package com.evolveum.midpoint.web.page.self;

import com.evolveum.midpoint.gui.api.component.result.OpResult;
import com.evolveum.midpoint.gui.api.model.LoadableModel;
import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
import com.evolveum.midpoint.prism.ItemFactory;
import com.evolveum.midpoint.prism.delta.ItemDelta;
import com.evolveum.midpoint.prism.delta.ObjectDelta;
import com.evolveum.midpoint.prism.path.ItemPath;
import com.evolveum.midpoint.prism.schema.SchemaRegistry;
import com.evolveum.midpoint.schema.SchemaConstantsGenerated;
import com.evolveum.midpoint.schema.constants.SchemaConstants;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.logging.LoggingUtils;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.web.component.AjaxSubmitButton;
import com.evolveum.midpoint.web.component.TabbedPanel;
import com.evolveum.midpoint.web.component.form.MidpointForm;
import com.evolveum.midpoint.web.component.progress.ProgressReporter;
import com.evolveum.midpoint.web.component.util.VisibleBehaviour;
import com.evolveum.midpoint.web.page.admin.home.dto.MyCredentialsDto;
import com.evolveum.midpoint.web.page.admin.home.dto.MyPasswordsDto;
import com.evolveum.midpoint.web.page.admin.home.dto.PasswordAccountDto;
import com.evolveum.midpoint.web.page.self.component.ChangePasswordPanel;
import com.evolveum.midpoint.web.page.self.component.SecurityQuestionsPanel;
import com.evolveum.midpoint.web.security.MidPointApplication;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPropagationUserControlType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType;
import java.lang.invoke.SerializedLambda;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import org.apache.wicket.Component;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.extensions.markup.html.tabs.AbstractTab;
import org.apache.wicket.extensions.markup.html.tabs.ITab;
import org.apache.wicket.markup.html.WebMarkupContainer;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.model.IModel;
import org.apache.wicket.model.Model;
import org.apache.wicket.model.PropertyModel;

/* loaded from: input_file:com/evolveum/midpoint/web/page/self/PageAbstractSelfCredentials.class */
public abstract class PageAbstractSelfCredentials extends PageSelf {
    private static final long serialVersionUID = 1;
    protected static final String ID_MAIN_FORM = "mainForm";
    private static final String ID_TAB_PANEL = "tabPanel";
    private static final String ID_SAVE_BUTTON = "save";
    private static final String ID_CANCEL_BUTTON = "cancel";
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) PageAbstractSelfCredentials.class);
    private static final String DOT_CLASS = PageSelfCredentials.class.getName() + ".";
    private static final String OPERATION_SAVE_PASSWORD = DOT_CLASS + "savePassword";
    private static final String OPERATION_CHECK_PASSWORD = DOT_CLASS + "checkPassword";
    private boolean savedPassword = false;
    private final IModel<MyCredentialsDto> model = new LoadableModel<MyCredentialsDto>(false) { // from class: com.evolveum.midpoint.web.page.self.PageAbstractSelfCredentials.1
        private static final long serialVersionUID = 1;

        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.evolveum.midpoint.gui.api.model.LoadableModel
        /* renamed from: load */
        public MyCredentialsDto load2() {
            return new MyCredentialsDto();
        }
    };

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.gui.api.page.PageBase, com.evolveum.midpoint.gui.api.page.PageAdminLTE, org.apache.wicket.Page, org.apache.wicket.MarkupContainer, org.apache.wicket.Component
    public void onInitialize() {
        super.onInitialize();
        initLayout();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.gui.api.page.PageBase
    public void createBreadcrumb() {
        super.createBreadcrumb();
        getLastBreadcrumb().setIcon(new Model("fa fa-shield-alt"));
    }

    private void initLayout() {
        MidpointForm midpointForm = new MidpointForm(ID_MAIN_FORM);
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(createDefaultTabs());
        arrayList.addAll(createSpecificTabs());
        TabbedPanel<ITab> createTabPanel = WebComponentUtil.createTabPanel(ID_TAB_PANEL, this, arrayList, null);
        createTabPanel.setOutputMarkupId(true);
        midpointForm.add(createTabPanel);
        initButtons(midpointForm);
        add(midpointForm);
    }

    protected Collection<? extends ITab> createSpecificTabs() {
        return new ArrayList();
    }

    private Collection<? extends ITab> createDefaultTabs() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new AbstractTab(createStringResource("PageSelfCredentials.tabs.password", new Object[0])) { // from class: com.evolveum.midpoint.web.page.self.PageAbstractSelfCredentials.2
            private static final long serialVersionUID = 1;

