment.find.byId(valueOf);
                String lowerCase = attachment.getMimeType().split("/")[0].toLowerCase();
                if (attachment.getSize().longValue() > 1024000) {
                    bindFromRequest.reject("avatarId", "user.avatar.fileSizeAlert");
                }
                if (lowerCase.equals("image")) {
                    Attachment.deleteAll(currentUser().avatarAsResource());
                    attachment.moveTo(currentUser().avatarAsResource());
                }
            }
        } catch (NumberFormatException e) {
        }
        Email.deleteOtherInvalidEmails(currentUser.getEmail());
        currentUser.update();
        CacheStore.yonaUsers.put(currentUser.getId(), currentUser);
        return redirect(routes.UserApp.userInfo(currentUser.getLoginId(), 14, DEFAULT_SELECTED_TAB));
    }

    @Transactional
    public static Result leave(String str, String str2) {
        ProjectApp.deleteMember(str, str2, currentUser().getId());
        return redirect(routes.UserApp.userInfo(currentUser().getLoginId(), 14, DEFAULT_SELECTED_TAB));
    }

    public static Result isUsed(String str) {
        ObjectNode newObject = Json.newObject();
        newObject.put("isExist", User.isLoginIdExist(str) || Organization.isNameExist(str));
        newObject.put("isReserved", ReservedWordsValidator.isReserved(str));
        return ok(newObject);
    }

    @BodyParser.Of(BodyParser.Json.class)
    public static Result isEmailExist(String str) {
        ObjectNode newObject = Json.newObject();
        newObject.put("isExist", User.isEmailExist(str));
        return ok(newObject);
    }

    public static String hashedPassword(String str, String str2) {
        if (str == null || str2 == null) {
            throw new IllegalArgumentException("Bad password or passwordSalt!");
        }
        return new Sha256Hash(str, ByteSource.Util.bytes(str2), HASH_ITERATIONS).toBase64();
    }

    @Transactional
    public static Result addEmail() {
        Form bindFromRequest = Form.form(Email.class).bindFromRequest(new String[0]);
        String str = (String) bindFromRequest.data().get("email");
        if (bindFromRequest.hasErrors()) {
            flash(Constants.WARNING, bindFromRequest.error("email").message());
            return redirect(routes.UserApp.editUserInfoForm());
        }
        User currentUser = currentUser();
        if (currentUser == null || currentUser.isAnonymous()) {
            return forbidden(ErrorViews.NotFound.render());
        }
        if (User.isEmailExist(str) || Email.exists(str, true) || currentUser.has(str)) {
            flash(Constants.WARNING, Messages.get("user.email.duplicate", new Object[0]));
            return redirect(routes.UserApp.editUserInfoForm());
        }
        Email email = new Email();
        User currentUser2 = currentUser();
        email.setUser(currentUser2);
        email.setEmail(str);
        email.setValid(false);
        currentUser2.addEmail(email);
        return redirect(routes.UserApp.editUserInfoForm());
    }

    @Transactional
    public static Result deleteEmail(Long l) {
        User currentUser = currentUser();
        Email email = (Email) Email.find.byId(l);
        if (currentUser == null || currentUser.isAnonymous() || email == null) {
            return forbidden(ErrorViews.NotFound.render());
        }
        if (!AccessControl.isAllowed(currentUser, email.getUser().asResource(), Operation.DELETE)) {
            return forbidden(ErrorViews.Forbidden.render(Messages.get("error.forbidden", new Object[0])));
        }
        email.delete();
        return redirect(routes.UserApp.editUserInfoForm());
    }

    @Transactional
    public static Result sendValidationEmail(Long l) {
        User currentUser = currentUser();
        Email email = (Email) Email.find.byId(l);
        if (currentUser == null || currentUser.isAnonymous() || email == null) {
            return forbidden(ErrorViews.NotFound.render());
        }
        if (!AccessControl.isAllowed(currentUser, email.getUser().asResource(), Operation.UPDATE)) {
            return forbidden(ErrorViews.Forbidden.render(Messages.get("error.forbidden", new Object[0])));
        }
        email.sendValidationEmail();
        flash(Constants.WARNING, "확인 메일을 전송했습니다.");
        return redirect(routes.UserApp.editUserInfoForm());
    }

    @Transactional
    public static Result confirmEmail(Long l, String str) {
        Email email = (Email) Email.find.byId(l);
        if (email != null && email.validate(str)) {
            addUserInfoToSession(email.getUser());
            return redirect(routes.UserApp.editUserInfoForm());
        }
        return forbidden(ErrorViews.NotFound.render());
    }

