package org.wso2.carbon.bpmn.rest.service.runtime;

import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.activiti.engine.ActivitiException;
import org.activiti.engine.ActivitiIllegalArgumentException;
import org.apache.commons.collections.map.HashedMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xalan.templates.Constants;
import org.apache.xpath.compiler.PsuedoNames;
import org.joda.time.DateTime;
import org.wso2.carbon.bpmn.core.mgt.model.SubstitutesDataModel;
import org.wso2.carbon.bpmn.people.substitution.SubstitutionDataHolder;
import org.wso2.carbon.bpmn.people.substitution.UserSubstitutionUtils;
import org.wso2.carbon.bpmn.rest.common.exception.BPMNForbiddenException;
import org.wso2.carbon.bpmn.rest.common.utils.BPMNOSGIService;
import org.wso2.carbon.bpmn.rest.model.common.BooleanResponse;
import org.wso2.carbon.bpmn.rest.model.runtime.RestActionRequest;
import org.wso2.carbon.bpmn.rest.model.runtime.SubstituteInfoCollectionResponse;
import org.wso2.carbon.bpmn.rest.model.runtime.SubstituteInfoResponse;
import org.wso2.carbon.bpmn.rest.model.runtime.SubstituteRequest;
import org.wso2.carbon.bpmn.rest.model.runtime.SubstitutionRequest;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;

@Path("/substitutes")
/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/bpmn/rest/service/runtime/UserSubstitutionService.class */
public class UserSubstitutionService {

    @Context
    UriInfo uriInfo;
    private static final String ASCENDING = "asc";
    private static final String DESCENDING = "desc";
    private static final String ADD_PERMISSION = "add";
    private static final String DEFAULT_PAGINATION_START = "0";
    private static final String DEFAULT_PAGINATION_SIZE = "10";
    private static final String TRUE = "true";
    private static final String FALSE = "false";
    private static final Log log = LogFactory.getLog(UserSubstitutionService.class);
    private static final boolean subsFeatureEnabled = SubstitutionDataHolder.getInstance().isSubstitutionFeatureEnabled();
    protected static final HashMap<String, String> propertiesMap = new HashMap<>();

    @POST
    @Path(PsuedoNames.PSEUDONAME_ROOT)
    @Consumes({MediaType.APPLICATION_JSON, "application/xml"})
    public Response substitute(SubstitutionRequest substitutionRequest) {
        try {
            if (!subsFeatureEnabled) {
                return Response.status(405).build();
            }
            String requestedAssignee = getRequestedAssignee(substitutionRequest.getAssignee());
            String validateAndGetSubstitute = validateAndGetSubstitute(substitutionRequest.getSubstitute(), requestedAssignee);
            Date date = null;
            Date date2 = new Date();
            DateTime dateTime = null;
            if (substitutionRequest.getStartTime() != null) {
                dateTime = new DateTime(substitutionRequest.getStartTime());
                date2 = new Date(dateTime.getMillis());
            }
            if (substitutionRequest.getEndTime() != null) {
                date = validateEndTime(substitutionRequest.getEndTime(), dateTime);
            }
            if (!UserSubstitutionUtils.validateTasksList(substitutionRequest.getTaskList(), requestedAssignee)) {
                throw new ActivitiIllegalArgumentException("Invalid task list provided, for substitution.");
            }
            UserSubstitutionUtils.handleNewSubstituteAddition(requestedAssignee, validateAndGetSubstitute, date2, date, true, substitutionRequest.getTaskList(), PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
            return Response.created(new URI("substitutes/" + requestedAssignee)).build();
        } catch (ActivitiIllegalArgumentException e) {
            throw new ActivitiIllegalArgumentException(e.getMessage());
        } catch (URISyntaxException e2) {
            throw new ActivitiException("Response location URI creation header", e2);
        } catch (UserStoreException e3) {
            throw new ActivitiException("Error accessing User Store", e3);
        }
    }

