package org.craftercms.profile.management.web.controllers;

import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.commons.security.exception.ActionDeniedException;
import org.craftercms.commons.security.permissions.PermissionEvaluator;
import org.craftercms.profile.api.Profile;
import org.craftercms.profile.api.SortOrder;
import org.craftercms.profile.api.exceptions.ProfileException;
import org.craftercms.profile.api.services.ProfileService;
import org.craftercms.profile.management.exceptions.InvalidRequestParameterException;
import org.craftercms.profile.management.exceptions.ResourceNotFoundException;
import org.craftercms.profile.management.security.permissions.Action;
import org.craftercms.security.utils.SecurityUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping({ProfileController.BASE_URL_PROFILE})
@Controller
/* loaded from: input_file:org/craftercms/profile/management/web/controllers/ProfileController.class */
public class ProfileController {
    public static final String BASE_URL_PROFILE = "/profile";
    public static final String PATH_VAR_ID = "id";
    public static final String URL_VIEW_PROFILE_LIST = "/list/view";
    public static final String URL_VIEW_NEW_PROFILE = "/new/view";
    public static final String URL_VIEW_PROFILE = "/view";
    public static final String URL_GET_PROFILE_COUNT = "/count";
    public static final String URL_GET_PROFILE_LIST = "/list";
    public static final String URL_GET_PROFILE = "/{id}";
    public static final String URL_CREATE_PROFILE = "/create";
    public static final String URL_UPDATE_PROFILE = "/update";
    public static final String URL_DELETE_PROFILE = "/{id}/delete";
    public static final String PARAM_TENANT_NAME = "tenantName";
    public static final String PARAM_QUERY = "query";
    public static final String PARAM_SORT_BY = "sortBy";
    public static final String PARAM_SORT_ORDER = "sortOrder";
    public static final String PARAM_START = "start";
    public static final String PARAM_COUNT = "count";
    public static final String VIEW_PROFILE_LIST = "profile-list";
    public static final String VIEW_NEW_PROFILE = "new-profile";
    public static final String VIEW_PROFILE = "profile";
    public static final String MODEL_MESSAGE = "message";
    public static final String MSG_PROFILE_CREATED_FORMAT = "Profile '%s' created";
    public static final String MSG_PROFILE_UPDATED_FORMAT = "Profile '%s' updated";
    public static final String MSG_PROFILE_DELETED_FORMAT = "Profile '%s' deleted";
    public static final Pattern QUERY_PATTERN = Pattern.compile("\\w+");
    public static final String FINAL_QUERY_FORMAT = "{username: {$regex: '.*%s.*', $options: 'i'}}";
    private String verificationUrl;
    private ProfileService profileService;
    private PermissionEvaluator<Profile, String> tenantPermissionEvaluator;
    private PermissionEvaluator<Profile, Profile> profilePermissionEvaluator;

    public ProfileController(String str, ProfileService profileService, PermissionEvaluator<Profile, String> permissionEvaluator, PermissionEvaluator<Profile, Profile> permissionEvaluator2) {
        this.verificationUrl = str;
        this.profileService = profileService;
        this.tenantPermissionEvaluator = permissionEvaluator;
        this.profilePermissionEvaluator = permissionEvaluator2;
    }

    @RequestMapping(value = {"/list/view"}, method = {RequestMethod.GET})
    public String viewProfileList() {
        return VIEW_PROFILE_LIST;
    }

    @RequestMapping(value = {"/new/view"}, method = {RequestMethod.GET})
    public String viewNewProfile() {
        return VIEW_NEW_PROFILE;
    }

    @RequestMapping(value = {"/view"}, method = {RequestMethod.GET})
    public String viewProfile() {
        return VIEW_PROFILE;
    }

    @RequestMapping(value = {URL_GET_PROFILE_COUNT}, method = {RequestMethod.GET})
    @ResponseBody
    public long getProfileCount(@RequestParam(value = "tenantName", required = false) String str, @RequestParam(value = "query", required = false) String str2) throws ProfileException {
        if (StringUtils.isEmpty(str)) {
            str = SecurityUtils.getCurrentProfile().getTenant();
        } else {
            checkIfAllowed(str, Action.GET_PROFILE_COUNT);
        }
        if (!StringUtils.isNotEmpty(str2)) {
            return this.profileService.getProfileCount(str);
        }
        if (QUERY_PATTERN.matcher(str2).matches()) {
            return this.profileService.getProfileCountByQuery(str, String.format(FINAL_QUERY_FORMAT, str2));
        }
        throw new InvalidRequestParameterException("Parameter 'query' must match regex " + QUERY_PATTERN.pattern());
    }

