package org.nuxeo.ecm.webapp.security;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.ejb.PostActivate;
import javax.ejb.PrePassivate;
import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import javax.faces.model.SelectItem;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jboss.seam.ScopeType;
import org.jboss.seam.Seam;
import org.jboss.seam.annotations.Create;
import org.jboss.seam.annotations.Factory;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.datamodel.DataModel;
import org.jboss.seam.annotations.datamodel.DataModelSelection;
import org.jboss.seam.annotations.web.RequestParameter;
import org.jboss.seam.contexts.Context;
import org.jboss.seam.core.Events;
import org.jboss.seam.faces.FacesMessages;
import org.nuxeo.common.utils.Path;
import org.nuxeo.ecm.core.api.ClientException;
import org.nuxeo.ecm.core.api.CoreSession;
import org.nuxeo.ecm.core.api.DocumentRef;
import org.nuxeo.ecm.core.api.NuxeoGroup;
import org.nuxeo.ecm.core.api.NuxeoPrincipal;
import org.nuxeo.ecm.core.api.impl.DataModelImpl;
import org.nuxeo.ecm.core.api.impl.DocumentModelImpl;
import org.nuxeo.ecm.directory.SizeLimitExceededException;
import org.nuxeo.ecm.platform.types.Type;
import org.nuxeo.ecm.platform.ui.web.util.ComponentUtils;
import org.nuxeo.ecm.platform.usermanager.NuxeoPrincipalImpl;
import org.nuxeo.ecm.platform.usermanager.UserManager;
import org.nuxeo.ecm.platform.usermanager.exceptions.UserAlreadyExistsException;
import org.nuxeo.ecm.webapp.base.InputController;
import org.nuxeo.ecm.webapp.helpers.EventNames;

@Name("userManagerActions")
@Install(precedence = 10)
@Scope(ScopeType.CONVERSATION)
/* loaded from: input_file:org/nuxeo/ecm/webapp/security/UserManagerActionsBean.class */
public class UserManagerActionsBean extends InputController implements UserManagerActions, Serializable {
    private static final long serialVersionUID = 2160735474991874750L;
    private static final Log log = LogFactory.getLog(UserManagerActionsBean.class);
    private static final String ALL = "all";
    private static final String TABBED = "tabbed";
    private static final String SEARCH_ONLY = "search_only";
    public static final String VALID_CHARS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-0123456789";

    @In(create = true)
    protected transient UserManager userManager;

    @In(create = true, required = false)
    protected transient CoreSession documentManager;

    @In
    protected transient Context sessionContext;

    @DataModel("userList")
    protected List<NuxeoPrincipal> users;
    private List<NuxeoPrincipal> allUsers;
    private Map<String, List<NuxeoPrincipal>> userCatalog;
    private NuxeoPrincipal principal;
    private String changed_password;
    private String changed_password_verify;

    @DataModelSelection("userList")
    protected NuxeoPrincipal selectedUser;

    @In(required = false)
    protected NuxeoPrincipal newUser;
    private String retypedPassword;

    @RequestParameter("usernameParam")
    protected String usernameParam;

    @RequestParameter("newSelectedLetter")
    protected String newSelectedLetter;
    private String selectedLetter;
    protected String userListingMode;
    protected String searchString = "";
    protected String searchUsername = "";
    protected String searchLastname = "";
    protected String searchFirstname = "";
    protected String searchCompany = "";
    protected String searchEmail = "";
    protected boolean doSearch = false;
    private boolean searchOverflow = false;

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    @Create
    public void initialize() throws ClientException {
        log.debug("Initializing...");
        this.principal = FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal();
        this.userListingMode = this.userManager.getUserListingMode();
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void destroy() {
        log.debug("Removing SEAM action listener...");
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    @Factory("userList")
    public void getUsers() throws ClientException {
        if (SEARCH_ONLY.equals(this.userListingMode)) {
            this.allUsers = Collections.emptyList();
            this.users = Collections.emptyList();
            return;
        }
        try {
            this.allUsers = this.userManager.getAvailablePrincipals();
            updateUserCatalog();
        } catch (Exception e) {
            throw ClientException.wrap(e);
        } catch (SizeLimitExceededException e2) {
            this.allUsers = Collections.emptyList();
            this.users = Collections.emptyList();
            this.searchOverflow = true;
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String viewUser(String str) throws ClientException {
        NuxeoPrincipal principal = this.userManager.getPrincipal(str);
        if (principal == null) {
            log.error("No principal for username: " + this.usernameParam);
            return null;
        }
        this.selectedUser = principal;
        try {
            this.sessionContext.set("selectedUser", this.selectedUser);
            return "view_user";
        } catch (Exception e) {
            throw ClientException.wrap(e);
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String viewUser() throws ClientException {
        if (this.usernameParam != null) {
            return viewUser(this.usernameParam);
        }
        try {
            refreshPrincipal(this.selectedUser);
            this.sessionContext.set("selectedUser", this.selectedUser);
            return "view_user";
        } catch (Exception e) {
            throw ClientException.wrap(e);
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public Type getChangeableUserType() {
        return this.typeManager.getType("User");
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public Type getChangeableUserCreateType() {
        return this.typeManager.getType("UserCreate");
    }

