package org.restcomm.connect.http;

import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.sun.jersey.core.header.LinkHeader;
import com.sun.jersey.spi.resource.Singleton;
import com.thoughtworks.xstream.XStream;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import javax.annotation.PostConstruct;
import javax.annotation.security.RolesAllowed;
import javax.servlet.ServletContext;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriInfo;
import org.apache.commons.configuration.Configuration;
import org.joda.time.DateTime;
import org.restcomm.connect.commons.annotations.concurrency.ThreadSafe;
import org.restcomm.connect.commons.dao.Sid;
import org.restcomm.connect.core.service.api.ClientPasswordHashingService;
import org.restcomm.connect.core.service.api.ProfileService;
import org.restcomm.connect.dao.ClientsDao;
import org.restcomm.connect.dao.DaoManager;
import org.restcomm.connect.dao.entities.Client;
import org.restcomm.connect.dao.entities.Organization;
import org.restcomm.connect.dao.entities.OrganizationList;
import org.restcomm.connect.dao.entities.Profile;
import org.restcomm.connect.dao.entities.RestCommResponse;
import org.restcomm.connect.dns.DnsProvisioningManager;
import org.restcomm.connect.dns.DnsProvisioningManagerProvider;
import org.restcomm.connect.http.converter.ClientConverter;
import org.restcomm.connect.http.converter.ClientListConverter;
import org.restcomm.connect.http.converter.OrganizationConverter;
import org.restcomm.connect.http.converter.OrganizationListConverter;
import org.restcomm.connect.http.converter.RestCommResponseConverter;
import org.restcomm.connect.http.security.AccountPrincipal;
import org.restcomm.connect.http.security.ContextUtil;
import org.restcomm.connect.identity.UserIdentityContext;

@Singleton
@ThreadSafe
@Path("/Organizations")
@RolesAllowed({AccountPrincipal.SUPER_ADMIN_ROLE})
/* loaded from: input_file:org/restcomm/connect/http/OrganizationsEndpoint.class */
public class OrganizationsEndpoint extends AbstractEndpoint {

    @Context
    private ServletContext context;
    private DnsProvisioningManager dnsProvisioningManager;
    private Gson gson;
    private XStream xstream;
    private final String MSG_EMPTY_DOMAIN_NAME = "domain name can not be empty. Please, choose a valid name and try again.";
    private final String MSG_INVALID_DOMAIN_NAME_PATTERN = "Total Length of domain_name can be upto 255 Characters. It can contain only letters, number and hyphen - sign.. Please, choose a valid name and try again.";
    private final String MSG_DOMAIN_NAME_NOT_AVAILABLE = "This domain name is not available. Please, choose a different name and try again.";
    private final String SUB_DOMAIN_NAME_VALIDATION_PATTERN = "[A-Za-z0-9\\-]{1,255}";
    private Pattern pattern;
    private ProfileService profileService;
    private ClientPasswordHashingService clientPasswordHashingService;
    private ClientsDao clientsDao;
    private OrganizationListConverter listConverter;

    @PostConstruct
    void init() {
        this.configuration = (Configuration) this.context.getAttribute(Configuration.class.getName());
        super.init(this.configuration.subset("runtime-settings"));
        registerConverters();
        this.clientsDao = ((DaoManager) this.context.getAttribute(DaoManager.class.getName())).getClientsDao();
        try {
            this.dnsProvisioningManager = new DnsProvisioningManagerProvider(this.configuration.subset("runtime-settings"), this.context).get();
        } catch (Exception e) {
            this.logger.error("Unable to get dnsProvisioningManager", e);
        }
        this.pattern = Pattern.compile("[A-Za-z0-9\\-]{1,255}");
        this.profileService = (ProfileService) this.context.getAttribute(ProfileService.class.getName());
        this.clientPasswordHashingService = (ClientPasswordHashingService) this.context.getAttribute(ClientPasswordHashingService.class.getName());
    }

    private void registerConverters() {
        OrganizationConverter organizationConverter = new OrganizationConverter(this.configuration);
        this.listConverter = new OrganizationListConverter(this.configuration);
        ClientConverter clientConverter = new ClientConverter(this.configuration);
        ClientListConverter clientListConverter = new ClientListConverter(this.configuration);
        GsonBuilder gsonBuilder = new GsonBuilder();
        gsonBuilder.serializeNulls();
        gsonBuilder.registerTypeAdapter(Organization.class, organizationConverter);
        gsonBuilder.registerTypeAdapter(Client.class, organizationConverter);
        gsonBuilder.setPrettyPrinting();
        this.gson = gsonBuilder.create();
        this.xstream = new XStream();
        this.xstream.alias("RestcommResponse", RestCommResponse.class);
        this.xstream.registerConverter(organizationConverter);
        this.xstream.registerConverter(this.listConverter);
        this.xstream.registerConverter(clientConverter);
        this.xstream.registerConverter(clientListConverter);
        this.xstream.registerConverter(new RestCommResponseConverter(this.configuration));
    }

