package edu.internet2.middleware.grouper.grouperUi.serviceLogic;

import edu.internet2.middleware.grouper.Field;
import edu.internet2.middleware.grouper.FieldFinder;
import edu.internet2.middleware.grouper.FieldType;
import edu.internet2.middleware.grouper.Group;
import edu.internet2.middleware.grouper.GroupFinder;
import edu.internet2.middleware.grouper.GroupSave;
import edu.internet2.middleware.grouper.GrouperSession;
import edu.internet2.middleware.grouper.Member;
import edu.internet2.middleware.grouper.MemberFinder;
import edu.internet2.middleware.grouper.MembershipFinder;
import edu.internet2.middleware.grouper.Stem;
import edu.internet2.middleware.grouper.StemFinder;
import edu.internet2.middleware.grouper.SubjectFinder;
import edu.internet2.middleware.grouper.attr.AttributeDef;
import edu.internet2.middleware.grouper.authentication.GrouperPassword;
import edu.internet2.middleware.grouper.authentication.GrouperPasswordSave;
import edu.internet2.middleware.grouper.exception.GroupDeleteException;
import edu.internet2.middleware.grouper.exception.GrouperSessionException;
import edu.internet2.middleware.grouper.exception.GrouperValidationException;
import edu.internet2.middleware.grouper.exception.InsufficientPrivilegeException;
import edu.internet2.middleware.grouper.group.TypeOfGroup;
import edu.internet2.middleware.grouper.grouperUi.beans.api.GuiMembershipSubjectContainer;
import edu.internet2.middleware.grouper.grouperUi.beans.json.GuiPaging;
import edu.internet2.middleware.grouper.grouperUi.beans.json.GuiResponseJs;
import edu.internet2.middleware.grouper.grouperUi.beans.json.GuiScreenAction;
import edu.internet2.middleware.grouper.grouperUi.beans.ui.GroupContainer;
import edu.internet2.middleware.grouper.grouperUi.beans.ui.GrouperRequestContainer;
import edu.internet2.middleware.grouper.grouperUi.beans.ui.GuiGrouperPassword;
import edu.internet2.middleware.grouper.grouperUi.beans.ui.TextContainer;
import edu.internet2.middleware.grouper.hooks.examples.MembershipCannotAddSelfToGroupHook;
import edu.internet2.middleware.grouper.internal.dao.QueryOptions;
import edu.internet2.middleware.grouper.membership.MembershipSubjectContainer;
import edu.internet2.middleware.grouper.membership.MembershipType;
import edu.internet2.middleware.grouper.misc.GrouperDAOFactory;
import edu.internet2.middleware.grouper.misc.GrouperSessionHandler;
import edu.internet2.middleware.grouper.misc.SaveMode;
import edu.internet2.middleware.grouper.misc.SaveResultType;
import edu.internet2.middleware.grouper.privs.AccessPrivilege;
import edu.internet2.middleware.grouper.privs.NamingPrivilege;
import edu.internet2.middleware.grouper.privs.Privilege;
import edu.internet2.middleware.grouper.subj.SubjectHelper;
import edu.internet2.middleware.grouper.ui.GrouperUiFilter;
import edu.internet2.middleware.grouper.ui.tags.GrouperPagingTag2;
import edu.internet2.middleware.grouper.ui.util.GrouperUiUserData;
import edu.internet2.middleware.grouper.ui.util.GrouperUiUtils;
import edu.internet2.middleware.grouper.userData.GrouperUserDataApi;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.subject.Subject;
import edu.internet2.middleware.subject.SubjectNotUniqueException;
import java.sql.Timestamp;
import java.util.LinkedHashSet;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.ehcache.config.TimeoutBehaviorConfiguration;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;

/* loaded from: input_file:WEB-INF/lib/grouper-ui-4.9.2.jar:edu/internet2/middleware/grouper/grouperUi/serviceLogic/UiV2LocalEntity.class */
public class UiV2LocalEntity {
    protected static final Log LOG = GrouperUtil.getLog(UiV2LocalEntity.class);

    public void newLocalEntity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        GrouperSession grouperSession = null;
        try {
            grouperSession = GrouperSession.start(GrouperUiFilter.retrieveSubjectLoggedIn());
            String parameter = httpServletRequest.getParameter("objectStemId");
            Pattern compile = Pattern.compile("^[a-zA-Z0-9-_]+$");
            if (!StringUtils.isBlank(parameter) && compile.matcher(parameter).matches()) {
                GrouperRequestContainer.retrieveFromRequestOrCreate().getStemContainer().setObjectStemId(parameter);
            }
            UiV2Stem.retrieveStemHelper(httpServletRequest, false, false, false).getStem();
            GuiResponseJs.retrieveGuiResponseJs().addAction(GuiScreenAction.newInnerHtmlFromJsp("#grouperMainContentDivId", "/WEB-INF/grouperUi2/localEntity/newLocalEntity.jsp"));
            GrouperSession.stopQuietly(grouperSession);
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public void newLocalEntitySubmit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
        try {
            try {
                GrouperSession start = GrouperSession.start(retrieveSubjectLoggedIn);
                boolean booleanValue = GrouperUtil.booleanValue(httpServletRequest.getParameter("nameDifferentThanId[]"), false);
                String parameter = httpServletRequest.getParameter("displayExtension");
                String parameter2 = booleanValue ? httpServletRequest.getParameter("extension") : parameter;
                String parameter3 = httpServletRequest.getParameter("description");
                boolean booleanValue2 = GrouperUtil.booleanValue(httpServletRequest.getParameter("privileges_viewers[]"), false);
                boolean booleanValue3 = GrouperUtil.booleanValue(httpServletRequest.getParameter("privileges_groupAttrReaders[]"), false);
                TypeOfGroup typeOfGroup = TypeOfGroup.entity;
                String parameter4 = httpServletRequest.getParameter("parentFolderComboName");
                if (StringUtils.isBlank(parameter4)) {
                    parameter4 = httpServletRequest.getParameter("parentFolderComboNameDisplay");
                }
                if (StringUtils.isBlank(parameter4)) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#parentFolderComboErrorId", TextContainer.retrieveFromRequest().getText().get("groupCreateRequiredParentStemId")));
                    GrouperSession.stopQuietly(start);
                    return;
                }
                Stem findStem = new StemFinder().assignPrivileges(NamingPrivilege.CREATE_PRIVILEGES).assignSubject(retrieveSubjectLoggedIn).assignScope(parameter4).assignFindByUuidOrName(true).findStem();
                if (findStem == null) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#parentFolderComboErrorId", TextContainer.retrieveFromRequest().getText().get("groupCreateCantFindParentStemId")));
                    GrouperSession.stopQuietly(start);
                    return;
                }
                if (StringUtils.isBlank(parameter)) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#groupName", TextContainer.retrieveFromRequest().getText().get("localEntityCreateErrorDisplayExtensionRequired")));
                    GrouperSession.stopQuietly(start);
                    return;
                }
                if (StringUtils.isBlank(parameter2)) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#groupId", TextContainer.retrieveFromRequest().getText().get("localEntityCreateErrorExtensionRequired")));
