package de.superx.servlet;

import de.memtext.db.NichtAngemeldetException;
import de.memtext.tree.CheckBoxNodeDec;
import de.memtext.tree.KeyParentEqualException;
import de.memtext.util.DateUtils;
import de.memtext.util.EqualsUtil;
import de.memtext.util.ServletHelper;
import de.memtext.util.StringUtils;
import de.superx.common.DBServletException;
import de.superx.common.InvalidKeyException;
import de.superx.common.SichtException;
import de.superx.common.SxUser;
import de.superx.util.RightsParser;
import de.superx.util.SqlStringUtils;
import freemarker.template.TemplateException;
import java.io.IOException;
import java.io.PrintWriter;
import java.lang.reflect.InvocationTargetException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.text.DateFormat;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.StringTokenizer;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.FactoryConfigurationError;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerException;
import org.dom4j.DocumentException;
import org.xml.sax.SAXException;

/* loaded from: input_file:de/superx/servlet/GxstageUserRights.class */
public class GxstageUserRights extends AbstractSuperXServlet {
    private static final long serialVersionUID = 1;
    private static DateFormat timeFormat = new SimpleDateFormat("dd.MM.yyyy HH:mm");
    private HashMap<String, String> hhprogListe = new HashMap<>();
    private HashMap<String, String> finanzstellenListe = new HashMap<>();
    private HashMap<String, String> fiposListe = new HashMap<>();
    private HashMap<String, String> fondsListe = new HashMap<>();
    private HashMap<String, String> projToInstListe = new HashMap<>();
    private HashMap<String, String> kostenstellenArtK = new HashMap<>();
    private HashMap<String, String> hhprog_zugeordneter_fonds = new HashMap<>();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/superx/servlet/GxstageUserRights$GxstageHelper.class */
    public class GxstageHelper extends SuperXServletHelper {
        private final SxUser user;
        private final DateFormat dfLong;

        public GxstageHelper(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
            super(httpServletRequest, httpServletResponse);
            this.dfLong = new SimpleDateFormat("dd.MM.yyyy");
            this.user = (SxUser) httpServletRequest.getSession().getAttribute("user");
        }

        private String getNowString() {
            return StringUtils.replace(GxstageUserRights.timeFormat.format(new Date()), " ", "<br/>");
        }

        private synchronized java.sql.Date parseStrict(String str) throws ParseException {
            return new java.sql.Date(this.dfLong.parse(str).getTime());
        }

        @Override // de.superx.servlet.SuperXServletHelper, de.memtext.util.ServletHelper
        protected void perform() throws SQLException, DBServletException, TransformerException, KeyParentEqualException, NichtAngemeldetException, IOException, ParseException, ParserConfigurationException, FactoryConfigurationError, SAXException, DocumentException, IllegalArgumentException, SecurityException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException, CloneNotSupportedException, TemplateException, InvalidKeyException, SichtException, IOException, ServletException {
            String hHprogZugordneterFonds;
            if (this.user == null) {
                throw new IllegalStateException("Kein user in der Session gefunden - bitte Browser neu starten!");
            }
            if (this.user.getMaskRights().indexOf("18004340") == -1) {
                throw new IllegalStateException("Keine Berechtigung gefunden");
            }
            this.userid = this.request.getSession().getAttribute("UserID").toString();
            String parameter = ServletHelper.getParameter(this.request, "action");
            boolean z = -1;
            switch (parameter.hashCode()) {
                case -1335458389:
                    if (parameter.equals("delete")) {
                        z = 2;
                        break;
                    }
                    break;
                case -74491236:
                    if (parameter.equals("getinst")) {
                        z = 4;
                        break;
                    }
                    break;
                case -74440118:
                    if (parameter.equals("getkeys")) {
                        z = false;
                        break;
                    }
                    break;
                case -74354975:
                    if (parameter.equals("getname")) {
                        z = true;
                        break;
                    }
                    break;
                case 3522941:
                    if (parameter.equals("save")) {
                        z = 3;
                        break;
                    }
                    break;
                case 1737996326:
                    if (parameter.equals("gethhprog_zugeordneter_fonds")) {
                        z = 5;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    hHprogZugordneterFonds = getkeys();
                    break;
                case true:
                    hHprogZugordneterFonds = getName(ServletHelper.getParameter(this.request, "field"), ServletHelper.getParameter(this.request, "id"));
                    break;
                case true:
                    hHprogZugordneterFonds = delete(ServletHelper.getParameter(this.request, "tid"));
                    break;
                case true:
                    hHprogZugordneterFonds = save();
                    break;
                case CheckBoxNodeDec.DIG_IN_SELECTION /* 4 */:
                    hHprogZugordneterFonds = getInst();
                    break;
                case true:
                    hHprogZugordneterFonds = getHHprogZugordneterFonds();
                    break;
                default:
                    throw new IllegalArgumentException("GxstageUserRights Unknown action:" + parameter);
            }
            turnCacheOff();
            sendBack(hHprogZugordneterFonds, "text/json");
        }

