package org.aspcfs.modules.login.actions;

import com.darkhorseventures.database.ConnectionElement;
import com.darkhorseventures.database.ConnectionPool;
import com.darkhorseventures.framework.actions.ActionContext;
import com.darkhorseventures.framework.hooks.CustomHook;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.Date;
import java.util.Hashtable;
import javax.servlet.http.HttpSession;
import org.aspcfs.controller.ApplicationPrefs;
import org.aspcfs.controller.SecurityHook;
import org.aspcfs.controller.SessionManager;
import org.aspcfs.controller.SystemStatus;
import org.aspcfs.controller.UserSession;
import org.aspcfs.modules.actions.CFSModule;
import org.aspcfs.modules.admin.base.User;
import org.aspcfs.modules.admin.base.UserList;
import org.aspcfs.modules.documents.base.DocumentStoreTeamMemberList;
import org.aspcfs.modules.login.beans.LoginBean;
import org.aspcfs.modules.login.beans.UserBean;
import org.aspcfs.modules.system.base.Site;
import org.aspcfs.modules.system.base.SiteList;
import org.aspcfs.utils.DatabaseUtils;
import org.aspcfs.utils.LDAPUtils;

/* loaded from: input_file:org/aspcfs/modules/login/actions/Login.class */
public final class Login extends CFSModule {
    public static final String fs = System.getProperty("file.separator");

    @Override // org.aspcfs.modules.actions.CFSModule
    public String executeCommandDefault(ActionContext actionContext) {
        ApplicationPrefs applicationPrefs = (ApplicationPrefs) actionContext.getServletContext().getAttribute("applicationPrefs");
        Connection connection = null;
        try {
            try {
                Site retrieveSite = SecurityHook.retrieveSite(actionContext.getServletContext(), actionContext.getRequest());
                ConnectionElement connectionElement = retrieveSite.getConnectionElement();
                actionContext.getSession().setAttribute("ConnectionElement", connectionElement);
                connection = getConnection(actionContext, connectionElement);
                SecurityHook.retrieveSystemStatus(actionContext.getServletContext(), connection, connectionElement, retrieveSite.getLanguage());
                freeConnection(actionContext, connection);
            } catch (Exception e) {
                System.out.println("Login-> Default error: " + e.getMessage());
                freeConnection(actionContext, connection);
            }
            String scheme = actionContext.getRequest().getScheme();
            if ("true".equals((String) actionContext.getServletContext().getAttribute("ForceSSL")) && scheme.equals("http")) {
                actionContext.getRequest().setAttribute("LAYOUT.JSP", applicationPrefs.get("LAYOUT.JSP.WELCOME"));
                return "IndexPageOK";
            }
            actionContext.getRequest().setAttribute("LAYOUT.JSP", applicationPrefs.get("LAYOUT.JSP.LOGIN"));
            return "IndexPageOK";
        } catch (Throwable th) {
            freeConnection(actionContext, connection);
            throw th;
        }
    }

