package pl.edu.icm.cocos.web.controllers.security;

import java.util.Date;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.support.SessionStatus;
import org.springframework.web.servlet.ModelAndView;
import pl.edu.icm.cocos.services.api.ConfirmableActionService;
import pl.edu.icm.cocos.services.api.ConfirmableActionType;
import pl.edu.icm.cocos.services.api.model.ConfirmableActionRequest;
import pl.edu.icm.cocos.web.model.confirmableActions.ConfirmableAction;

@RequestMapping({"/action/execute/{actionToken}"})
/* loaded from: input_file:WEB-INF/classes/pl/edu/icm/cocos/web/controllers/security/ActionController.class */
public class ActionController {
    public static final String ACTION_OBJECT = "actionObject";
    private static final String ACTION_TOKEN = "actionToken";

    @Autowired
    private ConfirmableActionService confirmableActionService;
    private Map<ConfirmableActionType, ConfirmableAction> actionMap;

    @RequestMapping(method = {RequestMethod.GET})
    public ModelAndView executeGetActionHandler(@PathVariable("actionToken") String str, HttpServletRequest httpServletRequest) {
        ConfirmableActionRequest resolveRequest = this.confirmableActionService.resolveRequest(str);
        ConfirmableAction confirmableAction = this.actionMap.get(ConfirmableActionType.valueOf(resolveRequest.getActionName()));
        long timeout = confirmableAction.getTimeout();
        if (!resolveRequest.isEnabled()) {
            return returnViewWithError("cocos.portal.actions.errors.invalidated");
        }
        if (!confirmableAction.isValidForLoggedUser() && !(SecurityContextHolder.getContext().getAuthentication() instanceof AnonymousAuthenticationToken)) {
            return returnViewWithError("cocos.portal.actions.errors.loggedUser");
        }
        if (timeout > 0 && new Date().getTime() - resolveRequest.getCreationDate().getTime() > timeout) {
            this.confirmableActionService.invalidateAction(str);
            return returnViewWithError("cocos.portal.actions.errors.expired");
        }
        if (confirmableAction.invalidateAfterInvoke()) {
            this.confirmableActionService.invalidateAction(str);
        }
        return confirmableAction.controllerInvoke(str, resolveRequest.getParameters(), httpServletRequest);
    }

    private ModelAndView returnViewWithError(String str) {
        return new ModelAndView("actions/error.xhtml").addObject("message", str);
    }

    @RequestMapping(method = {RequestMethod.POST})
    public ModelAndView executePostActionHandler(@PathVariable("actionToken") String str, @ModelAttribute("actionObject") Object obj, BindingResult bindingResult, SessionStatus sessionStatus, HttpServletRequest httpServletRequest) {
        ConfirmableActionRequest resolveRequest = this.confirmableActionService.resolveRequest(str);
        ConfirmableAction confirmableAction = this.actionMap.get(resolveRequest.getActionName());
        if (!bindingResult.hasErrors() && !confirmableAction.invalidateAfterInvoke()) {
            this.confirmableActionService.invalidateAction(str);
        }
        return confirmableAction.controllerSubmit(str, resolveRequest.getParameters(), httpServletRequest, obj, bindingResult, sessionStatus);
    }

    public void setActionMap(Map<ConfirmableActionType, ConfirmableAction> map) {
        this.actionMap = map;
    }
}
