package org.sonatype.security.rest.roles;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.enterprise.inject.Typed;
import javax.inject.Named;
import javax.inject.Singleton;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import org.apache.commons.lang.StringUtils;
import org.codehaus.enunciate.contract.jaxrs.ResourceMethodSignature;
import org.restlet.Context;
import org.restlet.data.Form;
import org.restlet.data.Request;
import org.restlet.data.Response;
import org.restlet.data.Status;
import org.restlet.resource.ResourceException;
import org.sonatype.nexus.rest.component.AbstractComponentListPlexusResource;
import org.sonatype.plexus.rest.resource.PathProtectionDescriptor;
import org.sonatype.plexus.rest.resource.PlexusResource;
import org.sonatype.security.authorization.NoSuchAuthorizationManagerException;
import org.sonatype.security.authorization.Privilege;
import org.sonatype.security.authorization.Role;
import org.sonatype.security.rest.AbstractSecurityPlexusResource;
import org.sonatype.security.rest.model.PlexusRoleResource;
import org.sonatype.security.rest.model.RoleAndPrivilegeListFilterResourceRequest;
import org.sonatype.security.rest.model.RoleAndPrivilegeListResource;
import org.sonatype.security.rest.model.RoleAndPrivilegeListResourceResponse;
import org.sonatype.security.rest.model.RoleListResourceResponse;
import org.sonatype.security.usermanagement.UserNotFoundException;

@Path(RoleAndPrivilegeListPlexusResource.RESOURCE_URI)
@Consumes({"application/xml", "application/json"})
@Named("RoleAndPrivilegeListPlexusResource")
@Singleton
@Typed({PlexusResource.class})
@Produces({"application/xml", "application/json"})
/* loaded from: input_file:WEB-INF/plugin-repository/nexus-restlet1x-plugin-2.14.5-02/nexus-restlet1x-plugin-2.14.5-02.jar:org/sonatype/security/rest/roles/RoleAndPrivilegeListPlexusResource.class */
public class RoleAndPrivilegeListPlexusResource extends AbstractSecurityPlexusResource {
    public static final String RESOURCE_URI = "/rolesAndPrivs";
    public static final String REQUEST_SORT = "sort";
    public static final String REQUEST_DIR = "dir";
    public static final String REQUEST_START = "start";
    public static final String REQUEST_LIMIT = "limit";

    public RoleAndPrivilegeListPlexusResource() {
        setReadable(false);
        setModifiable(true);
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    public Object getPayloadInstance() {
        return new RoleAndPrivilegeListFilterResourceRequest();
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    public PathProtectionDescriptor getResourceProtection() {
        return new PathProtectionDescriptor(getResourceUri(), "authcBasic,perms[security:roles]");
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    public String getResourceUri() {
        return RESOURCE_URI;
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    @POST
    @ResourceMethodSignature(input = RoleAndPrivilegeListFilterResourceRequest.class, output = RoleListResourceResponse.class)
    public Object post(Context context, Request request, Response response, Object obj) throws ResourceException {
        RoleAndPrivilegeListResourceResponse roleAndPrivilegeListResourceResponse = new RoleAndPrivilegeListResourceResponse();
        ArrayList arrayList = new ArrayList();
        RoleAndPrivilegeListFilterResourceRequest roleAndPrivilegeListFilterResourceRequest = (RoleAndPrivilegeListFilterResourceRequest) obj;
        try {
            Form queryAsForm = request.getResourceRef().getQueryAsForm();
            FilterRequest filterRequest = new FilterRequest(roleAndPrivilegeListFilterResourceRequest);
            Iterator<Role> it = getSecuritySystem().getAuthorizationManager("default").listRoles().iterator();
            while (it.hasNext()) {
                RoleAndPrivilegeListResource dto = toDTO(it.next());
                if (filterRequest.applies(dto)) {
                    arrayList.add(dto);
                }
            }
            Iterator<Privilege> it2 = getSecuritySystem().getAuthorizationManager("default").listPrivileges().iterator();
            while (it2.hasNext()) {
                RoleAndPrivilegeListResource dto2 = toDTO(it2.next());
                if (filterRequest.applies(dto2)) {
                    arrayList.add(dto2);
                }
            }
            if (!StringUtils.isEmpty(roleAndPrivilegeListFilterResourceRequest.getData().getUserId())) {
                try {
                    for (PlexusRoleResource plexusRoleResource : securityToRestModel(getSecuritySystem().getUser(roleAndPrivilegeListFilterResourceRequest.getData().getUserId())).getRoles()) {
                        if (!"default".equals(plexusRoleResource.getSource())) {
                            RoleAndPrivilegeListResource dto3 = toDTO(plexusRoleResource);
                            if (filterRequest.applies(dto3)) {
                                arrayList.add(dto3);
                            }
                        }
                    }
                } catch (UserNotFoundException e) {
                    getLogger().warn("Unable to load user, and retrieve any external roles assigned", (Throwable) e);
                }
            }
            roleAndPrivilegeListResourceResponse.setTotalCount(arrayList.size());
            roleAndPrivilegeListResourceResponse.setData(generateResultSet(arrayList, queryAsForm));
            return roleAndPrivilegeListResourceResponse;
        } catch (NoSuchAuthorizationManagerException e2) {
            getLogger().error("Unable to find AuthorizationManager 'default'", (Throwable) e2);
            throw new ResourceException(Status.SERVER_ERROR_INTERNAL, "Unable to find AuthorizationManager 'default'");
        }
    }

