package org.dspace.app.rest.repository;

import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import java.util.UUID;
import org.dspace.app.rest.Parameter;
import org.dspace.app.rest.SearchRestMethod;
import org.dspace.app.rest.authorization.Authorization;
import org.dspace.app.rest.authorization.AuthorizationFeature;
import org.dspace.app.rest.authorization.AuthorizationFeatureService;
import org.dspace.app.rest.authorization.AuthorizationRestUtil;
import org.dspace.app.rest.converter.ConverterService;
import org.dspace.app.rest.exception.RepositoryMethodNotImplementedException;
import org.dspace.app.rest.model.AuthorizationRest;
import org.dspace.app.rest.model.BaseObjectRest;
import org.dspace.authorize.AuthorizeException;
import org.dspace.authorize.service.AuthorizeService;
import org.dspace.core.Context;
import org.dspace.eperson.EPerson;
import org.dspace.eperson.service.EPersonService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Component;

@Component("authz.authorization")
/* loaded from: input_file:org/dspace/app/rest/repository/AuthorizationRestRepository.class */
public class AuthorizationRestRepository extends DSpaceRestRepository<AuthorizationRest, String> {
    private static final Logger log = LoggerFactory.getLogger(AuthorizationRestRepository.class);

    @Autowired
    private AuthorizationFeatureService authorizationFeatureService;

    @Autowired
    private AuthorizationRestUtil authorizationRestUtil;

    @Autowired
    private AuthorizeService authorizeService;

    @Autowired
    private EPersonService epersonService;

    @Autowired
    protected ConverterService converter;

    @Override // org.dspace.app.rest.repository.DSpaceRestRepository
    @PreAuthorize("hasPermission(#id, 'authorization', 'READ')")
    public AuthorizationRest findOne(Context context, String str) {
        AuthorizationRest authorizationRest = null;
        try {
            String featureName = this.authorizationRestUtil.getFeatureName(str);
            try {
                try {
                    BaseObjectRest object = this.authorizationRestUtil.getObject(context, str);
                    AuthorizationFeature authorizationFeature = null;
                    if (featureName != null) {
                        authorizationFeature = this.authorizationFeatureService.find(featureName);
                    }
                    if (authorizationFeature == null) {
                        return null;
                    }
                    try {
                        EPerson eperson = this.authorizationRestUtil.getEperson(context, str);
                        EPerson currentUser = context.getCurrentUser();
                        if (currentUser != eperson) {
                            context.switchContextUser(eperson);
                        }
                        if (this.authorizationFeatureService.isAuthorized(context, authorizationFeature, object)) {
                            Authorization authorization = new Authorization();
                            authorization.setEperson(eperson);
                            authorization.setFeature(authorizationFeature);
                            authorization.setObject(object);
                            authorizationRest = (AuthorizationRest) this.converter.toRest(authorization, this.utils.obtainProjection());
                        }
                        if (currentUser != eperson) {
                            context.restoreContextUser();
                        }
                        return authorizationRest;
                    } catch (IllegalArgumentException e) {
                        log.warn("Invalid eperson informations in the specified id " + str, e);
                        return null;
                    }
                } catch (IllegalArgumentException e2) {
                    log.warn("Object informations not found in the specified id " + str, e2);
                    return null;
                }
            } catch (SQLException e3) {
                throw new RuntimeException(e3.getMessage(), e3);
            }
        } catch (IllegalArgumentException e4) {
            log.warn(e4.getMessage(), e4);
            return null;
        }
    }

