package com.atlassian.plugins.custom_apps.rest;

import com.atlassian.plugins.custom_apps.api.CustomApp;
import com.atlassian.plugins.custom_apps.api.CustomAppNotFoundException;
import com.atlassian.plugins.custom_apps.api.CustomAppService;
import com.atlassian.plugins.custom_apps.api.CustomAppsValidationException;
import com.atlassian.plugins.custom_apps.rest.data.CustomAppData;
import com.atlassian.plugins.custom_apps.rest.data.MoveBean;
import com.atlassian.plugins.navlink.util.CacheControlFactory;
import com.atlassian.sal.api.user.UserManager;
import com.atlassian.sal.api.websudo.WebSudoRequired;
import com.google.common.base.Function;
import com.google.common.collect.Iterables;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.annotation.Nullable;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.xml.bind.annotation.XmlRootElement;

@Path("/customapps")
@Consumes({"application/json"})
@Produces({"application/json"})
@WebSudoRequired
/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-nav-links-plugin-5.0.0.jar:com/atlassian/plugins/custom_apps/rest/CustomAppsRestResource.class */
public class CustomAppsRestResource {
    private final CustomAppService customAppService;
    private final UserManager userManager;

    @XmlRootElement
    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-nav-links-plugin-5.0.0.jar:com/atlassian/plugins/custom_apps/rest/CustomAppsRestResource$Groups.class */
    private static class Groups {
        public List<String> names;
        public boolean more;

        private Groups(List<String> list, boolean z) {
            this.names = list;
            this.more = z;
        }

        private Groups() {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-nav-links-plugin-5.0.0.jar:com/atlassian/plugins/custom_apps/rest/CustomAppsRestResource$PermissionDeniedException.class */
    public class PermissionDeniedException extends Exception {
        private PermissionDeniedException() {
        }
    }

    public CustomAppsRestResource(CustomAppService customAppService, UserManager userManager) {
        this.customAppService = customAppService;
        this.userManager = userManager;
    }

    @GET
    @Path("list")
    public Response list() {
        return Response.ok(Iterables.transform(this.customAppService.getLocalCustomAppsAndRemoteLinks(), converter())).cacheControl(CacheControlFactory.withNoCache()).build();
    }

    private Function<CustomApp, CustomAppData> converter() {
        return new Function<CustomApp, CustomAppData>() { // from class: com.atlassian.plugins.custom_apps.rest.CustomAppsRestResource.1
            @Override // com.google.common.base.Function, java.util.function.Function
            public CustomAppData apply(@Nullable CustomApp customApp) {
                return new CustomAppData(customApp.getId(), customApp.getDisplayName(), customApp.getUrl(), customApp.getSourceApplicationType(), Boolean.valueOf(customApp.getHide()), customApp.getEditable(), customApp.getAllowedGroups(), customApp.getSourceApplicationUrl(), customApp.getSourceApplicationName(), customApp.isSelf());
            }
        };
    }

    @GET
    @Path("{id}")
    public Response get(@PathParam("id") String str, @Context HttpServletRequest httpServletRequest) {
        try {
            checkAdminPermission(httpServletRequest);
            return Response.ok(converter().apply(this.customAppService.get(str))).build();
        } catch (CustomAppNotFoundException e) {
            return Response.status(Response.Status.NOT_FOUND).build();
        } catch (PermissionDeniedException e2) {
            return handleNoPermission();
        }
    }

    @GET
    @Path("groups")
    public Response get(@QueryParam("q") String str, @QueryParam("page_limit") int i, @QueryParam("page") int i2, @Context HttpServletRequest httpServletRequest) {
        try {
            checkAdminPermission(httpServletRequest);
            Iterable<String> findGroupNamesByPrefix = this.userManager.findGroupNamesByPrefix(str, (i2 - 1) * i, i + 1);
            Groups groups = new Groups();
            groups.names = new ArrayList();
            Iterator<String> it = findGroupNamesByPrefix.iterator();
            for (int i3 = 0; i3 < i && it.hasNext(); i3++) {
                groups.names.add(it.next());
            }
            groups.more = it.hasNext();
            return Response.ok(groups).cacheControl(CacheControlFactory.withNoCache()).build();
        } catch (PermissionDeniedException e) {
            return handleNoPermission();
        }
    }

    private Response handleNoPermission() {
        return Response.status(Response.Status.UNAUTHORIZED).build();
    }

    private void checkAdminPermission(HttpServletRequest httpServletRequest) throws PermissionDeniedException {
        if (!this.userManager.isAdmin(this.userManager.getRemoteUsername(httpServletRequest))) {
            throw new PermissionDeniedException();
        }
    }