        private String getHHprogZugordneterFonds() {
            String str = "";
            String str2 = "";
            try {
                str = getParam("hhprog");
            } catch (IllegalArgumentException e) {
                str2 = "clear";
            }
            if (GxstageUserRights.this.hhprog_zugeordneter_fonds.containsKey(str)) {
                str2 = GxstageUserRights.this.hhprog_zugeordneter_fonds.get(str);
            }
            return "{\"fonds\":\"" + str2 + "\"}";
        }

        private String getInst() {
            String str = "";
            String str2 = "";
            try {
                str = getParam("hhprog");
            } catch (IllegalArgumentException e) {
                str2 = "clear";
            }
            if (GxstageUserRights.this.projToInstListe.containsKey(str)) {
                str2 = GxstageUserRights.this.projToInstListe.get(str);
            }
            return "{\"inst\":\"" + str2 + "\"}";
        }

        private String adaptForJson(String str) {
            return StringUtils.replace(str, "\"", "\\\"");
        }

        private String getkeys() {
            String adaptForJson;
            try {
                Connection connection = SxPools.get(SxSQL_Server.DEFAULT_MANDANTEN_ID).getConnection();
                Statement createStatement = connection.createStatement();
                initListe(GxstageUserRights.this.hhprogListe, createStatement, "select G.apnr, druck from (select apnr,max(d_akt_bis) as max_gueltig from gxstage_cifx where key=3 group by apnr) R inner join gxstage_cifx G on G.apnr=R.apnr and G.d_akt_bis=R.max_gueltig and G.key=3");
                GxstageUserRights.this.hhprogListe.put("0", "Alle PSP-Elemente");
                initListe(GxstageUserRights.this.finanzstellenListe, createStatement, "select G.apnr,druck from (select apnr,max(d_akt_bis) as max_gueltig from gxstage_cifx where key=5 group by apnr) R inner join gxstage_cifx G on  G.apnr=R.apnr and G.d_akt_bis=R.max_gueltig and G.key=5 ");
                GxstageUserRights.this.finanzstellenListe.put("0", "Alle Finanzstellen");
                initListe(GxstageUserRights.this.fondsListe, createStatement, "select G.ggnr,ggdruck from (select ggnr,max(key_bis) as max_gueltig from gxstage_gege group by 1) R inner join gxstage_gege G on G.ggnr=R.ggnr and G.key_bis=R.max_gueltig");
                GxstageUserRights.this.fondsListe.put("0", "Alle Fonds");
                initListe(GxstageUserRights.this.fiposListe, createStatement, "select key,kbez from gxstage_fipos where variante=3");
                GxstageUserRights.this.fiposListe.put("0", "Alle Sachkonten");
                initListe(GxstageUserRights.this.projToInstListe, createStatement, "select P.apnr as proj,F.verantw from (select apnr as finanzstelle,parent as verantw from gxstage_cifx where key=5) F inner join gxstage_cifx P on  key=3 and F.finanzstelle=P.intern_c ");
                initListe(GxstageUserRights.this.kostenstellenArtK, createStatement, "SELECT distinct wert,bez_lang FROM gxmx_kostl  WHERE not ist_blatt");
                initListe(GxstageUserRights.this.hhprog_zugeordneter_fonds, createStatement, "select distinct prps_posid,prps_usr02 from gxstage_sap_sc04 where length(prps_posid)=10");
                adaptForJson = "SUCCESS";
                createStatement.close();
                connection.close();
            } catch (SQLException e) {
                e.printStackTrace();
                adaptForJson = adaptForJson("FEHLER " + e);
            }
            return "{\"result\":\"" + adaptForJson + "\"}";
        }

        private void initListe(HashMap<String, String> hashMap, Statement statement, String str) throws SQLException {
            ResultSet executeQuery = statement.executeQuery(str);
            hashMap.clear();
            while (executeQuery.next()) {
                hashMap.put(executeQuery.getString(1), executeQuery.getString(2));
            }
            executeQuery.close();
        }

