package org.opencastproject.userdirectory.endpoint;

import java.io.IOException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils;
import org.json.simple.JSONArray;
import org.json.simple.JSONValue;
import org.opencastproject.security.api.JaxbUser;
import org.opencastproject.security.api.JaxbUserList;
import org.opencastproject.security.api.SecurityService;
import org.opencastproject.security.api.UnauthorizedException;
import org.opencastproject.security.api.User;
import org.opencastproject.security.impl.jpa.JpaRole;
import org.opencastproject.security.impl.jpa.JpaUser;
import org.opencastproject.userdirectory.JpaUserAndRoleProvider;
import org.opencastproject.util.NotFoundException;
import org.opencastproject.util.RestUtil;
import org.opencastproject.util.UrlSupport;
import org.opencastproject.util.data.Tuple;
import org.opencastproject.util.doc.rest.RestParameter;
import org.opencastproject.util.doc.rest.RestQuery;
import org.opencastproject.util.doc.rest.RestResponse;
import org.opencastproject.util.doc.rest.RestService;
import org.osgi.service.component.ComponentContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/")
@RestService(name = "UsersUtils", title = "User utils", notes = {"This service offers the default CRUD Operations for the internal Opencast users."}, abstractText = "Provides operations for internal Opencast users")
/* loaded from: input_file:org/opencastproject/userdirectory/endpoint/UserEndpoint.class */
public class UserEndpoint {
    private static final Logger logger = LoggerFactory.getLogger(UserEndpoint.class);
    private JpaUserAndRoleProvider jpaUserAndRoleProvider;
    private SecurityService securityService;
    private String endpointBaseUrl;

    public void activate(ComponentContext componentContext) {
        logger.info("Start users endpoint");
        Tuple endpointUrl = RestUtil.getEndpointUrl(componentContext);
        this.endpointBaseUrl = UrlSupport.concat((String) endpointUrl.getA(), (String) endpointUrl.getB());
    }

    public void setSecurityService(SecurityService securityService) {
        this.securityService = securityService;
    }

    public void setJpaUserAndRoleProvider(JpaUserAndRoleProvider jpaUserAndRoleProvider) {
        this.jpaUserAndRoleProvider = jpaUserAndRoleProvider;
    }

    @GET
    @Path("users.json")
    @Produces({"application/json"})
    @RestQuery(name = "allusersasjson", description = "Returns a list of users", returnDescription = "Returns a JSON representation of the list of user accounts", restParameters = {@RestParameter(name = "limit", defaultValue = "100", description = "The maximum number of items to return per page.", isRequired = false, type = RestParameter.Type.STRING), @RestParameter(name = "offset", defaultValue = "0", description = "The page number.", isRequired = false, type = RestParameter.Type.STRING)}, reponses = {@RestResponse(responseCode = 200, description = "The user accounts.")})
    public JaxbUserList getUsersAsJson(@QueryParam("limit") int i, @QueryParam("offset") int i2) throws IOException {
        if (i < 1) {
            i = 100;
        }
        JaxbUserList jaxbUserList = new JaxbUserList();
        Iterator<User> findUsers = this.jpaUserAndRoleProvider.findUsers("%", i2, i);
        while (findUsers.hasNext()) {
            jaxbUserList.add(findUsers.next());
        }
        return jaxbUserList;
    }

    @GET
    @Path("{username}.json")
    @Produces({"application/json"})
    @RestQuery(name = "user", description = "Returns a user", returnDescription = "Returns a JSON representation of a user", pathParameters = {@RestParameter(name = "username", description = "The username.", isRequired = true, type = RestParameter.Type.STRING)}, reponses = {@RestResponse(responseCode = 200, description = "The user account."), @RestResponse(responseCode = 404, description = "User not found")})
    public Response getUserAsJson(@PathParam("username") String str) throws NotFoundException {
        User loadUser = this.jpaUserAndRoleProvider.loadUser(str);
        if (loadUser != null) {
            return Response.ok(JaxbUser.fromUser(loadUser)).build();
        }
        logger.debug("Requested user not found: {}", str);
        return Response.status(404).build();
    }

    @GET
    @Path("users/md5.json")
    @Produces({"application/json"})
    @RestQuery(name = "users-with-insecure-hashing", description = "Returns a list of users which passwords are stored using MD5 hashes", returnDescription = "Returns a JSON representation of the list of matching user accounts", reponses = {@RestResponse(responseCode = 200, description = "The user accounts.")})
    public JaxbUserList getUserWithInsecurePasswordHashingAsJson() {
        JaxbUserList jaxbUserList = new JaxbUserList();
        Iterator<User> it = this.jpaUserAndRoleProvider.findInsecurePasswordHashes().iterator();
        while (it.hasNext()) {
            jaxbUserList.add(it.next());
        }
        return jaxbUserList;
    }