                    GrouperSession.stopQuietly(start);
                    return;
                }
                if (findStem.isRootStem()) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#parentFolderComboErrorId", TextContainer.retrieveFromRequest().getText().get("localEntityCreateCantCreateInRoot")));
                    GrouperSession.stopQuietly(start);
                    return;
                }
                final String str = findStem.getName() + ":" + parameter2;
                Group group = (Group) GrouperSession.callbackGrouperSession(start.internal_getRootSession(), new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2LocalEntity.1
                    @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
                    public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                        return GroupFinder.findByName(grouperSession, str, false);
                    }
                });
                if (group != null) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, booleanValue ? "#groupId" : "#groupName", TextContainer.retrieveFromRequest().getText().get("groupCreateCantCreateAlreadyExists")));
                    GrouperSession.stopQuietly(start);
                    return;
                }
                try {
                    group = new GroupSave(start).assignName(str).assignSaveMode(SaveMode.INSERT).assignDisplayExtension(parameter).assignDescription(parameter3).assignTypeOfGroup(typeOfGroup).assignPrivAllAttrRead(booleanValue3).assignPrivAllView(booleanValue2).save();
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newScript("guiV2link('operation=UiV2Subject.viewSubject&sourceId=grouperEntities&subjectId=" + group.getId() + "')"));
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.success, TextContainer.retrieveFromRequest().getText().get("localEntityCreateSuccess")));
                    GrouperUserDataApi.recentlyUsedGroupAdd(GrouperUiUserData.grouperUiGroupNameForUserData(), retrieveSubjectLoggedIn, group);
                    GrouperSession.stopQuietly(start);
                } catch (GrouperValidationException e) {
                    UiV2Group.handleGrouperValidationException(retrieveGuiResponseJs, e);
                    GrouperSession.stopQuietly(start);
                } catch (InsufficientPrivilegeException e2) {
                    LOG.warn("Insufficient privilege exception for local entity create: " + SubjectHelper.getPretty(retrieveSubjectLoggedIn), e2);
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("groupCreateInsufficientPrivileges")));
                    GrouperSession.stopQuietly(start);
                } catch (Exception e3) {
                    LOG.warn("Error creating local entity: " + SubjectHelper.getPretty(retrieveSubjectLoggedIn) + ", " + group, e3);
                    if (GrouperUiUtils.vetoHandle(retrieveGuiResponseJs, e3)) {
                        GrouperSession.stopQuietly(start);
                    } else {
                        retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("localEntityCreateError") + ": " + GrouperUtil.xmlEscape(e3.getMessage(), true)));
                        GrouperSession.stopQuietly(start);
                    }
                }
            } catch (RuntimeException e4) {
                if (!GrouperUiUtils.vetoHandle(GuiResponseJs.retrieveGuiResponseJs(), e4)) {
                    throw e4;
                }
                GrouperSession.stopQuietly(null);
            }
        } catch (Throwable th) {
            GrouperSession.stopQuietly(null);
            throw th;
        }
    }

    public void localEntityPrivileges(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        GrouperSession grouperSession = null;
        try {
            grouperSession = GrouperSession.start(GrouperUiFilter.retrieveSubjectLoggedIn());
            Group group = UiV2Group.retrieveGroupHelper(httpServletRequest, AccessPrivilege.ADMIN).getGroup();
            if (group == null) {
                GrouperSession.stopQuietly(grouperSession);
            } else {
                if (UiV2Subject.retrieveSubjectHelper(httpServletRequest, true) == null) {
                    GrouperSession.stopQuietly(grouperSession);
                    return;
                }
                GuiResponseJs.retrieveGuiResponseJs().addAction(GuiScreenAction.newInnerHtmlFromJsp("#grouperMainContentDivId", "/WEB-INF/grouperUi2/localEntity/localEntityPrivileges.jsp"));
                filterPrivilegesHelper(httpServletRequest, httpServletResponse, group);
                GrouperSession.stopQuietly(grouperSession);
            }
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public void filterPrivileges(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        GrouperSession grouperSession = null;
        try {
            grouperSession = GrouperSession.start(GrouperUiFilter.retrieveSubjectLoggedIn());
            Group group = UiV2Group.retrieveGroupHelper(httpServletRequest, AccessPrivilege.ADMIN).getGroup();
            if (group == null) {
                GrouperSession.stopQuietly(grouperSession);
            } else if (UiV2Subject.retrieveSubjectHelper(httpServletRequest, true) == null) {
                GrouperSession.stopQuietly(grouperSession);
            } else {
                filterPrivilegesHelper(httpServletRequest, httpServletResponse, group);
                GrouperSession.stopQuietly(grouperSession);
            }
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    private void filterPrivilegesHelper(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Group group) {
        GrouperRequestContainer retrieveFromRequestOrCreate = GrouperRequestContainer.retrieveFromRequestOrCreate();
        GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
        String parameter = httpServletRequest.getParameter("privilegeFilterText");
        String parameter2 = httpServletRequest.getParameter("privilegeField");
        Field field = null;
        if (!StringUtils.isBlank(parameter2)) {
            field = FieldFinder.find(parameter2, true);
        }
        String parameter3 = httpServletRequest.getParameter("privilegeMembershipType");
        MembershipType membershipType = null;
        if (!StringUtils.isBlank(parameter3)) {
            membershipType = MembershipType.valueOfIgnoreCase(parameter3, true);
        }
        GuiPaging privilegeGuiPaging = retrieveFromRequestOrCreate.getGroupContainer().getPrivilegeGuiPaging();
        QueryOptions queryOptions = new QueryOptions();
        GrouperPagingTag2.processRequest(httpServletRequest, privilegeGuiPaging, queryOptions);
        MembershipFinder assignSplitScopeForMember = new MembershipFinder().addGroupId(group.getId()).assignCheckSecurity(true).assignFieldType(FieldType.ACCESS).assignEnabled(true).assignHasFieldForMember(true).assignHasMembershipTypeForMember(true).assignQueryOptionsForMember(queryOptions).assignSplitScopeForMember(true);
        if (membershipType != null) {
            assignSplitScopeForMember.assignMembershipType(membershipType);
        }
        if (field != null) {
            assignSplitScopeForMember.assignField(field);
        }
        if (!StringUtils.isBlank(parameter)) {
