package com.nazdaq.noms.app.auth;

import com.fasterxml.jackson.databind.node.ObjectNode;
import com.nazdaq.core.helpers.AppConfig;
import com.nazdaq.core.helpers.RequestHelper;
import com.nazdaq.gen.models.BlockID;
import com.nazdaq.noms.acls.ACLNoPermissionException;
import com.nazdaq.noms.acls.ACLPermissionCheck;
import com.nazdaq.noms.app.auth.action.AuthAction;
import com.nazdaq.noms.app.auth.action.SessionStorage;
import com.nazdaq.noms.app.auth.session.UserSession;
import com.nazdaq.noms.app.helpers.Object2ByteConvert;
import com.nazdaq.noms.webmodels.SuiteErrorType;
import com.nazdaq.noms.webmodels.SuiteResponse;
import com.nazdaq.noms.webmodels.SuiteResponseStatus;
import java.util.Iterator;
import java.util.Objects;
import java.util.concurrent.CompletableFuture;
import javax.inject.Singleton;
import models.acl.ACLContainer;
import models.acl.ACLMapper;
import models.acl.UserGroup;
import models.acl.defines.ACLSubject;
import models.reports.run.ReportRun;
import models.system.SettingProperty;
import models.users.User;
import org.apache.commons.lang3.builder.HashCodeBuilder;
import org.jetbrains.annotations.NotNull;
import play.Logger;
import play.libs.Json;
import play.mvc.Controller;
import play.mvc.Http;
import play.mvc.Result;

@Singleton
/* loaded from: input_file:com/nazdaq/noms/app/auth/GlobalController.class */
public class GlobalController extends Controller {
    private static final Logger.ALogger logger;
    public static final String STATUS = "status";
    public static final String TITLE = "title";
    public static final String MSG = "msg";
    public static final String SUCCESS = "success";
    public static final String ERROR = "error";
    public static final String WARNING = "warning";
    public static final String ERROR_PERM = "PERMERR";
    public static final String ERROR_INPUT = "INPUT";
    public static final String ERROR_UNKNOWN = "UNKNOWN";
    public static final String ERROR_API = "APIERR";
    public static final String UNAUTH_PERM = "UNAUTH_PERM";
    public static final String NOERROR = "noerr";
    static final /* synthetic */ boolean $assertionsDisabled;

    public long cacheKey(Http.Request request) {
        HashCodeBuilder hashCodeBuilder = new HashCodeBuilder();
        hashCodeBuilder.append(ACLContainer.getSystemDefault().getUpdated());
        if (AuthAction.isLoggedIn(request)) {
            User user = User.getuserbyid(SessionStorage.getUserId(request.session()));
            Iterator<UserGroup> it = user.getGroups().iterator();
            while (it.hasNext()) {
                hashCodeBuilder.append(it.next().getUpdated());
            }
            hashCodeBuilder.append(user.getGroups().size());
            hashCodeBuilder.append(user.getUpdated());
            hashCodeBuilder.append(user.getId());
        }
        hashCodeBuilder.append(SettingProperty.getLastChange());
        hashCodeBuilder.append(System.getProperty("started_time"));
        int hashCode = hashCodeBuilder.toHashCode() * BlockID.TITLE;
        if (hashCode < 0) {
            hashCode = -hashCode;
        }
        return hashCode;
    }

    public ObjectNode getUserJson(User user) {
        ObjectNode User2ObjectNode = Object2ByteConvert.User2ObjectNode(user);
        if (!$assertionsDisabled && User2ObjectNode == null) {
            throw new AssertionError();
        }
        User2ObjectNode.put(User.ADMIN_USERNAME, user.inAdminGroup());
        User2ObjectNode.remove("profilepic");
        User2ObjectNode.remove("settings");
        User2ObjectNode.remove("comment");
        User2ObjectNode.remove("password");
        return User2ObjectNode;
    }

    public User getCurrentUser(Http.Request request) {
        return AuthAction.getCurrentUser(request);
    }

    public CompletableFuture<Result> responseAsync(Http.Request request, boolean z, String str, String str2, ObjectNode objectNode, String str3) {
        return CompletableFuture.completedFuture(response(request, z, str, str2, objectNode, str3));
    }

    public CompletableFuture<Result> responseAsync(Http.Request request, boolean z, String str, String str2, ObjectNode objectNode, String str3, Exception exc) {
        return CompletableFuture.completedFuture(response(request, z, str, str2, objectNode, str3, exc));
    }

