package com.atlassian.stash.rest.user;

import com.atlassian.plugins.rest.common.security.AnonymousAllowed;
import com.atlassian.stash.exception.AuthorisationException;
import com.atlassian.stash.exception.InvalidNameException;
import com.atlassian.stash.i18n.I18nService;
import com.atlassian.stash.rest.data.CommonJsonObjects;
import com.atlassian.stash.rest.data.RestDetailedGroup;
import com.atlassian.stash.rest.data.RestDetailedUser;
import com.atlassian.stash.rest.data.RestPage;
import com.atlassian.stash.rest.util.BadRequestException;
import com.atlassian.stash.rest.util.ResponseFactory;
import com.atlassian.stash.rest.util.RestResource;
import com.atlassian.stash.rest.util.RestUtils;
import com.atlassian.stash.user.UserAdminService;
import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.resource.Singleton;
import javax.validation.Validator;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;

@Singleton
@Path("admin")
@Consumes({"application/json"})
@AnonymousAllowed
@Produces({"application/json;charset=UTF-8"})
/* loaded from: input_file:com/atlassian/stash/rest/user/UserAdminResource.class */
public class UserAdminResource extends RestResource {
    private final UserAdminService userAdminService;
    private final Validator validator;

    public UserAdminResource(I18nService i18nService, UserAdminService userAdminService, Validator validator) {
        super(i18nService);
        this.userAdminService = userAdminService;
        this.validator = validator;
    }

    @GET
    @Path("users")
    public Response getUsers(@QueryParam("filter") String str, @Context ContainerRequest containerRequest) {
        return ResponseFactory.ok(new RestPage(this.userAdminService.findUsersByName(str, RestUtils.makePageRequest(containerRequest)), RestDetailedUser.REST_TRANSFORM)).build();
    }

    @POST
    @Path("users")
    public Response createUser(@QueryParam("name") String str, @QueryParam("password") String str2, @QueryParam("displayName") String str3, @QueryParam("emailAddress") String str4, @QueryParam("addToDefaultGroup") @DefaultValue("true") boolean z) {
        if (str == null) {
            throw new BadRequestException(this.i18nService.getText("stash.service.user.create.no.username", "A username must be provided to create a user.", new Object[0]));
        }
        if (str2 == null) {
            throw new BadRequestException(this.i18nService.getText("stash.service.user.create.no.password", "A password must be provided to create a user.", new Object[0]));
        }
        if (str3 == null) {
            throw new BadRequestException(this.i18nService.getText("stash.service.user.create.no.displayname", "A display name must be provided to create a user.", new Object[0]));
        }
        if (str4 == null) {
            throw new BadRequestException(this.i18nService.getText("stash.service.user.create.no.email", "An e-mail address must be provided to create a user.", new Object[0]));
        }
        this.userAdminService.createUser(str, str2, str3, str4, z);
        return ResponseFactory.noContent().build();
    }

    @Path("users")
    @DELETE
    public Response deleteUser(@QueryParam("name") String str) {
        if (str == null) {
            throw new BadRequestException(this.i18nService.getText("stash.service.user.delete.no.username", "A username must be provided to delete a user.", new Object[0]));
        }
        return ResponseFactory.ok(RestDetailedUser.REST_TRANSFORM.apply(this.userAdminService.deleteUser(str))).build();
    }

    @Path("users")
    @PUT
    public Response updateUserDetails(CommonJsonObjects.UserUpdate userUpdate) {
        Validators.validateConstraints(this.validator, userUpdate);
        try {
            return ResponseFactory.ok(RestDetailedUser.REST_TRANSFORM.apply(this.userAdminService.updateUser(userUpdate.getName(), userUpdate.getDisplayName(), userUpdate.getEmail()))).build();
        } catch (AuthorisationException e) {
            throw new AuthorisationException(this.i18nService.getKeyedText("stash.rest.user.update.notAuthorised", "You don''t have enough permissions to update this user.", new Object[0]));
        }
    }

    @Path("users/credentials")
    @PUT
    public Response updateUserPassword(CommonJsonObjects.AdminPasswordUpdate adminPasswordUpdate) {
        Validators.validateConstraints(this.validator, adminPasswordUpdate);
        try {
            this.userAdminService.updatePassword(adminPasswordUpdate.getName(), adminPasswordUpdate.getPassword());
            return ResponseFactory.noContent().build();
        } catch (AuthorisationException e) {
            throw new AuthorisationException(this.i18nService.getKeyedText("stash.rest.user.update.notAuthorised", "You don''t have enough permissions to update this user.", new Object[0]));
        }
    }

