package org.nuxeo.ecm.webapp.security;

import java.io.Serializable;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import javax.faces.application.FacesMessage;
import javax.faces.component.UIComponent;
import javax.faces.component.UIInput;
import javax.faces.context.FacesContext;
import javax.faces.validator.ValidatorException;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.Factory;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.datamodel.DataModel;
import org.jboss.seam.annotations.datamodel.DataModelSelection;
import org.jboss.seam.annotations.web.RequestParameter;
import org.jboss.seam.faces.FacesMessages;
import org.jboss.seam.web.Session;
import org.nuxeo.ecm.core.api.ClientException;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.core.api.DocumentModelList;
import org.nuxeo.ecm.core.api.NuxeoPrincipal;
import org.nuxeo.ecm.core.api.impl.DocumentModelListImpl;
import org.nuxeo.ecm.directory.SizeLimitExceededException;
import org.nuxeo.ecm.platform.ui.web.api.NavigationContext;
import org.nuxeo.ecm.platform.ui.web.util.ComponentUtils;
import org.nuxeo.ecm.platform.usermanager.UserManager;
import org.nuxeo.ecm.platform.usermanager.exceptions.UserAlreadyExistsException;
import org.nuxeo.ecm.webapp.helpers.ResourcesAccessor;

@Name("userManagerActions")
@Install(precedence = 10)
@Scope(ScopeType.CONVERSATION)
/* loaded from: input_file:org/nuxeo/ecm/webapp/security/UserManagerActionsBean.class */
public class UserManagerActionsBean implements UserManagerActions {
    private static final long serialVersionUID = 1;
    private static final Log log = LogFactory.getLog(UserManagerActionsBean.class);

    @In(create = true)
    protected transient UserManager userManager;

    @In(create = true)
    protected Principal currentUser;

    @In(create = true, required = false)
    protected FacesMessages facesMessages;

    @In(create = true)
    protected ResourcesAccessor resourcesAccessor;

    @In(create = true)
    protected transient NavigationContext navigationContext;
    protected Map<String, DocumentModelList> userCatalog;

    @DataModel("userList")
    protected DocumentModelList users;

    @DataModelSelection("userList")
    protected DocumentModel selectedUser;
    protected String userListingMode;
    protected DocumentModel newUser;
    protected DocumentModel searchUserModel;

    @RequestParameter("newSelectedLetter")
    protected String newSelectedLetter;
    protected String selectedLetter;
    protected String searchString = "";
    protected boolean searchOverflow = false;

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getUserListingMode() throws ClientException {
        if (this.userListingMode == null) {
            this.userListingMode = this.userManager.getUserListingMode();
        }
        return this.userListingMode;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    @Factory("userList")
    public DocumentModelList getUsers() throws ClientException {
        if (this.users == null) {
            this.searchOverflow = false;
            try {
                String userListingMode = getUserListingMode();
                if (UserManagerActions.SEARCH_ONLY.equals(userListingMode) || !StringUtils.isEmpty(this.searchString)) {
                    if ("*".equals(this.searchString)) {
                        this.users = this.userManager.searchUsers((String) null);
                    } else if (!StringUtils.isEmpty(this.searchString)) {
                        this.users = this.userManager.searchUsers(this.searchString);
                    }
                } else if (UserManagerActions.TABBED.equals(userListingMode)) {
                    if (this.userCatalog == null) {
                        updateUserCatalog();
                    }
                    if (StringUtils.isEmpty(this.selectedLetter) || !this.userCatalog.containsKey(this.selectedLetter)) {
                        Collection<String> catalogLetters = getCatalogLetters();
                        if (!catalogLetters.isEmpty()) {
                            this.selectedLetter = catalogLetters.iterator().next();
                        }
                    }
                    this.users = this.userCatalog.get(this.selectedLetter);
                }
            } catch (Exception e) {
                throw ClientException.wrap(e);
            } catch (SizeLimitExceededException e2) {
                this.searchOverflow = true;
            }
        }
        if (this.users == null) {
            this.users = new DocumentModelListImpl();
        }
        return this.users;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void resetUsers() {
        this.users = null;
    }