    @SearchRestMethod(name = "object")
    @PreAuthorize("#epersonUuid==null || hasPermission(#epersonUuid, 'EPERSON', 'READ')")
    public Page<AuthorizationRest> findByObject(@Parameter(value = "uri", required = true) String str, @Parameter("eperson") UUID uuid, Pageable pageable) throws AuthorizeException, SQLException {
        Context obtainContext = obtainContext();
        BaseObjectRest baseObjectRestFromUri = this.utils.getBaseObjectRestFromUri(obtainContext, str);
        if (baseObjectRestFromUri == null) {
            return null;
        }
        EPerson currentUser = obtainContext.getCurrentUser();
        EPerson userFromRequestParameter = getUserFromRequestParameter(obtainContext, uuid);
        if (currentUser != userFromRequestParameter) {
            obtainContext.switchContextUser(userFromRequestParameter);
        }
        List<AuthorizationFeature> findByResourceType = this.authorizationFeatureService.findByResourceType(baseObjectRestFromUri.getUniqueType());
        ArrayList arrayList = new ArrayList();
        for (AuthorizationFeature authorizationFeature : findByResourceType) {
            if (this.authorizationFeatureService.isAuthorized(obtainContext, authorizationFeature, baseObjectRestFromUri)) {
                arrayList.add(new Authorization(userFromRequestParameter, authorizationFeature, baseObjectRestFromUri));
            }
        }
        if (currentUser != userFromRequestParameter) {
            obtainContext.restoreContextUser();
        }
        return this.converter.toRestPage(this.utils.getPage(arrayList, pageable), this.utils.obtainProjection());
    }

    @SearchRestMethod(name = "objectAndFeature")
    @PreAuthorize("#epersonUuid==null || hasPermission(#epersonUuid, 'EPERSON', 'READ')")
    public AuthorizationRest findByObjectAndFeature(@Parameter(value = "uri", required = true) String str, @Parameter("eperson") UUID uuid, @Parameter(value = "feature", required = true) String str2, Pageable pageable) throws AuthorizeException, SQLException {
        Context obtainContext = obtainContext();
        BaseObjectRest baseObjectRestFromUri = this.utils.getBaseObjectRestFromUri(obtainContext, str);
        if (baseObjectRestFromUri == null) {
            return null;
        }
        EPerson currentUser = obtainContext.getCurrentUser();
        EPerson userFromRequestParameter = getUserFromRequestParameter(obtainContext, uuid);
        if (currentUser != userFromRequestParameter) {
            obtainContext.switchContextUser(userFromRequestParameter);
        }
        AuthorizationFeature find = this.authorizationFeatureService.find(str2);
        AuthorizationRest authorizationRest = null;
        if (this.authorizationFeatureService.isAuthorized(obtainContext, find, baseObjectRestFromUri)) {
            Authorization authorization = new Authorization();
            authorization.setEperson(userFromRequestParameter);
            authorization.setFeature(find);
            authorization.setObject(baseObjectRestFromUri);
            authorizationRest = (AuthorizationRest) this.converter.toRest(authorization, this.utils.obtainProjection());
        }
        if (currentUser != userFromRequestParameter) {
            obtainContext.restoreContextUser();
        }
        return authorizationRest;
    }

    private EPerson getUserFromRequestParameter(Context context, UUID uuid) throws AuthorizeException, SQLException {
        EPerson ePerson;
        EPerson currentUser = context.getCurrentUser();
        if (uuid == null) {
            ePerson = null;
        } else {
            if (currentUser == null) {
                throw new AuthorizeException("attempt to anonymously access the authorization of the eperson " + uuid);
            }
            if (!this.authorizeService.isAdmin(context) && !uuid.equals(currentUser.getID())) {
                throw new AuthorizeException("attempt to access the authorization of the eperson " + uuid + " only system administrators can see the authorization of other users");
            }
            ePerson = (EPerson) this.epersonService.find(context, uuid);
        }
        return ePerson;
    }

    @Override // org.dspace.app.rest.repository.DSpaceRestRepository
    public Class<AuthorizationRest> getDomainClass() {
        return AuthorizationRest.class;
    }

    @Override // org.dspace.app.rest.repository.DSpaceRestRepository
    public Page<AuthorizationRest> findAll(Context context, Pageable pageable) {
        throw new RepositoryMethodNotImplementedException(AuthorizationRest.NAME, "findAll");
    }
}