            @Override // org.apache.wicket.extensions.markup.html.tabs.AbstractTab, org.apache.wicket.extensions.markup.html.tabs.ITab
            public WebMarkupContainer getPanel(String str) {
                return new ChangePasswordPanel(str, new PropertyModel(PageAbstractSelfCredentials.this.model, MyCredentialsDto.F_MY_PASSOWRDS_DTO)) { // from class: com.evolveum.midpoint.web.page.self.PageAbstractSelfCredentials.2.1
                    private static final long serialVersionUID = 1;

                    @Override // com.evolveum.midpoint.web.page.self.component.ChangePasswordPanel
                    protected boolean shouldShowPasswordPropagation() {
                        return PageAbstractSelfCredentials.this.shouldLoadAccounts();
                    }

                    @Override // com.evolveum.midpoint.web.page.self.component.ChangePasswordPanel
                    protected boolean isCheckOldPassword() {
                        return PageAbstractSelfCredentials.this.isCheckOldPassword();
                    }

                    @Override // com.evolveum.midpoint.web.page.self.component.ChangePasswordPanel
                    protected boolean canEditPassword() {
                        return !PageAbstractSelfCredentials.this.savedPassword;
                    }
                };
            }
        });
        return arrayList;
    }

    private void initButtons(Form<?> form) {
        AjaxSubmitButton ajaxSubmitButton = new AjaxSubmitButton(ID_SAVE_BUTTON, createStringResource("PageBase.button.save", new Object[0])) { // from class: com.evolveum.midpoint.web.page.self.PageAbstractSelfCredentials.3
            private static final long serialVersionUID = 1;

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink
            public void onError(AjaxRequestTarget ajaxRequestTarget) {
                ajaxRequestTarget.add(PageAbstractSelfCredentials.this.getFeedbackPanel());
            }

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink
            public void onSubmit(AjaxRequestTarget ajaxRequestTarget) {
                PageAbstractSelfCredentials.this.onSavePerformed(ajaxRequestTarget);
            }
        };
        ajaxSubmitButton.add(new VisibleBehaviour(() -> {
            return Boolean.valueOf(!this.savedPassword);
        }));
        form.add(ajaxSubmitButton);
        form.add(new AjaxSubmitButton(ID_CANCEL_BUTTON, createStringResource("PageBase.button.back", new Object[0])) { // from class: com.evolveum.midpoint.web.page.self.PageAbstractSelfCredentials.4
            private static final long serialVersionUID = 1;

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink
            public void onError(AjaxRequestTarget ajaxRequestTarget) {
                PageAbstractSelfCredentials.this.onCancelPerformed();
            }

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink
            public void onSubmit(AjaxRequestTarget ajaxRequestTarget) {
                PageAbstractSelfCredentials.this.onCancelPerformed();
            }
        });
    }

