package com.webpagebytes.wpbsample.controllers;

import com.webpagebytes.cms.WPBForward;
import com.webpagebytes.cms.WPBModel;
import com.webpagebytes.cms.exception.WPBException;
import com.webpagebytes.wpbsample.data.Account;
import com.webpagebytes.wpbsample.data.DepositWithdrawal;
import com.webpagebytes.wpbsample.data.Session;
import com.webpagebytes.wpbsample.data.User;
import com.webpagebytes.wpbsample.utility.HashService;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.xalan.templates.Constants;

/* loaded from: input_file:WEB-INF/classes/com/webpagebytes/wpbsample/controllers/PerformWithdrawalController.class */
public class PerformWithdrawalController extends GenericController {
    private void performValidation(HttpServletRequest httpServletRequest, String str, Long l, Map<String, String> map, Map<String, String> map2) {
        String parameter = httpServletRequest.getParameter(Constants.ATTRNAME_AMOUNT);
        String parameter2 = httpServletRequest.getParameter("password");
        Long l2 = 0L;
        try {
            l2 = Long.valueOf(parameter);
        } catch (NumberFormatException e) {
            map.put(Constants.ATTRNAME_AMOUNT, "Error.amount.format");
        }
        if (l2.longValue() > l.longValue()) {
            map.put(Constants.ATTRNAME_AMOUNT, "Error.amount.toolarge");
        } else if (l2.longValue() == 0) {
            map.put(Constants.ATTRNAME_AMOUNT, "Error.amount.zeronotallowed");
        }
        if (map.containsKey(Constants.ATTRNAME_AMOUNT)) {
            map2.put(Constants.ATTRNAME_AMOUNT, "");
        } else {
            map2.put(Constants.ATTRNAME_AMOUNT, parameter);
        }
        if (parameter2.length() == 0) {
            map.put("password", "Error.password.empty");
            return;
        }
        try {
            if (!HashService.getHashSha1(parameter2.getBytes()).equals(str)) {
                map.put("password", "Error.password.invalid");
            }
        } catch (NoSuchAlgorithmException e2) {
        }
    }

    @Override // com.webpagebytes.wpbsample.controllers.GenericController, com.webpagebytes.wpbsample.controllers.BaseController, com.webpagebytes.cms.WPBRequestHandler
    public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, WPBModel wPBModel, WPBForward wPBForward) throws WPBException {
        Session session = getSession(httpServletRequest, httpServletResponse);
        if (false == handleAuthentication(httpServletRequest, httpServletResponse, wPBModel, wPBForward, session)) {
            return;
        }
        Integer num = (Integer) session.getSessionMap().get("loginUserId");
        try {
            User user = this.database.getUser(num.intValue());
            Account account = this.database.getAccount(num.intValue());
            HashMap hashMap = new HashMap();
            HashMap hashMap2 = new HashMap();
            performValidation(httpServletRequest, user.getPassword(), Long.valueOf(account.getBalance()), hashMap, hashMap2);
            wPBModel.getCmsApplicationModel().put("errors", hashMap);
            wPBModel.getCmsApplicationModel().put("account", account);
            if (hashMap.size() > 0) {
                wPBModel.getCmsApplicationModel().put("values", hashMap2);
                wPBForward.setForwardTo(wPBModel.getCmsModel().get(WPBModel.URI_PARAMETERS_KEY).get("pageGuid"));
                return;
            }
            DepositWithdrawal createDepositOrWithdrawal = this.database.createDepositOrWithdrawal(num.intValue(), DepositWithdrawal.OperationType.WITHDRAWAL, Long.valueOf(httpServletRequest.getParameter(Constants.ATTRNAME_AMOUNT)).longValue());
            String str = wPBModel.getCmsModel().get(WPBModel.URI_PARAMETERS_KEY).get("successUri");
            try {
                str = str.concat("?id=").concat(String.valueOf(createDepositOrWithdrawal.getId()));
                httpServletResponse.sendRedirect(str);
            } catch (IOException e) {
                throw new WPBException("Cannot redirect to:" + str, e);
            }
        } catch (SQLException e2) {
            throw new WPBException("Cannot update data", e2);
        }
    }
}
