package org.geoserver.rest.security;

import java.io.IOException;
import javax.servlet.http.HttpServletResponse;
import org.geoserver.rest.security.xml.JaxbRoleList;
import org.geoserver.security.GeoServerRoleService;
import org.geoserver.security.GeoServerRoleStore;
import org.geoserver.security.GeoServerSecurityManager;
import org.geoserver.security.impl.GeoServerRole;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping(path = {"/rest/security/roles"})
@RestController("rolesRestController")
/* loaded from: input_file:org/geoserver/rest/security/RolesRestController.class */
public class RolesRestController {
    protected GeoServerSecurityManager securityManager;

    public RolesRestController(GeoServerSecurityManager geoServerSecurityManager) {
        this.securityManager = geoServerSecurityManager;
    }

    @ExceptionHandler({IllegalArgumentException.class})
    public void somethingNotFound(IllegalArgumentException illegalArgumentException, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendError(404, illegalArgumentException.getMessage());
    }

    @GetMapping(value = {""}, produces = {"application/xml", "application/json"})
    public JaxbRoleList get() throws IOException {
        return get(this.securityManager.getActiveRoleService());
    }

    @GetMapping(value = {"/user/{user}"}, produces = {"application/xml", "application/json"})
    protected JaxbRoleList getUser(@PathVariable("user") String str) throws IOException {
        return getUser(this.securityManager.getActiveRoleService(), str);
    }

    @PostMapping(value = {"/role/{role}"}, produces = {"application/xml", "application/json"})
    @ResponseStatus(HttpStatus.CREATED)
    public void insert(@PathVariable("role") String str) throws IOException {
        insert(this.securityManager.getActiveRoleService(), str);
    }

    @DeleteMapping(value = {"/role/{role}"}, produces = {"application/xml", "application/json"})
    @ResponseStatus(HttpStatus.OK)
    public void delete(@PathVariable("role") String str) throws IOException {
        delete(this.securityManager.getActiveRoleService(), str);
    }

    @PostMapping({"/role/{role}/user/{user}"})
    @ResponseStatus(HttpStatus.OK)
    public void associate(@PathVariable("role") String str, @PathVariable("user") String str2) throws IOException {
        associate(this.securityManager.getActiveRoleService(), str, str2);
    }

    @DeleteMapping({"/role/{role}/user/{user}"})
    @ResponseStatus(HttpStatus.OK)
    public void disassociate(@PathVariable("role") String str, @PathVariable("user") String str2) throws IOException {
        disassociate(this.securityManager.getActiveRoleService(), str, str2);
    }

    @GetMapping(value = {"/service/{serviceName}"}, produces = {"application/xml", "application/json"})
    protected JaxbRoleList get(@PathVariable("serviceName") String str) throws IOException {
        return get(getService(str));
    }

    @GetMapping(value = {"/service/{serviceName}/user/{user}"}, produces = {"application/xml", "application/json"})
    protected JaxbRoleList getUser(@PathVariable("serviceName") String str, @PathVariable("user") String str2) throws IOException {
        return getUser(getService(str), str2);
    }

    @PostMapping({"/service/{serviceName}/role/{role}"})
    @ResponseStatus(HttpStatus.CREATED)
    public void insert(@PathVariable("serviceName") String str, @PathVariable("role") String str2) throws IOException {
        insert(getService(str), str2);
    }

    @DeleteMapping({"/service/{serviceName}/role/{role}"})
    @ResponseStatus(HttpStatus.OK)
    public void delete(@PathVariable("serviceName") String str, @PathVariable("role") String str2) throws IOException {
        delete(getService(str), str2);
    }

    @PostMapping({"/service/{serviceName}/role/{role}/user/{user}"})
    @ResponseStatus(HttpStatus.OK)
    public void associate(@PathVariable("serviceName") String str, @PathVariable("role") String str2, @PathVariable("user") String str3) throws IOException {
        associate(getService(str), str2, str3);
    }

    @DeleteMapping({"/service/{serviceName}/role/{role}/user/{user}"})
    @ResponseStatus(HttpStatus.OK)
    public void disassociate(@PathVariable("serviceName") String str, @PathVariable("role") String str2, @PathVariable("user") String str3) throws IOException {
        disassociate(getService(str), str2, str3);
    }

    protected JaxbRoleList getUser(GeoServerRoleService geoServerRoleService, String str) throws IOException {
        return JaxbRoleList.fromGS(geoServerRoleService.getRolesForUser(str));
    }

    protected JaxbRoleList get(GeoServerRoleService geoServerRoleService) throws IOException {
        return JaxbRoleList.fromGS(geoServerRoleService.getRoles());
    }

    protected void insert(GeoServerRoleService geoServerRoleService, String str) throws IOException {
        GeoServerRoleStore store = getStore(geoServerRoleService);
        try {
            store.addRole(new GeoServerRole(str));
            store.store();
        } catch (Throwable th) {
            store.store();
            throw th;
        }
    }

    protected void delete(GeoServerRoleService geoServerRoleService, String str) throws IOException {
        GeoServerRoleStore store = getStore(geoServerRoleService);
        try {
            store.removeRole(getRole(store, str));
            store.store();
        } catch (Throwable th) {
            store.store();
            throw th;
        }
    }

    protected void associate(GeoServerRoleService geoServerRoleService, String str, String str2) throws IOException {
        GeoServerRoleStore store = getStore(geoServerRoleService);
        try {
            store.associateRoleToUser(getRole(store, str), str2);
            store.store();
        } catch (Throwable th) {
            store.store();
            throw th;
        }
    }

    protected void disassociate(GeoServerRoleService geoServerRoleService, String str, String str2) throws IOException {
        GeoServerRoleStore store = getStore(geoServerRoleService);
        try {
            store.disAssociateRoleFromUser(getRole(store, str), str2);
            store.store();
        } catch (Throwable th) {
            store.store();
            throw th;
        }
    }

    protected GeoServerRoleStore getStore(GeoServerRoleService geoServerRoleService) throws IOException {
        if (geoServerRoleService.canCreateStore()) {
            return geoServerRoleService.createStore();
        }
        throw new IOException("Provided roleservice is read-only: " + geoServerRoleService.getName());
    }

    protected GeoServerRoleService getService(String str) throws IOException {
        GeoServerRoleService loadRoleService = this.securityManager.loadRoleService(str);
        if (loadRoleService == null) {
            throw new IllegalArgumentException("Provided roleservice does not exist: " + str);
        }
        return loadRoleService;
    }

    protected GeoServerRole getRole(GeoServerRoleService geoServerRoleService, String str) throws IOException {
        GeoServerRole roleByName = geoServerRoleService.getRoleByName(str);
        if (roleByName == null) {
            throw new IllegalArgumentException("Provided role does not exist: " + str);
        }
        return roleByName;
    }
}
