package com.atlassian.stash.internal.web.users;

import com.atlassian.soy.springmvc.errors.ErrorUtils;
import com.atlassian.stash.auth.HttpAuthenticationContext;
import com.atlassian.stash.exception.MailException;
import com.atlassian.stash.i18n.I18nService;
import com.atlassian.stash.internal.web.auth.IgnoresXsrf;
import com.atlassian.stash.internal.web.soy.StashSoyResponseBuilder;
import com.atlassian.stash.mail.MailService;
import com.atlassian.stash.user.DetailedUser;
import com.atlassian.stash.user.Permission;
import com.atlassian.stash.user.SecurityService;
import com.atlassian.stash.user.StashUser;
import com.atlassian.stash.user.UserAdminService;
import com.atlassian.stash.user.UserService;
import com.atlassian.stash.util.UncheckedOperation;
import javax.validation.Valid;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.validation.Errors;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

@Controller
/* loaded from: input_file:WEB-INF/classes/com/atlassian/stash/internal/web/users/PasswordResetController.class */
public class PasswordResetController {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) PasswordResetController.class);
    private static final String RESET_PASSWORD_FORM = "stash.users.passwordReset";
    private static final String RESET_PASSWORD_ACKNOWLEDGMENT = "stash.users.passwordResetReceived";
    private static final String CONFIRM_RESET_PASSWORD = "stash.users.passwordResetConfirm";
    private static final String CONFIRM_PASSWORD_SET = "stash.users.passwordSet";
    private final I18nService i18nService;
    private final MailService mailService;
    private final SecurityService securityService;
    private final UserAdminService userAdminService;
    private final UserService userService;

    @Autowired
    public PasswordResetController(I18nService i18nService, MailService mailService, SecurityService securityService, UserAdminService userAdminService, UserService userService) {
        this.i18nService = i18nService;
        this.mailService = mailService;
        this.securityService = securityService;
        this.userAdminService = userAdminService;
        this.userService = userService;
    }

    @RequestMapping(value = {"/passwordreset"}, method = {RequestMethod.GET}, params = {"token"})
    public ModelAndView displayPasswordForm(@RequestParam String str) {
        return new ModelAndView(CONFIRM_RESET_PASSWORD, HttpAuthenticationContext.METHOD_FORM, new ResetPasswordForm(str, this.userAdminService.findUserByPasswordResetToken(str)));
    }

    @RequestMapping(value = {"/passwordreset"}, method = {RequestMethod.GET})
    public ModelAndView displayRequestForm() {
        return buildRequestForm(null, false, false, new String[0]);
    }

    @RequestMapping(value = {"/passwordreset"}, method = {RequestMethod.POST}, params = {"token"})
    @IgnoresXsrf
    public ModelAndView resetPassword(@Valid ResetPasswordForm resetPasswordForm, Errors errors) {
        if (errors.hasErrors()) {
            return new StashSoyResponseBuilder(CONFIRM_RESET_PASSWORD).put(HttpAuthenticationContext.METHOD_FORM, resetPasswordForm).putValidationErrors(errors).build();
        }
        try {
            this.userAdminService.resetPassword(resetPasswordForm.getToken(), resetPasswordForm.getPassword());
            return new ModelAndView(CONFIRM_PASSWORD_SET);
        } catch (Exception e) {
            return new StashSoyResponseBuilder(CONFIRM_RESET_PASSWORD).put(HttpAuthenticationContext.METHOD_FORM, resetPasswordForm).putFormErrors(e.getLocalizedMessage()).build();
        }
    }

    @RequestMapping(value = {"/passwordreset"}, method = {RequestMethod.POST})
    @IgnoresXsrf
    public ModelAndView submitRequest(@RequestParam String str) {
        final StashUser findUserByNameOrEmail = this.userService.findUserByNameOrEmail(str);
        if (findUserByNameOrEmail == null) {
            return buildRequestForm(str, true, false, new String[0]);
        }
        DetailedUser detailedUser = (DetailedUser) this.securityService.withPermission(Permission.ADMIN, "Retrieving mutability details for password reset").call(new UncheckedOperation<DetailedUser>() { // from class: com.atlassian.stash.internal.web.users.PasswordResetController.1
            @Override // com.atlassian.stash.util.UncheckedOperation, com.atlassian.stash.util.Operation
            /* renamed from: perform */
            public DetailedUser mo1438perform() {
                return PasswordResetController.this.userAdminService.getUserDetails(findUserByNameOrEmail);
            }
        });
        if (!detailedUser.isMutableDetails()) {
            return buildRequestForm(str, false, true, new String[0]);
        }
        try {
            this.userAdminService.requestPasswordReset(detailedUser.getName());
            return new ModelAndView(RESET_PASSWORD_ACKNOWLEDGMENT);
        } catch (MailException e) {
            log.error("A password reset e-mail could not be sent to " + str, (Throwable) e);
            return buildRequestForm(str, false, false, this.i18nService.getMessage("stash.web.user.password.reset.mail.error", new Object[0]));
        } catch (Exception e2) {
            return buildRequestForm(str, false, false, ErrorUtils.getLocalizedMessageOfRootCause(e2));
        }
    }

    private ModelAndView buildRequestForm(String str, boolean z, boolean z2, String... strArr) {
        return new StashSoyResponseBuilder(RESET_PASSWORD_FORM).put("canSendEmail", Boolean.valueOf(this.mailService.isHostConfigured())).put("identifier", str).put("userNotFound", Boolean.valueOf(z)).put("userNotEditable", Boolean.valueOf(z2)).putFormErrors(strArr).build();
    }
}
