package org.rsna.servlets;

import java.io.File;
import java.util.HashSet;
import java.util.Hashtable;
import org.apache.log4j.Logger;
import org.rsna.server.HttpRequest;
import org.rsna.server.HttpResponse;
import org.rsna.server.User;
import org.rsna.server.Users;
import org.rsna.server.UsersXmlFileImpl;
import org.rsna.util.StringUtil;

/* loaded from: input_file:CovidClient/libraries/util.jar:org/rsna/servlets/UserManagerServlet.class */
public class UserManagerServlet extends Servlet {
    static final Logger logger = Logger.getLogger(UserManagerServlet.class);
    String home;

    public UserManagerServlet(File file, String str) {
        super(file, str);
        this.home = "/";
    }

    @Override // org.rsna.servlets.Servlet
    public void doGet(HttpRequest httpRequest, HttpResponse httpResponse) {
        httpResponse.setContentEncoding(httpRequest);
        Users users = Users.getInstance();
        if (!httpRequest.userHasRole("admin")) {
            httpResponse.setResponseCode(403);
            httpResponse.send();
            return;
        }
        if (!(users instanceof UsersXmlFileImpl)) {
            httpResponse.write("This servlet cannot manage the configured users class\n(" + users.getClass().getName() + ").");
            httpResponse.setContentType("txt");
            httpResponse.send();
        } else {
            if (httpRequest.hasParameter("suppress")) {
                this.home = "";
            }
            httpResponse.write(getPage((UsersXmlFileImpl) users));
            httpResponse.setContentType("html");
            httpResponse.disableCaching();
            httpResponse.send();
        }
    }

    @Override // org.rsna.servlets.Servlet
    public void doPost(HttpRequest httpRequest, HttpResponse httpResponse) {
        httpResponse.setContentEncoding(httpRequest);
        if (logger.isDebugEnabled()) {
            logger.debug("POST received from " + (httpRequest.isFromAuthenticatedUser() ? httpRequest.getUser().getUsername() : null) + " at " + httpRequest.getRemoteAddress() + "\n" + httpRequest.toString() + "\n");
            logger.debug("Headers:\n" + httpRequest.listHeaders(""));
            logger.debug("Cookies:\n" + httpRequest.listCookies(""));
            logger.debug("User has shutdown role: " + httpRequest.userHasRole("shutdown"));
            logger.debug("Request is from localhost: " + httpRequest.isFromLocalHost());
            logger.debug("Request is referred from context \"" + this.context + "\": " + httpRequest.isReferredFrom(this.context));
            logger.debug("Request contains suppress parameter: " + httpRequest.hasParameter("suppress"));
        }
        if (!httpRequest.userHasRole("admin") || !httpRequest.isReferredFrom(this.context)) {
            httpResponse.setResponseCode(403);
            httpResponse.send();
            return;
        }
        boolean z = httpRequest.userHasRole("shutdown") || httpRequest.isFromLocalHost();
        Users users = Users.getInstance();
        if (!(users instanceof UsersXmlFileImpl)) {
            httpResponse.setResponseCode(404);
            httpResponse.send();
            return;
        }
        UsersXmlFileImpl usersXmlFileImpl = (UsersXmlFileImpl) users;
        HashSet<String> roles = usersXmlFileImpl.getRoles();
        String[] parameterNames = httpRequest.getParameterNames();
        String[] strArr = new String[parameterNames.length];
        for (int i = 0; i < parameterNames.length; i++) {
            strArr[i] = httpRequest.getParameter(parameterNames[i]);
        }
        int maxIndex = getMaxIndex(parameterNames, "u") + 1;
        int maxIndex2 = getMaxIndex(parameterNames, "r") + 1;
        String[] strArr2 = new String[maxIndex2];
        for (int i2 = 0; i2 < maxIndex2; i2++) {
            strArr2[i2] = getValue(parameterNames, strArr, "r", i2);
        }
        Hashtable<String, User> hashtable = new Hashtable<>();
        if (!z) {
            String[] usernames = usersXmlFileImpl.getUsernames();
            for (int i3 = 0; i3 < usernames.length; i3++) {
                User user = usersXmlFileImpl.getUser(usernames[i3]);
                if (user.hasRole("shutdown")) {
                    hashtable.put(usernames[i3], user);
                }
            }
        }
        for (int i4 = 0; i4 < maxIndex; i4++) {
            String value = getValue(parameterNames, strArr, "u", i4);
            if (!value.equals("")) {
                User user2 = usersXmlFileImpl.getUser(value);
                if (user2 == null) {
                    user2 = new User(value, "");
                }
                if (z || !user2.hasRole("shutdown")) {
                    String trim = getValue(parameterNames, strArr, "p", i4).trim();
                    if (!trim.equals("")) {
                        user2.setPassword(usersXmlFileImpl.convertPassword(trim));
                    }
                    for (int i5 = 0; i5 < maxIndex2; i5++) {
                        String str = strArr2[i5];
                        boolean z2 = !getValue(parameterNames, strArr, "cb", i4, i5).equals("");
                        if (z || !str.equals("shutdown")) {
                            if (z2 && roles.contains(str)) {
                                user2.addRole(str);
                            } else {
                                user2.removeRole(str);
                            }
                        }
                    }
                    hashtable.put(value, user2);
                }
            }
        }
        usersXmlFileImpl.resetUsers(hashtable);
        if (httpRequest.hasParameter("suppress")) {
            this.home = "";
        }
        httpResponse.write(getPage(usersXmlFileImpl));
        httpResponse.setContentType("html");
        httpResponse.disableCaching();
        httpResponse.send();
    }

