package org.lamsfoundation.lams.admin.web.controller;

import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.JsonNodeFactory;
import com.fasterxml.jackson.databind.node.ObjectNode;
import java.io.IOException;
import java.util.Collection;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.lamsfoundation.lams.admin.AdminConstants;
import org.lamsfoundation.lams.admin.service.AdminServiceProxy;
import org.lamsfoundation.lams.admin.web.form.OrgPasswordChangeForm;
import org.lamsfoundation.lams.events.IEventNotificationService;
import org.lamsfoundation.lams.integration.security.RandomPasswordGenerator;
import org.lamsfoundation.lams.usermanagement.Organisation;
import org.lamsfoundation.lams.usermanagement.User;
import org.lamsfoundation.lams.usermanagement.dto.UserDTO;
import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
import org.lamsfoundation.lams.util.JsonUtil;
import org.lamsfoundation.lams.util.MessageService;
import org.lamsfoundation.lams.util.WebUtil;
import org.lamsfoundation.lams.web.session.SessionManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.context.WebApplicationContext;

@RequestMapping({"/orgPasswordChange"})
@Controller
/* loaded from: input_file:org/lamsfoundation/lams/admin/web/controller/OrgPasswordChangeController.class */
public class OrgPasswordChangeController {
    private static Logger log = Logger.getLogger(OrgPasswordChangeController.class);

    @Autowired
    private WebApplicationContext applicationContext;

    @RequestMapping({"/start"})
    public String unspecified(@ModelAttribute OrgPasswordChangeForm orgPasswordChangeForm, HttpServletRequest httpServletRequest) {
        Integer valueOf = Integer.valueOf(WebUtil.readIntParam(httpServletRequest, "organisationID"));
        orgPasswordChangeForm.setOrganisationID(valueOf);
        orgPasswordChangeForm.setOrgName(((Organisation) AdminServiceProxy.getService(this.applicationContext.getServletContext()).findById(Organisation.class, valueOf)).getName());
        orgPasswordChangeForm.setStaffChange(true);
        orgPasswordChangeForm.setLearnerChange(true);
        orgPasswordChangeForm.setStaffPass(RandomPasswordGenerator.nextPasswordValidated());
        orgPasswordChangeForm.setLearnerPass(RandomPasswordGenerator.nextPasswordValidated());
        return "orgPasswordChange";
    }

    @RequestMapping({"/generatePassword"})
    @ResponseBody
    public String generatePassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setContentType("text/plain;charset=utf-8");
        httpServletResponse.getWriter().print(RandomPasswordGenerator.nextPasswordValidated());
        return null;
    }

    @RequestMapping({"/getGridUsers"})
    @ResponseBody
    public String getGridUsers(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Integer valueOf = Integer.valueOf(WebUtil.readIntParam(httpServletRequest, "organisationID"));
        String readStrParam = WebUtil.readStrParam(httpServletRequest, "role");
        Integer userID = getUserDTO().getUserID();
        if (!AdminServiceProxy.getSecurityService(this.applicationContext.getServletContext()).isSysadmin(userID, "get grid users for org password change", false)) {
            String str = "User " + userID + " is not a sysadmin";
            log.warn(str);
            httpServletResponse.sendError(403, str);
            return null;
        }
        int readIntParam = WebUtil.readIntParam(httpServletRequest, "page");
        int readIntParam2 = WebUtil.readIntParam(httpServletRequest, "rows");
        List<UserDTO> usersByRole = getUsersByRole(valueOf, readStrParam.equalsIgnoreCase("staff"), WebUtil.readStrParam(httpServletRequest, AdminConstants.PARAM_SIDX, true), WebUtil.readStrParam(httpServletRequest, AdminConstants.PARAM_SORD));
        int i = 1;
        int size = usersByRole.size();
        if (readIntParam2 < usersByRole.size()) {
            i = new Double(Math.ceil(new Integer(usersByRole.size()).doubleValue() / new Integer(readIntParam2).doubleValue())).intValue();
            int i2 = (readIntParam - 1) * readIntParam2;
            int i3 = i2 + readIntParam2;
            usersByRole = i3 > usersByRole.size() ? usersByRole.subList(i2, usersByRole.size()) : usersByRole.subList(i2, i3);
        }
        ObjectNode objectNode = JsonNodeFactory.instance.objectNode();
        objectNode.put("page", readIntParam);
        objectNode.put(AdminConstants.ELEMENT_TOTAL, i);
        objectNode.put(AdminConstants.ELEMENT_RECORDS, size);
        ArrayNode arrayNode = JsonNodeFactory.instance.arrayNode();
        for (UserDTO userDTO : usersByRole) {
            ObjectNode objectNode2 = JsonNodeFactory.instance.objectNode();
            objectNode2.put(AdminConstants.ELEMENT_ID, userDTO.getUserID());
            ArrayNode arrayNode2 = JsonNodeFactory.instance.arrayNode();
            arrayNode2.add(userDTO.getFirstName() + " " + userDTO.getLastName());
            arrayNode2.add(userDTO.getLogin());
            arrayNode2.add(userDTO.getEmail());
            objectNode2.set(AdminConstants.ELEMENT_CELL, arrayNode2);
            arrayNode.add(objectNode2);
        }
        objectNode.set("rows", arrayNode);
        httpServletResponse.setContentType("application/json;charset=utf-8");
        return objectNode.toString();
    }