    protected void onSavePerformed(AjaxRequestTarget ajaxRequestTarget) {
        if (getPasswordDto().getFocus() == null) {
            if (getFeedbackMessages().isEmpty()) {
                warn(getString("PageAbstractSelfCredentials.message.couldntLoadFocus.fatalError"));
            } else {
                getFeedbackMessages().forEach(feedbackMessage -> {
                    if (feedbackMessage.getMessage() instanceof OpResult) {
                        ((OpResult) feedbackMessage.getMessage()).setAlreadyShown(false);
                    }
                });
            }
            ajaxRequestTarget.add(getFeedbackPanel());
            return;
        }
        Component actualTabPanel = getActualTabPanel();
        if (!(actualTabPanel instanceof ChangePasswordPanel)) {
            if (actualTabPanel instanceof SecurityQuestionsPanel) {
                ((SecurityQuestionsPanel) actualTabPanel).onSavePerformed(ajaxRequestTarget);
                return;
            }
            return;
        }
        ProtectedStringType protectedStringType = null;
        if (isCheckOldPassword()) {
            LOGGER.debug("Check old password");
            MyPasswordsDto passwordDto = getPasswordDto();
            if (passwordDto.getOldPassword() == null || passwordDto.getOldPassword().trim().equals("")) {
                warn(getString("PageSelfCredentials.specifyOldPasswordMessage"));
                ajaxRequestTarget.add(getFeedbackPanel());
                return;
            }
            OperationResult operationResult = new OperationResult(OPERATION_CHECK_PASSWORD);
            Task createSimpleTask = createSimpleTask(OPERATION_CHECK_PASSWORD);
            try {
                try {
                    protectedStringType = new ProtectedStringType();
                    protectedStringType.setClearValue(passwordDto.getOldPassword());
                    if (!getModelInteractionService().checkPassword(passwordDto.getFocusOid(), protectedStringType, createSimpleTask, operationResult)) {
                        error(getString("PageSelfCredentials.incorrectOldPassword"));
                        ajaxRequestTarget.add(getFeedbackPanel());
                        operationResult.computeStatus();
                        return;
                    }
                    operationResult.computeStatus();
                } catch (Throwable th) {
                    operationResult.computeStatus();
                    throw th;
                }
            } catch (Exception e) {
                LoggingUtils.logUnexpectedException(LOGGER, "Couldn't check password", e, new Object[0]);
                operationResult.recordFatalError(getString("PageAbstractSelfCredentials.message.onSavePerformed.fatalError", e.getMessage()), e);
                ajaxRequestTarget.add(getFeedbackPanel());
                operationResult.computeStatus();
                return;
            }
        }
        if (getPasswordDto().getPassword() == null) {
            warn(getString("PageSelfCredentials.emptyPasswordFiled"));
            ajaxRequestTarget.add(getFeedbackPanel());
            return;
        }
        List<PasswordAccountDto> selectedAccountsList = getSelectedAccountsList();
        if (selectedAccountsList.isEmpty()) {
            warn(getString("PageSelfCredentials.noAccountSelected"));
            ajaxRequestTarget.add(getFeedbackPanel());
            return;
        }
        OperationResult operationResult2 = new OperationResult(OPERATION_SAVE_PASSWORD);
        ProgressReporter progressReporter = new ProgressReporter(MidPointApplication.get());
        progressReporter.getProgress().clear();
        progressReporter.setWriteOpResultForProgressActivity(true);
        progressReporter.recordExecutionStart();
        boolean z = true;
        try {
            try {
                ProtectedStringType password = getPasswordDto().getPassword();
                if (!password.isEncrypted()) {
                    WebComponentUtil.encryptProtectedString(password, true, getMidpointApplication());
                }
                ItemPath create = ItemPath.create(SchemaConstantsGenerated.C_CREDENTIALS, CredentialsType.F_PASSWORD, PasswordType.F_VALUE);
                SchemaRegistry schemaRegistry = getPrismContext().getSchemaRegistry();
                Collection<ObjectDelta<? extends ObjectType>> arrayList = new ArrayList<>();
                for (PasswordAccountDto passwordAccountDto : selectedAccountsList) {
                    ItemDelta createModificationReplaceProperty = getPrismContext().deltaFactory().property().createModificationReplaceProperty(create, passwordAccountDto.isMidpoint() ? schemaRegistry.findObjectDefinitionByCompileTimeClass(UserType.class) : schemaRegistry.findObjectDefinitionByCompileTimeClass(ShadowType.class), password);
                    if (protectedStringType != null) {
                        createModificationReplaceProperty.addEstimatedOldValue(getPrismContext().itemFactory().createPropertyValue((ItemFactory) protectedStringType));
                    }
                    arrayList.add(getPrismContext().deltaFactory().object().createModifyDelta(passwordAccountDto.getOid(), createModificationReplaceProperty, (Class) (passwordAccountDto.isMidpoint() ? UserType.class : ShadowType.class)));
                }
                getModelService().executeChanges(arrayList, null, createSimpleTask(OPERATION_SAVE_PASSWORD, SchemaConstants.CHANNEL_SELF_SERVICE_URI), Collections.singleton(progressReporter), operationResult2);
                operationResult2.computeStatus();
                progressReporter.recordExecutionStop();
                getPasswordDto().setProgress(progressReporter.getProgress());
                if (getActualTabPanel() != null) {
                    ((ChangePasswordPanel) getActualTabPanel()).updateResultColumnOfTable(ajaxRequestTarget);
                }
                operationResult2.computeStatusIfUnknown();
                if (shouldLoadAccounts()) {
                    z = false;
                    if (operationResult2.isError()) {
                        error(createStringResource("PageAbstractSelfCredentials.message.resultInTable.error", new Object[0]).getString());
                    } else {
                        success(createStringResource("PageAbstractSelfCredentials.message.resultInTable", new Object[0]).getString());
                    }
                }
                if (!operationResult2.isError()) {
                    this.savedPassword = true;
                    ajaxRequestTarget.add(get(ID_MAIN_FORM));
                }
            } catch (Exception e2) {
                setNullEncryptedPasswordData();
                LoggingUtils.logUnexpectedException(LOGGER, "Couldn't save password changes", e2, new Object[0]);
                operationResult2.recordFatalError(getString("PageAbstractSelfCredentials.save.password.failed", e2.getMessage()), e2);
                progressReporter.recordExecutionStop();
                getPasswordDto().setProgress(progressReporter.getProgress());
                if (getActualTabPanel() != null) {
                    ((ChangePasswordPanel) getActualTabPanel()).updateResultColumnOfTable(ajaxRequestTarget);
                }
                operationResult2.computeStatusIfUnknown();
                if (shouldLoadAccounts()) {
                    z = false;
                    if (operationResult2.isError()) {
                        error(createStringResource("PageAbstractSelfCredentials.message.resultInTable.error", new Object[0]).getString());
                    } else {
                        success(createStringResource("PageAbstractSelfCredentials.message.resultInTable", new Object[0]).getString());
                    }
                }
                if (!operationResult2.isError()) {
                    this.savedPassword = true;
                    ajaxRequestTarget.add(get(ID_MAIN_FORM));
                }
            }
            finishChangePassword(operationResult2, ajaxRequestTarget, z);
        } catch (Throwable th2) {
            progressReporter.recordExecutionStop();
            getPasswordDto().setProgress(progressReporter.getProgress());
            if (getActualTabPanel() != null) {
                ((ChangePasswordPanel) getActualTabPanel()).updateResultColumnOfTable(ajaxRequestTarget);
            }
            operationResult2.computeStatusIfUnknown();
            if (shouldLoadAccounts()) {
                if (operationResult2.isError()) {
                    error(createStringResource("PageAbstractSelfCredentials.message.resultInTable.error", new Object[0]).getString());
                } else {
                    success(createStringResource("PageAbstractSelfCredentials.message.resultInTable", new Object[0]).getString());
                }
            }
            if (!operationResult2.isError()) {
                this.savedPassword = true;
                ajaxRequestTarget.add(get(ID_MAIN_FORM));
            }
            throw th2;
        }
    }

