package org.sonatype.security.rest.roles;

import javax.enterprise.inject.Typed;
import javax.inject.Named;
import javax.inject.Singleton;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import org.codehaus.enunciate.contract.jaxrs.ResourceMethodSignature;
import org.restlet.Context;
import org.restlet.data.Request;
import org.restlet.data.Response;
import org.restlet.data.Status;
import org.restlet.resource.ResourceException;
import org.restlet.resource.Variant;
import org.sonatype.configuration.validation.InvalidConfigurationException;
import org.sonatype.plexus.rest.resource.PathProtectionDescriptor;
import org.sonatype.plexus.rest.resource.PlexusResource;
import org.sonatype.security.authorization.AuthorizationManager;
import org.sonatype.security.authorization.NoSuchAuthorizationManagerException;
import org.sonatype.security.authorization.NoSuchRoleException;
import org.sonatype.security.authorization.Role;
import org.sonatype.security.rest.model.RoleListResourceResponse;
import org.sonatype.security.rest.model.RoleResource;
import org.sonatype.security.rest.model.RoleResourceRequest;
import org.sonatype.security.rest.model.RoleResourceResponse;

@Path(RolePlexusResource.RESOURCE_URI)
@Consumes({"application/xml", "application/json"})
@Named("RolePlexusResource")
@Singleton
@Typed({PlexusResource.class})
@Produces({"application/xml", "application/json"})
/* loaded from: input_file:org/sonatype/security/rest/roles/RolePlexusResource.class */
public class RolePlexusResource extends AbstractRolePlexusResource {
    public static final String ROLE_ID_KEY = "roleId";
    public static final String RESOURCE_URI = "/roles/{roleId}";

    public RolePlexusResource() {
        setModifiable(true);
    }

    public Object getPayloadInstance() {
        return new RoleResourceRequest();
    }

    public String getResourceUri() {
        return RESOURCE_URI;
    }

    public PathProtectionDescriptor getResourceProtection() {
        return new PathProtectionDescriptor("/roles/*", "authcBasic,perms[security:roles]");
    }

    protected String getRoleId(Request request) {
        return getRequestAttribute(request, "roleId");
    }

    @GET
    @ResourceMethodSignature(output = RoleResourceResponse.class, pathParams = {@PathParam("roleId")})
    public Object get(Context context, Request request, Response response, Variant variant) throws ResourceException {
        RoleResourceResponse roleResourceResponse = new RoleResourceResponse();
        try {
            roleResourceResponse.setData(securityToRestModel(getSecuritySystem().getAuthorizationManager("default").getRole(getRoleId(request)), request, false));
            return roleResourceResponse;
        } catch (NoSuchAuthorizationManagerException e) {
            getLogger().warn("Could not found AuthorizationManager: default", e);
            throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Authorization Manager for: default could not be found.");
        } catch (NoSuchRoleException e2) {
            throw new ResourceException(Status.CLIENT_ERROR_NOT_FOUND, e2.getMessage());
        }
    }

    @ResourceMethodSignature(input = RoleResourceRequest.class, output = RoleListResourceResponse.class, pathParams = {@PathParam("roleId")})
    @PUT
    public Object put(Context context, Request request, Response response, Object obj) throws ResourceException {
        RoleResourceRequest roleResourceRequest = (RoleResourceRequest) obj;
        RoleResourceResponse roleResourceResponse = new RoleResourceResponse();
        if (roleResourceRequest != null) {
            RoleResource data = roleResourceRequest.getData();
            try {
                AuthorizationManager authorizationManager = getSecuritySystem().getAuthorizationManager("default");
                Role restToSecurityModel = restToSecurityModel(authorizationManager.getRole(data.getId()), data);
                validateRoleContainment(restToSecurityModel);
                authorizationManager.updateRole(restToSecurityModel);
                roleResourceResponse = new RoleResourceResponse();
                roleResourceResponse.setData(roleResourceRequest.getData());
                roleResourceResponse.getData().setUserManaged(!restToSecurityModel.isReadOnly());
                roleResourceResponse.getData().setResourceURI(createChildReference(request, data.getId()).toString());
            } catch (NoSuchAuthorizationManagerException e) {
                getLogger().warn("Could not found AuthorizationManager: default", e);
                throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Authorization Manager for: default could not be found.");
            } catch (NoSuchRoleException e2) {
                throw new ResourceException(Status.CLIENT_ERROR_NOT_FOUND, e2.getMessage());
            } catch (InvalidConfigurationException e3) {
                handleInvalidConfigurationException(e3);
            }
        }
        return roleResourceResponse;
    }

    @ResourceMethodSignature(pathParams = {@PathParam("roleId")})
    @DELETE
    public void delete(Context context, Request request, Response response) throws ResourceException {
        try {
            getSecuritySystem().getAuthorizationManager("default").deleteRole(getRoleId(request));
        } catch (NoSuchRoleException e) {
            throw new ResourceException(Status.CLIENT_ERROR_NOT_FOUND, e.getMessage());
        } catch (NoSuchAuthorizationManagerException e2) {
            getLogger().warn("Could not found AuthorizationManager: default", e2);
            throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Authorization Manager for: default could not be found.");
        }
    }
}
