package com.ibm.bscape.rest.handler.action;

import com.ibm.bscape.exception.DuplicateKeyException;
import com.ibm.bscape.exception.MissingParameterException;
import com.ibm.bscape.objects.ACLRequest;
import com.ibm.bscape.objects.util.JSONPropertyConstants;
import com.ibm.bscape.repository.db.DocOwnershipsAccessBean;
import com.ibm.bscape.repository.db.DocumentACLAccessBean;
import com.ibm.bscape.repository.db.DocumentAccessBean;
import com.ibm.bscape.repository.db.RequestBean;
import com.ibm.bscape.repository.db.util.DBConnectionFactory;
import com.ibm.bscape.resource.BScapeMessageKeys;
import com.ibm.bscape.resource.Messages;
import com.ibm.bscape.rest.handler.RestHandler;
import com.ibm.bscape.rest.util.DateUtil;
import com.ibm.bscape.rest.util.EmailHelper;
import com.ibm.bscape.rest.util.ResponseStatusHelper;
import com.ibm.bscape.rest.util.RestConstants;
import com.ibm.bscape.security.UserRegistryManager;
import com.ibm.bscape.transaction.TransactionHandle;
import com.ibm.bscape.transaction.TransactionManager;
import com.ibm.json.java.JSONArray;
import com.ibm.json.java.JSONObject;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:lib/BusinessLeaderRuntime.jar:com/ibm/bscape/rest/handler/action/CreateRequestAction.class */
public class CreateRequestAction extends AbstractAction {
    private static final String CLASSNAME = CreateRequestAction.class.getName();
    protected static Logger logger = Logger.getLogger(CLASSNAME, null);

    public CreateRequestAction(RestHandler restHandler) {
        super(restHandler);
    }

