package edu.internet2.middleware.grouper.j2ee;

import edu.internet2.middleware.grouper.cache.GrouperCacheUtils;
import edu.internet2.middleware.grouper.grouperUi.beans.RequestContainer;
import edu.internet2.middleware.grouper.grouperUi.beans.api.GuiSubject;
import edu.internet2.middleware.grouper.grouperUi.beans.json.AppState;
import edu.internet2.middleware.grouper.grouperUi.beans.json.GuiResponseJs;
import edu.internet2.middleware.grouper.grouperUi.beans.json.GuiScreenAction;
import edu.internet2.middleware.grouper.grouperUi.beans.json.GuiSettings;
import edu.internet2.middleware.grouper.grouperUi.beans.ui.GrouperRequestContainer;
import edu.internet2.middleware.grouper.grouperUi.beans.ui.TextContainer;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.MiscMenu;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Admin;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2AttributeDef;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2AttributeDefAttributeAssignment;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2AttributeDefName;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Deprovisioning;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2ExternalEntities;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Group;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2GroupAttributeAssignment;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2GroupImport;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2GroupPermission;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2GrouperReport;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Main;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2MembershipAttributeAssignment;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Public;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Stem;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2StemAttributeAssignment;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Subject;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2SubjectAttributeAssignment;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2SubjectPermission;
import edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2SubjectResolution;
import edu.internet2.middleware.grouper.internal.util.GrouperUuid;
import edu.internet2.middleware.grouper.ui.GrouperUiFilter;
import edu.internet2.middleware.grouper.ui.NoUserAuthenticatedException;
import edu.internet2.middleware.grouper.ui.exceptions.ControllerDone;
import edu.internet2.middleware.grouper.ui.exceptions.NoSessionException;
import edu.internet2.middleware.grouper.ui.util.GrouperUiConfig;
import edu.internet2.middleware.grouper.ui.util.GrouperUiUtils;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.subject.Subject;
import edu.internet2.middleware.subject.SubjectNotFoundException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.exception.ExceptionUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:edu/internet2/middleware/grouper/j2ee/GrouperUiRestServlet.class */
public class GrouperUiRestServlet extends HttpServlet {
    public static final String X_GROUPER_SUCCESS = "X-Grouper-success";
    public static final String X_GROUPER_RESULT_CODE = "X-Grouper-resultCode";
    public static final String X_GROUPER_RESULT_CODE2 = "X-Grouper-resultCode2";
    private static final Log LOG = LogFactory.getLog(GrouperUiRestServlet.class);
    private static Set<String> operationsOkGet = GrouperUtil.toSet(new String[]{MiscMenu.class.getSimpleName() + ".miscMenuStructure", "InviteExternalSubjects.groupToAssignFilter", "SimpleMembershipUpdateFilter.filterUsers", "SimpleMembershipUpdateFilter.filterGroups", "SimpleMembershipUpdateMenu.advancedMenuStructure", "SimpleMembershipUpdateImportExport.exportSubjectIdsCsv", "SimpleMembershipUpdateImportExport.exportAllCsv", "SimpleMembershipUpdateMenu.memberMenuStructure", "SimpleMembershipUpdateFilter.filterMembers", "SimpleAttributeUpdateFilter.filterAttributeDefs", "SimpleAttributeUpdateFilter.filterCreatableNamespace", "SimpleAttributeUpdateFilter.filterPrivilegeUsers", "SimpleAttributeNameUpdateFilter.filterAttributeDefs", "SimpleGroupUpdateFilter.filterGroups", "SimpleAttributeNameUpdateFilter.filterAttributeDefNames", "SimpleAttributeNameUpdateFilter.filterCreatableNamespace", "SimpleGroupUpdateFilter.filterCreatableNamespace", "SimpleGroupUpdateFilter.filterPrivilegeUsers", "SimpleGroupUpdateFilter.filterRoles", "SimpleAttributeUpdateFilter.filterAttributeDefsByOwnerType", "SimpleAttributeUpdateFilter.filterAttributeNamesByOwnerType", "SimpleAttributeUpdateFilter.filterGroups", "SimpleAttributeUpdateFilter.filterGroupsForMembershipAssignment", "SimpleAttributeUpdateFilter.filterStems", "SimpleAttributeUpdateFilter.filterSubjects", "SimpleAttributeUpdateMenu.assignmentMenuStructure", "SimplePermissionUpdateFilter.filterPermissionAttributeDefs", "SimplePermissionUpdateFilter.filterPermissionResources", "SimplePermissionUpdateFilter.filterRoles", "SimplePermissionUpdateFilter.filterSubjects", "SimplePermissionUpdateFilter.filterActions", "SimplePermissionUpdateMenu.assignmentMenuStructure", "SimplePermissionUpdateFilter.filterLimitDefinitions", "SimplePermissionUpdateFilter.filterLimitNames", "SimplePermissionUpdateMenu.limitMenuStructure", "SimpleGroupUpdateFilter.filterGroupsRolesEntities", UiV2SubjectPermission.class.getSimpleName() + ".assignmentMenuStructure", UiV2SubjectPermission.class.getSimpleName() + ".limitMenuStructure", UiV2SubjectPermission.class.getSimpleName() + ".limitValueMenuStructure", UiV2GroupPermission.class.getSimpleName() + ".assignmentMenuStructure", UiV2GroupPermission.class.getSimpleName() + ".limitMenuStructure", UiV2GroupPermission.class.getSimpleName() + ".limitValueMenuStructure", UiV2Main.class.getSimpleName() + ".index", UiV2Main.class.getSimpleName() + ".indexCustomUi", UiV2Main.class.getSimpleName() + ".folderMenu", UiV2Main.class.getSimpleName() + ".folderMenuObjectPath", UiV2Group.class.getSimpleName() + ".addMemberFilter", UiV2Group.class.getSimpleName() + ".groupRoleAssignPermissionFilter", UiV2GroupImport.class.getSimpleName() + ".groupExportSubmit", UiV2Stem.class.getSimpleName() + ".stemCopyParentFolderFilter", UiV2Stem.class.getSimpleName() + ".createGroupParentFolderFilter", UiV2Stem.class.getSimpleName() + ".createStemParentFolderFilter", UiV2StemAttributeAssignment.class.getSimpleName() + ".assignmentValueMenuStructure", UiV2GroupAttributeAssignment.class.getSimpleName() + ".assignmentValueMenuStructure", UiV2AttributeDefAttributeAssignment.class.getSimpleName() + ".assignmentValueMenuStructure", UiV2SubjectAttributeAssignment.class.getSimpleName() + ".assignmentValueMenuStructure", UiV2MembershipAttributeAssignment.class.getSimpleName() + ".assignmentValueMenuStructure", UiV2AttributeDefName.class.getSimpleName() + ".assignmentValueMenuStructure", UiV2AttributeDef.class.getSimpleName() + ".assignmentValueMenuStructure", UiV2AttributeDef.class.getSimpleName() + ".attributeDefFilter", UiV2AttributeDefName.class.getSimpleName() + ".attributeDefNameFilter", UiV2GroupPermission.class.getSimpleName() + ".permissionActionNameFilter", UiV2Subject.class.getSimpleName() + ".addToGroupFilter", UiV2Group.class.getSimpleName() + ".groupUpdateFilter", UiV2Group.class.getSimpleName() + ".groupCompositeFactorFilter", UiV2Stem.class.getSimpleName() + ".addMemberFilter", UiV2ExternalEntities.class.getSimpleName() + ".addGroupFilter", UiV2Subject.class.getSimpleName() + ".addToStemFilter", UiV2Subject.class.getSimpleName() + ".addToAttributeDefFilter", UiV2Public.class.getSimpleName() + ".index", UiV2Public.class.getSimpleName() + ".help", UiV2AttributeDef.class.getSimpleName() + ".addMemberFilter", UiV2Stem.class.getSimpleName() + ".createAttributeDefParentFolderFilter", UiV2Admin.class.getSimpleName() + ".subjectApiDiagnosticsActAsCombo", UiV2Deprovisioning.class.getSimpleName() + ".addMemberFilter", UiV2GrouperReport.class.getSimpleName() + ".downloadReportForFolder", UiV2GrouperReport.class.getSimpleName() + ".downloadReportForGroup", UiV2SubjectResolution.class.getSimpleName() + ".addMemberFilter"});

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (GrouperUiConfig.retrieveConfig().propertyValueBoolean("grouperUi.refreshCaches.onEveryRequest", false)) {
            GrouperCacheUtils.clearAllCaches();
        }
        GrouperUiFilter.assignHttpServlet(this);
        String requestURI = httpServletRequest.getRequestURI();
        if (!requestURI.endsWith("/UiV2Main.index") && !requestURI.endsWith("/UiV2Public.index")) {
            RequestContainer.retrieveFromRequest().setAjaxRequest(true);
        }
        GrouperRequestContainer.retrieveFromRequestOrCreate();
        List<String> extractUrlStrings = extractUrlStrings(httpServletRequest);
        GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
        AppState appState = (AppState) JSONObject.toBean(JSONObject.fromObject(httpServletRequest.getParameter("appState")), AppState.class);
        if (appState == null) {
