package org.sakaiproject.accountvalidator.logic.impl;

import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jdom.Element;
import org.jdom.JDOMException;
import org.jdom.input.SAXBuilder;
import org.sakaiproject.accountvalidator.logic.ValidationException;
import org.sakaiproject.accountvalidator.logic.ValidationLogic;
import org.sakaiproject.accountvalidator.logic.dao.ValidationDao;
import org.sakaiproject.accountvalidator.model.ValidationAccount;
import org.sakaiproject.authz.api.AuthzGroup;
import org.sakaiproject.authz.api.AuthzGroupService;
import org.sakaiproject.authz.api.AuthzPermissionException;
import org.sakaiproject.authz.api.GroupNotDefinedException;
import org.sakaiproject.authz.api.GroupProvider;
import org.sakaiproject.authz.api.Member;
import org.sakaiproject.authz.api.SecurityAdvisor;
import org.sakaiproject.authz.api.SecurityService;
import org.sakaiproject.component.api.ServerConfigurationService;
import org.sakaiproject.component.cover.ComponentManager;
import org.sakaiproject.content.util.ZipContentUtil;
import org.sakaiproject.emailtemplateservice.model.EmailTemplate;
import org.sakaiproject.emailtemplateservice.service.EmailTemplateService;
import org.sakaiproject.entitybroker.DeveloperHelperService;
import org.sakaiproject.entitybroker.EntityReference;
import org.sakaiproject.exception.IdUnusedException;
import org.sakaiproject.genericdao.api.mappers.DataMapper;
import org.sakaiproject.genericdao.api.search.Restriction;
import org.sakaiproject.genericdao.api.search.Search;
import org.sakaiproject.id.api.IdManager;
import org.sakaiproject.site.api.Site;
import org.sakaiproject.site.api.SiteService;
import org.sakaiproject.tool.api.Session;
import org.sakaiproject.tool.api.SessionManager;
import org.sakaiproject.user.api.User;
import org.sakaiproject.user.api.UserDirectoryService;
import org.sakaiproject.user.api.UserEdit;
import org.sakaiproject.user.api.UserLockedException;
import org.sakaiproject.user.api.UserNotDefinedException;
import org.sakaiproject.user.api.UserPermissionException;

/* loaded from: input_file:WEB-INF/lib/accountvalidator-impl-2.9.0-b04.jar:org/sakaiproject/accountvalidator/logic/impl/ValidationLogicImpl.class */
public class ValidationLogicImpl implements ValidationLogic {
    private static final String TEMPLATE_KEY_EXISTINGUSER = "validate.existinguser";
    private static final String TEMPLATE_KEY_NEW_USER = "validate.newUser";
    private static final String TEMPLATE_KEY_LEGACYUSER = "validate.legacyuser";
    private static final String TEMPLATE_KEY_PASSWORDRESET = "validate.passwordreset";
    private static final int VALIDATION_PERIOD_MONTHS = -36;
    private static Log log = LogFactory.getLog(ValidationLogicImpl.class);
    private static final String ADMIN = "admin";
    private IdManager idManager;
    private ValidationDao dao;
    private EmailTemplateService emailTemplateService;
    private UserDirectoryService userDirectoryService;
    private AuthzGroupService authzGroupService;
    private SiteService siteService;
    private DeveloperHelperService developerHelperService;
    private ServerConfigurationService serverConfigurationService;
    private SecurityService securityService;
    private SessionManager sessionManager;
    private GroupProvider groupProvider;

    public void init() {
        log.info("init()");
        loadTemplate("validate_newUser.xml", TEMPLATE_KEY_NEW_USER);
        loadTemplate("validate_existingUser.xml", TEMPLATE_KEY_EXISTINGUSER);
        loadTemplate("validate_legacyUser.xml", TEMPLATE_KEY_LEGACYUSER);
        loadTemplate("validate_newPassword.xml", TEMPLATE_KEY_PASSWORDRESET);
        if (this.groupProvider == null) {
            this.groupProvider = (GroupProvider) ComponentManager.get(GroupProvider.class.getName());
        }
    }

