package org.georchestra.console.ws.backoffice.orgs;

import com.google.common.collect.Sets;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.StreamSupport;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.georchestra.commons.security.SecurityHeaders;
import org.georchestra.console.dao.AdvancedDelegationDao;
import org.georchestra.console.dao.DelegationDao;
import org.georchestra.console.model.AdminLogType;
import org.georchestra.console.model.DelegationEntry;
import org.georchestra.console.ws.backoffice.utils.ResponseUtil;
import org.georchestra.console.ws.utils.LogUtils;
import org.georchestra.console.ws.utils.Validation;
import org.georchestra.ds.orgs.Org;
import org.georchestra.ds.orgs.OrgsDao;
import org.georchestra.lib.file.FileUtils;
import org.hibernate.jpa.criteria.expression.function.AggregationFunction;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.beans.factory.xml.BeanDefinitionParserDelegate;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
/* loaded from: input_file:WEB-INF/classes/org/georchestra/console/ws/backoffice/orgs/OrgsController.class */
public class OrgsController {
    private static final String BASE_MAPPING = "/private";
    private static final String BASE_RESOURCE = "orgs";
    private static final String REQUEST_MAPPING = "/private/orgs";
    private static final String PUBLIC_REQUEST_MAPPING = "/public/orgs";

    @Autowired
    private OrgsDao orgDao;

    @Autowired
    protected Validation validation;

    @Autowired
    protected DelegationDao delegationDao;

    @Autowired
    protected AdvancedDelegationDao advancedDelegationDao;

    @Autowired
    protected LogUtils logUtils;

    @Value("${AreaMapCenter:1.77, 47.3}")
    private String areaMapCenter;

    @Value("${AreaMapZoom:6}")
    private String areaMapZoom;

    @Value("${AreasKey:INSEE_COM}")
    private String areasKey;

    @Value("${AreasValue:NOM_COM}")
    private String areasValue;

    @Value("${AreasGroup:NOM_DEP}")
    private String areasGroup;
    private static final Log LOG = LogFactory.getLog(OrgsController.class.getName());
    private static GrantedAuthority ROLE_SUPERUSER = new SimpleGrantedAuthority("ROLE_SUPERUSER");

    @Autowired
    public OrgsController(OrgsDao orgsDao) {
        this.orgDao = orgsDao;
    }

    @RequestMapping(value = {REQUEST_MAPPING}, method = {RequestMethod.GET}, produces = {"application/json; charset=utf-8"})
    @PostFilter("hasPermission(filterObject, 'read')")
    @ResponseBody
    public List<Org> findAll(@RequestParam(defaultValue = "true") boolean z) {
        List<Org> findAll = this.orgDao.findAll();
        if (!z) {
            findAll.forEach(org2 -> {
                org2.setLogo(null);
            });
        }
        Collections.sort(findAll);
        return findAll;
    }

    @RequestMapping(value = {"/private/orgs/{cn:.+}"}, method = {RequestMethod.GET}, produces = {"application/json; charset=utf-8"})
    @ResponseBody
    public Org getOrgInfos(@PathVariable String str) {
        checkOrgAuthorization(str);
        return this.orgDao.findByCommonName(str);
    }

    @RequestMapping(value = {"/private/orgs/{commonName:.+}"}, method = {RequestMethod.PUT}, produces = {"application/json; charset=utf-8"})
    @ResponseBody
    public Org updateOrgInfos(@PathVariable String str, HttpServletRequest httpServletRequest) throws IOException, JSONException, SQLException {
        checkOrgAuthorization(str);
        JSONObject parseRequest = parseRequest(httpServletRequest);
        if (!this.validation.validateOrgField("name", parseRequest)) {
            throw new IOException("required field : name");
        }
        if (!this.validation.validateUrl(parseRequest.optString("url"))) {
            throw new IOException(String.format("bad org url format: %s", parseRequest.optString("url")));
        }
        Org findByCommonName = this.orgDao.findByCommonName(str);
        Org m3305clone = findByCommonName.m3305clone();
        Boolean valueOf = Boolean.valueOf(findByCommonName.isPending());
        updateFromRequest(findByCommonName, parseRequest);
        this.orgDao.update(findByCommonName);
        if (!str.equals(findByCommonName.getId())) {
            for (DelegationEntry delegationEntry : this.advancedDelegationDao.findByOrg(str)) {
                delegationEntry.removeOrg(str);
                delegationEntry.setOrgs((String[]) ArrayUtils.add(delegationEntry.getOrgs(), findByCommonName.getId()));
                this.delegationDao.save((DelegationDao) delegationEntry);
            }
        }
        this.logUtils.logOrgChanged(m3305clone, parseRequest);
        if (SecurityHeaders.decode(httpServletRequest.getHeader(SecurityHeaders.SEC_USERNAME)) != null && valueOf.booleanValue() != findByCommonName.isPending()) {
            this.logUtils.createLog(findByCommonName.getId(), AdminLogType.PENDING_ORG_ACCEPTED, null);
        }
        return findByCommonName;
    }

