package controllers.api;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.nazdaq.core.defines.OrderDir;
import com.nazdaq.core.defines.acts.ActivityAction;
import com.nazdaq.core.helpers.FileHelper;
import com.nazdaq.core.helpers.NSystem;
import com.nazdaq.core.helpers.RequestHelper;
import com.nazdaq.noms.acls.ACLNoPermissionException;
import com.nazdaq.noms.app.auth.action.Authentication;
import com.nazdaq.noms.app.auth.action.ResponseType;
import com.nazdaq.noms.app.auth.session.SessionKillUser;
import com.nazdaq.noms.app.auth.session.UserSession;
import com.nazdaq.noms.app.globals.APIGlobal;
import com.nazdaq.noms.app.helpers.AppsConsoleHelpers;
import com.nazdaq.noms.app.helpers.UserImport;
import java.io.File;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import javax.inject.Inject;
import models.acl.UserGroup;
import models.acl.defines.ACLSubject;
import models.system.StoredFile;
import models.users.User;
import play.Logger;
import play.i18n.MessagesApi;
import play.libs.Json;
import play.mvc.Http;
import play.mvc.Result;

/* loaded from: input_file:controllers/api/Users.class */
public class Users extends APIGlobal {
    private static final Logger.ALogger logger = Logger.of(Users.class);
    public static String NAME = "Users";

    @Inject
    public Users(MessagesApi messagesApi) {
        super(messagesApi);
    }

    @Authentication(perms = {ACLSubject.USER_READ}, response = ResponseType.JSON)
    public Result allusers(Http.Request request) {
        ObjectNode newObject = Json.newObject();
        newObject.set("users", Json.toJson(User.allUsers()));
        return ok(newObject);
    }

    @Authentication(perms = {ACLSubject.USER_READ}, response = ResponseType.JSON)
    public Result filteredUsersByName(Http.Request request) {
        ObjectNode newObject = Json.newObject();
        newObject.set("users", Json.toJson(User.getPage(RequestHelper.hasParam(request, "username") ? ((String) Objects.requireNonNull(RequestHelper.getParamString(request, "username"))).trim() : "", 1, 20, "userid", OrderDir.ASC).getList()));
        return ok(newObject);
    }

    @Authentication(perms = {}, response = ResponseType.JSON)
    public Result user_get(Http.Request request, Integer num) throws ACLNoPermissionException {
        boolean z = false;
        ObjectNode newObject = Json.newObject();
        if (num.equals(0)) {
            num = Integer.valueOf(getCurrentUser(request).getId());
            z = true;
        }
        User user = User.getuserbyid(num.intValue());
        if (user == null) {
            return response(request, false, NAME, "Can't find user!", newObject, "UNKNOWN");
        }
        if (user.isDeleted()) {
            logger.error("user_get - User '" + num + "' was removed from the system!");
            return response(request, false, NAME, "User was removed from the system!", newObject, "UNKNOWN");
        }
        if (!z && !permSystemCheck(request, ACLSubject.USER_MOD, true)) {
            return ok(getUserJson(user));
        }
        newObject.set("user", Json.toJson(user));
        List<UserGroup> groups = user.getGroups();
        ArrayList arrayList = new ArrayList();
        for (UserGroup userGroup : groups) {
            if (!userGroup.isDeleted()) {
                arrayList.add(userGroup);
            }
        }
        newObject.set("groups", Json.toJson(arrayList));
        return response(request, true, NAME, "User", newObject, "noerr");
    }