        private String save() {
            String str;
            java.sql.Date date = null;
            Connection connection = null;
            try {
                try {
                    String param = getParam("zeilennummer");
                    String param2 = getParam("anmerkung");
                    String param3 = getParam("tid");
                    String param4 = getParam("befristung");
                    String param5 = getParam("unterzeichner");
                    int i = -1;
                    String param6 = getParam("user");
                    if (param4 != null && !param4.equals("")) {
                        try {
                            date = parseStrict(param4);
                        } catch (ParseException e) {
                            System.out.println("wrong input:" + param4);
                            throw new IllegalArgumentException("Befristungsdatum im Format dd.mm.jjjj angeben");
                        }
                    }
                    Connection connection2 = SxPools.get(getMandantenID()).getConnection();
                    if (param5 != null && !param5.trim().equals("")) {
                        i = getUserId(connection2, param5);
                    }
                    int userId = getUserId(connection2, param6);
                    if (param3 == null || param3.equals("")) {
                        String param7 = getParam("rolle");
                        String param8 = getParam("hhprog");
                        String param9 = getParam("finanzstelle");
                        String param10 = getParam("fonds");
                        String param11 = getParam("fipos");
                        boolean z = true;
                        String param12 = getParam("zugeordneterFondsWanted");
                        if (param12 != null && param12.toLowerCase().contentEquals("false")) {
                            z = false;
                        }
                        checkRollenRegeln(param7, param8, param9, param10, z);
                        str = alreadyExists(connection2, param7, userId, param9, param8, param10, param11, i) ? "{\"result\":\"FEHLER " + ("Zeile " + param + "Es existiert bereits ein Datensatz mit gleicher Kombination aus Rolle, User, PSP-Element, Kostenstelle, Fonds, Sachkonto und Unterzeichner") + "\"}" : insertDatensatz(connection2, param3, param2, param7, userId, param9, param8, param10, param11, i, date);
                    } else {
                        str = updateDatensatz(connection2, param3, param2, userId, i, date);
                    }
                    if (connection2 != null) {
                        try {
                            connection2.close();
                        } catch (SQLException e2) {
                        }
                    }
                } catch (Exception e3) {
                    e3.printStackTrace();
                    String localizedMessage = e3.getLocalizedMessage();
                    if (localizedMessage.indexOf("duplicate key value violates unique constraint") > -1) {
                        localizedMessage = "Es existiert bereits ein Datensatz mit gleicher Kombination aus Rolle, User, PSP-Element, Kostenstelle, Fonds, Sachkonto und Unterzeichner";
                    }
                    str = "{\"result\":\"FEHLER Zeile " + "unbekannt" + " " + StringUtils.replace(localizedMessage, "\"", "'") + "\"}";
                    if (0 != 0) {
                        try {
                            connection.close();
                        } catch (SQLException e4) {
                        }
                    }
                }
                return str;
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        connection.close();
                    } catch (SQLException e5) {
                        throw th;
                    }
                }
                throw th;
            }
        }

