package prices.auth.vmj.model.passworded;

import com.google.api.client.http.HttpMethods;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import prices.auth.vmj.annotations.Restricted;
import prices.auth.vmj.exceptions.AuthException;
import prices.auth.vmj.model.UserFactory;
import prices.auth.vmj.model.UserRoleFactory;
import prices.auth.vmj.model.core.Role;
import prices.auth.vmj.model.core.RoleComponent;
import prices.auth.vmj.model.core.User;
import prices.auth.vmj.model.core.UserComponent;
import prices.auth.vmj.model.core.UserDecorator;
import prices.auth.vmj.model.core.UserResourceComponent;
import prices.auth.vmj.model.core.UserResourceDecorator;
import prices.auth.vmj.model.core.UserRoleImpl;
import prices.auth.vmj.model.utils.KeepLoginUtils;
import prices.auth.vmj.model.utils.PasswordUtils;
import vmj.hibernate.integrator.RepositoryUtil;
import vmj.routing.route.Route;
import vmj.routing.route.VMJExchange;
import vmj.routing.route.exceptions.ExchangeException;

/* loaded from: input_file:winvmj-libraries/prices.auth.vmj.model-2.1.0.jar:prices/auth/vmj/model/passworded/UserPasswordedResourceDecorator.class */
public class UserPasswordedResourceDecorator extends UserResourceDecorator {
    public RepositoryUtil<UserRoleImpl> userRoleDao;
    public RepositoryUtil<Role> roleDao;

    public UserPasswordedResourceDecorator(UserResourceComponent userResourceComponent) {
        super(userResourceComponent);
        this.userRoleDao = new RepositoryUtil<>(UserRoleImpl.class);
        this.roleDao = new RepositoryUtil<>(RoleComponent.class);
    }

    private ArrayList<String> splitPermissions(String str) {
        return str.equals("") ? new ArrayList<>() : new ArrayList<>(Arrays.asList(str.split(",")));
    }

    private void getUserAllowedPerms(int i, ArrayList<String> arrayList) {
        Iterator<UserRoleImpl> it = this.userRoleDao.getListObject("auth_user_role_impl", "authUser", Integer.valueOf(i)).iterator();
        while (it.hasNext()) {
            Iterator<String> it2 = splitPermissions(it.next().role.getAllowedPermissions()).iterator();
            while (it2.hasNext()) {
                String next = it2.next();
                if (!arrayList.contains(next)) {
                    arrayList.add(next);
                }
            }
        }
    }

    @Override // prices.auth.vmj.model.core.UserResourceDecorator, prices.auth.vmj.model.core.UserResourceComponent, prices.auth.vmj.model.core.UserResource
    @Route(url = "auth/user/save")
    public HashMap<String, Object> saveUser(VMJExchange vMJExchange) {
        if (vMJExchange.getHttpMethod().equals(HttpMethods.OPTIONS)) {
            return null;
        }
        new HashMap();
        Object requestBodyForm = vMJExchange.getRequestBodyForm("email");
        String hashPassword = PasswordUtils.hashPassword((String) vMJExchange.getRequestBodyForm("password"));
        List<User> listObject = this.userDao.getListObject("auth_user_impl", "email", requestBodyForm);
        if (!listObject.isEmpty()) {
            User user = listObject.get(0);
            if (this.userDao.getListObject("auth_user_social", "user_id", Integer.valueOf(user.getId())).size() > 0) {
                ArrayList<String> splitPermissions = splitPermissions(user.getAllowedPermissions());
                getUserAllowedPerms(user.getId(), splitPermissions);
                User createUser = UserFactory.createUser("prices.auth.vmj.model.passworded.UserPasswordedImpl", user, hashPassword);
                this.userDao.saveObject(createUser);
                HashMap<String, Object> hashMap = createUser.toHashMap();
                hashMap.put("allowedPermissions", splitPermissions);
                hashMap.put("token", PasswordUtils.generateAuthToken(Integer.toString(createUser.getId()), createUser.getEmail()));
                hashMap.put("token_keep_login", KeepLoginUtils.generateKeepLoginToken(Integer.toString(createUser.getId()), createUser.getEmail(), String.join(",", splitPermissions)));
                return hashMap;
            }
        }
        UserDecorator userDecorator = (UserDecorator) createUserWithPassword(vMJExchange);
        this.userDao.saveObject(userDecorator);
        UserComponent user2 = userDecorator.getUser();
        Integer num = 2;
        this.userRoleDao.saveObject(UserRoleFactory.createUserRole("prices.auth.vmj.model.core.UserRoleImpl", (RoleComponent) this.roleDao.getObject(num.intValue()), user2));
        HashMap<String, Object> hashMap2 = userDecorator.toHashMap();
        ArrayList<String> splitPermissions2 = splitPermissions(userDecorator.getAllowedPermissions());
        getUserAllowedPerms(user2.getId(), splitPermissions2);
        hashMap2.put("allowedPermissions", splitPermissions2);
        hashMap2.put("token", PasswordUtils.generateAuthToken(Integer.toString(userDecorator.getId()), userDecorator.getEmail()));
        hashMap2.put("token_keep_login", KeepLoginUtils.generateKeepLoginToken(Integer.toString(userDecorator.getId()), userDecorator.getEmail(), String.join(",", splitPermissions2)));
        return hashMap2;
    }

