package org.graylog2.shared.rest.resources;

import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.ObjectWriter;
import com.fasterxml.jackson.jaxrs.cfg.EndpointConfigBase;
import com.fasterxml.jackson.jaxrs.cfg.ObjectWriterInjector;
import com.fasterxml.jackson.jaxrs.cfg.ObjectWriterModifier;
import com.google.common.base.Function;
import com.google.common.collect.FluentIterable;
import com.google.common.collect.Iterables;
import java.security.Principal;
import java.util.Arrays;
import javax.annotation.Nullable;
import javax.inject.Inject;
import javax.ws.rs.ForbiddenException;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
import org.apache.shiro.subject.Subject;
import org.graylog2.plugin.BaseConfiguration;
import org.graylog2.plugin.database.users.User;
import org.graylog2.shared.security.ShiroPrincipal;
import org.graylog2.shared.users.UserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/graylog2/shared/rest/resources/RestResource.class */
public abstract class RestResource {
    private static final Logger LOG = LoggerFactory.getLogger(RestResource.class);

    @Inject
    protected ObjectMapper objectMapper;

    @Inject
    protected UserService userService;

    @Inject
    private BaseConfiguration configuration;

    @Context
    SecurityContext securityContext;

    @Context
    UriInfo uriInfo;

    @QueryParam("pretty")
    public void setPrettyPrint(boolean z) {
        if (z) {
            ObjectWriterInjector.set(new ObjectWriterModifier() { // from class: org.graylog2.shared.rest.resources.RestResource.1
                public ObjectWriter modify(EndpointConfigBase<?> endpointConfigBase, MultivaluedMap<String, Object> multivaluedMap, Object obj, ObjectWriter objectWriter, JsonGenerator jsonGenerator) {
                    return objectWriter.withDefaultPrettyPrinter();
                }
            });
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Subject getSubject() {
        if (this.securityContext == null) {
            LOG.error("Cannot retrieve current subject, SecurityContext isn't set.");
            return null;
        }
        Principal userPrincipal = this.securityContext.getUserPrincipal();
        if (userPrincipal instanceof ShiroPrincipal) {
            return ((ShiroPrincipal) userPrincipal).getSubject();
        }
        LOG.error("Unknown SecurityContext class {}, cannot continue.", this.securityContext);
        throw new IllegalStateException();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isPermitted(String str, String str2) {
        return getSubject().isPermitted(str + ":" + str2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkPermission(String str) {
        if (!isPermitted(str)) {
            throw new ForbiddenException("Not authorized");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isPermitted(String str) {
        return getSubject().isPermitted(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkPermission(String str, String str2) {
        if (!isPermitted(str, str2)) {
            throw new ForbiddenException("Not authorized to access resource id " + str2);
        }
    }

    protected boolean isAnyPermitted(String[] strArr, final String str) {
        return isAnyPermitted((String[]) FluentIterable.from(Iterables.transform(Arrays.asList(strArr), new Function<String, String>() { // from class: org.graylog2.shared.rest.resources.RestResource.2
            @Nullable
            public String apply(String str2) {
                return str2 + ":" + str;
            }
        })).toArray(String.class));
    }

    protected boolean isAnyPermitted(String... strArr) {
        for (boolean z : getSubject().isPermitted(strArr)) {
            if (z) {
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkAnyPermission(String[] strArr, String str) {
        if (!isAnyPermitted(strArr, str)) {
            throw new ForbiddenException("Not authorized to access resource id " + str);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public User getCurrentUser() {
        User load = this.userService.load(getSubject().getPrincipal().toString());
        if (load == null) {
            LOG.error("Loading the current user failed, this should not happen. Did you call this method in an unauthenticated REST resource?");
        }
        return load;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UriBuilder getUriBuilderToSelf() {
        return this.configuration.getRestTransportUri() != null ? UriBuilder.fromUri(this.configuration.getRestTransportUri()) : this.uriInfo.getBaseUriBuilder();
    }
}