            assignSplitScopeForMember.assignScopeForMember(parameter);
        }
        Set<MembershipSubjectContainer> membershipSubjectContainers = assignSplitScopeForMember.findMembershipResult().getMembershipSubjectContainers();
        MembershipSubjectContainer.considerAccessPrivilegeInheritance(membershipSubjectContainers);
        retrieveFromRequestOrCreate.getGroupContainer().setPrivilegeGuiMembershipSubjectContainers(GuiMembershipSubjectContainer.convertFromMembershipSubjectContainers(membershipSubjectContainers));
        privilegeGuiPaging.setTotalRecordCount(queryOptions.getQueryPaging().getTotalRecordCount());
        retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#groupPrivilegeFilterResultsId", "/WEB-INF/grouperUi2/localEntity/localEntityPrivilegeContents.jsp"));
    }

    public void localEntityDelete(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        GrouperSession grouperSession = null;
        try {
            grouperSession = GrouperSession.start(GrouperUiFilter.retrieveSubjectLoggedIn());
            if (UiV2Group.retrieveGroupHelper(httpServletRequest, AccessPrivilege.ADMIN).getGroup() == null) {
                GrouperSession.stopQuietly(grouperSession);
            } else if (UiV2Subject.retrieveSubjectHelper(httpServletRequest, true) == null) {
                GrouperSession.stopQuietly(grouperSession);
            } else {
                GuiResponseJs.retrieveGuiResponseJs().addAction(GuiScreenAction.newInnerHtmlFromJsp("#grouperMainContentDivId", "/WEB-INF/grouperUi2/localEntity/localEntityDelete.jsp"));
                GrouperSession.stopQuietly(grouperSession);
            }
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public void localEntityDeleteSubmit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        try {
            try {
                GrouperSession start = GrouperSession.start(retrieveSubjectLoggedIn);
                Group group = UiV2Group.retrieveGroupHelper(httpServletRequest, AccessPrivilege.ADMIN).getGroup();
                if (group == null) {
                    GrouperSession.stopQuietly(start);
                    return;
                }
                if (UiV2Subject.retrieveSubjectHelper(httpServletRequest, true) == null) {
                    GrouperSession.stopQuietly(start);
                    return;
                }
                String parentUuid = group.getParentUuid();
                GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
                try {
                    group.delete();
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newScript("guiV2link('operation=UiV2Stem.viewStem&stemId=" + parentUuid + "')"));
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.success, TextContainer.retrieveFromRequest().getText().get("localEntityDeleteSuccess")));
                    GrouperUserDataApi.recentlyUsedGroupRemove(GrouperUiUserData.grouperUiGroupNameForUserData(), retrieveSubjectLoggedIn, group);
                    GrouperSession.stopQuietly(start);
                } catch (GroupDeleteException e) {
                    LOG.warn("Error deleting local entity: " + SubjectHelper.getPretty(retrieveSubjectLoggedIn) + ", " + group, e);
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newScript("guiV2link('operation=UiV2Subject.viewSubject&sourceId=grouperEntities&subjectId=" + group.getId() + "')"));
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("localEntityErrorCantDelete")));
                    GrouperSession.stopQuietly(start);
                } catch (InsufficientPrivilegeException e2) {
                    LOG.warn("Insufficient privilege exception for local entity delete: " + SubjectHelper.getPretty(retrieveSubjectLoggedIn), e2);
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newScript("guiV2link('operation=UiV2Subject.viewSubject&sourceId=grouperEntities&subjectId=" + group.getId() + "')"));
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("localEntityDeleteInsufficientPrivileges")));
                    GrouperSession.stopQuietly(start);
                }
            } catch (RuntimeException e3) {
                if (!GrouperUiUtils.vetoHandle(GuiResponseJs.retrieveGuiResponseJs(), e3)) {
                    throw e3;
                }
                GrouperSession.stopQuietly(null);
            }
        } catch (Throwable th) {
            GrouperSession.stopQuietly(null);
            throw th;
        }
    }

    public void localEntityEdit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        GrouperSession grouperSession = null;
        try {
            grouperSession = GrouperSession.start(GrouperUiFilter.retrieveSubjectLoggedIn());
            if (UiV2Group.retrieveGroupHelper(httpServletRequest, AccessPrivilege.ADMIN).getGroup() == null) {
                GrouperSession.stopQuietly(grouperSession);
                return;
            }
            if (UiV2Subject.retrieveSubjectHelper(httpServletRequest, true) == null) {
                GrouperSession.stopQuietly(grouperSession);
                return;
            }
            GrouperRequestContainer.retrieveFromRequestOrCreate().getGroupContainer().getGuiGroup().setShowBreadcrumbLink(true);
            GrouperRequestContainer.retrieveFromRequestOrCreate().getGroupContainer().getGuiGroup().setShowBreadcrumbLinkSeparator(false);
            GuiResponseJs.retrieveGuiResponseJs().addAction(GuiScreenAction.newInnerHtmlFromJsp("#grouperMainContentDivId", "/WEB-INF/grouperUi2/localEntity/localEntityEdit.jsp"));
            GrouperSession.stopQuietly(grouperSession);
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public void localEntityEditSubmit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
        GrouperSession grouperSession = null;
        try {
            grouperSession = GrouperSession.start(retrieveSubjectLoggedIn);
            Group group = UiV2Group.retrieveGroupHelper(httpServletRequest, AccessPrivilege.ADMIN).getGroup();
            if (group == null) {
                GrouperSession.stopQuietly(grouperSession);
                return;
            }
            if (UiV2Subject.retrieveSubjectHelper(httpServletRequest, true) == null) {
                GrouperSession.stopQuietly(grouperSession);
                return;
            }
            String parameter = httpServletRequest.getParameter("extension");
            String parameter2 = httpServletRequest.getParameter("displayExtension");
            String parameter3 = httpServletRequest.getParameter("description");
            boolean booleanValue = GrouperUtil.booleanValue(httpServletRequest.getParameter("privileges_viewers[]"), false);
            boolean booleanValue2 = GrouperUtil.booleanValue(httpServletRequest.getParameter("privileges_groupAttrReaders[]"), false);
            boolean booleanValue3 = GrouperUtil.booleanValue(httpServletRequest.getParameter("groupCreateCannotAddSelfName"), false);
            group.setTypeOfGroup(TypeOfGroup.entity);
            if (StringUtils.isBlank(parameter2)) {
                retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#groupName", TextContainer.retrieveFromRequest().getText().get("localEntityCreateErrorExtensionRequired")));