    public void refreshPrincipal(NuxeoPrincipal nuxeoPrincipal) throws ClientException {
        NuxeoPrincipal principal = this.userManager.getPrincipal(nuxeoPrincipal.getName());
        nuxeoPrincipal.setGroups(principal.getGroups());
        nuxeoPrincipal.setRoles(principal.getRoles());
        nuxeoPrincipal.setModel(principal.getModel());
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String editUser() throws ClientException {
        try {
            refreshPrincipal(this.selectedUser);
            this.sessionContext.set("selectedUser", this.selectedUser);
            return "edit_user";
        } catch (Exception e) {
            throw ClientException.wrap(e);
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String deleteUser() throws ClientException {
        try {
            this.userManager.deletePrincipal(this.selectedUser);
            if (this.allUsers != null) {
                this.allUsers.remove(this.selectedUser);
            }
            if (this.users != null) {
                this.users.remove(this.selectedUser);
            }
            Events.instance().raiseEvent(EventNames.USER_ALL_DOCUMENT_TYPES_SELECTION_CHANGED, new Object[0]);
            return viewUsers();
        } catch (Exception e) {
            throw ClientException.wrap(e);
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public List<SelectItem> getAvailableGroups() throws ClientException {
        ArrayList arrayList = new ArrayList();
        Iterator it = this.userManager.getAvailableGroups().iterator();
        while (it.hasNext()) {
            arrayList.add(new SelectItem(((NuxeoGroup) it.next()).getName()));
        }
        return arrayList;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String searchUsers() throws ClientException {
        this.searchOverflow = false;
        try {
            if (this.searchString.compareTo("*") == 0) {
                this.allUsers = this.userManager.getAvailablePrincipals();
            } else {
                this.allUsers = this.userManager.searchPrincipals(this.searchString);
            }
            this.doSearch = true;
            return viewUsers();
        } catch (SizeLimitExceededException e) {
            this.searchOverflow = true;
            this.allUsers = Collections.emptyList();
            this.users = Collections.emptyList();
            return "view_users";
        }
    }

