package controllers.api;

import com.avaje.ebean.Page;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import controllers.UserApp;
import controllers.annotation.AnonymousCheck;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import models.FavoriteIssue;
import models.FavoriteOrganization;
import models.FavoriteProject;
import models.Issue;
import models.IssueComment;
import models.NotificationMail;
import models.Posting;
import models.PostingComment;
import models.Statistics;
import models.User;
import models.enumeration.IssueFilterType;
import models.enumeration.UserState;
import models.support.IssueSearchCondition;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.apache.shiro.util.ByteSource;
import play.Configuration;
import play.Logger;
import play.core.enhancers.PropertiesEnhancer;
import play.db.ebean.Transactional;
import play.i18n.Messages;
import play.libs.Json;
import play.mvc.Controller;
import play.mvc.Http;
import play.mvc.Result;
import play.mvc.With;
import utils.Constants;
import utils.JodaDateUtil;
import utils.SHA256Util;
import utils.SiteManagerAuthAction;

@PropertiesEnhancer.GeneratedAccessor
@PropertiesEnhancer.RewrittenAccessor
/* loaded from: input_file:controllers/api/UserApi.class */
public class UserApi extends Controller {
    private static final int HASH_ITERATIONS = 1024;
    private static final String AUTHORIZATION_HEADER_PREFIX = "token";
    private static final int AUTHORIZATION_HEADER_MIN_LENGTH = 2;
    private static final String HOSTNAME = Configuration.root().getString("application.hostname", "http://localhost");

    @Transactional
    public static Result toggleFoveriteProject(String str) {
        if (str == null) {
            return badRequest("Wrong project id");
        }
        boolean z = UserApp.currentUser().toggleFavoriteProject(Long.valueOf(str));
        ObjectNode newObject = Json.newObject();
        newObject.put("projectId", str);
        newObject.put("favored", z);
        return ok(newObject);
    }

    @Transactional
    public static Result getFoveriteProjects() {
        ObjectNode newObject = Json.newObject();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (FavoriteProject favoriteProject : UserApp.currentUser().favoriteProjects) {
            ObjectNode newObject2 = Json.newObject();
            newObject2.put("projectId", favoriteProject.getProject().getId());
            newObject2.put("projectName", favoriteProject.getProjectName());
            newObject2.put("owner", favoriteProject.getOwner());
            arrayList.add(newObject2);
            arrayList2.add(favoriteProject.getProject().getId());
        }
        newObject.put("projectIds", Json.toJson(arrayList2));
        newObject.put(UserApp.DEFAULT_SELECTED_TAB, Json.toJson(arrayList));
        return ok(newObject);
    }

    @Transactional
    public static Result toggleFoveriteIssue(String str) {
        if (str == null) {
            return badRequest("Wrong issue id");
        }
        boolean z = UserApp.currentUser().toggleFavoriteIssue(Long.valueOf(str));
        ObjectNode newObject = Json.newObject();
        newObject.put("issueId", str);
        newObject.put("favored", z);
        if (z) {
            newObject.put("message", Messages.get("issue.favorite.added", new Object[0]));
        } else {
            newObject.put("message", Messages.get("issue.favorite.deleted", new Object[0]));
        }
        return ok(newObject);
    }

    @Transactional
    public static Result getFoveriteIssues() {
        ObjectNode newObject = Json.newObject();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (FavoriteIssue favoriteIssue : UserApp.currentUser().favoriteIssues) {
            ObjectNode newObject2 = Json.newObject();
            newObject2.put("issueId", favoriteIssue.getIssue().getId());
            newObject2.put("issueTitle", favoriteIssue.getIssue().getTitle());
            newObject2.put("issueAuthorName", favoriteIssue.getIssue().author.getPureNameOnly());
            arrayList.add(newObject2);
            arrayList2.add(favoriteIssue.getIssue().getId());
        }
        newObject.put("projectIds", Json.toJson(arrayList2));
        newObject.put(UserApp.DEFAULT_SELECTED_TAB, Json.toJson(arrayList));
        return ok(newObject);
    }

