package org.lamsfoundation.lams.web;

import java.io.IOException;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.TreeMap;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.lamsfoundation.lams.integration.ExtCourseClassMap;
import org.lamsfoundation.lams.integration.ExtServer;
import org.lamsfoundation.lams.integration.ExtUserUseridMap;
import org.lamsfoundation.lams.integration.UserInfoFetchException;
import org.lamsfoundation.lams.integration.UserInfoValidationException;
import org.lamsfoundation.lams.integration.security.AuthenticationException;
import org.lamsfoundation.lams.integration.security.Authenticator;
import org.lamsfoundation.lams.integration.service.IntegrationService;
import org.lamsfoundation.lams.usermanagement.Organisation;
import org.lamsfoundation.lams.usermanagement.OrganisationGroup;
import org.lamsfoundation.lams.usermanagement.OrganisationGrouping;
import org.lamsfoundation.lams.usermanagement.User;
import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
import org.lamsfoundation.lams.util.CentralConstants;
import org.lamsfoundation.lams.workspace.web.WorkspaceAction;
import org.springframework.web.context.support.WebApplicationContextUtils;

/* loaded from: input_file:org/lamsfoundation/lams/web/OrganisationGroupServlet.class */
public class OrganisationGroupServlet extends HttpServlet {
    private static final Logger log = Logger.getLogger(OrganisationGroupServlet.class);
    private static IntegrationService integrationService;
    private static IUserManagementService userManagementService;
    private static final String METHOD_ADD_GROUPING = "addGrouping";
    private static final String METHOD_REMOVE_GROUPING = "removeGrouping";
    private static final String METHOD_ADD_GROUP = "addGroup";
    private static final String METHOD_REMOVE_GROUP = "removeGroup";
    private static final String METHOD_ADD_LEARNERS = "addLearners";
    private static final String METHOD_REMOVE_LEARNERS = "removeLearners";
    private static final String PARAM_GROUPING_NAME = "groupingName";
    private static final String PARAM_GROUP_NAME = "groupName";

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String parameter = httpServletRequest.getParameter(CentralConstants.PARAM_SERVER_ID);
        String parameter2 = httpServletRequest.getParameter(CentralConstants.PARAM_DATE_TIME);
        String parameter3 = httpServletRequest.getParameter(CentralConstants.PARAM_HASH_VALUE);
        String parameter4 = httpServletRequest.getParameter("username");
        String parameter5 = httpServletRequest.getParameter("courseId");
        if (parameter4 == null || parameter == null || parameter2 == null || parameter3 == null || parameter5 == null) {
            httpServletResponse.sendError(400, "Course group action failed - authentication parameters missing");
            return;
        }
        ExtServer extServer = getService().getExtServer(parameter);
        try {
            Authenticator.authenticate(extServer, parameter2, parameter4, parameter3);
            ExtUserUseridMap extUserUseridMap = integrationService.getExtUserUseridMap(extServer, parameter4);
            ExtCourseClassMap extCourseClassMap = integrationService.getExtCourseClassMap(extServer, extUserUseridMap, parameter5, (String) null, (String) null, (String) null, "monitor");
            User user = extUserUseridMap.getUser();
            Organisation organisation = extCourseClassMap.getOrganisation();
            if (!(getUserManagementService().isUserInRole(user.getUserId(), organisation.getOrganisationId(), "MONITOR") || getUserManagementService().isUserInRole(user.getUserId(), organisation.getOrganisationId(), "AUTHOR"))) {
                log.error("User " + user.getUserId() + " may not perform group actions for course " + organisation.getOrganisationId());
                httpServletResponse.sendError(401, "Course group action failed - user may not perform group actions");
                return;
            }
            try {
                String parameter6 = httpServletRequest.getParameter(CentralConstants.PARAM_METHOD);
                if (METHOD_ADD_GROUPING.equals(parameter6)) {
                    addGrouping(httpServletRequest, organisation);
                } else if (METHOD_REMOVE_GROUPING.equals(parameter6)) {
                    removeGrouping(httpServletRequest, organisation.getOrganisationId());
                } else if (METHOD_ADD_GROUP.equals(parameter6)) {
                    addGroup(httpServletRequest, organisation.getOrganisationId());
                } else if (METHOD_REMOVE_GROUP.equals(parameter6)) {
                    removeGroup(httpServletRequest, organisation.getOrganisationId());
                } else if (METHOD_ADD_LEARNERS.equals(parameter6)) {
                    addLearners(httpServletRequest, extServer, organisation.getOrganisationId());
                } else if (METHOD_REMOVE_LEARNERS.equals(parameter6)) {
                    removeLearners(httpServletRequest, extServer, organisation.getOrganisationId());
                }
            } catch (ServletException e) {
                log.error(e);
                httpServletResponse.sendError(400, "Course group action failed: " + e.getMessage());
            } catch (Exception e2) {
                log.error(e2);
                httpServletResponse.sendError(500, "Course group action failed: internal error");
            }
        } catch (UserInfoFetchException e3) {
            log.error(e3);
            httpServletResponse.sendError(401, "Course group action failed - user does not exist");
        } catch (AuthenticationException e4) {
            log.error(e4);
            httpServletResponse.sendError(401, "Course group action failed - authentication error");
        } catch (UserInfoValidationException e5) {
            log.error(e5);
            httpServletResponse.sendError(400, "Course group action failed." + e5.getMessage());
        }
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    private void addGrouping(HttpServletRequest httpServletRequest, Organisation organisation) throws ServletException {
        String parameter = httpServletRequest.getParameter(PARAM_GROUPING_NAME);
        if (StringUtils.isBlank(parameter)) {
            throw new ServletException("Missing \"name\" parameter");
        }
        if (findGrouping(organisation.getOrganisationId(), parameter) != null) {
            throw new ServletException("Grouping with name \"" + parameter + "\" exists in organisation with ID " + organisation.getOrganisationId());
        }
        OrganisationGrouping organisationGrouping = new OrganisationGrouping(organisation.getOrganisationId(), parameter);
        getUserManagementService().saveOrganisationGrouping(organisationGrouping, (Collection) null);
        Long groupingId = organisationGrouping.getGroupingId();
        if (groupingId == null) {
            throw new ServletException("Grouping could not be created");
        }
        if (log.isDebugEnabled()) {
            log.debug("Created course grouping \"" + parameter + "\" with ID " + groupingId + " in organisation with ID " + organisation.getOrganisationId());
        }
    }