        private void checkRollenRegeln(String str, String str2, String str3, String str4, boolean z) {
            StringBuffer stringBuffer = new StringBuffer();
            String upperCase = str.toUpperCase();
            boolean z2 = -1;
            switch (upperCase.hashCode()) {
                case 2422:
                    if (upperCase.equals("LB")) {
                        z2 = 2;
                        break;
                    }
                    break;
                case 64980:
                    if (upperCase.equals("AOB")) {
                        z2 = true;
                        break;
                    }
                    break;
                case 65836:
                    if (upperCase.equals("BKU")) {
                        z2 = 3;
                        break;
                    }
                    break;
                case 83772:
                    if (upperCase.equals("UAH")) {
                        z2 = false;
                        break;
                    }
                    break;
            }
            switch (z2) {
                case false:
                    if (!GxstageUserRights.this.kostenstellenArtK.containsKey(str3)) {
                        stringBuffer.append("NNNBei Rolle UAH muss Finanzstelle ART=K sein (meist Endung auf 00000)");
                    }
                    if (!str2.equals("1*,2*,5*,6*,7*,9999")) {
                        stringBuffer.append("NNNBei Rolle UAH muss PSP=1*,2*,5*,6*,7*,9999 sein.");
                    }
                    if (!str4.equals("-1060")) {
                        stringBuffer.append("NNNBei Rolle UAH muss Fonds -1060 sein.");
                        break;
                    }
                    break;
                case true:
                case true:
                    if (str2.length() == 10) {
                        if (!str3.contentEquals(GxstageUserRights.this.projToInstListe.get(str2))) {
                            stringBuffer.append("NNNBei Rolle " + str + " und PSP " + str2 + " muss die der verantwortlichen übergeordnete Finanzstelle eingetragen sein. (" + GxstageUserRights.this.projToInstListe.get(str2) + ")");
                        }
                        if (z && !str4.contentEquals(GxstageUserRights.this.hhprog_zugeordneter_fonds.get(str2))) {
                            stringBuffer.append("NNNBei Rolle " + str + " und PSP " + str2 + " muss der Fonds " + GxstageUserRights.this.hhprog_zugeordneter_fonds.get(str2) + " sein.");
                        }
                    }
                    if (str2.contentEquals("9999")) {
                        if (GxstageUserRights.this.kostenstellenArtK.containsKey(str3)) {
                            stringBuffer.append("NNNBei Rolle " + str + " und PSP=9999 darf Finanzstelle nicht ART=K sein (meist Endung auf 00000)");
                        }
                        boolean z3 = false;
                        boolean z4 = -1;
                        switch (str4.hashCode()) {
                            case 1507423:
                                if (str4.equals("1000")) {
                                    z4 = false;
                                    break;
                                }
                                break;
                            case 1507425:
                                if (str4.equals("1002")) {
                                    z4 = true;
                                    break;
                                }
                                break;
                            case 1507485:
                                if (str4.equals("1020")) {
                                    z4 = 2;
                                    break;
                                }
                                break;
                            case 1507516:
                                if (str4.equals("1030")) {
                                    z4 = 3;
                                    break;
                                }
                                break;
                            case 1508606:
                                if (str4.equals("1175")) {
                                    z4 = 4;
                                    break;
                                }
                                break;
                            case 1508640:
                                if (str4.equals("1188")) {
                                    z4 = 5;
                                    break;
                                }
                                break;
                        }
                        switch (z4) {
                            case false:
                            case true:
                            case true:
                            case true:
                            case CheckBoxNodeDec.DIG_IN_SELECTION /* 4 */:
                            case true:
                                z3 = true;
                                break;
                        }
                        if (!z3) {
                            stringBuffer.append("NNNBei " + str + " mit PSP-Element-Dummy 9999 muss genau einer der Fonds 1000, 1002, 1020, 1030, 1175 oder 1188 ausgewählt werden.");
                            break;
                        }
                    }
                    break;
                case true:
                    if (!GxstageUserRights.this.kostenstellenArtK.containsKey(str3)) {
                        stringBuffer.append("NNNBei Rolle BKU muss Finanzstelle ART=K sein (meist Endung auf 0000)");
                    }
                    if (!str2.equals("9999")) {
                        stringBuffer.append("NNNBei Rolle BKU muss PSP=9999 sein.");
                    }
                    boolean z5 = false;
                    boolean z6 = -1;
                    switch (str4.hashCode()) {
                        case -1663797265:
                            if (str4.equals("1000,1002,1020,1030,1175,1188")) {
                                z6 = false;
                                break;
                            }
                            break;
                        case 1507423:
                            if (str4.equals("1000")) {
                                z6 = true;
                                break;
                            }
                            break;
                        case 1507425:
                            if (str4.equals("1002")) {
                                z6 = 2;
                                break;
                            }
                            break;
                        case 1507485:
                            if (str4.equals("1020")) {
                                z6 = 3;
                                break;
                            }
                            break;
                        case 1507516:
                            if (str4.equals("1030")) {
                                z6 = 4;
                                break;
                            }
                            break;
                        case 451440014:
                            if (str4.equals("1000,1002")) {
                                z6 = 5;
                                break;
                            }
                            break;
                        case 451440074:
                            if (str4.equals("1000,1020")) {
                                z6 = 6;
                                break;
                            }
                            break;
                        case 451440105:
                            if (str4.equals("1000,1030")) {
                                z6 = 7;
                                break;
                            }
                            break;
                    }
                    switch (z6) {
                        case false:
                        case true:
                        case true:
                        case true:
                        case CheckBoxNodeDec.DIG_IN_SELECTION /* 4 */:
                        case true:
                        case true:
                        case true:
                            z5 = true;
                            break;
                    }
                    if (!z5) {
                        stringBuffer.append("NNNBei Rolle BKU nur spezielle Fonds erlaubt");
                        break;
                    }
                    break;
            }
            if (stringBuffer.length() > 0) {
                throw new IllegalArgumentException("Ungültige Eingabe " + stringBuffer);
            }
        }

        private boolean alreadyExists(Connection connection, String str, int i, String str2, String str3, String str4, String str5, int i2) throws SQLException {
            int i3;
            boolean z = false;
            PreparedStatement prepareStatement = connection.prepareStatement("select count(*) from gxstage_user_rights where status=1 and upper(rolle)=? and userinfo_id=? and finanzstelle=? and hhprog=? and fonds=? and fipos=?  and unterzeichner=?");
            prepareStatement.setString(1, str.toUpperCase());
            prepareStatement.setInt(2, i);
            prepareStatement.setString(3, str2);
            prepareStatement.setString(4, str3);
            prepareStatement.setString(5, str4);
            prepareStatement.setString(6, str5);
            prepareStatement.setInt(7, i2);
            ResultSet executeQuery = prepareStatement.executeQuery();
            int i4 = 0;
            while (true) {
                i3 = i4;
                if (!executeQuery.next()) {
                    break;
                }
                i4 = executeQuery.getInt(1);
            }
            executeQuery.close();
            prepareStatement.close();
            if (i3 > 0) {
                z = true;
            }
            return z;
        }