    @Transactional
    public static Result getIssuesByUser(String str, int i, int i2) {
        ObjectNode newObject = Json.newObject();
        if (!isAuthored(request())) {
            return unauthorized(newObject.put("message", "unauthorized request"));
        }
        User findByUserToken = User.findByUserToken(request().getHeader("Authorization").split(AUTHORIZATION_HEADER_PREFIX)[1].replaceAll("\\s", Issue.TO_BE_ASSIGNED));
        IssueSearchCondition issueSearchCondition = new IssueSearchCondition();
        issueSearchCondition.setPageNum(i - 1);
        return issuesAsJson(issueSearchCondition.getExpressionListByFilter(IssueFilterType.getValue(str), findByUserToken).findPagingList(i2).getPage(issueSearchCondition.getPageNum()));
    }

    private static Result issuesAsJson(Page<Issue> page) {
        ObjectNode newObject = Json.newObject();
        ArrayNode arrayNode = Json.newObject().arrayNode();
        for (Issue issue : page.getList()) {
            ObjectNode newObject2 = Json.newObject();
            newObject2.put("id", issue.getId());
            newObject2.put("number", issue.getNumber());
            newObject2.put("state", issue.getState().toString());
            newObject2.put(Constants.TITLE, issue.getTitle());
            newObject2.put(Issue.DEFAULT_SORTER, JodaDateUtil.getDateString(issue.getCreatedDate(), JodaDateUtil.ISO_FORMAT));
            newObject2.put("updatedDate", JodaDateUtil.getDateString(issue.getUpdatedDate(), JodaDateUtil.ISO_FORMAT));
            ObjectNode newObject3 = Json.newObject();
            newObject3.put("id", issue.getAuthorId());
            newObject3.put(UserApp.SESSION_LOGINID, issue.getAuthorLoginId());
            newObject3.put("name", issue.getAuthorName());
            newObject2.put("author", newObject3);
            ObjectNode newObject4 = Json.newObject();
            if (issue.getAssignee() != null) {
                newObject4.put("id", issue.getAssignee().getId());
                newObject4.put(UserApp.SESSION_LOGINID, issue.getAssignee().getUser().getLoginId());
                newObject4.put("name", issue.getAssignee().getUser().getName());
            }
            newObject2.put("assignee", newObject4);
            ObjectNode newObject5 = Json.newObject();
            newObject5.put("id", issue.getProject().getId());
            newObject5.put("name", issue.getProject().getName());
            newObject2.put("project", newObject5);
            newObject2.put("owner", issue.getProject().getOwner());
            newObject2.put("refUrl", HOSTNAME + "/" + issue.getProject().getOwner() + "/" + issue.getProject().getName() + "/issue/" + issue.getNumber());
            arrayNode.add(newObject2);
        }
        newObject.put("result", arrayNode);
        return ok(newObject);
    }

    @Transactional
    public static Result toggleFoveriteOrganization(String str) {
        if (str == null) {
            return badRequest("Wrong organization id");
        }
        boolean z = UserApp.currentUser().toggleFavoriteOrganization(Long.valueOf(str));
        ObjectNode newObject = Json.newObject();
        newObject.put("organizationId", str);
        newObject.put("favored", z);
        return ok(newObject);
    }

    @Transactional
    public static Result getFoveriteOrganizations() {
        ObjectNode newObject = Json.newObject();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (FavoriteOrganization favoriteOrganization : UserApp.currentUser().favoriteOrganizations) {
            ObjectNode newObject2 = Json.newObject();
            newObject2.put("organizationId", favoriteOrganization.getOrganization().getId());
            newObject2.put("organizationName", favoriteOrganization.getOrganizationName());
            arrayList.add(newObject2);
            arrayList2.add(favoriteOrganization.getOrganization().getId());
        }
        newObject.put("organizationIds", Json.toJson(arrayList2));
        newObject.put("organizations", Json.toJson(arrayList));
        return ok(newObject);
    }

    @Transactional
    public static Result newUser() {
        ObjectNode newObject = Json.newObject();
        JsonNode asJson = request().body().asJson();
        if (asJson == null) {
            return badRequest(newObject.put("message", "Expecting Json data"));
        }
        if (!UserApp.currentUser().isSiteManager()) {
            return badRequest(newObject.put("message", "User creation with api is allowed by Site admin only."));
        }
        JsonNode findValue = asJson.findValue("users");
        if (findValue == null || !findValue.isArray()) {
            return badRequest(newObject.put("message", "No users key exists or value must be array!"));
        }
        ArrayList arrayList = new ArrayList();
        Iterator it = findValue.iterator();
        while (it.hasNext()) {
            arrayList.add(createUserNode((JsonNode) it.next()));
        }
        return created(Json.toJson(arrayList));
    }

