package org.lamsfoundation.lams.webservice;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.lamsfoundation.lams.integration.ExtServer;
import org.lamsfoundation.lams.integration.service.IntegrationService;
import org.lamsfoundation.lams.security.ISecurityService;
import org.lamsfoundation.lams.usermanagement.Role;
import org.lamsfoundation.lams.usermanagement.User;
import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
import org.lamsfoundation.lams.util.CentralConstants;
import org.lamsfoundation.lams.util.HashUtil;
import org.springframework.web.context.support.WebApplicationContextUtils;

/* loaded from: input_file:org/lamsfoundation/lams/webservice/UserRoleServlet.class */
public class UserRoleServlet extends HttpServlet {
    private static Logger log = Logger.getLogger(UserRoleServlet.class);
    private static IntegrationService integrationService = null;
    private static IUserManagementService userManagementService = null;
    private static ISecurityService securityService = null;

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter(CentralConstants.PARAM_SERVER_ID);
        String parameter2 = httpServletRequest.getParameter(CentralConstants.PARAM_DATE_TIME);
        String parameter3 = httpServletRequest.getParameter(CentralConstants.PARAM_HASH_VALUE);
        String parameter4 = httpServletRequest.getParameter("username");
        String parameter5 = httpServletRequest.getParameter(CentralConstants.PARAM_METHOD);
        String parameter6 = httpServletRequest.getParameter("targetUsername");
        String parameter7 = httpServletRequest.getParameter("role");
        try {
            ExtServer extServer = integrationService.getExtServer(parameter);
            if (!parameter3.equals(HashUtil.sha1(parameter2.toLowerCase().trim() + parameter4.toLowerCase().trim() + parameter6.toLowerCase().trim() + parameter5.toLowerCase().trim() + parameter7.toLowerCase().trim() + extServer.getServerid().toLowerCase().trim() + extServer.getServerkey().toLowerCase().trim()))) {
                log.error("Hash check failed while trying to set role for user: " + parameter6);
                httpServletResponse.sendError(401, "Authentication failed, invalid hash");
                return;
            }
            if (!securityService.isSysadmin(integrationService.getExtUserUseridMap(extServer, parameter4).getUser().getUserId(), "set user role", false)) {
                log.error("Sysadmin role check failed while trying to set role for user: " + parameter6);
                httpServletResponse.sendError(401, "Authentication failed, user is not sysadmin");
                return;
            }
            User user = integrationService.getExtUserUseridMap(extServer, parameter6).getUser();
            if ("grant".equalsIgnoreCase(parameter5)) {
                grant(user, parameter7);
            } else if ("revoke".equalsIgnoreCase(parameter5)) {
                revoke(user, parameter7);
            } else {
                log.error("Unknown method: " + parameter5);
                httpServletResponse.sendError(400, "Unknown method: " + parameter5);
            }
        } catch (Exception e) {
            log.error("Error while setting user roles", e);
            httpServletResponse.sendError(500, "Error while setting user roles");
        }
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    public void init() throws ServletException {
        integrationService = (IntegrationService) WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext()).getBean("integrationService");
        userManagementService = (IUserManagementService) WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext()).getBean("userManagementService");
        securityService = (ISecurityService) WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext()).getBean("securityService");
    }

    private void grant(User user, String str) throws IOException {
        boolean z = -1;
        switch (str.hashCode()) {
            case -1553830750:
                if (str.equals("SYSADMIN")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                userManagementService.setRolesForUserOrganisation(user, userManagementService.getRootOrganisation().getOrganisationId(), new ArrayList(Arrays.asList(Role.ROLE_SYSADMIN.toString())));
                return;
            default:
                throw new IOException("Unknown role: " + str);
        }
    }

    private void revoke(User user, String str) throws IOException {
        boolean z = -1;
        switch (str.hashCode()) {
            case -1553830750:
                if (str.equals("SYSADMIN")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                userManagementService.setRolesForUserOrganisation(user, userManagementService.getRootOrganisation().getOrganisationId(), new ArrayList());
                return;
            default:
                throw new IOException("Unknown role: " + str);
        }
    }
}