    @Authentication(perms = {}, response = ResponseType.JSON)
    public Result user_update(Http.Request request, Integer num) throws ACLNoPermissionException {
        ObjectNode newObject = Json.newObject();
        User currentUser = getCurrentUser(request);
        if (num.equals(0)) {
            num = Integer.valueOf(currentUser.getId());
        } else {
            permSystemCheck(request, ACLSubject.USER_MOD, false);
        }
        User user = User.getuserbyid(num.intValue());
        if (user == null) {
            return response(request, false, NAME, "Can't find user!", newObject, "UNKNOWN");
        }
        if (user.isDeleted()) {
            logger.error("user_get - User '" + num + "' was removed from the system!");
            return response(request, false, NAME, "User was removed from the system!", newObject, "UNKNOWN");
        }
        JsonNode asJson = request.body().asJson();
        if (asJson == null) {
            logger.error("user_update - Expecting Json data!");
            return response(request, false, NAME, "Expecting Json data", newObject, "INPUT");
        }
        try {
            if (!asJson.hasNonNull("email")) {
                return response(request, false, NAME, "Email can't be empty!", newObject, "INPUT");
            }
            if (!asJson.hasNonNull("username")) {
                return response(request, false, NAME, "Username can't be empty!", newObject, "INPUT");
            }
            User user2 = User.getuserbyusername(asJson.get("username").asText());
            if (user2 != null && !num.equals(Integer.valueOf(user2.getId()))) {
                return response(request, false, NAME, "Username not available!", newObject, "INPUT");
            }
            User updateUser = User.updateUser(currentUser, num.intValue(), asJson);
            getCurrentUser(request).addActivity(ActivityAction.UPDATED_USR, currentUser.getId(), new String[]{updateUser.getId(), updateUser.getDisplayName()});
            removeCache(num.intValue());
            return response(request, true, NAME, "User '" + updateUser.getDisplayName() + "' was updated successfully", newObject, "noerr");
        } catch (Exception e) {
            logger.error("Failed to update user: " + num, e);
            return response(request, false, NAME, e.getMessage(), newObject, "UNKNOWN");
        }
    }

    @Authentication(perms = {ACLSubject.USER_MOD}, response = ResponseType.JSON)
    public Result user_create(Http.Request request) {
        ObjectNode newObject = Json.newObject();
        ObjectNode asJson = request.body().asJson();
        if (asJson == null) {
            logger.error("user_create - Expecting Json data!");
            return response(request, false, NAME, "Expecting Json data", newObject, "INPUT");
        }
        ObjectNode objectNode = asJson;
        if (!objectNode.hasNonNull("email")) {
            return response(request, false, NAME, "Email can't be empty!", newObject, "INPUT");
        }
        if (!objectNode.hasNonNull("username")) {
            return response(request, false, NAME, "Username can't be empty!", newObject, "INPUT");
        }
        if (!User.is_username_available(objectNode.get("username").asText())) {
            return response(request, false, NAME, "Username not available!", newObject, "INPUT");
        }
        try {
            User createUser = User.createUser(objectNode);
            getCurrentUser(request).addActivity(ActivityAction.CREATED_USR, getCurrentUser(request).getId(), new String[]{String.valueOf(createUser.getId()), createUser.getDisplayName()});
            return response(request, true, NAME, "User '" + createUser.getDisplayName() + "' was created successfully", newObject, "noerr");
        } catch (Exception e) {
            logger.error("Failed to create user.", e);
            return response(request, false, NAME, "Failed to create a new user, Error: " + e.getMessage(), newObject, "UNKNOWN");
        }
    }

    @Authentication(perms = {ACLSubject.USER_MOD}, response = ResponseType.JSON)
    public Result user_delete(Http.Request request, Integer num) {
        ObjectNode newObject = Json.newObject();
        try {
            if (num.equals(Integer.valueOf(getCurrentUser(request).getId()))) {
                return response(request, false, NAME, "You can't delete your own User!", newObject, "PERMERR");
            }
            User user = User.getuserbyid(num.intValue());
            if (user.isMainAdmin()) {
                throw new Exception("Can't delete main admin user");
            }
            User.deleteUser(num.intValue());
            getCurrentUser(request).addActivity(ActivityAction.DELETED_USR, getCurrentUser(request).getId(), new String[]{String.valueOf(user.getId()), user.getDisplayName()});
            return response(request, true, NAME, "User '" + user.getDisplayName() + "' deleted successfully", newObject, "noerr");
        } catch (Exception e) {
            logger.error("Failed to delete user.", e);
            return response(request, false, NAME, "Failed to delete user, Error: " + e.getMessage(), newObject, "UNKNOWN");
        }
    }

