package com.atlassian.confluence.plugins.sharelinks;

import com.atlassian.confluence.pages.Comment;
import com.atlassian.confluence.security.Permission;
import com.atlassian.confluence.security.PermissionManager;
import com.atlassian.confluence.spaces.Space;
import com.atlassian.confluence.spaces.SpaceManager;
import com.atlassian.confluence.user.AuthenticatedUserThreadLocal;
import com.atlassian.confluence.util.GeneralUtil;
import com.atlassian.plugins.rest.common.security.AnonymousAllowed;
import com.atlassian.plugins.whitelist.NotAuthorizedException;
import com.atlassian.user.User;
import java.net.URISyntaxException;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;

@Path("/")
/* loaded from: input_file:com/atlassian/confluence/plugins/sharelinks/SharelinksResource.class */
public class SharelinksResource {
    private final LinkMetaDataExtractor linkMetaDataExtractor;
    private final PermissionManager permissionManager;
    private static final Response.Status BAD_REQUEST = Response.Status.BAD_REQUEST;
    private final SpaceManager spaceManager;

    public SharelinksResource(LinkMetaDataExtractor linkMetaDataExtractor, PermissionManager permissionManager, SpaceManager spaceManager) {
        this.linkMetaDataExtractor = linkMetaDataExtractor;
        this.permissionManager = permissionManager;
        this.spaceManager = spaceManager;
    }

    @GET
    @Path("link")
    @Produces({"application/json"})
    @AnonymousAllowed
    public Response getLinkMetaData(@QueryParam("url") String str) {
        if (!this.permissionManager.hasPermission(AuthenticatedUserThreadLocal.get(), Permission.VIEW, PermissionManager.TARGET_APPLICATION)) {
            return Response.status(Response.Status.FORBIDDEN).entity("You are not authorized to access this resource").build();
        }
        try {
            return Response.ok(this.linkMetaDataExtractor.parseMetaData(str, true)).build();
        } catch (NotAuthorizedException e) {
            return Response.status(Response.Status.FORBIDDEN).entity("Not authorized to access " + str + ". Please contact admin to whitelist it").build();
        } catch (URISyntaxException e2) {
            return Response.status(BAD_REQUEST).entity("The provided URL is invalid").build();
        }
    }

    @GET
    @Path("can-create-comment")
    @Produces({"application/json"})
    @AnonymousAllowed
    public Response canCreateComment(@QueryParam("spaceKey") String str) {
        Space space = this.spaceManager.getSpace(str);
        return space == null ? Response.status(Response.Status.BAD_REQUEST).entity("No space found for spacekey").build() : Response.ok(Boolean.valueOf(this.permissionManager.hasCreatePermission(getUser(), space, Comment.class))).build();
    }

    @GET
    @Path("external-links-enabled")
    @Produces({"application/json"})
    @AnonymousAllowed
    public Response externalLinksEnabled() {
        return !this.permissionManager.hasPermission(AuthenticatedUserThreadLocal.get(), Permission.VIEW, PermissionManager.TARGET_APPLICATION) ? Response.status(Response.Status.FORBIDDEN).entity("You are not authorized to access this resource").build() : Response.ok(Boolean.valueOf(GeneralUtil.getGlobalSettings().getConfluenceHttpParameters().isEnabled())).build();
    }

    private User getUser() {
        return AuthenticatedUserThreadLocal.get();
    }
}
