package com.atlassian.stash.internal.web.users;

import com.atlassian.bitbucket.IntegrityException;
import com.atlassian.bitbucket.ServiceException;
import com.atlassian.bitbucket.i18n.I18nService;
import com.atlassian.bitbucket.i18n.KeyedMessage;
import com.atlassian.bitbucket.license.LicenseLimitException;
import com.atlassian.bitbucket.license.LicenseService;
import com.atlassian.bitbucket.permission.Permission;
import com.atlassian.bitbucket.server.ApplicationPropertiesService;
import com.atlassian.bitbucket.user.SecurityService;
import com.atlassian.bitbucket.user.UserAdminService;
import com.atlassian.bitbucket.util.Operation;
import com.atlassian.crowd.exception.runtime.CrowdRuntimeException;
import com.atlassian.extras.api.bitbucket.BitbucketServerLicense;
import com.atlassian.soy.springmvc.errors.ErrorUtils;
import com.atlassian.stash.internal.auth.AuthenticationHelper;
import com.atlassian.stash.internal.auth.CaptchaResponse;
import com.atlassian.stash.internal.user.CaptchaService;
import com.atlassian.stash.internal.web.admin.UserWithPasswordForm;
import com.atlassian.stash.internal.web.auth.IgnoresXsrf;
import com.atlassian.stash.internal.web.soy.StashSoyResponseBuilder;
import com.atlassian.stash.internal.web.util.ControllerSupport;
import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.validation.Errors;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

@RequestMapping({"/signup"})
@Controller
/* loaded from: input_file:WEB-INF/classes/com/atlassian/stash/internal/web/users/SignUpController.class */
public class SignUpController extends ControllerSupport {
    private static final String FORM = "bitbucket.internal.page.users.signup.signup";
    private final CaptchaService captchaService;
    private final LicenseService licenseService;
    private final ApplicationPropertiesService propertiesService;
    private final SecurityService securityService;
    private final UserAdminService userAdminService;
    private final AuthenticationHelper authenticationHelper;

    /* loaded from: input_file:WEB-INF/classes/com/atlassian/stash/internal/web/users/SignUpController$SignUpForm.class */
    public static class SignUpForm extends UserWithPasswordForm {
        private String captcha;

        public String getCaptcha() {
            return this.captcha;
        }

        public void setCaptcha(String str) {
            this.captcha = str;
        }
    }

    @Autowired
    public SignUpController(I18nService i18nService, CaptchaService captchaService, LicenseService licenseService, ApplicationPropertiesService applicationPropertiesService, SecurityService securityService, UserAdminService userAdminService, AuthenticationHelper authenticationHelper) {
        super(i18nService);
        this.authenticationHelper = authenticationHelper;
        this.captchaService = captchaService;
        this.licenseService = licenseService;
        this.propertiesService = applicationPropertiesService;
        this.securityService = securityService;
        this.userAdminService = userAdminService;
    }

    @RequestMapping(method = {RequestMethod.GET})
    public ModelAndView showSignUpForm() {
        return isPublicSignupNotAllowed() ? redirectToLogin() : signUpForm(new SignUpForm()).build();
    }

    @RequestMapping(method = {RequestMethod.POST})
    @IgnoresXsrf
    public ModelAndView signUpUser(HttpServletRequest httpServletRequest, @Valid SignUpForm signUpForm, Errors errors, RedirectAttributes redirectAttributes) {
        if (isPublicSignupNotAllowed()) {
            return redirectToLogin();
        }
        if (this.propertiesService.isShowCaptchaOnSignUp() && (StringUtils.isEmpty(signUpForm.getCaptcha()) || !this.captchaService.validateCaptchaResponse(new CaptchaResponse(httpServletRequest.getSession().getId(), signUpForm.getCaptcha())))) {
            KeyedMessage createKeyedMessage = this.i18nService.createKeyedMessage("bitbucket.web.signup.captcha.incorrect", new Object[0]);
            errors.rejectValue("captcha", createKeyedMessage.getKey(), createKeyedMessage.getLocalisedMessage());
        }
        if (errors.hasErrors()) {
            return signUpForm(signUpForm).putValidationErrors(errors).build();
        }
        try {
            createUser(signUpForm);
            httpServletRequest.getSession(true);
            this.authenticationHelper.setCachedUsername(httpServletRequest, signUpForm.getUsername());
            redirectAttributes.addFlashAttribute("wasSuccessfulSignedUp", true);
            return redirectToLogin();
        } catch (IntegrityException e) {
            return signUpForm(signUpForm).putFormErrors(e.getLocalizedMessage()).build();
        } catch (LicenseLimitException e2) {
            return signUpForm(signUpForm, true).build();
        } catch (CrowdRuntimeException e3) {
            return signUpForm(signUpForm).putFormErrors(ErrorUtils.getLocalizedMessageOfRootCause(e3)).build();
        }
    }

    private void createUser(final SignUpForm signUpForm) throws IntegrityException, LicenseLimitException, CrowdRuntimeException {
        this.securityService.withPermission(Permission.ADMIN, "Create user through signup").call(new Operation<Void, ServiceException>() { // from class: com.atlassian.stash.internal.web.users.SignUpController.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.atlassian.bitbucket.util.Operation
            public Void perform() throws ServiceException {
                SignUpController.this.userAdminService.createUser(signUpForm.getUsername(), signUpForm.getPassword(), signUpForm.getFullname(), signUpForm.getEmail());
                return null;
            }
        });
    }

    private StashSoyResponseBuilder signUpForm(SignUpForm signUpForm) {
        int licensedUsersCount = this.licenseService.getLicensedUsersCount();
        BitbucketServerLicense bitbucketServerLicense = this.licenseService.get();
        int i = -1;
        boolean z = bitbucketServerLicense == null || bitbucketServerLicense.isUnlimitedNumberOfUsers();
        if (!z) {
            i = bitbucketServerLicense.getMaximumNumberOfUsers();
        }
        return signUpForm(signUpForm, !z && licensedUsersCount >= i);
    }

    private StashSoyResponseBuilder signUpForm(SignUpForm signUpForm, boolean z) {
        return new StashSoyResponseBuilder(FORM).put("form", signUpForm).put("showCaptcha", Boolean.valueOf(this.propertiesService.isShowCaptchaOnSignUp())).put("userLimitReached", Boolean.valueOf(z)).put("instanceName", this.propertiesService.getDisplayName());
    }

    private boolean isPublicSignupNotAllowed() {
        return !this.propertiesService.isAllowPublicSignUp();
    }

    private ModelAndView redirectToLogin() {
        return new ModelAndView("redirect:/login?signedUp");
    }
}
