package org.akaza.openclinica.control.admin;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.UUID;
import org.akaza.openclinica.bean.core.NumericComparisonOperator;
import org.akaza.openclinica.bean.core.Term;
import org.akaza.openclinica.bean.core.UserType;
import org.akaza.openclinica.bean.login.UserAccountBean;
import org.akaza.openclinica.bean.managestudy.StudyBean;
import org.akaza.openclinica.control.SpringServletAccess;
import org.akaza.openclinica.control.core.SecureController;
import org.akaza.openclinica.control.form.FormProcessor;
import org.akaza.openclinica.control.form.Validator;
import org.akaza.openclinica.core.SecurityManager;
import org.akaza.openclinica.dao.login.UserAccountDAO;
import org.akaza.openclinica.dao.managestudy.StudyDAO;
import org.akaza.openclinica.view.Page;
import org.akaza.openclinica.web.InconsistentStateException;
import org.akaza.openclinica.web.InsufficientPermissionException;
import org.akaza.openclinica.web.SQLInitServlet;
import org.springframework.security.oauth2.provider.token.UserAuthenticationConverter;

/* loaded from: input_file:WEB-INF/classes/org/akaza/openclinica/control/admin/EditUserAccountServlet.class */
public class EditUserAccountServlet extends SecureController {
    private static final long serialVersionUID = -6961254006943513921L;
    public static final String INPUT_FIRST_NAME = "firstName";
    public static final String INPUT_LAST_NAME = "lastName";
    public static final String INPUT_EMAIL = "email";
    public static final String INPUT_INSTITUTION = "institutionalAffiliation";
    public static final String INPUT_RESET_PASSWORD = "resetPassword";
    public static final String INPUT_USER_TYPE = "userType";
    public static final String INPUT_CONFIRM_BUTTON = "submit";
    public static final String INPUT_DISPLAY_PWD = "displayPwd";
    public static final String PATH = "EditUserAccount";
    public static final String ARG_USERID = "userId";
    public static final String ARG_STEPNUM = "stepNum";
    public static final String INPUT_RUN_WEBSERVICES = "runWebServices";
    public static final String FLAG_LDAP_USER = "ldapUser";
    public static final int EDIT_STEP = 1;
    public static final int CONFIRM_STEP = 2;
    public static final String BUTTON_CONFIRM_VALUE = "Confirm";
    public static final String BUTTON_BACK_VALUE = "Back";
    public static final String USER_ACCOUNT_NOTIFICATION = "notifyPassword";

    private ArrayList<StudyBean> getAllStudies() {
        return new StudyDAO(this.sm.getDataSource()).findAll();
    }

    public static String getLink(int i) {
        return "EditUserAccount?userId=" + i;
    }

    @Override // org.akaza.openclinica.control.core.SecureController
    protected void mayProceed() throws InsufficientPermissionException {
        if (this.ub.isSysAdmin()) {
            return;
        }
        addPageMessage(respage.getString("no_have_correct_privilege_current_study") + respage.getString("change_study_contact_sysadmin"));
        throw new InsufficientPermissionException(Page.MENU_SERVLET, resexception.getString("you_may_not_perform_administrative_functions"), "1");
    }