    public Result response(Http.Request request, boolean z, String str, String str2, ObjectNode objectNode, String str3, Exception exc) {
        String str4 = request.method() + " " + request.uri();
        return response(request, z, str, str2, objectNode, str3);
    }

    public static Result response(Http.Request request, boolean z, String str, String str2, @NotNull ObjectNode objectNode, String str3) {
        objectNode.put("title", str);
        objectNode.put(MSG, str2);
        if (z) {
            objectNode.put(STATUS, "success");
            return ok(objectNode);
        }
        String ipAddress = RequestHelper.ipAddress(request);
        objectNode.put(STATUS, "error");
        if (!str3.equals(ERROR_PERM)) {
            logger.warn("JSON Response IP:" + ipAddress + ", Title: '" + str + " - " + objectNode.toString());
            return badRequest(objectNode);
        }
        logger.warn("Json Response Error: " + str2);
        if (AuthAction.isLoggedIn(request)) {
            objectNode.put(MSG, "User '" + ((User) Objects.requireNonNull(AuthAction.getCurrentUser(request))).getDisplayName() + "' don't have permission to this service, you maybe logged in with different user, Refresh your browser to have the latest permissions enabled.");
        } else {
            objectNode.put(MSG, "You need to login");
        }
        logger.warn("Json Response to '" + ipAddress + "': " + str + " - " + objectNode.get(MSG));
        return badRequest(objectNode);
    }

    public static Result response(Http.Request request, String str, String str2, Object obj, SuiteErrorType suiteErrorType) {
        SuiteResponse suiteResponse = new SuiteResponse(str, str2);
        if (suiteErrorType.equals(SuiteErrorType.NOERROR)) {
            suiteResponse.setData(Json.toJson(obj));
            suiteResponse.setStatus(SuiteResponseStatus.SUCCESS);
            return ok(suiteResponse.toJson());
        }
        String ipAddress = RequestHelper.ipAddress(request);
        suiteResponse.setStatus(SuiteResponseStatus.ERROR);
        if (!suiteErrorType.equals(SuiteErrorType.PERM)) {
            logger.trace("JSON Response IP:" + ipAddress + ", Title: '" + suiteResponse.getTitle() + " - " + suiteResponse.toString());
            return badRequest(suiteResponse.toJson());
        }
        logger.warn("Json Response Error: " + str2);
        if (AuthAction.isLoggedIn(request)) {
            suiteResponse.setMsg("User '" + ((User) Objects.requireNonNull(AuthAction.getCurrentUser(request))).getDisplayName() + "' don't have permission to this service, you maybe logged in with different user, Refresh your browser to have the latest permissions enabled.");
        } else {
            suiteResponse.setMsg("You need to login");
        }
        logger.warn("Json Response to '" + ipAddress + "': " + suiteResponse.getTitle() + " - " + suiteResponse.getMsg());
        return badRequest(suiteResponse.toJson());
    }

    public static boolean isValidSys() {
        return Boolean.parseBoolean(System.getProperty("validsys"));
    }

    public static boolean hasMM() {
        return Boolean.parseBoolean(System.getProperty("hasMM"));
    }

    public static boolean isMMExpired() {
        return Boolean.parseBoolean(System.getProperty("mmIsExpired"));
    }

    public static boolean hasb2Win() {
        return Boolean.parseBoolean(System.getProperty("hasB2Win"));
    }

    public static boolean isB2WinExpired() {
        return Boolean.parseBoolean(System.getProperty("b2WinIsExpired"));
    }

    public static boolean hasB2Data() {
        return Boolean.parseBoolean(System.getProperty("hasB2Data"));
    }

    public static boolean isB2DataExpired() {
        return Boolean.parseBoolean(System.getProperty("b2DataIsExpired"));
    }

    public static boolean hasDMS() {
        return Boolean.parseBoolean(System.getProperty("hasDMS"));
    }

    public static boolean isDMSExpired() {
        return Boolean.parseBoolean(System.getProperty("dmsIsExpired"));
    }

    public static boolean hasMigration() {
        return Boolean.parseBoolean(System.getProperty("addon_Migration"));
    }

    public static boolean hasApproval() {
        return Boolean.parseBoolean(System.getProperty("addon_Approval"));
    }

    public void removeCache(int i) {
        try {
            UserSession.setUser(i, null);
        } catch (Exception e) {
        }
    }