    private void loadTemplate(String str, String str2) {
        Session currentSession = this.sessionManager.getCurrentSession();
        try {
            try {
                try {
                    currentSession.setUserId(ADMIN);
                    currentSession.setUserEid(ADMIN);
                    InputStream resourceAsStream = ValidationLogicImpl.class.getClassLoader().getResourceAsStream(str);
                    if (resourceAsStream == null) {
                        log.warn("Could not load resource from '" + str + "'. Skipping ...");
                        currentSession.setUserId((String) null);
                        currentSession.setUserEid((String) null);
                        return;
                    }
                    List children = new SAXBuilder().build(resourceAsStream).getRootElement().getChildren("emailTemplate");
                    for (int i = 0; i < children.size(); i++) {
                        xmlToTemplate((Element) children.get(i), str2);
                    }
                    currentSession.setUserId((String) null);
                    currentSession.setUserEid((String) null);
                } catch (MalformedURLException e) {
                    e.printStackTrace();
                    currentSession.setUserId((String) null);
                    currentSession.setUserEid((String) null);
                }
            } catch (IOException e2) {
                e2.printStackTrace();
                currentSession.setUserId((String) null);
                currentSession.setUserEid((String) null);
            } catch (JDOMException e3) {
                e3.printStackTrace();
                currentSession.setUserId((String) null);
                currentSession.setUserEid((String) null);
            }
        } catch (Throwable th) {
            currentSession.setUserId((String) null);
            currentSession.setUserEid((String) null);
            throw th;
        }
    }

    public void setIdManager(IdManager idManager) {
        this.idManager = idManager;
    }

    public void setDao(ValidationDao validationDao) {
        this.dao = validationDao;
    }

    public void setEmailTemplateService(EmailTemplateService emailTemplateService) {
        this.emailTemplateService = emailTemplateService;
    }

    public void setUserDirectoryService(UserDirectoryService userDirectoryService) {
        this.userDirectoryService = userDirectoryService;
    }

    public void setAuthzGroupService(AuthzGroupService authzGroupService) {
        this.authzGroupService = authzGroupService;
    }

    public void setSiteService(SiteService siteService) {
        this.siteService = siteService;
    }

    public void setDeveloperHelperService(DeveloperHelperService developerHelperService) {
        this.developerHelperService = developerHelperService;
    }

    public void setServerConfigurationService(ServerConfigurationService serverConfigurationService) {
        this.serverConfigurationService = serverConfigurationService;
    }

    public void setSecurityService(SecurityService securityService) {
        this.securityService = securityService;
    }

    public void setSessionManager(SessionManager sessionManager) {
        this.sessionManager = sessionManager;
    }

    public void setGroupProvider(GroupProvider groupProvider) {
        this.groupProvider = groupProvider;
    }

    public ValidationAccount getVaLidationAcountById(Long l) {
        Search search = new Search();
        search.addRestriction(new Restriction(DataMapper.DEFAULT_ID_PROPERTY, l));
        List findBySearch = this.dao.findBySearch(ValidationAccount.class, search);
        if (findBySearch.size() > 0) {
            return (ValidationAccount) findBySearch.get(0);
        }
        return null;
    }

    public ValidationAccount getVaLidationAcountBytoken(String str) {
        Search search = new Search();
        search.addRestriction(new Restriction("validationToken", str));
        List findBySearch = this.dao.findBySearch(ValidationAccount.class, search);
        if (findBySearch.size() > 0) {
            return (ValidationAccount) findBySearch.get(0);
        }
        return null;
    }

    public boolean isAccountValidated(String str) {
        log.debug("validating" + str);
        ValidationAccount vaLidationAcountByUserId = getVaLidationAcountByUserId(str);
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.add(2, VALIDATION_PERIOD_MONTHS);
        Date time = gregorianCalendar.getTime();
        if (vaLidationAcountByUserId == null) {
            log.debug("no account found!");
            return false;
        }
        if (vaLidationAcountByUserId.getValidationReceived() == null && vaLidationAcountByUserId.getValidationSent().after(time)) {
            log.debug("validation sent still awaiting reply");
            return true;
        }
        if (vaLidationAcountByUserId.getValidationReceived() == null && vaLidationAcountByUserId.getValidationSent().before(time)) {
            log.debug("validation sent but no reply received");
            return true;
        }
        log.debug("got an item of staus " + vaLidationAcountByUserId.getStatus());
        if (ValidationAccount.STATUS_CONFIRMED.equals(vaLidationAcountByUserId.getStatus())) {
            log.info("account is validated");
            return true;
        }
        log.debug("no conditions met assuming account is not validated");
        return false;
    }

