package com.cloudera.server.web.cmf;

import com.cloudera.cmf.model.DbUser;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.server.web.common.I18n;
import com.cloudera.server.web.common.JSPageController;
import com.cloudera.server.web.common.JamonModelAndView;
import com.cloudera.server.web.common.JsonResponse;
import com.google.common.collect.ImmutableMap;
import java.io.IOException;
import java.util.UUID;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;

@Controller
/* loaded from: input_file:com/cloudera/server/web/cmf/MultiUserController.class */
public class MultiUserController extends WebController {
    private static final String CSRF_TOKEN_SESSION_KEY = "com.cloudera.server.web.cmf.users.csrf";

    private String getCSRFTokenForUsersPage(HttpSession httpSession, boolean z) {
        String str = null;
        Object attribute = httpSession.getAttribute(CSRF_TOKEN_SESSION_KEY);
        if (attribute != null) {
            str = attribute.toString();
        } else if (z) {
            str = UUID.randomUUID().toString();
            httpSession.setAttribute(CSRF_TOKEN_SESSION_KEY, str);
        }
        return str;
    }

    private void checkCSRFToken(HttpSession httpSession, String str) {
        String cSRFTokenForUsersPage = getCSRFTokenForUsersPage(httpSession, false);
        if (cSRFTokenForUsersPage == null || !cSRFTokenForUsersPage.equals(str)) {
            throw new RuntimeException("CSRF Token does not match");
        }
    }

    @RequestMapping(value = {"password"}, method = {RequestMethod.GET})
    public ModelAndView password(HttpSession httpSession) throws IOException {
        String cSRFTokenForUsersPage = getCSRFTokenForUsersPage(httpSession, true);
        SimpleKOComponent simpleKOComponent = JSPageController.getSimpleKOComponent("cloudera/cmf/user/ChangePasswordModal");
        simpleKOComponent.setParameters(ImmutableMap.of("csrfToken", cSRFTokenForUsersPage));
        return JamonModelAndView.of(simpleKOComponent.makeRenderer("changePasswordModal"));
    }

    @RequestMapping(value = {"password"}, method = {RequestMethod.POST})
    @ResponseBody
    public JsonResponse<String> updateCurrentPassword(@RequestParam(value = "oldPassword", required = true) String str, @RequestParam(value = "newPassword", required = true) String str2, @RequestParam(value = "newPasswordAgain", required = true) String str3, @RequestParam(value = "csrfToken", required = true) String str4, HttpSession httpSession) {
        checkCSRFToken(httpSession, str4);
        CmfEntityManager createCmfEntityManager = createCmfEntityManager();
        String t = I18n.t("message.requireCurrentPassword");
        String t2 = I18n.t("message.requireNewPassword");
        String t3 = I18n.t("message.requireNewPasswordAgain");
        String t4 = I18n.t("message.requireSameNewPassword");
        String t5 = I18n.t("message.requireValidCurrentPassword");
        String str5 = null;
        try {
            try {
                createCmfEntityManager.begin();
                DbUser loggedInUser = this.opsManager.getLoggedInUser(createCmfEntityManager);
                if (loggedInUser == null) {
                    throw new UsernameNotFoundException("User not logged-in.");
                }
                if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2) || StringUtils.isEmpty(str3)) {
                    if (StringUtils.isEmpty(str)) {
                        str5 = t;
                    }
                    if (StringUtils.isEmpty(str2)) {
                        str5 = t2;
                    }
                    if (StringUtils.isEmpty(str3)) {
                        str5 = t3;
                    }
                } else if (!this.opsManager.isPasswordValid(createCmfEntityManager, loggedInUser, str)) {
                    str5 = t5;
                } else if (!str2.equals(str3)) {
                    str5 = t4;
                }
                if (str5 != null) {
                    createCmfEntityManager.rollback();
                    JsonResponse<String> jsonResponse = new JsonResponse<>(str5, null);
                    createCmfEntityManager.close();
                    return jsonResponse;
                }
                this.opsManager.setUserPassword(createCmfEntityManager, loggedInUser, str2);
                createCmfEntityManager.commit();
                JsonResponse<String> jsonResponse2 = new JsonResponse<>(JsonResponse.OK, I18n.t("message.passwordHasBeenChanged"));
                createCmfEntityManager.close();
                return jsonResponse2;
            } catch (UsernameNotFoundException e) {
                JsonResponse<String> jsonResponse3 = new JsonResponse<>((Throwable) e);
                createCmfEntityManager.close();
                return jsonResponse3;
            } catch (RuntimeException e2) {
                createCmfEntityManager.rollback();
                JsonResponse<String> jsonResponse4 = new JsonResponse<>(e2);
                createCmfEntityManager.close();
                return jsonResponse4;
            }
        } catch (Throwable th) {
            createCmfEntityManager.close();
            throw th;
        }
    }
}
