package fr.in2p3.cc.storage.treqs2.service.resource;

import fr.in2p3.cc.storage.treqs2.core.entity.TreqsStatus;
import fr.in2p3.cc.storage.treqs2.core.entity.TreqsUser;
import fr.in2p3.cc.storage.treqs2.core.entity.controller.EMFSingleton;
import fr.in2p3.cc.storage.treqs2.core.entity.controller.TreqsUserJpaController;
import fr.in2p3.cc.storage.treqs2.core.entity.controller.exceptions.IllegalOrphanException;
import fr.in2p3.cc.storage.treqs2.core.entity.controller.exceptions.NonexistentEntityException;
import fr.in2p3.cc.storage.treqs2.core.entity.controller.exceptions.PreexistingEntityException;
import fr.in2p3.cc.storage.treqs2.service.WSError;
import java.net.URI;
import java.net.URISyntaxException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriInfo;
import org.glassfish.jersey.server.JSONP;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("security")
/* loaded from: input_file:fr/in2p3/cc/storage/treqs2/service/resource/SecurityResource.class */
public class SecurityResource {
    private static final Logger LOGGER = LoggerFactory.getLogger(SecurityResource.class);

    @Context
    private SecurityContext secContext;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:fr/in2p3/cc/storage/treqs2/service/resource/SecurityResource$UserModifier.class */
    public interface UserModifier {
        TreqsUser modify(TreqsUser treqsUser) throws Exception;
    }

    @Path("authentication/user")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    @JSONP
    public Response createUser(TreqsUser treqsUser, @Context UriInfo uriInfo) throws URISyntaxException {
        Response.ResponseBuilder entity;
        TreqsUserJpaController treqsUserJpaController = new TreqsUserJpaController(EMFSingleton.getInstance().getEntityManagerFactory());
        if (treqsUser.getUsername() == null || treqsUser.getUsername().length() == 0) {
            entity = Response.status(Response.Status.BAD_REQUEST).entity(treqsUser);
        } else if (treqsUser.getPassword() == null || treqsUser.getPassword().isEmpty()) {
            entity = Response.status(Response.Status.BAD_REQUEST).entity(treqsUser);
        } else {
            try {
                treqsUserJpaController.create(treqsUser);
                entity = Response.created(new URI(uriInfo.getAbsolutePath() + "/" + treqsUser.getName())).entity(treqsUser);
            } catch (Exception e) {
                LOGGER.error("user create error", e);
                entity = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(new WSError(Response.Status.INTERNAL_SERVER_ERROR, "Could not create user - " + e.getMessage()));
            } catch (PreexistingEntityException e2) {
                entity = Response.status(Response.Status.CONFLICT).entity(new WSError(Response.Status.CONFLICT, "This user already exists: " + treqsUser.getUsername()));
            }
        }
        return entity.build();
    }

    @GET
    @Path("authentication/user/{username}")
    @Consumes({"text/plain"})
    @Produces({"application/json"})
    @JSONP
    public Response getUser(@PathParam("username") String str) {
        TreqsUser findTreqsUser = new TreqsUserJpaController(EMFSingleton.getInstance().getEntityManagerFactory()).findTreqsUser(str);
        return findTreqsUser == null ? Response.status(Response.Status.NOT_FOUND).entity(new WSError(Response.Status.NOT_FOUND, "Could not find user " + str)).build() : Response.ok().entity(findTreqsUser).build();
    }

    @GET
    @Path("authentication/user")
    @Consumes({"text/plain"})
    @Produces({"application/json"})
    @JSONP
    public Response getAllUsers() {
        return Response.ok().entity(new TreqsUserJpaController(EMFSingleton.getInstance().getEntityManagerFactory()).findTreqsUserEntities()).build();
    }