    @RequestMapping(value = {REQUEST_MAPPING}, method = {RequestMethod.POST}, produces = {"application/json; charset=utf-8"})
    @ResponseBody
    @PreAuthorize("hasRole('SUPERUSER')")
    public Org createOrg(HttpServletRequest httpServletRequest) throws IOException, JSONException {
        JSONObject parseRequest = parseRequest(httpServletRequest);
        if (!this.validation.validateOrgField(Org.JSON_SHORT_NAME, parseRequest)) {
            throw new IOException("required field : shortName");
        }
        if (!this.validation.validateUrl(parseRequest.optString("url"))) {
            throw new IOException(String.format("bad org url format: %s", parseRequest.optString("url")));
        }
        Org org2 = new Org();
        org2.setId("");
        updateFromRequest(org2, parseRequest);
        this.orgDao.insert(org2);
        this.logUtils.createLog(org2.getId(), AdminLogType.ORG_CREATED, null);
        return org2;
    }

    @RequestMapping(value = {"/private/orgs/{commonName:.+}"}, method = {RequestMethod.DELETE})
    @PreAuthorize("hasRole('SUPERUSER')")
    public void deleteOrg(@PathVariable String str, HttpServletResponse httpServletResponse) throws IOException, SQLException {
        for (DelegationEntry delegationEntry : this.advancedDelegationDao.findByOrg(str)) {
            delegationEntry.removeOrg(str);
            this.delegationDao.save((DelegationDao) delegationEntry);
        }
        Org findByCommonName = this.orgDao.findByCommonName(str);
        Boolean valueOf = Boolean.valueOf(findByCommonName.isPending());
        this.orgDao.delete(findByCommonName);
        if (valueOf == null || !valueOf.booleanValue()) {
            this.logUtils.createLog(str, AdminLogType.ORG_DELETED, null);
        } else {
            this.logUtils.createLog(str, AdminLogType.PENDING_ORG_REFUSED, null);
        }
        ResponseUtil.writeSuccess(httpServletResponse);
    }

    @RequestMapping(value = {"/public/orgs/requiredFields"}, method = {RequestMethod.GET})
    public void getRequiredFieldsForOrgCreation(HttpServletResponse httpServletResponse) throws IOException, JSONException {
        JSONArray jSONArray = new JSONArray();
        Set<String> requiredOrgFields = this.validation.getRequiredOrgFields();
        Objects.requireNonNull(jSONArray);
        requiredOrgFields.forEach((v1) -> {
            r1.put(v1);
        });
        ResponseUtil.buildResponse(httpServletResponse, jSONArray.toString(4), 200);
    }

    @RequestMapping(value = {"/public/orgs/orgTypeValues"}, method = {RequestMethod.GET})
    public void getOrganisationTypePossibleValues(HttpServletResponse httpServletResponse) throws IOException, JSONException {
        JSONArray jSONArray = new JSONArray();
        for (String str : this.orgDao.getOrgTypeValues()) {
            jSONArray.put(str);
        }
        ResponseUtil.buildResponse(httpServletResponse, jSONArray.toString(4), 200);
    }

    @RequestMapping(value = {"/public/orgs/areaConfig.json"}, method = {RequestMethod.GET})
    public void getAreaConfig(HttpServletResponse httpServletResponse) throws IOException, JSONException {
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = new JSONObject();
        try {
            String[] split = this.areaMapCenter.split("\\s*,\\s*");
            JSONArray jSONArray = new JSONArray();
            jSONArray.put(Double.parseDouble(split[0]));
            jSONArray.put(Double.parseDouble(split[1]));
            jSONObject2.put("center", jSONArray);
            jSONObject2.put("zoom", this.areaMapZoom);
            jSONObject.put(BeanDefinitionParserDelegate.MAP_ELEMENT, jSONObject2);
        } catch (Exception e) {
            LOG.info("Could not parse value", e);
        }
        JSONObject jSONObject3 = new JSONObject();
        jSONObject3.put("key", this.areasKey);
        jSONObject3.put("value", this.areasValue);
        jSONObject3.put("group", this.areasGroup);
        jSONObject.put("areas", jSONObject3);
        ResponseUtil.buildResponse(httpServletResponse, jSONObject.toString(4), 200);
    }

