package org.yamcs.web.rest;

import java.io.IOException;
import java.util.regex.Pattern;
import org.yamcs.security.ObjectPrivilegeType;
import org.yamcs.security.SystemPrivilege;
import org.yamcs.security.User;
import org.yamcs.web.BadRequestException;
import org.yamcs.web.ForbiddenException;
import org.yamcs.web.HttpException;
import org.yamcs.web.InternalServerErrorException;
import org.yamcs.web.NotFoundException;
import org.yamcs.web.websocket.InstanceResource;
import org.yamcs.yarch.Bucket;
import org.yamcs.yarch.YarchDatabase;
import org.yamcs.yarch.YarchDatabaseInstance;

/* loaded from: input_file:org/yamcs/web/rest/BucketHelper.class */
public class BucketHelper {
    static String BUCKET_NAME_PARAM = "bucketName";
    static String OBJECT_NAME_PARAM = "objectName";
    static final Pattern BUCKET_NAME_REGEXP = Pattern.compile("\\w+");
    static final Pattern OBJ_NAME_REGEXP = Pattern.compile("[ \\w\\s\\-\\./]+");

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void checkReadBucketPrivilege(RestRequest restRequest) throws HttpException {
        checkReadBucketPrivilege(restRequest.getRouteParam(BUCKET_NAME_PARAM), restRequest.getUser());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void checkReadBucketPrivilege(String str, User user) throws HttpException {
        if (!str.equals(getUserBucketName(user)) && !user.hasObjectPrivilege(ObjectPrivilegeType.ReadBucket, str) && !user.hasObjectPrivilege(ObjectPrivilegeType.ManageBucket, str) && !user.hasSystemPrivilege(SystemPrivilege.ManageAnyBucket)) {
            throw new ForbiddenException("Insufficient privileges to read bucket '" + str + "'");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void checkManageBucketPrivilege(RestRequest restRequest) throws HttpException {
        String routeParam = restRequest.getRouteParam(BUCKET_NAME_PARAM);
        if (!routeParam.equals(getUserBucketName(restRequest.getUser())) && !restRequest.getUser().hasObjectPrivilege(ObjectPrivilegeType.ManageBucket, routeParam) && !restRequest.getUser().hasSystemPrivilege(SystemPrivilege.ManageAnyBucket)) {
            throw new ForbiddenException("Insufficient privileges to manage bucket '" + routeParam + "'");
        }
    }

    static String getUserBucketName(User user) {
        return "user." + user.getUsername();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Bucket verifyAndGetBucket(RestRequest restRequest) throws HttpException {
        YarchDatabaseInstance yarch = getYarch(restRequest);
        String routeParam = restRequest.getRouteParam("bucketName");
        try {
            Bucket bucket = yarch.getBucket(routeParam);
            if (bucket == null) {
                if (routeParam.equals(getUserBucketName(restRequest.getUser()))) {
                    try {
                        bucket = yarch.createBucket(routeParam);
                    } catch (IOException e) {
                        throw new InternalServerErrorException("Error creating user bucket", e);
                    }
                } else {
                    if (!routeParam.equals("displays")) {
                        throw new NotFoundException(restRequest);
                    }
                    try {
                        bucket = yarch.createBucket(routeParam);
                    } catch (IOException e2) {
                        throw new InternalServerErrorException("Error creating displays bucket", e2);
                    }
                }
            }
            return bucket;
        } catch (IOException e3) {
            throw new InternalServerErrorException("Error while resolving bucket", e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static YarchDatabaseInstance getYarch(RestRequest restRequest) throws HttpException {
        return YarchDatabase.getInstance(RestHandler.verifyInstance(restRequest, restRequest.getRouteParam(InstanceResource.RESOURCE_NAME), true));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void verifyObjectName(String str) throws BadRequestException {
        if (str == null) {
            throw new BadRequestException("No object name specified");
        }
        if (!OBJ_NAME_REGEXP.matcher(str).matches()) {
            throw new BadRequestException("Invalid object name specified");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void verifyBucketName(String str) throws BadRequestException {
        if (str == null) {
            throw new BadRequestException("No bucketName specified");
        }
        if (!BUCKET_NAME_REGEXP.matcher(str).matches()) {
            throw new BadRequestException("Invalid bucket name specified");
        }
    }
}