    @Path("/{user}")
    @PUT
    @Consumes({MediaType.APPLICATION_JSON, "application/xml"})
    public Response updateSubstituteInfo(@PathParam("user") String str, SubstitutionRequest substitutionRequest) throws URISyntaxException {
        try {
            if (!subsFeatureEnabled) {
                return Response.status(405).build();
            }
            substitutionRequest.setAssignee(str);
            String requestedAssignee = getRequestedAssignee(str);
            String validateAndGetSubstitute = validateAndGetSubstitute(substitutionRequest.getSubstitute(), requestedAssignee);
            Date date = null;
            Date date2 = new Date();
            DateTime dateTime = null;
            if (substitutionRequest.getStartTime() != null) {
                dateTime = new DateTime(substitutionRequest.getStartTime());
                date2 = new Date(dateTime.getMillis());
            }
            if (substitutionRequest.getEndTime() != null) {
                date = validateEndTime(substitutionRequest.getEndTime(), dateTime);
            }
            if (!UserSubstitutionUtils.validateTasksList(substitutionRequest.getTaskList(), requestedAssignee)) {
                throw new ActivitiIllegalArgumentException("Invalid task list provided, for substitution.");
            }
            UserSubstitutionUtils.handleUpdateSubstitute(requestedAssignee, validateAndGetSubstitute, date2, date, true, substitutionRequest.getTaskList(), PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
            return Response.ok().build();
        } catch (UserStoreException e) {
            throw new ActivitiException("Error accessing User Store", e);
        }
    }

    @Path("/{user}/substitute")
    @PUT
    @Consumes({MediaType.APPLICATION_JSON, "application/xml"})
    public Response changeSubstitute(@PathParam("user") String str, SubstituteRequest substituteRequest) throws URISyntaxException {
        try {
            if (!subsFeatureEnabled) {
                return Response.status(405).build();
            }
            String requestedAssignee = getRequestedAssignee(str);
            UserSubstitutionUtils.handleChangeSubstitute(requestedAssignee, validateAndGetSubstitute(substituteRequest.getSubstitute(), requestedAssignee), PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
            return Response.ok().build();
        } catch (UserStoreException e) {
            throw new ActivitiException("Error accessing User Store", e);
        }
    }

    @GET
    @Produces({MediaType.APPLICATION_JSON, "application/xml"})
    @Path("/{user}")
    public Response getSubstitute(@PathParam("user") String str) throws UserStoreException {
        if (!subsFeatureEnabled) {
            return Response.status(405).build();
        }
        int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
        if (!PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername().equals(str) && !hasSubstitutionViewPermission()) {
            throw new BPMNForbiddenException("Not allowed to view others substitution details. No sufficient permission");
        }
        SubstitutesDataModel substituteOfUser = UserSubstitutionUtils.getSubstituteOfUser(str, tenantId);
        if (substituteOfUser == null) {
            return Response.status(404).build();
        }
        SubstituteInfoResponse substituteInfoResponse = new SubstituteInfoResponse();
        substituteInfoResponse.setSubstitute(substituteOfUser.getSubstitute());
        substituteInfoResponse.setAssignee(substituteOfUser.getUser());
        substituteInfoResponse.setEnabled(substituteOfUser.isEnabled());
        substituteInfoResponse.setStartTime(substituteOfUser.getSubstitutionStart());
        substituteInfoResponse.setEndTime(substituteOfUser.getSubstitutionEnd());
        return Response.ok(substituteInfoResponse).build();
    }

    private boolean hasSubstitutionViewPermission() throws UserStoreException {
        return BPMNOSGIService.getUserRealm().getAuthorizationManager().isUserAuthorized(PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername(), "/permission/admin/manage/bpmn/addSubstituteInfo", ADD_PERMISSION);
    }

