package org.adullact.iparapheur.repo.jscript;

import com.atolcd.parapheur.model.ParapheurModel;
import com.atolcd.parapheur.repo.ParapheurService;
import com.atolcd.parapheur.repo.admin.UsersService;
import java.io.ByteArrayInputStream;
import java.io.Serializable;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.TreeSet;
import javax.transaction.UserTransaction;
import org.adullact.iparapheur.domain.CertificatesDAO;
import org.adullact.iparapheur.repo.notification.socket.SocketServer;
import org.adullact.iparapheur.repo.worker.WorkerService;
import org.adullact.iparapheur.util.NativeUtils;
import org.adullact.iparapheur.util.X509Util;
import org.adullact.libersign.util.signature.PKCS7VerUtil;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.jscript.BaseScopableProcessorExtension;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authority.script.ScriptGroup;
import org.alfresco.repo.security.authority.script.ScriptUser;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.namespace.QName;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.Pair;
import org.apache.log4j.Logger;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.mozilla.javascript.NativeArray;
import org.mozilla.javascript.NativeObject;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:org/adullact/iparapheur/repo/jscript/UsersServiceScriptable.class */
public class UsersServiceScriptable extends BaseScopableProcessorExtension {
    private static final Logger log = Logger.getLogger(UsersServiceScriptable.class);

    @Autowired
    private UsersService usersService;

    @Autowired
    private NodeService nodeService;

    @Autowired
    private TenantService tenantService;

    @Autowired
    private PersonService personService;

    @Autowired
    private NamespaceService namespaceService;

    @Autowired
    private ParapheurService parapheurService;

    @Autowired
    private CertificatesDAO certificatesDAO;

    @Autowired
    private AuthorityService authorityService;

    @Autowired
    private TransactionService transactionService;

    /* loaded from: input_file:org/adullact/iparapheur/repo/jscript/UsersServiceScriptable$ADMIN_ROLE.class */
    private enum ADMIN_ROLE {
        admin,
        adminFonctionnel,
        aucun
    }

    public String createUser(String str, String str2, String str3, String str4, String str5) {
        return this.usersService.createUser(str, str2, str3, str4, str5);
    }

    public void deleteUser(String str) {
        NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, str);
        if (this.nodeService.exists(nodeRef)) {
            this.usersService.deleteUser(nodeRef);
        }
    }

    public void export() {
        this.usersService.export();
    }

    public String getCurrentUsername() {
        return AuthenticationUtil.getRunAsUser();
    }

    public JSONObject getTicketForUser(String str) throws Exception {
        JSONObject jSONObject = new JSONObject();
        Pair<String, String> ticketForUser = this.usersService.getTicketForUser(str);
        jSONObject.put(WorkerService.USERNAME, ticketForUser.getFirst());
        jSONObject.put("ticket", ticketForUser.getSecond());
        return jSONObject;
    }

    public JSONObject getTicket(String str) throws Exception {
        JSONObject jSONObject = new JSONObject();
        X509Certificate[] x509CertificateArr = null;
        Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(PKCS7VerUtil.pem2der(str.replace('\t', '\n').getBytes(), X509Util.beginString.getBytes(), X509Util.endString.getBytes())));
        if (generateCertificates != null && generateCertificates.size() > 0) {
            x509CertificateArr = new X509Certificate[generateCertificates.size()];
            generateCertificates.toArray(x509CertificateArr);
        }
        Pair<String, String> ticketWithCertificate = this.usersService.getTicketWithCertificate(x509CertificateArr);
        jSONObject.put(WorkerService.USERNAME, ticketWithCertificate.getFirst());
        jSONObject.put("ticket", ticketWithCertificate.getSecond());
        return jSONObject;
    }

