{=
	#
	#
	#
	# finish_wizard.cfv
	#
	#
	#

	include "templates.util.base_util";
	include "templates.util.encoding";
	include "templates.util.node_names";
	
	include "templates.new_profile_wizard.new_profile_wizard_util";
	include "templates.new_profile_wizard.finish_wizard_util";

	include "templates.util.profiles.get_profile_data_util";
	include "templates.util.profiles.get_profiles_user_grants";

	debug_message("\n\n#### finish_wizard.cfv \n\n");
	
	string session_id = volatile.session_id;
	bool is_root_admin = get_is_root_admin();
	string page_token = v.fp.page_token;


	string password;
	
	#
	# Check RBAC permissions
	#

	if ((is_root_admin or
		get_admin_feature_permission(session_id, "profiles", "add")) and
		get_is_valid_page_token(session_id, "new_profile_wizard", page_token)) then (

		string user_node_name = node_name(volatile.authenticated_user_node_path);
		string client_profiles_list_checksum = v.fp.profiles_list_checksum;

		# profiles_dat - only required if valid profile_node_name
		# Due the complexity of RBAC permissions we create a new profilesDb object
		# within the response which is then used to update the profiles list
		# in Profiles/Admin. profiles_dat contains only profiles for the specific user.
		string profiles_dat = "[]";
		string profile_changes_dat = "{}";


		# all_profiles_dat - only required if invalid profile_node_name
		# Includes all profiles and updates newProfileWizard.profilesDb in case
		# that the profile nodename/label or database name must be re-validated.
		string all_profiles_dat = "[]";

		bool is_unique_profile_node_name = false;

		# Check for valid node name.
		# Profile node name has been created on client side,
		# so it could be invalid if someone else has create a profile
		# in the meantime.

		node new_profile = "volatile.new_profile";

		debug_message("\n\n" . node_as_string(new_profile) . "\n\n");

		string profile_node_name = @new_profile{"profile_node_name"};

		if (!?("profiles." . profile_node_name)) then (

			# profile_node_name is unique, create the profile
			is_unique_profile_node_name = true;

			# Get profiles checksum before the profile becomes duplicated!
			string profiles_list_checksum_before_profile_modification = get_profiles_list_checksum(session_id, is_root_admin, user_node_name);

			finish_wizard_util_save_profile(
				is_root_admin,
				user_node_name,
				profile_node_name,
				new_profile);

			# profiles_dat = get_profiles_dat(session_id, is_root_admin, user_node_name);
			profile_changes_dat = get_profiles_list_data_after_profiles_changes(
				session_id,
				is_root_admin,
				user_node_name,
				client_profiles_list_checksum,
				profiles_list_checksum_before_profile_modification,
				profile_node_name,
				"new_profile");
		)
		else (

			# profile_node_name already exists. Most likely someone
			# else created a profile in the meantime. Create and
			# re-validate new profile_node_name on client side
			# with up to date profile data.

			all_profiles_dat = get_all_profiles_dat();
		);


		#
		# Get up to date user grants for non root admin users
		#
		string profiles_user_grants_dat = "{}";

		if (!is_root_admin) then (

			# Get up to date user_grants
			node user_grants = "sessions_cache." . session_id . ".session_info.user_grants";
			profiles_user_grants_dat = get_profiles_user_grants(user_grants);
		);

		# OLD
#		string profile_label = @new_profile{"profile_name"};
#		string profile_node_name = convert_to_valid_node_name(profile_label);
#		profile_node_name = get_unique_node_name("profiles", profile_node_name);


		#
		#
		# Send response
		#
		#

		# number_of_all_profiles includes also profiles for which the user has no access permission!
		int number_of_all_profiles = num_subnodes("profiles");
		
		string dat = "{";
		dat .= add_json("isUniqueProfileNodeName", is_unique_profile_node_name, "bool");
		dat .= add_json("newProfileName", profile_node_name, "string");
#		dat .= add_json("numberOfAllProfiles", number_of_all_profiles, "int");
#		dat .= add_json("profilesDb", profiles_dat, "obj");
		dat .= add_json("allProfilesDb", all_profiles_dat, "obj");
		dat .= add_json("profileChanges", profile_changes_dat, "obj");
		dat .= add_json("userGrants", profiles_user_grants_dat, "obj");
		dat = close_json(dat);
		
		debug_message("\n#### profiles_dat: " . profiles_dat . "\n");

		'newProfileWizard.finishWizardResponse(' . dat . ')';
	)
	else (
	
		# No permission to view this resource (URL)
		display_no_permission_html();
	);
=}