    @Override // com.ibm.bscape.rest.handler.action.AbstractAction, com.ibm.bscape.rest.handler.action.Action
    public JSONObject execute(JSONObject jSONObject) {
        JSONObject jSONObject2;
        String str;
        String str2;
        String str3;
        String str4;
        String str5;
        String str6;
        TransactionHandle begin;
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "execute");
        }
        JSONObject jSONObject3 = new JSONObject();
        TransactionHandle transactionHandle = null;
        try {
            try {
                try {
                    jSONObject2 = (JSONObject) jSONObject.get("payload");
                    HashMap<String, String> queryStringMap = getQueryStringMap();
                    str = queryStringMap.get("spaceId");
                    str2 = (String) jSONObject.get("userdn");
                    str3 = queryStringMap.get(RestConstants.RESOURCE_ID);
                    str4 = queryStringMap.get("resourceType");
                    str5 = queryStringMap.get("requestType");
                    str6 = null;
                } catch (MissingParameterException e) {
                    if (logger.isLoggable(Level.SEVERE)) {
                        logger.logp(Level.SEVERE, CLASSNAME, "execute", e.getMessage(), (Throwable) e);
                    }
                    ResponseStatusHelper.setErrorCode(jSONObject3, e.getMessage(), 400);
                }
            } catch (DuplicateKeyException e2) {
                if (logger.isLoggable(Level.SEVERE)) {
                    logger.logp(Level.SEVERE, CLASSNAME, "execute", e2.getMessage(), (Throwable) e2);
                }
                ResponseStatusHelper.setErrorCode(jSONObject3, Messages.getMessage(BScapeMessageKeys.DUPLICATE_KEY_EXCEPTION, e2.getMessage().split(": "), getLocale()), HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
            } catch (Exception e3) {
                if (logger.isLoggable(Level.SEVERE)) {
                    logger.logp(Level.SEVERE, CLASSNAME, "execute", (String) null, (Throwable) e3);
                }
                ResponseStatusHelper.setGeneralThrowableStatus(jSONObject3, e3);
            }
            if (str == null) {
                throw new MissingParameterException("spaceId is missing in the URL query.");
            }
            if (str2 == null) {
                throw new MissingParameterException("userDn is missing in the URL query.");
            }
            JSONArray jSONArray = null;
            if (jSONObject2 != null) {
                if (jSONObject2.containsKey(JSONPropertyConstants.PROPERTIES)) {
                    str6 = (String) ((JSONObject) jSONObject2.get(JSONPropertyConstants.PROPERTIES)).get("reason");
                } else if (jSONObject2.containsKey("requests")) {
                    jSONArray = (JSONArray) jSONObject2.get("requests");
                }
            }
            String cn = UserRegistryManager.getManager().getProfile(str2).getCN();
            boolean z = false;
            String str7 = null;
            if (jSONArray == null) {
                checkParameters(str3, str4, str5);
                begin = TransactionManager.begin();
                if (!directlyGrantUserACL(str2, str3, str, str5)) {
                    String docOrgDN = new DocumentAccessBean().getDocOrgDN(str3);
                    if (docOrgDN == null) {
                        docOrgDN = RestConstants.DEFAULT_ORG_DN;
                    }
                    ACLRequest requestRecordExists = requestRecordExists(str3, str, str5);
                    if (requestRecordExists == null || requestRecordExists.getRequestType() == null) {
                        new RequestBean().createRequest(str2.toLowerCase(), cn, str, str3, str4, str5, RestConstants.ACL_REQUEST_PENDING, DateUtil.getCurrentISODate(), str6, docOrgDN);
                        EmailHelper.sendEmailNotificationForRequest(RestConstants.EMAIL_TYPE_REQUEST_EDIT_ACL, str, str3, str2.toLowerCase(), str6, getLocale());
                    } else if (requestRecordExists.getRequestType().equals("read") && str5.equals("edit")) {
                        new RequestBean().createRequest(str2.toLowerCase(), cn, str, str3, str4, str5, RestConstants.ACL_REQUEST_PENDING, DateUtil.getCurrentISODate(), str6, docOrgDN);
                        EmailHelper.sendEmailNotificationForRequest(RestConstants.EMAIL_TYPE_REQUEST_EDIT_ACL, str, str3, str2.toLowerCase(), str6, getLocale());
                    } else {
                        new RequestBean().createRequest(str2.toLowerCase(), cn, str, str3, str4, str5, RestConstants.ACL_REQUEST_DUPLICATE, DateUtil.getCurrentISODate(), str6, docOrgDN);
                        z = true;
                    }
                }
            } else {
                begin = TransactionManager.begin();
                for (int i = 0; i < jSONArray.size(); i++) {
                    JSONObject jSONObject4 = (JSONObject) jSONArray.get(i);
                    String str8 = (String) jSONObject4.get(RestConstants.RESOURCE_ID);
                    String str9 = (String) jSONObject4.get("resourceType");
                    String str10 = (String) jSONObject4.get("requestType");
                    String str11 = (String) jSONObject4.get("reason");
                    checkParameters(str8, str9, str10);
                    if (!directlyGrantUserACL(str2, str8, str, str10)) {
                        String docOrgDN2 = new DocumentAccessBean().getDocOrgDN(str8);
                        if (docOrgDN2 == null) {
                            docOrgDN2 = RestConstants.DEFAULT_ORG_DN;
                        }
                        ACLRequest requestRecordExists2 = requestRecordExists(str8, str, str10);
                        if (requestRecordExists2 == null || requestRecordExists2.getRequestType() == null) {
                            new RequestBean().createRequest(str2.toLowerCase(), cn, str, str8, str9, str10, RestConstants.ACL_REQUEST_PENDING, DateUtil.getCurrentISODate(), str11, docOrgDN2);
                            EmailHelper.sendEmailNotificationForRequest(RestConstants.EMAIL_TYPE_REQUEST_EDIT_ACL, str, str8, str2.toLowerCase(), str11, getLocale());
                        } else if (requestRecordExists2.getRequestType().equals("read") && str10.equals("edit")) {
                            new RequestBean().createRequest(str2.toLowerCase(), cn, str, str8, str9, str10, RestConstants.ACL_REQUEST_PENDING, DateUtil.getCurrentISODate(), str11, docOrgDN2);
                            EmailHelper.sendEmailNotificationForRequest(RestConstants.EMAIL_TYPE_REQUEST_EDIT_ACL, str, str8, str2.toLowerCase(), str11, getLocale());
                        } else {
                            new RequestBean().createRequest(str2.toLowerCase(), cn, str, str8, str9, str10, RestConstants.ACL_REQUEST_DUPLICATE, DateUtil.getCurrentISODate(), str11, docOrgDN2);
                            z = true;
                            str7 = str7 == null ? str8 : String.valueOf(str7) + ", " + str8;
                        }
                    }
                }
            }
            TransactionManager.commit(begin);
            transactionHandle = null;
            if (!z) {
                ResponseStatusHelper.setOkResultStatus(jSONObject3, 201, Messages.getMessage(BScapeMessageKeys.REQUEST_CREATE_OK, getLocale()));
            } else if (str7 == null) {
                ResponseStatusHelper.setErrorCode(jSONObject3, Messages.getMessage(BScapeMessageKeys.DUPLICATE_REQUEST_ACTION), 400);
            } else {
                ResponseStatusHelper.setErrorCode(jSONObject3, Messages.getMessage(BScapeMessageKeys.DUPLICATE_REQUEST_ACTION_BATCH, new String[]{resolveNames(str7)}), 400);
            }
            if (transactionHandle != null) {
                TransactionManager.rollback(transactionHandle);
            }
            if (logger.isLoggable(Level.FINER)) {
                logger.exiting(CLASSNAME, "execute", "return: " + jSONObject3.toString());
            }
            return jSONObject3;
        } catch (Throwable th) {
            if (0 != 0) {
                TransactionManager.rollback(null);
            }
            throw th;
        }
    }

