/**
   * Creates a Discussion Post
   *
   * <p>- Requires a cookie for the session user - Requires a comment and threadId request parameter
   * for the POST
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void createPostAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    Map<String, Object> viewData = new HashMap<>();

    if (req.getMethod() == HttpMethod.Post) {
      DiscussionManager dm = new DiscussionManager();

      HttpSession session = req.getSession();
      Session userSession = (Session) session.getAttribute("userSession");

      // Create the discussion post
      DiscussionPost post = new DiscussionPost();
      post.setUserId(userSession.getUserId());
      post.setMessage(req.getParameter("comment"));
      post.setThreadId(Integer.parseInt(req.getParameter("threadId")));

      dm.createPost(post);

      redirectToLocal(req, res, "/group/discussion/?threadId=" + req.getParameter("threadId"));
    } else {
      httpNotFound(req, res);
    }
  }
  /**
   * Deletes a meeting from the database
   *
   * <p>- Requires a cookie for the session user - Requires a meetingId request parameter for the
   * HTTP GET
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void deletemeetingAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    if (req.getMethod() == HttpMethod.Get) {

      // Get the meeting
      int meetingId = Integer.parseInt(req.getParameter("meetingId"));
      MeetingManager meetingMan = new MeetingManager();
      Meeting meeting = meetingMan.get(meetingId);
      meetingMan.deleteMeeting(meetingId);

      // Update the User Session to remove meeting
      HttpSession session = req.getSession();
      Session userSession = (Session) session.getAttribute("userSession");
      List<Meeting> adminMeetings = userSession.getUser().getMeetings();

      for (int i = 0; i < adminMeetings.size(); i++) {
        Meeting m = adminMeetings.get(i);
        if (m.getId() == meeting.getId()) {
          adminMeetings.remove(i);
          break;
        }
      }

      redirectToLocal(req, res, "/home/dashboard");
      return;

    } else if (req.getMethod() == HttpMethod.Post) {
      httpNotFound(req, res);
    }
  }
  /* good2() reverses the bodies in the if statement */
  private void good2(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    if (IO.static_returns_t()) {
      Logger tcLog = Logger.getLogger("cwe_testcases_logger");
      if (request.getParameter("username") == null) {
        return;
      }
      String username = request.getParameter("username");
      if (username.matches("[a-zA-Z0-9]*")) {
        HttpSession session = request.getSession(true);
        /* FIX: logged message does not contain session id */
        tcLog.log(Level.FINEST, "Username: "******" Session ID:" + session.getId());
      } else {
        response.getWriter().println("Invalid characters");
      }
    } else {
      /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */

      Logger tcLog = Logger.getLogger("cwe_testcases_logger");
      if (request.getParameter("username") == null) {
        return;
      }

      String username = request.getParameter("username");

      if (username.matches("[a-zA-Z0-9]*")) {
        HttpSession session = request.getSession(true);
        /* FLAW: leak session ID to debug log */
        tcLog.log(Level.FINEST, "Username: "******" Session ID:" + session.getId());
      } else {
        response.getWriter().println("Invalid characters");
      }
    }
  }
  /**
   * Removes User from the Group
   *
   * <p>- Requires a cookie for the session user - Requires a groupId request parameter for the HTTP
   * GET
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void leaveAction(HttpServletRequest req, HttpServletResponse res) {
    if (AccountController.redirectIfNoCookie(req, res)) return;

    if (req.getMethod() == HttpMethod.Get) {
      int groupId = Integer.parseInt(req.getParameter("groupId"));

      HttpSession session = req.getSession();
      Session userSession = (Session) session.getAttribute("userSession");
      int userId = userSession.getUser().getId();

      GroupManager groupMan = new GroupManager();
      groupMan.removeMapping(groupId, userId);
      // reload groups into the user
      userSession.getUser().setGroups(groupMan.getAllGroups(userId));

      redirectToLocal(req, res, "/home/dashboard");
      return;

    } else {
      httpNotFound(req, res);
    }
  }
  /**
   * Creates a notification to a Group coordinator signaling that a user wants to join their group
   *
   * <p>- Requires a groupId request parameter for the GET
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void inviteAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    Map<String, Object> viewData = new HashMap<String, Object>();

    int groupId = Integer.parseInt(req.getParameter("groupId"));

    try {

      // Get the session user
      HttpSession session = req.getSession();
      Session userSession = (Session) session.getAttribute("userSession");
      User user = userSession.getUser();

      // Get the coordinator for the group
      GroupManager groupMan = new GroupManager();
      Group group = groupMan.get(groupId);
      User coordinator = groupMan.getCoordinator(groupId);