                GrouperSession.stopQuietly(grouperSession);
                return;
            }
            if (StringUtils.isBlank(parameter)) {
                retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#groupId", TextContainer.retrieveFromRequest().getText().get("localEntityCreateErrorExtensionRequired")));
                GrouperSession.stopQuietly(grouperSession);
                return;
            }
            try {
                Timestamp stringToTimestampTimeRequiredWithoutSeconds = GrouperUtil.stringToTimestampTimeRequiredWithoutSeconds(httpServletRequest.getParameter("enabledDate"));
                try {
                    Timestamp stringToTimestampTimeRequiredWithoutSeconds2 = GrouperUtil.stringToTimestampTimeRequiredWithoutSeconds(httpServletRequest.getParameter("disabledDate"));
                    if (stringToTimestampTimeRequiredWithoutSeconds != null && stringToTimestampTimeRequiredWithoutSeconds2 != null && !stringToTimestampTimeRequiredWithoutSeconds2.after(stringToTimestampTimeRequiredWithoutSeconds)) {
                        retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#groupDisabledDate", TextContainer.retrieveFromRequest().getText().get("localEntityCreateErrorDisabledDateAfterEnabledDateError")));
                        GrouperSession.stopQuietly(grouperSession);
                        return;
                    }
                    try {
                        GroupSave assignPrivAllView = new GroupSave(grouperSession).assignUuid(group.getId()).assignSaveMode(SaveMode.UPDATE).assignName(group.getParentStemName() + ":" + parameter).assignDisplayExtension(parameter2).assignDescription(parameter3).assignTypeOfGroup(TypeOfGroup.entity).assignEnabledTimestamp(stringToTimestampTimeRequiredWithoutSeconds).assignDisabledTimestamp(stringToTimestampTimeRequiredWithoutSeconds2).assignPrivAllAttrRead(booleanValue2).assignPrivAllView(booleanValue);
                        Group save = assignPrivAllView.save();
                        boolean z = assignPrivAllView.getSaveResultType() != SaveResultType.NO_CHANGE;
                        GroupContainer groupContainer = GrouperRequestContainer.retrieveFromRequestOrCreate().getGroupContainer();
                        if (groupContainer.isCannotAddSelfUserCanEdit()) {
                            if (booleanValue3 && !groupContainer.isCannotAddSelfAssignedToGroup()) {
                                MembershipCannotAddSelfToGroupHook.cannotAddSelfAssign(save);
                                z = true;
                            } else if (!booleanValue3 && groupContainer.isCannotAddSelfAssignedToGroup()) {
                                MembershipCannotAddSelfToGroupHook.cannotAddSelfRevoke(save);
                                z = true;
                            }
                        }
                        retrieveGuiResponseJs.addAction(GuiScreenAction.newScript("guiV2link('operation=UiV2Subject.viewSubject&sourceId=grouperEntities&subjectId=" + save.getId() + "')"));
                        if (z) {
                            retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.success, TextContainer.retrieveFromRequest().getText().get("localEntityEditSuccess")));
                        } else {
                            retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.info, TextContainer.retrieveFromRequest().getText().get("localEntityEditNoChangeNote")));
                        }
                        GrouperSession.stopQuietly(grouperSession);
                    } catch (GrouperValidationException e) {
                        UiV2Group.handleGrouperValidationException(retrieveGuiResponseJs, e);
                        GrouperSession.stopQuietly(grouperSession);
                    } catch (InsufficientPrivilegeException e2) {
                        LOG.warn("Insufficient privilege exception for group edit: " + SubjectHelper.getPretty(retrieveSubjectLoggedIn), e2);
                        retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("localEntityCreateInsufficientPrivileges")));
                        GrouperSession.stopQuietly(grouperSession);
                    } catch (Exception e3) {
                        LOG.warn("Error edit local entity: " + SubjectHelper.getPretty(retrieveSubjectLoggedIn) + ", " + group, e3);
                        if (GrouperUiUtils.vetoHandle(retrieveGuiResponseJs, e3)) {
                            GrouperSession.stopQuietly(grouperSession);
                        } else {
                            retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("localEntityEditTitle") + ": " + GrouperUtil.xmlEscape(e3.getMessage(), true)));
                            GrouperSession.stopQuietly(grouperSession);
                        }
                    }
                } catch (Exception e4) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#groupDisabledDate", TextContainer.retrieveFromRequest().getText().get("localEntityCreateErrorDisabledDateInvalid")));
                    GrouperSession.stopQuietly(grouperSession);
                }
            } catch (Exception e5) {
                retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#groupEnabledDate", TextContainer.retrieveFromRequest().getText().get("localEntityCreateErrorEnabledDateInvalid")));
                GrouperSession.stopQuietly(grouperSession);
            }
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public void addMemberSubmit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Boolean bool;
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
        try {
            try {
                GrouperSession start = GrouperSession.start(retrieveSubjectLoggedIn);
                Group group = UiV2Group.retrieveGroupHelper(httpServletRequest, AccessPrivilege.ADMIN).getGroup();
                if (group == null) {
                    GrouperSession.stopQuietly(start);
                    return;
                }
                if (UiV2Subject.retrieveSubjectHelper(httpServletRequest, true) == null) {
                    GrouperSession.stopQuietly(start);
                    return;
                }
                String parameter = httpServletRequest.getParameter("entityAddMemberComboName");
                Subject subject = null;
                if (parameter == null || !parameter.contains("||")) {
                    try {
                        subject = SubjectFinder.findByIdOrIdentifier(parameter, false);
                    } catch (SubjectNotUniqueException e) {
                    }
                } else {
                    subject = SubjectFinder.findByIdOrIdentifierAndSource(GrouperUtil.prefixOrSuffix(parameter, "||", false), GrouperUtil.prefixOrSuffix(parameter, "||", true), false);
                }
                if (subject == null) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("groupAddMemberCantFindSubject")));
                    GrouperSession.stopQuietly(start);
                    return;
                }
                String parameter2 = httpServletRequest.getParameter("privilege-options[]");
                if (StringUtils.equals(parameter2, "default")) {
                    bool = true;
