package org.akaza.openclinica.controller;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import java.util.UUID;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import org.akaza.openclinica.bean.core.NumericComparisonOperator;
import org.akaza.openclinica.bean.core.Role;
import org.akaza.openclinica.bean.core.Status;
import org.akaza.openclinica.bean.core.UserType;
import org.akaza.openclinica.bean.login.StudyUserRoleBean;
import org.akaza.openclinica.bean.login.UserAccountBean;
import org.akaza.openclinica.bean.managestudy.StudyBean;
import org.akaza.openclinica.control.SpringServletAccess;
import org.akaza.openclinica.control.form.Validator;
import org.akaza.openclinica.core.SecurityManager;
import org.akaza.openclinica.dao.hibernate.AuthoritiesDao;
import org.akaza.openclinica.dao.login.UserAccountDAO;
import org.akaza.openclinica.dao.managestudy.StudyDAO;
import org.akaza.openclinica.dao.managestudy.StudySubjectDAO;
import org.akaza.openclinica.domain.user.AuthoritiesBean;
import org.akaza.openclinica.i18n.core.LocaleResolver;
import org.akaza.openclinica.i18n.util.ResourceBundleProvider;
import org.apache.commons.dbcp.BasicDataSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseStatus;

@RequestMapping({"/auth/api/v1"})
@Controller
@ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
/* loaded from: input_file:WEB-INF/classes/org/akaza/openclinica/controller/UserAccountController.class */
public class UserAccountController {

    @Autowired
    @Qualifier("dataSource")
    private BasicDataSource dataSource;

    @Autowired
    ServletContext context;

    @Autowired
    AuthoritiesDao authoritiesDao;
    protected final Logger logger = LoggerFactory.getLogger(getClass().getName());
    UserAccountDAO udao;
    StudyDAO sdao;
    StudySubjectDAO ssdao;
    UserAccountBean uBean;

    @RequestMapping(value = {"/createuseraccount"}, method = {RequestMethod.POST})
    public ResponseEntity<HashMap> createOrUpdateAccount(HttpServletRequest httpServletRequest, @RequestBody HashMap<String, String> hashMap) throws Exception {
        this.logger.info("I'm in createUserAccount");
        System.out.println("I'm in createUserAccount");
        this.uBean = null;
        String str = hashMap.get("username");
        String str2 = hashMap.get("fName");
        String str3 = hashMap.get("lName");
        String str4 = hashMap.get("institution");
        String str5 = hashMap.get("email");
        String str6 = hashMap.get("study_name");
        String str7 = hashMap.get("role_name");
        String str8 = hashMap.get("user_type");
        String str9 = hashMap.get("authorize_soap");
        httpServletRequest.setAttribute("username", str);
        httpServletRequest.setAttribute("fName", str2);
        httpServletRequest.setAttribute("lName", str3);
        httpServletRequest.setAttribute("institution", str4);
        httpServletRequest.setAttribute("email", str5);
        httpServletRequest.setAttribute("study_name", str6);
        httpServletRequest.setAttribute("role_name", str7);
        UserAccountBean userAccountBean = (UserAccountBean) httpServletRequest.getSession().getAttribute("userBean");
        if (!userAccountBean.isActive() && (!userAccountBean.isTechAdmin() || !userAccountBean.isSysAdmin())) {
            this.logger.info("The Owner User Account is not Valid Account or Does not have Admin user type");
            System.out.println("The Owner User Account is not Valid Account or Does not have Admin user type");
            return new ResponseEntity<>(new HashMap(), HttpStatus.BAD_REQUEST);
        }
        SecurityManager securityManager = (SecurityManager) SpringServletAccess.getApplicationContext(this.context).getBean("securityManager");
        String genPassword = securityManager.genPassword();
        String encrytPassword = securityManager.encrytPassword(genPassword, null);
        httpServletRequest.getSession().setAttribute(LocaleResolver.getLocaleSessionAttributeName(), new Locale("en_US"));
        Validator validator = new Validator(httpServletRequest);
        addValidationToFields(validator, str);
        HashMap validate = validator.validate();
        if (!validate.isEmpty()) {
            this.logger.info("Validation Error: " + validate.toString());
            System.out.println("Validation Error: " + validate.toString());
            return new ResponseEntity<>(new HashMap(), HttpStatus.BAD_REQUEST);
        }
        StudyBean studyByName = getStudyByName(str6);
        if (!studyByName.isActive()) {
            this.logger.info("The Study Name is not Valid");
            System.out.println("The Study Name is not Valid");
            return new ResponseEntity<>(new HashMap(), HttpStatus.BAD_REQUEST);
        }
        boolean z = false;
        Role role = null;
        Iterator it = buildRoleMap(studyByName, ResourceBundleProvider.getTermsBundle()).entrySet().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Map.Entry entry = (Map.Entry) it.next();
            if (str7.equalsIgnoreCase((String) entry.getValue())) {
                role = Role.get(((Integer) entry.getKey()).intValue());
                z = true;
                break;
            }
        }
        if (!z) {
            this.logger.info("The Role is not a Valid Role for the Study or Site");
            System.out.println("The Role is not a Valid Role for the Study or Site");
            return new ResponseEntity<>(new HashMap(), HttpStatus.BAD_REQUEST);
        }
        boolean z2 = false;
        UserType userType = null;
        ArrayList arrayList = UserType.toArrayList();
        arrayList.remove(UserType.INVALID);
        Iterator it2 = arrayList.iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            UserType userType2 = (UserType) it2.next();
            if (str8.equalsIgnoreCase(userType2.getName())) {
                userType = UserType.get(userType2.getId());
                z2 = true;
                break;
            }
        }
        if (!z2) {
            this.logger.info("The Type is not a Valid User Type");
            System.out.println("The Type is not a Valid User Type");
            return new ResponseEntity<>(new HashMap(), HttpStatus.BAD_REQUEST);
        }
        this.uBean = buildUserAccount(str, str2, str3, genPassword, str4, studyByName, userAccountBean, str5, encrytPassword, Boolean.valueOf(str9), role, userType);
        HashMap hashMap2 = null;
        if (!getUserAccount(this.uBean.getName()).isActive()) {
            createUserAccount(this.uBean);
            this.uBean.setUpdater(this.uBean.getOwner());
            updateUserAccount(this.uBean);
            this.logger.info("***New User Account is created***");
            System.out.println("***New User Account is created***");
            this.uBean.setPasswd(genPassword);
            hashMap2 = new HashMap();
            hashMap2.put("username", this.uBean.getName());
            hashMap2.put("password", this.uBean.getPasswd());
            hashMap2.put("firstName", this.uBean.getFirstName());
            hashMap2.put("lastName", this.uBean.getLastName());
            hashMap2.put("apiKey", this.uBean.getApiKey());
        }
        return new ResponseEntity<>(hashMap2, HttpStatus.OK);
    }