    public ValidationAccount getVaLidationAcountByUserId(String str) {
        Search search = new Search();
        search.addRestriction(new Restriction("userId", str));
        List findBySearch = this.dao.findBySearch(ValidationAccount.class, search);
        if (findBySearch.size() > 0) {
            return (ValidationAccount) findBySearch.get(0);
        }
        return null;
    }

    public List<ValidationAccount> getValidationAccountsByStatus(Integer num) {
        Search search = new Search();
        search.addRestriction(new Restriction("status", num));
        List<ValidationAccount> findBySearch = this.dao.findBySearch(ValidationAccount.class, search);
        return findBySearch.size() > 0 ? findBySearch : new ArrayList();
    }

    public ValidationAccount createValidationAccount(String str) {
        return createValidationAccount(str, false);
    }

    public ValidationAccount createValidationAccount(String str, boolean z) {
        Integer num = 2;
        if (z) {
            num = 1;
        }
        return createValidationAccount(str, num);
    }

    public ValidationAccount createValidationAccount(String str, Integer num) {
        String str2;
        String str3;
        log.debug("createValidationAccount(" + str + ", " + num);
        ValidationAccount validationAccount = new ValidationAccount();
        validationAccount.setUserId(str);
        validationAccount.setValidationToken(this.idManager.createUuid());
        validationAccount.setValidationsSent(1);
        if (num == null) {
            num = 1;
        } else {
            validationAccount.setAccountStatus(num);
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(str);
        HashMap hashMap = new HashMap();
        hashMap.put("validationToken", validationAccount.getValidationToken());
        new HashMap().put("tokenId", validationAccount.getValidationToken());
        hashMap.put("url", this.serverConfigurationService.getServerUrl() + "/accountvalidator/faces/validate?tokenId=" + validationAccount.getValidationToken());
        String idFromRef = EntityReference.getIdFromRef(str);
        str2 = "";
        str3 = "";
        String str4 = "";
        String str5 = "";
        try {
            User user = this.userDirectoryService.getUser(idFromRef);
            str2 = user.getFirstName() != null ? user.getFirstName() : "";
            str3 = user.getLastName() != null ? user.getLastName() : "";
            str4 = user.getDisplayName();
            str5 = user.getEid();
            User createdBy = user.getCreatedBy();
            hashMap.put("addedBy", createdBy.getDisplayName());
            hashMap.put("addedByEmail", createdBy.getEmail());
        } catch (UserNotDefinedException e) {
            e.printStackTrace();
        }
        Set authzGroupsIsAllowed = this.authzGroupService.getAuthzGroupsIsAllowed(idFromRef, "site.visit", (Collection) null);
        log.info("got a list of: " + authzGroupsIsAllowed.size());
        Iterator it = authzGroupsIsAllowed.iterator();
        StringBuilder sb = new StringBuilder();
        int i = 0;
        while (it.hasNext()) {
            try {
                Site site = this.siteService.getSite(this.developerHelperService.getLocationIdFromRef((String) it.next()));
                if (i > 0) {
                    sb.append(", ");
                }
                log.info("adding site: " + site.getTitle());
                sb.append(site.getTitle());
                i++;
            } catch (IdUnusedException e2) {
                e2.printStackTrace();
            }
        }
        hashMap.put("memberSites", sb.toString());
        hashMap.put("displayName", str4);
        hashMap.put("userEid", str5);
        hashMap.put("support.email", this.serverConfigurationService.getString("support.email"));
        hashMap.put("institution", this.serverConfigurationService.getString("ui.institution"));
        this.emailTemplateService.sendRenderedMessages(getTemplateKey(num), arrayList, hashMap, this.serverConfigurationService.getString("support.email"), this.serverConfigurationService.getString("support.email"));
        validationAccount.setValidationSent(new Date());
        validationAccount.setFirstName(str2);
        validationAccount.setSurname(str3);
        this.dao.save(validationAccount);
        return validationAccount;
    }