    private void removeGrouping(HttpServletRequest httpServletRequest, Integer num) throws ServletException {
        String parameter = httpServletRequest.getParameter(PARAM_GROUPING_NAME);
        if (StringUtils.isBlank(parameter)) {
            throw new ServletException("Missing \"groupingName\" parameter");
        }
        OrganisationGrouping findGrouping = findGrouping(num, parameter);
        if (findGrouping == null) {
            return;
        }
        getUserManagementService().delete(findGrouping);
        if (log.isDebugEnabled()) {
            log.debug("Deleted course grouping with ID " + parameter + " from organisation with ID " + num);
        }
    }

    private void addGroup(HttpServletRequest httpServletRequest, Integer num) throws ServletException {
        String parameter = httpServletRequest.getParameter(PARAM_GROUPING_NAME);
        if (StringUtils.isBlank(parameter)) {
            throw new ServletException("Missing \"groupingName\" parameter");
        }
        String parameter2 = httpServletRequest.getParameter(PARAM_GROUP_NAME);
        if (StringUtils.isBlank(parameter2)) {
            throw new ServletException("Missing \"groupName\" parameter");
        }
        OrganisationGrouping findGrouping = findGrouping(num, parameter);
        if (findGrouping == null) {
            throw new ServletException("Grouping with name \"" + parameter + "\" does not exist in organisation with ID " + num);
        }
        HashSet hashSet = new HashSet(findGrouping.getGroups());
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            if (((OrganisationGroup) it.next()).getName().equals(parameter2)) {
                throw new ServletException("Group with name \"" + parameter + "\" exists in grouping with ID " + findGrouping.getGroupingId());
            }
        }
        OrganisationGroup organisationGroup = new OrganisationGroup();
        organisationGroup.setName(parameter2);
        hashSet.add(organisationGroup);
        getUserManagementService().saveOrganisationGrouping(findGrouping, hashSet);
        Long groupId = organisationGroup.getGroupId();
        if (groupId == null) {
            throw new ServletException("Group could not be created");
        }
        if (log.isDebugEnabled()) {
            log.debug("Created course group \"" + parameter2 + "\" with ID " + groupId + " in organisation with ID " + num);
        }
    }

    private void removeGroup(HttpServletRequest httpServletRequest, Integer num) throws ServletException {
        OrganisationGroup findGroup;
        String parameter = httpServletRequest.getParameter(PARAM_GROUPING_NAME);
        if (StringUtils.isBlank(parameter)) {
            throw new ServletException("Missing \"groupingName\" parameter");
        }
        String parameter2 = httpServletRequest.getParameter(PARAM_GROUP_NAME);
        if (StringUtils.isBlank(parameter2)) {
            throw new ServletException("Missing \"groupName\" parameter");
        }
        OrganisationGrouping findGrouping = findGrouping(num, parameter);
        if (findGrouping == null || (findGroup = findGroup(findGrouping.getGroupingId(), parameter2)) == null) {
            return;
        }
        HashSet hashSet = new HashSet(findGrouping.getGroups());
        hashSet.remove(findGroup);
        getUserManagementService().saveOrganisationGrouping(findGrouping, hashSet);
        if (log.isDebugEnabled()) {
            log.debug("Deleted course group with ID " + findGroup.getGroupId() + " from organisation with ID " + num);
        }
    }