      // Send a notification to the coordinator for them to permit access to the group
      NotificationManager notificationMan = new NotificationManager();
      Notification notification =
          new Notification(
              coordinator.getId(),
              coordinator,
              groupId,
              group,
              user.getFullName() + " wants to join your group " + group.getGroupName(),
              "/home/notifications?addUserId=" + user.getId() + "&groupId=" + group.getId());
      notificationMan.createNotification(notification);

      redirectToLocal(req, res, "/home/dashboard");
      return;

    } catch (Exception e) {
      redirectToLocal(req, res, "/home/dashboard");
    }
  }
  /**
   * Displays a given Research Group page for a HTTP Get, or creates a new Group for a HTTP Post
   *
   * <p>- Requires a cookie for the session user - Requires a groupId request parameter for a GET -
   * Requires a groupName, description, createdByUserId request parameters for a POST
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void researchgroupAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    Map<String, Object> viewData = new HashMap<String, Object>();
    viewData.put("title", "Research Group");

    if (req.getMethod() == HttpMethod.Get) {
      // Load group data into Map
      GroupManager gm = new GroupManager();
      int groupId = Integer.parseInt(req.getParameter("groupId"));
      Group group = gm.get(groupId);

      if (group != null) {
        // Load Group into map
        viewData.put("group", group);

        // Load group members into Map
        List<String> groupMembers = gm.getGroupMembers(groupId);
        viewData.put("groupMembers", groupMembers);

        // Load meetings into map
        MeetingManager meetMan = new MeetingManager();
        List<Meeting> groupMeetings = meetMan.getGroupMeetings(groupId);
        viewData.put("groupMeetings", groupMeetings);

        // Load Document Data into Map
        DocumentManager docMan = new DocumentManager();
        List<Document> groupDocuments = docMan.getGroupDocuments(groupId);
        viewData.put("groupDocuments", groupDocuments);

        // Load discussion threads
        DiscussionManager dm = new DiscussionManager();
        viewData.put("groupDiscussions", dm.getThreads(groupId));

        // Check if the user is a member
        boolean isMember = false;
        HttpSession session = req.getSession();
        Session userSession = (Session) session.getAttribute("userSession");
        User user = userSession.getUser();

        for (Group g : gm.getAllGroups(user.getId())) {
          if (g.getId() == group.getId()) {
            isMember = true;
            break;
          }
        }

        viewData.put("notMember", !isMember);

        // View group page.
        view(req, res, "/views/group/ResearchGroup.jsp", viewData);

      } else {
        httpNotFound(req, res);
      }

    } else if (req.getMethod() == HttpMethod.Post) {
      // Create Group

      // Get data from parameters
      String groupName = req.getParameter("groupName");
      String description = req.getParameter("description");
      int adminId = Integer.parseInt(req.getParameter("createdByUserId"));

      // Create the Group
      GroupManager groupMan = new GroupManager();
      Group group = new Group();
      group.setGroupName(groupName);
      group.setDescription(description);
      group.setCoordinatorId(adminId);
      // Create the mapping
      groupMan.createGroup(group);
      int groupId = groupMan.getIdFor(group);
      groupMan.createMapping(groupId, adminId);

      group.setId(groupId);

      // Update the User Session to show new group
      HttpSession session = req.getSession();
      Session userSession = (Session) session.getAttribute("userSession");
      User admin = userSession.getUser();
      admin.getGroups().add(group);

      // Show the Group Page
      viewData.put("groupName", group.getGroupName());
      List<String> groupMembers = groupMan.getGroupMembers(groupId);
      viewData.put("groupMembers", groupMembers);

      view(req, res, "/views/group/ResearchGroup.jsp", viewData);
    }
  }
  /**
   * Displays the Create Discussion page for a HTTP Get, or creates a Discussion Thread for a HTTP
   * Post
   *
   * <p>- Requires a cookie for the session user - Requires a groupId request parameter for a GET -
   * Requires a groupId and threadName request parameter for a POST - Requires a document request
   * part for a POST
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void createDiscussionAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    Map<String, Object> viewData = new HashMap<>();

    if (req.getMethod() == HttpMethod.Get) {
      viewData.put("title", "Create Discussion");
      viewData.put("groupId", req.getParameter("groupId"));

      view(req, res, "/views/group/CreateDiscussion.jsp", viewData);
      return;
    } else if (req.getMethod() == HttpMethod.Post) {
      // save discussion
      GroupManager groupMan = new GroupManager();
      DiscussionThread thread = new DiscussionThread();
      int groupId = Integer.parseInt(req.getParameter("groupId"));
      thread.setGroupId(groupId);
      thread.setGroup(groupMan.get(groupId));
      thread.setThreadName(req.getParameter("threadName"));

      DiscussionManager dm = new DiscussionManager();
      dm.createDiscussion(thread);

      try {
        Part documentPart = req.getPart("document");