    @Restricted(permissionName = "administrator")
    @Route(url = "call/user/save")
    public List<HashMap<String, Object>> addUser(VMJExchange vMJExchange) {
        if (vMJExchange.getHttpMethod().equals(HttpMethods.OPTIONS)) {
            return null;
        }
        String str = (String) vMJExchange.getRequestBodyForm("roleIds");
        if (str == null) {
            str = "";
        }
        ArrayList<Integer> splitRoleId = splitRoleId(str);
        UserDecorator userDecorator = (UserDecorator) createUserWithPerms(vMJExchange);
        new HashMap();
        this.userDao.saveObject(userDecorator);
        UserComponent user = userDecorator.getUser();
        Iterator<Integer> it = splitRoleId.iterator();
        while (it.hasNext()) {
            this.userRoleDao.saveObject(UserRoleFactory.createUserRole("prices.auth.vmj.model.core.UserRoleImpl", (RoleComponent) this.roleDao.getObject(it.next().intValue()), user));
        }
        return this.record.getAllUser(vMJExchange);
    }

    public User createUserWithPassword(VMJExchange vMJExchange) {
        return UserFactory.createUser("prices.auth.vmj.model.passworded.UserPasswordedImpl", this.record.createUser(vMJExchange), PasswordUtils.hashPassword((String) vMJExchange.getRequestBodyForm("password")));
    }

    @Override // prices.auth.vmj.model.core.UserResourceDecorator, prices.auth.vmj.model.core.UserResourceComponent
    public User createUserWithPerms(VMJExchange vMJExchange) {
        return UserFactory.createUser("prices.auth.vmj.model.passworded.UserPasswordedImpl", this.record.createUserWithPerms(vMJExchange), PasswordUtils.hashPassword((String) vMJExchange.getRequestBodyForm("password")));
    }

    @Route(url = "auth/forgot-password-token")
    public HashMap<String, Object> getForgotPasswordToken(VMJExchange vMJExchange) {
        if (vMJExchange.getHttpMethod().equals(HttpMethods.OPTIONS)) {
            return null;
        }
        Object requestBodyForm = vMJExchange.getRequestBodyForm("email");
        List<User> listObject = this.userDao.getListObject("auth_user_impl", "email", requestBodyForm);
        HashMap<String, Object> hashMap = new HashMap<>();
        if (listObject.isEmpty()) {
            throw new ExchangeException("User dengan email " + requestBodyForm + " tidak ditemukan");
        }
        if (this.userDao.getListObject("auth_user_passworded", "user_id", Integer.valueOf(listObject.get(0).getId())).isEmpty()) {
            throw new ExchangeException("User tidak ditemukan");
        }
        hashMap.put("forgotPasswordToken", PasswordUtils.generateForgotToken((String) requestBodyForm));
        return hashMap;
    }

