package org.georchestra.console.ws.emails;

import java.io.UnsupportedEncodingException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.LinkedList;
import javax.activation.DataHandler;
import javax.mail.Address;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.Transport;
import javax.mail.internet.AddressException;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MailDateFormat;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import javax.mail.util.ByteArrayDataSource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.georchestra.commons.security.SecurityHeaders;
import org.georchestra.console.dao.AdvancedDelegationDao;
import org.georchestra.console.dao.AttachmentDao;
import org.georchestra.console.dao.EmailDao;
import org.georchestra.console.dao.EmailTemplateDao;
import org.georchestra.console.mailservice.EmailFactory;
import org.georchestra.console.model.AdminLogType;
import org.georchestra.console.model.Attachment;
import org.georchestra.console.model.EmailEntry;
import org.georchestra.console.model.EmailTemplate;
import org.georchestra.console.ws.utils.LogUtils;
import org.georchestra.ds.DataServiceException;
import org.georchestra.ds.users.Account;
import org.georchestra.ds.users.AccountDao;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.ldap.NameNotFoundException;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
/* loaded from: input_file:WEB-INF/classes/org/georchestra/console/ws/emails/EmailController.class */
public class EmailController {

    @Autowired
    private EmailDao emailRepository;

    @Autowired
    private AttachmentDao attachmentRepo;

    @Autowired
    private EmailTemplateDao emailTemplateRepo;

    @Autowired
    private AccountDao accountDao;

    @Autowired
    private EmailFactory emailFactory;

    @Autowired
    private LogUtils logUtils;

    @Autowired
    private AdvancedDelegationDao advancedDelegationDao;
    private static final Log LOG = LogFactory.getLog(EmailController.class.getName());
    private Collection<String> recipientWhiteList;

    @Value("${emailProxyFromAddress:${administratorEmail}}")
    private String emailProxyFromAddress;

    @Value("${emailProxyMaxRecipient:10}")
    private String emailProxyMaxRecipient;

    @Value("${emailProxyMaxBodySize:10000}")
    private String emailProxyMaxBodySize;

    @Value("${emailProxyMaxSubjectSize:200}")
    private String emailProxyMaxSubjectSize;

    @Value("${emailProxyRecipientWhitelist:${administratorEmail}}")
    private String emailProxyRecipientWhitelist;

    @RequestMapping(value = {"/{recipient}/emails"}, method = {RequestMethod.GET}, produces = {"application/json; charset=UTF-8"})
    @ResponseBody
    public String emailsList(@PathVariable String str) throws JSONException {
        checkAuthorisation(str);
        JSONArray jSONArray = new JSONArray();
        Iterator<EmailEntry> it = this.emailRepository.findByRecipientOrderByDateDesc(str).iterator();
        while (it.hasNext()) {
            jSONArray.put(it.next().toJSON());
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("emails", jSONArray);
        return jSONObject.toString();
    }

    @RequestMapping(value = {"{recipient}/sendEmail"}, method = {RequestMethod.POST})
    @ResponseBody
    public String sendEmail(@PathVariable String str, @RequestParam("subject") String str2, @RequestParam("content") String str3, @RequestParam("attachments") String str4, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws NameNotFoundException, DataServiceException, MessagingException, JSONException {
        checkAuthorisation(str);
        EmailEntry emailEntry = new EmailEntry();
        emailEntry.setSender(SecurityHeaders.decode(httpServletRequest.getHeader(SecurityHeaders.SEC_USERNAME)));
        emailEntry.setRecipient(str);
        emailEntry.setSubject(str2);
        emailEntry.setDate(new Date());
        emailEntry.setBody(str3);
        String trim = str4.trim();
        LinkedList linkedList = new LinkedList();
        if (trim.length() > 0) {
            for (String str5 : trim.split("\\s?,\\s?")) {
                Attachment findOne = this.attachmentRepo.findOne(Long.valueOf(Long.parseLong(str5)));
                if (findOne == null) {
                    throw new NameNotFoundException("Unable to find attachment with ID : " + str5);
                }
                linkedList.add(findOne);
            }
        }
        emailEntry.setAttachments(linkedList);
        send(emailEntry);
        httpServletResponse.setContentType("application/json");
        this.emailRepository.save((EmailDao) emailEntry);
        String jSONObject = emailEntry.toJSON().toString();
        this.logUtils.createLog(str, AdminLogType.EMAIL_SENT, jSONObject);
        return jSONObject;
    }

