package com.atlassian.jira.rest.internal.v2.user;

import com.atlassian.jira.permission.ProjectPermissions;
import com.atlassian.jira.permission.UserSearchConfiguration;
import com.atlassian.jira.rest.api.http.CacheControl;
import com.atlassian.jira.rest.exception.NotAuthorisedWebException;
import com.atlassian.jira.security.JiraAuthenticationContext;
import com.atlassian.jira.security.plugin.ProjectPermissionKey;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.plugins.rest.api.security.annotation.AnonymousSiteAccess;
import java.util.Arrays;
import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.inject.Inject;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils;

@Produces({"application/json"})
@Path("users")
@AnonymousSiteAccess
/* loaded from: input_file:com/atlassian/jira/rest/internal/v2/user/UserPickerResource.class */
public class UserPickerResource {
    private static final String DEFAULT_MAX_RESULTS_STR = "50";
    private static final String DELIMITER = ",";
    private static final int MAX_MAX_RESULTS = UserSearchConfiguration.getMaxTopReturnedUsersValue();
    private static final int MIN_MAX_RESULTS = 1;
    private final JiraAuthenticationContext authContext;
    private final UserPickerResourceHelper resourceHelper;

    @Inject
    public UserPickerResource(JiraAuthenticationContext jiraAuthenticationContext, UserPickerResourceHelper userPickerResourceHelper) {
        this.authContext = jiraAuthenticationContext;
        this.resourceHelper = userPickerResourceHelper;
    }

    @GET
    @Path("assignee")
    public Response findAssignableUsers(@QueryParam("includeInvolvement") @DefaultValue("false") boolean z, @QueryParam("issueKey") @DefaultValue("") String str, @QueryParam("maxResults") @DefaultValue("50") int i, @QueryParam("projectKeys") @DefaultValue("") String str2, @QueryParam("query") @DefaultValue("") String str3) {
        return findAssignableUsersCommon(z, str, i, str2, str3);
    }

    @GET
    @Path("assignee/multiProjectSearch")
    public Response findAssignableUsersInProjects(@QueryParam("maxResults") @DefaultValue("50") int i, @QueryParam("projectKeys") @DefaultValue("") String str, @QueryParam("query") @DefaultValue("") String str2) {
        return findAssignableUsersCommon(false, null, i, str, str2);
    }

    @GET
    @Path("mention")
    public Response findMentionableUsers(@QueryParam("includeInvolvement") @DefaultValue("false") boolean z, @QueryParam("issueKey") @DefaultValue("") String str, @QueryParam("maxResults") @DefaultValue("50") int i, @QueryParam("projectKeys") @DefaultValue("") String str2, @QueryParam("query") @DefaultValue("") String str3) {
        ApplicationUser loggedInUser = this.authContext.getLoggedInUser();
        checkPermissions(loggedInUser, str, getProjectKeys(str2), ProjectPermissions.BROWSE_PROJECTS);
        return Response.ok(this.resourceHelper.findUsersExtracted(str3, z, str, getProjectKeys(str2), clampMaxResults(i), loggedInUser, true, ProjectPermissions.BROWSE_PROJECTS, ProjectPermissions.BROWSE_PROJECTS).users).cacheControl(CacheControl.never()).build();
    }

    private void checkPermissions(ApplicationUser applicationUser, String str, List<String> list, ProjectPermissionKey projectPermissionKey) {
        if (!this.resourceHelper.checkUserPermission(applicationUser, this.resourceHelper.getProjectsIssueFirst(applicationUser, str, list), projectPermissionKey)) {
            throw new NotAuthorisedWebException();
        }
    }

    @GET
    @Path("reporter")
    public Response findReporterUsers(@QueryParam("includeInvolvement") @DefaultValue("false") boolean z, @QueryParam("issueKey") @DefaultValue("") String str, @QueryParam("maxResults") @DefaultValue("100") int i, @QueryParam("projectKeys") @DefaultValue("") String str2, @QueryParam("query") @DefaultValue("") String str3) {
        ApplicationUser loggedInUser = this.authContext.getLoggedInUser();
        List<String> projectKeys = getProjectKeys(str2);
        checkPermissions(loggedInUser, str, projectKeys, ProjectPermissions.MODIFY_REPORTER);
        return Response.ok(this.resourceHelper.findUsersExtracted(str3, z, str, projectKeys, clampMaxResults(i), loggedInUser, false, ProjectPermissions.MODIFY_REPORTER, ProjectPermissions.BROWSE_PROJECTS)).cacheControl(CacheControl.never()).build();
    }

    private static int clampMaxResults(int i) {
        return Math.min(Math.max(i, MIN_MAX_RESULTS), MAX_MAX_RESULTS);
    }

    private Response findAssignableUsersCommon(boolean z, @Nullable String str, int i, @Nonnull String str2, @Nonnull String str3) {
        ApplicationUser loggedInUser = this.authContext.getLoggedInUser();
        List<String> projectKeys = getProjectKeys(str2);
        checkPermissions(loggedInUser, str, projectKeys, ProjectPermissions.ASSIGN_ISSUES);
        return Response.ok(this.resourceHelper.findUsersExtracted(str3, z, str, projectKeys, clampMaxResults(i), loggedInUser, false, ProjectPermissions.ASSIGN_ISSUES, ProjectPermissions.ASSIGNABLE_USER)).cacheControl(CacheControl.never()).build();
    }

    private List<String> getProjectKeys(String str) {
        return Arrays.asList(StringUtils.split(str, DELIMITER));
    }
}
