package com.formkiq.server.api;

import com.formkiq.server.domain.type.UserDTO;
import com.formkiq.server.domain.type.UserListDTO;
import com.formkiq.server.domain.type.UserRole;
import com.formkiq.server.domain.type.UserStatus;
import com.formkiq.server.service.AuthenticationFailureException;
import com.formkiq.server.service.PreconditionFailedException;
import com.formkiq.server.service.SpringSecurityService;
import com.formkiq.server.service.SystemPropertyService;
import com.formkiq.server.service.UserService;
import com.formkiq.server.util.Strings;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import javax.servlet.http.HttpServletRequest;
import javax.transaction.Transactional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mail.MailSender;
import org.springframework.mail.SimpleMailMessage;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RestController
/* loaded from: input_file:com/formkiq/server/api/UsersController.class */
public class UsersController extends AbstractRestController {
    public static final String OAUTH_TOKEN = "/oauth/token";
    public static final String API_USER_RESET_PASSWORD = "/api/users/resetpassword";
    public static final String API_USER_LOST_PASSWORD = "/api/users/lostpassword";
    public static final String API_USER_SAVE = "/api/users/save";
    public static final String API_USER_GET = "/api/users/get";
    public static final String API_USER_LIST = "/api/users/list";
    public static final String API_USER_DELETE = "/api/users/delete";
    public static final String API_USER_SHARE = "/api/users/share";
    public static final String API_USER_CAN_CREATE = "/api/users/cancreate";

    @Autowired
    private MailSender mailSender;

    @Autowired
    private UserService userservice;

    @Autowired
    private SpringSecurityService securityService;

    @Autowired
    private SystemPropertyService systemProperties;