    @RequestMapping(value = {"{recipient}/sendEmail"}, method = {RequestMethod.GET})
    @ResponseBody
    public String sendEmail(@PathVariable String str) {
        return "<form method=POST>recipient : " + str + "<br>subject : <input type='test' name='subject'><br>content : <textarea name='content'></textarea><br>comma separated list of attachment identifier <input type='text' name='attachments'><br><input type='submit'></form>";
    }

    @RequestMapping(value = {"/attachments"}, method = {RequestMethod.GET}, produces = {"application/json; charset=UTF-8"})
    @ResponseBody
    public String attachments() throws JSONException {
        JSONArray jSONArray = new JSONArray();
        for (Attachment attachment : this.attachmentRepo.findAll()) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("id", attachment.getId());
            jSONObject.put("name", attachment.getName());
            jSONObject.put("mimeType", attachment.getMimeType());
            jSONArray.put(jSONObject);
        }
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("attachments", jSONArray);
        return jSONObject2.toString();
    }

    @RequestMapping(value = {"/emailTemplates"}, method = {RequestMethod.GET}, produces = {"application/json; charset=UTF-8"})
    @ResponseBody
    public String emailTemplates() throws JSONException {
        JSONArray jSONArray = new JSONArray();
        for (EmailTemplate emailTemplate : this.emailTemplateRepo.findAll()) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("id", emailTemplate.getId());
            jSONObject.put("name", emailTemplate.getName());
            jSONObject.put("content", emailTemplate.getContent());
            jSONArray.put(jSONObject);
        }
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("templates", jSONArray);
        return jSONObject2.toString();
    }

    @RequestMapping(value = {"/emailProxy"}, method = {RequestMethod.POST}, produces = {"application/json; charset=utf-8"}, consumes = {"application/json"})
    @ResponseBody
    public String emailProxy(@RequestBody String str, HttpServletRequest httpServletRequest) throws JSONException, MessagingException, UnsupportedEncodingException, DataServiceException {
        JSONObject jSONObject = new JSONObject(str);
        InternetAddress[] populateRecipient = populateRecipient("to", jSONObject);
        InternetAddress[] populateRecipient2 = populateRecipient("cc", jSONObject);
        InternetAddress[] populateRecipient3 = populateRecipient("bcc", jSONObject);
        checkSubject(jSONObject);
        checkBody(jSONObject);
        checkRecipient(populateRecipient, populateRecipient2, populateRecipient3);
        String decode = SecurityHeaders.decode(httpServletRequest.getHeader(SecurityHeaders.SEC_USERNAME));
        String decode2 = SecurityHeaders.decode(httpServletRequest.getHeader(SecurityHeaders.SEC_ROLES));
        String decode3 = SecurityHeaders.decode(httpServletRequest.getHeader(SecurityHeaders.SEC_FIRSTNAME));
        String decode4 = SecurityHeaders.decode(httpServletRequest.getHeader(SecurityHeaders.SEC_LASTNAME));
        String decode5 = SecurityHeaders.decode(httpServletRequest.getHeader(SecurityHeaders.SEC_EMAIL));
        LOG.info("EMail request : user=" + decode + " to=" + extractAddress("to", jSONObject) + " cc=" + extractAddress("cc", jSONObject) + " bcc=" + extractAddress("bcc", jSONObject) + " roles=" + decode2);
        LOG.debug("EMail request : " + jSONObject.toString());
        MimeMessage createEmptyMessage = this.emailFactory.createEmptyMessage();
        InternetAddress internetAddress = new InternetAddress();
        internetAddress.setAddress(this.emailProxyFromAddress);
        internetAddress.setPersonal(decode3 + " " + decode4);
        createEmptyMessage.setFrom(internetAddress);
        InternetAddress internetAddress2 = new InternetAddress();
        internetAddress2.setAddress(decode5);
        internetAddress2.setPersonal(decode3 + " " + decode4);
        createEmptyMessage.setReplyTo(new Address[]{internetAddress2});
        if (populateRecipient.length > 0) {
            createEmptyMessage.setRecipients(Message.RecipientType.TO, populateRecipient);
        }
        if (populateRecipient2.length > 0) {
            createEmptyMessage.setRecipients(Message.RecipientType.CC, populateRecipient2);
        }
        if (populateRecipient3.length > 0) {
            createEmptyMessage.setRecipients(Message.RecipientType.BCC, populateRecipient3);
        }
        createEmptyMessage.setSubject(jSONObject.getString("subject"), "UTF-8");
        createEmptyMessage.setText(jSONObject.getString("body"), "UTF-8", "plain");
        createEmptyMessage.setSentDate(new Date());
        Transport.send(createEmptyMessage);
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("success", true);
        return jSONObject2.toString();
    }