    public boolean permCheck(Http.Request request, ACLMapper<?> aCLMapper, ACLSubject aCLSubject) throws ACLNoPermissionException {
        User currentUser = AuthAction.getCurrentUser(request);
        if ($assertionsDisabled || currentUser != null) {
            return ACLPermissionCheck.permCheck(aCLMapper, currentUser, aCLSubject);
        }
        throw new AssertionError();
    }

    public boolean permCheck(Http.Request request, ACLContainer aCLContainer, String str, ACLSubject aCLSubject) throws ACLNoPermissionException {
        return ACLPermissionCheck.permCheck(aCLContainer, str, AuthAction.getCurrentUser(request), aCLSubject, false);
    }

    public boolean permSystemCheck(Http.Request request, ACLSubject aCLSubject, boolean z) throws ACLNoPermissionException {
        return ACLPermissionCheck.permSystemCheck(AuthAction.getCurrentUser(request), aCLSubject, z);
    }

    public boolean permSystemCheck(User user, ACLSubject aCLSubject, boolean z) throws ACLNoPermissionException {
        return ACLPermissionCheck.permSystemCheck(user, aCLSubject, z);
    }

    @NotNull
    public static UserSession getUserSession(Http.Session session) throws Exception {
        UserSession onlineSession = UserSession.getOnlineSession(SessionStorage.getUserId(session));
        if (onlineSession != null) {
            return onlineSession;
        }
        throw new Exception("No session is opened for this user!");
    }

    public Result AllowIFRame(@NotNull Result result) {
        return result.withHeaders(new String[]{"X-Frame-Options", "SAMEORIGIN"});
    }

    public boolean hasRunPermission(Http.Request request, @NotNull ReportRun reportRun, boolean z) throws Exception {
        try {
            permCheck(request, reportRun.getReport(), ACLSubject.B2OUTPUT_READ);
            if (reportRun.getCompanyObject() != null) {
                try {
                    permCheck(request, reportRun.getCompanyObject(), ACLSubject.COMPANY_READ);
                } catch (Exception e) {
                    logger.warn("Failed while checking permission for company {}:{}", new Object[]{Integer.valueOf(reportRun.getCompanyObject().getId()), reportRun.getCompanyObject().getCode(), e});
                    if (z) {
                        throw e;
                    }
                }
            }
            User currentUser = AuthAction.getCurrentUser(request);
            if (!$assertionsDisabled && currentUser == null) {
                throw new AssertionError();
            }
            if (currentUser.inAdminGroup()) {
                return true;
            }
            if (reportRun.isB2WMode() && permSystemCheck(request, ACLSubject.APPLICATIONS, false)) {
                if (!hasb2Win()) {
                    logger.error("You don't have a license for B2Output App!");
                    return false;
                }
                if (!isB2WinExpired()) {
                    return (reportRun.getExecutedby() != null && reportRun.getExecutedby().getId() == currentUser.getId()) || reportRun.getLoginUser().equals(currentUser.getUsername());
                }
                logger.error("Your B2Output App license has expired");
                return false;
            }
            if (!reportRun.isMMMode() || !permSystemCheck(request, ACLSubject.SMARTENGINE_ACCESS, false)) {
                return false;
            }
            if (!hasMM()) {
                logger.error("You don't have a license for Smart Engine!");
                return false;
            }
            if (!isMMExpired()) {
                return (reportRun.getExecutedby() != null && reportRun.getExecutedby().getId() == currentUser.getId()) || reportRun.getLoginUser().equals(currentUser.getUsername()) || permCheck(request, reportRun.getReport(), ACLSubject.B2OUTPUT_MOD);
            }
            logger.error("Your SmartEngine license has expired");
            return false;
        } catch (ACLNoPermissionException e2) {
            if (z) {
                throw e2;
            }
            logger.warn("You don't have access to subject {}, Report: {}, Message: {}", new Object[]{e2.getSubject(), reportRun.getReport().getReport(), e2.getMessage(), e2});
            return false;
        }
    }

    public Result appendAssetCache(@NotNull Result result) {
        return result.withHeader("Cache-Control", AppConfig.static_cache_age);
    }

    public Result noCache(@NotNull Result result) {
        return result.withHeader("Cache-Control", "no-store");
    }

    static {
        $assertionsDisabled = !GlobalController.class.desiredAssertionStatus();
        logger = Logger.of(GlobalController.class);
    }
}
