package tv.hd3g.authkit.mod.controller;

import java.util.List;
import java.util.UUID;
import javax.validation.constraints.NotEmpty;
import org.owasp.encoder.Encode;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import tv.hd3g.authkit.mod.dto.ressource.CreatedUserDto;
import tv.hd3g.authkit.mod.dto.ressource.GroupOrRoleDto;
import tv.hd3g.authkit.mod.dto.ressource.ItemListDto;
import tv.hd3g.authkit.mod.dto.ressource.UserDto;
import tv.hd3g.authkit.mod.dto.ressource.UserPrivacyDto;
import tv.hd3g.authkit.mod.dto.validated.AddGroupOrRoleDto;
import tv.hd3g.authkit.mod.dto.validated.AddUserDto;
import tv.hd3g.authkit.mod.dto.validated.ChangeIPDto;
import tv.hd3g.authkit.mod.dto.validated.ListStringDto;
import tv.hd3g.authkit.mod.dto.validated.RenameGroupOrRoleDto;
import tv.hd3g.authkit.mod.exception.AuthKitException;
import tv.hd3g.authkit.mod.repository.UserDao;
import tv.hd3g.authkit.mod.repository.UserRepository;
import tv.hd3g.authkit.mod.service.AuthenticationService;
import tv.hd3g.authkit.utility.LogSanitizer;
import tv.hd3g.commons.authkit.AuditAfter;
import tv.hd3g.commons.authkit.CheckBefore;

@RequestMapping(value = {"/v1/authkit"}, produces = {"application/json"})
@RestController
@CheckBefore({"SecurityAdmin"})
/* loaded from: input_file:tv/hd3g/authkit/mod/controller/RestControllerUser.class */
public class RestControllerUser {

    @Autowired
    private AuthenticationService authenticationService;

    @Autowired
    private UserDao userDao;

    @Autowired
    private UserRepository userRepository;

    @Value("${authkit.dbMaxFetchSize:50}")
    private int dbMaxFetchSize;

    @Value("${authkit.realm:default}")
    private String realm;

    @PostMapping({"users"})
    @AuditAfter(value = "addUser", changeSecurity = true)
    @Transactional(readOnly = false)
    public ResponseEntity<CreatedUserDto> addUser(@RequestBody @Validated AddUserDto addUserDto) {
        return new ResponseEntity<>(new CreatedUserDto(Encode.forJavaScript(addUserDto.getUserLogin()), this.authenticationService.addUser(addUserDto), this.realm), HttpStatus.CREATED);
    }

    @AuditAfter(value = "getUser", changeSecurity = false)
    @Transactional(readOnly = true)
    @GetMapping({"users/{uuid}"})
    public ResponseEntity<UserDto> getUser(@PathVariable("uuid") @NotEmpty String str) {
        String sanitize = LogSanitizer.sanitize(str);
        return new ResponseEntity<>(this.userDao.getUserByUUID(UUID.fromString(sanitize)).orElseThrow(() -> {
            return new AuthKitException(404, "Can't found user " + sanitize);
        }), HttpStatus.OK);
    }

    @AuditAfter(value = "listUser", changeSecurity = false)
    @Transactional(readOnly = true)
    @GetMapping({"users"})
    public ResponseEntity<ItemListDto<UserDto>> listUsers(@RequestParam(defaultValue = "0") int i, @RequestParam(defaultValue = "0") int i2) {
        int min;
        int min2;
        List<UserDto> userList;
        int count = (int) this.userRepository.count();
        if (count == 0) {
            min = 0;
            min2 = 0;
            userList = List.of();
        } else {
            min = i2 < 1 ? this.dbMaxFetchSize : Math.min(count, Math.min(this.dbMaxFetchSize, i2));
            min2 = Math.min(count - 1, Math.max(0, i));
            userList = this.userDao.getUserList(min2, min);
        }
        ItemListDto itemListDto = new ItemListDto(userList);
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
        linkedMultiValueMap.add("Content-Range", min2 + "-" + min + "/" + count);
        linkedMultiValueMap.add("Accept-Range", "user " + this.dbMaxFetchSize);
        return userList.size() == count ? new ResponseEntity<>(itemListDto, linkedMultiValueMap, HttpStatus.OK) : new ResponseEntity<>(itemListDto, linkedMultiValueMap, HttpStatus.PARTIAL_CONTENT);
    }