    private String getTemplateKey(Integer num) {
        log.info("getTemplateKey( " + num.intValue());
        String str = TEMPLATE_KEY_NEW_USER;
        if (2 == num.intValue()) {
            str = TEMPLATE_KEY_EXISTINGUSER;
        } else if (3 == num.intValue() || 4 == num.intValue()) {
            str = TEMPLATE_KEY_LEGACYUSER;
        } else if (5 == num.intValue()) {
            str = TEMPLATE_KEY_PASSWORDRESET;
        }
        return str;
    }

    public void mergeAccounts(String str, String str2) throws ValidationException {
        log.debug("merge account: " + str + ", " + str2 + ")");
        UserEdit userEdit = null;
        try {
            try {
                try {
                    try {
                        try {
                            String idFromRef = EntityReference.getIdFromRef(str);
                            String idFromRef2 = EntityReference.getIdFromRef(str2);
                            SecurityAdvisor securityAdvisor = new SecurityAdvisor() { // from class: org.sakaiproject.accountvalidator.logic.impl.ValidationLogicImpl.1
                                public SecurityAdvisor.SecurityAdvice isAllowed(String str3, String str4, String str5) {
                                    ValidationLogicImpl.log.debug("isAllowed( " + str3 + ", " + str4 + ", " + str5);
                                    if (!"user.upd.any".equals(str4) && !"realm.upd".equals(str4)) {
                                        if (!"user.del".equals(str4)) {
                                            return SecurityAdvisor.SecurityAdvice.NOT_ALLOWED;
                                        }
                                        ValidationLogicImpl.log.debug("advising user can delete users");
                                        return SecurityAdvisor.SecurityAdvice.ALLOWED;
                                    }
                                    return SecurityAdvisor.SecurityAdvice.ALLOWED;
                                }
                            };
                            this.securityService.pushAdvisor(securityAdvisor);
                            log.debug("pushed security avisor: " + securityAdvisor);
                            userEdit = this.userDirectoryService.editUser(idFromRef);
                            Iterator it = this.authzGroupService.getAuthzGroupsIsAllowed(EntityReference.getIdFromRef(str), "site.visit", (Collection) null).iterator();
                            while (it.hasNext()) {
                                AuthzGroup authzGroup = this.authzGroupService.getAuthzGroup((String) it.next());
                                Member member = authzGroup.getMember(idFromRef);
                                Member member2 = authzGroup.getMember(idFromRef2);
                                String id = member.getRole().getId();
                                if (member2 != null && this.groupProvider != null) {
                                    id = this.groupProvider.preferredRole(id, member2.getRole().getId());
                                }
                                authzGroup.addMember(idFromRef2, id, true, false);
                                authzGroup.removeMember(idFromRef);
                                this.authzGroupService.save(authzGroup);
                            }
                            this.userDirectoryService.removeUser(userEdit);
                            if (this.securityService.popAdvisor() == null) {
                                log.warn("Something cleared our advisor!");
                            }
                        } catch (UserPermissionException e) {
                            e.printStackTrace();
                            if (userEdit != null) {
                                this.userDirectoryService.cancelEdit(userEdit);
                            }
                            if (this.securityService.popAdvisor() == null) {
                                log.warn("Something cleared our advisor!");
                            }
                        }
                    } catch (AuthzPermissionException e2) {
                        e2.printStackTrace();
                        if (this.securityService.popAdvisor() == null) {
                            log.warn("Something cleared our advisor!");
                        }
                    }
                } catch (UserLockedException e3) {
                    e3.printStackTrace();
                    if (this.securityService.popAdvisor() == null) {
                        log.warn("Something cleared our advisor!");
                    }
                }
            } catch (GroupNotDefinedException e4) {
                e4.printStackTrace();
                if (this.securityService.popAdvisor() == null) {
                    log.warn("Something cleared our advisor!");
                }
            } catch (UserNotDefinedException e5) {
                e5.printStackTrace();
                if (this.securityService.popAdvisor() == null) {
                    log.warn("Something cleared our advisor!");
                }
            }
        } catch (Throwable th) {
            if (this.securityService.popAdvisor() == null) {
                log.warn("Something cleared our advisor!");
            }
            throw th;
        }
    }

    public void deleteValidationAccount(ValidationAccount validationAccount) {
        this.dao.delete(validationAccount);
    }

