package org.openremote.manager.gateway;

import jakarta.ws.rs.ForbiddenException;
import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.core.Response;
import org.openremote.container.timer.TimerService;
import org.openremote.manager.asset.AssetStorageService;
import org.openremote.manager.security.ManagerIdentityService;
import org.openremote.manager.web.ManagerWebResource;
import org.openremote.model.gateway.GatewayServiceResource;
import org.openremote.model.gateway.GatewayTunnelInfo;
import org.openremote.model.http.RequestParams;
import org.openremote.model.util.TextUtil;

/* loaded from: input_file:org/openremote/manager/gateway/GatewayServiceResourceImpl.class */
public class GatewayServiceResourceImpl extends ManagerWebResource implements GatewayServiceResource {
    protected GatewayService gatewayService;
    protected AssetStorageService assetStorageService;

    public GatewayServiceResourceImpl(TimerService timerService, ManagerIdentityService managerIdentityService, GatewayService gatewayService, AssetStorageService assetStorageService) {
        super(timerService, managerIdentityService);
        this.gatewayService = gatewayService;
        this.assetStorageService = assetStorageService;
    }

    public GatewayTunnelInfo[] getAllActiveTunnelInfos(RequestParams requestParams, String str) {
        if (TextUtil.isNullOrEmpty(str) || !isAuthenticated()) {
            throw new WebApplicationException(Response.Status.FORBIDDEN);
        }
        if (!isSuperUser() && !getAuthenticatedRealmName().equals(str)) {
            throw new WebApplicationException(Response.Status.FORBIDDEN);
        }
        if (isRestrictedUser()) {
            throw new WebApplicationException(Response.Status.FORBIDDEN);
        }
        return (GatewayTunnelInfo[]) this.gatewayService.getTunnelInfos().stream().filter(gatewayTunnelInfo -> {
            return gatewayTunnelInfo.getRealm().equals(str);
        }).toArray(i -> {
            return new GatewayTunnelInfo[i];
        });
    }

    public GatewayTunnelInfo[] getGatewayActiveTunnelInfos(RequestParams requestParams, String str, String str2) {
        if (TextUtil.isNullOrEmpty(str) || !isAuthenticated()) {
            throw new WebApplicationException(Response.Status.FORBIDDEN);
        }
        if (!isSuperUser() && !getAuthenticatedRealmName().equals(str)) {
            throw new WebApplicationException(Response.Status.FORBIDDEN);
        }
        if (TextUtil.isNullOrEmpty(str2)) {
            throw new WebApplicationException(Response.Status.BAD_REQUEST);
        }
        if (!isRestrictedUser() || this.assetStorageService.isUserAsset(getUserId(), str2)) {
            return (GatewayTunnelInfo[]) this.gatewayService.getTunnelInfos().stream().filter(gatewayTunnelInfo -> {
                return gatewayTunnelInfo.getRealm().equals(str) && gatewayTunnelInfo.getGatewayId().equals(str2);
            }).toArray(i -> {
                return new GatewayTunnelInfo[i];
            });
        }
        throw new WebApplicationException(Response.Status.FORBIDDEN);
    }

    public GatewayTunnelInfo getActiveTunnelInfo(RequestParams requestParams, String str, String str2, String str3, int i) {
        if (TextUtil.isNullOrEmpty(str) || !isAuthenticated()) {
            throw new WebApplicationException(Response.Status.FORBIDDEN);
        }
        if (!isSuperUser() && !getAuthenticatedRealmName().equals(str)) {
            throw new WebApplicationException(Response.Status.FORBIDDEN);
        }
        if (TextUtil.isNullOrEmpty(str2)) {
            throw new WebApplicationException(Response.Status.BAD_REQUEST);
        }
        if (!isRestrictedUser() || this.assetStorageService.isUserAsset(getUserId(), str2)) {
            return this.gatewayService.getTunnelInfos().stream().filter(gatewayTunnelInfo -> {
                return gatewayTunnelInfo.getRealm().equals(str) && gatewayTunnelInfo.getGatewayId().equals(str2) && gatewayTunnelInfo.getTarget().equals(str3) && gatewayTunnelInfo.getTargetPort() == i;
            }).findFirst().orElse(null);
        }
        throw new WebApplicationException(Response.Status.FORBIDDEN);
    }

    public GatewayTunnelInfo startTunnel(GatewayTunnelInfo gatewayTunnelInfo) {
        if (!isAuthenticated()) {
            throw new ForbiddenException();
        }
        if (gatewayTunnelInfo == null || TextUtil.isNullOrEmpty(gatewayTunnelInfo.getGatewayId())) {
            throw new WebApplicationException(Response.Status.BAD_REQUEST);
        }
        if (TextUtil.isNullOrEmpty(gatewayTunnelInfo.getRealm())) {
            gatewayTunnelInfo.setRealm(getAuthenticatedRealmName());
        } else if (!isSuperUser() && !gatewayTunnelInfo.getRealm().equals(getAuthenticatedRealmName())) {
            throw new ForbiddenException();
        }
        if (isRestrictedUser() && !this.assetStorageService.isUserAsset(getUserId(), gatewayTunnelInfo.getGatewayId())) {
            throw new ForbiddenException();
        }
        try {
            return this.gatewayService.startTunnel(gatewayTunnelInfo);
        } catch (IllegalArgumentException e) {
            throw new WebApplicationException(e.getMessage(), Response.Status.BAD_REQUEST);
        } catch (IllegalStateException e2) {
            throw new WebApplicationException(e2.getMessage(), Response.Status.NOT_FOUND);
        } catch (RuntimeException e3) {
            throw new WebApplicationException(e3.getMessage(), Response.Status.INTERNAL_SERVER_ERROR);
        }
    }

    public void stopTunnel(GatewayTunnelInfo gatewayTunnelInfo) {
        if (!isAuthenticated()) {
            throw new ForbiddenException();
        }
        if (gatewayTunnelInfo == null || TextUtil.isNullOrEmpty(gatewayTunnelInfo.getGatewayId())) {
            throw new WebApplicationException(Response.Status.BAD_REQUEST);
        }
        if (TextUtil.isNullOrEmpty(gatewayTunnelInfo.getRealm())) {
            gatewayTunnelInfo.setRealm(getAuthenticatedRealmName());
        } else if (!isSuperUser() && !gatewayTunnelInfo.getRealm().equals(getAuthenticatedRealmName())) {
            throw new ForbiddenException();
        }
        if (isRestrictedUser() && !this.assetStorageService.isUserAsset(getUserId(), gatewayTunnelInfo.getGatewayId())) {
            throw new ForbiddenException();
        }
        try {
            this.gatewayService.stopTunnel(gatewayTunnelInfo);
        } catch (IllegalArgumentException e) {
            throw new WebApplicationException(e.getMessage(), Response.Status.BAD_REQUEST);
        } catch (IllegalStateException e2) {
            throw new WebApplicationException(e2.getMessage(), Response.Status.NOT_FOUND);
        } catch (RuntimeException e3) {
            throw new WebApplicationException(e3.getMessage(), Response.Status.INTERNAL_SERVER_ERROR);
        }
    }
}