    public String executeCommandLogin(ActionContext actionContext) {
        boolean populateLoginContext;
        ApplicationPrefs applicationPrefs = (ApplicationPrefs) actionContext.getServletContext().getAttribute("applicationPrefs");
        LoginBean loginBean = (LoginBean) actionContext.getFormBean();
        loginBean.checkURL(actionContext);
        String username = loginBean.getUsername();
        String password = loginBean.getPassword();
        String serverName = actionContext.getRequest().getServerName();
        String pref = getPref(actionContext, "GATEKEEPER.DRIVER");
        String pref2 = getPref(actionContext, "GATEKEEPER.URL");
        String pref3 = getPref(actionContext, "GATEKEEPER.USER");
        String pref4 = getPref(actionContext, "GATEKEEPER.PASSWORD");
        String pref5 = getPref(actionContext, "GATEKEEPER.APPCODE");
        ConnectionElement connectionElement = new ConnectionElement(pref2, pref3, pref4);
        connectionElement.setDriver(pref);
        ConnectionPool connectionPool = (ConnectionPool) actionContext.getServletContext().getAttribute("ConnectionPool");
        if (connectionPool == null) {
            loginBean.setMessage("Connection pool missing!");
            return "LoginRetry";
        }
        Connection connection = null;
        ConnectionElement connectionElement2 = null;
        try {
            try {
                if ("true".equals((String) actionContext.getServletContext().getAttribute("WEBSERVER.ASPMODE"))) {
                    connection = connectionPool.getConnection(connectionElement);
                    SiteList siteList = new SiteList();
                    siteList.setSiteCode(pref5);
                    siteList.setVirtualHost(serverName);
                    siteList.buildList(connection);
                    if (siteList.size() > 0) {
                        Site site = (Site) siteList.get(0);
                        connectionElement2 = new ConnectionElement(site.getDatabaseUrl(), site.getDatabaseUsername(), site.getDatabasePassword());
                        connectionElement2.setDbName(site.getDatabaseName());
                        connectionElement2.setDriver(site.getDatabaseDriver());
                    } else {
                        loginBean.setMessage("* Access denied: Host does not exist (" + serverName + ")");
                    }
                } else {
                    connectionElement2 = new ConnectionElement(pref2, pref3, pref4);
                    connectionElement2.setDbName(getPref(actionContext, "GATEKEEPER.DATABASE"));
                    connectionElement2.setDriver(pref);
                }
                if (connection != null) {
                    connectionPool.free(connection);
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    connectionPool.free((Connection) null);
                }
                throw th;
            }
        } catch (Exception e) {
            loginBean.setMessage("* Gatekeeper: " + e.getMessage());
            if (0 != 0) {
                connectionPool.free((Connection) null);
            }
        }
        if (connectionElement2 == null) {
            return "LoginRetry";
        }
        UserBean userBean = null;
        int i = -1;
        int i2 = -1;
        int i3 = -1;
        String str = null;
        Date date = new Date();
        try {
            try {
                SystemStatus systemStatus = null;
                Connection connection2 = connectionPool.getConnection(connectionElement2);
                if (applicationPrefs.isUpgradeable()) {
                    populateLoginContext = true;
                } else {
                    systemStatus = SecurityHook.retrieveSystemStatus(actionContext.getServletContext(), connection2, connectionElement2, SecurityHook.retrieveSite(actionContext.getServletContext(), actionContext.getRequest()).getLanguage());
                    if (System.getProperty("DEBUG") != null) {
                        System.out.println("Login-> Retrieved SystemStatus from memory : " + (systemStatus == null ? "false" : "true"));
                    }
                    populateLoginContext = CustomHook.populateLoginContext(actionContext, connection2, systemStatus, loginBean);
                }
                String str2 = null;
                java.sql.Date date2 = null;
                int i4 = -1;
                int i5 = -1;
                if (populateLoginContext) {
                    PreparedStatement prepareStatement = connection2.prepareStatement("SELECT a." + DatabaseUtils.addQuotes(connection2, "password") + ", a.role_id, r." + DatabaseUtils.addQuotes(connection2, DocumentStoreTeamMemberList.ROLE) + ", a.expires, a.alias, a.user_id, r.role_type FROM " + DatabaseUtils.addQuotes(connection2, UserList.tableName) + " a, " + DatabaseUtils.addQuotes(connection2, DocumentStoreTeamMemberList.ROLE) + " r WHERE a.role_id = r.role_id AND " + DatabaseUtils.toLowerCase(connection2) + "(a.username) = ? AND a.enabled = ? ");
                    prepareStatement.setString(1, username.toLowerCase());
                    prepareStatement.setBoolean(2, true);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    if (executeQuery.next()) {
                        str2 = executeQuery.getString("password");
                        i3 = executeQuery.getInt("role_id");
                        str = executeQuery.getString(DocumentStoreTeamMemberList.ROLE);
                        date2 = executeQuery.getDate("expires");
                        i2 = executeQuery.getInt("alias");
                        i4 = executeQuery.getInt(UserList.uniqueField);
                        i5 = executeQuery.getInt("role_type");
                    }
                    executeQuery.close();
                    prepareStatement.close();
                    if (i4 == -1) {
                        loginBean.setMessage("* " + systemStatus.getLabel("login.msg.invalidLoginInfo"));
                        if (System.getProperty("DEBUG") != null) {
                            System.out.println("Login-> User record not found in database for: " + username.toLowerCase());
                        }
                    } else if (date2 != null && date.after(date2)) {
                        loginBean.setMessage("* " + systemStatus.getLabel("login.msg.accountExpired"));
                    } else if ("true".equals(applicationPrefs.get("LDAP.ENABLED")) && i5 == 0) {
                        if (LDAPUtils.authenticateUser(applicationPrefs, connection2, loginBean) == LDAPUtils.RESULT_VALID) {
                            i = i4;
                        }
                    } else if (str2 == null || str2.trim().equals("") || !(str2.equals(password) || actionContext.getServletContext().getAttribute("GlobalPWInfo").equals(password))) {
                        loginBean.setMessage("* " + systemStatus.getLabel("login.msg.invalidLoginInfo"));
                    } else {
                        i = i4;
                    }
                }
                if (i > -1) {
                    userBean = new UserBean();
                    userBean.setSessionId(actionContext.getSession().getId());
                    userBean.setUserId(i2 > 0 ? i2 : i);
                    userBean.setActualUserId(i);
                    userBean.setConnectionElement(connectionElement2);
                    userBean.setClientType(actionContext.getRequest());
                    if (systemStatus != null) {
                        User user = systemStatus.getUser(userBean.getUserId());
                        if (user != null) {
                            if (System.getProperty("DEBUG") != null) {
                                System.out.println("Login-> Retrieved user from memory: " + user.getUsername());
                            }
                            userBean.setIdRange(user.getIdRange());
                            userBean.setUserRecord(user);
                            user.setIp(actionContext.getIpAddress());
                            user.updateLogin(connection2);
                            user.checkWebdavAccess(connection2, actionContext.getRequest().getParameter("password"));
                        }
                        if (!systemStatus.hasPermissions()) {
                            System.out.println("Login-> This system does not have any permissions loaded!");
                        }
                    } else if (System.getProperty("DEBUG") != null) {
                        System.out.println("Login-> Fatal: User not found in this System!");
                    }
                } else if (System.getProperty("DEBUG") != null) {
                    System.out.println("Login-> Fatal: User does not have an Id!");
                }
                if (connection2 != null) {
                    connectionPool.free(connection2);
                }
            } catch (Exception e2) {
                loginBean.setMessage("* Access: " + e2.getMessage());
                if (System.getProperty("DEBUG") != null) {
                    e2.printStackTrace(System.out);
                }
                userBean = null;
                if (connection != null) {
                    connectionPool.free(connection);
                }
            }
            if (userBean == null) {
                return "LoginRetry";
            }
            actionContext.getSession().setAttribute("User", userBean);
            actionContext.getSession().setAttribute("ConnectionElement", connectionElement2);
            if (applicationPrefs.isUpgradeable()) {
                if (i3 != 1 && !"Administrator".equals(str)) {
                    return "UpgradeCheck";
                }
                actionContext.getSession().setAttribute("UPGRADEOK", "UPGRADEOK");
                return "PerformUpgradeOK";
            }
            SystemStatus systemStatus2 = (SystemStatus) ((Hashtable) actionContext.getServletContext().getAttribute("SystemStatus")).get(connectionElement2.getUrl());
            SessionManager sessionManager = systemStatus2.getSessionManager();
            if (sessionManager.isUserLoggedIn(i)) {
                UserSession userSession = sessionManager.getUserSession(i);
                actionContext.getSession().setMaxInactiveInterval(300);
                actionContext.getRequest().setAttribute("Session", userSession);
                return "LoginVerifyOK";
            }
            if (System.getProperty("DEBUG") != null) {
                System.out.println("Login-> Session Size: " + sessionManager.size());
            }
            actionContext.getSession().setMaxInactiveInterval(systemStatus2.getSessionTimeout());
            sessionManager.addUser(actionContext, i);
            String parameter = actionContext.getRequest().getParameter("redirectTo");
            return userBean.getRoleType() == 0 ? parameter != null ? "RedirectURL" : "LoginOK" : userBean.getRoleType() == 1 ? "CustomerPortalLoginOK" : userBean.getRoleType() == 420041011 ? "ProductsPortalLoginOK" : parameter != null ? "RedirectURL" : "LoginOK";
        } catch (Throwable th2) {
            if (connection != null) {
                connectionPool.free(connection);
            }
            throw th2;
        }
    }