    private void checkSubject(JSONObject jSONObject) throws JSONException {
        if (!jSONObject.has("subject") || jSONObject.getString("subject").length() == 0) {
            throw new JSONException("No subject specified, 'subject' field is required");
        }
        if (jSONObject.getString("subject").length() > Integer.parseInt(this.emailProxyMaxSubjectSize)) {
            throw new IllegalArgumentException("Subject is too long, it should not exceed " + this.emailProxyMaxSubjectSize + " bytes");
        }
    }

    private void checkBody(JSONObject jSONObject) throws JSONException {
        if (!jSONObject.has("body")) {
            throw new JSONException("No body specified, 'body' field is required");
        }
        if (jSONObject.getString("body").length() > Integer.parseInt(this.emailProxyMaxBodySize)) {
            throw new IllegalArgumentException("Body is too long, it should not exceed " + this.emailProxyMaxBodySize + " bytes");
        }
    }

    private void checkRecipient(InternetAddress[] internetAddressArr, InternetAddress[] internetAddressArr2, InternetAddress[] internetAddressArr3) throws JSONException, DataServiceException {
        if (internetAddressArr.length == 0 && internetAddressArr2.length == 0 && internetAddressArr3.length == 0) {
            throw new JSONException("One of 'to', 'cc' or 'bcc' must be present in request");
        }
        if (internetAddressArr.length + internetAddressArr2.length + internetAddressArr3.length > Integer.parseInt(this.emailProxyMaxRecipient)) {
            throw new IllegalArgumentException("Too many recipient in request, max recipient : " + this.emailProxyMaxRecipient);
        }
        for (int i = 0; i < internetAddressArr.length; i++) {
            if (!recipientIsAllowed(internetAddressArr[i].getAddress())) {
                throw new IllegalArgumentException("Recipient not allowed : " + internetAddressArr[i].getAddress());
            }
        }
        for (int i2 = 0; i2 < internetAddressArr2.length; i2++) {
            if (!recipientIsAllowed(internetAddressArr2[i2].getAddress())) {
                throw new IllegalArgumentException("Recipient not allowed : " + internetAddressArr2[i2].getAddress());
            }
        }
        for (int i3 = 0; i3 < internetAddressArr3.length; i3++) {
            if (!recipientIsAllowed(internetAddressArr3[i3].getAddress())) {
                throw new IllegalArgumentException("Recipient not allowed : " + internetAddressArr3[i3].getAddress());
            }
        }
    }

    private void checkAuthorisation(String str) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
        AdvancedDelegationDao advancedDelegationDao = this.advancedDelegationDao;
        if (!authorities.contains(AdvancedDelegationDao.ROLE_SUPERUSER) && !this.advancedDelegationDao.findUsersUnderDelegation(authentication.getName()).contains(str)) {
            throw new AccessDeniedException("User " + str + " not under delegation");
        }
    }