    @RequestMapping(value = {"/private/orgsTypeDistribution.{format:(?:csv|json)}"}, method = {RequestMethod.GET})
    public void orgTypeDistribution(HttpServletResponse httpServletResponse, @PathVariable String str) throws IOException, JSONException {
        String[] orgs;
        HashMap hashMap = new HashMap();
        List<Org> findAll = this.orgDao.findAll();
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!authentication.getAuthorities().contains(ROLE_SUPERUSER) && (orgs = this.delegationDao.findOne(authentication.getName()).getOrgs()) != null && orgs.length > 0) {
            HashSet newHashSet = Sets.newHashSet(orgs);
            findAll = (List) findAll.stream().filter(org2 -> {
                return newHashSet.contains(org2.getName());
            }).collect(Collectors.toList());
        }
        for (Org org3 : findAll) {
            try {
                hashMap.put(org3.getOrgType(), Integer.valueOf(((Integer) hashMap.get(org3.getOrgType())).intValue() + 1));
            } catch (NullPointerException e) {
                hashMap.put(org3.getOrgType(), 1);
            }
        }
        PrintWriter writer = httpServletResponse.getWriter();
        if (str.equalsIgnoreCase("csv")) {
            httpServletResponse.setContentType("text/csv");
            httpServletResponse.setHeader("Content-Disposition", "attachment;filename=orgsTypeDistribution.csv");
            writer.println("organisation type, count");
            for (String str2 : hashMap.keySet()) {
                writer.println(str2 + "," + hashMap.get(str2));
            }
            writer.close();
            return;
        }
        if (str.equalsIgnoreCase("json")) {
            httpServletResponse.setContentType("application/json");
            JSONArray jSONArray = new JSONArray();
            for (String str3 : hashMap.keySet()) {
                jSONArray.put(new JSONObject().put("type", str3).put(AggregationFunction.COUNT.NAME, hashMap.get(str3)));
            }
            writer.println(jSONArray.toString(4));
            writer.close();
        }
    }

    private void checkOrgAuthorization(String str) throws AccessDeniedException {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || authentication.getName() == null || authentication.getAuthorities().contains(ROLE_SUPERUSER)) {
            return;
        }
        DelegationEntry findOne = this.delegationDao.findOne(authentication.getName());
        if (findOne == null) {
            throw new AccessDeniedException("Org not under delegation");
        }
        if (!Arrays.asList(findOne.getOrgs()).contains(str)) {
            throw new AccessDeniedException("Org not under delegation");
        }
    }

    protected void updateFromRequest(Org org2, JSONObject jSONObject) throws IOException {
        org2.setId(this.orgDao.reGenerateId(jSONObject.optString(Org.JSON_SHORT_NAME), org2.getId()));
        org2.setName(jSONObject.optString("name"));
        org2.setShortName(jSONObject.optString(Org.JSON_SHORT_NAME));
        if (!jSONObject.isNull(Org.JSON_CITIES)) {
            List<String> arrayList = new ArrayList();
            if (!jSONObject.getJSONArray(Org.JSON_CITIES).isEmpty()) {
                arrayList = (List) StreamSupport.stream(jSONObject.getJSONArray(Org.JSON_CITIES).spliterator(), false).map((v0) -> {
                    return v0.toString();
                }).collect(Collectors.toList());
            }
            org2.setCities(arrayList);
        }
        if (!jSONObject.isNull(Org.JSON_MEMBERS)) {
            org2.setMembers((List) StreamSupport.stream(jSONObject.getJSONArray(Org.JSON_MEMBERS).spliterator(), false).map((v0) -> {
                return v0.toString();
            }).collect(Collectors.toList()));
        }
        org2.setPending(jSONObject.optBoolean("pending"));
        org2.setOrgType(jSONObject.optString(Org.JSON_ORG_TYPE));
        org2.setAddress(jSONObject.optString(Org.JSON_ADDRESS));
        org2.setDescription(jSONObject.optString("description"));
        org2.setNote(jSONObject.optString(Org.JSON_NOTE));
        org2.setUrl(jSONObject.optString("url"));
        org2.setLogo(jSONObject.optString(Org.JSON_LOGO));
        org2.setMail(jSONObject.optString("mail"));
    }

    private JSONObject parseRequest(HttpServletRequest httpServletRequest) throws IOException, JSONException {
        return new JSONObject(FileUtils.asString(httpServletRequest.getInputStream()));
    }
}