    @AuditAfter(value = "disableUser", changeSecurity = true)
    @Transactional(readOnly = false)
    @PutMapping({"users/{uuid}/disable"})
    public ResponseEntity<Object> disableUser(@PathVariable("uuid") @NotEmpty String str) {
        this.authenticationService.disableUser(LogSanitizer.sanitize(str));
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "enableUser", changeSecurity = true)
    @Transactional(readOnly = false)
    @PutMapping({"users/{uuid}/enable"})
    public ResponseEntity<Object> enableUser(@PathVariable("uuid") @NotEmpty String str) {
        this.authenticationService.enableUser(LogSanitizer.sanitize(str));
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "switchUserMustResetPassword", changeSecurity = true)
    @Transactional(readOnly = false)
    @PutMapping({"users/{uuid}/switchresetpassword"})
    public ResponseEntity<Object> switchUserMustResetPassword(@PathVariable("uuid") @NotEmpty String str) {
        this.authenticationService.setUserMustChangePassword(LogSanitizer.sanitize(str));
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "resetUserLogonTrials", changeSecurity = true)
    @Transactional(readOnly = false)
    @PutMapping({"users/{uuid}/resetlogontrials"})
    public ResponseEntity<Object> resetUserLogonTrials(@PathVariable("uuid") @NotEmpty String str) {
        this.authenticationService.resetUserLogonTrials(LogSanitizer.sanitize(str));
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @DeleteMapping({"users/{uuid}"})
    @AuditAfter(value = "removeUser", changeSecurity = true)
    @Transactional(readOnly = false)
    public ResponseEntity<Object> removeUser(@PathVariable("uuid") @NotEmpty String str) {
        this.authenticationService.removeUser(LogSanitizer.sanitize(str));
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "addGroup", changeSecurity = true)
    @PostMapping({"groups"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> addGroup(@RequestBody @Validated AddGroupOrRoleDto addGroupOrRoleDto) {
        this.authenticationService.addGroup(addGroupOrRoleDto);
        return new ResponseEntity<>(HttpStatus.CREATED);
    }

    @AuditAfter(value = "renameGroup", changeSecurity = true)
    @PostMapping({"groups/rename"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> renameGroup(@RequestBody @Validated RenameGroupOrRoleDto renameGroupOrRoleDto) {
        this.authenticationService.renameGroup(renameGroupOrRoleDto);
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "setGroupDescription", changeSecurity = true)
    @Transactional(readOnly = false)
    @PutMapping({"groups/description"})
    public ResponseEntity<Object> setGroupDescription(@RequestBody @Validated AddGroupOrRoleDto addGroupOrRoleDto) {
        this.authenticationService.setGroupDescription(addGroupOrRoleDto);
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "addUserInGroup", changeSecurity = true)
    @PostMapping({"users/{uuid}/ingroup/{name}"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> addUserInGroup(@PathVariable("uuid") @NotEmpty String str, @PathVariable("name") @NotEmpty String str2) {
        this.authenticationService.addUserInGroup(LogSanitizer.sanitize(str), LogSanitizer.sanitize(str2));
        return new ResponseEntity<>(HttpStatus.CREATED);
    }

    @AuditAfter(value = "removeUserInGroup", changeSecurity = true)
    @DeleteMapping({"users/{uuid}/ingroup/{name}"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> removeUserInGroup(@PathVariable("uuid") @NotEmpty String str, @PathVariable("name") @NotEmpty String str2) {
        this.authenticationService.removeUserInGroup(LogSanitizer.sanitize(str), LogSanitizer.sanitize(str2));
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "removeGroup", changeSecurity = true)
    @DeleteMapping({"groups/{name}"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> removeGroup(@PathVariable("name") @NotEmpty String str) {
        this.authenticationService.removeGroup(LogSanitizer.sanitize(str));
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "listAllGroups", changeSecurity = false)
    @Transactional(readOnly = false)
    @GetMapping({"groups"})
    public ResponseEntity<ItemListDto<GroupOrRoleDto>> listAllGroups() {
        return new ResponseEntity<>(new ItemListDto(this.authenticationService.listAllGroups()), HttpStatus.OK);
    }

    @AuditAfter(value = "listGroupsForUser", changeSecurity = false)
    @Transactional(readOnly = false)
    @GetMapping({"users/{uuid}/groups"})
    public ResponseEntity<ItemListDto<GroupOrRoleDto>> listGroupsForUser(@PathVariable("uuid") @NotEmpty String str) {
        return new ResponseEntity<>(new ItemListDto(this.authenticationService.listGroupsForUser(LogSanitizer.sanitize(str))), HttpStatus.OK);
    }

    @AuditAfter(value = "addRole", changeSecurity = true)
    @PostMapping({"roles"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> addRole(@RequestBody @Validated AddGroupOrRoleDto addGroupOrRoleDto) {
        this.authenticationService.addRole(addGroupOrRoleDto);
        return new ResponseEntity<>(HttpStatus.CREATED);
    }