    private String extractAddress(String str, JSONObject jSONObject) throws JSONException {
        StringBuilder sb = new StringBuilder();
        if (jSONObject.has(str)) {
            JSONArray jSONArray = jSONObject.getJSONArray(str);
            for (int i = 0; i < jSONArray.length(); i++) {
                if (i > 0) {
                    sb.append(",");
                }
                sb.append(jSONArray.getString(i));
            }
        }
        return sb.toString();
    }

    private InternetAddress[] populateRecipient(String str, JSONObject jSONObject) throws JSONException, AddressException {
        LinkedList linkedList = new LinkedList();
        if (jSONObject.has(str)) {
            JSONArray jSONArray = jSONObject.getJSONArray(str);
            for (int i = 0; i < jSONArray.length(); i++) {
                InternetAddress internetAddress = new InternetAddress();
                internetAddress.setAddress(jSONArray.getString(i));
                internetAddress.validate();
                linkedList.add(internetAddress);
            }
        }
        return (InternetAddress[]) linkedList.toArray(new InternetAddress[linkedList.size()]);
    }

    private boolean recipientIsAllowed(String str) throws DataServiceException {
        if (this.recipientWhiteList == null) {
            this.recipientWhiteList = Arrays.asList(this.emailProxyRecipientWhitelist.split("\\s*,\\s*"));
        }
        if (this.recipientWhiteList.contains(str)) {
            return true;
        }
        try {
            Account findByEmail = this.accountDao.findByEmail(str);
            if (findByEmail == null) {
                return false;
            }
            checkAuthorisation(findByEmail.getUid());
            return true;
        } catch (NameNotFoundException e) {
            return false;
        } catch (AccessDeniedException e2) {
            return false;
        }
    }

    private void send(EmailEntry emailEntry) throws NameNotFoundException, DataServiceException, MessagingException {
        MimeMessage createEmptyMessage = this.emailFactory.createEmptyMessage();
        Account findByUID = this.accountDao.findByUID(emailEntry.getRecipient());
        createEmptyMessage.addFrom(new InternetAddress[]{new InternetAddress(this.accountDao.findByUID(emailEntry.getSender()).getEmail())});
        createEmptyMessage.addRecipient(Message.RecipientType.TO, new InternetAddress(findByUID.getEmail()));
        createEmptyMessage.setSubject(emailEntry.getSubject());
        createEmptyMessage.setHeader("Date", new MailDateFormat().format(emailEntry.getDate()));
        MimeMultipart mimeMultipart = new MimeMultipart("alternative");
        for (Attachment attachment : emailEntry.getAttachments()) {
            MimeBodyPart mimeBodyPart = new MimeBodyPart();
            mimeBodyPart.setDataHandler(new DataHandler(new ByteArrayDataSource(attachment.getContent(), attachment.getMimeType())));
            mimeBodyPart.setFileName(attachment.getName());
            mimeMultipart.addBodyPart(mimeBodyPart);
        }
        MimeBodyPart mimeBodyPart2 = new MimeBodyPart();
        mimeBodyPart2.setContent(emailEntry.getBody(), "text/html; charset=utf-8");
        mimeMultipart.addBodyPart(mimeBodyPart2);
        createEmptyMessage.setContent(mimeMultipart);
        Transport.send(createEmptyMessage);
    }

    public AccountDao getAccountDao() {
        return this.accountDao;
    }

    public void setAccountDao(AccountDao accountDao) {
        this.accountDao = accountDao;
    }

    public void setEmailProxyFromAddress(String str) {
        this.emailProxyFromAddress = str;
    }

    public void setEmailProxyMaxRecipient(String str) {
        this.emailProxyMaxRecipient = str;
    }

    public void setEmailProxyMaxBodySize(String str) {
        this.emailProxyMaxBodySize = str;
    }

    public void setEmailProxyMaxSubjectSize(String str) {
        this.emailProxyMaxSubjectSize = str;
    }

    public void setEmailProxyRecipientWhitelist(String str) {
        this.emailProxyRecipientWhitelist = str;
    }
}
