package org.flowable.idm.rest.service.api.privilege;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.Authorization;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import org.flowable.common.engine.api.FlowableObjectNotFoundException;
import org.flowable.common.engine.api.query.QueryProperty;
import org.flowable.common.rest.api.DataResponse;
import org.flowable.common.rest.api.PaginateListUtil;
import org.flowable.engine.impl.event.logger.handler.Fields;
import org.flowable.idm.api.IdmIdentityService;
import org.flowable.idm.api.Privilege;
import org.flowable.idm.api.PrivilegeQuery;
import org.flowable.idm.rest.service.api.IdmRestApiInterceptor;
import org.flowable.idm.rest.service.api.IdmRestResponseFactory;
import org.flowable.idm.rest.service.api.group.GroupResponse;
import org.flowable.idm.rest.service.api.user.UserResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@Api(tags = {"Privileges"}, description = "Manage Privileges", authorizations = {@Authorization("basicAuth")})
@RestController
/* loaded from: input_file:WEB-INF/lib/flowable-idm-rest-7.0.0.M2.jar:org/flowable/idm/rest/service/api/privilege/PrivilegeCollectionResource.class */
public class PrivilegeCollectionResource {

    @Autowired
    protected IdmIdentityService identityService;

    @Autowired
    protected IdmRestResponseFactory idmRestResponseFactory;

    @Autowired(required = false)
    protected IdmRestApiInterceptor restApiInterceptor;

    @ApiResponses({@ApiResponse(code = 200, message = "Indicates the requested privileges were returned.")})
    @ApiImplicitParams({@ApiImplicitParam(name = "id", dataType = "string", value = "Only return privileges with the given id", paramType = "query"), @ApiImplicitParam(name = "name", dataType = "string", value = "Only return privileges with the given name", paramType = "query"), @ApiImplicitParam(name = Fields.USER_ID, dataType = "string", value = "Only return privileges with the given userId", paramType = "query"), @ApiImplicitParam(name = "groupId", dataType = "string", value = "Only return privileges with the given groupId", paramType = "query")})
    @ApiOperation(value = "List privileges", nickname = "listPrivileges", tags = {"Privileges"}, produces = "application/json")
    @GetMapping({"/privileges"})
    public DataResponse<PrivilegeResponse> getPrivileges(@RequestParam @ApiParam(hidden = true) Map<String, String> map) {
        PrivilegeQuery createPrivilegeQuery = this.identityService.createPrivilegeQuery();
        if (map.containsKey("id")) {
            createPrivilegeQuery.privilegeId(map.get("id"));
        }
        if (map.containsKey("name")) {
            createPrivilegeQuery.privilegeName(map.get("name"));
        }
        if (map.containsKey(Fields.USER_ID)) {
            createPrivilegeQuery.userId(map.get(Fields.USER_ID));
        }
        if (map.containsKey("groupId")) {
            createPrivilegeQuery.groupId(map.get("groupId"));
        }
        if (this.restApiInterceptor != null) {
            this.restApiInterceptor.accessPrivilegeInfoWithQuery(createPrivilegeQuery);
        }
        IdmRestResponseFactory idmRestResponseFactory = this.idmRestResponseFactory;
        Objects.requireNonNull(idmRestResponseFactory);
        return PaginateListUtil.paginateList(map, createPrivilegeQuery, "id", (Map<String, QueryProperty>) null, idmRestResponseFactory::createPrivilegeResponseList);
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Indicates the privilege exists and its users are returned.")})
    @GetMapping({"/privileges/{privilegeId}/users"})
    @ApiOperation(value = "List all users for a given privilege", nickname = "listPrivilegeUsers", tags = {"Privileges"}, produces = "application/json")
    public List<UserResponse> getUsers(@PathVariable String str) {
        Privilege privilegeById = getPrivilegeById(str);
        if (this.restApiInterceptor != null) {
            this.restApiInterceptor.accessPrivilegeInfoById(privilegeById);
        }
        return this.idmRestResponseFactory.createUserResponseList(this.identityService.getUsersWithPrivilege(str), false);
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Indicates the user privilege has been deleted")})
    @DeleteMapping({"/privileges/{privilegeId}/users/{userId}"})
    @ApiOperation(value = "Deletes a privilege for a user", nickname = "deleteUserPrivilege", tags = {"Privileges"})
    public void deleteUserPrivilege(@PathVariable String str, @PathVariable String str2) {
        Privilege privilegeById = getPrivilegeById(str);
        if (this.restApiInterceptor != null) {
            this.restApiInterceptor.deleteUserPrivilege(privilegeById, str2);
        }
        this.identityService.deleteUserPrivilegeMapping(str, str2);
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Indicates the user privilege has been added")})
    @PostMapping({"privileges/{privilegeId}/users"})
    @ApiOperation(value = "Adds a privilege for a user", nickname = "addUserPrivilege", tags = {"Privileges"})
    public void addUserPrivilege(@PathVariable String str, @RequestBody AddUserPrivilegeRequest addUserPrivilegeRequest) {
        Privilege privilegeById = getPrivilegeById(str);
        if (this.restApiInterceptor != null) {
            this.restApiInterceptor.addUserPrivilege(privilegeById, addUserPrivilegeRequest.getUserId());
        }
        this.identityService.addUserPrivilegeMapping(str, addUserPrivilegeRequest.getUserId());
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Indicates the privilege exists and its groups are returned.")})
    @GetMapping({"/privileges/{privilegeId}/groups"})
    @ApiOperation(value = "List all groups for a given privilege", nickname = "listPrivilegeGroups", tags = {"Privileges"}, produces = "application/json")
    public List<GroupResponse> getGroups(@PathVariable String str) {
        Privilege privilegeById = getPrivilegeById(str);
        if (this.restApiInterceptor != null) {
            this.restApiInterceptor.accessPrivilegeInfoById(privilegeById);
        }
        return this.idmRestResponseFactory.createGroupResponseList(this.identityService.getGroupsWithPrivilege(str));
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Indicates the group privilege has been deleted")})
    @DeleteMapping({"/privileges/{privilegeId}/group/{groupId}"})
    @ApiOperation(value = "Deletes a privilege for a group", nickname = "deleteGroupPrivilege", tags = {"Privileges"})
    public void deleteGroupPrivilege(@PathVariable String str, @PathVariable String str2) {
        Privilege privilegeById = getPrivilegeById(str);
        if (this.restApiInterceptor != null) {
            this.restApiInterceptor.deleteGroupPrivilege(privilegeById, str2);
        }
        this.identityService.deleteGroupPrivilegeMapping(str, str2);
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Indicates the group privilege has been added")})
    @PostMapping({"privileges/{privilegeId}/groups"})
    @ApiOperation(value = "Adds a privilege for a group", nickname = "addGroupPrivilege", tags = {"Privileges"})
    public void addGroupPrivilege(@PathVariable String str, @RequestBody AddGroupPrivilegeRequest addGroupPrivilegeRequest) {
        Privilege privilegeById = getPrivilegeById(str);
        if (this.restApiInterceptor != null) {
            this.restApiInterceptor.addGroupPrivilege(privilegeById, addGroupPrivilegeRequest.getGroupId());
        }
        this.identityService.addGroupPrivilegeMapping(str, addGroupPrivilegeRequest.getGroupId());
    }

    protected Privilege getPrivilegeById(String str) {
        Privilege singleResult = this.identityService.createPrivilegeQuery().privilegeId(str).singleResult();
        if (singleResult == null) {
            throw new FlowableObjectNotFoundException("Could not find privilege with id " + str, Privilege.class);
        }
        return singleResult;
    }
}