                } else {
                    if (!StringUtils.equals(parameter2, TimeoutBehaviorConfiguration.CUSTOM_TYPE_NAME)) {
                        throw new RuntimeException("For privilege-options expecting default or custom but was: '" + parameter2 + "'");
                    }
                    bool = false;
                }
                boolean booleanValue = GrouperUtil.booleanValue(httpServletRequest.getParameter("privileges_admins[]"), false);
                boolean booleanValue2 = GrouperUtil.booleanValue(httpServletRequest.getParameter("privileges_viewers[]"), false);
                boolean booleanValue3 = GrouperUtil.booleanValue(httpServletRequest.getParameter("privileges_groupAttrReaders[]"), false);
                boolean booleanValue4 = GrouperUtil.booleanValue(httpServletRequest.getParameter("privileges_groupAttrUpdaters[]"), false);
                if (!bool.booleanValue() && !booleanValue && !booleanValue2 && !booleanValue3 && !booleanValue4) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#groupPrivsErrorId", TextContainer.retrieveFromRequest().getText().get("groupAddMemberPrivRequired")));
                    GrouperSession.stopQuietly(start);
                    return;
                }
                if (group.addOrEditMember(subject, bool.booleanValue(), false, booleanValue, false, false, booleanValue2, false, false, booleanValue3, booleanValue4, null, null, false)) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.success, TextContainer.retrieveFromRequest().getText().get("localEntityAddMemberMadeChangesSuccess")));
                    if (StringUtils.equals(httpServletRequest.getParameter("groupRefreshPart"), "privileges")) {
                        filterPrivilegesHelper(httpServletRequest, httpServletResponse, group);
                    }
                } else {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.info, TextContainer.retrieveFromRequest().getText().get("localEntityAddMemberNoChangesSuccess")));
                }
                retrieveGuiResponseJs.addAction(GuiScreenAction.newScript("dijit.byId('groupAddMemberComboId').set('displayedValue', ''); dijit.byId('groupAddMemberComboId').set('value', '');"));
                GrouperUserDataApi.recentlyUsedGroupAdd(GrouperUiUserData.grouperUiGroupNameForUserData(), retrieveSubjectLoggedIn, group);
                GrouperUserDataApi.recentlyUsedMemberAdd(GrouperUiUserData.grouperUiGroupNameForUserData(), retrieveSubjectLoggedIn, subject);
                GrouperSession.stopQuietly(start);
            } catch (RuntimeException e2) {
                if (!GrouperUiUtils.vetoHandle(retrieveGuiResponseJs, e2)) {
                    throw e2;
                }
                GrouperSession.stopQuietly(null);
            }
        } catch (Throwable th) {
            GrouperSession.stopQuietly(null);
            throw th;
        }
    }

    public void assignPrivilege(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        GrouperRequestContainer retrieveFromRequestOrCreate = GrouperRequestContainer.retrieveFromRequestOrCreate();
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
        try {
            try {
                GrouperSession start = GrouperSession.start(retrieveSubjectLoggedIn);
                Group group = UiV2Group.retrieveGroupHelper(httpServletRequest, AccessPrivilege.ADMIN).getGroup();
                if (group == null) {
                    GrouperSession.stopQuietly(start);
                    return;
                }
                if (UiV2Subject.retrieveSubjectHelper(httpServletRequest, true) == null) {
                    GrouperSession.stopQuietly(start);
                    return;
                }
                GroupContainer groupContainer = retrieveFromRequestOrCreate.getGroupContainer();
                boolean booleanValue = GrouperUtil.booleanValue(httpServletRequest.getParameter(AttributeDef.ACTION_DEFAULT));
                String parameter = httpServletRequest.getParameter("fieldName");
                Member findByUuid = MemberFinder.findByUuid(start, httpServletRequest.getParameter("memberId"), true);
                Privilege listToPriv = AccessPrivilege.listToPriv(parameter);
                if (listToPriv == null || !Privilege.isEntity(listToPriv)) {
                    throw new RuntimeException("Why is privilege not found???? " + parameter);
                }
                if (booleanValue) {
                    group.grantPriv(findByUuid.getSubject(), listToPriv, false);
                } else {
                    group.revokePriv(findByUuid.getSubject(), listToPriv, false);
                }
                groupContainer.setPrivilegeGuiMembershipSubjectContainers(null);
                filterPrivilegesHelper(httpServletRequest, httpServletResponse, group);
                GrouperUserDataApi.recentlyUsedGroupAdd(GrouperUiUserData.grouperUiGroupNameForUserData(), retrieveSubjectLoggedIn, group);
                GrouperUserDataApi.recentlyUsedMemberAdd(GrouperUiUserData.grouperUiGroupNameForUserData(), retrieveSubjectLoggedIn, findByUuid);
                GrouperSession.stopQuietly(start);
            } catch (RuntimeException e) {
                if (!GrouperUiUtils.vetoHandle(retrieveGuiResponseJs, e)) {
                    throw e;
                }
                GrouperSession.stopQuietly(null);
            }
        } catch (Throwable th) {
            GrouperSession.stopQuietly(null);
            throw th;
        }
    }

    public void assignPrivilegeBatch(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Privilege[] privilegeArr;
        GrouperRequestContainer retrieveFromRequestOrCreate = GrouperRequestContainer.retrieveFromRequestOrCreate();
        GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        try {
            try {
                GrouperSession start = GrouperSession.start(retrieveSubjectLoggedIn);
                Group group = UiV2Group.retrieveGroupHelper(httpServletRequest, AccessPrivilege.ADMIN).getGroup();
                if (group == null) {
                    GrouperSession.stopQuietly(start);
                    return;
                }
                if (UiV2Subject.retrieveSubjectHelper(httpServletRequest, true) == null) {
                    GrouperSession.stopQuietly(start);
                    return;
                }
                GroupContainer groupContainer = retrieveFromRequestOrCreate.getGroupContainer();
                String parameter = httpServletRequest.getParameter("groupPrivilegeBatchUpdateOperation");
                Matcher matcher = Pattern.compile("^(assign|revoke)_(.*)$").matcher(parameter);
                if (!matcher.matches()) {
                    throw new RuntimeException("Invalid submission, should have a valid operation: '" + parameter + "'");
                }
                String group2 = matcher.group(1);
                boolean equals = StringUtils.equals(AttributeDef.ACTION_DEFAULT, group2);
                if (!equals && !StringUtils.equals("revoke", group2)) {
                    throw new RuntimeException("Cant find assign or revoke: '" + group2 + "'");
                }
                String group3 = matcher.group(2);