    protected Component getActualTabPanel() {
        return get(createComponentPath(ID_MAIN_FORM, ID_TAB_PANEL, "panel"));
    }

    protected Component getSaveButton() {
        return get(createComponentPath(ID_MAIN_FORM, ID_SAVE_BUTTON));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setNullEncryptedPasswordData() {
        ProtectedStringType password = getPasswordDto().getPassword();
        if (password != null) {
            password.setEncryptedData(null);
        }
    }

    protected abstract boolean isCheckOldPassword();

    protected abstract void finishChangePassword(OperationResult operationResult, AjaxRequestTarget ajaxRequestTarget, boolean z);

    private void onCancelPerformed() {
        redirectBack();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public MyPasswordsDto getPasswordDto() {
        if (this.model.getObject2() == null) {
            return null;
        }
        return this.model.getObject2().getMyPasswordsDto();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public IModel<MyCredentialsDto> getModel() {
        return this.model;
    }

    protected boolean shouldLoadAccounts() {
        return getPasswordDto().getPropagation() == null || CredentialsPropagationUserControlType.USER_CHOICE.equals(getPasswordDto().getPropagation()) || CredentialsPropagationUserControlType.ONLY_MAPPING.equals(getPasswordDto().getPropagation()) || CredentialsPropagationUserControlType.IDENTITY_MANAGER_MANDATORY.equals(getPasswordDto().getPropagation());
    }

    protected List<PasswordAccountDto> getSelectedAccountsList() {
        List<PasswordAccountDto> accounts = getPasswordDto().getAccounts();
        ArrayList arrayList = new ArrayList();
        if (getPasswordDto().getPropagation() == null || !getPasswordDto().getPropagation().equals(CredentialsPropagationUserControlType.MAPPING)) {
            boolean z = false;
            ArrayList arrayList2 = new ArrayList();
            for (PasswordAccountDto passwordAccountDto : accounts) {
                if (passwordAccountDto.isMidpoint()) {
                    z = passwordAccountDto.isSelected();
                }
                if (passwordAccountDto.isSelected()) {
                    if (passwordAccountDto.isPasswordOutbound()) {
                        arrayList2.add(passwordAccountDto);
                    } else {
                        arrayList.add(passwordAccountDto);
                    }
                }
            }
            if (!z) {
                arrayList.addAll(arrayList2);
            }
        } else {
            arrayList.addAll(accounts);
        }
        return arrayList;
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case 1315079804:
                if (implMethodName.equals("lambda$initButtons$47ad9222$1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("com/evolveum/midpoint/web/component/util/SerializableSupplier") && serializedLambda.getFunctionalInterfaceMethodName().equals("get") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/evolveum/midpoint/web/page/self/PageAbstractSelfCredentials") && serializedLambda.getImplMethodSignature().equals("()Ljava/lang/Boolean;")) {
                    PageAbstractSelfCredentials pageAbstractSelfCredentials = (PageAbstractSelfCredentials) serializedLambda.getCapturedArg(0);
                    return () -> {
                        return Boolean.valueOf(!this.savedPassword);
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
