package com.atlassian.multitenant.servlet;

import com.atlassian.multitenant.MultiTenantContext;
import com.atlassian.multitenant.Tenant;
import java.io.IOException;
import java.util.Iterator;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.dom4j.Document;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import org.dom4j.io.OutputFormat;
import org.dom4j.io.XMLWriter;

/* loaded from: input_file:WEB-INF/lib/multitenant-core-1.0-m14.jar:com/atlassian/multitenant/servlet/MultiTenantServlet.class */
public class MultiTenantServlet extends HttpServlet {
    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (hasPermission(httpServletRequest, httpServletResponse)) {
            super.service(httpServletRequest, httpServletResponse);
        }
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Document createDocument = DocumentHelper.createDocument();
        if (httpServletRequest.getPathInfo() == null || httpServletRequest.getPathInfo().length() <= 0) {
            Element addElement = createDocument.addElement("multitenant");
            Iterator<Tenant> it = MultiTenantContext.getManager().getAllTenants().iterator();
            while (it.hasNext()) {
                populateTenant(addElement.addElement("tenant"), it.next());
            }
        } else {
            Tenant tenantByName = MultiTenantContext.getManager().getTenantByName(httpServletRequest.getPathInfo().substring(1));
            if (tenantByName == null) {
                httpServletResponse.sendError(404, "Tenant not found");
                return;
            }
            populateTenant(createDocument.addElement("tenant"), tenantByName);
        }
        httpServletResponse.setContentType("application/xml");
        new XMLWriter(httpServletResponse.getWriter(), OutputFormat.createPrettyPrint()).write(createDocument);
    }

    private void populateTenant(Element element, Tenant tenant) {
        element.addAttribute("name", tenant.getName());
        Element addElement = element.addElement("hostnames");
        Iterator<String> it = tenant.getHostnames().iterator();
        while (it.hasNext()) {
            addElement.addElement("hostname").setText(it.next());
        }
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (!httpServletRequest.getContentType().startsWith("application/xml")) {
            httpServletResponse.sendError(403, "Only application/xml allowed");
            return;
        }
        MultiTenantContext.getController().addTenant(MultiTenantContext.getParser().parseTenant(httpServletRequest.getReader()));
        httpServletResponse.setStatus(204);
    }

    protected void doDelete(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo == null || pathInfo.length() <= 1) {
            httpServletResponse.sendError(404, "A resource to delete was not specified");
            return;
        }
        MultiTenantContext.getController().removeTenant(pathInfo.substring(1));
        httpServletResponse.setStatus(204);
    }

    private boolean hasPermission(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (MultiTenantContext.getSystemTenant() != MultiTenantContext.getTenantReference().get()) {
            httpServletResponse.sendError(403, "Not system tenant");
            return false;
        }
        if (MultiTenantContext.getAuthorisationProvider().canManageTenants(httpServletRequest)) {
            return true;
        }
        httpServletResponse.sendError(403, "Not authorised");
        return false;
    }
}