            appState = new AppState();
        }
        appState.initRequest();
        try {
            initGui();
            boolean z = true;
            if (GrouperUtil.length(extractUrlStrings) == 3 && StringUtils.equals("app", extractUrlStrings.get(0)) && (StringUtils.equals("SimpleMembershipUpdateImportExport.exportSubjectIdsCsv", extractUrlStrings.get(1)) || StringUtils.equals("SimpleMembershipUpdateImportExport.exportAllCsv", extractUrlStrings.get(1)))) {
                extractUrlStrings = GrouperUtil.toList(new String[]{extractUrlStrings.get(0), extractUrlStrings.get(1)});
            }
            if (GrouperUtil.length(extractUrlStrings) == 5 && StringUtils.equals("app", extractUrlStrings.get(0)) && StringUtils.equals(UiV2GroupImport.class.getSimpleName() + ".groupExportSubmit", extractUrlStrings.get(1))) {
                extractUrlStrings = GrouperUtil.toList(new String[]{extractUrlStrings.get(0), extractUrlStrings.get(1)});
            }
            if (GrouperUiFilter.retrieveSubjectLoggedIn(true, httpServletResponse) == null && !StringUtils.equals(UiV2Public.class.getSimpleName() + ".index", extractUrlStrings.get(1)) && !StringUtils.equals(UiV2Public.class.getSimpleName() + ".postIndex", extractUrlStrings.get(1)) && !StringUtils.defaultString(extractUrlStrings.get(1)).startsWith("ExternalSubjectSelfRegister.") && !StringUtils.defaultString(extractUrlStrings.get(1)).startsWith("UiV2ExternalSubjectSelfRegister.")) {
                httpServletResponse.sendRedirect(GrouperUiFilter.retrieveServletContext() + "/grouperExternal/public/UiV2Public.index?operation=UiV2Public.postIndex&function=UiV2Public.error&code=anonymousSessionNotAllowed");
                return;
            }
            if (GrouperUtil.length(extractUrlStrings) == 2 && (StringUtils.equals("public", extractUrlStrings.get(0)) || StringUtils.equals("app", extractUrlStrings.get(0)))) {
                String str = extractUrlStrings.get(1);
                if (str.contains("#")) {
                    str = GrouperUtil.prefixOrSuffix(str, "#", true);
                }
                if (!str.matches("^[a-zA-Z0-9]+\\.[a-zA-Z0-9]+$")) {
                    throw new RuntimeException("Invalid class and method name: '" + str + "'");
                }
                if (!StringUtils.equalsIgnoreCase("post", httpServletRequest.getMethod()) && !operationsOkGet.contains(str)) {
                    throw new RuntimeException("Cant process method: " + httpServletRequest.getMethod() + " for operation: " + str);
                }
                String prefixOrSuffix = GrouperUtil.prefixOrSuffix(str, ".", true);
                String prefixOrSuffix2 = GrouperUtil.prefixOrSuffix(str, ".", false);
                boolean startsWith = prefixOrSuffix.toLowerCase().startsWith("uiv2");
                String str2 = "edu.internet2.middleware.grouper.grouperUi.serviceLogic." + prefixOrSuffix;
                try {
                    Object newInstance = GrouperUtil.newInstance(GrouperUtil.forName(str2));
                    try {
                        GrouperUtil.callMethod(newInstance.getClass(), newInstance, prefixOrSuffix2, new Class[]{HttpServletRequest.class, HttpServletResponse.class}, new Object[]{httpServletRequest, httpServletResponse}, true, false);
                    } catch (ControllerDone e) {
                        z = e.isPrintGuiReponseJs();
                    } catch (NoSessionException e2) {
                        if (startsWith) {
                            retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("guiMiscNoSessionError")));
                        } else {
                            boolean isAddTextAreaTag = retrieveGuiResponseJs.isAddTextAreaTag();
                            retrieveGuiResponseJs = new GuiResponseJs();
                            retrieveGuiResponseJs.addAction(GuiScreenAction.newCloseModal());
                            retrieveGuiResponseJs.setAddTextAreaTag(isAddTextAreaTag);
                            retrieveGuiResponseJs.addAction(GuiScreenAction.newAlert(GrouperUiUtils.message(GrouperUiFilter.uiSectionForRequest() == GrouperUiFilter.UiSection.EXTERNAL ? "externalSubjectSelfRegister.startOver" : "simpleMembershipUpdate.startOver")));
                        }
                    } catch (RuntimeException e3) {
                        String str3 = "Problem calling reflection from URL: " + str2 + "." + prefixOrSuffix2 + "\n\n" + ExceptionUtils.getFullStackTrace(e3);
                        LOG.error(str3);