    @Override // org.akaza.openclinica.control.core.SecureController
    protected void processRequest() throws Exception {
        String random32ChApiKey;
        FormProcessor formProcessor = new FormProcessor(this.request);
        this.request.setAttribute("studies", getAllStudies());
        int i = formProcessor.getInt("userId");
        UserAccountDAO userAccountDAO = new UserAccountDAO(this.sm.getDataSource());
        UserAccountBean findByPK = userAccountDAO.findByPK(i);
        int i2 = formProcessor.getInt(ARG_STEPNUM);
        if (!formProcessor.isSubmitted()) {
            addEntityList("userTypes", getUserTypes(), respage.getString("the_user_could_not_be_edited_because_no_user_types"), Page.ADMIN_SYSTEM);
            loadPresetValuesFromBean(formProcessor, findByPK);
            formProcessor.addPresetValue(ARG_STEPNUM, 1);
            setPresetValues(formProcessor.getPresetValues());
            this.request.setAttribute("userName", findByPK.getName());
            forwardPage(Page.EDIT_ACCOUNT);
            return;
        }
        if (i2 == 1) {
            Validator validator = new Validator(this.request);
            validator.addValidation("firstName", 1);
            validator.addValidation("lastName", 1);
            validator.addValidation("firstName", 7, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 50);
            validator.addValidation("lastName", 7, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 50);
            validator.addValidation("email", 1);
            validator.addValidation("email", 7, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 120);
            validator.addValidation("email", 6);
            validator.addValidation("institutionalAffiliation", 1);
            validator.addValidation("institutionalAffiliation", 7, NumericComparisonOperator.LESS_THAN_OR_EQUAL_TO, 255);
            HashMap<String, ArrayList<String>> validate = validator.validate();
            if (validate.isEmpty()) {
                loadPresetValuesFromForm(formProcessor);
                formProcessor.addPresetValue(ARG_STEPNUM, 2);
                setPresetValues(formProcessor.getPresetValues());
                this.request.setAttribute("userName", findByPK.getName());
                forwardPage(Page.EDIT_ACCOUNT_CONFIRM);
                return;
            }
            loadPresetValuesFromForm(formProcessor);
            formProcessor.addPresetValue(ARG_STEPNUM, 1);
            setInputMessages(validate);
            setPresetValues(formProcessor.getPresetValues());
            addEntityList("userTypes", getUserTypes(), respage.getString("the_user_could_not_be_edited_because_no_user_types"), Page.ADMIN_SYSTEM);
            addPageMessage(respage.getString("there_were_some_errors_submission") + respage.getString("see_below_for_details"));
            forwardPage(Page.EDIT_ACCOUNT);
            return;
        }
        if (i2 != 2) {
            throw new InconsistentStateException(Page.ADMIN_SYSTEM, resexception.getString("an_invalid_step_was_specified"));
        }
        String string = formProcessor.getString(INPUT_CONFIRM_BUTTON);
        if (string.equals(resword.getString("back"))) {
            loadPresetValuesFromForm(formProcessor);
            formProcessor.addPresetValue(ARG_STEPNUM, 1);
            addEntityList("userTypes", getUserTypes(), respage.getString("the_user_could_not_be_edited_because_no_user_types"), Page.ADMIN_SYSTEM);
            setPresetValues(formProcessor.getPresetValues());
            this.request.setAttribute("userName", findByPK.getName());
            forwardPage(Page.EDIT_ACCOUNT);
            return;
        }
        if (!string.equals(resword.getString("confirm"))) {
            throw new InconsistentStateException(Page.ADMIN_SYSTEM, resexception.getString("an_invalid_submit_button_was_clicked"));
        }
        findByPK.setFirstName(formProcessor.getString("firstName"));
        findByPK.setLastName(formProcessor.getString("lastName"));
        findByPK.setEmail(formProcessor.getString("email"));
        findByPK.setInstitutionalAffiliation(formProcessor.getString("institutionalAffiliation"));
        findByPK.setUpdater(this.ub);
        boolean z = formProcessor.getBoolean("runWebServices");
        findByPK.setRunWebservices(Boolean.valueOf(z));
        findByPK.setEnableApiKey(true);
        do {
            random32ChApiKey = getRandom32ChApiKey();
        } while (isApiKeyExist(random32ChApiKey).booleanValue());
        findByPK.setApiKey(random32ChApiKey);
        UserType userType = UserType.get(formProcessor.getInt(INPUT_USER_TYPE));
        if (userType.equals((Term) UserType.SYSADMIN)) {
            findByPK.addUserType(userType);
        } else if (userType.equals((Term) UserType.TECHADMIN)) {
            findByPK.addUserType(userType);
        } else {
            findByPK.addUserType(UserType.USER);
        }
        if (formProcessor.getBoolean(INPUT_RESET_PASSWORD)) {
            SecurityManager securityManager = (SecurityManager) SpringServletAccess.getApplicationContext(this.context).getBean("securityManager");
            String genPassword = securityManager.genPassword();
            findByPK.setPasswd(securityManager.encryptPassword(genPassword, z));
            findByPK.setPasswdTimestamp(null);
            userAccountDAO.update(findByPK);
            if ("no".equalsIgnoreCase(formProcessor.getString("displayPwd"))) {
                logger.info("displayPwd is no");
                try {
                    sendResetPasswordEmail(findByPK, genPassword);
                } catch (Exception e) {
                    addPageMessage(respage.getString("there_was_an_error_sending_reset_email_try_reset"));
                }
            } else {
                addPageMessage(respage.getString("new_user_password") + ":<br/> " + genPassword + "<br/>" + respage.getString("please_write_down_the_password_and_provide"));
            }
        } else {
            userAccountDAO.update(findByPK);
        }
        addPageMessage(respage.getString("the_user_account") + " \"" + findByPK.getName() + "\" " + respage.getString("was_updated_succesfully"));
        forwardPage(Page.LIST_USER_ACCOUNTS_SERVLET);
    }

