package org.phenotips.data.permissions.rest.internal;

import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils;
import org.phenotips.data.permissions.PermissionsManager;
import org.phenotips.data.permissions.rest.DomainObjectFactory;
import org.phenotips.data.permissions.rest.OwnerResource;
import org.phenotips.data.permissions.rest.internal.utils.PatientAccessContext;
import org.phenotips.data.permissions.rest.internal.utils.SecureContextFactory;
import org.phenotips.data.permissions.rest.model.OwnerRepresentation;
import org.phenotips.rest.Autolinker;
import org.slf4j.Logger;
import org.xwiki.component.annotation.Component;
import org.xwiki.container.Container;
import org.xwiki.model.reference.DocumentReference;
import org.xwiki.model.reference.DocumentReferenceResolver;
import org.xwiki.rest.XWikiResource;

@Singleton
@Component
@Named("org.phenotips.data.permissions.rest.internal.DefaultOwnerResourceImpl")
/* loaded from: input_file:WEB-INF/lib/patient-access-rules-rest-1.3.2.jar:org/phenotips/data/permissions/rest/internal/DefaultOwnerResourceImpl.class */
public class DefaultOwnerResourceImpl extends XWikiResource implements OwnerResource {

    @Inject
    private Logger logger;

    @Inject
    private SecureContextFactory secureContextFactory;

    @Inject
    @Named("userOrGroup")
    private DocumentReferenceResolver<String> userOrGroupResolver;

    @Inject
    private DomainObjectFactory factory;

    @Inject
    private Container container;

    @Inject
    private Provider<Autolinker> autolinker;

    @Inject
    private PermissionsManager manager;

    @Override // org.phenotips.data.permissions.rest.OwnerResource
    public OwnerRepresentation getOwner(String str) {
        this.logger.debug("Retrieving patient record's owner [{}] via REST", str);
        PatientAccessContext readContext = this.secureContextFactory.getReadContext(str);
        OwnerRepresentation createOwnerRepresentation = this.factory.createOwnerRepresentation(readContext.getPatient());
        createOwnerRepresentation.withLinks(this.autolinker.get().forResource(getClass(), this.uriInfo).withGrantedRight(readContext.getPatientAccess().getAccessLevel().getGrantedRight()).build());
        return createOwnerRepresentation;
    }

    @Override // org.phenotips.data.permissions.rest.OwnerResource
    public Response setOwner(OwnerRepresentation ownerRepresentation, String str) {
        try {
            return putOwner(ownerRepresentation.getId(), str);
        } catch (Exception e) {
            this.logger.error("The json was not properly formatted", e.getMessage());
            throw new WebApplicationException(Response.Status.BAD_REQUEST);
        }
    }

    @Override // org.phenotips.data.permissions.rest.OwnerResource
    public Response setOwner(String str) {
        String str2 = (String) this.container.getRequest().getProperty("owner");
        if (StringUtils.isNotBlank(str2)) {
            return putOwner(str2, str);
        }
        this.logger.error("The owner id was not provided or is invalid");
        throw new WebApplicationException(Response.Status.BAD_REQUEST);
    }

    private Response putOwner(String str, String str2) {
        if (StringUtils.isBlank(str)) {
            this.logger.error("The owner id was not provided");
            throw new WebApplicationException(Response.Status.BAD_REQUEST);
        }
        this.logger.debug("Setting owner of the patient record [{}] to [{}] via REST", str2, str);
        PatientAccessContext writeContext = this.secureContextFactory.getWriteContext(str2);
        DocumentReference resolve = this.userOrGroupResolver.resolve(str, new Object[0]);
        if (resolve == null) {
            throw new WebApplicationException(new IllegalArgumentException("Specified user/group was not found"), Response.Status.NOT_FOUND);
        }
        if (!writeContext.getPatientAccess().setOwner(new DocumentReference(resolve))) {
            throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
        }
        this.manager.fireRightsUpdateEvent(str2);
        return Response.ok().build();
    }
}