                boolean equals2 = StringUtils.equals(group3, "all");
                boolean equals3 = StringUtils.equals(group3, "readersUpdaters");
                int pageSize = GrouperPagingTag2.pageSize(httpServletRequest);
                LinkedHashSet<Member> linkedHashSet = new LinkedHashSet();
                for (int i = 0; i < pageSize; i++) {
                    String parameter2 = httpServletRequest.getParameter("privilegeSubjectRow_" + i + "[]");
                    if (!StringUtils.isBlank(parameter2)) {
                        linkedHashSet.add(MemberFinder.findByUuid(start, parameter2, true));
                    }
                }
                if (GrouperUtil.length(linkedHashSet) == 0) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("stemErrorEntityRequired")));
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newScript("guiScrollTop()"));
                    GrouperSession.stopQuietly(start);
                    return;
                }
                int i2 = 0;
                if (equals2) {
                    privilegeArr = equals ? new Privilege[]{AccessPrivilege.listToPriv(Field.FIELD_NAME_ADMINS)} : new Privilege[]{AccessPrivilege.listToPriv(Field.FIELD_NAME_GROUP_ATTR_READERS), AccessPrivilege.listToPriv(Field.FIELD_NAME_GROUP_ATTR_UPDATERS), AccessPrivilege.listToPriv(Field.FIELD_NAME_VIEWERS), AccessPrivilege.listToPriv(Field.FIELD_NAME_ADMINS)};
                } else {
                    if (equals3) {
                        throw new RuntimeException("Why readers updaters????");
                    }
                    privilegeArr = new Privilege[]{AccessPrivilege.listToPriv(group3)};
                }
                int i3 = 0;
                for (Member member : linkedHashSet) {
                    for (Privilege privilege : privilegeArr) {
                        i2 = equals ? i2 + (group.grantPriv(member.getSubject(), privilege, false) ? 1 : 0) : i2 + (group.revokePriv(member.getSubject(), privilege, false) ? 1 : 0);
                    }
                    int i4 = i3;
                    i3++;
                    if (i4 < 5) {
                        GrouperUserDataApi.recentlyUsedMemberAdd(GrouperUiUserData.grouperUiGroupNameForUserData(), retrieveSubjectLoggedIn, member);
                    }
                }
                groupContainer.setPrivilegeGuiMembershipSubjectContainers(null);
                if (i2 > 0) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.success, TextContainer.retrieveFromRequest().getText().get(equals ? "groupSuccessGrantedPrivileges" : "groupSuccessRevokedPrivileges")));
                } else {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.info, TextContainer.retrieveFromRequest().getText().get(equals ? "groupNoteNoGrantedPrivileges" : "groupNoteNoRevokedPrivileges")));
                }
                retrieveGuiResponseJs.addAction(GuiScreenAction.newScript("guiScrollTop()"));
                if (group.canHavePrivilege(retrieveSubjectLoggedIn, AccessPrivilege.ADMIN.getName(), false)) {
                    filterPrivilegesHelper(httpServletRequest, httpServletResponse, group);
                } else {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newScript("guiV2link('operation=UiV2Main.indexMain')"));
                }
                GrouperUserDataApi.recentlyUsedGroupAdd(GrouperUiUserData.grouperUiGroupNameForUserData(), retrieveSubjectLoggedIn, group);
                GrouperSession.stopQuietly(start);
            } catch (RuntimeException e) {
                if (!GrouperUiUtils.vetoHandle(retrieveGuiResponseJs, e)) {
                    throw e;
                }
                GrouperSession.stopQuietly(null);
            }
        } catch (Throwable th) {
            GrouperSession.stopQuietly(null);
            throw th;
        }
    }

    public void viewLocalEntityWSJwtKeys(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            GrouperSession start = GrouperSession.start(GrouperUiFilter.retrieveSubjectLoggedIn());
            final Subject retrieveSubjectHelper = UiV2Subject.retrieveSubjectHelper(httpServletRequest, true);
            if (retrieveSubjectHelper == null) {
                GrouperSession.stopQuietly(start);
                return;
            }
            GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
            GrouperRequestContainer retrieveFromRequestOrCreate = GrouperRequestContainer.retrieveFromRequestOrCreate();
            if (!retrieveFromRequestOrCreate.getSubjectContainer().isCanViewWsJwtKey()) {
                throw new RuntimeException("not valid");
            }
            GrouperPassword findByUsernameApplication = GrouperDAOFactory.getFactory().getGrouperPassword().findByUsernameApplication((String) GrouperSession.internal_callbackRootGrouperSession(new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2LocalEntity.2
                @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
                public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                    return MemberFinder.findBySubject(grouperSession, retrieveSubjectHelper, true).getId();
                }
            }), GrouperPassword.Application.WS.name());
            if (findByUsernameApplication != null) {
                retrieveFromRequestOrCreate.getGrouperPasswordContainer().setGuiGrouperPassword(GuiGrouperPassword.convertFromGrouperPassword(findByUsernameApplication));
            }
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#grouperMainContentDivId", "/WEB-INF/grouperUi2/localEntity/viewLocalEntityWsJwtKey.jsp"));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#viewWsJwtKey", "/WEB-INF/grouperUi2/localEntity/localEntityWsJwtKeyContents.jsp"));
            GrouperSession.stopQuietly(start);
        } catch (Throwable th) {
            GrouperSession.stopQuietly(null);
            throw th;
        }
    }

    public static void editWsJwtKey(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            GrouperSession start = GrouperSession.start(GrouperUiFilter.retrieveSubjectLoggedIn());
            final Subject retrieveSubjectHelper = UiV2Subject.retrieveSubjectHelper(httpServletRequest, true);
            if (retrieveSubjectHelper == null) {
                GrouperSession.stopQuietly(start);
                return;
            }
            GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
            GrouperRequestContainer retrieveFromRequestOrCreate = GrouperRequestContainer.retrieveFromRequestOrCreate();
            if (!retrieveFromRequestOrCreate.getSubjectContainer().isCanViewWsJwtKey()) {
                throw new RuntimeException("not valid");
            }
            GrouperPassword findByUsernameApplication = GrouperDAOFactory.getFactory().getGrouperPassword().findByUsernameApplication((String) GrouperSession.internal_callbackRootGrouperSession(new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2LocalEntity.3
                @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
                public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                    return MemberFinder.findBySubject(grouperSession, Subject.this, true).getId();
                }
