package org.georchestra.console.ws.newaccount;

import com.google.common.annotations.VisibleForTesting;
import java.io.IOException;
import java.sql.SQLException;
import java.time.Clock;
import java.time.LocalDate;
import java.util.Arrays;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.function.Function;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import javax.mail.MessagingException;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.commons.validator.routines.EmailValidator;
import org.georchestra.console.bs.ReCaptchaParameters;
import org.georchestra.console.dao.AdvancedDelegationDao;
import org.georchestra.console.mailservice.EmailFactory;
import org.georchestra.console.model.AdminLogType;
import org.georchestra.console.model.DelegationEntry;
import org.georchestra.console.ws.utils.LogUtils;
import org.georchestra.console.ws.utils.PasswordUtils;
import org.georchestra.console.ws.utils.RecaptchaUtils;
import org.georchestra.console.ws.utils.Validation;
import org.georchestra.ds.DataServiceException;
import org.georchestra.ds.orgs.Org;
import org.georchestra.ds.orgs.OrgsDao;
import org.georchestra.ds.roles.RoleDao;
import org.georchestra.ds.users.Account;
import org.georchestra.ds.users.AccountDao;
import org.georchestra.ds.users.AccountFactory;
import org.georchestra.ds.users.DuplicatedEmailException;
import org.georchestra.ds.users.DuplicatedUidException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.validation.DefaultBindingErrorProcessor;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.SessionAttributes;
import org.springframework.web.bind.support.SessionStatus;

@SessionAttributes(types = {AccountFormBean.class})
@Controller
/* loaded from: input_file:WEB-INF/classes/org/georchestra/console/ws/newaccount/NewAccountFormController.class */
public final class NewAccountFormController {
    private static final Log LOG = LogFactory.getLog(NewAccountFormController.class.getName());

    @Autowired
    private AccountDao accountDao;

    @Autowired
    private OrgsDao orgDao;

    @Autowired
    private RoleDao roleDao;

    @Autowired
    private EmailFactory emailFactory;

    @Autowired
    private AdvancedDelegationDao advancedDelegationDao;

    @Autowired
    protected PasswordUtils passwordUtils;

    @Autowired
    private boolean moderatedSignup = true;

    @Autowired
    protected boolean reCaptchaActivated;
    private ReCaptchaParameters reCaptchaParameters;

    @Autowired
    protected boolean privacyPolicyAgreementActivated;

    @Autowired
    protected String privacyPolicyAgreementUrl;

    @Autowired
    protected boolean consentAgreementActivated;

    @Autowired
    protected String consentAgreementUrl;

    @Autowired
    protected LogUtils logUtils;

    @Autowired
    protected Clock clock;
    private Validation validation;

    @Value("${publicContextPath:/console}")
    private String publicContextPath;

    @Autowired
    public NewAccountFormController(ReCaptchaParameters reCaptchaParameters, Validation validation) {
        this.reCaptchaParameters = reCaptchaParameters;
        this.validation = validation;
    }

    public void setAccountDao(AccountDao accountDao) {
        this.accountDao = accountDao;
    }

    public void setOrgDao(OrgsDao orgsDao) {
        this.orgDao = orgsDao;
    }

    public void setEmailFactory(EmailFactory emailFactory) {
        this.emailFactory = emailFactory;
    }

    public void setPasswordUtils(PasswordUtils passwordUtils) {
        this.passwordUtils = passwordUtils;
    }

    public void setAdvancedDelegationDao(AdvancedDelegationDao advancedDelegationDao) {
        this.advancedDelegationDao = advancedDelegationDao;
    }

    public void setModeratedSignup(boolean z) {
        this.moderatedSignup = z;
    }

    public void setRoleDao(RoleDao roleDao) {
        this.roleDao = roleDao;
    }

    @ModelAttribute("accountFormBean")
    public AccountFormBean getAccountFormBean() {
        return new AccountFormBean();
    }

    @InitBinder
    public void initForm(WebDataBinder webDataBinder) {
        webDataBinder.setAllowedFields("firstName", "surname", "email", "phone", "org", "title", "description", "uid", "password", "confirmPassword", "privacyPolicyAgreed", "consentAgreed", "createOrg", "orgName", "orgShortName", "orgAddress", Org.JSON_ORG_TYPE, "orgCities", "orgDescription", "orgUrl", "orgMail", "orgLogo", "recaptcha_response_field");
    }