    private UserAccountBean buildUserAccount(String str, String str2, String str3, String str4, String str5, StudyBean studyBean, UserAccountBean userAccountBean, String str6, String str7, Boolean bool, Role role, UserType userType) throws Exception {
        String random32ChApiKey;
        UserAccountBean userAccountBean2 = new UserAccountBean();
        userAccountBean2.setName(str);
        userAccountBean2.setFirstName(str2);
        userAccountBean2.setLastName(str3);
        userAccountBean2.setEmail(str);
        userAccountBean2.setInstitutionalAffiliation(str5);
        userAccountBean2.setLastVisitDate(null);
        userAccountBean2.setActiveStudyId(studyBean.getId());
        userAccountBean2.setPasswdTimestamp(null);
        userAccountBean2.setPasswdChallengeQuestion("");
        userAccountBean2.setPasswdChallengeAnswer("");
        userAccountBean2.setOwner(userAccountBean);
        userAccountBean2.setRunWebservices(false);
        userAccountBean2.setPhone("");
        userAccountBean2.setAccessCode("");
        userAccountBean2.setPasswd(str4);
        userAccountBean2.setEmail(str6);
        userAccountBean2.setEnableApiKey(true);
        userAccountBean2.setPasswd(str7);
        userAccountBean2.setRunWebservices(bool);
        do {
            random32ChApiKey = getRandom32ChApiKey();
        } while (isApiKeyExist(random32ChApiKey).booleanValue());
        userAccountBean2.setApiKey(random32ChApiKey);
        UserAccountBean addActiveStudyRole = addActiveStudyRole(userAccountBean2, studyBean.getId(), role, userAccountBean);
        addActiveStudyRole.addUserType(userType);
        this.authoritiesDao.saveOrUpdate(new AuthoritiesBean(addActiveStudyRole.getName()));
        return addActiveStudyRole;
    }

    private void createUserAccount(UserAccountBean userAccountBean) {
        this.udao = new UserAccountDAO(this.dataSource);
        this.udao.create(userAccountBean);
    }

    private StudyBean getParentStudy(String str) {
        StudyBean study = getStudy(str);
        return study.getParentStudyId() == 0 ? study : (StudyBean) this.sdao.findByPK(study.getParentStudyId());
    }

    private StudyBean getParentStudy(Integer num) {
        StudyBean study = getStudy(num);
        return study.getParentStudyId() == 0 ? study : (StudyBean) this.sdao.findByPK(study.getParentStudyId());
    }

    private StudyBean getStudyByName(String str) {
        this.sdao = new StudyDAO(this.dataSource);
        return (StudyBean) this.sdao.findByName(str);
    }

    private StudyBean getStudy(String str) {
        this.sdao = new StudyDAO(this.dataSource);
        return this.sdao.findByOid(str);
    }

