package ch.software_atelier.simpleflex.rest.auth.rres;

import ch.software_atelier.simpleflex.rest.DefaultRestResource;
import ch.software_atelier.simpleflex.rest.RestRequest;
import ch.software_atelier.simpleflex.rest.RestResponse;
import ch.software_atelier.simpleflex.rest.auth.ExceptionHandler;
import ch.software_atelier.simpleflex.rest.auth.data.DataHandler;
import ch.software_atelier.simpleflex.rest.auth.data.DataHandlerException;
import ch.software_atelier.simpleflex.rest.auth.token.TokenHandler;
import ch.software_atelier.simpleflex.rest.auth.token.TokenHandlerException;
import ch.software_atelier.simpleflex.rest.auth.token.TokenParser;
import ch.software_atelier.simpleflex.rest.swagger.BodyParameter;
import ch.software_atelier.simpleflex.rest.swagger.HeaderParameter;
import ch.software_atelier.simpleflex.rest.swagger.MethodDocumentation;
import ch.software_atelier.simpleflex.rest.swagger.ObjectSchemaBuilder;
import ch.software_atelier.simpleflex.rest.swagger.PathParameter;
import com.google.gson.Gson;
import org.json.JSONObject;

/* loaded from: input_file:ch/software_atelier/simpleflex/rest/auth/rres/UserACLResource.class */
public class UserACLResource extends DefaultRestResource {
    private final DataHandler _dh;
    private final TokenHandler _th;
    private final TokenParser _tp;

    public UserACLResource(DataHandler dataHandler, TokenHandler tokenHandler, TokenParser tokenParser) {
        this._tp = tokenParser;
        this._dh = dataHandler;
        this._th = tokenHandler;
    }

    public RestResponse onPUT(RestRequest restRequest) {
        try {
            String token = this._tp.getToken(restRequest);
            this._tp.getUsername(token);
            String resourcePlaceholder = restRequest.getResourcePlaceholder("name");
            if (!this._tp.isAdmin(token)) {
                return RestResponse.unauthorized_401();
            }
            this._dh.putUserACL(resourcePlaceholder, restRequest.getJSON().getString("yaml"));
            return RestResponse.json_200(new JSONObject().put("ok", true));
        } catch (DataHandlerException | TokenHandlerException e) {
            return ExceptionHandler.handle(e, true);
        }
    }

    public void docPUT(MethodDocumentation methodDocumentation) {
        methodDocumentation.setTitle("Put User ACL");
        methodDocumentation.addTag("Authorisazion");
        methodDocumentation.setDescription("Saves the users ACL if the requesting user has admin previliges.\r\n");
        methodDocumentation.addProduces("application/json");
        methodDocumentation.addParameter(new HeaderParameter("Authorization", "the access token, Baerer"));
        methodDocumentation.addParameter(new PathParameter("name", "the username"));
        methodDocumentation.addParameter(new BodyParameter("body", ObjectSchemaBuilder.create("the Access control list as YAML").addSimpleProperty("yaml", "string", "the ACL as YAML", true).toJSON()));
        methodDocumentation.addResponse("200", "OK", ObjectSchemaBuilder.create("ok").addSimpleProperty("ok", "boolean", "will always be true", true).toJSON());
    }

    public RestResponse onGET(RestRequest restRequest) {
        try {
            String token = this._tp.getToken(restRequest);
            this._tp.getUsername(token);
            String resourcePlaceholder = restRequest.getResourcePlaceholder("name");
            if (!this._tp.isAdmin(token)) {
                return RestResponse.unauthorized_401();
            }
            new Gson();
            return RestResponse.json_200(new JSONObject().put("yaml", this._dh.getUserACLasYAML(resourcePlaceholder)));
        } catch (DataHandlerException | TokenHandlerException e) {
            return ExceptionHandler.handle(e, true);
        }
    }

    public void docGET(MethodDocumentation methodDocumentation) {
        methodDocumentation.setTitle("Get Users ACL");
        methodDocumentation.addTag("Authorisazion");
        methodDocumentation.setDescription("Returns the users ACL if the requesting user has admin previliges.");
        methodDocumentation.addProduces("application/json");
        methodDocumentation.addParameter(new HeaderParameter("Authorization", "the access token, Baerer"));
        methodDocumentation.addParameter(new PathParameter("name", "the username"));
        methodDocumentation.addResponse("200", "OK", ObjectSchemaBuilder.create("the users ACL as YAML").addSimpleProperty("yaml", "string", "the ACL as YAML", true).toJSON());
    }
}
