package org.flowable.idm.rest.service.api.user;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.Authorization;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.flowable.common.engine.api.FlowableObjectNotFoundException;
import org.flowable.idm.api.IdmIdentityService;
import org.flowable.idm.api.User;
import org.flowable.idm.rest.service.api.IdmRestApiInterceptor;
import org.flowable.idm.rest.service.api.IdmRestResponseFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;

@Api(tags = {"Users"}, description = "Manage Users", authorizations = {@Authorization("basicAuth")})
@RestController
/* loaded from: input_file:WEB-INF/lib/flowable-idm-rest-6.5.0.jar:org/flowable/idm/rest/service/api/user/UserResource.class */
public class UserResource {

    @Autowired
    protected IdmRestResponseFactory restResponseFactory;

    @Autowired
    protected IdmIdentityService identityService;

    @Autowired(required = false)
    protected IdmRestApiInterceptor restApiInterceptor;

    protected User getUserFromRequest(String str) {
        User user = (User) this.identityService.createUserQuery().userId(str).singleResult();
        if (user == null) {
            throw new FlowableObjectNotFoundException("Could not find a user with id '" + str + "'.", User.class);
        }
        if (this.restApiInterceptor != null) {
            this.restApiInterceptor.accessUserInfoById(user);
        }
        return user;
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Indicates the user exists and is returned."), @ApiResponse(code = 404, message = "Indicates the requested user does not exist.")})
    @GetMapping(value = {"/users/{userId}"}, produces = {"application/json"})
    @ApiOperation(value = "Get a single user", tags = {"Users"})
    public UserResponse getUser(@PathVariable @ApiParam(name = "userId") String str, HttpServletRequest httpServletRequest) {
        return this.restResponseFactory.createUserResponse(getUserFromRequest(str), false);
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Indicates the user was updated."), @ApiResponse(code = 404, message = "Indicates the requested user was not found."), @ApiResponse(code = 409, message = "Indicates the requested user was updated simultaneously.")})
    @PutMapping(value = {"/users/{userId}"}, produces = {"application/json"})
    @ApiOperation(value = "Update a user", tags = {"Users"}, notes = "All request values are optional. For example, you can only include the firstName attribute in the request body JSON-object, only updating the firstName of the user, leaving all other fields unaffected. When an attribute is explicitly included and is set to null, the user-value will be updated to null. Example: {\"firstName\" : null} will clear the firstName of the user).")
    public UserResponse updateUser(@PathVariable @ApiParam(name = "userId") String str, @RequestBody UserRequest userRequest, HttpServletRequest httpServletRequest) {
        User userFromRequest = getUserFromRequest(str);
        if (userRequest.isEmailChanged()) {
            userFromRequest.setEmail(userRequest.getEmail());
        }
        if (userRequest.isFirstNameChanged()) {
            userFromRequest.setFirstName(userRequest.getFirstName());
        }
        if (userRequest.isLastNameChanged()) {
            userFromRequest.setLastName(userRequest.getLastName());
        }
        if (userRequest.isDisplayNameChanged()) {
            userFromRequest.setDisplayName(userRequest.getDisplayName());
        }
        if (userRequest.isPasswordChanged()) {
            userFromRequest.setPassword(userRequest.getPassword());
            this.identityService.updateUserPassword(userFromRequest);
        } else {
            this.identityService.saveUser(userFromRequest);
        }
        return this.restResponseFactory.createUserResponse(userFromRequest, false);
    }

    @ApiResponses({@ApiResponse(code = 204, message = "Indicates the user was found and  has been deleted. Response-body is intentionally empty."), @ApiResponse(code = 404, message = "Indicates the requested user was not found.")})
    @DeleteMapping({"/users/{userId}"})
    @ApiOperation(value = "Delete a user", tags = {"Users"})
    public void deleteUser(@PathVariable @ApiParam(name = "userId") String str, HttpServletResponse httpServletResponse) {
        User userFromRequest = getUserFromRequest(str);
        if (this.restApiInterceptor != null) {
            this.restApiInterceptor.deleteUser(userFromRequest);
        }
        this.identityService.deleteUser(userFromRequest.getId());
        httpServletResponse.setStatus(HttpStatus.NO_CONTENT.value());
    }
}