    private StudyBean getStudy(Integer num) {
        this.sdao = new StudyDAO(this.dataSource);
        return (StudyBean) this.sdao.findByPK(num.intValue());
    }

    private UserAccountBean addActiveStudyRole(UserAccountBean userAccountBean, int i, Role role, UserAccountBean userAccountBean2) {
        StudyUserRoleBean studyUserRoleBean = new StudyUserRoleBean();
        studyUserRoleBean.setStudyId(i);
        studyUserRoleBean.setRoleName(role.getName());
        studyUserRoleBean.setStatus(Status.AVAILABLE);
        studyUserRoleBean.setOwner(userAccountBean2);
        userAccountBean.addRole(studyUserRoleBean);
        userAccountBean.setAccountNonLocked(false);
        return userAccountBean;
    }

    private ArrayList<UserAccountBean> getUserAccountByStudy(String str, ArrayList arrayList) {
        this.udao = new UserAccountDAO(this.dataSource);
        return this.udao.findStudyByUser(str, arrayList);
    }

    private UserAccountBean getUserAccount(String str) {
        this.udao = new UserAccountDAO(this.dataSource);
        return (UserAccountBean) this.udao.findByUserName(str);
    }

    private UserAccountBean getUserAccountByApiKey(String str) {
        this.udao = new UserAccountDAO(this.dataSource);
        return (UserAccountBean) this.udao.findByApiKey(str);
    }

    private void updateUserAccount(UserAccountBean userAccountBean) {
        this.udao.update(userAccountBean);
    }

    private ArrayList getRoles() {
        ArrayList arrayList = Role.toArrayList();
        arrayList.remove(Role.ADMIN);
        return arrayList;
    }

    public Boolean isApiKeyExist(String str) {
        UserAccountBean userAccountBean = (UserAccountBean) new UserAccountDAO(this.dataSource).findByApiKey(str);
        return userAccountBean != null && userAccountBean.isActive();
    }

    public String getRandom32ChApiKey() {
        return UUID.randomUUID().toString().replaceAll("-", "");
    }

    protected UserDetails getUserDetails() {
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        if (principal instanceof UserDetails) {
            return (UserDetails) principal;
        }
        return null;
    }

    public void addValidationToFields(Validator validator, String str) {
        validator.addValidation("username", 1);
        validator.addValidation("username", 7, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 64);
        if (!str.equals("root")) {
            validator.addValidation("username", 16);
        }
        validator.addValidation("username", 9, this.udao);
        validator.addValidation("fName", 1);
        validator.addValidation("fName", 7, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 50);
        validator.addValidation("lName", 7, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 50);
        validator.addValidation("email", 1);
        validator.addValidation("email", 7, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 120);
        validator.addValidation("email", 6);
        validator.addValidation("institution", 1);
        validator.addValidation("institution", 7, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 255);
    }

    public Map buildRoleMap(StudyBean studyBean, ResourceBundle resourceBundle) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        if (studyBean.getParentStudyId() <= 0) {
            Iterator it = getRoles().iterator();
            while (it.hasNext()) {
                Role role = (Role) it.next();
                switch (role.getId()) {
                    case 2:
                        linkedHashMap.put(Integer.valueOf(role.getId()), resourceBundle.getString("Study_Coordinator").trim());
                        break;
                    case 3:
                        linkedHashMap.put(Integer.valueOf(role.getId()), resourceBundle.getString("Study_Director").trim());
                        break;
                    case 4:
                        linkedHashMap.put(Integer.valueOf(role.getId()), resourceBundle.getString("Investigator").trim());
                        break;
                    case 5:
                        linkedHashMap.put(Integer.valueOf(role.getId()), resourceBundle.getString("Data_Entry_Person").trim());
                        break;
                    case 6:
                        linkedHashMap.put(Integer.valueOf(role.getId()), resourceBundle.getString("Monitor").trim());
                        break;
                }
            }
        } else {
            Iterator it2 = getRoles().iterator();
            while (it2.hasNext()) {
                Role role2 = (Role) it2.next();
                switch (role2.getId()) {
                    case 4:
                        linkedHashMap.put(Integer.valueOf(role2.getId()), resourceBundle.getString("site_investigator").trim());
                        break;
                    case 5:
                        linkedHashMap.put(Integer.valueOf(role2.getId()), resourceBundle.getString("site_Data_Entry_Person").trim());
                        break;
                    case 6:
                        linkedHashMap.put(Integer.valueOf(role2.getId()), resourceBundle.getString("site_monitor").trim());
                        break;
                    case 7:
                        linkedHashMap.put(Integer.valueOf(role2.getId()), resourceBundle.getString("site_Data_Entry_Person2").trim());
                        break;
                }
            }
        }
        return linkedHashMap;
    }
}