        private String insertDatensatz(Connection connection, String str, String str2, String str3, int i, String str4, String str5, String str6, String str7, int i2, java.sql.Date date) throws SQLException {
            PreparedStatement prepareStatement = connection.prepareStatement("insert into gxstage_user_rights (userinfo_id, \n       finanzstelle, \n       hhprog, \n       fonds, \n       fipos, \n       unterzeichner, \n       erfasst_am, \n       erfasst_durch, \n       anmerkung, \n       status, \n       rolle, \n       befristung) values (?,?,?,?,?,?,now()," + this.userid + ",?,1,?,?) returning tid");
            prepareStatement.setInt(1, i);
            prepareStatement.setString(2, str4);
            prepareStatement.setString(3, str5);
            prepareStatement.setString(4, str6);
            prepareStatement.setString(5, str7);
            prepareStatement.setInt(6, i2);
            prepareStatement.setString(7, str2);
            prepareStatement.setString(8, str3);
            prepareStatement.setDate(9, date);
            ResultSet executeQuery = prepareStatement.executeQuery();
            int i3 = -1;
            while (true) {
                int i4 = i3;
                if (!executeQuery.next()) {
                    executeQuery.close();
                    prepareStatement.close();
                    return "{\"result\":\"" + "" + "\",\"tid\":\"" + i4 + "\",\"erfasst_am\":\"" + getNowString() + "\",\"erfasst_name\":\"" + this.user.getName() + "\"}";
                }
                i3 = executeQuery.getInt(1);
            }
        }

        private String updateDatensatz(Connection connection, String str, String str2, int i, int i2, java.sql.Date date) throws SQLException {
            String str3 = "";
            try {
                if (hasUserBefristungOrUnterzeichnerChanged(connection, str, i, i2, date)) {
                    try {
                        connection.setAutoCommit(false);
                        PreparedStatement prepareStatement = connection.prepareStatement(" insert into gxstage_user_rights ( \n       userinfo_id, \n       finanzstelle, \n       hhprog, \n       fonds, \n       fipos, \n       unterzeichner, \n       erfasst_am, \n       erfasst_durch, \n       aktualisiert_am, \n       aktualisiert_durch, \n ersetzt_tid,       anmerkung, \n       status, \n       rolle, \n       befristung \n)  select      ?, \n       finanzstelle, \n       hhprog, \n       fonds, \n       fipos, \n      ?, \n       erfasst_am, \n       erfasst_durch, \n       aktualisiert_am, \n       aktualisiert_durch, " + str + ", ?, \n       1, \n       rolle, \n       ? \nFROM gxstage_user_rights where tid=? returning tid");
                        prepareStatement.setInt(1, i);
                        prepareStatement.setInt(2, i2);
                        prepareStatement.setString(3, str2);
                        prepareStatement.setDate(4, date);
                        prepareStatement.setInt(5, Integer.parseInt(str));
                        ResultSet executeQuery = prepareStatement.executeQuery();
                        int i3 = -1;
                        while (executeQuery.next()) {
                            i3 = executeQuery.getInt(1);
                        }
                        executeQuery.close();
                        prepareStatement.close();
                        PreparedStatement prepareStatement2 = connection.prepareStatement("update gxstage_user_rights set status=2,aktualisiert_am=now(),aktualisiert_durch=" + this.userid + " where tid=?");
                        prepareStatement2.setInt(1, Integer.parseInt(str));
                        prepareStatement2.executeUpdate();
                        connection.commit();
                        str3 = "{\"result\":\"" + str3 + "\",\"ersetzt_tid\":\"" + str + "\",\"newtid\":\"" + i3 + "\",\"aktualisiert_am\":\"" + getNowString() + "\",\"aktualisiert_name\":\"" + this.user.getName() + "\", " + getRowInfo(connection, str) + "}";
                        connection.setAutoCommit(true);
                    } catch (SQLException e) {
                        System.out.println(e.toString());
                        try {
                            connection.rollback();
                            connection.setAutoCommit(true);
                        } catch (SQLException e2) {
                            throw new SQLException(e2.getLocalizedMessage());
                        }
                    }
                } else {
                    PreparedStatement prepareStatement3 = connection.prepareStatement("update gxstage_user_rights set anmerkung=?, aktualisiert_am=now(),aktualisiert_durch=" + this.userid + " where tid=?");
                    prepareStatement3.setString(1, str2);
                    prepareStatement3.setInt(2, Integer.parseInt(str));
                    prepareStatement3.executeUpdate();
                    prepareStatement3.close();
                    str3 = "{\"result\":\"" + str3 + "\",\"aktualisiert_am\":\"" + getNowString() + "\",\"aktualisiert_name\":\"" + this.user.getName() + "\"}";
                }
                return str3;
            } catch (Throwable th) {
                connection.setAutoCommit(true);
                throw th;
            }
        }