            }), GrouperPassword.Application.WS.name());
            if (findByUsernameApplication != null) {
                retrieveFromRequestOrCreate.getGrouperPasswordContainer().setGuiGrouperPassword(GuiGrouperPassword.convertFromGrouperPassword(findByUsernameApplication));
            }
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#grouperMainContentDivId", "/WEB-INF/grouperUi2/localEntity/viewLocalEntityWsJwtKey.jsp"));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#viewWsJwtKey", "/WEB-INF/grouperUi2/localEntity/localEntityWsJwtKeyEdit.jsp"));
            GrouperSession.stopQuietly(start);
        } catch (Throwable th) {
            GrouperSession.stopQuietly(null);
            throw th;
        }
    }

    public static void editWsJwtKeySubmit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        GrouperSession grouperSession = null;
        try {
            grouperSession = GrouperSession.start(GrouperUiFilter.retrieveSubjectLoggedIn());
            final Subject retrieveSubjectHelper = UiV2Subject.retrieveSubjectHelper(httpServletRequest, true);
            if (retrieveSubjectHelper == null) {
                GrouperSession.stopQuietly(grouperSession);
                return;
            }
            GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
            GrouperRequestContainer retrieveFromRequestOrCreate = GrouperRequestContainer.retrieveFromRequestOrCreate();
            if (!retrieveFromRequestOrCreate.getSubjectContainer().isCanViewWsJwtKey()) {
                throw new RuntimeException("not valid");
            }
            String parameter = httpServletRequest.getParameter("localEntityAllowedFromCidrs");
            String parameter2 = httpServletRequest.getParameter("localEntityExpiresAtDate");
            Long l = null;
            if (StringUtils.isNotBlank(parameter2)) {
                try {
                    l = Long.valueOf(GrouperUtil.stringToDate2(parameter2).getTime());
                } catch (Exception e) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#expiratationDateId", TextContainer.retrieveFromRequest().getText().get("localEntityWsJwtKeyExpiresAtInvalidFormat")));
                    GrouperSession.stopQuietly(grouperSession);
                    return;
                }
            }
            GrouperPassword findByUsernameApplication = GrouperDAOFactory.getFactory().getGrouperPassword().findByUsernameApplication((String) GrouperSession.internal_callbackRootGrouperSession(new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2LocalEntity.4
                @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
                public Object callback(GrouperSession grouperSession2) throws GrouperSessionException {
                    return MemberFinder.findBySubject(grouperSession2, Subject.this, true).getId();
                }
            }), GrouperPassword.Application.WS.name());
            new GrouperPasswordSave().assignAllowedFromCidrs(parameter).assignExpiresAt(l).assignUuid(findByUsernameApplication.getId()).assignSaveMode(SaveMode.UPDATE).assignReplaceAllSettings(false).save();
            retrieveFromRequestOrCreate.getGrouperPasswordContainer().setGuiGrouperPassword(GuiGrouperPassword.convertFromGrouperPassword(findByUsernameApplication));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#grouperMainContentDivId", "/WEB-INF/grouperUi2/localEntity/viewLocalEntityWsJwtKey.jsp"));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#viewWsJwtKey", "/WEB-INF/grouperUi2/localEntity/localEntityWsJwtKeyContents.jsp"));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.success, TextContainer.retrieveFromRequest().getText().get("localEntityWsJwtUpdateKeySuccess")));
            GrouperSession.stopQuietly(grouperSession);
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public static void createNewWsJwtKey(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            GrouperSession start = GrouperSession.start(GrouperUiFilter.retrieveSubjectLoggedIn());
            if (UiV2Subject.retrieveSubjectHelper(httpServletRequest, true) == null) {
                GrouperSession.stopQuietly(start);
                return;
            }
            GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
            if (!GrouperRequestContainer.retrieveFromRequestOrCreate().getSubjectContainer().isCanViewWsJwtKey()) {
                throw new RuntimeException("not valid");
            }
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#grouperMainContentDivId", "/WEB-INF/grouperUi2/localEntity/viewLocalEntityWsJwtKey.jsp"));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#viewWsJwtKey", "/WEB-INF/grouperUi2/localEntity/localEntityWsJwtKeyCreate.jsp"));
            GrouperSession.stopQuietly(start);
        } catch (Throwable th) {
            GrouperSession.stopQuietly(null);
            throw th;
        }
    }

    public static void createWsJwtKeySubmit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        final Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn();
        GrouperSession grouperSession = null;
        try {
            grouperSession = GrouperSession.start(retrieveSubjectLoggedIn);
            final Subject retrieveSubjectHelper = UiV2Subject.retrieveSubjectHelper(httpServletRequest, true);
            if (retrieveSubjectHelper == null) {
                GrouperSession.stopQuietly(grouperSession);
                return;
            }
            GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
            GrouperRequestContainer retrieveFromRequestOrCreate = GrouperRequestContainer.retrieveFromRequestOrCreate();
            if (!retrieveFromRequestOrCreate.getSubjectContainer().isCanViewWsJwtKey()) {
                throw new RuntimeException("not valid");
            }
            String parameter = httpServletRequest.getParameter("localEntityAllowedFromCidrs");
            String parameter2 = httpServletRequest.getParameter("localEntityExpiresAtDate");
            Long l = null;
            if (StringUtils.isNotBlank(parameter2)) {
                try {
                    l = Long.valueOf(GrouperUtil.stringToDate2(parameter2).getTime());
                } catch (Exception e) {
                    retrieveGuiResponseJs.addAction(GuiScreenAction.newValidationMessage(GuiScreenAction.GuiMessageType.error, "#expiratationDateId", TextContainer.retrieveFromRequest().getText().get("localEntityWsJwtKeyExpiresAtInvalidFormat")));
                    GrouperSession.stopQuietly(grouperSession);
                    return;
                }
            }
            String str = (String) GrouperSession.internal_callbackRootGrouperSession(new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2LocalEntity.5
                @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
                public Object callback(GrouperSession grouperSession2) throws GrouperSessionException {
                    return MemberFinder.findBySubject(grouperSession2, Subject.this, true).getId();
                }
            });
            String str2 = (String) GrouperSession.internal_callbackRootGrouperSession(new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2LocalEntity.6