    @Authentication(perms = {}, response = ResponseType.JSON)
    public Result developer_gen(Http.Request request, Integer num) throws ACLNoPermissionException {
        ObjectNode newObject = Json.newObject();
        if (num.equals(0)) {
            num = Integer.valueOf(getCurrentUser(request).getId());
        } else {
            permSystemCheck(request, ACLSubject.USER_MOD, false);
        }
        User user = User.getuserbyid(num.intValue());
        if (user == null) {
            return response(request, false, NAME, "Can't find user!", newObject, "UNKNOWN");
        }
        user.addActivity(ActivityAction.USR_GENERATEDKEY, num.intValue(), new String[]{String.valueOf(user.getId()), user.getDisplayName()});
        getCurrentUser(request).addActivity(ActivityAction.GENDEV_USR, num.intValue(), new String[]{String.valueOf(user.getId()), user.getDisplayName()});
        user.generateNewApiKeys();
        newObject.put("sharedkey", user.getSecretSignKey());
        newObject.put("apikey", user.getApikey());
        return response(request, true, NAME, "Developer Keys generated successfully!", newObject, "noerr");
    }

    @Authentication(perms = {}, response = ResponseType.JSON)
    public Result developer_show(Http.Request request, Integer num) throws ACLNoPermissionException {
        ObjectNode newObject = Json.newObject();
        if (num.equals(0)) {
            num = Integer.valueOf(getCurrentUser(request).getId());
        } else {
            permSystemCheck(request, ACLSubject.USER_MOD, false);
        }
        User user = User.getuserbyid(num.intValue());
        if (user == null) {
            return response(request, false, NAME, "Can't find user!", newObject, "UNKNOWN");
        }
        if (user.getApikey() == null || user.getApikey().isEmpty()) {
            return response(request, false, NAME, "No API key been generated.", newObject, "UNKNOWN");
        }
        newObject.put("sharedkey", user.getSecretSignKey());
        newObject.put("apikey", user.getApikey());
        return response(request, true, NAME, "Developer Keys showed successfully!", newObject, "noerr");
    }

    @Authentication(perms = {}, response = ResponseType.JSON)
    public Result developer_getfile(Http.Request request) throws ACLNoPermissionException {
        ObjectNode newObject = Json.newObject();
        int i = 0;
        if (RequestHelper.hasParam(request, "userid")) {
            i = RequestHelper.getParamInteger(request, "userid");
        }
        if (i == 0) {
            i = getCurrentUser(request).getId();
        } else {
            permSystemCheck(request, ACLSubject.USER_MOD, false);
        }
        User user = User.getuserbyid(i);
        if (user == null) {
            return response(request, false, NAME, "Can't find user!", newObject, "UNKNOWN");
        }
        if (user.getApikey() == null || user.getApikey().isEmpty()) {
            return response(request, false, NAME, "No API key been generated.", newObject, "UNKNOWN");
        }
        try {
            String combine = FileHelper.combine(FileHelper.getTempDir(), "bsuite-" + NSystem.randInt(0, 100000) + ".ini");
            AppsConsoleHelpers.generateKeyIniFile(user, RequestHelper.getBaseURL(request), combine);
            return ok(new File(combine)).as("text/plain").withHeader("Content-Disposition", "attachment; filename=bsuite.ini");
        } catch (Exception e) {
            return response(request, false, NAME, e.getMessage(), newObject, "UNKNOWN");
        }
    }