    private void updateUserCatalog() throws ClientException {
        if (this.allUsers == null) {
            this.allUsers = this.userManager.searchPrincipals(this.searchString);
        }
        if (!StringUtils.isEmpty(this.searchString) || !TABBED.equals(this.userListingMode)) {
            this.userCatalog = null;
            this.users = new ArrayList(this.allUsers);
            return;
        }
        this.userCatalog = new HashMap();
        String userSortField = this.userManager.getUserSortField();
        for (NuxeoPrincipal nuxeoPrincipal : this.allUsers) {
            String str = userSortField != null ? (String) ((org.nuxeo.ecm.core.api.DataModel) nuxeoPrincipal.getModel().getDataModels().values().iterator().next()).getData(userSortField) : null;
            if (str == null) {
                str = nuxeoPrincipal.getName();
            }
            String upperCase = str.substring(0, 1).toUpperCase();
            List<NuxeoPrincipal> list = this.userCatalog.get(upperCase);
            if (list == null) {
                list = new ArrayList();
                this.userCatalog.put(upperCase, list);
            }
            list.add(nuxeoPrincipal);
        }
        if (StringUtils.isEmpty(this.selectedLetter) || !this.userCatalog.containsKey(this.selectedLetter)) {
            this.selectedLetter = getCatalogLetters().iterator().next();
        }
        this.users = this.userCatalog.get(this.selectedLetter);
        if (this.users == null) {
            this.users = Collections.emptyList();
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String updateUser() throws ClientException {
        FacesContext.getCurrentInstance();
        try {
            if ("".equals(this.selectedUser.getPassword())) {
                this.selectedUser.setPassword((String) null);
            }
            this.userManager.updatePrincipal(this.selectedUser);
            return viewUser(this.selectedUser.getName());
        } catch (Exception e) {
            throw ClientException.wrap(e);
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String saveUser() throws ClientException {
        FacesContext currentInstance = FacesContext.getCurrentInstance();
        try {
            org.nuxeo.ecm.core.api.DataModel dataModel = (org.nuxeo.ecm.core.api.DataModel) this.newUser.getModel().getDataModels().values().iterator().next();
            if (!StringUtils.containsOnly((String) dataModel.getData("username"), VALID_CHARS)) {
                FacesMessages.instance().add(FacesMessage.SEVERITY_ERROR, ComponentUtils.translate(currentInstance, "label.userManager.wrong.username"), (Object[]) null);
                return null;
            }
            if (((String) dataModel.getData("password")).equals(this.changed_password_verify)) {
                this.userManager.createPrincipal(this.newUser);
                this.selectedUser = this.newUser;
                return viewUser();
            }
            this.facesMessages.addToControl("h_inputText_passwordCreate2", FacesMessage.SEVERITY_ERROR, ComponentUtils.translate(currentInstance, "label.userManager.password.not.match"), new Object[0]);
            return null;
        } catch (Exception e) {
            throw ClientException.wrap(e);
        } catch (UserAlreadyExistsException e2) {
            this.facesMessages.add(FacesMessage.SEVERITY_WARN, ComponentUtils.translate(currentInstance, "error.userManager.userAlreadyExists"), new Object[0]);
            return null;
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String createUser() throws ClientException {
        try {
            this.newUser = new NuxeoPrincipalImpl("");
            Type changeableUserCreateType = getChangeableUserCreateType();
            String schemaName = changeableUserCreateType.getLayout()[0].getSchemaName();
            DataModelImpl dataModelImpl = new DataModelImpl(schemaName);
            DocumentModelImpl documentModelImpl = new DocumentModelImpl((String) null, changeableUserCreateType.getId(), "", (Path) null, (DocumentRef) null, (DocumentRef) null, new String[]{schemaName}, (Set) null);
            documentModelImpl.addDataModel(dataModelImpl);
            this.newUser.setModel(documentModelImpl);
            this.newUser.getRoles().add("regular");
            this.sessionContext.set("newUser", this.newUser);
            return "create_user";
        } catch (Exception e) {
            throw ClientException.wrap(e);
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getSearchString() {
        return this.searchString;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setSearchString(String str) {
        this.searchString = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public Collection<String> getCatalogLetters() {
        ArrayList arrayList = new ArrayList(this.userCatalog.keySet());
        Collections.sort(arrayList);
        return arrayList;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setSelectedLetter(String str) {
        this.selectedLetter = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getSelectedLetter() {
        return this.selectedLetter;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public boolean getAllowCreateUser() throws ClientException {
        return this.principal.isAdministrator() && !this.userManager.areUsersReadOnly().booleanValue();
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public boolean getAllowDeleteUser() throws ClientException {
        return this.principal.isAdministrator() && !this.userManager.areUsersReadOnly().booleanValue();
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String viewUsers() throws ClientException {
        if (this.newSelectedLetter != null) {
            this.selectedLetter = this.newSelectedLetter;
        }
        if (SEARCH_ONLY.equals(this.userListingMode) && StringUtils.isEmpty(this.searchString) && StringUtils.isEmpty(this.searchUsername) && StringUtils.isEmpty(this.searchFirstname) && StringUtils.isEmpty(this.searchLastname) && StringUtils.isEmpty(this.searchEmail) && StringUtils.isEmpty(this.searchCompany)) {
            this.allUsers = Collections.emptyList();
            this.users = Collections.emptyList();
            return "view_users";
        }
        try {
            updateUserCatalog();
            return this.userCatalog != null ? "view_many_users" : "view_users";
        } catch (SizeLimitExceededException e) {
            this.allUsers = Collections.emptyList();
            this.users = Collections.emptyList();
            this.searchOverflow = true;
            return "view_users";
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public boolean getAllowEditUser() {
        return this.principal.isAdministrator() || this.principal.getName().equals(this.selectedUser.getName());
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public boolean getAllowChangePassword() throws ClientException {
        if (this.userManager.areUsersReadOnly().booleanValue()) {
            return false;
        }
        return this.principal.isAdministrator() || this.principal.getName().equals(this.selectedUser.getName());
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getRetypedPassword() {
        return this.retypedPassword;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setRetypedPassword(String str) {
        this.retypedPassword = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String clearSearch() throws ClientException {
        this.searchString = "";
        this.searchEmail = "";
        this.searchFirstname = "";
        this.searchLastname = "";
        this.searchUsername = "";
        this.doSearch = false;
        return searchUsers();
    }