    private void loadPresetValuesFromBean(FormProcessor formProcessor, UserAccountBean userAccountBean) {
        formProcessor.addPresetValue("firstName", userAccountBean.getFirstName());
        formProcessor.addPresetValue("lastName", userAccountBean.getLastName());
        formProcessor.addPresetValue("email", userAccountBean.getEmail());
        formProcessor.addPresetValue("institutionalAffiliation", userAccountBean.getInstitutionalAffiliation());
        int id = UserType.USER.getId();
        if (userAccountBean.isTechAdmin()) {
            id = UserType.TECHADMIN.getId();
        } else if (userAccountBean.isSysAdmin()) {
            id = UserType.SYSADMIN.getId();
        }
        formProcessor.addPresetValue(INPUT_USER_TYPE, id);
        formProcessor.addPresetValue("userId", userAccountBean.getId());
        formProcessor.addPresetValue("runWebServices", userAccountBean.getRunWebservices().booleanValue() ? 1 : 0);
        formProcessor.addPresetValue("notifyPassword", SQLInitServlet.getField("user_account_notification"));
        formProcessor.addPresetValue(FLAG_LDAP_USER, userAccountBean.isLdapUser());
    }

    private void loadPresetValuesFromForm(FormProcessor formProcessor) {
        formProcessor.clearPresetValues();
        formProcessor.setCurrentStringValuesAsPreset(new String[]{"userId", "firstName", "lastName", "email", "institutionalAffiliation", "displayPwd"});
        formProcessor.setCurrentIntValuesAsPreset(new String[]{INPUT_USER_TYPE, INPUT_RESET_PASSWORD, "runWebServices"});
    }

    private ArrayList<UserType> getUserTypes() {
        ArrayList<UserType> arrayList = UserType.toArrayList();
        arrayList.remove(UserType.INVALID);
        if (!this.ub.isTechAdmin()) {
            arrayList.remove(UserType.TECHADMIN);
        }
        return arrayList;
    }

    private void sendResetPasswordEmail(UserAccountBean userAccountBean, String str) throws Exception {
        logger.info("Sending password reset notification to " + userAccountBean.getName());
        sendEmail(userAccountBean.getEmail().trim(), restext.getString("your_openclinica_account_password_reset"), resword.getString("dear") + " " + userAccountBean.getFirstName() + " " + userAccountBean.getLastName() + ",<br/>\n" + restext.getString("your_password_has_been_reset_on_openclinica") + ":<br/><br/>\n\n" + resword.getString(UserAuthenticationConverter.USERNAME) + ": " + userAccountBean.getName() + "<br/>\n" + resword.getString("password") + ": " + str + "<br/><br/>\n\n" + restext.getString("please_test_your_login_information_and_let") + "<br/>\n<a href='" + SQLInitServlet.getField("sysURL") + "'>" + SQLInitServlet.getField("sysURL") + "</a><br/>\n" + restext.getString("openclinica_system_administrator"), false);
    }

    @Override // org.akaza.openclinica.control.core.SecureController
    protected String getAdminServlet() {
        return "admin";
    }

    public Boolean isApiKeyExist(String str) {
        UserAccountBean findByApiKey = new UserAccountDAO(this.sm.getDataSource()).findByApiKey(str);
        return Boolean.valueOf(findByApiKey != null && findByApiKey.isActive());
    }

    public String getRandom32ChApiKey() {
        return UUID.randomUUID().toString().replaceAll("-", "");
    }
}
