package org.craftercms.profile.controllers.rest;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.wordnik.swagger.annotations.Api;
import com.wordnik.swagger.annotations.ApiImplicitParam;
import com.wordnik.swagger.annotations.ApiOperation;
import com.wordnik.swagger.annotations.ApiParam;
import java.io.IOException;
import java.io.InputStream;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.profile.api.Profile;
import org.craftercms.profile.api.SortOrder;
import org.craftercms.profile.api.VerificationToken;
import org.craftercms.profile.api.exceptions.ProfileException;
import org.craftercms.profile.api.services.ProfileAttachment;
import org.craftercms.profile.api.services.ProfileService;
import org.craftercms.profile.exceptions.NoSuchProfileException;
import org.craftercms.profile.exceptions.ParamDeserializationException;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.multipart.MultipartFile;

@RequestMapping({"/api/1/profile"})
@Api(value = "profile", basePath = "/api/1/profile", description = "Profile operations")
@Controller
/* loaded from: input_file:org/craftercms/profile/controllers/rest/ProfileController.class */
public class ProfileController {
    private static final TypeReference<Map<String, Object>> ATTRIBUTES_TYPE_REFERENCE = new TypeReference<Map<String, Object>>() { // from class: org.craftercms.profile.controllers.rest.ProfileController.1
    };
    protected ProfileService profileService;
    protected ObjectMapper objectMapper;

    @Required
    public void setProfileService(ProfileService profileService) {
        this.profileService = profileService;
    }

    @Required
    public void setObjectMapper(ObjectMapper objectMapper) {
        this.objectMapper = objectMapper;
    }

    @RequestMapping(value = {"/create"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Creates a new profile for a specific tenant name")
    @ResponseBody
    public Profile createProfile(@RequestParam("tenantName") @ApiParam("The name of the tenant to add the profile to") String str, @RequestParam("username") @ApiParam("The profile's username") String str2, @RequestParam(value = "password", required = false) @ApiParam("The profile's password") String str3, @RequestParam("email") @ApiParam("The profile's email") String str4, @RequestParam("enabled") @ApiParam("If the profile should be enabled or not") boolean z, @RequestParam(value = "role", required = false) @ApiParam("The profile's roles") Set<String> set, @RequestParam(value = "attributes", required = false) @ApiParam("The additional attributes to add to the profile (specify a JSON string)") String str5, @RequestParam(value = "verificationUrl", required = false) @ApiParam("The URL (sans token) the user needs to go in case it needs to verify the created profile (verification depends on tenant)") String str6) throws ProfileException {
        return this.profileService.createProfile(str, str2, str3, str4, z, set, deserializeAttributes(str5), str6);
    }

    @RequestMapping(value = {"/{id}/update"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Updates the profile's info")
    @ResponseBody
    public Profile updateProfile(@PathVariable("id") @ApiParam("The profile's ID") String str, @RequestParam(value = "username", required = false) @ApiParam("The new username for the profile") String str2, @RequestParam(value = "password", required = false) @ApiParam("The new password for the profile") String str3, @RequestParam(value = "email", required = false) @ApiParam("The new email for the profile") String str4, @RequestParam(value = "enabled", required = false) @ApiParam("If the profile should be enabled or not") Boolean bool, @RequestParam(value = "role", required = false) @ApiParam("The new roles for the profile") Set<String> set, @RequestParam(value = "attributes", required = false) @ApiParam("The attributes to update (specify a JSON string)") String str5, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.updateProfile(str, str2, str3, str4, bool, set, deserializeAttributes(str5), strArr);
    }

    @RequestMapping(value = {"/{id}/enable"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Enables a profile")
    @ResponseBody
    public Profile enableProfile(@PathVariable("id") @ApiParam("The profile's ID") String str, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.enableProfile(str, strArr);
    }

