package org.phenotips.studies.family.rest.internal;

import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.json.JSONObject;
import org.phenotips.rest.Autolinker;
import org.phenotips.security.authorization.AuthorizationService;
import org.phenotips.studies.family.Family;
import org.phenotips.studies.family.FamilyRepository;
import org.phenotips.studies.family.FamilyTools;
import org.phenotips.studies.family.rest.FamilyResource;
import org.slf4j.Logger;
import org.xwiki.component.annotation.Component;
import org.xwiki.rest.XWikiResource;
import org.xwiki.security.authorization.Right;
import org.xwiki.users.User;
import org.xwiki.users.UserManager;

@Singleton
@Component
@Named("org.phenotips.studies.family.rest.internal.DefaultFamilyResourceImpl")
/* loaded from: input_file:org/phenotips/studies/family/rest/internal/DefaultFamilyResourceImpl.class */
public class DefaultFamilyResourceImpl extends XWikiResource implements FamilyResource {
    private static final String NO_SUCH_FAMILY_ERROR_MESSAGE = "No such family record: [{}]";

    @Inject
    private Logger logger;

    @Inject
    private FamilyRepository repository;

    @Inject
    private AuthorizationService access;

    @Inject
    private UserManager users;

    @Inject
    private FamilyTools familyTools;

    @Inject
    private Provider<Autolinker> autolinker;

    @Override // org.phenotips.studies.family.rest.FamilyResource
    public Response getFamily(String str) {
        this.logger.warn("Retrieving family record [{}] via REST", str);
        Family family = this.repository.get(str);
        if (family == null) {
            this.logger.warn(NO_SUCH_FAMILY_ERROR_MESSAGE, str);
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        User currentUser = this.users.getCurrentUser();
        if (!this.access.hasAccess(currentUser, Right.VIEW, family.getDocumentReference())) {
            this.logger.error("View access denied to user [{}] on family record [{}]", currentUser, str);
            return Response.status(Response.Status.FORBIDDEN).build();
        }
        JSONObject json = family.toJSON();
        json.put("links", ((Autolinker) this.autolinker.get()).forResource(getClass(), this.uriInfo).build());
        return Response.ok(json, MediaType.APPLICATION_JSON_TYPE).build();
    }

    @Override // org.phenotips.studies.family.rest.FamilyResource
    public Response deleteFamily(String str, Boolean bool) {
        this.logger.warn("Deleting family record [{}] via REST, deleteAllMembers = [{}]", str, bool);
        if (this.repository.get(str) == null) {
            this.logger.warn(NO_SUCH_FAMILY_ERROR_MESSAGE, str);
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        if (!this.familyTools.currentUserCanDeleteFamily(str, bool.booleanValue())) {
            this.logger.error("Delete access denied to user [{}] for family record [{}] with deleteMemebers=[{}]", new Object[]{this.users.getCurrentUser(), str, bool});
            return Response.status(Response.Status.FORBIDDEN).build();
        }
        if (!this.familyTools.deleteFamily(str, bool.booleanValue())) {
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
        this.logger.warn("Deleted family record [{}]", str);
        return Response.noContent().build();
    }
}