    protected Response getOrganization(String str, MediaType mediaType, UriInfo uriInfo, UserIdentityContext userIdentityContext) {
        Organization organization;
        this.permissionEvaluator.checkPermission("RestComm:Read:Organizations", userIdentityContext);
        if (!Sid.pattern.matcher(str).matches()) {
            return Response.status(Response.Status.BAD_REQUEST).build();
        }
        try {
            if (this.permissionEvaluator.isSuperAdmin(userIdentityContext)) {
                organization = this.organizationsDao.getOrganization(new Sid(str));
            } else {
                if (!userIdentityContext.getEffectiveAccount().getOrganizationSid().equals(new Sid(str))) {
                    return Response.status(Response.Status.FORBIDDEN).build();
                }
                organization = this.organizationsDao.getOrganization(new Sid(str));
            }
            if (organization == null) {
                return Response.status(Response.Status.NOT_FOUND).build();
            }
            Response.ResponseBuilder ok = Response.ok();
            Profile retrieveEffectiveProfileByOrganizationSid = this.profileService.retrieveEffectiveProfileByOrganizationSid(new Sid(str));
            if (retrieveEffectiveProfileByOrganizationSid != null) {
                ok.header(ProfileEndpoint.LINK_HEADER, composeLink(new Sid(retrieveEffectiveProfileByOrganizationSid.getSid()), uriInfo).toString());
            }
            if (MediaType.APPLICATION_XML_TYPE.equals(mediaType)) {
                return ok.type("application/xml").entity(this.xstream.toXML(new RestCommResponse(organization))).build();
            }
            if (MediaType.APPLICATION_JSON_TYPE.equals(mediaType)) {
                return ok.type("application/json").entity(this.gson.toJson(organization)).build();
            }
            return null;
        } catch (Exception e) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
    }

    protected Response getOrganizations(UriInfo uriInfo, MediaType mediaType) {
        String str = (String) uriInfo.getQueryParameters().getFirst("Status");
        List allOrganizations = (str == null || Organization.Status.getValueOf(str.toLowerCase()) == null) ? this.organizationsDao.getAllOrganizations() : this.organizationsDao.getOrganizationsByStatus(Organization.Status.getValueOf(str.toLowerCase()));
        if (allOrganizations == null || allOrganizations.isEmpty()) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        if (MediaType.APPLICATION_XML_TYPE.equals(mediaType)) {
            return Response.ok(this.xstream.toXML(new RestCommResponse(new OrganizationList(allOrganizations))), "application/xml").build();
        }
        if (MediaType.APPLICATION_JSON_TYPE.equals(mediaType)) {
            return Response.ok(this.gson.toJson(allOrganizations), "application/json").build();
        }
        return null;
    }

    protected Response putOrganization(String str, UriInfo uriInfo, MediaType mediaType) {
        Organization organization;
        if (str == null) {
            return Response.status(Response.Status.BAD_REQUEST).entity("domain name can not be empty. Please, choose a valid name and try again.").build();
        }
        if (!this.pattern.matcher(str).matches()) {
            return Response.status(Response.Status.BAD_REQUEST).entity("Total Length of domain_name can be upto 255 Characters. It can contain only letters, number and hyphen - sign.. Please, choose a valid name and try again.").build();
        }
        if (this.dnsProvisioningManager != null) {
            String str2 = (String) uriInfo.getQueryParameters().getFirst("HostedZoneId");
            String completeDomainName = this.dnsProvisioningManager.getCompleteDomainName(str, str2);
            if (this.organizationsDao.getOrganizationByDomainName(completeDomainName) == null && !this.dnsProvisioningManager.doesResourceRecordAlreadyExists(str, str2)) {
                if (!this.dnsProvisioningManager.createResourceRecord(str, str2)) {
                    this.logger.error("could not create resource record on dns server");
                    return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
                }
                organization = new Organization(Sid.generate(Sid.Type.ORGANIZATION), completeDomainName, DateTime.now(), DateTime.now(), Organization.Status.ACTIVE);
                this.organizationsDao.addOrganization(organization);
            }
            return Response.status(Response.Status.CONFLICT).entity("This domain name is not available. Please, choose a different name and try again.").build();
        }
        if (this.organizationsDao.getOrganizationByDomainName(str) != null) {
            return Response.status(Response.Status.CONFLICT).entity("This domain name is not available. Please, choose a different name and try again.").build();
        }
        this.logger.warn("No DNS provisioning Manager is configured, restcomm will not make any queries to DNS server.");
        organization = new Organization(Sid.generate(Sid.Type.ORGANIZATION), str, DateTime.now(), DateTime.now(), Organization.Status.ACTIVE);
        this.organizationsDao.addOrganization(organization);
        if (MediaType.APPLICATION_XML_TYPE.equals(mediaType)) {
            return Response.ok(this.xstream.toXML(new RestCommResponse(organization)), "application/xml").build();
        }
        if (MediaType.APPLICATION_JSON_TYPE.equals(mediaType)) {
            return Response.ok(this.gson.toJson(organization), "application/json").build();
        }
        return null;
    }