    @Transactional
    public static Result setAsMainEmail(Long l) {
        User currentUser = currentUser();
        Email email = (Email) Email.find.byId(l);
        if (currentUser == null || currentUser.isAnonymous() || email == null) {
            return forbidden(ErrorViews.NotFound.render());
        }
        if (!AccessControl.isAllowed(currentUser, email.getUser().asResource(), Operation.UPDATE)) {
            return forbidden(ErrorViews.Forbidden.render(Messages.get("error.forbidden", new Object[0])));
        }
        String email2 = currentUser.getEmail();
        currentUser.setEmail(email.getEmail());
        currentUser.removeEmail(email);
        currentUser.update();
        Email email3 = new Email();
        email3.setValid(true);
        email3.setEmail(email2);
        email3.setUser(currentUser);
        currentUser.addEmail(email3);
        return redirect(routes.UserApp.editUserInfoForm());
    }

    private static User authenticate(String str, String str2, boolean z) {
        User findByLoginId = User.findByLoginId(str);
        if (findByLoginId.isAnonymous()) {
            return findByLoginId;
        }
        return StringUtils.equals(findByLoginId.getPassword(), z ? str2 : hashedPassword(str2, findByLoginId.getPasswordSalt())) ? findByLoginId : User.anonymous;
    }

    public static User authenticateWithLdap(String str, String str2) {
        try {
            LdapUser authenticate = new LdapService().authenticate(str, str2);
            Logger.debug("l: " + authenticate);
            User findByEmail = User.findByEmail(authenticate.getEmail());
            if (findByEmail.isAnonymous()) {
                return createNewUser(str2, authenticate);
            }
            if (!findByEmail.isSamePassword(str2)) {
                User.resetPassword(findByEmail.getLoginId(), str2);
            }
            findByEmail.refresh();
            findByEmail.setName(authenticate.getDisplayName());
            if (StringUtils.isNotBlank(authenticate.getEnglishName())) {
                findByEmail.setEnglishName(authenticate.getEnglishName());
            }
            findByEmail.setIsGuest(authenticate.isGuestUser());
            findByEmail.update();
            return findByEmail;
        } catch (AuthenticationException e) {
            flash(Constants.WARNING, Messages.get("user.login.invalid", new Object[0]));
            Logger.warn("login failed \n" + e.getMessage());
            if (!LdapService.FALLBACK_TO_LOCAL_LOGIN) {
                return User.anonymous;
            }
            Logger.warn("fallback to local login: " + str);
            return authenticateWithPlainPassword(str, str2);
        } catch (CommunicationException e2) {
            Logger.error("Cannot connect to ldap server \n" + e2.getMessage());
            e2.printStackTrace();
            if (!LdapService.FALLBACK_TO_LOCAL_LOGIN) {
                return User.anonymous;
            }
            Logger.warn("fallback to local login: " + str);
            return authenticateWithPlainPassword(str, str2);
        } catch (NamingException e3) {
            Logger.error("Cannot connect to ldap server \n" + e3.getMessage());
            e3.printStackTrace();
            return User.anonymous;
        }
    }

    private static User createNewUser(String str, LdapUser ldapUser) {
        User createUserDelegate = createUserDelegate(new CandidateUser(ldapUser.getDisplayName(), ldapUser.getEmail(), ldapUser.getUserLoginId(), str, ldapUser.isGuestUser()));
        if (createUserDelegate.getState() != UserState.LOCKED) {
            return createUserDelegate;
        }
        flash(Constants.INFO, "user.signup.requested");
        return User.anonymous;
    }

    public static boolean isUsingSignUpConfirm() {
        Configuration configuration = Play.application().configuration();
        Boolean bool = configuration.getBoolean("signup.require.admin.confirm");
        if (bool == null) {
            bool = configuration.getBoolean("signup.require.confirm", false);
        }
        return bool.booleanValue();
    }

    public static void setupRememberMe(User user) {
        response().setCookie(TOKEN, user.getLoginId() + TOKEN_SEPARATOR + user.getPassword(), Integer.valueOf(MAX_AGE));
        Logger.debug("remember me enabled");
    }

    private static void processLogout() {
        session().clear();
        response().discardCookie(TOKEN);
    }

    private static void validate(Form<User> form) {
        if (form.field(SESSION_LOGINID).value().trim().isEmpty()) {
            form.reject(SESSION_LOGINID, "user.wrongloginId.alert");
        }
        if (form.field(SESSION_LOGINID).value().contains(" ")) {
            form.reject(SESSION_LOGINID, "user.wrongloginId.alert");
        }
        if (form.field("password").value().trim().isEmpty()) {
            form.reject("password", "user.wrongPassword.alert");
        }
        if (User.isLoginIdExist(form.field(SESSION_LOGINID).value()) || Organization.isNameExist(form.field(SESSION_LOGINID).value())) {
            form.reject(SESSION_LOGINID, "user.loginId.duplicate");
        }
        if (User.isEmailExist(form.field("email").value())) {
            form.reject("email", "user.email.duplicate");
        }
    }