    @RequestMapping(value = {"/account/new"}, method = {RequestMethod.GET})
    public String setupForm(HttpServletRequest httpServletRequest, Model model) throws IOException {
        HttpSession session = httpServletRequest.getSession();
        populateOrgsAndOrgTypes(model);
        model.addAttribute("privacyPolicyAgreementActivated", Boolean.valueOf(this.privacyPolicyAgreementActivated));
        model.addAttribute("privacyPolicyAgreementUrl", this.privacyPolicyAgreementUrl);
        model.addAttribute("consentAgreementActivated", Boolean.valueOf(this.consentAgreementActivated));
        model.addAttribute("consentAgreementUrl", this.consentAgreementUrl);
        model.addAttribute("recaptchaActivated", Boolean.valueOf(this.reCaptchaActivated));
        model.addAttribute("pwdUtils", this.passwordUtils);
        session.setAttribute("reCaptchaPublicKey", this.reCaptchaParameters.getPublicKey());
        Iterator<String> it = this.validation.getRequiredUserFields().iterator();
        while (it.hasNext()) {
            session.setAttribute(it.next() + "Required", "true");
        }
        for (String str : this.validation.getRequiredOrgFields()) {
            session.setAttribute("org" + str.substring(0, 1).toUpperCase() + str.substring(1, str.length()) + "Required", "true");
        }
        return "createAccountForm";
    }

    @RequestMapping(value = {"/account/new"}, method = {RequestMethod.POST})
    public String create(HttpServletRequest httpServletRequest, @ModelAttribute AccountFormBean accountFormBean, @RequestParam(value = "orgCities", required = false, defaultValue = "") String str, BindingResult bindingResult, SessionStatus sessionStatus, Model model) throws IOException, SQLException {
        populateOrgsAndOrgTypes(model);
        model.addAttribute("moderatedSignup", Boolean.valueOf(this.moderatedSignup));
        model.addAttribute("pwdUtils", this.passwordUtils);
        validateFields(accountFormBean, bindingResult);
        if (bindingResult.hasErrors()) {
            return "createAccountForm";
        }
        if (accountFormBean.getCreateOrg()) {
            try {
                Org org2 = new Org();
                String generateId = this.orgDao.generateId(accountFormBean.getOrgShortName());
                org2.setId(generateId);
                org2.setName(accountFormBean.getOrgName());
                org2.setShortName(accountFormBean.getOrgShortName());
                org2.setAddress(accountFormBean.getOrgAddress());
                org2.setOrgType(accountFormBean.getOrgType());
                org2.setDescription(accountFormBean.getOrgDescription());
                org2.setUrl(accountFormBean.getOrgUrl());
                org2.setLogo(accountFormBean.getOrgLogo());
                org2.setMail(accountFormBean.getOrgMail());
                String trim = str.trim();
                if (trim.length() > 0) {
                    org2.setCities(Arrays.asList(trim.split("\\s*,\\s*")));
                }
                org2.setPending(this.moderatedSignup);
                this.orgDao.insert(org2);
                accountFormBean.setOrg(generateId);
                if (org2.isPending()) {
                    this.logUtils.createLog(generateId, AdminLogType.PENDING_ORG_CREATED, null);
                }
            } catch (Exception e) {
                LOG.error(e.getMessage());
                throw new IOException(e);
            }
        }
        try {
            Account createBrief = AccountFactory.createBrief(accountFormBean.getUid().toLowerCase(), accountFormBean.getPassword(), accountFormBean.getFirstName(), accountFormBean.getSurname(), accountFormBean.getEmail(), accountFormBean.getPhone(), accountFormBean.getTitle(), accountFormBean.getDescription());
            if (!accountFormBean.getOrg().equals("-")) {
                createBrief.setOrg(accountFormBean.getOrg());
            }
            createBrief.setPending(this.moderatedSignup);
            if (this.privacyPolicyAgreementActivated) {
                createBrief.setPrivacyPolicyAgreementDate(LocalDate.now(this.clock));
            }
            this.accountDao.insert(createBrief);
            this.roleDao.addUser("USER", createBrief);
            this.orgDao.linkUser(createBrief);
            ServletContext servletContext = httpServletRequest.getSession().getServletContext();
            List<String> superUserEmailAddresses = getSuperUserEmailAddresses();
            if (!accountFormBean.getOrg().equals("-")) {
                Iterator<DelegationEntry> it = this.advancedDelegationDao.findByOrg(accountFormBean.getOrg()).iterator();
                while (it.hasNext()) {
                    superUserEmailAddresses.add(this.accountDao.findByUID(it.next().getUid()).getEmail());
                }
            }
            String name = this.orgDao.findByCommonName(createBrief.getOrg()).getName();
            if (this.moderatedSignup) {
                this.emailFactory.sendNewAccountRequiresModerationEmail(servletContext, superUserEmailAddresses, createBrief.getCommonName(), createBrief.getUid(), createBrief.getEmail(), name);
                this.emailFactory.sendAccountCreationInProcessEmail(servletContext, createBrief.getEmail(), createBrief.getCommonName(), createBrief.getUid());
            } else {
                this.emailFactory.sendNewAccountNotificationEmail(servletContext, superUserEmailAddresses, createBrief.getCommonName(), createBrief.getUid(), createBrief.getEmail(), name);
                this.emailFactory.sendAccountWasCreatedEmail(servletContext, createBrief.getEmail(), createBrief.getCommonName(), createBrief.getUid());
            }
            sessionStatus.setComplete();
            if (!createBrief.isPending()) {
                return "welcomeNewUser";
            }
            this.logUtils.createLog(createBrief.getUid(), AdminLogType.PENDING_USER_CREATED, null);
            return "welcomeNewUser";
        } catch (MessagingException | DataServiceException e2) {
            throw new IOException(e2);
        } catch (DuplicatedEmailException e3) {
            bindingResult.rejectValue("email", "email.error.exist", new String[]{String.format("%s%s", this.publicContextPath, "/account/passwordRecovery")}, "there is a user with this e-mail");
            return "createAccountForm";
        } catch (DuplicatedUidException e4) {
            accountFormBean.setUid(this.accountDao.generateUid(accountFormBean.getUid()));
            bindingResult.rejectValue("uid", "uid.error.exist", "the uid exist");
            return "createAccountForm";
        }
    }