    @AuditAfter(value = "renameRole", changeSecurity = true)
    @PostMapping({"roles/rename"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> renameRole(@RequestBody @Validated RenameGroupOrRoleDto renameGroupOrRoleDto) {
        this.authenticationService.renameRole(renameGroupOrRoleDto);
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "setRoleDescription", changeSecurity = true)
    @Transactional(readOnly = false)
    @PutMapping({"roles/description"})
    public ResponseEntity<Object> setRoleDescription(@RequestBody @Validated AddGroupOrRoleDto addGroupOrRoleDto) {
        this.authenticationService.setRoleDescription(addGroupOrRoleDto);
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "setRoleOnlyForClients", changeSecurity = true)
    @Transactional(readOnly = false)
    @PutMapping({"roles/{rolename}/setOnlyForClient"})
    public ResponseEntity<Object> setRoleOnlyForClient(@PathVariable("rolename") @NotEmpty String str, @RequestBody @Validated ChangeIPDto changeIPDto) {
        this.authenticationService.setRoleOnlyForClient(LogSanitizer.sanitize(str), changeIPDto.getIp());
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "addGroupInRole", changeSecurity = true)
    @PostMapping({"groups/{groupname}/inrole/{rolename}"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> addGroupInRole(@PathVariable("groupname") @NotEmpty String str, @PathVariable("rolename") @NotEmpty String str2) {
        String sanitize = LogSanitizer.sanitize(str2);
        this.authenticationService.addGroupInRole(LogSanitizer.sanitize(str), sanitize);
        return new ResponseEntity<>(HttpStatus.CREATED);
    }

    @AuditAfter(value = "removeGroupInRole", changeSecurity = true)
    @DeleteMapping({"groups/{groupname}/inrole/{rolename}"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> removeGroupInRole(@PathVariable("groupname") @NotEmpty String str, @PathVariable("rolename") @NotEmpty String str2) {
        String sanitize = LogSanitizer.sanitize(str2);
        this.authenticationService.removeGroupInRole(LogSanitizer.sanitize(str), sanitize);
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "removeRole", changeSecurity = true)
    @DeleteMapping({"roles/{rolename}"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> removeRole(@PathVariable("rolename") @NotEmpty String str) {
        this.authenticationService.removeRole(LogSanitizer.sanitize(str));
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "listAllRoles", changeSecurity = false)
    @Transactional(readOnly = false)
    @GetMapping({"roles"})
    public ResponseEntity<ItemListDto<GroupOrRoleDto>> listAllRoles() {
        return new ResponseEntity<>(new ItemListDto(this.authenticationService.listAllRoles()), HttpStatus.OK);
    }

    @AuditAfter(value = "listRolesForGroup", changeSecurity = false)
    @Transactional(readOnly = false)
    @GetMapping({"groups/{groupname}/roles"})
    public ResponseEntity<ItemListDto<GroupOrRoleDto>> listRolesForGroup(@PathVariable("groupname") @NotEmpty String str) {
        return new ResponseEntity<>(new ItemListDto(this.authenticationService.listRolesForGroup(LogSanitizer.sanitize(str))), HttpStatus.OK);
    }

    @AuditAfter(value = "addRightInRole", changeSecurity = true)
    @PostMapping({"roles/{rolename}/rights/{rightname}"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> addRightInRole(@PathVariable("rolename") @NotEmpty String str, @PathVariable("rightname") @NotEmpty String str2) {
        this.authenticationService.addRightInRole(LogSanitizer.sanitize(str), LogSanitizer.sanitize(str2));
        return new ResponseEntity<>(HttpStatus.CREATED);
    }

    @AuditAfter(value = "removeRightInRole", changeSecurity = true)
    @DeleteMapping({"roles/{rolename}/rights/{rightname}"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> removeRightInRole(@PathVariable("rolename") @NotEmpty String str, @PathVariable("rightname") @NotEmpty String str2) {
        this.authenticationService.removeRightInRole(LogSanitizer.sanitize(str), LogSanitizer.sanitize(str2));
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "getAllRights", changeSecurity = false)
    @Transactional(readOnly = false)
    @GetMapping({"rights"})
    public ResponseEntity<ItemListDto<String>> getAllRights() {
        return new ResponseEntity<>(new ItemListDto(this.authenticationService.getAllRights()), HttpStatus.OK);
    }

    @AuditAfter(value = "listRightsForRole", changeSecurity = false)
    @Transactional(readOnly = false)
    @GetMapping({"roles/{rolename}/rights"})
    public ResponseEntity<ItemListDto<String>> listRightsForRole(@PathVariable("rolename") @NotEmpty String str) {
        return new ResponseEntity<>(new ItemListDto(this.authenticationService.listRightsForRole(LogSanitizer.sanitize(str))), HttpStatus.OK);
    }