    protected RoleAndPrivilegeListResource toDTO(Role role) {
        RoleAndPrivilegeListResource roleAndPrivilegeListResource = new RoleAndPrivilegeListResource();
        roleAndPrivilegeListResource.setId(role.getRoleId());
        roleAndPrivilegeListResource.setName(role.getName());
        roleAndPrivilegeListResource.setDescription(role.getDescription());
        roleAndPrivilegeListResource.setType(AbstractComponentListPlexusResource.ROLE_ID);
        return roleAndPrivilegeListResource;
    }

    protected RoleAndPrivilegeListResource toDTO(Privilege privilege) {
        RoleAndPrivilegeListResource roleAndPrivilegeListResource = new RoleAndPrivilegeListResource();
        roleAndPrivilegeListResource.setId(privilege.getId());
        roleAndPrivilegeListResource.setName(privilege.getName());
        roleAndPrivilegeListResource.setDescription(privilege.getDescription());
        roleAndPrivilegeListResource.setType("privilege");
        return roleAndPrivilegeListResource;
    }

    protected RoleAndPrivilegeListResource toDTO(PlexusRoleResource plexusRoleResource) {
        RoleAndPrivilegeListResource roleAndPrivilegeListResource = new RoleAndPrivilegeListResource();
        roleAndPrivilegeListResource.setId(plexusRoleResource.getRoleId());
        roleAndPrivilegeListResource.setName(plexusRoleResource.getName());
        roleAndPrivilegeListResource.setDescription("External role from the " + plexusRoleResource.getSource() + " realm, this role cannot be removed.");
        roleAndPrivilegeListResource.setType(AbstractComponentListPlexusResource.ROLE_ID);
        roleAndPrivilegeListResource.setExternal(true);
        return roleAndPrivilegeListResource;
    }

    protected List<RoleAndPrivilegeListResource> generateResultSet(List<RoleAndPrivilegeListResource> list, Form form) {
        sortResultSet(list, form.getFirstValue(REQUEST_SORT), form.getFirstValue(REQUEST_DIR));
        return paginateResultSet(list, form.getFirstValue(REQUEST_START), form.getFirstValue(REQUEST_LIMIT));
    }

    protected void sortResultSet(List<RoleAndPrivilegeListResource> list, String str, String str2) {
        if (StringUtils.isEmpty(str)) {
            return;
        }
        Collections.sort(list, new RoleAndPrivilegeListResourceComparator(str, str2));
    }

    protected List<RoleAndPrivilegeListResource> paginateResultSet(List<RoleAndPrivilegeListResource> list, String str, String str2) {
        int i;
        int i2;
        try {
            i = Integer.parseInt(str);
        } catch (Throwable th) {
            i = 0;
        }
        try {
            i2 = Integer.parseInt(str2);
        } catch (Throwable th2) {
            i2 = Integer.MAX_VALUE;
        }
        ArrayList arrayList = new ArrayList();
        for (int i3 = i; i3 < i + i2 && i3 < list.size(); i3++) {
            arrayList.add(list.get(i3));
        }
        return arrayList;
    }
}