    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = ApiMessageResponse.class), @ApiResponse(code = 401, message = "Unauthorized"), @ApiResponse(code = 403, message = "Forbidden"), @ApiResponse(code = 404, message = "Not Found"), @ApiResponse(code = 500, message = "Failure")})
    @RequestMapping(value = {API_USER_CAN_CREATE}, method = {RequestMethod.GET})
    @ApiOperation(value = "canCreateUser", nickname = "canCreateUser")
    @Transactional
    public ApiMessageResponse canCreateUser() {
        boolean isInviteOnly = this.systemProperties.isInviteOnly();
        if (this.securityService.isAdmin()) {
            isInviteOnly = false;
        }
        return new ApiMessageResponse("" + (!isInviteOnly));
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = ApiMessageResponse.class), @ApiResponse(code = 401, message = "Unauthorized"), @ApiResponse(code = 403, message = "Forbidden"), @ApiResponse(code = 404, message = "Not Found"), @ApiResponse(code = 500, message = "Failure")})
    @RequestMapping(value = {API_USER_RESET_PASSWORD}, method = {RequestMethod.POST})
    @ApiOperation(value = "changePassword", nickname = "changePassword")
    @Transactional
    public ApiMessageResponse changePassword(HttpServletRequest httpServletRequest, @RequestParam(value = "email", required = true) String str, @RequestParam(value = "resettoken", required = true) String str2, @RequestParam(value = "password", required = true) String str3, @RequestParam(value = "confirmpassword", required = true) String str4) {
        getApiVersion(httpServletRequest);
        if (!str3.equals(str4)) {
            throw new PreconditionFailedException("Passwords do not match");
        }
        this.userservice.updatePassword(str, str2, str3);
        return new ApiMessageResponse("Password has been Reset");
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = ApiMessageResponse.class), @ApiResponse(code = 401, message = "Unauthorized"), @ApiResponse(code = 403, message = "Forbidden"), @ApiResponse(code = 404, message = "Not Found"), @ApiResponse(code = 500, message = "Failure")})
    @RequestMapping(value = {API_USER_DELETE}, method = {RequestMethod.POST})
    @Secured({"ROLE_ADMIN"})
    @ApiOperation(value = "delete", nickname = "deleteUser")
    @Transactional
    public ApiMessageResponse delete(HttpServletRequest httpServletRequest, @RequestParam(value = "email", required = true) String str) {
        this.userservice.deleteUser(str);
        return new ApiMessageResponse("User deleted");
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = UserDTO.class), @ApiResponse(code = 401, message = "Unauthorized"), @ApiResponse(code = 403, message = "Forbidden"), @ApiResponse(code = 404, message = "Not Found"), @ApiResponse(code = 500, message = "Failure")})
    @RequestMapping(value = {API_USER_GET}, method = {RequestMethod.GET})
    @ApiOperation(value = "get", nickname = "getUser")
    @Transactional
    public UserDTO get(HttpServletRequest httpServletRequest, @RequestParam(value = "email", required = false) String str) {
        String username = !Strings.isEmpty(str) ? str : this.securityService.getUsername();
        if (!this.securityService.isUser(username) && !this.securityService.isAdmin()) {
            throw new AuthenticationFailureException("access denied");
        }
        getApiVersion(httpServletRequest);
        return this.userservice.findUser(username, false);
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = ApiMessageResponse.class), @ApiResponse(code = 401, message = "Unauthorized"), @ApiResponse(code = 403, message = "Forbidden"), @ApiResponse(code = 404, message = "Not Found"), @ApiResponse(code = 500, message = "Failure")})
    @RequestMapping(value = {API_USER_SHARE}, method = {RequestMethod.POST})
    @ApiOperation(value = "share", nickname = "share")
    @Transactional
    public ApiMessageResponse share(HttpServletRequest httpServletRequest, @RequestParam(value = "email", required = true) String str, @RequestParam(value = "folder", required = true) String str2, @RequestParam(value = "permission", required = true) String[] strArr) {
        ApiMessageResponse apiMessageResponse;
        getApiVersion(httpServletRequest);
        UserDetails userDetails = this.securityService.getUserDetails();
        if (this.userservice.shareFolderWithUser(userDetails, str, str2, this.securityService.toPermissions(strArr))) {
            SimpleMailMessage simpleMailMessage = new SimpleMailMessage();
            simpleMailMessage.setTo(str);
            simpleMailMessage.setSubject("FormKiQ invite");
            simpleMailMessage.setText("Hi there,\n\nYou've been invited by " + userDetails.getUsername() + " to join their FormKiQ folder.\nFormKiQ is a app to store and share information on your iOS device.\nIt make work simpler, more pleasant, and more productive!\nGet the App..\n\nhttps://itunes.apple.com/us/app/formkiq/id1110575884\n\nThanks!- The FormKiQ Team");
            this.mailSender.send(simpleMailMessage);
            apiMessageResponse = new ApiMessageResponse("Invite has been sent to " + str);
        } else {
            apiMessageResponse = new ApiMessageResponse("Permission have been updated for " + str);
        }
        return apiMessageResponse;
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = UserListDTO.class), @ApiResponse(code = 401, message = "Unauthorized"), @ApiResponse(code = 403, message = "Forbidden"), @ApiResponse(code = 404, message = "Not Found"), @ApiResponse(code = 500, message = "Failure")})
    @RequestMapping(value = {API_USER_LIST}, method = {RequestMethod.GET})
    @Secured({"ROLE_ADMIN"})
    @ApiOperation(value = "list", nickname = "listUser")
    @Transactional
    public UserListDTO list(HttpServletRequest httpServletRequest, @RequestParam(value = "token", required = false) String str) {
        return this.userservice.findUsers(str);
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = ApiMessageResponse.class), @ApiResponse(code = 401, message = "Unauthorized"), @ApiResponse(code = 403, message = "Forbidden"), @ApiResponse(code = 404, message = "Not Found"), @ApiResponse(code = 500, message = "Failure")})
    @RequestMapping(value = {API_USER_LOST_PASSWORD}, method = {RequestMethod.POST})
    @ApiOperation(value = "lostpassword", nickname = "lostpassword")
    @Transactional
    public ApiMessageResponse lostpassword(HttpServletRequest httpServletRequest, @RequestParam(value = "email", required = true) String str) {
        try {
            String systemHostname = this.systemProperties.getSystemHostname();
            String generateResetToken = this.userservice.generateResetToken(str);
            SimpleMailMessage simpleMailMessage = new SimpleMailMessage();
            simpleMailMessage.setTo(str);
            simpleMailMessage.setSubject("Lost Password");
            simpleMailMessage.setText("Hi there,\n\nSomeone recently requested a password change for your FormKiQ account.  If this was you, you can enter this reset token into the app to change your password.\n\nclick this link " + systemHostname + "/resetpassword?email=" + str + "&resettoken=" + generateResetToken + " to Reset your password\n\nIf you don't want to change your password or didn't request this, just ignore and delete this message.\n\nThanks!- The FormKiQ Team");
            this.mailSender.send(simpleMailMessage);
            return new ApiMessageResponse("Reset Password Link has been sent to your email");
        } catch (AuthenticationFailureException e) {
            throw new PreconditionFailedException(str + " not found");
        }
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = ApiMessageResponse.class), @ApiResponse(code = 401, message = "Unauthorized"), @ApiResponse(code = 403, message = "Forbidden"), @ApiResponse(code = 404, message = "Not Found"), @ApiResponse(code = 500, message = "Failure")})
    @RequestMapping(value = {API_USER_SAVE}, method = {RequestMethod.POST})
    @ApiOperation(value = "save", nickname = "saveUser")
    @Transactional
    public ApiMessageResponse save(HttpServletRequest httpServletRequest, @RequestParam(value = "email", required = true) String str, @RequestParam(value = "password", required = false) String str2, @RequestParam(value = "confirmpassword", required = false) String str3, @RequestParam(value = "role", required = false) String str4, @RequestParam(value = "status", required = false) String str5) {
        UserRole userRole = UserRole.ROLE_USER;
        UserStatus userStatus = UserStatus.ACTIVE;
        getApiVersion(httpServletRequest);
        if (this.securityService.isAdmin()) {
            if (!StringUtils.isEmpty(str4)) {
                userRole = UserRole.valueOf(str4.trim());
            }
            if (!StringUtils.isEmpty(str5)) {
                userStatus = UserStatus.valueOf(str5.trim());
            }
        } else {
            this.securityService.checkBasicAuthorization(httpServletRequest.getHeader("authorization"));
        }
        if (str2 != null && !str2.equals(str3)) {
            throw new PreconditionFailedException("Passwords do not match");
        }
        this.userservice.saveUser(str, str2, userRole, userStatus);
        return new ApiMessageResponse("User has been saved");
    }
}
