package com.atlassian.stash.rest.user;

import com.atlassian.plugins.rest.common.security.AnonymousAllowed;
import com.atlassian.stash.exception.AuthorisationException;
import com.atlassian.stash.i18n.I18nService;
import com.atlassian.stash.rest.data.RestPage;
import com.atlassian.stash.rest.data.RestStashUser;
import com.atlassian.stash.rest.user.CommonJsonObjects;
import com.atlassian.stash.rest.util.ResponseFactory;
import com.atlassian.stash.user.UserService;
import com.atlassian.stash.util.PageRequestImpl;
import com.sun.jersey.spi.resource.Singleton;
import javax.validation.Validator;
import javax.ws.rs.Consumes;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;

@Singleton
@Path("/users")
@Consumes({"application/json"})
@Produces({"application/json;charset=UTF-8"})
@AnonymousAllowed
/* loaded from: input_file:com/atlassian/stash/rest/user/UserResource.class */
public class UserResource {
    private final UserService userService;
    private final I18nService i18nService;
    private final Validator validator;

    public UserResource(UserService userService, I18nService i18nService, Validator validator) {
        this.userService = userService;
        this.validator = validator;
        this.i18nService = i18nService;
    }

    @GET
    public Response getUsers(@QueryParam("filter") String str, @QueryParam("start") @DefaultValue("0") int i, @QueryParam("limit") @DefaultValue("25") int i2) {
        return ResponseFactory.ok(new RestPage(this.userService.findUsersByContainedText(str, new PageRequestImpl(i, i2)), RestStashUser.USER_REST_TRANSFORM)).build();
    }

    @PUT
    public Response updateUserDetails(CommonJsonObjects.UserUpdate userUpdate) {
        CommonJsonObjects.UserUpdate trimFields = trimFields(userUpdate);
        Validators.validateConstraints(this.validator, trimFields);
        try {
            return ResponseFactory.ok(new CommonJsonObjects.RestUser(this.userService.updateProfile(trimFields.getName(), trimFields.getDisplayName(), trimFields.getEmail()))).build();
        } catch (AuthorisationException e) {
            throw new AuthorisationException(this.i18nService.getKeyedText("stash.rest.user.notauthorised", "You don''t have enough permissions to update this user.", new Object[0]));
        }
    }

    @Path("/credentials")
    @PUT
    public Response updateUserPassword(CommonJsonObjects.PasswordUpdate passwordUpdate) {
        Validators.validateConstraints(this.validator, passwordUpdate);
        try {
            this.userService.updatePassword(passwordUpdate.getName(), passwordUpdate.getPassword());
            return ResponseFactory.ok().build();
        } catch (AuthorisationException e) {
            throw new AuthorisationException(this.i18nService.getKeyedText("stash.rest.user.notauthorised", "You don''t have enough permissions to update this user.", new Object[0]));
        }
    }

    private CommonJsonObjects.UserUpdate trimFields(CommonJsonObjects.UserUpdate userUpdate) {
        return new CommonJsonObjects.UserUpdate(StringUtils.trim(userUpdate.getName()), StringUtils.trim(userUpdate.getDisplayName()), StringUtils.trim(userUpdate.getEmail()));
    }
}