    @Transactional
    public static Result newToken() {
        ObjectNode newObject = Json.newObject();
        JsonNode asJson = request().body().asJson();
        if (asJson == null) {
            return badRequest(newObject.put("message", "Empty request data"));
        }
        String asText = asJson.findValue("id").asText();
        String asText2 = asJson.findValue("password").asText();
        if (!isValidUser(asText)) {
            return unauthorized(newObject.put("message", "No valid user by id"));
        }
        User findByLoginKey = User.findByLoginKey(asText);
        if (!checkUserPassword(findByLoginKey, asText2)) {
            return unauthorized(newObject.put("message", "No user by id and password"));
        }
        UserApp.addUserInfoToSession(findByLoginKey);
        newObject.put("access_token", getNewUserToken(findByLoginKey));
        return ok(Json.toJson(newObject));
    }

    @AnonymousCheck(requiresLogin = true)
    public static Result statistics(String str) {
        User findByLoginId = User.findByLoginId(str);
        if (findByLoginId.isAnonymous()) {
            return ok(Json.toJson(Statistics.empty()));
        }
        Integer valueOf = Integer.valueOf(Issue.countAllCreatedBy(findByLoginId));
        Integer valueOf2 = Integer.valueOf(Posting.countAllCreatedBy(findByLoginId));
        Integer valueOf3 = Integer.valueOf(Issue.countAllAssignedBy(findByLoginId));
        Integer valueOf4 = Integer.valueOf(IssueComment.countAllCreatedBy(findByLoginId));
        Integer valueOf5 = Integer.valueOf(PostingComment.countAllCreatedBy(findByLoginId));
        Integer valueOf6 = Integer.valueOf(Issue.countVoterOf(findByLoginId));
        Integer valueOf7 = Integer.valueOf(IssueComment.countVoterOf(findByLoginId));
        Statistics statistics = new Statistics();
        statistics.setIssue(valueOf);
        statistics.setPosting(valueOf2);
        statistics.setAssignedIssue(valueOf3);
        statistics.setIssueComment(valueOf4);
        statistics.setPostingComment(valueOf5);
        statistics.setIssueVoter(valueOf6);
        statistics.setIssueCommentVoter(valueOf7);
        return ok(Json.toJson(statistics));
    }

    public static boolean isAuthored(Http.Request request) {
        String header = request.getHeader("Authorization");
        if (header == null) {
            return false;
        }
        String[] split = header.split(AUTHORIZATION_HEADER_PREFIX);
        return split.length >= 2 && !User.findByUserToken(split[1].replaceAll("\\s", Issue.TO_BE_ASSIGNED)).isAnonymous();
    }

    public static String getAuthorizationToken(Http.Request request) {
        return request.getHeader("Authorization").split(AUTHORIZATION_HEADER_PREFIX)[1].replaceAll("\\s", Issue.TO_BE_ASSIGNED);
    }

    public static User getAuthorizedUser(String str) {
        return User.findByUserToken(str);
    }

    @With({SiteManagerAuthAction.class})
    public static Result users() {
        List<User> findList = User.find.select("id, login_id, name, email, state, is_guest").where().eq("state", UserState.ACTIVE).findList();
        ArrayList arrayList = new ArrayList();
        for (User user : findList) {
            HashMap hashMap = new HashMap();
            hashMap.put("id", user.getId());
            hashMap.put("login_id", user.getLoginId());
            hashMap.put("name", user.getName());
            hashMap.put("email", user.getEmail());
            hashMap.put("state", user.getState());
            hashMap.put("is_guest", Boolean.valueOf(user.getIsGuest()));
            arrayList.add(hashMap);
        }
        return ok(Json.toJson(arrayList));
    }