        private String getRowInfo(Connection connection, String str) throws SQLException {
            Statement createStatement = connection.createStatement();
            createStatement.execute("insert into gxstage_tmp_edit (bearbeiter_id, gxstage_user_rights_tid) values (" + this.user.getId() + "," + str + ")");
            createStatement.execute("SELECT sp_gxstage_rights_edit(" + this.user.getId() + "," + str + ");");
            ResultSet executeQuery = createStatement.executeQuery("SELECT tid, \n       userinfo_id,userkennung,username, \n       finanzstelle, finanzstelle_name,\n       hhprog,hhprog_name, \n       fonds, fonds_name,\n       fipos,befristung, \n       rolle, \n       unterzeichner,unterzeichner_name, \n       erfasst_am, \n       erfasst_durch,erfasser_name, \n       aktualisiert_am, \n       aktualisiert_durch,aktualisiert_name, \n       anmerkung, \n       status_name \nFROM tmp_rights where 1=1 order by username asc,hhprog,finanzstelle,fonds,status");
            StringBuffer stringBuffer = new StringBuffer("\"oldrowinfo\":[ ");
            while (executeQuery.next()) {
                stringBuffer.append("\"" + executeQuery.getInt("tid") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("rolle") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("userkennung") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("username") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("hhprog") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("hhprog_name") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("finanzstelle") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("finanzstelle_name") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("fonds") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("fonds_name") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("fipos") + "\",");
                java.sql.Date date = executeQuery.getDate("befristung");
                stringBuffer.append("\"" + (date != null ? DateUtils.format(date) : "") + "\",");
                String string = executeQuery.getString("unterzeichner_name");
                if (string == null) {
                    string = "";
                }
                stringBuffer.append("\"" + string + "\",");
                stringBuffer.append("\"" + executeQuery.getString("erfasser_name") + "<br>" + StringUtils.replace(GxstageUserRights.timeFormat.format((Date) executeQuery.getTimestamp("erfasst_am")), " ", "<br>") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("aktualisiert_name") + "<br>" + StringUtils.replace(GxstageUserRights.timeFormat.format((Date) executeQuery.getTimestamp("aktualisiert_am")), " ", "<br>") + "\",");
                stringBuffer.append("\"" + executeQuery.getString("status_name") + "\",");
                stringBuffer.append("\"" + adaptForJson(executeQuery.getString("anmerkung")) + "\"");
            }
            stringBuffer.append(" ]");
            executeQuery.close();
            createStatement.executeUpdate("drop table tmp_rights");
            createStatement.close();
            return stringBuffer.toString();
        }

        private boolean hasUserBefristungOrUnterzeichnerChanged(Connection connection, String str, int i, int i2, java.sql.Date date) throws SQLException {
            boolean z = false;
            PreparedStatement prepareStatement = connection.prepareStatement("select userinfo_id,unterzeichner,befristung from gxstage_user_rights where tid=?");
            prepareStatement.setInt(1, Integer.parseInt(str));
            ResultSet executeQuery = prepareStatement.executeQuery();
            while (executeQuery.next()) {
                if (executeQuery.getInt("userinfo_id") != i) {
                    z = true;
                }
                if (executeQuery.getInt("unterzeichner") != i2) {
                    z = true;
                }
                if (!EqualsUtil.areEqual(executeQuery.getDate("befristung"), date)) {
                    z = true;
                }
            }
            executeQuery.close();
            prepareStatement.close();
            return z;
        }