    public static User createNewUser(User user) {
        user.setPasswordSalt(new SecureRandomNumberGenerator().nextBytes().toBase64());
        user.setPassword(hashedPassword(user.getPassword(), user.getPasswordSalt()));
        if (isUsingSignUpConfirm() || isUsingEmailVerification()) {
            user.setState(UserState.LOCKED);
        } else {
            user.setState(UserState.ACTIVE);
        }
        User.create(user);
        Email.deleteOtherInvalidEmails(user.getEmail());
        if (isUsingEmailVerification()) {
            UserVerification.newVerification(user);
            sendMailAfterUserCreation(user);
        }
        return user;
    }

    public static void addUserInfoToSession(User user) {
        if (user.isLocked()) {
            return;
        }
        String base64 = new Sha256Hash(new Date().toString(), ByteSource.Util.bytes(user.getPasswordSalt()), HASH_ITERATIONS).toBase64();
        CacheStore.yonaUsers.put(user.getId(), user);
        session(SESSION_USERID, String.valueOf(user.getId()));
        session(SESSION_LOGINID, user.getLoginId());
        session(SESSION_USERNAME, user.getName());
        session(SESSION_KEY, base64);
    }

    public static boolean linkWithExistedOrCreateLocalUser() {
        UserCredential findByAuthUserIdentity = UserCredential.findByAuthUserIdentity(PlayAuthenticate.getUser(Http.Context.current().session()));
        User findByEmail = findByAuthUserIdentity.getLoginId() == null ? User.findByEmail(findByAuthUserIdentity.getEmail()) : User.findByLoginId(findByAuthUserIdentity.getLoginId());
        if (PlayAuthenticate.isLoggedIn(session()) && findByEmail.isAnonymous()) {
            return !createLocalUserWithOAuth(findByAuthUserIdentity).isAnonymous();
        }
        if (findByAuthUserIdentity.getLoginId() == null) {
            findByAuthUserIdentity.setLoginId(findByEmail.getLoginId());
            findByAuthUserIdentity.setUser(findByEmail);
            findByAuthUserIdentity.update();
        }
        addUserInfoToSession(findByEmail);
        return true;
    }

    public static void updatePreferredLanguage() {
        Http.Request request = Http.Context.current().request();
        User currentUser = currentUser();
        if (currentUser.isAnonymous()) {
            return;
        }
        if (request.acceptLanguages().isEmpty() && request.cookie(Play.langCookieName()) == null) {
            return;
        }
        String left = StringUtils.left(Http.Context.current().lang().code(), 255);
        if (left.equals(currentUser.getLang())) {
            return;
        }
        synchronized (currentUser) {
            currentUser.refresh();
            currentUser.setLang(left);
            currentUser.update();
        }
    }

    public static Result resetUserPasswordBySiteManager(String str) {
        if (!request().getQueryString("action").equals("resetPassword")) {
            ObjectNode newObject = Json.newObject();
            newObject.put("isSuccess", false);
            newObject.put("reason", "BAD_REQUEST");
            return badRequest(newObject);
        }
        String substring = PasswordReset.generateResetHash(str).substring(0, 6);
        User findByLoginId = User.findByLoginId(str);
        if (findByLoginId.isAnonymous() || !currentUser().isSiteManager()) {
            ObjectNode newObject2 = Json.newObject();
            newObject2.put("isSuccess", false);
            newObject2.put("reason", "FORBIDDEN");
            return forbidden(newObject2);
        }
        User.resetPassword(str, substring);
        ObjectNode newObject3 = Json.newObject();
        newObject3.put(SESSION_LOGINID, findByLoginId.getLoginId());
        newObject3.put("name", findByLoginId.getName());
        newObject3.put("newPassword", substring);
        newObject3.put("isSuccess", true);
        return ok(newObject3);
    }

    public static boolean isSiteAdminLoggedInSession() {
        return "admin".equals(session().get(SESSION_LOGINID));
    }

    @AnonymousCheck
    public static Result setDefaultLoginPage() throws IOException, WriteException {
        UserSetting findByUser = UserSetting.findByUser(currentUser().getId());
        findByUser.setLoginDefaultPage(request().getQueryString("path"));
        findByUser.save();
        ObjectNode newObject = Json.newObject();
        newObject.put("defaultLoginPage", findByUser.getLoginDefaultPage());
        return ok(newObject);
    }

    public static Result usermenuTabContentList() {
        return ok(usermenu_tab_content_list.render());
    }
}