    @RequestMapping(value = {"/{id}/disable"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Disables a profile")
    @ResponseBody
    public Profile disableProfile(@PathVariable("id") @ApiParam("The profile's ID") String str, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.disableProfile(str, strArr);
    }

    @RequestMapping(value = {"/{id}/roles/add"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Assigns roles to a profile")
    @ResponseBody
    public Profile addRoles(@PathVariable("id") @ApiParam("The profile's ID") String str, @RequestParam("role") @ApiParam("The roles to assign") Collection<String> collection, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.addRoles(str, collection, strArr);
    }

    @RequestMapping(value = {"/{id}/roles/remove"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Removes assigned roles from a profile")
    @ResponseBody
    public Profile removeRoles(@PathVariable("id") @ApiParam("The profile's ID") String str, @RequestParam("role") @ApiParam("The roles to remove") Collection<String> collection, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.removeRoles(str, collection, strArr);
    }

    @RequestMapping(value = {"/verify"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Sets the profile as verified if the verification token is valid")
    @ResponseBody
    public Profile verifyProfile(@RequestParam("verificationTokenId") @ApiParam("The verification token ID") String str, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.verifyProfile(str, strArr);
    }

    @RequestMapping(value = {"/{id}/attributes"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns the attributes of a profile")
    @ResponseBody
    public Map<String, Object> getAttributes(@PathVariable("id") @ApiParam("The profile's ID") String str, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.getAttributes(str, strArr);
    }

    @RequestMapping(value = {"/{id}/attributes/update"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation(value = "Updates the attributes of a profile", notes = "The specified attributes will be merged with existing attributes")
    @ResponseBody
    public Profile updateAttributes(@PathVariable("id") @ApiParam("The profile's ID") String str, @ApiParam("The new attributes") @RequestBody Map<String, Object> map, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.updateAttributes(str, map, strArr);
    }

    @RequestMapping(value = {"/{id}/attributes/remove"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Removes a list of attributes of a profile")
    @ResponseBody
    public Profile removeAttributes(@PathVariable("id") @ApiParam("The profile's ID") String str, @RequestParam("attributeName") @ApiParam("The name of the attributes to remove") Collection<String> collection, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.removeAttributes(str, collection, strArr);
    }

    @RequestMapping(value = {"/{id}/delete"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Deletes a profile")
    @ResponseStatus(HttpStatus.OK)
    public void deleteProfile(@PathVariable("id") @ApiParam("The profile's ID") String str) throws ProfileException {
        this.profileService.deleteProfile(str);
    }

    @RequestMapping(value = {"/one_by_query"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns the single profile that matches the specified query")
    @ResponseBody
    public Profile getProfileByQuery(@RequestParam("tenantName") @ApiParam("The tenant's name") String str, @RequestParam("query") @ApiParam("The Mongo query used to search for the profiles. Must not contain the $where operator, the tenant's name (already specified) or any non-readable attribute by the application") String str2, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.getProfileByQuery(str, str2, strArr);
    }

    @RequestMapping(value = {"/{id}"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns the profile for the specified ID")
    @ResponseBody
    public Profile getProfile(@PathVariable("id") @ApiParam("The profile's ID") String str, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.getProfile(str, strArr);
    }

    @RequestMapping(value = {"/by_username"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns the user for the specified tenant and username")
    @ResponseBody
    public Profile getProfileByUsername(@RequestParam("tenantName") @ApiParam("The tenant's name") String str, @RequestParam("username") @ApiParam("The profile's username") String str2, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.getProfileByUsername(str, str2, strArr);
    }

    @RequestMapping(value = {"/by_ticket"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns the profile for the specified ticket")
    @ResponseBody
    public Profile getProfileByTicket(@RequestParam("ticketId") @ApiParam("The ID ticket of the authenticated profile") String str, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.getProfileByTicket(str, strArr);
    }