    private String resolveNames(String str) throws SQLException {
        if (str == null || str.length() == 0) {
            return "";
        }
        Connection connection = null;
        String[] split = str.split(",");
        String str2 = null;
        try {
            DocumentAccessBean documentAccessBean = new DocumentAccessBean();
            connection = DBConnectionFactory.getInstance().getConnection();
            for (int i = 0; i < split.length; i++) {
                str2 = str2 == null ? documentAccessBean.getDocumentName(split[i].trim(), connection).getName() : String.valueOf(str2) + ", " + documentAccessBean.getDocumentName(split[i].trim(), connection).getName();
            }
            if (connection != null) {
                DBConnectionFactory.getInstance().closeConnection(connection);
            }
            return str2;
        } catch (Throwable th) {
            if (connection != null) {
                DBConnectionFactory.getInstance().closeConnection(connection);
            }
            throw th;
        }
    }

    private void checkParameters(String str, String str2, String str3) throws MissingParameterException {
        if (str == null) {
            throw new MissingParameterException("resourceId is missing in the URL query.");
        }
        if (str2 == null) {
            throw new MissingParameterException("resourceType is missing in the URL query.");
        }
        if (str3 == null) {
            throw new MissingParameterException("requestType is missing in the URL query.");
        }
    }

    private ACLRequest requestRecordExists(String str, String str2, String str3) throws SQLException {
        int i = 0;
        if (str3.equals("edit")) {
            i = 1;
        }
        int documentACLBySpace = new DocumentACLAccessBean().getDocumentACLBySpace(str, str2);
        if (i != documentACLBySpace && 1 != documentACLBySpace) {
            return new RequestBean().retrieveRequest(str2, str);
        }
        ACLRequest aCLRequest = new ACLRequest();
        aCLRequest.setRequestType(str3);
        return aCLRequest;
    }

    private boolean directlyGrantUserACL(String str, String str2, String str3, String str4) throws SQLException {
        boolean isDocOwner = new DocOwnershipsAccessBean().isDocOwner(str, str2);
        if (isDocOwner) {
            int i = 0;
            if ("edit".equals(str4)) {
                i = 1;
            }
            new DocumentACLAccessBean().create(str2, str3, i);
        }
        return isDocOwner;
    }
}
