package org.dspace.app.rest;

import java.io.IOException;
import java.sql.SQLException;
import java.util.List;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.dspace.app.rest.converter.ConverterService;
import org.dspace.app.rest.exception.UnprocessableEntityException;
import org.dspace.app.rest.model.GroupRest;
import org.dspace.app.rest.model.hateoas.GroupResource;
import org.dspace.app.rest.repository.CollectionRestRepository;
import org.dspace.app.rest.utils.ContextUtil;
import org.dspace.app.util.AuthorizeUtil;
import org.dspace.authorize.AuthorizeException;
import org.dspace.authorize.service.AuthorizeService;
import org.dspace.content.Collection;
import org.dspace.content.service.CollectionService;
import org.dspace.core.Context;
import org.dspace.eperson.Group;
import org.dspace.workflow.WorkflowService;
import org.dspace.xmlworkflow.WorkflowUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.rest.webmvc.ControllerUtils;
import org.springframework.data.rest.webmvc.ResourceNotFoundException;
import org.springframework.hateoas.RepresentationModel;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/api/core/collections/{uuid:[0-9a-fxA-FX]{8}-[0-9a-fxA-FX]{4}-[0-9a-fxA-FX]{4}-[0-9a-fxA-FX]{4}-[0-9a-fxA-FX]{12}}"})
@RestController
/* loaded from: input_file:org/dspace/app/rest/CollectionGroupRestController.class */
public class CollectionGroupRestController {

    @Autowired
    private CollectionService collectionService;

    @Autowired
    private CollectionRestRepository collectionRestRepository;

    @Autowired
    private ConverterService converterService;

    @Autowired
    private AuthorizeService authorizeService;

    @Autowired
    private WorkflowService workflowService;

    @RequestMapping(method = {RequestMethod.POST}, value = {"/adminGroup"})
    @PreAuthorize("hasPermission(#uuid, 'COLLECTION', 'WRITE')")
    public ResponseEntity<RepresentationModel<?>> postAdminGroup(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws SQLException, AuthorizeException {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Collection find = this.collectionService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("No such collection: " + uuid);
        }
        AuthorizeUtil.authorizeManageAdminGroup(obtainContext, find);
        if (find.getAdministrators() != null) {
            throw new UnprocessableEntityException("The collection with UUID: " + uuid + " already has an admin group");
        }
        GroupRest createAdminGroup = this.collectionRestRepository.createAdminGroup(obtainContext, httpServletRequest, find);
        obtainContext.complete();
        return ControllerUtils.toResponseEntity(HttpStatus.CREATED, new HttpHeaders(), (GroupResource) this.converterService.toResource(createAdminGroup));
    }

    @RequestMapping(method = {RequestMethod.DELETE}, value = {"/adminGroup"})
    @PreAuthorize("hasPermission(#uuid, 'COLLECTION', 'WRITE')")
    public ResponseEntity<RepresentationModel<?>> deleteAdminGroup(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws SQLException, AuthorizeException, IOException {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Collection find = this.collectionService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("No such collection: " + uuid);
        }
        AuthorizeUtil.authorizeManageAdminGroup(obtainContext, find);
        if (find.getAdministrators() == null) {
            throw new UnprocessableEntityException("The collection with UUID: " + uuid + " doesn't have an admin group");
        }
        this.collectionRestRepository.deleteAdminGroup(obtainContext, find);
        obtainContext.complete();
        return ControllerUtils.toEmptyResponse(HttpStatus.NO_CONTENT);
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/submittersGroup"})
    @PreAuthorize("hasPermission(#uuid, 'COLLECTION', 'WRITE')")
    public ResponseEntity<RepresentationModel<?>> postSubmittersGroup(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws SQLException, AuthorizeException {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Collection find = this.collectionService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("No such collection: " + uuid);
        }
        AuthorizeUtil.authorizeManageSubmittersGroup(obtainContext, find);
        if (find.getSubmitters() != null) {
            throw new UnprocessableEntityException("The collection with UUID: " + uuid + " already has a submitter group");
        }
        GroupRest createSubmitterGroup = this.collectionRestRepository.createSubmitterGroup(obtainContext, httpServletRequest, find);
        obtainContext.complete();
        return ControllerUtils.toResponseEntity(HttpStatus.CREATED, new HttpHeaders(), (GroupResource) this.converterService.toResource(createSubmitterGroup));
    }