        private String getParam(String str) {
            String parameter;
            if (str.contentEquals("anmerkung")) {
                parameter = this.request.getParameter("anmerkung").replace(';', ',');
            } else {
                parameter = ServletHelper.getParameter(this.request, str);
                if (parameter != null && !str.contentEquals("user") && !str.contentEquals("unterzeichner")) {
                    parameter = StringUtils.replace(parameter, " ", "");
                }
                boolean z = -1;
                switch (str.hashCode()) {
                    case -1357691597:
                        if (str.equals("befristung")) {
                            z = true;
                            break;
                        }
                        break;
                    case -1218039718:
                        if (str.equals("hhprog")) {
                            z = 3;
                            break;
                        }
                        break;
                    case -346364221:
                        if (str.equals("finanzstelle")) {
                            z = 2;
                            break;
                        }
                        break;
                    case 3599307:
                        if (str.equals("user")) {
                            z = false;
                            break;
                        }
                        break;
                    case 97438385:
                        if (str.equals("fipos")) {
                            z = 4;
                            break;
                        }
                        break;
                    case 97614868:
                        if (str.equals("fonds")) {
                            z = 5;
                            break;
                        }
                        break;
                    case 108695432:
                        if (str.equals("rolle")) {
                            z = 6;
                            break;
                        }
                        break;
                }
                switch (z) {
                    case true:
                        if (parameter != null && !parameter.contentEquals("")) {
                            if (!parameter.matches("\\d{2}\\.\\d{2}\\.\\d{4}")) {
                                throw new IllegalArgumentException("Befristung: Ungueltiges Datumsformat dd.MM.jjjj benutzen");
                            }
                            try {
                                if (!parseStrict(parameter).before(new Date())) {
                                    break;
                                } else {
                                    throw new IllegalArgumentException("Befristungen muessen in der Zukunft liegen");
                                }
                            } catch (NumberFormatException e) {
                                System.out.println(parameter);
                                throw new IllegalArgumentException("Befristung: Ungueltiges Datumsformat dd.MM.jjjj benutzen");
                            } catch (ParseException e2) {
                                System.out.println(parameter);
                                throw new IllegalArgumentException("Befristung: Ungueltiges Datumsformat dd.MM.jjjj benutzen");
                            }
                        }
                        break;
                    case true:
                        if (((parameter.indexOf("-") == -1) & (parameter.indexOf("*") == -1)) && !mapContainsAllKeys(GxstageUserRights.this.finanzstellenListe, parameter)) {
                            throw new IllegalArgumentException("Kostenstelle ungültig");
                        }
                        break;
                    case true:
                        if (((parameter.indexOf("-") == -1) & (parameter.indexOf("*") == -1)) && !mapContainsAllKeys(GxstageUserRights.this.hhprogListe, parameter)) {
                            throw new IllegalArgumentException("PSP-Element ungültig");
                        }
                        break;
                    case CheckBoxNodeDec.DIG_IN_SELECTION /* 4 */:
                        if (((parameter.indexOf("-") == -1) & (parameter.indexOf("*") == -1)) && !mapContainsAllKeys(GxstageUserRights.this.fiposListe, parameter)) {
                            throw new IllegalArgumentException("Sachkonto ungültig");
                        }
                        break;
                    case true:
                        if (((parameter.indexOf("-") == -1) & (parameter.indexOf("*") == -1)) && !mapContainsAllKeys(GxstageUserRights.this.fondsListe, parameter)) {
                            throw new IllegalArgumentException("Fonds ungültig");
                        }
                        break;
                    case true:
                        parameter = parameter.toUpperCase();
                        boolean z2 = -1;
                        switch (parameter.hashCode()) {
                            case 2422:
                                if (parameter.equals("LB")) {
                                    z2 = true;
                                    break;
                                }
                                break;
                            case 64980:
                                if (parameter.equals("AOB")) {
                                    z2 = false;
                                    break;
                                }
                                break;
                            case 65836:
                                if (parameter.equals("BKU")) {
                                    z2 = 2;
                                    break;
                                }
                                break;
                            case 83772:
                                if (parameter.equals("UAH")) {
                                    z2 = 3;
                                    break;
                                }
                                break;
                            case 2630964:
                                if (parameter.equals("VERW")) {
                                    z2 = 4;
                                    break;
                                }
                                break;
                        }
                        switch (z2) {
                            case false:
                            case true:
                            case true:
                            case true:
                            case CheckBoxNodeDec.DIG_IN_SELECTION /* 4 */:
                                break;
                            default:
                                throw new IllegalArgumentException("Rolle ungültig");
                        }
                }
            }
            return parameter;
        }

        private boolean mapContainsAllKeys(HashMap<String, String> hashMap, String str) {
            boolean z = true;
            StringTokenizer stringTokenizer = new StringTokenizer(str, RightsParser.RIGHTS_SEPARATOR);
            while (stringTokenizer.hasMoreTokens()) {
                if (!hashMap.containsKey(stringTokenizer.nextToken())) {
                    z = false;
                }
            }
            return z;
        }

        private int getUserId(Connection connection, String str) throws SQLException {
            int i;
            PreparedStatement prepareStatement = connection.prepareStatement("select tid from userinfo  where lower(name)=? or lower(benutzer)=?");
            prepareStatement.setString(1, str.toLowerCase());
            prepareStatement.setString(2, str.toLowerCase());
            ResultSet executeQuery = prepareStatement.executeQuery();
            int i2 = -1;
            while (true) {
                i = i2;
                if (!executeQuery.next()) {
                    break;
                }
                i2 = executeQuery.getInt(1);
            }
            executeQuery.close();
            prepareStatement.close();
            if (i == -1) {
                throw new IllegalArgumentException("User unbekannt");
            }
            return i;
        }

