package org.wso2.carbon.registry.rest.api;

import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.registry.rest.api.security.RestAPIAuthContext;
import org.wso2.carbon.registry.rest.api.security.RestAPISecurityUtils;

@Path("/rate")
/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/registry/rest/api/Rate.class */
public class Rate extends RegistryRestSuper {
    private Log log = LogFactory.getLog(Rate.class);

    @POST
    @Produces({RestAPIConstants.TYPE_JSON})
    public Response rateResource(@QueryParam("path") String str, @QueryParam("value") int i, @HeaderParam("X-JWT-Assertion") String str2) {
        RestAPIAuthContext authContext = RestAPISecurityUtils.getAuthContext(PrivilegedCarbonContext.getThreadLocalCarbonContext(), str2);
        if (!authContext.isAuthorized()) {
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        try {
            Registry userRegistry = getUserRegistry(authContext.getUserName(), authContext.getTenantId());
            if (!userRegistry.resourceExists(str)) {
                return Response.status(Response.Status.NOT_FOUND).build();
            }
            userRegistry.rateResource(str, i);
            return Response.ok(Float.valueOf(userRegistry.getAverageRating(str))).build();
        } catch (RegistryException e) {
            this.log.error("user doesn't have permission to rate a resource", e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
    }
}
