package org.phenotips.data.permissions.rest.internal;

import java.util.Iterator;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils;
import org.phenotips.data.permissions.EntityPermissionsManager;
import org.phenotips.data.permissions.Visibility;
import org.phenotips.data.permissions.rest.DomainObjectFactory;
import org.phenotips.data.permissions.rest.VisibilityResource;
import org.phenotips.data.permissions.rest.internal.utils.EntityAccessContext;
import org.phenotips.data.permissions.rest.internal.utils.SecureContextFactory;
import org.phenotips.data.permissions.rest.model.VisibilityRepresentation;
import org.phenotips.rest.Autolinker;
import org.slf4j.Logger;
import org.xwiki.component.annotation.Component;
import org.xwiki.container.Container;
import org.xwiki.rest.XWikiResource;

@Singleton
@Component
@Named("org.phenotips.data.permissions.rest.internal.DefaultVisibilityResourceImpl")
/* loaded from: input_file:WEB-INF/lib/entity-access-rules-rest-1.4.7.jar:org/phenotips/data/permissions/rest/internal/DefaultVisibilityResourceImpl.class */
public class DefaultVisibilityResourceImpl extends XWikiResource implements VisibilityResource {

    @Inject
    private Logger logger;

    @Inject
    private SecureContextFactory secureContextFactory;

    @Inject
    private DomainObjectFactory factory;

    @Inject
    private EntityPermissionsManager manager;

    @Inject
    private Container container;

    @Inject
    private Provider<Autolinker> autolinker;

    @Override // org.phenotips.data.permissions.rest.VisibilityResource
    public VisibilityRepresentation getVisibility(String str, String str2) {
        this.logger.debug("Retrieving entity record's visibility [{}] via REST", str);
        EntityAccessContext readContext = this.secureContextFactory.getReadContext(str, str2);
        VisibilityRepresentation createVisibilityRepresentation = this.factory.createVisibilityRepresentation(readContext.getEntity());
        createVisibilityRepresentation.withLinks(this.autolinker.get().forResource(getClass(), this.uriInfo).withGrantedRight(readContext.getEntityAccess().getAccessLevel().getGrantedRight()).build());
        return createVisibilityRepresentation;
    }

    @Override // org.phenotips.data.permissions.rest.VisibilityResource
    public Response setVisibility(VisibilityRepresentation visibilityRepresentation, String str, String str2) {
        try {
            return setVisibility(visibilityRepresentation.getLevel(), str, str2);
        } catch (Exception e) {
            this.logger.error("The json was not properly formatted", e.getMessage());
            return Response.status(Response.Status.BAD_REQUEST.getStatusCode()).type(MediaType.TEXT_PLAIN_TYPE).entity("Unknown visibility level: " + visibilityRepresentation.getLevel()).build();
        }
    }

    @Override // org.phenotips.data.permissions.rest.VisibilityResource
    public Response setVisibility(String str, String str2) {
        String str3 = (String) this.container.getRequest().getProperty("visibility");
        if (StringUtils.isNotBlank(str3)) {
            return setVisibility(str3, str, str2);
        }
        this.logger.error("The visibility level was not provided or is invalid");
        throw new WebApplicationException(Response.Status.BAD_REQUEST);
    }

    private Response setVisibility(String str, String str2, String str3) {
        if (StringUtils.isBlank(str)) {
            this.logger.error("The visibility level was not provided");
            throw new WebApplicationException(Response.Status.BAD_REQUEST);
        }
        String trim = str.trim();
        Visibility visibility = null;
        Iterator<Visibility> it = this.manager.listVisibilityOptions().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Visibility next = it.next();
            if (StringUtils.equalsIgnoreCase(next.getName(), trim)) {
                visibility = next;
                break;
            }
        }
        if (visibility == null) {
            this.logger.error("The visibility level does not match any available levels");
            throw new WebApplicationException(Response.Status.BAD_REQUEST);
        }
        this.logger.debug("Setting the visibility of the entity record [{}] to [{}] via REST", str2, trim);
        if (!this.secureContextFactory.getWriteContext(str2, str3).getEntityAccess().setVisibility(visibility)) {
            throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
        }
        this.manager.fireRightsUpdateEvent(str2);
        return Response.ok().build();
    }
}