    @GET
    @Produces({MediaType.APPLICATION_JSON, "application/xml"})
    @Path(PsuedoNames.PSEUDONAME_ROOT)
    public Response querySubstitutes() {
        if (!subsFeatureEnabled) {
            return Response.status(405).build();
        }
        Map<String, String> hashedMap = new HashedMap<>();
        for (Map.Entry<String, String> entry : propertiesMap.entrySet()) {
            String first = this.uriInfo.getQueryParameters().getFirst(entry.getKey());
            if (first != null) {
                hashedMap.put(entry.getValue(), first);
            }
        }
        try {
            if (!hasSubstitutionViewPermission()) {
                String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
                if ((hashedMap.get("USER") == null || !hashedMap.get("USER").equals(username)) && (hashedMap.get("SUBSTITUTE") == null || !hashedMap.get("SUBSTITUTE").equals(username))) {
                    throw new BPMNForbiddenException("Not allowed to view others substitution details. No sufficient permission");
                }
            }
            validatePaginationParams(hashedMap);
            int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
            List<SubstitutesDataModel> querySubstitutions = UserSubstitutionUtils.querySubstitutions(hashedMap, tenantId);
            int queryResultCount = UserSubstitutionUtils.getQueryResultCount(hashedMap, tenantId);
            SubstituteInfoCollectionResponse substituteInfoCollectionResponse = new SubstituteInfoCollectionResponse();
            substituteInfoCollectionResponse.setTotal(queryResultCount);
            ArrayList arrayList = new ArrayList();
            for (SubstitutesDataModel substitutesDataModel : querySubstitutions) {
                SubstituteInfoResponse substituteInfoResponse = new SubstituteInfoResponse();
                substituteInfoResponse.setEnabled(substitutesDataModel.isEnabled());
                substituteInfoResponse.setEndTime(substitutesDataModel.getSubstitutionEnd());
                substituteInfoResponse.setStartTime(substitutesDataModel.getSubstitutionStart());
                substituteInfoResponse.setSubstitute(substitutesDataModel.getSubstitute());
                substituteInfoResponse.setAssignee(substitutesDataModel.getUser());
                arrayList.add(substituteInfoResponse);
            }
            substituteInfoCollectionResponse.setSubstituteInfoList(arrayList);
            substituteInfoCollectionResponse.setSize(arrayList.size());
            substituteInfoCollectionResponse.setSort(getSortType(hashedMap.get("ORDER BY")));
            substituteInfoCollectionResponse.setStart(Integer.parseInt(hashedMap.get("start")));
            substituteInfoCollectionResponse.setOrder(hashedMap.get("ORDER"));
            return Response.ok(substituteInfoCollectionResponse).build();
        } catch (UserStoreException e) {
            throw new ActivitiException("Error accessing User Store for input validations", e);
        }
    }

    @POST
    @Path("/{user}/disable")
    @Consumes({MediaType.APPLICATION_JSON, "application/xml"})
    public Response disableSubstitution(@PathParam("user") String str, RestActionRequest restActionRequest) throws UserStoreException {
        if (!subsFeatureEnabled) {
            return Response.status(405).build();
        }
        String requestedAssignee = getRequestedAssignee(str);
        String action = restActionRequest.getAction();
        if (action == null) {
            throw new ActivitiIllegalArgumentException("No disable action specified");
        }
        int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
        if (action.trim().equalsIgnoreCase("true")) {
            UserSubstitutionUtils.disableSubstitution(true, requestedAssignee, tenantId);
        } else {
            if (!action.trim().equalsIgnoreCase("false")) {
                throw new ActivitiIllegalArgumentException("Invalid disable action : " + action + " specified");
            }
            UserSubstitutionUtils.disableSubstitution(false, requestedAssignee, tenantId);
        }
        return Response.ok().build();
    }

    @GET
    @Produces({MediaType.APPLICATION_JSON, "application/xml"})
    @Path("/configs/enabled")
    public Response isSubstitutionFeatureEnabled() {
        BooleanResponse booleanResponse = new BooleanResponse();
        if (subsFeatureEnabled) {
            booleanResponse.setEnabled(true);
        } else {
            booleanResponse.setEnabled(false);
        }
        return Response.ok(booleanResponse).build();
    }

    private String getSortType(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -1661902727:
                if (str.equals("SUBSTITUTION_END")) {
                    z = true;
                    break;
                }
                break;
            case -255946598:
                if (str.equals("SUBSTITUTE")) {
                    z = 2;
                    break;
                }
                break;
            case 2614219:
                if (str.equals("USER")) {
                    z = 3;
                    break;
                }
                break;
            case 652421248:
                if (str.equals("SUBSTITUTION_START")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return "startTime";
            case true:
                return "endTime";
            case true:
                return "substitute";
            case true:
                return "assignee";
            default:
                return "";
        }
    }