    private void addLearners(HttpServletRequest httpServletRequest, ExtServer extServer, Integer num) throws ServletException {
        String parameter = httpServletRequest.getParameter(PARAM_GROUPING_NAME);
        if (StringUtils.isBlank(parameter)) {
            throw new ServletException("Missing \"groupingName\" parameter");
        }
        String parameter2 = httpServletRequest.getParameter(PARAM_GROUP_NAME);
        if (StringUtils.isBlank(parameter2)) {
            throw new ServletException("Missing \"groupName\" parameter");
        }
        String parameter3 = httpServletRequest.getParameter(CentralConstants.PARAM_LEARNER_IDS);
        if (StringUtils.isBlank(parameter3)) {
            throw new ServletException("Missing \"learnerIds\" parameter");
        }
        OrganisationGrouping findGrouping = findGrouping(num, parameter);
        if (findGrouping == null) {
            throw new ServletException("Grouping with name \"" + parameter + "\" does not exist");
        }
        OrganisationGroup findGroup = findGroup(findGrouping.getGroupingId(), parameter2);
        if (findGroup == null) {
            throw new ServletException("Group with name \"" + parameter2 + "\" does not exist in grouping with ID " + findGrouping.getGroupingId());
        }
        String[] split = parameter3.split(WorkspaceAction.ROLE_DELIMITER);
        boolean z = false;
        StringBuilder sb = new StringBuilder();
        for (String str : split) {
            try {
                if (findGroup.getUsers().add(integrationService.getExtUserUseridMap(extServer, str).getUser())) {
                    z = true;
                    sb.append(str).append(',');
                }
            } catch (UserInfoValidationException e) {
                throw new ServletException(e.getMessage());
            } catch (UserInfoFetchException e2) {
                throw new ServletException("Learner with ID \"" + str + "\" does not exist");
            }
        }
        if (z) {
            getUserManagementService().saveOrganisationGrouping(findGrouping, findGrouping.getGroups());
            if (log.isDebugEnabled()) {
                log.debug("Added learners " + ((Object) sb) + " to course group with ID " + findGroup.getGroupId() + " in organisation with ID " + num);
            }
        }
    }

    private void removeLearners(HttpServletRequest httpServletRequest, ExtServer extServer, Integer num) throws ServletException {
        String parameter = httpServletRequest.getParameter(PARAM_GROUPING_NAME);
        if (StringUtils.isBlank(parameter)) {
            throw new ServletException("Missing \"groupingName\" parameter");
        }
        String parameter2 = httpServletRequest.getParameter(PARAM_GROUP_NAME);
        if (StringUtils.isBlank(parameter2)) {
            throw new ServletException("Missing \"groupName\" parameter");
        }
        String parameter3 = httpServletRequest.getParameter(CentralConstants.PARAM_LEARNER_IDS);
        if (StringUtils.isBlank(parameter3)) {
            throw new ServletException("Missing \"learnerIds\" parameter");
        }
        OrganisationGrouping findGrouping = findGrouping(num, parameter);
        if (findGrouping == null) {
            throw new ServletException("Grouping with name \"" + parameter + "\" does not exist");
        }
        OrganisationGroup findGroup = findGroup(findGrouping.getGroupingId(), parameter2);
        if (findGroup == null) {
            throw new ServletException("Group with name \"" + parameter2 + "\" does not exist in grouping with ID " + findGrouping.getGroupingId());
        }
        String[] split = parameter3.split(WorkspaceAction.ROLE_DELIMITER);
        boolean z = false;
        StringBuilder sb = new StringBuilder();
        for (String str : split) {
            try {
                if (findGroup.getUsers().remove(integrationService.getExtUserUseridMap(extServer, str).getUser())) {
                    z = true;
                    sb.append(str).append(',');
                }
            } catch (UserInfoValidationException e) {
            } catch (UserInfoFetchException e2) {
            }
        }
        if (z) {
            getUserManagementService().saveOrganisationGrouping(findGrouping, findGrouping.getGroups());
            if (log.isDebugEnabled()) {
                log.debug("Removed learners " + ((Object) sb) + " from group with ID " + findGroup.getGroupId() + " in organisation with ID " + num);
            }
        }
    }

    private OrganisationGrouping findGrouping(Integer num, String str) {
        TreeMap treeMap = new TreeMap();
        treeMap.put("organisationId", num);
        treeMap.put(CentralConstants.ATTR_NAME, str);
        List findByProperties = getUserManagementService().findByProperties(OrganisationGrouping.class, treeMap);
        if (findByProperties == null || findByProperties.isEmpty()) {
            return null;
        }
        return (OrganisationGrouping) findByProperties.get(0);
    }

    private OrganisationGroup findGroup(Long l, String str) {
        TreeMap treeMap = new TreeMap();
        treeMap.put("groupingId", l);
        treeMap.put(CentralConstants.ATTR_NAME, str);
        List findByProperties = getUserManagementService().findByProperties(OrganisationGroup.class, treeMap);
        if (findByProperties == null || findByProperties.isEmpty()) {
            return null;
        }
        return (OrganisationGroup) findByProperties.get(0);
    }

    private IntegrationService getService() {
        if (integrationService == null) {
            integrationService = (IntegrationService) WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext()).getBean("integrationService");
        }
        return integrationService;
    }

    private IUserManagementService getUserManagementService() {
        if (userManagementService == null) {
            userManagementService = (IUserManagementService) WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext()).getBean("userManagementService");
        }
        return userManagementService;
    }
}