    private String getValue(String[] strArr, String[] strArr2, String str, int i) {
        return getValueFromName(strArr, strArr2, str + i);
    }

    private String getValue(String[] strArr, String[] strArr2, String str, int i, int i2) {
        return getValueFromName(strArr, strArr2, str + "u" + i + "r" + i2);
    }

    private String getValueFromName(String[] strArr, String[] strArr2, String str) {
        for (int i = 0; i < strArr.length; i++) {
            if (strArr[i].equals(str)) {
                String str2 = strArr2[i];
                return str2 == null ? "" : StringUtil.filterXSS(filter(str2.trim()));
            }
        }
        return "";
    }

    private int getMaxIndex(String[] strArr, String str) {
        int i = 0;
        for (int i2 = 0; i2 < strArr.length; i2++) {
            if (strArr[i2].startsWith(str)) {
                try {
                    int parseInt = Integer.parseInt(strArr[i2].substring(str.length()));
                    if (parseInt > i) {
                        i = parseInt;
                    }
                } catch (Exception e) {
                    logger.debug("Unparsable param value: \"" + strArr[i2] + "\"");
                }
            }
        }
        return i;
    }

    private String getPage(UsersXmlFileImpl usersXmlFileImpl) {
        String[] usernames = usersXmlFileImpl.getUsernames();
        String[] roleNames = usersXmlFileImpl.getRoleNames();
        StringBuffer stringBuffer = new StringBuffer();
        responseHead(stringBuffer);
        makeTableHeader(stringBuffer, roleNames);
        makeTableRows(stringBuffer, usersXmlFileImpl, usernames, roleNames);
        responseTail(stringBuffer);
        return stringBuffer.toString();
    }

    private void makeTableHeader(StringBuffer stringBuffer, String[] strArr) {
        stringBuffer.append("<thead>\n");
        stringBuffer.append(" <tr>\n");
        stringBuffer.append("  <th class=\"thl\">Username</th>\n");
        for (int i = 0; i < strArr.length; i++) {
            stringBuffer.append("<th class=\"thv\"><nobr>");
            stringBuffer.append("<input type=\"checkbox\" onclick=\"toggleRoles(" + i + ",event)\"/>&nbsp;" + strArr[i] + "</nobr>");
            stringBuffer.append("<input name=\"r" + i + "\" type=\"hidden\" value=\"" + strArr[i] + "\"/></th>\n");
        }
        stringBuffer.append("  <th class=\"thl\">Password</th>\n");
        stringBuffer.append(" </tr>\n");
        stringBuffer.append("</thead>\n");
    }

