package org.dspace.app.rest;

import java.io.IOException;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.dspace.app.rest.exception.UnprocessableEntityException;
import org.dspace.app.rest.utils.ContextUtil;
import org.dspace.app.rest.utils.Utils;
import org.dspace.app.util.AuthorizeUtil;
import org.dspace.authorize.AuthorizeException;
import org.dspace.core.Context;
import org.dspace.eperson.EPerson;
import org.dspace.eperson.Group;
import org.dspace.eperson.service.EPersonService;
import org.dspace.eperson.service.GroupService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.rest.webmvc.ResourceNotFoundException;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/api/eperson/groups"})
@RestController
/* loaded from: input_file:org/dspace/app/rest/GroupRestController.class */
public class GroupRestController {

    @Autowired
    private GroupService groupService;

    @Autowired
    private EPersonService ePersonService;

    @Autowired
    Utils utils;

    @RequestMapping(method = {RequestMethod.POST}, path = {"/{uuid}/subgroups"}, consumes = {"text/uri-list"})
    @PreAuthorize("hasAuthority('AUTHENTICATED')")
    public void addChildGroups(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws SQLException, AuthorizeException {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Group group = (Group) this.groupService.find(obtainContext, uuid);
        if (group == null) {
            throw new ResourceNotFoundException("parent group is not found for uuid: " + uuid);
        }
        AuthorizeUtil.authorizeManageGroup(obtainContext, group);
        List<String> stringListFromRequest = this.utils.getStringListFromRequest(httpServletRequest);
        ArrayList arrayList = new ArrayList();
        for (String str : stringListFromRequest) {
            Optional<Group> findGroup = findGroup(obtainContext, str);
            if (!findGroup.isPresent() || !canAddGroup(obtainContext, group, findGroup.get())) {
                throw new UnprocessableEntityException("cannot add child group: " + str);
            }
            arrayList.add(findGroup.get());
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            this.groupService.addMember(obtainContext, group, (Group) it.next());
        }
        this.groupService.update(obtainContext, group);
        obtainContext.complete();
        httpServletResponse.setStatus(204);
    }

    private Optional<Group> findGroup(Context context, String str) throws SQLException {
        Group group = null;
        Matcher matcher = Pattern.compile("^.*/([0-9a-fxA-FX]{8}-[0-9a-fxA-FX]{4}-[0-9a-fxA-FX]{4}-[0-9a-fxA-FX]{4}-[0-9a-fxA-FX]{12})/?$").matcher(str);
        if (matcher.matches()) {
            group = this.groupService.find(context, UUID.fromString(matcher.group(1)));
        }
        return Optional.ofNullable(group);
    }

    private boolean canAddGroup(Context context, Group group, Group group2) throws SQLException {
        return !this.groupService.isParentOf(context, group2, group);
    }

    @RequestMapping(method = {RequestMethod.POST}, path = {"/{uuid}/epersons"}, consumes = {"text/uri-list"})
    @PreAuthorize("hasAuthority('AUTHENTICATED')")
    public void addMembers(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws SQLException, AuthorizeException {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Group find = this.groupService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("parent group is not found for uuid: " + uuid);
        }
        AuthorizeUtil.authorizeManageGroup(obtainContext, find);
        List<String> stringListFromRequest = this.utils.getStringListFromRequest(httpServletRequest);
        ArrayList arrayList = new ArrayList();
        for (String str : stringListFromRequest) {
            Optional<EPerson> findEPerson = findEPerson(obtainContext, str);
            if (!findEPerson.isPresent()) {
                throw new UnprocessableEntityException("cannot add child group: " + str);
            }
            arrayList.add(findEPerson.get());
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            this.groupService.addMember(obtainContext, find, (EPerson) it.next());
        }
        obtainContext.complete();
        httpServletResponse.setStatus(204);
    }

    private Optional<EPerson> findEPerson(Context context, String str) throws SQLException {
        EPerson ePerson = null;
        Matcher matcher = Pattern.compile("^.*/([0-9a-fxA-FX]{8}-[0-9a-fxA-FX]{4}-[0-9a-fxA-FX]{4}-[0-9a-fxA-FX]{4}-[0-9a-fxA-FX]{12})/?$").matcher(str);
        if (matcher.matches()) {
            ePerson = this.ePersonService.find(context, UUID.fromString(matcher.group(1)));
        }
        return Optional.ofNullable(ePerson);
    }

    @RequestMapping(method = {RequestMethod.DELETE}, path = {"/{parentUUID}/subgroups/{childUUID}"})
    @PreAuthorize("hasAuthority('AUTHENTICATED')")
    public void removeChildGroup(@PathVariable UUID uuid, @PathVariable UUID uuid2, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws IOException, SQLException, AuthorizeException {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Group find = this.groupService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("parent group is not found for uuid: " + uuid);
        }
        AuthorizeUtil.authorizeManageGroup(obtainContext, find);
        Group find2 = this.groupService.find(obtainContext, uuid2);
        if (find2 == null) {
            httpServletResponse.sendError(422);
        }
        this.groupService.removeMember(obtainContext, find, find2);
        this.groupService.update(obtainContext, find);
        obtainContext.complete();
        httpServletResponse.setStatus(204);
    }

    @RequestMapping(method = {RequestMethod.DELETE}, path = {"/{parentUUID}/epersons/{memberUUID}"})
    @PreAuthorize("hasAuthority('AUTHENTICATED')")
    public void removeMember(@PathVariable UUID uuid, @PathVariable UUID uuid2, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws IOException, SQLException, AuthorizeException {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Group find = this.groupService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("parent group is not found for uuid: " + uuid);
        }
        AuthorizeUtil.authorizeManageGroup(obtainContext, find);
        EPerson find2 = this.ePersonService.find(obtainContext, uuid2);
        if (find2 == null) {
            httpServletResponse.sendError(422);
        }
        this.groupService.removeMember(obtainContext, find, find2);
        obtainContext.complete();
        httpServletResponse.setStatus(204);
    }
}
