package org.wso2.micro.integrator.management.apis;

import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Objects;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.config.SynapseConfiguration;
import org.json.JSONArray;
import org.json.JSONObject;
import org.wso2.micro.integrator.security.MicroIntegratorSecurityUtils;
import org.wso2.micro.integrator.security.user.api.RealmConfiguration;
import org.wso2.micro.integrator.security.user.api.UserStoreException;
import org.wso2.micro.integrator.security.user.api.UserStoreManager;

/* loaded from: input_file:org/wso2/micro/integrator/management/apis/UserResource.class */
public class UserResource implements MiApiResource {
    private static final Log LOG = LogFactory.getLog(UserResource.class);
    protected Set<String> methods = new HashSet();

    public UserResource() {
        this.methods.add(Constants.HTTP_GET);
        this.methods.add(Constants.HTTP_DELETE);
    }

    @Override // org.wso2.micro.integrator.management.apis.MiApiResource
    public Set<String> getMethods() {
        return this.methods;
    }

    @Override // org.wso2.micro.integrator.management.apis.MiApiResource
    public boolean invoke(MessageContext messageContext, org.apache.axis2.context.MessageContext messageContext2, SynapseConfiguration synapseConfiguration) {
        JSONObject createJsonError;
        String obj = messageContext2.getProperty(Constants.HTTP_METHOD_PROPERTY).toString();
        if (LOG.isDebugEnabled()) {
            LOG.debug("Handling " + obj + "request.");
        }
        try {
            boolean z = -1;
            switch (obj.hashCode()) {
                case 70454:
                    if (obj.equals(Constants.HTTP_GET)) {
                        z = false;
                        break;
                    }
                    break;
                case 2012838315:
                    if (obj.equals(Constants.HTTP_DELETE)) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    createJsonError = handleGet(messageContext);
                    break;
                case true:
                    createJsonError = handleDelete(messageContext);
                    break;
                default:
                    createJsonError = Utils.createJsonError("Unsupported HTTP method, " + obj + ". Only GET and DELETE methods are supported", messageContext2, Constants.BAD_REQUEST);
                    break;
            }
        } catch (ResourceNotFoundException e) {
            createJsonError = Utils.createJsonError("Requested resource not found. ", e, messageContext2, Constants.NOT_FOUND);
        } catch (UserStoreException e2) {
            createJsonError = Utils.createJsonError("Error initializing the user store. Please try again later", e2, messageContext2, Constants.INTERNAL_SERVER_ERROR);
        } catch (IOException e3) {
            createJsonError = Utils.createJsonError("Error processing the request", e3, messageContext2, Constants.BAD_REQUEST);
        }
        messageContext2.removeProperty("NO_ENTITY_BODY");
        Utils.setJsonPayLoad(messageContext2, createJsonError);
        return true;
    }

    protected JSONObject handleGet(MessageContext messageContext) throws UserStoreException, ResourceNotFoundException {
        String userFromPathParam = getUserFromPathParam(messageContext);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Requested details for the user: " + userFromPathParam);
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(Constants.USER_ID, userFromPathParam);
        String[] roleListOfUser = getUserStore().getRoleListOfUser(userFromPathParam);
        jSONObject.put(Constants.IS_ADMIN, isAdmin(roleListOfUser));
        jSONObject.put(Constants.ROLES, new JSONArray(roleListOfUser));
        return jSONObject;
    }

    protected JSONObject handleDelete(MessageContext messageContext) throws UserStoreException, IOException, ResourceNotFoundException {
        String userFromPathParam = getUserFromPathParam(messageContext);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Request received to delete the user: " + userFromPathParam);
        }
        String stringPropertyFromMessageContext = Utils.getStringPropertyFromMessageContext(messageContext, Constants.USERNAME_PROPERTY);
        if (Objects.isNull(stringPropertyFromMessageContext)) {
            LOG.warn("Deleting a user without authenticating/authorizing the request sender. Adding authentication and authorization handlers is recommended.");
        } else if (stringPropertyFromMessageContext.equals(userFromPathParam)) {
            throw new IOException("Attempt to delete the logged in user. Operation not allowed. Please login from another user.");
        }
        getUserStore().deleteUser(userFromPathParam);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(Constants.USER_ID, userFromPathParam);
        jSONObject.put(Constants.STATUS, "Deleted");
        return jSONObject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UserStoreManager getUserStore() throws UserStoreException {
        return MicroIntegratorSecurityUtils.getUserStoreManager();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RealmConfiguration getRealmConfiguration() throws UserStoreException {
        return MicroIntegratorSecurityUtils.getRealmConfiguration();
    }

    private String getUserFromPathParam(MessageContext messageContext) throws UserStoreException, ResourceNotFoundException {
        String pathParameter = Utils.getPathParameter(messageContext, Constants.USER_ID);
        if (Objects.isNull(pathParameter)) {
            throw new AssertionError("Incorrect path parameter used: userId");
        }
        String[] listUsers = getUserStore().listUsers(pathParameter, -1);
        if (null == listUsers || 0 == listUsers.length) {
            throw new ResourceNotFoundException("User: " + pathParameter + " cannot be found.");
        }
        for (String str : listUsers) {
            if (pathParameter.equals(str)) {
                return str;
            }
        }
        throw new ResourceNotFoundException("User: " + pathParameter + " cannot be found.");
    }

    private boolean isAdmin(String[] strArr) throws UserStoreException {
        return Arrays.asList(strArr).contains(getRealmConfiguration().getAdminRoleName());
    }
}