    @AuditAfter(value = "addContextInRight", changeSecurity = true)
    @PostMapping({"roles/{rolename}/rights/{rightname}/contexts/{context}"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> addContextInRight(@PathVariable("rolename") @NotEmpty String str, @PathVariable("rightname") @NotEmpty String str2, @PathVariable("context") @NotEmpty String str3) {
        this.authenticationService.addContextInRight(LogSanitizer.sanitize(str), LogSanitizer.sanitize(str2), LogSanitizer.sanitize(str3));
        return new ResponseEntity<>(HttpStatus.CREATED);
    }

    @AuditAfter(value = "removeContextInRight", changeSecurity = true)
    @DeleteMapping({"roles/{rolename}/rights/{rightname}/contexts/{context}"})
    @Transactional(readOnly = false)
    public ResponseEntity<Object> removeContextInRight(@PathVariable("rolename") @NotEmpty String str, @PathVariable("rightname") @NotEmpty String str2, @PathVariable("context") @NotEmpty String str3) {
        this.authenticationService.removeContextInRight(LogSanitizer.sanitize(str), LogSanitizer.sanitize(str2), LogSanitizer.sanitize(str3));
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @AuditAfter(value = "listContextsForRight", changeSecurity = false)
    @Transactional(readOnly = false)
    @GetMapping({"roles/{rolename}/rights/{rightname}/contexts"})
    public ResponseEntity<ItemListDto<String>> listContextsForRight(@PathVariable("rolename") @NotEmpty String str, @PathVariable("rightname") @NotEmpty String str2) {
        return new ResponseEntity<>(new ItemListDto(this.authenticationService.listContextsForRight(LogSanitizer.sanitize(str), LogSanitizer.sanitize(str2))), HttpStatus.OK);
    }

    @AuditAfter(value = "listLinkedUsersForGroup", changeSecurity = false)
    @Transactional(readOnly = false)
    @GetMapping({"groups/{name}/users"})
    public ResponseEntity<ItemListDto<UserDto>> listLinkedUsersForGroup(@PathVariable("name") @NotEmpty String str) {
        return new ResponseEntity<>(new ItemListDto(this.authenticationService.listLinkedUsersForGroup(LogSanitizer.sanitize(str))), HttpStatus.OK);
    }

    @AuditAfter(value = "listLinkedGroupsForRole", changeSecurity = false)
    @Transactional(readOnly = false)
    @GetMapping({"roles/{name}/groups"})
    public ResponseEntity<ItemListDto<GroupOrRoleDto>> listLinkedGroupsForRole(@PathVariable("name") @NotEmpty String str) {
        return new ResponseEntity<>(new ItemListDto(this.authenticationService.listLinkedGroupsForRole(LogSanitizer.sanitize(str))), HttpStatus.OK);
    }

    @AuditAfter(value = "getUserPrivacy", changeSecurity = false)
    @Transactional(readOnly = true)
    @GetMapping({"users/{uuid}/privacy"})
    public ResponseEntity<UserPrivacyDto> getUserPrivacy(@PathVariable("uuid") @NotEmpty String str) {
        List<UserPrivacyDto> userPrivacyList = this.authenticationService.getUserPrivacyList(List.of(LogSanitizer.sanitize(str)));
        return new ResponseEntity<>(userPrivacyList.isEmpty() ? new UserPrivacyDto() : userPrivacyList.get(0), HttpStatus.OK);
    }

    @AuditAfter(value = "getUsersPrivacy", changeSecurity = false)
    @Transactional(readOnly = true)
    @GetMapping({"users/privacy"})
    public ResponseEntity<ItemListDto<UserPrivacyDto>> getUsersPrivacy(@RequestBody @Validated ListStringDto listStringDto) {
        return new ResponseEntity<>(new ItemListDto(this.authenticationService.getUserPrivacyList(listStringDto.getList())), HttpStatus.OK);
    }

    @AuditAfter(value = "setUserPrivacy", changeSecurity = true)
    @Transactional(readOnly = false)
    @PutMapping({"users/{uuid}/privacy"})
    public ResponseEntity<Object> setUserPrivacy(@RequestBody @Validated UserPrivacyDto userPrivacyDto, @PathVariable("uuid") @NotEmpty String str) {
        this.authenticationService.setUserPrivacy(LogSanitizer.sanitize(str), userPrivacyDto);
        return new ResponseEntity<>(HttpStatus.OK);
    }
}