    private void validatePaginationParams(Map<String, String> map) {
        String str;
        String str2 = map.get("start");
        String str3 = map.get("size");
        String str4 = map.get("ORDER BY");
        String str5 = map.get("ORDER");
        if (str2 == null) {
            str2 = "0";
        } else if (Integer.parseInt(str2) < 0) {
            throw new ActivitiIllegalArgumentException("Invalid argument for parameter 'start'");
        }
        map.put("start", str2);
        if (str3 == null) {
            str3 = DEFAULT_PAGINATION_SIZE;
        } else if (Integer.valueOf(str3).intValue() <= 0) {
            throw new ActivitiIllegalArgumentException("Invalid argument for parameter 'size'");
        }
        map.put("size", str3);
        if (str4 != null) {
            boolean z = -1;
            switch (str4.hashCode()) {
                case -2129294769:
                    if (str4.equals("startTime")) {
                        z = false;
                        break;
                    }
                    break;
                case -1607243192:
                    if (str4.equals("endTime")) {
                        z = true;
                        break;
                    }
                    break;
                case -741038950:
                    if (str4.equals("substitute")) {
                        z = 2;
                        break;
                    }
                    break;
                case -369881649:
                    if (str4.equals("assignee")) {
                        z = 3;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    str = "SUBSTITUTION_START";
                    break;
                case true:
                    str = "SUBSTITUTION_END";
                    break;
                case true:
                    str = "SUBSTITUTE";
                    break;
                case true:
                    str = "USER";
                    break;
                default:
                    throw new ActivitiIllegalArgumentException("Invalid argument for parameter 'sort'");
            }
        } else {
            str = "SUBSTITUTION_START";
        }
        map.put("ORDER BY", str);
        if (str5 == null) {
            str5 = ASCENDING;
        } else if (!ASCENDING.equalsIgnoreCase(str5) && !DESCENDING.equalsIgnoreCase(str5)) {
            throw new ActivitiIllegalArgumentException("Invalid argument for parameter 'order'");
        }
        map.put("ORDER", str5);
    }

    private Date validateEndTime(String str, DateTime dateTime) {
        DateTime dateTime2 = new DateTime(str);
        if (dateTime2.isBeforeNow()) {
            throw new ActivitiIllegalArgumentException("End time should be in future");
        }
        if (dateTime == null || !dateTime2.isBefore(dateTime.getMillis())) {
            return new Date(dateTime2.getMillis());
        }
        throw new ActivitiIllegalArgumentException("Invalid Start and End time combination");
    }

    private String getRequestedAssignee(String str) throws UserStoreException {
        String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
        UserRealm userRealm = BPMNOSGIService.getUserRealm();
        String str2 = str;
        if (str2 == null || str2.trim().isEmpty() || str2.equals(username)) {
            str2 = username;
        } else {
            if (!userRealm.getAuthorizationManager().isUserAuthorized(username, "/permission/admin/manage/bpmn/addSubstituteInfo", ADD_PERMISSION)) {
                throw new BPMNForbiddenException("Action requires BPMN substitution permission");
            }
            if (!userRealm.getUserStoreManager().isExistingUser(str2)) {
                throw new ActivitiIllegalArgumentException("Non existing user for argument assignee : " + str2);
            }
        }
        return str2;
    }

    private String validateAndGetSubstitute(String str, String str2) throws UserStoreException {
        UserRealm userRealm = BPMNOSGIService.getUserRealm();
        if (str == null || str.trim().isEmpty()) {
            throw new ActivitiIllegalArgumentException("The substitute must be specified");
        }
        if (str2.equalsIgnoreCase(str)) {
            throw new ActivitiIllegalArgumentException("Substitute and assignee should be different users");
        }
        if (userRealm.getUserStoreManager().isExistingUser(str.trim())) {
            return str;
        }
        throw new ActivitiIllegalArgumentException("Cannot substitute a non existing user: " + str);
    }

    static {
        propertiesMap.put("assignee", "USER");
        propertiesMap.put("substitute", "SUBSTITUTE");
        propertiesMap.put("enabled", "ENABLED");
        propertiesMap.put("start", "SUBSTITUTION_START");
        propertiesMap.put("end", "SUBSTITUTION_END");
        propertiesMap.put("start", "start");
        propertiesMap.put("size", "size");
        propertiesMap.put(Constants.ATTRNAME_ORDER, "ORDER");
        propertiesMap.put(Constants.ELEMNAME_SORT_STRING, "ORDER BY");
    }
}