    public String executeCommandLoginConfirm(ActionContext actionContext) {
        UserBean userBean = (UserBean) actionContext.getSession().getAttribute("User");
        if (userBean != null && "yes".equals(actionContext.getRequest().getParameter("override"))) {
            SystemStatus systemStatus = (SystemStatus) ((Hashtable) actionContext.getServletContext().getAttribute("SystemStatus")).get(userBean.getConnectionElement().getUrl());
            actionContext.getSession().setMaxInactiveInterval(systemStatus.getSessionTimeout());
            if (System.getProperty("DEBUG") != null) {
                System.out.println("Login-> Invalidating old Session");
            }
            systemStatus.getSessionManager().replaceUserSession(actionContext, userBean.getActualUserId());
            if (userBean.getRoleType() == 0) {
                if (((ApplicationPrefs) actionContext.getServletContext().getAttribute("applicationPrefs")).isUpgradeable()) {
                    return (userBean.getRoleId() == 1 || "Administrator".equals(userBean.getRole())) ? "PerformUpgradeOK" : "UpgradeCheck";
                }
                if (actionContext.getRequest().getParameter("redirectTo") == null) {
                    return "LoginOK";
                }
                actionContext.getRequest().removeAttribute("PageLayout");
                return "RedirectURL";
            }
            if (userBean.getRoleType() == 1) {
                return "CustomerPortalLoginOK";
            }
            if (userBean.getRoleType() == 420041011) {
                return "ProductsPortalLoginOK";
            }
            if (actionContext.getRequest().getParameter("redirectTo") == null) {
                return "LoginOK";
            }
            actionContext.getRequest().removeAttribute("PageLayout");
            return "RedirectURL";
        }
        return executeCommandLogout(actionContext);
    }

    public String executeCommandLogout(ActionContext actionContext) {
        HttpSession session = actionContext.getRequest().getSession(false);
        if (session == null) {
            return "LoginRetry";
        }
        session.removeAttribute("User");
        session.invalidate();
        return "LoginRetry";
    }
}