        private String delete(String str) {
            String str2;
            try {
                Connection connection = SxPools.get(getMandantenID()).getConnection();
                PreparedStatement prepareStatement = connection.prepareStatement("update gxstage_user_rights set status=3,aktualisiert_am=now(),aktualisiert_durch=" + this.userid + " where tid=?");
                prepareStatement.setInt(1, Integer.parseInt(str));
                str2 = prepareStatement.executeUpdate() != 1 ? "FEHLER - tid " + str + " nicht gefunden" : "SUCCESS";
                prepareStatement.close();
                connection.close();
            } catch (Exception e) {
                e.printStackTrace();
                str2 = "FEHLER " + e;
            }
            return str2.equals("SUCCESS") ? "{\"result\":\"SUCCESS\",\"aktualisiert_am\":\"" + getNowString() + "\",\"aktualisiert_name\":\"" + this.user.getName() + "\"}" : "{\"result\":\"" + str2 + "\"}";
        }

        private String getName(String str, String str2) {
            String str3 = "UNBEKANNT";
            String str4 = "";
            boolean z = false;
            boolean z2 = -1;
            switch (str.hashCode()) {
                case -1218039718:
                    if (str.equals("hhprog")) {
                        z2 = false;
                        break;
                    }
                    break;
                case -346364221:
                    if (str.equals("finanzstelle")) {
                        z2 = true;
                        break;
                    }
                    break;
                case 3599307:
                    if (str.equals("user")) {
                        z2 = 5;
                        break;
                    }
                    break;
                case 97438385:
                    if (str.equals("fipos")) {
                        z2 = 3;
                        break;
                    }
                    break;
                case 97614868:
                    if (str.equals("fonds")) {
                        z2 = 2;
                        break;
                    }
                    break;
                case 1212201504:
                    if (str.equals("unterzeichner")) {
                        z2 = 4;
                        break;
                    }
                    break;
            }
            switch (z2) {
                case false:
                    str3 = GxstageUserRights.this.hhprogListe.get(str2);
                    break;
                case true:
                    str3 = GxstageUserRights.this.finanzstellenListe.get(str2);
                    break;
                case true:
                    str3 = GxstageUserRights.this.fondsListe.get(str2);
                    break;
                case true:
                    str3 = GxstageUserRights.this.fiposListe.get(str2);
                    break;
                case CheckBoxNodeDec.DIG_IN_SELECTION /* 4 */:
                case true:
                    str4 = "select trim(name) from userinfo where lower(name)=? or lower(benutzer)=?";
                    str2 = str2.toLowerCase();
                    z = true;
                    break;
                default:
                    str4 = "select 'Unbekannter param:" + str + "' from xdummy where ?=?";
                    break;
            }
            if (z) {
                Connection connection = null;
                try {
                    try {
                        connection = SxPools.get(getMandantenID()).getConnection();
                        PreparedStatement prepareStatement = connection.prepareStatement(str4);
                        prepareStatement.setString(1, str2.trim());
                        if (2 > 1) {
                            prepareStatement.setString(2, str2.trim());
                        }
                        ResultSet executeQuery = prepareStatement.executeQuery();
                        int i = 0;
                        while (executeQuery.next()) {
                            str3 = executeQuery.getString(1);
                            i++;
                        }
                        executeQuery.close();
                        prepareStatement.close();
                        if (i > 1) {
                            str3 = "FEHLER: Eingabe nicht eindeutig";
                        }
                        if (str3.length() > 15) {
                            str3 = str3.substring(0, 14) + "..";
                        }
                        if (connection != null) {
                            try {
                                connection.close();
                            } catch (SQLException e) {
                                e.printStackTrace();
                            }
                        }
                    } catch (Throwable th) {
                        if (connection != null) {
                            try {
                                connection.close();
                            } catch (SQLException e2) {
                                e2.printStackTrace();
                            }
                        }
                        throw th;
                    }
                } catch (Exception e3) {
                    str3 = "FEHLER: " + e3.toString();
                    e3.printStackTrace();
                    if (connection != null) {
                        try {
                            connection.close();
                        } catch (SQLException e4) {
                            e4.printStackTrace();
                        }
                    }
                }
            }
            if (str3 == null) {
                str3 = "UNBEKANNT";
            }
            if (str3.length() > 15) {
                str3 = str3.substring(0, 14) + "..";
            }
            return "{\"name\":\"" + adaptForJson(str3) + "\"}";
        }

        public void sendNotAuthorized() throws IOException {
            this.response.setContentType("text/html; charset=" + SqlStringUtils.getEncoding());
            PrintWriter writer = this.response.getWriter();
            String jSONErrorText = ServletUtils.getJSONErrorText(this.userid, getDesiredLocale());
            System.out.println(jSONErrorText);
            writer.print(jSONErrorText);
            writer.close();
        }
    }

    @Override // de.superx.servlet.AbstractSuperXServlet
    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
    }

    public String getServletInfo() {
        return "GxstageUserRights";
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        setEncoding(httpServletRequest);
        new GxstageHelper(httpServletRequest, httpServletResponse).run(true);
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }
}
