package sirius.biz.tenants;

import java.util.Collections;
import java.util.List;
import java.util.Optional;
import sirius.biz.model.AddressData;
import sirius.biz.model.PermissionData;
import sirius.biz.web.BizController;
import sirius.biz.web.PageHelper;
import sirius.db.mixing.Constraint;
import sirius.db.mixing.Entity;
import sirius.db.mixing.SmartQuery;
import sirius.db.mixing.constraints.And;
import sirius.db.mixing.constraints.FieldOperator;
import sirius.db.mixing.constraints.Or;
import sirius.kernel.di.std.ConfigValue;
import sirius.kernel.di.std.Register;
import sirius.kernel.health.Exceptions;
import sirius.kernel.nls.NLS;
import sirius.web.controller.Controller;
import sirius.web.controller.DefaultRoute;
import sirius.web.controller.Message;
import sirius.web.controller.Routed;
import sirius.web.http.WebContext;
import sirius.web.security.LoginRequired;
import sirius.web.security.Permission;
import sirius.web.security.UserContext;
import sirius.web.services.JSONStructuredOutput;

@Register(classes = {Controller.class})
/* loaded from: input_file:sirius/biz/tenants/TenantController.class */
public class TenantController extends BizController {
    public static final String PERMISSION_MANAGE_TENANTS = "permission-manage-tenants";
    public static final String PERMISSION_SELECT_TENANT = "permission-select-tenant";

    @ConfigValue("security.tenantPermissions")
    private List<String> permissions;

    @ConfigValue("product.wondergemRoot")
    private String wondergemRoot;

    public List<String> getPermissions() {
        return Collections.unmodifiableList(this.permissions);
    }

    public String getPermissionName(String str) {
        return NLS.get("TenantPermission." + str);
    }

    public String getPermissionDescription(String str) {
        return (String) NLS.getIfExists("TenantPermission." + str + ".description", NLS.getCurrentLang()).orElse("");
    }

    @LoginRequired
    @Routed("/tenants")
    @DefaultRoute
    @Permission(PERMISSION_MANAGE_TENANTS)
    public void tenants(WebContext webContext) {
        PageHelper withQuery = PageHelper.withQuery(this.oma.select(Tenant.class).orderAsc(Tenant.NAME));
        withQuery.withContext(webContext);
        withQuery.withSearchFields(Tenant.NAME, Tenant.ACCOUNT_NUMBER, Tenant.ADDRESS.inner(AddressData.STREET), Tenant.ADDRESS.inner(AddressData.CITY));
        webContext.respondWith().template("view/tenants/tenants.html", new Object[]{withQuery.asPage()});
    }

    @Routed("/tenant/:1")
    @LoginRequired
    @Permission(PERMISSION_MANAGE_TENANTS)
    public void tenant(WebContext webContext, String str) {
        Tenant tenant = (Tenant) find(Tenant.class, str);
        if (webContext.isPOST()) {
            try {
                boolean isNew = tenant.isNew();
                load(webContext, tenant);
                tenant.getPermissions().getPermissions().clear();
                for (String str2 : webContext.getParameters("permissions")) {
                    if (getPermissions().contains(str2)) {
                        tenant.getPermissions().getPermissions().add(str2);
                    }
                }
                this.oma.update(tenant);
                showSavedMessage();
                if (isNew) {
                    webContext.respondWith().redirectTemporarily(WebContext.getContextPrefix() + "/tenant/" + tenant.getId());
                    return;
                }
            } catch (Throwable th) {
                UserContext.handle(th);
            }
        }
        webContext.respondWith().template("view/tenants/tenant-details.html", new Object[]{tenant, this, this.oma.select(Tenant.class).orderAsc(Tenant.NAME).where(new Constraint[]{FieldOperator.on(Tenant.ID).notEqual(Long.valueOf(tenant.getId()))}).queryList()});
    }

    @Routed(value = "/tenant/:1/update", jsonCall = true)
    @LoginRequired
    @Permission(PERMISSION_MANAGE_TENANTS)
    public void tenantUpdate(WebContext webContext, JSONStructuredOutput jSONStructuredOutput, String str) {
        Tenant tenant = (Tenant) find(Tenant.class, str);
        assertNotNew(tenant);
        load(webContext, tenant);
        if (webContext.hasParameter(Tenant.PERMISSIONS.inner(PermissionData.CONFIG_STRING).getName())) {
            tenant.getPermissions().getConfig();
        }
        tenant.getPermissions().getPermissions().clear();
        for (String str2 : webContext.getParameters("permissions")) {
            if (getPermissions().contains(str2)) {
                tenant.getPermissions().getPermissions().add(str2);
            }
        }
        this.oma.update(tenant);
    }

