package org.wso2.micro.integrator.management.apis;

import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.commons.json.JsonUtil;
import org.apache.synapse.config.SynapseConfiguration;
import org.json.JSONObject;
import org.wso2.micro.integrator.management.apis.security.handler.SecurityUtils;
import org.wso2.micro.integrator.security.user.api.Permission;
import org.wso2.micro.integrator.security.user.api.UserStoreException;
import org.wso2.micro.integrator.security.user.api.UserStoreManager;

/* loaded from: input_file:org/wso2/micro/integrator/management/apis/RolesResource.class */
public class RolesResource implements MiApiResource {
    private static final Log LOG = LogFactory.getLog(RolesResource.class);
    private static final String ROLE_LIST_ADDED = "addedRoles";
    private static final String ROLE_LIST_REMOVED = "removedRoles";
    protected Set<String> methods = new HashSet();

    public RolesResource() {
        this.methods.add(Constants.HTTP_GET);
        this.methods.add(Constants.HTTP_POST);
        this.methods.add(Constants.HTTP_PUT);
    }

    @Override // org.wso2.micro.integrator.management.apis.MiApiResource
    public Set<String> getMethods() {
        return this.methods;
    }

    @Override // org.wso2.micro.integrator.management.apis.MiApiResource
    public boolean invoke(MessageContext messageContext, org.apache.axis2.context.MessageContext messageContext2, SynapseConfiguration synapseConfiguration) {
        JSONObject createJsonError;
        String obj = messageContext2.getProperty(Constants.HTTP_METHOD_PROPERTY).toString();
        if (LOG.isDebugEnabled()) {
            LOG.debug("Handling " + obj + "request.");
        }
        if (Boolean.TRUE.equals(SecurityUtils.isFileBasedUserStoreEnabled())) {
            Utils.setInvalidUserStoreResponse(messageContext2);
            return true;
        }
        try {
            boolean z = -1;
            switch (obj.hashCode()) {
                case 70454:
                    if (obj.equals(Constants.HTTP_GET)) {
                        z = false;
                        break;
                    }
                    break;
                case 79599:
                    if (obj.equals(Constants.HTTP_PUT)) {
                        z = 2;
                        break;
                    }
                    break;
                case 2461856:
                    if (obj.equals(Constants.HTTP_POST)) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    createJsonError = handleGet(messageContext);
                    break;
                case true:
                    createJsonError = handlePost(messageContext, messageContext2);
                    break;
                case true:
                    createJsonError = handlePut(messageContext, messageContext2);
                    break;
                default:
                    createJsonError = Utils.createJsonError("Unsupported HTTP method, " + obj + ". Only GET and DELETE methods are supported", messageContext2, Constants.BAD_REQUEST);
                    break;
            }
        } catch (UserStoreException e) {
            createJsonError = Utils.createJsonError("Error initializing the user store. Please try again later ", e, messageContext2, Constants.INTERNAL_SERVER_ERROR);
        } catch (IOException e2) {
            createJsonError = Utils.createJsonError("Error processing the request. ", e2, messageContext2, Constants.BAD_REQUEST);
        } catch (ResourceNotFoundException e3) {
            createJsonError = Utils.createJsonError("Requested resource not found. ", e3, messageContext2, Constants.NOT_FOUND);
        }
        messageContext2.removeProperty("NO_ENTITY_BODY");
        Utils.setJsonPayLoad(messageContext2, createJsonError);
        return true;
    }

    protected JSONObject handleGet(MessageContext messageContext) throws UserStoreException {
        if (!Utils.isUserAuthenticated(messageContext)) {
            LOG.warn("Listing user roles without authenticating/authorizing the request sender. Adding authentication and authorization handlers is recommended.");
        }
        String[] roleNames = Utils.getUserStore(null).getRoleNames();
        JSONObject createJSONList = Utils.createJSONList(roleNames.length);
        for (String str : roleNames) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put(Constants.ROLE, str);
            createJSONList.getJSONArray(Constants.LIST).put(jSONObject);
        }
        return createJSONList;
    }

    protected JSONObject handlePost(MessageContext messageContext, org.apache.axis2.context.MessageContext messageContext2) throws UserStoreException, ResourceNotFoundException, IOException {
        if (!Utils.isUserAuthenticated(messageContext)) {
            LOG.warn("Adding a user without authenticating/authorizing the request sender. Adding authetication and authorization handlers is recommended.");
        }
        if (!JsonUtil.hasAJsonPayload(messageContext2)) {
            return Utils.createJsonErrorObject("JSON payload is missing");
        }
        JsonObject jsonPayload = Utils.getJsonPayload(messageContext2);
        String str = null;
        if (jsonPayload.has(Constants.DOMAIN)) {
            str = jsonPayload.get(Constants.DOMAIN).getAsString();
        }
        UserStoreManager userStore = Utils.getUserStore(str);
        if (!jsonPayload.has(Constants.ROLE)) {
            throw new IOException("Missing role name in the payload");
        }
        String asString = jsonPayload.get(Constants.ROLE).getAsString();
        if (userStore.isExistingRole(asString)) {
            throw new UserStoreException("The role : " + asString + " already exists");
        }
        userStore.addRole(asString, (String[]) null, (Permission[]) null, false);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(Constants.ROLE, asString);
        jSONObject.put(Constants.STATUS, "Added");
        return jSONObject;
    }

    protected JSONObject handlePut(MessageContext messageContext, org.apache.axis2.context.MessageContext messageContext2) throws UserStoreException, ResourceNotFoundException, IOException {
        if (!Utils.isUserAuthenticated(messageContext)) {
            LOG.warn("Adding a user without authenticating/authorizing the request sender. Adding authetication and authorization handlers is recommended.");
        }
        if (!JsonUtil.hasAJsonPayload(messageContext2)) {
            return Utils.createJsonErrorObject("JSON payload is missing");
        }
        JsonObject jsonPayload = Utils.getJsonPayload(messageContext2);
        String str = null;
        if (jsonPayload.has(Constants.DOMAIN)) {
            str = jsonPayload.get(Constants.DOMAIN).getAsString();
        }
        UserStoreManager userStore = Utils.getUserStore(str);
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        if ((!jsonPayload.has(ROLE_LIST_ADDED) && !jsonPayload.has(ROLE_LIST_REMOVED)) || !jsonPayload.has(Constants.USER_ID)) {
            throw new IOException("Missing one or more of the fields, 'userId', 'addedRoles', 'removedRoles' in the payload.");
        }
        String asString = jsonPayload.get(Constants.USER_ID).getAsString();
        if (!userStore.isExistingUser(asString)) {
            throw new UserStoreException("The user : " + asString + " does not exists");
        }
        if (jsonPayload.has(ROLE_LIST_ADDED)) {
            Iterator it = jsonPayload.getAsJsonArray(ROLE_LIST_ADDED).iterator();
            while (it.hasNext()) {
                arrayList.add(((JsonElement) it.next()).getAsString());
            }
        }
        if (jsonPayload.has(ROLE_LIST_REMOVED)) {
            Iterator it2 = jsonPayload.getAsJsonArray(ROLE_LIST_REMOVED).iterator();
            while (it2.hasNext()) {
                arrayList2.add(((JsonElement) it2.next()).getAsString());
            }
        }
        userStore.updateRoleListOfUser(asString, (String[]) arrayList2.toArray(new String[0]), (String[]) arrayList.toArray(new String[0]));
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(Constants.USER_ID, asString);
        jSONObject.put(Constants.STATUS, "Added/removed the roles");
        return jSONObject;
    }
}