    @RequestMapping(method = {RequestMethod.DELETE}, value = {"/submittersGroup"})
    @PreAuthorize("hasPermission(#uuid, 'COLLECTION', 'WRITE')")
    public ResponseEntity<RepresentationModel<?>> deleteSubmittersGroup(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws SQLException, AuthorizeException, IOException {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Collection find = this.collectionService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("No such collection: " + uuid);
        }
        AuthorizeUtil.authorizeManageSubmittersGroup(obtainContext, find);
        if (find.getSubmitters() == null) {
            throw new UnprocessableEntityException("The collection with UUID: " + uuid + " doesn't have a submitter group");
        }
        this.collectionRestRepository.deleteSubmitterGroup(obtainContext, find);
        obtainContext.complete();
        return ControllerUtils.toEmptyResponse(HttpStatus.NO_CONTENT);
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/itemReadGroup"})
    @PreAuthorize("hasPermission(#uuid, 'COLLECTION', 'WRITE')")
    public ResponseEntity<RepresentationModel<?>> postItemReadGroup(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws SQLException, AuthorizeException {
        Group group;
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Collection find = this.collectionService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("No such collection: " + uuid);
        }
        AuthorizeUtil.authorizeManageDefaultReadGroup(obtainContext, find);
        List authorizedGroups = this.authorizeService.getAuthorizedGroups(obtainContext, find, 10);
        if (authorizedGroups != null && !authorizedGroups.isEmpty() && (group = (Group) authorizedGroups.get(0)) != null && !StringUtils.equalsIgnoreCase(group.getName(), "Anonymous")) {
            throw new UnprocessableEntityException("Unable to create a new default read group because either the group already exists or multiple groups are assigned the default privileges.");
        }
        GroupRest createItemReadGroup = this.collectionRestRepository.createItemReadGroup(obtainContext, httpServletRequest, find);
        obtainContext.complete();
        return ControllerUtils.toResponseEntity(HttpStatus.CREATED, new HttpHeaders(), (GroupResource) this.converterService.toResource(createItemReadGroup));
    }

    @RequestMapping(method = {RequestMethod.DELETE}, value = {"/itemReadGroup"})
    @PreAuthorize("hasPermission(#uuid, 'COLLECTION', 'WRITE')")
    public ResponseEntity<RepresentationModel<?>> deleteItemReadGroup(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws SQLException, AuthorizeException, IOException {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Collection find = this.collectionService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("No such collection: " + uuid);
        }
        AuthorizeUtil.authorizeManageDefaultReadGroup(obtainContext, find);
        List authorizedGroups = this.authorizeService.getAuthorizedGroups(obtainContext, find, 10);
        if (authorizedGroups == null || authorizedGroups.isEmpty()) {
            throw new UnprocessableEntityException("The collection with UUID: " + uuid + " doesn't have an ItemReadGroup group");
        }
        Group group = (Group) authorizedGroups.get(0);
        if (group == null || StringUtils.equalsIgnoreCase(group.getName(), "Anonymous")) {
            throw new UnprocessableEntityException("Unable to delete the default read group because it's the default");
        }
        this.collectionRestRepository.deleteItemReadGroup(obtainContext, find);
        obtainContext.complete();
        return ControllerUtils.toEmptyResponse(HttpStatus.NO_CONTENT);
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/bitstreamReadGroup"})
    @PreAuthorize("hasPermission(#uuid, 'COLLECTION', 'WRITE')")
    public ResponseEntity<RepresentationModel<?>> postBitstreamReadGroup(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws SQLException, AuthorizeException {
        Group group;
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Collection find = this.collectionService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("No such collection: " + uuid);
        }
        AuthorizeUtil.authorizeManageDefaultReadGroup(obtainContext, find);
        List authorizedGroups = this.authorizeService.getAuthorizedGroups(obtainContext, find, 9);
        if (authorizedGroups != null && !authorizedGroups.isEmpty() && (group = (Group) authorizedGroups.get(0)) != null && !StringUtils.equalsIgnoreCase(group.getName(), "Anonymous")) {
            throw new UnprocessableEntityException("Unable to create a new default read group because either the group already exists or multiple groups are assigned the default privileges.");
        }
        GroupRest createBitstreamReadGroup = this.collectionRestRepository.createBitstreamReadGroup(obtainContext, httpServletRequest, find);
        obtainContext.complete();
        return ControllerUtils.toResponseEntity(HttpStatus.CREATED, new HttpHeaders(), (GroupResource) this.converterService.toResource(createBitstreamReadGroup));
    }