                @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
                public Object callback(GrouperSession grouperSession2) throws GrouperSessionException {
                    return MemberFinder.findBySubject(grouperSession2, Subject.this, true).getId();
                }
            });
            String[] generateRsaKeypair = GrouperUtil.generateRsaKeypair(2048);
            new GrouperPasswordSave().assignAllowedFromCidrs(parameter).assignApplication(GrouperPassword.Application.WS).assignEncryptionType(GrouperPassword.EncryptionType.RS_2048).assignEntityType("localEntity").assignExpiresAt(l).assignMemberIdWhoSetPassword(str).assignPublicKey(generateRsaKeypair[0]).assignUsername(str2).assignMemberId(str2).save();
            GrouperPassword findByUsernameApplication = GrouperDAOFactory.getFactory().getGrouperPassword().findByUsernameApplication(str2, GrouperPassword.Application.WS.name());
            if (findByUsernameApplication == null) {
                throw new RuntimeException("error creating grouper password");
            }
            retrieveFromRequestOrCreate.getGrouperPasswordContainer().setGuiGrouperPassword(GuiGrouperPassword.convertFromGrouperPassword(findByUsernameApplication));
            retrieveFromRequestOrCreate.getGrouperPasswordContainer().setPrivateKey(generateRsaKeypair[1]);
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#grouperMainContentDivId", "/WEB-INF/grouperUi2/localEntity/viewLocalEntityWsJwtKey.jsp"));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#viewWsJwtKey", "/WEB-INF/grouperUi2/localEntity/localEntityWsJwtKeyContents.jsp"));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.success, TextContainer.retrieveFromRequest().getText().get("localEntityWsJwtGenerateKeySuccess")));
            GrouperSession.stopQuietly(grouperSession);
        } catch (Throwable th) {
            GrouperSession.stopQuietly(grouperSession);
            throw th;
        }
    }

    public static void deleteWsJwtKey(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            GrouperSession start = GrouperSession.start(GrouperUiFilter.retrieveSubjectLoggedIn());
            final Subject retrieveSubjectHelper = UiV2Subject.retrieveSubjectHelper(httpServletRequest, true);
            if (retrieveSubjectHelper == null) {
                GrouperSession.stopQuietly(start);
                return;
            }
            GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
            if (!GrouperRequestContainer.retrieveFromRequestOrCreate().getSubjectContainer().isCanViewWsJwtKey()) {
                throw new RuntimeException("not valid");
            }
            GrouperPassword findByUsernameApplication = GrouperDAOFactory.getFactory().getGrouperPassword().findByUsernameApplication((String) GrouperSession.internal_callbackRootGrouperSession(new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2LocalEntity.7
                @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
                public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                    return MemberFinder.findBySubject(grouperSession, Subject.this, true).getId();
                }
            }), GrouperPassword.Application.WS.name());
            if (findByUsernameApplication == null) {
                retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("localEntityWsJwtDeleteKeyNotFoundError")));
                GrouperSession.stopQuietly(start);
                return;
            }
            GrouperDAOFactory.getFactory().getGrouperPasswordRecentlyUsed().deleteGrouperPasswordRecentlyUsedEntries(findByUsernameApplication.getId());
            GrouperDAOFactory.getFactory().getGrouperPassword().delete(findByUsernameApplication);
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#grouperMainContentDivId", "/WEB-INF/grouperUi2/localEntity/viewLocalEntityWsJwtKey.jsp"));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#viewWsJwtKey", "/WEB-INF/grouperUi2/localEntity/localEntityWsJwtKeyContents.jsp"));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.success, TextContainer.retrieveFromRequest().getText().get("localEntityWsJwtDeleteKeySuccess")));
            GrouperSession.stopQuietly(start);
        } catch (Throwable th) {
            GrouperSession.stopQuietly(null);
            throw th;
        }
    }

    public static void deleteWsJwtKeyCreateNew(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            GrouperSession start = GrouperSession.start(GrouperUiFilter.retrieveSubjectLoggedIn());
            final Subject retrieveSubjectHelper = UiV2Subject.retrieveSubjectHelper(httpServletRequest, true);
            if (retrieveSubjectHelper == null) {
                GrouperSession.stopQuietly(start);
                return;
            }
            GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
            GrouperRequestContainer retrieveFromRequestOrCreate = GrouperRequestContainer.retrieveFromRequestOrCreate();
            if (!retrieveFromRequestOrCreate.getSubjectContainer().isCanViewWsJwtKey()) {
                throw new RuntimeException("not valid");
            }
            String str = (String) GrouperSession.internal_callbackRootGrouperSession(new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2LocalEntity.8
                @Override // edu.internet2.middleware.grouper.misc.GrouperSessionHandler
                public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                    return MemberFinder.findBySubject(grouperSession, Subject.this, true).getId();
                }
            });
            GrouperPassword findByUsernameApplication = GrouperDAOFactory.getFactory().getGrouperPassword().findByUsernameApplication(str, GrouperPassword.Application.WS.name());
            if (findByUsernameApplication == null) {
                retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("localEntityWsJwtDeleteKeyNotFoundError")));
                GrouperSession.stopQuietly(start);
                return;
            }
            String[] generateRsaKeypair = GrouperUtil.generateRsaKeypair(2048);
            new GrouperPasswordSave().assignPublicKey(generateRsaKeypair[0]).assignSaveMode(SaveMode.UPDATE).assignMemberId(str).assignReplaceAllSettings(false).assignUuid(findByUsernameApplication.getId()).save();
            retrieveFromRequestOrCreate.getGrouperPasswordContainer().setPrivateKey(generateRsaKeypair[1]);
            retrieveFromRequestOrCreate.getGrouperPasswordContainer().setGuiGrouperPassword(GuiGrouperPassword.convertFromGrouperPassword(findByUsernameApplication));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#grouperMainContentDivId", "/WEB-INF/grouperUi2/localEntity/viewLocalEntityWsJwtKey.jsp"));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newInnerHtmlFromJsp("#viewWsJwtKey", "/WEB-INF/grouperUi2/localEntity/localEntityWsJwtKeyContents.jsp"));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.success, TextContainer.retrieveFromRequest().getText().get("localEntityWsJwtDeleteKeySuccess")));
            GrouperSession.stopQuietly(start);
        } catch (Throwable th) {
            GrouperSession.stopQuietly(null);
            throw th;
        }
    }
}