    @RequestMapping(path = {"/changePassword"}, method = {RequestMethod.POST})
    public String changePassword(@ModelAttribute OrgPasswordChangeForm orgPasswordChangeForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Integer userID = getUserDTO().getUserID();
        if (!AdminServiceProxy.getSecurityService(this.applicationContext.getServletContext()).isSysadmin(userID, "org password change", false)) {
            String str = "User " + userID + " is not a sysadmin";
            log.warn(str);
            httpServletResponse.sendError(403, str);
            return null;
        }
        Integer organisationID = orgPasswordChangeForm.getOrganisationID();
        Boolean valueOf = Boolean.valueOf(orgPasswordChangeForm.isEmail());
        Boolean valueOf2 = Boolean.valueOf(orgPasswordChangeForm.isForce());
        Boolean valueOf3 = Boolean.valueOf(orgPasswordChangeForm.isStaffChange());
        Boolean valueOf4 = Boolean.valueOf(orgPasswordChangeForm.isLearnerChange());
        if (valueOf3.booleanValue()) {
            String excludedStaff = orgPasswordChangeForm.getExcludedStaff();
            ArrayNode readArray = StringUtils.isBlank(excludedStaff) ? null : JsonUtil.readArray(excludedStaff);
            String includedStaff = orgPasswordChangeForm.getIncludedStaff();
            ArrayNode readArray2 = StringUtils.isBlank(includedStaff) ? null : JsonUtil.readArray(includedStaff);
            String staffPass = orgPasswordChangeForm.getStaffPass();
            Set<Integer> changePassword = changePassword(staffPass, getUsersByRole(organisationID, true), readArray2, readArray, valueOf2.booleanValue());
            if (valueOf.booleanValue() && !changePassword.isEmpty()) {
                notifyOnPasswordChange(changePassword, staffPass);
            }
        }
        if (valueOf4.booleanValue()) {
            String excludedLearners = orgPasswordChangeForm.getExcludedLearners();
            ArrayNode readArray3 = StringUtils.isBlank(excludedLearners) ? null : JsonUtil.readArray(excludedLearners);
            String includedLearners = orgPasswordChangeForm.getIncludedLearners();
            ArrayNode readArray4 = StringUtils.isBlank(includedLearners) ? null : JsonUtil.readArray(includedLearners);
            String learnerPass = orgPasswordChangeForm.getLearnerPass();
            Set<Integer> changePassword2 = changePassword(learnerPass, getUsersByRole(organisationID, false), readArray4, readArray3, valueOf2.booleanValue());
            if (valueOf.booleanValue() && !changePassword2.isEmpty()) {
                notifyOnPasswordChange(changePassword2, learnerPass);
            }
        }
        httpServletRequest.setAttribute("success", true);
        return "orgPasswordChange";
    }

    private void notifyOnPasswordChange(Collection<Integer> collection, String str) {
        MessageService messageService = AdminServiceProxy.getMessageService(this.applicationContext.getServletContext());
        AdminServiceProxy.getEventNotificationService(this.applicationContext.getServletContext()).sendMessage((Integer) null, (Integer[]) collection.toArray(new Integer[0]), IEventNotificationService.DELIVERY_METHOD_MAIL, messageService.getMessage("admin.org.password.change.email.subject"), messageService.getMessage("admin.org.password.change.email.body", new String[]{str}), false);
    }

    /* JADX WARN: Removed duplicated region for block: B:31:0x0114  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.util.Set<java.lang.Integer> changePassword(java.lang.String r5, java.util.Collection<org.lamsfoundation.lams.usermanagement.User> r6, com.fasterxml.jackson.databind.node.ArrayNode r7, com.fasterxml.jackson.databind.node.ArrayNode r8, boolean r9) {
        /*
            Method dump skipped, instructions count: 354
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.lamsfoundation.lams.admin.web.controller.OrgPasswordChangeController.changePassword(java.lang.String, java.util.Collection, com.fasterxml.jackson.databind.node.ArrayNode, com.fasterxml.jackson.databind.node.ArrayNode, boolean):java.util.Set");
    }

    private List<User> getUsersByRole(Integer num, boolean z) {
        HashSet hashSet;
        IUserManagementService service = AdminServiceProxy.getService(this.applicationContext.getServletContext());
        HashSet hashSet2 = new HashSet();
        hashSet2.addAll(service.getUsersFromOrganisationByRole(num, "AUTHOR", true));
        hashSet2.addAll(service.getUsersFromOrganisationByRole(num, "MONITOR", true));
        if (z) {
            hashSet = hashSet2;
        } else {
            hashSet = new HashSet();
            hashSet.addAll(service.getUsersFromOrganisationByRole(num, "LEARNER", true));
            hashSet.removeAll(hashSet2);
        }
        return new LinkedList(hashSet);
    }

    private List<UserDTO> getUsersByRole(Integer num, boolean z, String str, String str2) {
        List<UserDTO> linkedList;
        IUserManagementService service = AdminServiceProxy.getService(this.applicationContext.getServletContext());
        List<UserDTO> allUsers = service.getAllUsers(num, new String[]{"AUTHOR", "MONITOR"}, (Integer) null, (Integer) null, str, str2, (String) null);
        if (z) {
            linkedList = allUsers;
        } else {
            linkedList = new LinkedList();
            linkedList.addAll(service.getAllUsers(num, new String[]{"LEARNER"}, (Integer) null, (Integer) null, str, str2, (String) null));
            linkedList.removeAll(allUsers);
        }
        return linkedList;
    }

    private UserDTO getUserDTO() {
        return (UserDTO) SessionManager.getSession().getAttribute("user");
    }
}