    protected void updateUserCatalog() throws ClientException {
        DocumentModelList<DocumentModel> searchUsers = this.userManager.searchUsers((String) null);
        this.userCatalog = new HashMap();
        String userSortField = this.userManager.getUserSortField();
        for (DocumentModel documentModel : searchUsers) {
            String str = userSortField != null ? (String) ((org.nuxeo.ecm.core.api.DataModel) documentModel.getDataModels().values().iterator().next()).getData(userSortField) : null;
            if (StringUtils.isEmpty(str)) {
                str = documentModel.getId();
            }
            String upperCase = str.substring(0, 1).toUpperCase();
            DocumentModelList documentModelList = this.userCatalog.get(upperCase);
            if (documentModelList == null) {
                documentModelList = new DocumentModelListImpl();
                this.userCatalog.put(upperCase, documentModelList);
            }
            documentModelList.add(documentModel);
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public DocumentModel getSelectedUser() {
        return this.selectedUser;
    }

    protected DocumentModel refreshUser(String str) throws ClientException {
        return this.userManager.getUserModel(str);
    }

    protected String viewUser(DocumentModel documentModel, boolean z) throws ClientException {
        if (documentModel == null) {
            return null;
        }
        this.selectedUser = documentModel;
        if (z) {
            this.selectedUser = refreshUser(documentModel.getId());
        }
        if (this.selectedUser != null) {
            return "view_user";
        }
        return null;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String viewUser() throws ClientException {
        return viewUser(this.selectedUser, true);
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String viewUser(String str) throws ClientException {
        return viewUser(this.userManager.getUserModel(str), false);
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String searchUsers() throws ClientException {
        this.searchOverflow = false;
        resetUsers();
        return viewUsers();
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void validateUserName(FacesContext facesContext, UIComponent uIComponent, Object obj) {
        if ((obj instanceof String) && StringUtils.containsOnly((String) obj, UserManagerActions.VALID_CHARS)) {
            return;
        }
        FacesMessage facesMessage = new FacesMessage(FacesMessage.SEVERITY_ERROR, ComponentUtils.translate(facesContext, "label.userManager.wrong.username"), (String) null);
        facesContext.addMessage((String) null, facesMessage);
        throw new ValidatorException(facesMessage);
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void validatePassword(FacesContext facesContext, UIComponent uIComponent, Object obj) {
        Map attributes = uIComponent.getAttributes();
        String str = (String) attributes.get("firstPasswordInputId");
        String str2 = (String) attributes.get("secondPasswordInputId");
        if (str == null || str2 == null) {
            log.error("Cannot validate passwords: input id(s) not found");
            return;
        }
        UIInput findComponent = uIComponent.findComponent(str);
        UIInput findComponent2 = uIComponent.findComponent(str2);
        if (findComponent == null || findComponent2 == null) {
            log.error("Cannot validate passwords: input(s) not found");
            return;
        }
        Object localValue = findComponent.getLocalValue();
        Object localValue2 = findComponent2.getLocalValue();
        if (localValue == null || localValue2 == null) {
            log.error("Cannot validate passwords: value(s) not found");
        } else if (!localValue.equals(localValue2)) {
            throw new ValidatorException(new FacesMessage(FacesMessage.SEVERITY_ERROR, ComponentUtils.translate(facesContext, "label.userManager.password.not.match"), (String) null));
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String editUser() throws ClientException {
        this.selectedUser = refreshUser(this.selectedUser.getId());
        return "edit_user";
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String deleteUser() throws ClientException {
        try {
            this.userManager.deleteUser(this.selectedUser);
            resetUsers();
            return viewUsers();
        } catch (Exception e) {
            throw ClientException.wrap(e);
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String updateUser() throws ClientException {
        try {
            this.userManager.updateUser(this.selectedUser);
            resetUsers();
            return viewUser(this.selectedUser.getId());
        } catch (Exception e) {
            throw ClientException.wrap(e);
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String changePassword() throws ClientException {
        updateUser();
        this.facesMessages.add(FacesMessage.SEVERITY_INFO, (String) this.resourcesAccessor.getMessages().get("label.userManager.password.changed"), new Object[0]);
        if (!this.selectedUser.getId().equals(this.currentUser.getName())) {
            return "view_user";
        }
        Session.instance().invalidate();
        return this.navigationContext.goHome();
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String createUser() throws ClientException, UserAlreadyExistsException {
        try {
            this.selectedUser = this.userManager.createUser(this.newUser);
            this.newUser = null;
            return viewUser();
        } catch (UserAlreadyExistsException e) {
            this.facesMessages.add(FacesMessage.SEVERITY_ERROR, (String) this.resourcesAccessor.getMessages().get("error.userManager.userAlreadyExists"), new Object[0]);
            return null;
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public DocumentModel getNewUser() throws ClientException {
        if (this.newUser == null) {
            this.newUser = this.userManager.getBareUserModel();
        }
        return this.newUser;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getSearchString() {
        return this.searchString;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setSearchString(String str) {
        this.searchString = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public Collection<String> getCatalogLetters() {
        ArrayList arrayList = new ArrayList(this.userCatalog.keySet());
        Collections.sort(arrayList);
        return arrayList;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public void setSelectedLetter(String str) {
        this.selectedLetter = str;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String getSelectedLetter() {
        return this.selectedLetter;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String viewUsers() throws ClientException {
        if (this.newSelectedLetter != null && !this.newSelectedLetter.equals(this.selectedLetter)) {
            this.selectedLetter = this.newSelectedLetter;
            resetUsers();
        }
        return UserManagerActions.TABBED.equals(getUserListingMode()) ? "view_many_users" : "view_users";
    }