    @Route(url = "auth/forgot-password")
    public HashMap<String, Object> forgotPassword(VMJExchange vMJExchange) {
        if (vMJExchange.getHttpMethod().equals(HttpMethods.OPTIONS)) {
            return null;
        }
        String emailFromForgotToken = PasswordUtils.getEmailFromForgotToken(((String) vMJExchange.getRequestBodyForm("forgotPasswordToken")).replace(StringUtils.SPACE, "+"));
        String hashPassword = PasswordUtils.hashPassword((String) vMJExchange.getRequestBodyForm("password"));
        HashMap<String, Object> hashMap = new HashMap<>();
        List<User> listObject = this.userDao.getListObject("auth_user_impl", "email", emailFromForgotToken);
        if (listObject.isEmpty()) {
            throw new ExchangeException("Token tidak valid");
        }
        List<User> listObject2 = this.userDao.getListObject("auth_user_passworded", "user_id", Integer.valueOf(listObject.get(0).getId()));
        if (listObject2.isEmpty()) {
            throw new ExchangeException("User tidak ditemukan");
        }
        User user = listObject2.get(0);
        user.setPassword(hashPassword);
        this.userDao.updateObject(user);
        return hashMap;
    }

    @Route(url = "auth/login/pwd")
    public HashMap<String, Object> login(VMJExchange vMJExchange) {
        if (vMJExchange.getHttpMethod().equals(HttpMethods.OPTIONS)) {
            return null;
        }
        Object requestBodyForm = vMJExchange.getRequestBodyForm("email");
        String hashPassword = PasswordUtils.hashPassword((String) vMJExchange.getRequestBodyForm("password"));
        List<User> listObject = this.userDao.getListObject("auth_user_impl", "email", requestBodyForm);
        if (listObject.isEmpty()) {
            new HashMap();
            throw new AuthException("User dengan email " + requestBodyForm + " tidak ditemukan");
        }
        User user = listObject.get(0);
        if (!this.userDao.getListObject("auth_user_passworded", "user_id", Integer.valueOf(user.getId())).get(0).getPassword().equals(hashPassword)) {
            throw new AuthException("email dan password tidak cocok");
        }
        ArrayList<String> splitPermissions = splitPermissions(user.getAllowedPermissions());
        getUserAllowedPerms(user.getId(), splitPermissions);
        HashMap<String, Object> hashMap = new HashMap<>();
        hashMap.put("token", PasswordUtils.generateAuthToken(Integer.toString(user.getId()), (String) requestBodyForm));
        hashMap.put("name", user.getName());
        hashMap.put("email", requestBodyForm);
        hashMap.put("allowedPermissions", splitPermissions);
        hashMap.put("token_keep_login", KeepLoginUtils.generateKeepLoginToken(Integer.toString(user.getId()), user.getEmail(), String.join(",", splitPermissions)));
        return hashMap;
    }

    @Override // prices.auth.vmj.model.core.UserResourceDecorator, prices.auth.vmj.model.core.UserResourceComponent, prices.auth.vmj.model.core.UserResource
    public List<HashMap<String, Object>> deleteUser(VMJExchange vMJExchange) {
        if (vMJExchange.getHttpMethod().equals(HttpMethods.OPTIONS)) {
            return null;
        }
        List<User> listObject = this.userDao.getListObject("auth_user_passworded", "user_id", Integer.valueOf(Integer.parseInt((String) vMJExchange.getRequestBodyForm("id"))));
        if (listObject.size() > 0) {
            this.userDao.deleteObject(((UserDecorator) listObject.get(0)).getId());
        }
        return this.record.deleteUser(vMJExchange);
    }

    private ArrayList<Integer> splitRoleId(String str) {
        List<String> asList = Arrays.asList(str.split(","));
        ArrayList<Integer> arrayList = new ArrayList<>();
        try {
            for (String str2 : asList) {
                if (str2 != "") {
                    arrayList.add(Integer.valueOf(Integer.parseInt(str2)));
                }
            }
            return arrayList;
        } catch (NumberFormatException e) {
            return arrayList;
        }
    }
}