    @RequestMapping(method = {RequestMethod.DELETE}, value = {"/bitstreamReadGroup"})
    @PreAuthorize("hasPermission(#uuid, 'COLLECTION', 'WRITE')")
    public ResponseEntity<RepresentationModel<?>> deleteBitstreamReadGroup(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws SQLException, AuthorizeException, IOException {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Collection find = this.collectionService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("No such collection: " + uuid);
        }
        AuthorizeUtil.authorizeManageDefaultReadGroup(obtainContext, find);
        List authorizedGroups = this.authorizeService.getAuthorizedGroups(obtainContext, find, 9);
        if (authorizedGroups == null || authorizedGroups.isEmpty()) {
            throw new UnprocessableEntityException("The collection with UUID: " + uuid + " doesn't have an BitstreamReadGroup group");
        }
        Group group = (Group) authorizedGroups.get(0);
        if (group == null || StringUtils.equalsIgnoreCase(group.getName(), "Anonymous")) {
            throw new UnprocessableEntityException("Unable to delete the default read group because it's the default");
        }
        this.collectionRestRepository.deleteBitstreamReadGroup(obtainContext, find);
        obtainContext.complete();
        return ControllerUtils.toEmptyResponse(HttpStatus.NO_CONTENT);
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/workflowGroups/{workflowRole}"})
    @PreAuthorize("hasPermission(#uuid, 'COLLECTION', 'READ')")
    public ResponseEntity<RepresentationModel<?>> getWorkflowGroupForRole(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest, @PathVariable String str) throws Exception {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Collection find = this.collectionService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("No such collection: " + uuid);
        }
        AuthorizeUtil.authorizeManageWorkflowsGroup(obtainContext, find);
        GroupRest workflowGroupForRole = this.collectionRestRepository.getWorkflowGroupForRole(obtainContext, find, str);
        if (workflowGroupForRole == null) {
            return ControllerUtils.toEmptyResponse(HttpStatus.NO_CONTENT);
        }
        return ControllerUtils.toResponseEntity(HttpStatus.OK, new HttpHeaders(), (GroupResource) this.converterService.toResource(workflowGroupForRole));
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/workflowGroups/{workflowRole}"})
    @PreAuthorize("hasPermission(#uuid, 'COLLECTION', 'READ')")
    public ResponseEntity<RepresentationModel<?>> postWorkflowGroupForRole(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest, @PathVariable String str) throws Exception {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Collection find = this.collectionService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("No such collection: " + uuid);
        }
        AuthorizeUtil.authorizeManageWorkflowsGroup(obtainContext, find);
        if (WorkflowUtils.getCollectionAndRepositoryRoles(find).get(str) == null) {
            throw new ResourceNotFoundException("Couldn't find role for: " + str + " in the collection with UUID: " + find.getID());
        }
        if (this.workflowService.getWorkflowRoleGroup(obtainContext, find, str, (Group) null) != null) {
            throw new UnprocessableEntityException("WorkflowGroup already exists for the role: " + str + " in collection with UUID: " + find.getID());
        }
        GroupRest createWorkflowGroupForRole = this.collectionRestRepository.createWorkflowGroupForRole(obtainContext, httpServletRequest, find, str);
        obtainContext.complete();
        return ControllerUtils.toResponseEntity(HttpStatus.CREATED, new HttpHeaders(), (GroupResource) this.converterService.toResource(createWorkflowGroupForRole));
    }

    @RequestMapping(method = {RequestMethod.DELETE}, value = {"/workflowGroups/{workflowRole}"})
    @PreAuthorize("hasPermission(#uuid, 'COLLECTION', 'READ')")
    public ResponseEntity<RepresentationModel<?>> deleteWorkflowGroupForRole(@PathVariable UUID uuid, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest, @PathVariable String str) throws Exception {
        Context obtainContext = ContextUtil.obtainContext(httpServletRequest);
        Collection find = this.collectionService.find(obtainContext, uuid);
        if (find == null) {
            throw new ResourceNotFoundException("No such collection: " + uuid);
        }
        AuthorizeUtil.authorizeManageWorkflowsGroup(obtainContext, find);
        this.collectionRestRepository.deleteWorkflowGroupForRole(obtainContext, httpServletRequest, find, str);
        obtainContext.complete();
        return ControllerUtils.toEmptyResponse(HttpStatus.NO_CONTENT);
    }
}