    public JSONArray getUsers(String str) {
        JSONArray jSONArray = new JSONArray();
        if (str == null || str.trim().isEmpty()) {
            UserTransaction userTransaction = null;
            try {
                userTransaction = this.transactionService.getUserTransaction(true);
                userTransaction.begin();
                Iterator it = this.nodeService.getChildAssocs(this.personService.getPeopleContainer()).iterator();
                while (it.hasNext()) {
                    NodeRef childRef = ((ChildAssociationRef) it.next()).getChildRef();
                    if (this.nodeService.getType(childRef).equals(ContentModel.TYPE_PERSON)) {
                        String str2 = (String) this.nodeService.getProperty(childRef, ContentModel.PROP_USERNAME);
                        if (!"guest".equals(this.tenantService.getBaseNameUser(str2)) && !"System".equals(this.tenantService.getBaseNameUser(str2))) {
                            boolean z = false;
                            Iterator it2 = this.nodeService.getParentAssocs(childRef).iterator();
                            while (true) {
                                if (!it2.hasNext()) {
                                    break;
                                }
                                if (((String) this.nodeService.getProperty(((ChildAssociationRef) it2.next()).getParentRef(), ContentModel.PROP_NAME)).contains("AUTH.EXT")) {
                                    z = true;
                                    break;
                                }
                            }
                            jSONArray.put(new JSONObject().put("id", childRef.getId()).put(WorkerService.USERNAME, str2).putOpt("firstName", this.nodeService.getProperty(childRef, ContentModel.PROP_FIRSTNAME)).putOpt("lastName", this.nodeService.getProperty(childRef, ContentModel.PROP_LASTNAME)).putOpt("email", this.nodeService.getProperty(childRef, ContentModel.PROP_EMAIL)).putOpt("metadata", this.nodeService.getProperty(childRef, ContentModel.PROP_ORGID)).putOpt("isAdmin", Boolean.valueOf(this.usersService.isAdministrateur(str2))).putOpt("isAdminFonctionnel", Boolean.valueOf(this.usersService.isAdministrateurFonctionnel(str2))).putOpt("hasCertificate", Boolean.valueOf(this.usersService.hasCertificat(childRef))).putOpt("isProprietaire", Boolean.valueOf(this.usersService.isProprietaire(str2))).putOpt("isSecretaire", Boolean.valueOf(this.usersService.isSecretaire(str2))).putOpt("isFromLdap", Boolean.valueOf(z)));
                        }
                    }
                }
                userTransaction.commit();
            } catch (Exception e) {
                log.warn("Unable to build User's JSON ", e);
                if (userTransaction != null) {
                    try {
                        userTransaction.rollback();
                    } catch (Exception e2) {
                        log.warn("Unable to rollback transaction", e2);
                    }
                }
            }
        } else {
            for (NodeRef nodeRef : this.usersService.searchUser(str.trim())) {
                String str3 = (String) this.nodeService.getProperty(nodeRef, ContentModel.PROP_USERNAME);
                boolean z2 = false;
                Iterator it3 = this.nodeService.getParentAssocs(nodeRef).iterator();
                while (it3.hasNext()) {
                    if (((String) this.nodeService.getProperty(((ChildAssociationRef) it3.next()).getParentRef(), ContentModel.PROP_NAME)).contains("AUTH.EXT")) {
                        z2 = true;
                        break;
                    }
                }
                try {
                    jSONArray.put(new JSONObject().put("id", nodeRef.getId()).put(WorkerService.USERNAME, str3).putOpt("firstName", this.nodeService.getProperty(nodeRef, ContentModel.PROP_FIRSTNAME)).putOpt("lastName", this.nodeService.getProperty(nodeRef, ContentModel.PROP_LASTNAME)).putOpt("email", this.nodeService.getProperty(nodeRef, ContentModel.PROP_EMAIL)).putOpt("metadata", this.nodeService.getProperty(nodeRef, ContentModel.PROP_ORGID)).putOpt("isAdmin", Boolean.valueOf(this.usersService.isAdministrateur(str3))).putOpt("isAdminFonctionnel", Boolean.valueOf(this.usersService.isAdministrateurFonctionnel(str3))).putOpt("hasCertificate", Boolean.valueOf(this.usersService.hasCertificat(nodeRef))).putOpt("isProprietaire", Boolean.valueOf(this.usersService.isProprietaire(str3))).putOpt("isSecretaire", Boolean.valueOf(this.usersService.isSecretaire(str3))).putOpt("isFromLdap", Boolean.valueOf(z2)));
                } catch (JSONException e3) {
                    log.warn("Unable to build User's JSON", e3);
                }
            }
        }
        return jSONArray;
    }

    public void removeUserFromGroup(String str, String str2) {
        NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, str);
        if (this.nodeService.exists(nodeRef)) {
            try {
                this.authorityService.removeAuthority("GROUP_" + str2, (String) this.nodeService.getProperty(nodeRef, ContentModel.PROP_USERNAME));
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }

    public JSONObject getUser(String str) {
        X509Certificate x509CertificateFromString;
        JSONObject jSONObject = new JSONObject();
        NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, str);
        if (this.nodeService.exists(nodeRef)) {
            try {
                String str2 = (String) this.nodeService.getProperty(nodeRef, ContentModel.PROP_USERNAME);
                boolean z = false;
                Iterator it = this.nodeService.getParentAssocs(nodeRef).iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (((String) this.nodeService.getProperty(((ChildAssociationRef) it.next()).getParentRef(), ContentModel.PROP_NAME)).contains("AUTH.EXT")) {
                        z = true;
                        break;
                    }
                }
                jSONObject.put("id", nodeRef.getId()).put(WorkerService.USERNAME, str2).put("firstName", this.nodeService.getProperty(nodeRef, ContentModel.PROP_FIRSTNAME)).put("lastName", this.nodeService.getProperty(nodeRef, ContentModel.PROP_LASTNAME)).put("email", this.nodeService.getProperty(nodeRef, ContentModel.PROP_EMAIL)).put("metadata", this.nodeService.getProperty(nodeRef, ContentModel.PROP_ORGID)).putOpt("isFromLdap", Boolean.valueOf(z));
                if (this.usersService.isAdministrateur(str2)) {
                    jSONObject.put("admin", ADMIN_ROLE.admin.toString());
                } else if (this.usersService.isAdministrateurFonctionnel(str2)) {
                    jSONObject.put("admin", ADMIN_ROLE.adminFonctionnel.toString());
                } else {
                    jSONObject.put("admin", ADMIN_ROLE.aucun.toString());
                }
                String signature = this.usersService.getSignature(nodeRef);
                if (signature != null) {
                    jSONObject.put("signature", signature);
                }
                Set<String> authoritiesForUser = this.authorityService.getAuthoritiesForUser(str2);
                TreeSet treeSet = new TreeSet();
                for (String str3 : authoritiesForUser) {
                    if (!str3.contains("ROLE") && !str3.equals("GROUP_EVERYONE")) {
                        Iterator it2 = new ArrayList(Arrays.asList(new ScriptGroup(str3, this.authorityService).getChildUsers())).iterator();
                        while (it2.hasNext()) {
                            if (((ScriptUser) it2.next()).getShortName().equals(str2)) {
                                treeSet.add(str3.replace("GROUP_", ""));
                            }
                        }
                    }
                }
                jSONObject.put("groups", (Collection) treeSet);
                String str4 = (String) this.nodeService.getProperty(nodeRef, ParapheurModel.PROP_ID_CERTIFICAT);
                if (str4 != null && (x509CertificateFromString = X509Util.getX509CertificateFromString(this.usersService.getCertificat(nodeRef))) != null) {
                    jSONObject.put("certificat", new JSONObject(X509Util.getUsefulCertProps(x509CertificateFromString)).put("id", str4));
                }
            } catch (JSONException e) {
                e.printStackTrace();
            }
        }
        return jSONObject;
    }

    public HashMap<String, String> getUserFromUserName(String str) {
        HashMap<String, String> hashMap = new HashMap<>();
        NodeRef person = this.personService.getPerson(str, false);
        try {
            hashMap.put("id", person.toString());
            hashMap.put("userName", str);
            hashMap.put("firstName", (String) this.nodeService.getProperty(person, ContentModel.PROP_FIRSTNAME));
            hashMap.put("lastName", (String) this.nodeService.getProperty(person, ContentModel.PROP_LASTNAME));
            hashMap.put("email", (String) this.nodeService.getProperty(person, ContentModel.PROP_EMAIL));
        } catch (Exception e) {
        }
        return hashMap;
    }

    public JSONArray getBureaux(String str) {
        JSONArray jSONArray = new JSONArray();
        NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, str);
        if (this.nodeService.exists(nodeRef)) {
            String str2 = (String) this.nodeService.getProperty(nodeRef, ContentModel.PROP_USERNAME);
            for (NodeRef nodeRef2 : this.usersService.getBureauxProprietaire(str2)) {
                try {
                    jSONArray.put(new JSONObject().put("id", nodeRef2.getId()).put("title", this.nodeService.getProperty(nodeRef2, ContentModel.PROP_TITLE)).put("isProprietaire", true).put("isSecretaire", false));
                } catch (JSONException e) {
                }
            }
            for (NodeRef nodeRef3 : this.usersService.getBureauxSecretaire(str2)) {
                try {
                    jSONArray.put(new JSONObject().put("id", nodeRef3.getId()).put("title", this.nodeService.getProperty(nodeRef3, ContentModel.PROP_TITLE)).put("isProprietaire", false).put("isSecretaire", true));
                } catch (JSONException e2) {
                }
            }
        }
        return jSONArray;
    }

    public JSONArray getBureauxAdministres(String str) {
        JSONArray jSONArray = new JSONArray();
        NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, str);
        if (this.nodeService.exists(nodeRef)) {
            Iterator<NodeRef> it = this.parapheurService.getAllManagedParapheursByOpAdmin((String) this.nodeService.getProperty(nodeRef, ContentModel.PROP_USERNAME)).iterator();
            while (it.hasNext()) {
                jSONArray.put(it.next().getId());
            }
        }
        return jSONArray;
    }

    public void removeUserFromBureau(String str, String str2, boolean z) {
        NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, str);
        NodeRef nodeRef2 = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, str2);
        if (this.nodeService.exists(nodeRef) && this.nodeService.exists(nodeRef2)) {
            this.usersService.removeUserFromBureau(nodeRef, nodeRef2, z);
        }
    }

