package org.mycontroller.standalone.api.jaxrs;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import javax.annotation.security.RolesAllowed;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.eclipse.paho.client.mqttv3.MqttTopic;
import org.jboss.resteasy.spi.HttpRequest;
import org.mycontroller.standalone.api.jaxrs.model.ApiError;
import org.mycontroller.standalone.api.jaxrs.model.Query;
import org.mycontroller.standalone.api.jaxrs.model.RoleJson;
import org.mycontroller.standalone.api.jaxrs.model.TypesIdNameMapper;
import org.mycontroller.standalone.api.jaxrs.model.UserJson;
import org.mycontroller.standalone.api.jaxrs.utils.RestUtils;
import org.mycontroller.standalone.api.jaxrs.utils.UserMapper;
import org.mycontroller.standalone.auth.AuthUtils;
import org.mycontroller.standalone.db.DaoUtils;
import org.mycontroller.standalone.db.tables.Role;
import org.mycontroller.standalone.db.tables.User;

@Path("/rest/security")
@Consumes({"application/json"})
@Produces({"application/json"})
@RolesAllowed({"admin"})
/* loaded from: input_file:org/mycontroller/standalone/api/jaxrs/SecurityHandler.class */
public class SecurityHandler extends AccessEngine {

    @Context
    HttpRequest request;

    @GET
    @Path("/roles")
    public Response getRoles(@QueryParam("onlyRolename") Boolean bool, @QueryParam("name") List<String> list, @QueryParam("description") List<String> list2, @QueryParam("permission") String str, @QueryParam("pageLimit") Long l, @QueryParam("page") Long l2, @QueryParam("orderBy") String str2, @QueryParam("order") String str3) {
        if (bool != null && bool.booleanValue()) {
            List<Role> all = DaoUtils.getRoleDao().getAll();
            ArrayList arrayList = new ArrayList();
            for (Role role : all) {
                arrayList.add(TypesIdNameMapper.builder().id(role.getId()).displayName(role.getName()).build());
            }
            return RestUtils.getResponse(Response.Status.OK, arrayList);
        }
        HashMap hashMap = new HashMap();
        hashMap.put("name", list);
        hashMap.put("description", list2);
        hashMap.put(Role.KEY_PERMISSION, AuthUtils.PERMISSION_TYPE.fromString(str));
        hashMap.put(Query.ORDER, str3);
        hashMap.put(Query.ORDER_BY, str2);
        hashMap.put(Query.PAGE_LIMIT, l);
        hashMap.put(Query.PAGE, l2);
        return RestUtils.getResponse(Response.Status.OK, DaoUtils.getRoleDao().getAll(Query.get(hashMap)));
    }

    @GET
    @Path("/roles/{id}")
    public Response getRole(@PathParam("id") Integer num) {
        Role byId = DaoUtils.getRoleDao().getById(num);
        RoleJson roleJson = new RoleJson();
        roleJson.mapResources(byId);
        return RestUtils.getResponse(Response.Status.OK, roleJson);
    }

    @POST
    @Path("/roles")
    public Response addRole(RoleJson roleJson) {
        roleJson.createOrUpdateRole();
        return RestUtils.getResponse(Response.Status.OK);
    }

    @Path("/roles")
    @PUT
    public Response updateRole(RoleJson roleJson) {
        roleJson.createOrUpdateRole();
        return RestUtils.getResponse(Response.Status.OK);
    }

    @POST
    @Path("/roles/delete")
    public Response deleteRoles(List<Integer> list) {
        new RoleJson().deleteRoles(list);
        return RestUtils.getResponse(Response.Status.OK);
    }

    @GET
    @Path("/users")
    public Response getUsers(@QueryParam("onlyUsername") Boolean bool, @QueryParam("username") List<String> list, @QueryParam("fullName") List<String> list2, @QueryParam("enabled") Boolean bool2, @QueryParam("email") List<String> list3, @QueryParam("pageLimit") Long l, @QueryParam("page") Long l2, @QueryParam("orderBy") String str, @QueryParam("order") String str2) {
        if (bool != null && bool.booleanValue()) {
            List<User> all = DaoUtils.getUserDao().getAll();
            ArrayList arrayList = new ArrayList();
            for (User user : all) {
                arrayList.add(TypesIdNameMapper.builder().id(user.getId()).displayName(user.getUsername()).build());
            }
            return RestUtils.getResponse(Response.Status.OK, arrayList);
        }
        HashMap hashMap = new HashMap();
        hashMap.put("username", list);
        hashMap.put(User.KEY_FULL_NAME, list2);
        hashMap.put("enabled", bool2);
        hashMap.put("email", list3);
        hashMap.put(Query.ORDER, str2);
        hashMap.put(Query.ORDER_BY, str);
        hashMap.put(Query.PAGE_LIMIT, l);
        hashMap.put(Query.PAGE, l2);
        return RestUtils.getResponse(Response.Status.OK, DaoUtils.getUserDao().getAll(Query.get(hashMap)));
    }