    public void save(ValidationAccount validationAccount) {
        this.dao.save(validationAccount);
    }

    private void xmlToTemplate(Element element, String str) {
        String str2;
        String childText = element.getChildText("subject");
        String childText2 = element.getChildText(ZipContentUtil.STATE_MESSAGE);
        String childText3 = element.getChildText("messagehtml");
        String childText4 = element.getChildText("locale");
        element.getChildText("version");
        if (this.emailTemplateService.getEmailTemplate(str, new Locale(childText4)) == null) {
            EmailTemplate emailTemplate = new EmailTemplate();
            emailTemplate.setSubject(childText);
            emailTemplate.setMessage(childText2);
            if (childText3 != null) {
                try {
                    str2 = URLDecoder.decode(childText3, "utf8");
                } catch (UnsupportedEncodingException e) {
                    str2 = childText3;
                    e.printStackTrace();
                }
                emailTemplate.setHtmlMessage(str2);
            }
            emailTemplate.setLocale(childText4);
            emailTemplate.setKey(str);
            emailTemplate.setVersion(1);
            emailTemplate.setOwner(ADMIN);
            emailTemplate.setLastModified(new Date());
            this.emailTemplateService.saveTemplate(emailTemplate);
            log.info(this + " user notification tempalte " + str + " added");
        }
    }

    public void resendValidation(String str) {
        ValidationAccount vaLidationAcountBytoken = getVaLidationAcountBytoken(str);
        if (vaLidationAcountBytoken == null) {
            throw new IllegalArgumentException("no such account: " + str);
        }
        vaLidationAcountBytoken.setValidationSent(new Date());
        vaLidationAcountBytoken.setValidationsSent(Integer.valueOf(vaLidationAcountBytoken.getValidationsSent().intValue() + 1));
        vaLidationAcountBytoken.setStatus(ValidationAccount.STATUS_RESENT);
        save(vaLidationAcountBytoken);
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.userDirectoryService.userReference(vaLidationAcountBytoken.getUserId()));
        HashMap hashMap = new HashMap();
        hashMap.put("validationToken", vaLidationAcountBytoken.getValidationToken());
        new HashMap().put("tokenId", vaLidationAcountBytoken.getValidationToken());
        hashMap.put("url", this.serverConfigurationService.getServerUrl() + "/accountvalidator/faces/validate?tokenId=" + vaLidationAcountBytoken.getValidationToken());
        String idFromRef = EntityReference.getIdFromRef(vaLidationAcountBytoken.getUserId());
        try {
            User user = this.userDirectoryService.getUser(idFromRef);
            String displayName = user.getDisplayName();
            String eid = user.getEid();
            User createdBy = user.getCreatedBy();
            hashMap.put("addedBy", createdBy.getDisplayName());
            hashMap.put("addedByEmail", createdBy.getEmail());
            hashMap.put("displayName", displayName);
            hashMap.put("userEid", eid);
            hashMap.put("support.email", this.serverConfigurationService.getString("support.email"));
            hashMap.put("institution", this.serverConfigurationService.getString("ui.institution"));
        } catch (UserNotDefinedException e) {
            e.printStackTrace();
        }
        Set authzGroupsIsAllowed = this.authzGroupService.getAuthzGroupsIsAllowed(idFromRef, "site.visit", (Collection) null);
        log.debug("got a list of: " + authzGroupsIsAllowed.size());
        Iterator it = authzGroupsIsAllowed.iterator();
        StringBuilder sb = new StringBuilder();
        int i = 0;
        while (it.hasNext()) {
            try {
                Site site = this.siteService.getSite(this.developerHelperService.getLocationIdFromRef((String) it.next()));
                if (i > 0) {
                    sb.append(", ");
                }
                log.debug("adding site: " + site.getTitle());
                sb.append(site.getTitle());
                i++;
            } catch (IdUnusedException e2) {
                e2.printStackTrace();
            }
        }
        hashMap.put("memberSites", sb.toString());
        this.emailTemplateService.sendRenderedMessages(getTemplateKey(vaLidationAcountBytoken.getAccountStatus()), arrayList, hashMap, this.serverConfigurationService.getString("support.email"), this.serverConfigurationService.getString("support.email"));
    }
}
