package com.atlassian.jira.rest.v2.project.type;

import com.atlassian.jira.JiraFeatureFlagRegistrar;
import com.atlassian.jira.permission.ProjectPermissions;
import com.atlassian.jira.project.type.ProjectType;
import com.atlassian.jira.project.type.ProjectTypeKey;
import com.atlassian.jira.project.type.ProjectTypeManager;
import com.atlassian.jira.rest.exception.NotAuthorisedWebException;
import com.atlassian.jira.security.JiraAuthenticationContext;
import com.atlassian.jira.security.PermissionManager;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.util.AccessDisablingHelper;
import com.atlassian.jira.util.AccessDisablingHelperConfig;
import com.atlassian.plugins.rest.api.security.annotation.AnonymousSiteAccess;
import com.google.common.base.Preconditions;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import io.atlassian.fugue.Option;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import javax.inject.Inject;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Response;

@Path("project/type")
@Consumes({"application/json"})
@Produces({"application/json"})
@AnonymousSiteAccess
/* loaded from: input_file:com/atlassian/jira/rest/v2/project/type/ProjectTypeResource.class */
public class ProjectTypeResource {
    private final ProjectTypeManager projectTypeManager;
    private final JiraAuthenticationContext authenticationContext;
    private final PermissionManager permissionManager;
    private final AccessDisablingHelper accessDisablingHelper;

    @Inject
    public ProjectTypeResource(ProjectTypeManager projectTypeManager, JiraAuthenticationContext jiraAuthenticationContext, PermissionManager permissionManager, AccessDisablingHelper accessDisablingHelper) {
        this.projectTypeManager = (ProjectTypeManager) Preconditions.checkNotNull(projectTypeManager);
        this.authenticationContext = (JiraAuthenticationContext) Preconditions.checkNotNull(jiraAuthenticationContext);
        this.permissionManager = (PermissionManager) Preconditions.checkNotNull(permissionManager);
        this.accessDisablingHelper = (AccessDisablingHelper) Preconditions.checkNotNull(accessDisablingHelper);
    }

    @GET
    @Operation(summary = "Get all project types", description = "Returns all the project types defined on the Jira instance, not taking into account whether the license to use those project types is valid or not. In case of anonymous checks if they can access at least one project.", security = {@SecurityRequirement(name = "basic")})
    @ApiResponses({@ApiResponse(description = "Returns a list with all the project types defined on the Jira instance", responseCode = "200", content = {@Content(schema = @Schema(implementation = ProjectTypeBean.class))}), @ApiResponse(description = "A response status of 401 indicates that there is not a logged in user and therefore this operation can't be performed", responseCode = "401")})
    public Response getAllProjectTypes() {
        blockAnonymousIfNeeded();
        return Response.ok(Lists.newArrayList(Iterables.transform(this.projectTypeManager.getAllProjectTypes(), this::toBean))).build();
    }

    @GET
    @Path("{projectTypeKey}")
    @Operation(summary = "Get project type by key", description = "Returns the project type with the given key. In case of anonymous checks if they can access at least one project.", security = {@SecurityRequirement(name = "basic")})
    @Parameter(name = "projectTypeKey", description = "The key of the project type", required = true)
    @ApiResponses({@ApiResponse(description = "Returns a representation of the project type with the given id", responseCode = "200", content = {@Content(schema = @Schema(implementation = ProjectTypeBean.class), mediaType = "application/json")}), @ApiResponse(description = "A response status of 401 indicates that there is not a logged in user and therefore this operation can't be performed", responseCode = "401")})
    public Response getProjectTypeByKey(@PathParam("projectTypeKey") String str) {
        blockAnonymousIfNeeded();
        Option byKey = this.projectTypeManager.getByKey(new ProjectTypeKey(str));
        return byKey.isDefined() ? Response.ok(toBean((ProjectType) byKey.get())).build() : Response.status(Response.Status.NOT_FOUND).build();
    }

    @GET
    @Path("{projectTypeKey}/accessible")
    @Operation(summary = "Get project type by key", description = "Returns the project type with the given key, if it is accessible to the logged in user. This takes into account whether the user is licensed on the Application that defines the project type.", security = {@SecurityRequirement(name = "basic")})
    @Parameter(name = "projectTypeKey", description = "The key of the project type", required = true)
    @ApiResponses({@ApiResponse(description = "Returns a representation of the project type with the given id", responseCode = "200", content = {@Content(schema = @Schema(implementation = ProjectTypeBean.class), mediaType = "application/json")}), @ApiResponse(description = "A response status of 401 indicates that there is not a logged in user and therefore this operation can't be performed", responseCode = "401"), @ApiResponse(description = "A response status of 404 indicates that the project type is not accessible for the logged in user", responseCode = "404")})
    public Response getAccessibleProjectTypeByKey(@PathParam("projectTypeKey") String str) {
        if (!this.authenticationContext.isLoggedInUser()) {
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        Option accessibleProjectType = this.projectTypeManager.getAccessibleProjectType(this.authenticationContext.getLoggedInUser(), new ProjectTypeKey(str));
        return accessibleProjectType.isDefined() ? Response.ok(toBean((ProjectType) accessibleProjectType.get())).build() : Response.status(Response.Status.NOT_FOUND).build();
    }

    private ProjectTypeBean toBean(ProjectType projectType) {
        return new ProjectTypeBean(projectType.getKey().getKey(), projectType.getDescriptionI18nKey(), projectType.getIcon(), projectType.getColor());
    }

    private void blockAnonymousIfNeeded() {
        if (!this.accessDisablingHelper.canBeAccessedByCurrentUser(AccessDisablingHelperConfig.builder().logDeprecatedSinceVersion("10.5.0").blockAccessSinceVersion("10.0.0").blockAnyoneNotFulfillingCondition(this::canUserAccess).featureFlag(JiraFeatureFlagRegistrar.PROJECT_TYPE_ANONYMOUS_ACCESS.featureKey()).build())) {
            throw new NotAuthorisedWebException();
        }
    }

    private boolean canUserAccess(ApplicationUser applicationUser) {
        return applicationUser != null || this.permissionManager.hasProjects(ProjectPermissions.BROWSE_PROJECTS, (ApplicationUser) null);
    }
}