    private void makeTableRows(StringBuffer stringBuffer, UsersXmlFileImpl usersXmlFileImpl, String[] strArr, String[] strArr2) {
        for (int i = 0; i < strArr.length; i++) {
            stringBuffer.append("<tr>\n");
            stringBuffer.append(" <td class=\"tdu\"><input name=\"u" + i + "\" value=\"" + strArr[i] + "\"/></td>\n");
            for (int i2 = 0; i2 < strArr2.length; i2++) {
                stringBuffer.append("<td><input name=\"cbu" + i + "r" + i2 + "\" type=\"checkbox\"");
                if (usersXmlFileImpl.getUser(strArr[i]).hasRole(strArr2[i2])) {
                    stringBuffer.append(" checked=\"true\"");
                }
                stringBuffer.append("/></td>\n");
            }
            stringBuffer.append(" <td class=\"tdp\"><input name=\"p" + i + "\" type=\"password\" value=\"\"/></td>\n");
            stringBuffer.append(" </tr>\n");
        }
        stringBuffer.append("<tr>\n");
        stringBuffer.append("<td class=\"tdu\"><input name=\"u" + strArr.length + "\"/></td>\n");
        for (int i3 = 0; i3 < strArr2.length; i3++) {
            stringBuffer.append("<td><input name=\"cbu" + strArr.length + "r" + i3 + "\" type=\"checkbox\"/></td>\n");
        }
        stringBuffer.append(" <td class=\"tdp\"><input name=\"p" + strArr.length + "\"/></td>\n");
        stringBuffer.append(" </tr>\n");
    }

    private void responseHead(StringBuffer stringBuffer) {
        stringBuffer.append("<html>\n <head>\n  <title>User Manager</title>\n  <link rel=\"Stylesheet\" type=\"text/css\" media=\"all\" href=\"/BaseStyles.css\"></link>\n  <link rel=\"Stylesheet\" type=\"text/css\" media=\"all\" href=\"/JSPopup.css\"></link>\n  <link rel=\"Stylesheet\" type=\"text/css\" media=\"all\" href=\"/UserManagerServlet.css\"></link>\n  <script> var home = \"" + this.home + "\";</script>\n  <script language=\"JavaScript\" type=\"text/javascript\" src=\"/JSUtil.js\">;</script>\n  <script language=\"JavaScript\" type=\"text/javascript\" src=\"/JSPopup.js\">;</script>\n  <script language=\"JavaScript\" type=\"text/javascript\" src=\"/UserManagerServlet.js\">;</script>\n </head>\n <body>\n  <div style=\"float:right;\">\n");
        if (!this.home.equals("")) {
            stringBuffer.append("   <img src=\"/icons/home.png\"\n    onclick=\"window.open('" + this.home + "','_self');\"\n    style=\"margin:2px;\"\n    title=\"Return to the home page\"/>\n   <br>\n");
        }
        stringBuffer.append("   <img src=\"/icons/save.png\"\n    onclick=\"save();\"\n    style=\"margin:2px;\"\n    title=\"Save\"/>\n  </div>\n  <center>\n   <h1>User Manager</h1>\n   <p class=\"buttons\">\n     <input type=\"button\" onclick=\"showHideColumns()\" id=\"shRoles\" value=\"Hide Unused Roles\"/>\n     &nbsp;&nbsp;&nbsp;&nbsp;\n     <input type=\"button\" onclick=\"showRolesPopup()\" value=\"Show Role Definitions\"/>\n   </p>\n   <form id=\"formID\" action=\"/users\" method=\"post\" accept-charset=\"UTF-8\" action=\"\">\n");
        if (this.home.equals("")) {
            stringBuffer.append("   <input type=\"hidden\" name=\"suppress\" value=\"\"/>\n");
        }
        stringBuffer.append("    <table id=\"userTable\" border=\"1\">\n");
    }

    private void responseTail(StringBuffer stringBuffer) {
        stringBuffer.append("    </table>\n   </form>\n  </center>\n </body>\n</html>\n");
    }
}