    @Path("{id}")
    @DELETE
    public Response delete(@PathParam("id") String str, @Context HttpServletRequest httpServletRequest) {
        try {
            checkAdminPermission(httpServletRequest);
            this.customAppService.delete(str);
            return Response.ok().cacheControl(CacheControlFactory.withNoCache()).build();
        } catch (CustomAppNotFoundException e) {
            return Response.status(Response.Status.NOT_FOUND).entity(Collections.EMPTY_MAP).build();
        } catch (PermissionDeniedException e2) {
            return handleNoPermission();
        }
    }

    @POST
    public Response create(CustomAppData customAppData, @Context HttpServletRequest httpServletRequest) {
        try {
            checkAdminPermission(httpServletRequest);
            return Response.ok(converter().apply(this.customAppService.create(customAppData.displayName, customAppData.url, null, customAppData.hide == null ? false : customAppData.hide.booleanValue(), customAppData.allowedGroups))).cacheControl(CacheControlFactory.withNoCache()).build();
        } catch (CustomAppsValidationException e) {
            return validationErrorResponse(e);
        } catch (PermissionDeniedException e2) {
            return handleNoPermission();
        }
    }

    private Response validationErrorResponse(CustomAppsValidationException customAppsValidationException) {
        return Response.status(Response.Status.BAD_REQUEST).entity("{\"errors\": {\"" + customAppsValidationException.getField() + "\": \"" + customAppsValidationException.getValidationError() + "\"}}").build();
    }

    @Path("{id}")
    @PUT
    public Response update(@PathParam("id") String str, CustomAppData customAppData, @Context HttpServletRequest httpServletRequest) {
        try {
            checkAdminPermission(httpServletRequest);
            CustomApp customApp = this.customAppService.get(str);
            return Response.ok(converter().apply(this.customAppService.update(str, customAppData.displayName == null ? customApp.getDisplayName() : customAppData.displayName, customAppData.url == null ? customApp.getUrl() : customAppData.url, customAppData.hide == null ? customApp.getHide() : customAppData.hide.booleanValue(), customAppData.allowedGroups == null ? customApp.getAllowedGroups() : customAppData.allowedGroups))).build();
        } catch (CustomAppNotFoundException e) {
            return Response.status(Response.Status.NOT_FOUND).build();
        } catch (CustomAppsValidationException e2) {
            return validationErrorResponse(e2);
        } catch (PermissionDeniedException e3) {
            return handleNoPermission();
        }
    }

    @POST
    @Path("{id}/move")
    public Response movePosition(@PathParam("id") Integer num, @Context HttpServletRequest httpServletRequest, MoveBean moveBean) {
        try {
            checkAdminPermission(httpServletRequest);
            if (moveBean.after == null) {
                switch (moveBean.position) {
                    case Earlier:
                    case Later:
                    case Last:
                        throw new IllegalArgumentException("Unexpected position '" + moveBean.position + "'");
                    case First:
                        this.customAppService.moveToStart(num.intValue());
                        break;
                }
            } else {
                this.customAppService.moveAfter(num.intValue(), extractIdFromLink(moveBean.after.getPath()));
            }
            return Response.ok().cacheControl(CacheControlFactory.withNoCache()).build();
        } catch (CustomAppNotFoundException e) {
            return Response.status(Response.Status.NOT_FOUND).build();
        } catch (PermissionDeniedException e2) {
            return handleNoPermission();
        }
    }

    private int extractIdFromLink(String str) {
        try {
            return Integer.parseInt(str.substring(str.lastIndexOf(47) + 1));
        } catch (NumberFormatException e) {
            throw new IllegalArgumentException("Failed to parse id from path '" + str + "'");
        }
    }
}