    public void addUserToBureau(String str, String str2, boolean z) {
        NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, str);
        NodeRef nodeRef2 = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, str2);
        if (this.nodeService.exists(nodeRef) && this.nodeService.exists(nodeRef2)) {
            this.usersService.addUserToBureau(nodeRef, nodeRef2, z);
        }
    }

    public boolean isAdministrateur(String str) {
        return this.usersService.isAdministrateur(str);
    }

    public void updateUser(String str, NativeObject nativeObject, NativeObject nativeObject2) {
        NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, str);
        if (this.nodeService.exists(nodeRef)) {
            NativeObjectMapAdapter nativeObjectMapAdapter = new NativeObjectMapAdapter(nativeObject);
            NativeObjectMapAdapter nativeObjectMapAdapter2 = new NativeObjectMapAdapter(nativeObject2);
            HashMap<QName, Serializable> hashMap = new HashMap<>();
            hashMap.put(ContentModel.PROP_MODIFIED, new Date());
            String str2 = null;
            String str3 = null;
            boolean z = false;
            String str4 = null;
            boolean z2 = false;
            List<String> list = null;
            for (Object obj : nativeObjectMapAdapter.keySet()) {
                Object obj2 = nativeObjectMapAdapter2.get(obj);
                Object obj3 = nativeObjectMapAdapter.get(obj);
                if (obj2 != null) {
                    hashMap.put(QName.createQName((String) obj2, this.namespaceService), (Serializable) obj3);
                } else if (obj.equals("admin")) {
                    str2 = (String) obj3;
                } else if (obj.equals("bureauxAdministres")) {
                    NativeArray nativeArray = (NativeArray) obj3;
                    if (nativeArray != null) {
                        list = NativeUtils.nativeArrayToString(nativeArray);
                    }
                } else if (obj.equals("signatureData")) {
                    str3 = (String) obj3;
                } else if (obj.equals("signature")) {
                    z = ((String) obj3).isEmpty();
                } else if (obj.equals("certificat")) {
                    NativeObjectMapAdapter nativeObjectMapAdapter3 = new NativeObjectMapAdapter((NativeObject) obj3);
                    z2 = nativeObjectMapAdapter3.isEmpty();
                    if (!z2 && nativeObjectMapAdapter3.containsKey("content")) {
                        str4 = (String) nativeObjectMapAdapter3.get("content");
                    }
                }
            }
            this.usersService.updateUser(nodeRef, hashMap);
            if (str2 != null) {
                String str5 = (String) this.nodeService.getProperty(nodeRef, ContentModel.PROP_USERNAME);
                removeAdminRole(str5);
                if (str2.equals(ADMIN_ROLE.adminFonctionnel.name())) {
                    if (list != null) {
                        setAdminFonctionnel(str5, list);
                    }
                } else if (str2.equals(ADMIN_ROLE.admin.name())) {
                    addToAdminGroup(str5);
                }
            } else {
                String str6 = (String) this.nodeService.getProperty(nodeRef, ContentModel.PROP_USERNAME);
                if (list != null && this.usersService.isAdministrateurFonctionnel(str6)) {
                    setAdminFonctionnel(str6, list);
                }
            }
            if (z) {
                this.usersService.deleteSignature(nodeRef);
            } else if (str3 != null) {
                this.usersService.setSignature(nodeRef, str3);
            }
            if (z2) {
                this.usersService.deleteCertificat(nodeRef);
            } else if (str4 != null) {
                this.usersService.setCertificat(nodeRef, str4);
            }
        }
    }

    private void removeAdminRole(String str) {
        if (this.usersService.isAdministrateur(str)) {
            this.usersService.removeFromAdminGroup(str);
        }
        if (this.usersService.isAdministrateurFonctionnel(str)) {
            this.parapheurService.setPHAdminAuthoritiesForUser(str, null);
        }
    }

    public boolean isAdminFonctionnel(String str) {
        return this.usersService.isAdministrateurFonctionnel(str);
    }

    public boolean isGestionnaireCircuit(String str) {
        return this.usersService.isGestionnaireCircuit(str);
    }

    private void addToAdminGroup(String str) {
        this.usersService.addToAdminGroup(str);
    }

    private void setAdminFonctionnel(String str, List<String> list) {
        this.parapheurService.setPHAdminAuthoritiesForUser(str, list);
    }

    public String getUsername(String str) {
        NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, str);
        String str2 = null;
        if (this.nodeService.exists(nodeRef)) {
            str2 = (String) this.nodeService.getProperty(nodeRef, ContentModel.PROP_USERNAME);
        }
        return str2;
    }

    public List<String> getConnectedUsers() {
        return SocketServer.getUsers();
    }
}