    @RequestMapping(value = {"/count"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns the number of profiles of the specified tenant")
    @ResponseBody
    public long getProfileCount(@RequestParam("tenantName") @ApiParam("The tenant's name") String str) throws ProfileException {
        return this.profileService.getProfileCount(str);
    }

    @RequestMapping(value = {"/count_by_query"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns the number of profiles that match the query for the specified tenant")
    @ResponseBody
    public long getProfileCount(@RequestParam("tenantName") @ApiParam("The tenant's name") String str, @RequestParam("query") @ApiParam("The Mongo query used to search for the profiles. Must not contain the $where operator, the tenant's name (already specified) or any non-readable attribute by the application") String str2) throws ProfileException {
        return this.profileService.getProfileCountByQuery(str, str2);
    }

    @RequestMapping(value = {"/by_query"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns the profiles that match the specified query")
    @ResponseBody
    public List<Profile> getProfilesByQuery(@RequestParam("tenantName") @ApiParam("The tenant's name") String str, @RequestParam("query") @ApiParam("The Mongo query used to search for the profiles. Must not contain the $where operator, the tenant's name (already specified) or any non-readable attribute by the application") String str2, @RequestParam(value = "sortBy", required = false) @ApiParam("Profile attribute to sort the list by") String str3, @RequestParam(value = "sortOrder", required = false) @ApiParam("The sort order (either ASC or DESC)") SortOrder sortOrder, @RequestParam(value = "start", required = false) @ApiParam("From the entire list of results, the position where the actual results should start (useful for pagination)") Integer num, @RequestParam(value = "count", required = false) @ApiParam("The number of profiles to return") Integer num2, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.getProfilesByQuery(str, str2, str3, sortOrder, num, num2, strArr);
    }

    @RequestMapping(value = {"/by_ids"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns a list of profiles for the specified list of IDs")
    @ResponseBody
    public Iterable<Profile> getProfileByIds(@RequestParam("id") @ApiParam("The IDs of the profiles to look for") List<String> list, @RequestParam(value = "sortBy", required = false) @ApiParam("Profile attribute to sort the list by") String str, @RequestParam(value = "sortOrder", required = false) @ApiParam("The sort order (either ASC or DESC)") SortOrder sortOrder, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.getProfilesByIds(list, str, sortOrder, strArr);
    }

    @RequestMapping(value = {"/range"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns a range of profiles for the specified tenant")
    @ResponseBody
    public Iterable<Profile> getProfileRange(@RequestParam("tenantName") @ApiParam("The tenant's name") String str, @RequestParam(value = "sortBy", required = false) @ApiParam("Profile attribute to sort the list by") String str2, @RequestParam(value = "sortOrder", required = false) @ApiParam("The sort order (either ASC or DESC)") SortOrder sortOrder, @RequestParam(value = "start", required = false) @ApiParam("From the entire list of results, the position where the actual results should start (useful for pagination)") Integer num, @RequestParam(value = "count", required = false) @ApiParam("The number of profiles to return") Integer num2, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.getProfileRange(str, str2, sortOrder, num, num2, strArr);
    }

    @RequestMapping(value = {"/by_role"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns a list of profiles for a specific role and tenant")
    @ResponseBody
    public Iterable<Profile> getProfilesByRole(@RequestParam("tenantName") @ApiParam("The tenant's name") String str, @RequestParam("role") @ApiParam("The role's name") String str2, @RequestParam(value = "sortBy", required = false) @ApiParam("Profile attribute to sort the list by") String str3, @RequestParam(value = "sortOrder", required = false) @ApiParam("The sort order (either ASC or DESC)") SortOrder sortOrder, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.getProfilesByRole(str, str2, str3, sortOrder, strArr);
    }

