package com.atlassian.crowd.plugin.rest.service.resource.usermanagement;

import com.atlassian.annotations.ExperimentalApi;
import com.atlassian.crowd.exception.ApplicationPermissionException;
import com.atlassian.crowd.exception.DirectoryNotFoundException;
import com.atlassian.crowd.exception.GroupNotFoundException;
import com.atlassian.crowd.exception.InvalidCredentialException;
import com.atlassian.crowd.exception.InvalidEmailAddressException;
import com.atlassian.crowd.exception.InvalidUserException;
import com.atlassian.crowd.exception.MembershipAlreadyExistsException;
import com.atlassian.crowd.exception.MembershipNotFoundException;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.exception.UserAlreadyExistsException;
import com.atlassian.crowd.exception.UserNotFoundException;
import com.atlassian.crowd.plugin.rest.entity.ErrorEntity;
import com.atlassian.crowd.plugin.rest.entity.GroupEntity;
import com.atlassian.crowd.plugin.rest.entity.GroupEntityList;
import com.atlassian.crowd.plugin.rest.entity.MultiValuedAttributeEntityList;
import com.atlassian.crowd.plugin.rest.entity.PasswordEntity;
import com.atlassian.crowd.plugin.rest.entity.RenameEntity;
import com.atlassian.crowd.plugin.rest.entity.UserEntity;
import com.atlassian.crowd.plugin.rest.service.controller.UsersController;
import com.atlassian.crowd.plugin.rest.service.resource.AbstractResource;
import com.atlassian.crowd.plugin.rest.util.EntityExpansionUtil;
import com.atlassian.crowd.plugin.rest.util.LinkUriHelper;
import com.atlassian.plugins.rest.common.Link;
import com.atlassian.plugins.rest.common.security.AnonymousAllowed;
import com.google.common.base.Preconditions;
import java.net.URI;
import java.net.URISyntaxException;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.Validate;

@Path("user")
@Consumes({"application/xml", "application/json"})
@Produces({"application/xml", "application/json"})
@AnonymousAllowed
/* loaded from: input_file:com/atlassian/crowd/plugin/rest/service/resource/usermanagement/UsersResource.class */
public class UsersResource extends AbstractResource {
    private static final String USER_NAME_QUERY_PARAM = "username";
    private static final String USER_NAME_NULL_ERROR_MSG = "username query parameter must be given";
    private static final String EMAIL_QUERY_PARAM = "email";
    private static final String EMAIL_NULL_ERROR_MSG = "email query parameter must be given";
    private static final String KEY_QUERY_PARAM = "key";
    private static final String NO_IDENTIFIER_ERROR_MSG = "key or username query parameter must be given";
    private static final String CONFIRM = "confirm";
    private static final String NOT_CONFIRMED_ERROR_MSG = "Must confirm to expire all passwords.";
    private final UsersController usersController;

    public UsersResource(UsersController usersController) {
        this.usersController = usersController;
    }

    @GET
    public Response getUser(@QueryParam("username") String str, @QueryParam("key") String str2) throws UserNotFoundException {
        return Response.ok(getUserEntity(str, str2)).build();
    }

    private Link userLinkTemplate() {
        return LinkUriHelper.buildUserLink(this.uriInfo.getBaseUri(), "");
    }

    private UserEntity getUserEntity(String str, String str2) throws UserNotFoundException {
        if (str != null) {
            return this.usersController.findUserByName(str, userLinkTemplate(), expandAttributes());
        }
        if (str2 != null) {
            return this.usersController.findUserByKey(str2, userLinkTemplate(), expandAttributes());
        }
        throw new IllegalArgumentException(NO_IDENTIFIER_ERROR_MSG);
    }

