package com.atlassian.jira.rest.v2.issue;

import com.atlassian.jira.bc.user.search.UserSearchParams;
import com.atlassian.jira.config.ConstantsManager;
import com.atlassian.jira.issue.CustomFieldManager;
import com.atlassian.jira.issue.customfields.CustomFieldUtils;
import com.atlassian.jira.issue.fields.CustomField;
import com.atlassian.jira.issue.fields.config.FieldConfig;
import com.atlassian.jira.issue.fields.config.manager.FieldConfigSchemeManager;
import com.atlassian.jira.issue.search.SearchContext;
import com.atlassian.jira.issue.search.SearchContextImpl;
import com.atlassian.jira.permission.GlobalPermissionKey;
import com.atlassian.jira.permission.ProjectPermissions;
import com.atlassian.jira.project.Project;
import com.atlassian.jira.project.ProjectManager;
import com.atlassian.jira.rest.api.http.CacheControl;
import com.atlassian.jira.rest.v2.issue.groups.GroupPickerResourceHelper;
import com.atlassian.jira.rest.v2.issue.users.UserPickerResourceHelper;
import com.atlassian.jira.security.GlobalPermissionManager;
import com.atlassian.jira.security.JiraAuthenticationContext;
import com.atlassian.jira.security.PermissionManager;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.user.UserFilter;
import com.atlassian.jira.user.UserFilterManager;
import com.atlassian.jira.util.I18nHelper;
import com.atlassian.plugins.rest.api.security.annotation.AnonymousSiteAccess;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Iterables;
import com.google.common.collect.Sets;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.Parameters;
import io.swagger.v3.oas.annotations.enums.ParameterIn;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;

@Path("groupuserpicker")
@Consumes({"application/json"})
@Produces({"application/json"})
@AnonymousSiteAccess
/* loaded from: input_file:com/atlassian/jira/rest/v2/issue/GroupAndUserPickerResource.class */
public class GroupAndUserPickerResource {
    private final JiraAuthenticationContext authContext;
    private final ConstantsManager constantsManager;
    private final CustomFieldManager customFieldManager;
    private final FieldConfigSchemeManager fieldConfigSchemeManager;
    private final GroupPickerResourceHelper groupPickerHelper;
    private final PermissionManager permissionManager;
    private final ProjectManager projectManager;
    private final UserFilterManager userFilterManager;
    private final UserPickerResourceHelper userPickerHelper;
    private final GlobalPermissionManager globalPermissionManager;
    private final I18nHelper i18n;

    @Inject
    public GroupAndUserPickerResource(JiraAuthenticationContext jiraAuthenticationContext, ConstantsManager constantsManager, CustomFieldManager customFieldManager, FieldConfigSchemeManager fieldConfigSchemeManager, GroupPickerResourceHelper groupPickerResourceHelper, PermissionManager permissionManager, ProjectManager projectManager, UserFilterManager userFilterManager, UserPickerResourceHelper userPickerResourceHelper, GlobalPermissionManager globalPermissionManager, I18nHelper i18nHelper) {
        this.authContext = jiraAuthenticationContext;
        this.constantsManager = constantsManager;
        this.customFieldManager = customFieldManager;
        this.fieldConfigSchemeManager = fieldConfigSchemeManager;
        this.groupPickerHelper = groupPickerResourceHelper;
        this.permissionManager = permissionManager;
        this.projectManager = projectManager;
        this.userFilterManager = userFilterManager;
        this.userPickerHelper = userPickerResourceHelper;
        this.globalPermissionManager = globalPermissionManager;
        this.i18n = i18nHelper;
    }