    @POST
    @Path("/")
    @RestQuery(name = "createUser", description = "Create a new  user", returnDescription = "Location of the new ressource", restParameters = {@RestParameter(name = "username", description = "The username.", isRequired = true, type = RestParameter.Type.STRING), @RestParameter(name = "password", description = "The password.", isRequired = true, type = RestParameter.Type.STRING), @RestParameter(name = "name", description = "The name.", isRequired = false, type = RestParameter.Type.STRING), @RestParameter(name = "email", description = "The email.", isRequired = false, type = RestParameter.Type.STRING), @RestParameter(name = "roles", description = "The user roles as a json array, for example: [\"ROLE_USER\", \"ROLE_ADMIN\"]", isRequired = false, type = RestParameter.Type.STRING)}, reponses = {@RestResponse(responseCode = 400, description = "Malformed request syntax."), @RestResponse(responseCode = 201, description = "User has been created."), @RestResponse(responseCode = 409, description = "An user with this username already exist."), @RestResponse(responseCode = 403, description = "Not enough permissions to create a user with the admin role.")})
    public Response createUser(@FormParam("username") String str, @FormParam("password") String str2, @FormParam("name") String str3, @FormParam("email") String str4, @FormParam("roles") String str5) {
        if (this.jpaUserAndRoleProvider.loadUser(str) != null) {
            return Response.status(409).build();
        }
        try {
            Set<JpaRole> parseRoles = parseRoles(str5);
            logger.debug("Updating user {}", str);
            JpaUser jpaUser = new JpaUser(str, str2, this.securityService.getOrganization(), str3, str4, this.jpaUserAndRoleProvider.getName(), true, parseRoles);
            try {
                this.jpaUserAndRoleProvider.addUser(jpaUser);
                return Response.created(UrlSupport.uri(new Object[]{this.endpointBaseUrl, jpaUser.getUsername() + ".json"})).build();
            } catch (UnauthorizedException e) {
                logger.debug("Create user failed", e);
                return Response.status(Response.Status.FORBIDDEN).build();
            }
        } catch (IllegalArgumentException e2) {
            logger.debug("Request with malformed ROLE data: {}", str5);
            return Response.status(400).build();
        }
    }

    @Path("{username}.json")
    @PUT
    @RestQuery(name = "updateUser", description = "Update an user", returnDescription = "Status ok", restParameters = {@RestParameter(name = "password", description = "The password.", isRequired = true, type = RestParameter.Type.STRING), @RestParameter(name = "name", description = "The name.", isRequired = false, type = RestParameter.Type.STRING), @RestParameter(name = "email", description = "The email.", isRequired = false, type = RestParameter.Type.STRING), @RestParameter(name = "roles", description = "The user roles as a json array, for example: [\"ROLE_USER\", \"ROLE_ADMIN\"]", isRequired = false, type = RestParameter.Type.STRING)}, pathParameters = {@RestParameter(name = "username", description = "The username", isRequired = true, type = RestParameter.Type.STRING)}, reponses = {@RestResponse(responseCode = 400, description = "Malformed request syntax."), @RestResponse(responseCode = 403, description = "Not enough permissions to update a user with the admin role."), @RestResponse(responseCode = 200, description = "User has been updated.")})
    public Response setUser(@PathParam("username") String str, @FormParam("password") String str2, @FormParam("name") String str3, @FormParam("email") String str4, @FormParam("roles") String str5) {
        try {
            if (this.jpaUserAndRoleProvider.loadUser(str) == null) {
                return createUser(str, str2, str3, str4, str5);
            }
            Set<JpaRole> parseRoles = parseRoles(str5);
            logger.debug("Updating user {}", str);
            this.jpaUserAndRoleProvider.updateUser(new JpaUser(str, str2, this.securityService.getOrganization(), str3, str4, this.jpaUserAndRoleProvider.getName(), true, parseRoles));
            return Response.status(200).build();
        } catch (IllegalArgumentException e) {
            logger.debug("Request with malformed ROLE data: {}", str5);
            return Response.status(400).build();
        } catch (UnauthorizedException e2) {
            logger.debug("Update user failed", e2);
            return Response.status(Response.Status.FORBIDDEN).build();
        } catch (NotFoundException e3) {
            logger.debug("User {} not found.", str);
            return Response.status(404).build();
        }
    }

    @Path("{username}.json")
    @DELETE
    @RestQuery(name = "deleteUser", description = "Delete a new  user", returnDescription = "Status ok", pathParameters = {@RestParameter(name = "username", type = RestParameter.Type.STRING, isRequired = true, description = "The username")}, reponses = {@RestResponse(responseCode = 200, description = "User has been deleted."), @RestResponse(responseCode = 403, description = "Not enough permissions to delete a user with the admin role."), @RestResponse(responseCode = 404, description = "User not found.")})
    public Response deleteUser(@PathParam("username") String str) {
        try {
            this.jpaUserAndRoleProvider.deleteUser(str, this.securityService.getOrganization().getId());
            logger.debug("User {} removed.", str);
            return Response.status(200).build();
        } catch (UnauthorizedException e) {
            logger.debug("Error during deletion of user {}: {}", str, e);
            return Response.status(403).build();
        } catch (NotFoundException e2) {
            logger.debug("User {} not found.", str);
            return Response.status(404).build();
        } catch (Exception e3) {
            logger.error("Error during deletion of user {}: {}", str, e3);
            return Response.status(500).build();
        }
    }

    private Set<JpaRole> parseRoles(String str) throws IllegalArgumentException {
        try {
            JSONArray jSONArray = (JSONArray) JSONValue.parseWithException(StringUtils.isEmpty(str) ? "[]" : str);
            HashSet hashSet = new HashSet();
            Iterator it = jSONArray.iterator();
            while (it.hasNext()) {
                try {
                    hashSet.add(new JpaRole((String) it.next(), this.securityService.getOrganization()));
                } catch (ClassCastException e) {
                    throw new IllegalArgumentException("Error parsing array vales as String", e);
                }
            }
            return hashSet;
        } catch (Exception e2) {
            throw new IllegalArgumentException("Error parsing JSON array", e2);
        }
    }
}