    @With({SiteManagerAuthAction.class})
    public static Result updateUserState(String str) {
        User findByLoginId = User.findByLoginId(str);
        if (findByLoginId.isAnonymous()) {
            return unauthorized();
        }
        JsonNode asJson = request().body().asJson();
        if (asJson == null) {
            return badRequest("Empty json body");
        }
        UserState findUserState = findUserState(asJson);
        if (findUserState == null) {
            return badRequest();
        }
        if (findUserState == UserState.SITE_ADMIN) {
            return forbidden();
        }
        findByLoginId.setState(findUserState);
        findByLoginId.save();
        HashMap hashMap = new HashMap();
        hashMap.put("id", findByLoginId.getId());
        hashMap.put("login_id", findByLoginId.getLoginId());
        hashMap.put("state", findByLoginId.getState());
        return ok(Json.toJson(hashMap));
    }

    private static UserState findUserState(JsonNode jsonNode) {
        return UserState.of((String) Optional.ofNullable(jsonNode.findValue("state")).map((v0) -> {
            return v0.asText();
        }).map((v0) -> {
            return v0.toUpperCase();
        }).orElse(Issue.TO_BE_ASSIGNED));
    }

    private static boolean isValidUser(String str) {
        User findByLoginKey = User.findByLoginKey(str);
        return (findByLoginKey == null || findByLoginKey == User.anonymous || findByLoginKey.getState() == UserState.LOCKED || findByLoginKey.getState() == UserState.DELETED) ? false : true;
    }

    private static boolean checkUserPassword(User user, String str) {
        return StringUtils.equals(user.getPassword(), new Sha256Hash(str, ByteSource.Util.bytes(user.getPasswordSalt()), HASH_ITERATIONS).toBase64());
    }

    private static String getNewUserToken(User user) {
        String hashBasedNow = SHA256Util.hashBasedNow();
        user.setToken(hashBasedNow);
        user.save();
        return hashBasedNow;
    }

    public static JsonNode createUserNode(JsonNode jsonNode) {
        ObjectNode newObject = Json.newObject();
        String asText = jsonNode.findValue(UserApp.SESSION_LOGINID).asText();
        String asText2 = jsonNode.findValue("name").asText();
        String asText3 = jsonNode.findValue("email").asText();
        if (!NotificationMail.isAllowedEmailDomains(asText3)) {
            return notAllowedDomainEmailUser(jsonNode);
        }
        if (!User.findByEmail(asText3).isAnonymous()) {
            return alreadyExistedUser(jsonNode);
        }
        User user = new User();
        user.setLoginId(asText);
        user.setName(asText2);
        user.setEmail(asText3);
        user.setPassword(new SecureRandomNumberGenerator().nextBytes().toBase64());
        newObject.put("status", 201);
        newObject.put("reason", "Created");
        newObject.put("user", successfullyCreatedUserNode(UserApp.createNewUser(user)));
        return newObject;
    }

    private static JsonNode successfullyCreatedUserNode(User user) {
        ObjectNode newObject = Json.newObject();
        newObject.put("id", user.getId());
        newObject.put(UserApp.SESSION_LOGINID, user.getLoginId());
        newObject.put("name", user.getName());
        newObject.put("email", user.getEmail());
        return newObject;
    }

    private static JsonNode notAllowedDomainEmailUser(JsonNode jsonNode) {
        ObjectNode newObject = Json.newObject();
        String str = Messages.get("user.unacceptable.email.domain", new Object[0]);
        loggingUser(jsonNode, str);
        newObject.put("status", 403);
        newObject.put("reason", "Forbidden");
        newObject.put("message", str);
        newObject.put("user", jsonNode);
        return newObject;
    }

    private static JsonNode alreadyExistedUser(JsonNode jsonNode) {
        ObjectNode newObject = Json.newObject();
        loggingUser(jsonNode, "Already exists!");
        newObject.put("status", 409);
        newObject.put("reason", "Conflict");
        newObject.put("message", "Already exists!");
        newObject.put("user", jsonNode);
        return newObject;
    }

    private static void loggingUser(JsonNode jsonNode, String str) {
        String asText = jsonNode.findValue("name").asText();
        String asText2 = jsonNode.findValue("email").asText();
        Logger.warn(str);
        Logger.warn("Rejected: " + asText + " with " + asText2);
    }
}