    @RequestMapping(value = {"/by_existing_attribute"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns the list of profiles that have the given attribute, with any value")
    @ResponseBody
    public Iterable<Profile> getProfilesByExistingAttribute(@RequestParam("tenantName") @ApiParam("The tenant's name") String str, @RequestParam("attributeName") @ApiParam("The name of the attribute profiles must have") String str2, @RequestParam(value = "sortBy", required = false) @ApiParam("Profile attribute to sort the list by") String str3, @RequestParam(value = "sortOrder", required = false) @ApiParam("The sort order (either ASC or DESC)") SortOrder sortOrder, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.getProfilesByExistingAttribute(str, str2, str3, sortOrder, strArr);
    }

    @RequestMapping(value = {"/by_attribute_value"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns the list of profiles that have the given attribute with the given value")
    @ResponseBody
    public Iterable<Profile> getProfilesByAttributeValue(@RequestParam("tenantName") @ApiParam("The tenant's name") String str, @RequestParam("attributeName") @ApiParam("The name of the attribute profiles must have") String str2, @RequestParam("attributeValue") @ApiParam("The value of the attribute profiles must have") String str3, @RequestParam(value = "sortBy", required = false) @ApiParam("Profile attribute to sort the list by") String str4, @RequestParam(value = "sortOrder", required = false) @ApiParam("The sort order (either ASC or DESC)") SortOrder sortOrder, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.getProfilesByAttributeValue(str, str2, str3, str4, sortOrder, strArr);
    }

    @RequestMapping(value = {"/{id}/reset_password"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Sends an email to the profile's user to indicate that the password needs to be reset")
    @ResponseBody
    public Profile resetPassword(@PathVariable("id") @ApiParam("The profile's ID") String str, @RequestParam("resetPasswordUrl") @ApiParam("The base URL to use to build the final URL the profile will use to reset their password.") String str2, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.resetPassword(str, str2, strArr);
    }

    @RequestMapping(value = {"/change_password"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Resets a profile's password")
    @ResponseBody
    public Profile changePassword(@RequestParam("resetTokenId") @ApiParam("The reset token ID") String str, @RequestParam("newPassword") @ApiParam("The new password") String str2, @RequestParam(value = "attributeToReturn", required = false) @ApiParam("The name of the attributes to return (don't specify to return all)") String[] strArr) throws ProfileException {
        return this.profileService.changePassword(str, str2, strArr);
    }

    @RequestMapping(value = {"/{id}/verification_token/create"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation(value = "Creates a token that can be sent to the user in an email as a link", notes = "After the user clicks the link, the token then can be passed to verifyProfile or changePassword to verify that the user agrees")
    @ResponseBody
    public VerificationToken createVerificationToken(@PathVariable("id") @ApiParam("The profile ID of the user that needs to be contacted") String str) throws ProfileException {
        return this.profileService.createVerificationToken(str);
    }

    @RequestMapping(value = {"/verification_token/{id}"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation("Returns the verification token that corresponds to the given ID")
    @ResponseBody
    public VerificationToken getVerificationToken(@PathVariable("id") @ApiParam("The token ID") String str) throws ProfileException {
        return this.profileService.getVerificationToken(str);
    }

    @RequestMapping(value = {"/verification_token/{id}/delete"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "accessTokenId", required = true, dataType = "string", paramType = "query", value = "The ID of the application access token")
    @ApiOperation(value = "Deletes a verification token when it's not needed anymore", notes = "Not necessary to call if verifyProfile or changePassword, since they already delete the token")
    @ResponseStatus(HttpStatus.OK)
    public void deleteVerificationToken(@PathVariable("id") @ApiParam("The ID of the token to delete") String str) throws ProfileException {
        this.profileService.deleteVerificationToken(str);
    }