    protected Response migrateClientsOrganization(String str, UriInfo uriInfo, MediaType mediaType, UserIdentityContext userIdentityContext) {
        this.permissionEvaluator.checkPermission("RestComm:Read:Organizations", userIdentityContext);
        if (!Sid.pattern.matcher(str).matches()) {
            return Response.status(Response.Status.BAD_REQUEST).build();
        }
        try {
            if (!this.permissionEvaluator.isSuperAdmin(userIdentityContext)) {
                return Response.status(Response.Status.FORBIDDEN).build();
            }
            Organization organization = this.organizationsDao.getOrganization(new Sid(str));
            if (organization == null) {
                return Response.status(Response.Status.NOT_FOUND).build();
            }
            Response.ResponseBuilder ok = Response.ok();
            Map hashClientPassword = this.clientPasswordHashingService.hashClientPassword(this.clientsDao.getClientsByOrg(organization.getSid()), organization.getDomainName());
            if (MediaType.APPLICATION_XML_TYPE.equals(mediaType)) {
                return ok.type("application/xml").entity(this.xstream.toXML(new RestCommResponse(hashClientPassword))).build();
            }
            if (MediaType.APPLICATION_JSON_TYPE.equals(mediaType)) {
                return ok.type("application/json").entity(this.gson.toJson(hashClientPassword)).build();
            }
            return null;
        } catch (Exception e) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
    }

    public LinkHeader composeLink(Sid sid, UriInfo uriInfo) {
        return LinkHeader.uri(uriInfo.getBaseUriBuilder().path(ProfileEndpoint.class).path(sid.toString()).build(new Object[0])).parameter(ProfileEndpoint.TITLE_PARAM, "Profiles").rel(ProfileEndpoint.PROFILE_REL_TYPE).build();
    }

    @GET
    @Path("/{organizationSid}")
    @Produces({"application/xml", "application/json"})
    @RolesAllowed({AccountPrincipal.SUPER_ADMIN_ROLE, AccountPrincipal.ADMIN_ROLE})
    public Response getOrganizationAsXml(@PathParam("organizationSid") String str, @Context UriInfo uriInfo, @HeaderParam("Accept") String str2, @Context SecurityContext securityContext) {
        return getOrganization(str, retrieveMediaType(str2), uriInfo, ContextUtil.convert(securityContext));
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @RolesAllowed({AccountPrincipal.SUPER_ADMIN_ROLE})
    public Response getOrganizations(@Context UriInfo uriInfo, @HeaderParam("Accept") String str) {
        return getOrganizations(uriInfo, retrieveMediaType(str));
    }

    @Path("/{domainName}")
    @Produces({"application/xml", "application/json"})
    @RolesAllowed({AccountPrincipal.SUPER_ADMIN_ROLE})
    @PUT
    public Response putOrganizationPut(@PathParam("domainName") String str, @Context UriInfo uriInfo, @HeaderParam("Accept") String str2) {
        return putOrganization(str, uriInfo, retrieveMediaType(str2));
    }

    @Path("/{organizationSid}/Migrate")
    @Produces({"application/xml", "application/json"})
    @RolesAllowed({AccountPrincipal.SUPER_ADMIN_ROLE})
    @PUT
    public Response migrateClientsOrganizationPut(@PathParam("organizationSid") String str, @Context UriInfo uriInfo, @HeaderParam("Accept") String str2, @Context SecurityContext securityContext) {
        return migrateClientsOrganization(str, uriInfo, retrieveMediaType(str2), ContextUtil.convert(securityContext));
    }
}
