package org.apache.shiro.samples.sprhib.web;

import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.samples.sprhib.model.User;
import org.apache.shiro.samples.sprhib.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.Assert;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

@Controller
/* loaded from: input_file:WEB-INF/classes/org/apache/shiro/samples/sprhib/web/ManageUsersController.class */
public class ManageUsersController {
    private EditUserValidator editUserValidator = new EditUserValidator();
    private UserService userService;

    @Autowired
    public void setUserService(UserService userService) {
        this.userService = userService;
    }

    @RequestMapping({"/manageUsers"})
    @RequiresPermissions({"user:manage"})
    public void manageUsers(Model model) {
        model.addAttribute(IniRealm.USERS_SECTION_NAME, this.userService.getAllUsers());
    }

    @RequestMapping(value = {"/editUser"}, method = {RequestMethod.GET})
    @RequiresPermissions({"user:edit"})
    public String showEditUserForm(Model model, @RequestParam Long l, @ModelAttribute EditUserCommand editUserCommand) {
        User user = this.userService.getUser(l);
        editUserCommand.setUserId(l);
        editUserCommand.setUsername(user.getUsername());
        editUserCommand.setEmail(user.getEmail());
        return "editUser";
    }

    @RequestMapping(value = {"/editUser"}, method = {RequestMethod.POST})
    @RequiresPermissions({"user:edit"})
    public String editUser(Model model, @RequestParam Long l, @ModelAttribute EditUserCommand editUserCommand, BindingResult bindingResult) {
        this.editUserValidator.validate(editUserCommand, bindingResult);
        if (bindingResult.hasErrors()) {
            return "editUser";
        }
        User user = this.userService.getUser(l);
        editUserCommand.updateUser(user);
        this.userService.updateUser(user);
        return "redirect:/s/manageUsers";
    }

    @RequestMapping({"/deleteUser"})
    @RequiresPermissions({"user:delete"})
    public String deleteUser(@RequestParam Long l) {
        Assert.isTrue(l.longValue() != 1, "Cannot delete admin user");
        this.userService.deleteUser(l);
        return "redirect:/s/manageUsers";
    }
}