    @RequestMapping(value = {"/{id}/uploadAttachment"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "attachment", required = true, dataType = "file", paramType = "file", value = "File to be uploaded")
    @ApiOperation(value = "Upload a attachment to the current profile.", notes = "If the mime type of the attachment is not on the valid list will fail")
    @ResponseBody
    public ProfileAttachment uploadProfileAttachment(@PathVariable("id") @ApiParam("The profile's ID") String str, MultipartFile multipartFile) throws ProfileException {
        Profile profile = this.profileService.getProfile(str, new String[0]);
        if (profile == null) {
            throw new NoSuchProfileException(str);
        }
        try {
            return this.profileService.addProfileAttachment(profile.getId().toString(), multipartFile.getOriginalFilename(), multipartFile.getInputStream());
        } catch (IOException e) {
            throw new ProfileException("Unable to upload Attachment", e);
        }
    }

    @RequestMapping(value = {"/{id}/attachments/"}, method = {RequestMethod.GET})
    @ResponseBody
    @ApiOperation(value = "Gets all attachments for the given Profile", notes = "If profile does not exist")
    public List<ProfileAttachment> getAttachments(@PathVariable("id") @ApiParam("The profile's ID") String str) throws ProfileException, IOException {
        Profile profile = this.profileService.getProfile(str, new String[0]);
        if (profile != null) {
            return this.profileService.getProfileAttachments(profile.getId().toString());
        }
        throw new NoSuchProfileException(str);
    }

    @RequestMapping(value = {"/{id}/attachment/{attachmentId}/details"}, method = {RequestMethod.GET})
    @ResponseBody
    @ApiOperation(value = "Gets all attachments for the given Profile", notes = "If profile does not exist")
    public ProfileAttachment getAttachmentDetails(@PathVariable("id") @ApiParam("The profile's ID") String str, @PathVariable("attachmentId") @ApiParam("Attachment Id to get") String str2) throws ProfileException, IOException {
        Profile profile = this.profileService.getProfile(str, new String[0]);
        if (profile != null) {
            return this.profileService.getProfileAttachmentInformation(profile.getId().toString(), str2);
        }
        throw new NoSuchProfileException(str);
    }

    @RequestMapping(value = {"/{id}/attachment/{attachmentId}"}, method = {RequestMethod.GET})
    @ApiOperation(value = "Gets the requested attachment of the given profile", notes = "If Attachment or profile does not exist will throw error, content-type,content-legnth headers are set")
    public void getAttachment(@PathVariable("id") @ApiParam("The profile's ID") String str, @PathVariable("attachmentId") @ApiParam("Attachment Id to get") String str2, HttpServletResponse httpServletResponse) throws ProfileException, IOException {
        Profile profile = this.profileService.getProfile(str, new String[0]);
        if (profile != null) {
            InputStream inputStream = null;
            try {
                try {
                    inputStream = this.profileService.getProfileAttachment(str2, profile.getId().toString());
                    if (inputStream != null) {
                        ProfileAttachment profileAttachmentInformation = this.profileService.getProfileAttachmentInformation(profile.getId().toString(), str2);
                        httpServletResponse.setContentType(profileAttachmentInformation.getContentType());
                        httpServletResponse.setContentLength((int) profileAttachmentInformation.getFileSizeBytes());
                        IOUtils.copy(inputStream, httpServletResponse.getOutputStream());
                    }
                    if (inputStream != null) {
                        inputStream.close();
                    }
                } catch (ProfileException e) {
                    httpServletResponse.sendError(404);
                    httpServletResponse.setContentLength(0);
                    if (inputStream != null) {
                        inputStream.close();
                    }
                }
            } catch (Throwable th) {
                if (inputStream != null) {
                    inputStream.close();
                }
                throw th;
            }
        }
        throw new NoSuchProfileException(str);
    }

    protected Map<String, Object> deserializeAttributes(String str) throws ParamDeserializationException {
        Map<String, Object> map = null;
        if (StringUtils.isNotEmpty(str)) {
            try {
                map = (Map) this.objectMapper.readValue(str, ATTRIBUTES_TYPE_REFERENCE);
            } catch (IOException e) {
                throw new ParamDeserializationException(e);
            }
        }
        return map;
    }
}
