package org.opennms.web.rest.v1;

import java.util.Collections;
import java.util.Comparator;
import java.util.Iterator;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriInfo;
import org.opennms.netmgt.config.UserManager;
import org.opennms.netmgt.model.OnmsUser;
import org.opennms.netmgt.model.OnmsUserList;
import org.opennms.web.rest.support.MultivaluedMapImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanWrapper;
import org.springframework.beans.PropertyAccessorFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;

@Path("users")
@Transactional
@Component("userRestService")
/* loaded from: input_file:org/opennms/web/rest/v1/UserRestService.class */
public class UserRestService extends OnmsRestService {
    private static final Logger LOG = LoggerFactory.getLogger(UserRestService.class);
    private static final Comparator<OnmsUser> USER_COMPARATOR = new Comparator<OnmsUser>() { // from class: org.opennms.web.rest.v1.UserRestService.1
        @Override // java.util.Comparator
        public int compare(OnmsUser onmsUser, OnmsUser onmsUser2) {
            return onmsUser.getUsername().compareTo(onmsUser2.getUsername());
        }
    };

    @Autowired
    private UserManager m_userManager;

    @GET
    @Produces({"application/xml", "application/json", "application/atom+xml"})
    public OnmsUserList getUsers(@Context SecurityContext securityContext) {
        try {
            return filterUserPasswords(securityContext, this.m_userManager.getOnmsUserList());
        } catch (Throwable th) {
            throw getException(Response.Status.BAD_REQUEST, th);
        }
    }

    @GET
    @Produces({"application/xml", "application/json", "application/atom+xml"})
    @Path("{username}")
    public OnmsUser getUser(@Context SecurityContext securityContext, @PathParam("username") String str) {
        try {
            OnmsUser onmsUser = this.m_userManager.getOnmsUser(str);
            if (onmsUser != null) {
                return filterUserPassword(securityContext, onmsUser);
            }
            throw getException(Response.Status.NOT_FOUND, str + " does not exist", new String[0]);
        } catch (Throwable th) {
            if (th instanceof WebApplicationException) {
                throw th;
            }
            throw getException(Response.Status.BAD_REQUEST, th);
        }
    }

    @POST
    @Consumes({"application/xml"})
    public Response addUser(@Context SecurityContext securityContext, @Context UriInfo uriInfo, OnmsUser onmsUser) {
        writeLock();
        try {
            try {
                if (!hasEditRights(securityContext)) {
                    throw getException(Response.Status.BAD_REQUEST, new RuntimeException(securityContext.getUserPrincipal().getName() + " does not have write access to users!"));
                }
                LOG.debug("addUser: Adding user {}", onmsUser);
                this.m_userManager.save(onmsUser);
                Response build = Response.seeOther(getRedirectUri(uriInfo, onmsUser.getUsername())).build();
                writeUnlock();
                return build;
            } catch (Throwable th) {
                throw getException(Response.Status.BAD_REQUEST, th);
            }
        } catch (Throwable th2) {
            writeUnlock();
            throw th2;
        }
    }

    @Path("{userCriteria}")
    @PUT
    @Consumes({"application/x-www-form-urlencoded"})
    public Response updateUser(@Context SecurityContext securityContext, @Context UriInfo uriInfo, @PathParam("userCriteria") String str, MultivaluedMapImpl multivaluedMapImpl) {
        writeLock();
        try {
            if (!hasEditRights(securityContext)) {
                throw getException(Response.Status.BAD_REQUEST, new RuntimeException(securityContext.getUserPrincipal().getName() + " does not have write access to users!"));
            }
            try {
                OnmsUser onmsUser = this.m_userManager.getOnmsUser(str);
                if (onmsUser == null) {
                    throw getException(Response.Status.BAD_REQUEST, "updateUser: User does not exist: " + str, new String[0]);
                }
                LOG.debug("updateUser: updating user {}", onmsUser);
                BeanWrapper forBeanPropertyAccess = PropertyAccessorFactory.forBeanPropertyAccess(onmsUser);
                for (String str2 : multivaluedMapImpl.keySet()) {
                    if (forBeanPropertyAccess.isWritableProperty(str2)) {
                        forBeanPropertyAccess.setPropertyValue(str2, forBeanPropertyAccess.convertIfNecessary((String) multivaluedMapImpl.getFirst(str2), forBeanPropertyAccess.getPropertyType(str2)));
                    }
                }
                LOG.debug("updateUser: user {} updated", onmsUser);
                try {
                    this.m_userManager.save(onmsUser);
                    Response build = Response.seeOther(getRedirectUri(uriInfo, new Object[0])).build();
                    writeUnlock();
                    return build;
                } catch (Throwable th) {
                    throw getException(Response.Status.INTERNAL_SERVER_ERROR, th);
                }
            } catch (Throwable th2) {
                throw getException(Response.Status.BAD_REQUEST, th2);
            }
        } catch (Throwable th3) {
            writeUnlock();
            throw th3;
        }
    }

    @Path("{userCriteria}")
    @DELETE
    public Response deleteUser(@Context SecurityContext securityContext, @PathParam("userCriteria") String str) {
        writeLock();
        try {
            if (!hasEditRights(securityContext)) {
                throw getException(Response.Status.BAD_REQUEST, new RuntimeException(securityContext.getUserPrincipal().getName() + " does not have write access to users!"));
            }
            try {
                OnmsUser onmsUser = this.m_userManager.getOnmsUser(str);
                if (onmsUser == null) {
                    throw getException(Response.Status.BAD_REQUEST, "deleteUser: User does not exist: " + str, new String[0]);
                }
                LOG.debug("deleteUser: deleting user {}", onmsUser);
                try {
                    this.m_userManager.deleteUser(onmsUser.getUsername());
                    Response build = Response.ok().build();
                    writeUnlock();
                    return build;
                } catch (Throwable th) {
                    throw getException(Response.Status.INTERNAL_SERVER_ERROR, th);
                }
            } catch (Throwable th2) {
                throw getException(Response.Status.BAD_REQUEST, th2);
            }
        } catch (Throwable th3) {
            writeUnlock();
            throw th3;
        }
    }

    private static boolean hasEditRights(SecurityContext securityContext) {
        return securityContext.isUserInRole("ROLE_ADMIN") || securityContext.isUserInRole("ROLE_REST");
    }

    private static OnmsUserList filterUserPasswords(SecurityContext securityContext, OnmsUserList onmsUserList) {
        Collections.sort(onmsUserList.getUsers(), USER_COMPARATOR);
        Iterator it = onmsUserList.iterator();
        while (it.hasNext()) {
            filterUserPassword(securityContext, (OnmsUser) it.next());
        }
        return onmsUserList;
    }

    private static OnmsUser filterUserPassword(SecurityContext securityContext, OnmsUser onmsUser) {
        if (!hasEditRights(securityContext)) {
            if (!onmsUser.getUsername().equals(securityContext.getUserPrincipal().getName())) {
                onmsUser.setPassword("xxxxxxxx");
                onmsUser.setPasswordSalted(false);
            }
        }
        return onmsUser;
    }
}