                        GrouperUiUtils.appendErrorToRequest(str3);
                        if (startsWith) {
                            retrieveGuiResponseJs.addAction(GuiScreenAction.newMessage(GuiScreenAction.GuiMessageType.error, TextContainer.retrieveFromRequest().getText().get("guiMiscErrorPrefix") + " " + GrouperUiUtils.escapeHtml(e3.getMessage(), true)));
                        } else {
                            boolean isAddTextAreaTag2 = retrieveGuiResponseJs.isAddTextAreaTag();
                            retrieveGuiResponseJs = new GuiResponseJs();
                            retrieveGuiResponseJs.addAction(GuiScreenAction.newCloseModal());
                            retrieveGuiResponseJs.setAddTextAreaTag(isAddTextAreaTag2);
                            retrieveGuiResponseJs.addAction(GuiScreenAction.newAlert("Error: " + GrouperUiUtils.escapeHtml(e3.getMessage(), true)));
                        }
                    }
                } catch (RuntimeException e4) {
                    GrouperUtil.injectInException(e4, "Problem calling class and method: " + str2 + "." + prefixOrSuffix2);
                    throw e4;
                }
            } else {
                retrieveGuiResponseJs = new GuiResponseJs();
                String str4 = "Cant find logic for URL: " + GrouperUtil.toStringForLog(extractUrlStrings);
                retrieveGuiResponseJs.addAction(GuiScreenAction.newAlert("Error: " + str4));
                LOG.error(str4);
                GrouperUiUtils.appendErrorToRequest(str4);
            }
            if (z) {
                retrieveGuiResponseJs.printToScreen();
            }
        } catch (SubjectNotFoundException e5) {
            httpServletResponse.sendRedirect(GrouperUiFilter.retrieveServletContext() + "/grouperExternal/public/UiV2Public.index?operation=UiV2Public.postIndex&function=UiV2Public.error&code=authenticatedSubjectNotFound");
        } catch (NoUserAuthenticatedException e6) {
            httpServletResponse.sendRedirect(GrouperUiFilter.retrieveServletContext() + "/grouperExternal/public/UiV2Public.index?operation=UiV2Public.postIndex&function=UiV2Public.error&code=noUserAuthenticated");
        } catch (ControllerDone e7) {
            retrieveGuiResponseJs.printToScreen();
        }
    }

    public static void initGui() {
        GuiSettings guiSettings = new GuiSettings();
        guiSettings.storeToRequest();
        guiSettings.setAuthnKey(GrouperUuid.getUuid());
        if (!AppState.retrieveFromRequest().isInitted()) {
            GuiResponseJs retrieveGuiResponseJs = GuiResponseJs.retrieveGuiResponseJs();
            retrieveGuiResponseJs.addAction(GuiScreenAction.newAssign("allObjects.guiSettings", guiSettings));
            retrieveGuiResponseJs.addAction(GuiScreenAction.newAssign("allObjects.appState.initted", true));
        }
        Subject retrieveSubjectLoggedIn = GrouperUiFilter.retrieveSubjectLoggedIn(true, null);
        if (retrieveSubjectLoggedIn != null) {
            guiSettings.setLoggedInSubject(new GuiSubject(retrieveSubjectLoggedIn));
        }
    }

    public static String requestDebugInfo(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder();
        sb.append(" uri: ").append(httpServletRequest.getRequestURI());
        sb.append(", method: ").append(httpServletRequest.getMethod());
        sb.append(", decoded url strings: ");
        List<String> extractUrlStrings = extractUrlStrings(httpServletRequest);
        int length = GrouperUtil.length(extractUrlStrings);
        if (length == 0) {
            sb.append("[none]");
        } else {
            for (int i = 0; i < length; i++) {
                sb.append(i).append(": '").append(extractUrlStrings.get(i)).append("'");
                if (i != length - 1) {
                    sb.append(", ");
                }
            }
        }
        return sb.toString();
    }

    public static List<String> extractUrlStrings(HttpServletRequest httpServletRequest) {
        return extractUrlStrings(httpServletRequest.getRequestURI());
    }

    private static List<String> extractUrlStrings(String str) {
        String[] split = StringUtils.split(str, '/');
        ArrayList arrayList = new ArrayList();
        int i = 0;
        for (String str2 : split) {
            int i2 = i;
            i++;
            if (i2 >= 2) {
                arrayList.add(GrouperUtil.escapeUrlDecode(str2));
            }
        }
        return arrayList;
    }
}