    @Routed("/tenant/:1/config")
    @LoginRequired
    @Permission(PERMISSION_MANAGE_TENANTS)
    public void tenantConfig(WebContext webContext, String str) {
        Tenant tenant = (Tenant) find(Tenant.class, str);
        assertNotNew(tenant);
        webContext.respondWith().template("view/tenants/tenant-config.html", new Object[]{tenant});
    }

    @Routed("/tenant/:1/delete")
    @LoginRequired
    @Permission(PERMISSION_MANAGE_TENANTS)
    public void deleteTenant(WebContext webContext, String str) {
        Optional find = this.oma.find(Tenant.class, str);
        if (find.isPresent()) {
            if (((Tenant) find.get()).getId() == currentTenant().getId()) {
                throw Exceptions.createHandled().withNLSKey("TenantController.cannotDeleteSelf").handle();
            }
            this.oma.delete((Entity) find.get());
            showDeletedMessage();
        }
        tenants(webContext);
    }

    @LoginRequired
    @Routed("/tenants/select")
    @DefaultRoute
    @Permission(PERMISSION_SELECT_TENANT)
    public void selectTenants(WebContext webContext) {
        PageHelper withQuery = PageHelper.withQuery(queryPossibleTenants(webContext).orderAsc(Tenant.NAME));
        withQuery.withContext(webContext);
        withQuery.withSearchFields(Tenant.NAME, Tenant.ACCOUNT_NUMBER, Tenant.ADDRESS.inner(AddressData.STREET), Tenant.ADDRESS.inner(AddressData.CITY));
        webContext.respondWith().template("view/tenants/select-tenant.html", new Object[]{withQuery.asPage()});
    }

    @LoginRequired
    @Routed("/tenants/select/:1")
    public void selectTenant(WebContext webContext, String str) {
        if ("main".equals(str)) {
            webContext.setSessionValue(UserContext.getCurrentScope().getScopeId() + TenantUserManager.TENANT_SPY_ID_SUFFIX, (Object) null);
            webContext.respondWith().redirectTemporarily("/tenants/select");
            return;
        }
        assertPermission(PERMISSION_SELECT_TENANT);
        Tenant tenant = (Tenant) queryPossibleTenants(webContext).eq(Tenant.ID, str).queryFirst();
        if (tenant == null) {
            UserContext.get().addMessage(Message.error(NLS.get("TenantController.cannotBecomeTenant")));
            selectTenants(webContext);
        } else {
            webContext.setSessionValue(UserContext.getCurrentScope().getScopeId() + TenantUserManager.TENANT_SPY_ID_SUFFIX, tenant.getIdAsString());
            webContext.respondWith().redirectTemporarily(webContext.get("goto").asString(this.wondergemRoot));
        }
    }

    private SmartQuery<Tenant> queryPossibleTenants(WebContext webContext) {
        String originalTenantId = UserContext.get().getUserManager().getOriginalTenantId(webContext);
        Optional find = this.oma.find(Tenant.class, originalTenantId);
        if (!find.isPresent()) {
            throw Exceptions.createHandled().withSystemErrorMessage("Cannot determine current tenant!", new Object[0]).handle();
        }
        SmartQuery<Tenant> select = this.oma.select(Tenant.class);
        if (!hasPermission(TenantUserManager.PERMISSION_SYSTEM_TENANT)) {
            if (((Tenant) find.get()).isCanAccessParent()) {
                select.where(new Constraint[]{Or.of(new Constraint[]{And.of(new Constraint[]{FieldOperator.on(Tenant.PARENT).eq(originalTenantId), FieldOperator.on(Tenant.PARENT_CAN_ACCESS).eq(true)}), FieldOperator.on(Tenant.ID).eq(((Tenant) find.get()).getParent().getId())})});
            } else {
                select.where(new Constraint[]{And.of(new Constraint[]{FieldOperator.on(Tenant.PARENT).eq(originalTenantId), FieldOperator.on(Tenant.PARENT_CAN_ACCESS).eq(true)})});
            }
        }
        return select;
    }
}
