package org.graylog2.contentstream.rest;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import jakarta.inject.Inject;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotNull;
import jakarta.ws.rs.ForbiddenException;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import java.util.List;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.graylog.plugins.sidecar.rest.models.Configuration;
import org.graylog2.audit.AuditEventTypes;
import org.graylog2.audit.jersey.AuditEvent;
import org.graylog2.database.NotFoundException;
import org.graylog2.plugin.database.users.User;
import org.graylog2.rest.MoreMediaTypes;
import org.graylog2.shared.rest.documentation.generator.Generator;
import org.graylog2.shared.rest.resources.RestResource;
import org.graylog2.shared.security.RestPermissions;
import org.graylog2.shared.users.UserService;

@RequiresAuthentication
@Api(value = "ContentStream", description = "Content Stream", tags = {Generator.CLOUD_VISIBLE})
@Produces({MoreMediaTypes.APPLICATION_JSON})
@Path("/contentstream/")
/* loaded from: input_file:org/graylog2/contentstream/rest/ContentStreamResource.class */
public class ContentStreamResource extends RestResource {
    private final ContentStreamService contentStreamService;

    @Inject
    protected ContentStreamResource(ContentStreamService contentStreamService, UserService userService) {
        this.contentStreamService = contentStreamService;
        this.userService = userService;
    }

    @GET
    @Path(Configuration.FIELD_TAGS)
    @ApiOperation("Retrieve valid feed tags based on license")
    public List<String> getContentStreamTags() throws NotFoundException {
        return this.contentStreamService.getTags();
    }

    @GET
    @Path("settings/{username}")
    @ApiOperation("Retrieve Content Stream settings for specified user")
    public ContentStreamSettings getContentStreamUserSettings(@ApiParam(name = "username") @PathParam("username") String str) throws NotFoundException {
        if (isPermitted(RestPermissions.USERS_EDIT, str)) {
            return this.contentStreamService.getUserSettings(loadUser(str));
        }
        throw new ForbiddenException("Not allowed to view user " + str);
    }

    @AuditEvent(type = AuditEventTypes.CONTENT_STREAM_USER_SETTINGS_UPDATE)
    @ApiOperation("Update Content Stream settings for specified user")
    @PUT
    @Path("settings/{username}")
    public ContentStreamSettings setContentStreamUserSettings(@ApiParam(name = "username") @PathParam("username") String str, @Valid @NotNull @ApiParam(name = "JSON body", value = "Content Stream settings for the specified user.", required = true) ContentStreamSettings contentStreamSettings) throws NotFoundException {
        if (!isPermitted(RestPermissions.USERS_EDIT, str)) {
            throw new ForbiddenException("Not allowed to edit user " + str);
        }
        User loadUser = loadUser(str);
        ContentStreamSettings build = ContentStreamSettings.builder().contentStreamEnabled(contentStreamSettings.contentStreamEnabled()).releasesEnabled(contentStreamSettings.releasesEnabled()).topics(contentStreamSettings.topics()).build();
        this.contentStreamService.saveUserSettings(loadUser, build);
        return build;
    }

    private User loadUser(String str) throws NotFoundException {
        User load = this.userService.load(str);
        if (load == null) {
            throw new NotFoundException("User " + str + " has not been found.");
        }
        return load;
    }
}