    @GET
    @Path("groups")
    public Response getGroups(@QueryParam("filter") String str, @Context ContainerRequest containerRequest) {
        return ResponseFactory.ok(new RestPage(this.userAdminService.findGroupsByName(str, RestUtils.makePageRequest(containerRequest)), RestDetailedGroup.REST_TRANSFORM)).build();
    }

    @POST
    @Path("groups")
    public Response createGroup(@QueryParam("name") String str) {
        if (StringUtils.isEmpty(str) || str.length() > 255) {
            throw new InvalidNameException(this.i18nService.getKeyedText("stash.bad.group.name", "Please enter a non-empty group name that is 255 characters or less.", new Object[0]));
        }
        return ResponseFactory.ok(RestDetailedGroup.REST_TRANSFORM.apply(this.userAdminService.createGroup(str))).build();
    }

    @Path("groups")
    @DELETE
    public Response deleteGroup(@QueryParam("name") String str) {
        if (str == null) {
            throw new BadRequestException(this.i18nService.getText("stash.service.user.delete.no.groupname", "A group name must be provided to delete a group.", new Object[0]));
        }
        return ResponseFactory.ok(RestDetailedGroup.REST_TRANSFORM.apply(this.userAdminService.deleteGroup(str))).build();
    }

    @POST
    @Path("groups/add-user")
    public Response addUserToGroup(CommonJsonObjects.UserPickerContext userPickerContext) {
        return addUserToGroup(userPickerContext.getContext(), userPickerContext.getItemName());
    }

    @POST
    @Path("users/add-group")
    public Response addGroupToUser(CommonJsonObjects.UserPickerContext userPickerContext) {
        return addUserToGroup(userPickerContext.getItemName(), userPickerContext.getContext());
    }

    private Response addUserToGroup(String str, String str2) {
        this.userAdminService.addUserToGroup(str, str2);
        return ResponseFactory.ok().build();
    }

    @POST
    @Path("groups/remove-user")
    public Response removeUserFromGroup(CommonJsonObjects.UserPickerContext userPickerContext) {
        return removeUserFromGroup(userPickerContext.getContext(), userPickerContext.getItemName());
    }

    @POST
    @Path("users/remove-group")
    public Response removeGroupFromUser(CommonJsonObjects.UserPickerContext userPickerContext) {
        return removeUserFromGroup(userPickerContext.getItemName(), userPickerContext.getContext());
    }

    private Response removeUserFromGroup(String str, String str2) {
        this.userAdminService.removeUserFromGroup(str, str2);
        return ResponseFactory.ok().build();
    }

    @GET
    @Path("groups/more-members")
    public Response findUsersInGroup(@QueryParam("context") String str, @QueryParam("filter") @DefaultValue("") String str2, @Context ContainerRequest containerRequest) {
        return ResponseFactory.ok(new RestPage(this.userAdminService.findUsersWithGroup(str, str2, RestUtils.makePageRequest(containerRequest)), RestDetailedUser.REST_TRANSFORM)).build();
    }

    @GET
    @Path("groups/more-non-members")
    public Response findUsersNotInGroup(@QueryParam("context") String str, @QueryParam("filter") @DefaultValue("") String str2, @Context ContainerRequest containerRequest) {
        return ResponseFactory.ok(new RestPage(this.userAdminService.findUsersWithoutGroup(str, str2, RestUtils.makePageRequest(containerRequest)), RestDetailedUser.REST_TRANSFORM)).build();
    }

    @GET
    @Path("users/more-members")
    public Response findGroupsForUser(@QueryParam("context") String str, @QueryParam("filter") @DefaultValue("") String str2, @Context ContainerRequest containerRequest) {
        return ResponseFactory.ok(new RestPage(this.userAdminService.findGroupsWithUser(str, str2, RestUtils.makePageRequest(containerRequest)), RestDetailedGroup.REST_TRANSFORM)).build();
    }

    @GET
    @Path("users/more-non-members")
    public Response findOtherGroupsForUser(@QueryParam("context") String str, @QueryParam("filter") @DefaultValue("") String str2, @Context ContainerRequest containerRequest) {
        return ResponseFactory.ok(new RestPage(this.userAdminService.findGroupsWithoutUser(str, str2, RestUtils.makePageRequest(containerRequest)), RestDetailedGroup.REST_TRANSFORM)).build();
    }
}