    @Override // org.nuxeo.ecm.webapp.base.StatefulBaseLifeCycle
    @PrePassivate
    public void saveState() {
        log.debug("@PrePassivate");
    }

    @Override // org.nuxeo.ecm.webapp.base.StatefulBaseLifeCycle
    @PostActivate
    public void readState() {
        log.debug("@PostActivate");
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getSearchEmail() {
        return this.searchEmail;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setSearchEmail(String str) {
        this.searchEmail = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getSearchFirstname() {
        return this.searchFirstname;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setSearchFirstname(String str) {
        this.searchFirstname = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getSearchLastname() {
        return this.searchLastname;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setSearchLastname(String str) {
        this.searchLastname = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getSearchUsername() {
        return this.searchUsername;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setSearchUsername(String str) {
        this.searchUsername = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getSearchCompany() {
        return this.searchCompany;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setSearchCompany(String str) {
        this.searchCompany = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String searchUsersAdvanced() throws ClientException {
        this.searchOverflow = false;
        try {
            HashMap hashMap = new HashMap();
            if ((this.searchUsername + this.searchLastname + this.searchFirstname + this.searchEmail + this.searchCompany).trim().compareTo("*") == 0) {
                this.allUsers = this.userManager.getAvailablePrincipals();
            } else {
                if (this.searchUsername != null && !"".equals(this.searchUsername)) {
                    hashMap.put("username", this.searchUsername);
                }
                if (this.searchLastname != null && !"".equals(this.searchLastname)) {
                    hashMap.put("lastName", this.searchLastname);
                }
                if (this.searchFirstname != null && !"".equals(this.searchFirstname)) {
                    hashMap.put("firstName", this.searchFirstname);
                }
                if (this.searchEmail != null && !"".equals(this.searchEmail)) {
                    hashMap.put("email", this.searchEmail);
                }
                if (this.searchCompany != null && !"".equals(this.searchCompany)) {
                    hashMap.put("company", this.searchCompany);
                }
                this.allUsers = this.userManager.searchByMap(hashMap, new HashSet(hashMap.keySet()));
            }
            this.doSearch = true;
            return viewUsers();
        } catch (SizeLimitExceededException e) {
            this.searchOverflow = true;
            this.allUsers = Collections.emptyList();
            this.users = Collections.emptyList();
            return "view_users";
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String clearSearchAdvanced() throws ClientException {
        this.searchEmail = "";
        this.searchFirstname = "";
        this.searchLastname = "";
        this.searchUsername = "";
        this.doSearch = false;
        return viewUsers();
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public boolean getDoSearch() {
        return this.doSearch;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setDoSearch(boolean z) {
        this.doSearch = z;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setChanged_password(String str) {
        this.changed_password = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setChanged_password_verify(String str) {
        this.changed_password_verify = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getChanged_password() {
        return "";
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getChanged_password_verify() {
        return "";
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public boolean isSearchOverflow() {
        return this.searchOverflow;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setSearchOverflow(boolean z) {
        this.searchOverflow = z;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String changePassword() throws ClientException {
        FacesContext currentInstance = FacesContext.getCurrentInstance();
        if (!this.changed_password.equals(this.changed_password_verify) || this.changed_password.length() <= 0) {
            this.facesMessages.addToControl("h_inputText_password1", FacesMessage.SEVERITY_ERROR, ComponentUtils.translate(currentInstance, "label.userManager.password.not.match"), new Object[0]);
            return null;
        }
        this.selectedUser.setPassword(this.changed_password);
        this.userManager.updatePrincipal(this.selectedUser);
        this.facesMessages.add(FacesMessage.SEVERITY_INFO, ComponentUtils.translate(currentInstance, "label.userManager.password.changed"), new Object[0]);
        if (!this.selectedUser.getName().equals(this.principal.getName())) {
            return "view_user";
        }
        Seam.invalidateSession();
        return "home";
    }
}