    @RequestMapping(value = {URL_GET_PROFILE_LIST}, method = {RequestMethod.GET})
    @ResponseBody
    public List<Profile> getProfileList(@RequestParam(value = "tenantName", required = false) String str, @RequestParam(value = "query", required = false) String str2, @RequestParam(value = "sortBy", required = false) String str3, @RequestParam(value = "sortOrder", required = false) SortOrder sortOrder, @RequestParam(value = "start", required = false) Integer num, @RequestParam(value = "count", required = false) Integer num2) throws ProfileException {
        if (StringUtils.isEmpty(str)) {
            str = SecurityUtils.getCurrentProfile().getTenant();
        } else {
            checkIfAllowed(str, Action.GET_PROFILE_LIST);
        }
        if (!StringUtils.isNotEmpty(str2)) {
            return this.profileService.getProfileRange(str, str3, sortOrder, num, num2, new String[0]);
        }
        if (QUERY_PATTERN.matcher(str2).matches()) {
            return this.profileService.getProfilesByQuery(str, String.format(FINAL_QUERY_FORMAT, str2), str3, sortOrder, num, num2, new String[0]);
        }
        throw new InvalidRequestParameterException("Parameter 'query' must match regex " + QUERY_PATTERN.pattern());
    }

    @RequestMapping(value = {"/{id}"}, method = {RequestMethod.GET})
    @ResponseBody
    public Profile getProfile(@PathVariable("id") String str) throws ProfileException {
        Profile profile = this.profileService.getProfile(str, new String[0]);
        if (profile == null) {
            throw new ResourceNotFoundException("No profile found for ID '" + str + "'");
        }
        checkIfAllowed(profile, Action.GET_PROFILE);
        return profile;
    }

    @RequestMapping(value = {"/create"}, method = {RequestMethod.POST})
    @ResponseBody
    public Map<String, String> createProfile(@RequestBody Profile profile) throws ProfileException {
        checkIfAllowed(profile, Action.CREATE_PROFILE);
        return Collections.singletonMap("message", String.format(MSG_PROFILE_CREATED_FORMAT, this.profileService.createProfile(profile.getTenant(), profile.getUsername(), profile.getPassword(), profile.getEmail(), profile.isEnabled(), profile.getRoles(), profile.getAttributes(), this.verificationUrl).getId()));
    }

    @RequestMapping(value = {"/update"}, method = {RequestMethod.POST})
    @ResponseBody
    public Map<String, String> updateProfile(@RequestBody Profile profile) throws ProfileException {
        String objectId = profile.getId().toString();
        Profile profile2 = this.profileService.getProfile(objectId, new String[0]);
        if (profile2 == null) {
            throw new ResourceNotFoundException("No profile found for ID '" + objectId + "'");
        }
        checkIfAllowed(profile2, Action.UPDATE_PROFILE);
        this.profileService.updateProfile(objectId, profile.getUsername(), profile.getPassword(), profile.getEmail(), Boolean.valueOf(profile.isEnabled()), profile.getRoles(), profile.getAttributes(), new String[]{"$none"});
        return Collections.singletonMap("message", String.format(MSG_PROFILE_UPDATED_FORMAT, objectId));
    }

    @RequestMapping(value = {"/{id}/delete"}, method = {RequestMethod.POST})
    @ResponseBody
    public Map<String, String> deleteProfile(@PathVariable("id") String str) throws ProfileException {
        Profile profile = this.profileService.getProfile(str, new String[0]);
        if (profile == null) {
            throw new ResourceNotFoundException("No profile found for ID '" + str + "'");
        }
        checkIfAllowed(profile, Action.DELETE_PROFILE);
        this.profileService.deleteProfile(str);
        return Collections.singletonMap("message", String.format(MSG_PROFILE_DELETED_FORMAT, str));
    }

    private void checkIfAllowed(String str, Action action) throws ActionDeniedException {
        if (this.tenantPermissionEvaluator.isAllowed(str, action.toString())) {
            return;
        }
        if (str == null) {
            throw new ActionDeniedException(action.toString());
        }
        throw new ActionDeniedException(action.toString(), str);
    }

    private void checkIfAllowed(Profile profile, Action action) throws ActionDeniedException {
        if (this.profilePermissionEvaluator.isAllowed(profile, action.toString())) {
            return;
        }
        if (profile == null) {
            throw new ActionDeniedException(action.toString());
        }
        throw new ActionDeniedException(action.toString(), profile);
    }
}