    @GET
    @Path("/users/{id}")
    public Response getUser(@PathParam("id") Integer num) {
        User byId = DaoUtils.getUserDao().getById(num);
        UserJson userJson = new UserJson();
        userJson.mapResources(byId);
        return RestUtils.getResponse(Response.Status.OK, userJson);
    }

    @POST
    @Path("/users")
    public Response addUser(UserJson userJson) {
        userJson.createOrUpdateUser();
        return RestUtils.getResponse(Response.Status.OK);
    }

    @Path("/users")
    @PUT
    public Response updateUser(UserJson userJson) {
        userJson.createOrUpdateUser();
        return RestUtils.getResponse(Response.Status.OK);
    }

    @POST
    @Path("/users/delete")
    public Response deleteUsers(List<Integer> list) {
        boolean remove = list.remove(((User) this.securityContext.getUserPrincipal()).getId());
        new UserJson().deleteUsers(list);
        return remove ? RestUtils.getResponse(Response.Status.BAD_REQUEST, new ApiError("Self deletion not allowed!")) : RestUtils.getResponse(Response.Status.OK);
    }

    @RolesAllowed({"User", "MQTT user"})
    @Path("/profile")
    @PUT
    public Response updateProfile(UserJson userJson) {
        try {
            userJson.getUser().setUsername(AuthUtils.getUser(this.securityContext).getUsername());
            userJson.getUser().setId(AuthUtils.getUser(this.securityContext).getId());
            userJson.updateProfile();
            return RestUtils.getResponse(Response.Status.OK);
        } catch (IllegalAccessError e) {
            return RestUtils.getResponse(Response.Status.BAD_REQUEST, new ApiError(e.getMessage()));
        }
    }

    @GET
    @RolesAllowed({"User", "MQTT user"})
    @Path("/profile")
    public Response getProfile() {
        User byId = DaoUtils.getUserDao().getById(AuthUtils.getUser(this.securityContext).getId());
        UserJson userJson = new UserJson();
        userJson.mapResources(byId);
        return RestUtils.getResponse(Response.Status.OK, userJson);
    }

    @GET
    @Path("/{userId}")
    public Response getUser(@PathParam("userId") int i) {
        return RestUtils.getResponse(Response.Status.OK, DaoUtils.getUserDao().getById(Integer.valueOf(i)));
    }

    @GET
    @Path(MqttTopic.TOPIC_LEVEL_SEPARATOR)
    public Response getAll() {
        return RestUtils.getResponse(Response.Status.OK, DaoUtils.getUserDao().getAll());
    }

    @Path("/{userId}")
    @DELETE
    public Response delete(@PathParam("userId") int i) {
        User user = RestUtils.getUser(this.request);
        if (user.getId().intValue() == i) {
            return RestUtils.getResponse(Response.Status.BAD_REQUEST, new ApiError("You cannot delete yourself"));
        }
        UserMapper.removeUser(user.getName());
        DaoUtils.getUserDao().deleteById(Integer.valueOf(i));
        return RestUtils.getResponse(Response.Status.NO_CONTENT);
    }

    @Path(MqttTopic.TOPIC_LEVEL_SEPARATOR)
    @PUT
    public Response update(User user) {
        if (RestUtils.getUser(this.request).getId() == user.getId()) {
            return RestUtils.getResponse(Response.Status.BAD_REQUEST, new ApiError("You cannot change your role"));
        }
        DaoUtils.getUserDao().update(user);
        return RestUtils.getResponse(Response.Status.NO_CONTENT);
    }

    @POST
    @Path(MqttTopic.TOPIC_LEVEL_SEPARATOR)
    public Response add(User user) {
        DaoUtils.getUserDao().create(user);
        return RestUtils.getResponse(Response.Status.CREATED);
    }
}
