package org.sonatype.security.rest.roles;

import java.util.Iterator;
import javax.enterprise.inject.Typed;
import javax.inject.Named;
import javax.inject.Singleton;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import org.codehaus.enunciate.contract.jaxrs.ResourceMethodSignature;
import org.restlet.Context;
import org.restlet.data.Request;
import org.restlet.data.Response;
import org.restlet.data.Status;
import org.restlet.resource.ResourceException;
import org.restlet.resource.Variant;
import org.sonatype.configuration.validation.InvalidConfigurationException;
import org.sonatype.plexus.rest.resource.PathProtectionDescriptor;
import org.sonatype.plexus.rest.resource.PlexusResource;
import org.sonatype.security.authorization.NoSuchAuthorizationManagerException;
import org.sonatype.security.authorization.Role;
import org.sonatype.security.rest.model.RoleListResourceResponse;
import org.sonatype.security.rest.model.RoleResource;
import org.sonatype.security.rest.model.RoleResourceRequest;
import org.sonatype.security.rest.model.RoleResourceResponse;

@Path(RoleListPlexusResource.RESOURCE_URI)
@Consumes({"application/xml", "application/json"})
@Named("RoleListPlexusResource")
@Singleton
@Typed({PlexusResource.class})
@Produces({"application/xml", "application/json"})
/* loaded from: input_file:org/sonatype/security/rest/roles/RoleListPlexusResource.class */
public class RoleListPlexusResource extends AbstractRolePlexusResource {
    public static final String RESOURCE_URI = "/roles";

    public RoleListPlexusResource() {
        setModifiable(true);
    }

    public Object getPayloadInstance() {
        return new RoleResourceRequest();
    }

    public String getResourceUri() {
        return RESOURCE_URI;
    }

    public PathProtectionDescriptor getResourceProtection() {
        return new PathProtectionDescriptor(getResourceUri(), "authcBasic,perms[security:roles]");
    }

    @GET
    @ResourceMethodSignature(output = RoleListResourceResponse.class)
    public Object get(Context context, Request request, Response response, Variant variant) throws ResourceException {
        RoleListResourceResponse roleListResourceResponse = new RoleListResourceResponse();
        try {
            Iterator it = getSecuritySystem().getAuthorizationManager("default").listRoles().iterator();
            while (it.hasNext()) {
                RoleResource securityToRestModel = securityToRestModel((Role) it.next(), request, true);
                if (securityToRestModel != null) {
                    roleListResourceResponse.addData(securityToRestModel);
                }
            }
            return roleListResourceResponse;
        } catch (NoSuchAuthorizationManagerException e) {
            getLogger().error("Unable to find AuthorizationManager 'default'", e);
            throw new ResourceException(Status.SERVER_ERROR_INTERNAL, "Unable to find AuthorizationManager 'default'");
        }
    }

    @POST
    @ResourceMethodSignature(input = RoleResourceRequest.class, output = RoleResourceResponse.class)
    public Object post(Context context, Request request, Response response, Object obj) throws ResourceException {
        RoleResourceRequest roleResourceRequest = (RoleResourceRequest) obj;
        RoleResourceResponse roleResourceResponse = null;
        if (roleResourceRequest != null) {
            RoleResource data = roleResourceRequest.getData();
            Role restToSecurityModel = restToSecurityModel((Role) null, data);
            try {
                validateRoleContainment(restToSecurityModel);
                Role addRole = getSecuritySystem().getAuthorizationManager("default").addRole(restToSecurityModel);
                roleResourceResponse = new RoleResourceResponse();
                data.setId(addRole.getRoleId());
                data.setUserManaged(true);
                data.setResourceURI(createChildReference(request, data.getId()).toString());
                roleResourceResponse.setData(data);
            } catch (InvalidConfigurationException e) {
                handleInvalidConfigurationException(e);
            } catch (NoSuchAuthorizationManagerException e2) {
                getLogger().warn("Could not found AuthorizationManager: default", e2);
                throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Authorization Manager for: default could not be found.");
            }
        }
        return roleResourceResponse;
    }
}