    @GET
    @Operation(summary = "Get users and groups matching query with highlighting", description = "Returns a list of users and groups matching query with highlighting", security = {@SecurityRequirement(name = "basic")})
    @Parameters({@Parameter(name = "query", description = "A string used to search username, Name or e-mail address", in = ParameterIn.QUERY), @Parameter(name = "maxResults", description = "The maximum number of users to return", in = ParameterIn.QUERY), @Parameter(name = "showAvatar", description = "Show avatar", in = ParameterIn.QUERY), @Parameter(name = "fieldId", description = "The custom field id", in = ParameterIn.QUERY), @Parameter(name = "projectId", description = "The list of project ids to further restrict the search", in = ParameterIn.QUERY), @Parameter(name = "issueTypeId", description = "The list of issue type ids to further restrict the search", in = ParameterIn.QUERY)})
    @ApiResponses({@ApiResponse(description = "Returns a list of users and groups matching query with highlighting", responseCode = "200", content = {@Content(schema = @Schema(implementation = UsersAndGroupsBean.class))}), @ApiResponse(description = "Returned if the user does not have permission to view users and groups", responseCode = "403")})
    public Response findUsersAndGroups(@QueryParam("query") String str, @QueryParam("maxResults") Integer num, @QueryParam("showAvatar") Boolean bool, @QueryParam("fieldId") String str2, @QueryParam("projectId") List<String> list, @QueryParam("issueTypeId") List<String> list2) {
        ApplicationUser loggedInUser = this.authContext.getLoggedInUser();
        if (loggedInUser == null && !this.globalPermissionManager.hasPermission(GlobalPermissionKey.USER_PICKER, loggedInUser)) {
            return Response.status(Response.Status.FORBIDDEN).entity(this.i18n.getText("rest.authentication.no.user.logged.in")).build();
        }
        UserSearchParams.Builder includeInactive = UserSearchParams.builder().allowEmptyQuery(false).includeActive(true).includeInactive(false);
        boolean z = false;
        if (StringUtils.isNotBlank(str2) && !updateParamWithUserFilter(includeInactive, str2, new SearchContextImpl((List) null, getProjectIdList(list), getIssueTypeIdList(list2)))) {
            z = true;
        }
        return Response.ok(new UsersAndGroupsBean(this.userPickerHelper.findUsersAsBean(z ? "" : str, num, bool, null, includeInactive.build()), this.groupPickerHelper.findGroupsAsBean(str, null, num, null))).cacheControl(CacheControl.never()).build();
    }

    private boolean updateParamWithUserFilter(UserSearchParams.Builder builder, String str, SearchContext searchContext) {
        FieldConfig releventConfig;
        UserFilter filter;
        CustomField customFieldObject = this.customFieldManager.getCustomFieldObject(str);
        if (customFieldObject == null || (releventConfig = customFieldObject.getReleventConfig(searchContext)) == null || (filter = this.userFilterManager.getFilter(releventConfig)) == null) {
            return false;
        }
        builder.filter(filter);
        if (!CollectionUtils.isNotEmpty(filter.getRoleIds())) {
            return true;
        }
        builder.filterByProjectIds(ImmutableList.copyOf(Iterables.transform(Iterables.filter(getProjectObjects(getProjectIdsFromFieldConfig(searchContext.getProjectIds(), releventConfig)), project -> {
            return project != null && this.permissionManager.hasPermission(ProjectPermissions.BROWSE_PROJECTS, project, this.authContext.getUser());
        }), (v0) -> {
            return v0.getId();
        })));
        return true;
    }

    private Collection<Long> getProjectIdsFromFieldConfig(Collection<Long> collection, FieldConfig fieldConfig) {
        return CollectionUtils.isNotEmpty(collection) ? collection : CustomFieldUtils.getProjectIdsFromProjectOrFieldConfig((Long) null, fieldConfig, this.fieldConfigSchemeManager, this.projectManager);
    }

    private Iterable<Project> getProjectObjects(Collection<Long> collection) {
        if (CollectionUtils.isEmpty(collection)) {
            return List.of();
        }
        if (collection.size() != 1) {
            return Iterables.filter(this.projectManager.getProjectObjects(), project -> {
                return project != null && collection.contains(project.getId());
            });
        }
        Project projectObj = this.projectManager.getProjectObj(collection.iterator().next());
        return projectObj == null ? List.of() : List.of(projectObj);
    }

    private List<Long> getProjectIdList(List<String> list) {
        HashSet newHashSet = Sets.newHashSet();
        if (CollectionUtils.isNotEmpty(list)) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                long j = NumberUtils.toLong(it.next(), -1L);
                if (j > 0) {
                    newHashSet.add(Long.valueOf(j));
                }
            }
        }
        return ImmutableList.copyOf(newHashSet);
    }

    private List<String> getIssueTypeIdList(List<String> list) {
        HashSet newHashSet = Sets.newHashSet();
        if (CollectionUtils.isNotEmpty(list)) {
            for (String str : list) {
                if (NumberUtils.toLong(str, -1L) > 0) {
                    newHashSet.addAll(this.constantsManager.expandIssueTypeIds(List.of(str)));
                }
            }
        }
        return ImmutableList.copyOf(newHashSet);
    }
}
