package org.n52.sos.web.admin;

import java.security.Principal;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.n52.sos.config.AdministratorUser;
import org.n52.sos.config.SettingDefinition;
import org.n52.sos.config.SettingValue;
import org.n52.sos.ds.ConnectionProviderException;
import org.n52.sos.exception.ConfigurationException;
import org.n52.sos.exception.JSONException;
import org.n52.sos.util.JSONUtils;
import org.n52.sos.util.StringHelper;
import org.n52.sos.web.AbstractController;
import org.n52.sos.web.auth.DefaultAdministratorUser;
import org.n52.sos.web.auth.UserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.servlet.ModelAndView;

@Controller
/* loaded from: input_file:org/n52/sos/web/admin/AdminSettingsController.class */
public class AdminSettingsController extends AbstractController {
    private static final Logger LOG = LoggerFactory.getLogger(AdminSettingsController.class);

    @Autowired
    private UserService userService;

    public UserService getUserService() {
        return this.userService;
    }

    public void setUserService(UserService userService) {
        this.userService = userService;
    }

    @ExceptionHandler({BadCredentialsException.class})
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    @ResponseBody
    public String unauthorized(BadCredentialsException badCredentialsException) {
        return badCredentialsException.getMessage();
    }

    @RequestMapping(value = {"/admin/settings"}, method = {RequestMethod.GET})
    public ModelAndView displaySettings(Principal principal) throws ConfigurationException, JSONException, ConnectionProviderException {
        HashMap hashMap = new HashMap(2);
        hashMap.put(AdminDatasourceSettingsController.SETTINGS, getSettingsJsonString());
        hashMap.put("admin_username", principal.getName());
        return new ModelAndView("admin/settings", hashMap);
    }

    @RequestMapping(value = {"/admin/settings"}, method = {RequestMethod.POST})
    public void updateSettings(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal) throws AuthenticationException, ConfigurationException {
        LOG.info("Updating Settings");
        try {
            updateAdminUser(httpServletRequest, principal);
            updateSettings(httpServletRequest);
        } catch (ConnectionProviderException e) {
            LOG.error("Error saving settings", e);
            throw new RuntimeException(e.getMessage());
        }
    }

    @RequestMapping(value = {"/admin/settings.json"}, method = {RequestMethod.GET}, produces = {"application/json; charset=UTF-8"})
    @ResponseBody
    public String dump() {
        try {
            return getSettingsJsonString();
        } catch (Exception e) {
            LOG.error("Could not load settings", e);
            throw new RuntimeException(e);
        }
    }

    private String getSettingsJsonString() throws ConfigurationException, JSONException, ConnectionProviderException {
        return JSONUtils.print(toJSONValueMap(getSettingsManager().getSettings()));
    }

    private void logSettings(Collection<SettingValue<?>> collection) {
        if (LOG.isDebugEnabled()) {
            for (SettingValue<?> settingValue : collection) {
                LOG.info("Saving Setting: ('{}'({}) => '{}')", new Object[]{settingValue.getKey(), settingValue.getType(), settingValue.getValue()});
            }
        }
    }

    private void updateSettings(HttpServletRequest httpServletRequest) throws ConnectionProviderException {
        HashMap hashMap = new HashMap();
        for (SettingDefinition settingDefinition : getSettingsManager().getSettingDefinitions()) {
            hashMap.put(settingDefinition, getSettingsManager().getSettingFactory().newSettingValue(settingDefinition, httpServletRequest.getParameter(settingDefinition.getKey())));
        }
        logSettings(hashMap.values());
        Iterator it = hashMap.values().iterator();
        while (it.hasNext()) {
            getSettingsManager().changeSetting((SettingValue) it.next());
        }
    }

    private void updateAdminUser(HttpServletRequest httpServletRequest, Principal principal) throws AuthenticationException, ConfigurationException {
        updateAdminUser(httpServletRequest, httpServletRequest.getParameter("admin_password"), httpServletRequest.getParameter("admin_username"), httpServletRequest.getParameter("current_password"), principal.getName());
    }

    private void updateAdminUser(HttpServletRequest httpServletRequest, String str, String str2, String str3, String str4) throws AuthenticationException, ConfigurationException {
        if (StringHelper.isNotEmpty(str) || !str4.equals(str2)) {
            if (str3 == null) {
                throw new BadCredentialsException("You have to submit your current password.");
            }
            AdministratorUser authenticate = getUserService().authenticate(str4, str3);
            if (authenticate instanceof DefaultAdministratorUser) {
                getUserService().createAdmin(str2, str);
                HttpSession session = httpServletRequest.getSession(false);
                if (session != null) {
                    session.invalidate();
                }
                SecurityContextHolder.clearContext();
                return;
            }
            if (!str3.equals(str)) {
                getUserService().setAdminPassword(authenticate, str);
            }
            if (str4.equals(str2)) {
                return;
            }
            getUserService().setAdminUserName(authenticate, str2);
        }
    }
}