        // if we have a document to upload
        if (documentPart.getSize() > 0) {
          String uuid = DocumentController.saveDocument(this.getServletContext(), documentPart);
          Document doc = new Document();
          doc.setDocumentName(getFileName(documentPart));
          doc.setDocumentPath(uuid);
          doc.setVersionNumber(1);
          doc.setThreadId(thread.getId());
          doc.setGroupId(thread.getGroupId());

          DocumentManager docMan = new DocumentManager();
          docMan.createDocument(doc);

          // Get uploading User
          HttpSession session = req.getSession();
          Session userSession = (Session) session.getAttribute("userSession");
          User uploader = userSession.getUser();

          // Create a notification to all in the group
          NotificationManager notificationMan = new NotificationManager();
          groupMan = new GroupManager();
          List<User> groupUsers = groupMan.getGroupUsers(groupId);

          for (User u : groupUsers) {
            Notification notification =
                new Notification(
                    u.getId(),
                    u,
                    groupId,
                    null,
                    "User " + uploader.getFullName() + " has uploaded a document",
                    "/document/document?documentId=" + doc.getId());

            notificationMan.createNotification(notification);
          }
        }
      } catch (Exception e) {
        logger.log(Level.SEVERE, "Document save error", e);
      }

      redirectToLocal(req, res, "/group/discussion/?threadId=" + thread.getId());
      return;
    }
    httpNotFound(req, res);
  }
  /**
   * Displays a given Meeting page for a HTTP Get, or creates a new Meeting for a HTTP Post
   *
   * <p>- Requires a cookie for the session user - Requires a meetingId request parameter for a GET
   * - Requires description, createdByUserId, datepicker, meetingTime, groupId request parameters
   * for a POST
   *
   * @param req The HTTP Request
   * @param res The HTTP Response
   */
  public void meetingAction(HttpServletRequest req, HttpServletResponse res) {
    // Ensure there is a cookie for the session user
    if (AccountController.redirectIfNoCookie(req, res)) return;

    Map<String, Object> viewData = new HashMap<String, Object>();
    viewData.put("title", "Meeting");

    // Initialise Manager connections
    MeetingManager meetingMan = new MeetingManager();
    GroupManager groupMan = new GroupManager();

    if (req.getMethod() == HttpMethod.Get) {
      // Get request parameter
      int meetingId = Integer.parseInt(req.getParameter("meetingId"));
      Meeting meeting = meetingMan.get(meetingId);

      if (meeting != null) {

        List<User> meetingUsers = groupMan.getGroupUsers(meeting.getGroupId());
        viewData.put("meetingUsers", meetingUsers);
        viewData.put("meeting", meeting);
        view(req, res, "/views/group/Meeting.jsp", viewData);

      } else {
        httpNotFound(req, res);
      }
    } else if (req.getMethod() == HttpMethod.Post) {

      // Get details from request
      String description = req.getParameter("description");
      int createdByUserId = Integer.parseInt(req.getParameter("createdByUserId"));
      Date dateCreated = new Date();

      String meetingDate = req.getParameter("datepicker");
      String meetingTime = req.getParameter("meetingTime");

      // Parse meeting date time details
      DateFormat format = new SimpleDateFormat("MM/dd/yyyy HH:mm");
      Date dateDue = new Date();
      try {
        dateDue = format.parse(meetingDate + " " + meetingTime);
      } catch (ParseException e) {
        // Unable to parse date. This shouldn't happen since we are
        // performing javascript validation.
      }

      int groupId = Integer.parseInt(req.getParameter("groupId"));

      // Create a Meeting
      Meeting meeting = new Meeting();
      meeting.setDescription(description);
      meeting.setCreatedByUserId(createdByUserId);
      meeting.setDateCreated(dateCreated);
      meeting.setDateDue(dateDue);
      meeting.setGroupId(groupId);

      meetingMan.createMeeting(meeting);
      int meetingId = meetingMan.getIdFor(meeting);
      meeting.setId(meetingId);

      UserManager userMan = new UserManager();
      User createdByUser = userMan.get(createdByUserId);

      // Create a notification for all users in group
      NotificationManager notificationMan = new NotificationManager();
      List<User> users = groupMan.getGroupUsers(groupId);

      for (User u : users) {
        Notification notification =
            new Notification(
                u.getId(),
                u,
                groupId,
                null,
                "Meeting " + description + " was created by " + createdByUser.getFullName(),
                "/group/meeting?meetingId=" + meetingId);
        notificationMan.createNotification(notification);
      }

      // Update the User Session to show new meeting
      HttpSession session = req.getSession();
      Session userSession = (Session) session.getAttribute("userSession");
      User admin = userSession.getUser();
      admin.getMeetings().add(meeting);

      // Show meeting page
      viewData.put("meetingUsers", users);
      viewData.put("meeting", meeting);
      view(req, res, "/views/group/Meeting.jsp", viewData);
    }
  }