    protected boolean getCanEditUsers(boolean z) throws ClientException {
        if (this.userManager.areUsersReadOnly().booleanValue() || !(this.currentUser instanceof NuxeoPrincipal)) {
            return false;
        }
        NuxeoPrincipal nuxeoPrincipal = this.currentUser;
        if (nuxeoPrincipal.isAdministrator()) {
            return true;
        }
        return z && this.selectedUser != null && nuxeoPrincipal.getName().equals(this.selectedUser.getId());
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public boolean getAllowEditUser() throws ClientException {
        return getCanEditUsers(true);
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public boolean getAllowChangePassword() throws ClientException {
        return getCanEditUsers(true);
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public boolean getAllowCreateUser() throws ClientException {
        return getCanEditUsers(false);
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public boolean getAllowDeleteUser() throws ClientException {
        return getCanEditUsers(false);
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String clearSearch() throws ClientException {
        this.searchString = null;
        this.searchUserModel = null;
        return searchUsers();
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public boolean isSearchOverflow() {
        return this.searchOverflow;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public DocumentModel getSearchUserModel() throws ClientException {
        if (this.searchUserModel == null) {
            this.searchUserModel = this.userManager.getBareUserModel();
        }
        return this.searchUserModel;
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String searchUsersAdvanced() throws ClientException {
        this.searchOverflow = false;
        try {
            Map<String, Serializable> mkSerializableMap = mkSerializableMap(((org.nuxeo.ecm.core.api.DataModel) this.searchUserModel.getDataModels().values().iterator().next()).getMap());
            this.users = this.userManager.searchUsers(mkSerializableMap, new HashSet(mkSerializableMap.keySet()));
            return viewUsers();
        } catch (SizeLimitExceededException e) {
            this.searchOverflow = true;
            this.users = new DocumentModelListImpl();
            return "view_users";
        }
    }

    @Override // org.nuxeo.ecm.webapp.security.UserManagerActions
    public String clearSearchAdvanced() throws ClientException {
        this.searchUserModel = null;
        return viewUsers();
    }

    protected static Map<String, Serializable> mkSerializableMap(Map<String, Object> map) {
        HashMap hashMap = null;
        if (map != null) {
            hashMap = new HashMap();
            for (String str : map.keySet()) {
                hashMap.put(str, (Serializable) map.get(str));
            }
        }
        return hashMap;
    }
}