    @VisibleForTesting
    public List<String> getSuperUserEmailAddresses() throws DataServiceException {
        return (List) this.accountDao.findByRole("SUPERUSER").stream().map((v0) -> {
            return v0.getEmail();
        }).filter(StringUtils::isNotEmpty).collect(Collectors.toCollection(LinkedList::new));
    }

    private void validateFields(@ModelAttribute AccountFormBean accountFormBean, BindingResult bindingResult) {
        if (this.validation.validateUserFieldWithSpecificMsg("uid", accountFormBean.getUid(), bindingResult) && !Pattern.compile("[a-zA-Z][a-zA-Z0-9_\\.\\-]*").matcher(accountFormBean.getUid()).matches()) {
            bindingResult.rejectValue("uid", "uid.error.invalid", DefaultBindingErrorProcessor.MISSING_FIELD_ERROR_CODE);
        }
        this.validation.validateUserFieldWithSpecificMsg("firstName", accountFormBean.getFirstName(), bindingResult);
        this.validation.validateUserFieldWithSpecificMsg("surname", accountFormBean.getSurname(), bindingResult);
        if (this.validation.validateUserFieldWithSpecificMsg("email", accountFormBean.getEmail(), bindingResult) && !EmailValidator.getInstance().isValid(accountFormBean.getEmail())) {
            bindingResult.rejectValue("email", "email.error.invalidFormat", "Invalid Format");
        }
        this.passwordUtils.validate(accountFormBean.getPassword(), accountFormBean.getConfirmPassword(), bindingResult);
        if (this.reCaptchaActivated) {
            RecaptchaUtils.validate(this.reCaptchaParameters, accountFormBean.getRecaptcha_response_field(), bindingResult);
        }
        if (this.privacyPolicyAgreementActivated) {
            this.validation.validateAgreedField(accountFormBean.getPrivacyPolicyAgreed(), bindingResult, "privacyPolicyAgreed");
        }
        if (this.consentAgreementActivated) {
            this.validation.validateAgreedField(accountFormBean.getConsentAgreed(), bindingResult, "consentAgreed");
        }
        this.validation.validateUserField("phone", accountFormBean.getPhone(), bindingResult);
        this.validation.validateUserField("title", accountFormBean.getTitle(), bindingResult);
        this.validation.validateUserField("description", accountFormBean.getDescription(), bindingResult);
        if (!accountFormBean.getCreateOrg() || bindingResult.hasErrors()) {
            this.validation.validateUserField("org", accountFormBean.getOrg(), bindingResult);
            return;
        }
        this.validation.validateOrgField("name", accountFormBean.getOrgName(), bindingResult);
        this.validation.validateOrgField(Org.JSON_SHORT_NAME, accountFormBean.getOrgShortName(), bindingResult);
        this.validation.validateOrgField(Org.JSON_ADDRESS, accountFormBean.getOrgAddress(), bindingResult);
        this.validation.validateOrgField("type", accountFormBean.getOrgType(), bindingResult);
        this.validation.validateOrgField("url", accountFormBean.getOrgUrl(), bindingResult);
        this.validation.validateOrgField("description", accountFormBean.getOrgDescription(), bindingResult);
        this.validation.validateOrgField(Org.JSON_LOGO, accountFormBean.getOrgLogo(), bindingResult);
        this.validation.validateUrlFieldWithSpecificMsg("orgUrl", accountFormBean.getOrgUrl(), bindingResult);
    }

    private void populateOrgsAndOrgTypes(Model model) {
        model.addAttribute("orgs", getOrgs());
        model.addAttribute("orgTypes", getOrgTypes());
    }

    private Map<String, String> getOrgTypes() {
        return (Map) Arrays.stream(this.orgDao.getOrgTypeValues()).collect(Collectors.toMap(Function.identity(), Function.identity(), (str, str2) -> {
            return str;
        }, LinkedHashMap::new));
    }

    private Map<String, String> getOrgs() {
        return (Map) this.orgDao.findValidated().stream().sorted((org2, org3) -> {
            return org2.getName().compareToIgnoreCase(org3.getName());
        }).collect(Collectors.toMap((v0) -> {
            return v0.getId();
        }, (v0) -> {
            return v0.getName();
        }, (str, str2) -> {
            return str;
        }, LinkedHashMap::new));
    }
}