    @Path("authentication/user/{username}/password/{password}")
    @Consumes({"text/plain"})
    @Produces({"application/json"})
    @PUT
    @JSONP
    public Response changePasswordUser(@PathParam("username") String str, @PathParam("password") final String str2) {
        return (str2 == null || str2.length() == 0) ? Response.status(Response.Status.BAD_REQUEST).entity(new WSError(Response.Status.BAD_REQUEST, "Password cannot be empty")).build() : updateUser(str, new UserModifier() { // from class: fr.in2p3.cc.storage.treqs2.service.resource.SecurityResource.1
            @Override // fr.in2p3.cc.storage.treqs2.service.resource.SecurityResource.UserModifier
            public TreqsUser modify(TreqsUser treqsUser) throws Exception {
                treqsUser.setPassword(str2);
                return treqsUser;
            }
        });
    }

    @Path("authentication/user/{username}/grant")
    @Consumes({"text/plain"})
    @Produces({"application/json"})
    @PUT
    @JSONP
    public Response grantUser(@PathParam("username") String str) {
        return updateUser(str, new UserModifier() { // from class: fr.in2p3.cc.storage.treqs2.service.resource.SecurityResource.2
            @Override // fr.in2p3.cc.storage.treqs2.service.resource.SecurityResource.UserModifier
            public TreqsUser modify(TreqsUser treqsUser) {
                treqsUser.setUserStatus(TreqsStatus.UserStatus.ENABLED);
                return treqsUser;
            }
        });
    }

    @Path("authentication/user/{username}/grant")
    @Consumes({"text/plain"})
    @DELETE
    @Produces({"application/json"})
    @JSONP
    public Response denyUser(@PathParam("username") String str) {
        return (this.secContext.getUserPrincipal() == null || !str.equals(this.secContext.getUserPrincipal().getName())) ? updateUser(str, new UserModifier() { // from class: fr.in2p3.cc.storage.treqs2.service.resource.SecurityResource.3
            @Override // fr.in2p3.cc.storage.treqs2.service.resource.SecurityResource.UserModifier
            public TreqsUser modify(TreqsUser treqsUser) {
                treqsUser.setUserStatus(TreqsStatus.UserStatus.DISABLED);
                return treqsUser;
            }
        }) : Response.status(Response.Status.FORBIDDEN).entity(new WSError(Response.Status.FORBIDDEN, "You are not allowed to deny access to yourself")).build();
    }

    @Path("authentication/user/{username}")
    @Consumes({"text/plain"})
    @DELETE
    @Produces({"application/json"})
    @JSONP
    public Response deleteUser(@PathParam("username") String str) {
        TreqsUserJpaController treqsUserJpaController = new TreqsUserJpaController(EMFSingleton.getInstance().getEntityManagerFactory());
        if (this.secContext.getUserPrincipal() != null && str.equals(this.secContext.getUserPrincipal().getName())) {
            return Response.status(Response.Status.FORBIDDEN).entity(new WSError(Response.Status.FORBIDDEN, "You are not allowed to delete your own account")).build();
        }
        try {
            treqsUserJpaController.destroy(str);
            return Response.status(Response.Status.NO_CONTENT).build();
        } catch (IllegalOrphanException e) {
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(new WSError(Response.Status.INTERNAL_SERVER_ERROR, "Could not delete user - " + e.getMessage())).build();
        } catch (NonexistentEntityException e2) {
            return Response.status(Response.Status.NOT_FOUND).entity(new WSError(Response.Status.NOT_FOUND, "Could not find user " + str)).build();
        }
    }

    private Response updateUser(String str, UserModifier userModifier) {
        try {
            TreqsUserJpaController treqsUserJpaController = new TreqsUserJpaController(EMFSingleton.getInstance().getEntityManagerFactory());
            TreqsUser findTreqsUser = treqsUserJpaController.findTreqsUser(str);
            if (findTreqsUser == null) {
                return Response.status(Response.Status.NOT_FOUND).entity(new WSError(Response.Status.NOT_FOUND, "Could not find user " + str)).build();
            }
            TreqsUser modify = userModifier.modify(findTreqsUser);
            treqsUserJpaController.edit(modify);
            return Response.ok().entity(modify).build();
        } catch (Exception e) {
            LOGGER.error("update user error", e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(new WSError(Response.Status.INTERNAL_SERVER_ERROR, e.getMessage())).build();
        }
    }
}