    @Authentication(perms = {ACLSubject.USER_MOD}, response = ResponseType.JSON)
    public Result sessions_list(Http.Request request) {
        ObjectNode newObject = Json.newObject();
        newObject.set("sessions", Json.toJson(UserSession.getAsList()));
        return response(request, true, NAME, "Sessions list.", newObject, "noerr");
    }

    @Authentication(perms = {ACLSubject.USER_MOD}, response = ResponseType.JSON)
    public Result sessions_kill(Http.Request request, Integer num) {
        ObjectNode newObject = Json.newObject();
        User currentUser = getCurrentUser(request);
        if (currentUser.getId() == num.intValue()) {
            return response(request, false, NAME, "You can't kill your own session!", newObject, "UNKNOWN");
        }
        UserSession.setKilled(UserSession.getOnlineSession(num.intValue()), SessionKillUser.builder().userName(currentUser.getUsername()).ip(RequestHelper.ipAddress(request)).build());
        logger.info("UserAuth - Session Kill signal sent to - '" + num + "' Successful");
        return response(request, true, NAME, "Session for userid: " + num + " killed successfully!", newObject, "noerr");
    }

    @Authentication(perms = {ACLSubject.USER_MOD}, response = ResponseType.JSON)
    public Result importCSVfile(Http.Request request) {
        ObjectNode newObject = Json.newObject();
        try {
            JsonNode asJson = request.body().asJson();
            if (asJson == null) {
                return response(request, false, NAME, "Expecting Json data", newObject, "INPUT");
            }
            long asLong = asJson.get("id").asLong();
            if (asLong <= 0) {
                throw new Exception("The file id can't be empty or 0");
            }
            StoredFile storedFile = StoredFile.getbyid(asLong);
            if (storedFile == null) {
                throw new Exception("The file id doesn't exists!");
            }
            List<UserImport> openCSV = UserImport.openCSV(storedFile);
            newObject.set("users", Json.toJson(openCSV));
            return response(request, true, NAME, "Users fetched, Total: " + openCSV.size(), newObject, "noerr");
        } catch (Exception e) {
            logger.error("Failed to import", e);
            return response(request, false, NAME, e.getMessage(), newObject, "UNKNOWN");
        }
    }

    @Authentication(perms = {ACLSubject.USER_MOD}, response = ResponseType.JSON)
    public Result saveUsersFromCsv(Http.Request request) {
        ObjectNode newObject = Json.newObject();
        try {
            JsonNode asJson = request.body().asJson();
            if (asJson == null) {
                return response(request, false, NAME, "Expecting Json data", newObject, "INPUT");
            }
            JsonNode jsonNode = asJson.get("users");
            ObjectNode newObject2 = Json.newObject();
            int i = 0;
            int i2 = 0;
            Iterator it = jsonNode.iterator();
            while (it.hasNext()) {
                ObjectNode objectNode = (JsonNode) it.next();
                if (!User.is_username_available(objectNode.get("userName").asText())) {
                    objectNode.put("message", "-Username is not available");
                    newObject2.set(Integer.toString(i), objectNode);
                    i++;
                } else if (objectNode.get("enabled").asBoolean()) {
                    User.create(objectNode.get("userName").asText(), objectNode.get("email").asText(), objectNode.get("password").asText(), objectNode.get("firstName").asText(), objectNode.get("lastName").asText(), objectNode.get("phone").asText(), (StoredFile) null, objectNode.get("comment").asText(), false);
                    i2++;
                } else {
                    newObject2.set(Integer.toString(i), objectNode);
                    i++;
                }
            }
            User.rebuildUserToDefaultGroupsACL();
            newObject.set("unsavedUsers", newObject2);
            return response(request, true, NAME, i2 + "Users were added successfully", newObject, "noerr");
        } catch (Exception e) {
            return response(request, false, NAME, e.getMessage(), newObject, "UNKNOWN");
        }
    }
}
