package pl.psnc.dl.wf4ever.accesscontrol;

import com.hp.hpl.jena.shared.NotFoundException;
import java.util.List;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.apache.log4j.Logger;
import pl.psnc.dl.wf4ever.accesscontrol.dicts.Role;
import pl.psnc.dl.wf4ever.accesscontrol.model.Permission;
import pl.psnc.dl.wf4ever.accesscontrol.model.dao.PermissionDAO;
import pl.psnc.dl.wf4ever.auth.RequestAttribute;
import pl.psnc.dl.wf4ever.db.UserProfile;
import pl.psnc.dl.wf4ever.db.dao.UserProfileDAO;
import pl.psnc.dl.wf4ever.dl.ConflictException;
import pl.psnc.dl.wf4ever.dl.UserMetadata;
import pl.psnc.dl.wf4ever.exceptions.BadRequestException;
import pl.psnc.dl.wf4ever.model.Builder;

@Path("accesscontrol/permissions/")
/* loaded from: input_file:WEB-INF/classes/pl/psnc/dl/wf4ever/accesscontrol/PermissionResource.class */
public class PermissionResource {
    private static final Logger LOGGER = Logger.getLogger(PermissionResource.class);

    @Context
    UriInfo uriInfo;

    @RequestAttribute("Builder")
    private Builder builder;
    PermissionDAO dao = new PermissionDAO();
    UserProfileDAO userProfileDAO = new UserProfileDAO();

    @POST
    @Produces({"application/json"})
    @Consumes({"application/json"})
    public Response addPermissions(Permission permission) throws BadRequestException {
        if (this.dao.findByUserROAndPermission(permission.getUser(), permission.getRo(), permission.getRole()).size() > 0) {
            throw new ConflictException("The permission was already given");
        }
        if (!this.builder.getUser().getRole().equals(UserMetadata.Role.ADMIN)) {
            UserProfile findByLogin = this.userProfileDAO.findByLogin(this.builder.getUser().getLogin());
            if (findByLogin == null) {
                throw new BadRequestException("There is no user like this");
            }
            List<Permission> findByUserROAndPermission = this.dao.findByUserROAndPermission(findByLogin, permission.getRo(), Role.OWNER);
            if (findByUserROAndPermission.size() == 0) {
                throw new BadRequestException("The given ro doesn't exists or doesn't belong to user");
            }
            if (findByUserROAndPermission.size() > 1) {
                LOGGER.error("Multiply RO ownership detected for" + permission.getRo());
                throw new WebApplicationException(500);
            }
        }
        if (permission.getUser() == null) {
            throw new BadRequestException("Given user login doesn't exist");
        }
        this.dao.save(permission);
        permission.setUri(this.uriInfo.getRequestUri().resolve("").resolve(permission.getId().toString()));
        return Response.created(this.uriInfo.getRequestUri().resolve("").resolve(permission.getId().toString())).type("application/json").entity(permission).build();
    }

    @Produces({"application/json"})
    @GET
    @Path("{permission_id}/")
    public Permission getPermission(@PathParam("permission_id") String str) {
        Permission findById = this.dao.findById(Integer.valueOf(str));
        if (findById != null) {
            findById.setUri(this.uriInfo.getRequestUri().resolve(findById.getId().toString()));
        }
        return findById;
    }

    @Produces({"application/json"})
    @Path("{permission_id}/")
    @DELETE
    public Response deletePermission(@PathParam("permission_id") String str) throws BadRequestException {
        Permission findById = this.dao.findById(Integer.valueOf(str));
        if (findById == null) {
            throw new NotFoundException("The permission " + str + " doesn't exists");
        }
        if (findById.getRole().equals(Role.OWNER)) {
            throw new BadRequestException("Can't remove owner Role");
        }
        this.dao.delete(findById);
        return Response.noContent().build();
    }

    @GET
    @Produces({"application/json"})
    public Permission[] getPermissions(@QueryParam("ro") String str) {
        List<Permission> findByResearchObject = this.dao.findByResearchObject(str);
        if (findByResearchObject == null || findByResearchObject.size() == 0) {
            return new Permission[0];
        }
        Permission[] permissionArr = new Permission[findByResearchObject.size()];
        for (int i = 0; i < findByResearchObject.size(); i++) {
            permissionArr[i] = findByResearchObject.get(i);
            permissionArr[i].setUri(this.uriInfo.getRequestUri().resolve(permissionArr[i].getId().toString()));
        }
        return permissionArr;
    }
}