    @GET
    @Path("id")
    @ExperimentalApi
    public Response getUserByOpenid(@QueryParam("openid") URI uri) throws UserNotFoundException {
        Preconditions.checkArgument(uri != null, "No identifier provided.");
        try {
            if (new URI(this.request.getRequestURL().toString()).resolve("/").relativize(uri).getAuthority() != null) {
                return Response.status(Response.Status.NOT_FOUND).entity("No user associated with that URI.").build();
            }
            String path = uri.getPath();
            if (path.startsWith("/openidserver/users/")) {
                return Response.status(Response.Status.NOT_FOUND).entity("Finding users through OpenID URLs with usernames is not supported.").build();
            }
            if (path.startsWith("/openidserver/v2/u/")) {
                return Response.ok(this.usersController.findUserByKey(StringUtils.removeStart(path, "/openidserver/v2/u/"), LinkUriHelper.buildUserLink(this.uriInfo.getBaseUri(), ""), expandAttributes())).build();
            }
            throw new IllegalArgumentException("Unknown OpenID identifier: " + uri);
        } catch (URISyntaxException e) {
            throw new RuntimeException("Unable to parse the request URL to determine OpenID server base");
        }
    }

    @POST
    public Response addUser(UserEntity userEntity) throws InvalidUserException, InvalidCredentialException, UserNotFoundException, ApplicationPermissionException, OperationFailedException, UserAlreadyExistsException {
        Validate.isTrue(userEntity != null);
        Validate.isTrue(userEntity.getName() != null);
        UserEntity addUser = this.usersController.addUser(userEntity, userLinkTemplate());
        return Response.created(LinkUriHelper.buildUserUri(this.uriInfo.getBaseUri(), addUser.getName())).entity(addUser).build();
    }

    @PUT
    public Response updateUser(@QueryParam("username") String str, UserEntity userEntity) throws InvalidUserException, UserNotFoundException, ApplicationPermissionException, OperationFailedException {
        Validate.notNull(str, USER_NAME_NULL_ERROR_MSG, new Object[0]);
        if (!StringUtils.equalsIgnoreCase(str, userEntity.getName())) {
            throw new IllegalArgumentException("The names of the resource location <" + this.uriInfo.getPath() + "> and object <" + userEntity.getName() + "> are not equal");
        }
        this.usersController.updateUser(userEntity);
        return Response.noContent().build();
    }

    @DELETE
    public Response removeUser(@QueryParam("username") String str) throws UserNotFoundException, ApplicationPermissionException, OperationFailedException {
        Validate.notNull(str, USER_NAME_NULL_ERROR_MSG, new Object[0]);
        this.usersController.removeUser(str);
        return Response.noContent().build();
    }

    @POST
    @Path("rename")
    public Response renameUser(@QueryParam("username") String str, RenameEntity renameEntity) throws InvalidUserException, UserNotFoundException, ApplicationPermissionException, OperationFailedException {
        Preconditions.checkNotNull(str, USER_NAME_NULL_ERROR_MSG);
        return Response.ok(this.usersController.renameUser(str, userLinkTemplate(), renameEntity.getNewName())).build();
    }

    @GET
    @Path("attribute")
    public Response getUserAttributes(@QueryParam("username") String str) throws UserNotFoundException {
        Validate.notNull(str, USER_NAME_NULL_ERROR_MSG, new Object[0]);
        return Response.ok(this.usersController.findUserByName(str, LinkUriHelper.buildUserLink(this.uriInfo.getBaseUri(), str), true).getAttributes()).build();
    }

    @POST
    @Path("attribute")
    public Response storeUserAttributes(@QueryParam("username") String str, MultiValuedAttributeEntityList multiValuedAttributeEntityList) throws UserNotFoundException, ApplicationPermissionException, OperationFailedException {
        Validate.notNull(str, USER_NAME_NULL_ERROR_MSG, new Object[0]);
        this.usersController.storeUserAttributes(str, multiValuedAttributeEntityList);
        return Response.noContent().build();
    }

    @Path("attribute")
    @DELETE
    public Response removeUserAttribute(@QueryParam("username") String str, @QueryParam("attributename") String str2) throws UserNotFoundException, ApplicationPermissionException, OperationFailedException {
        Validate.notNull(str, USER_NAME_NULL_ERROR_MSG, new Object[0]);
        Validate.notNull(str2, "attributename query parameter must be given", new Object[0]);
        this.usersController.removeUserAttribute(str, str2);
        return Response.noContent().build();
    }

    @Path("password")
    @PUT
    public Response updateUserPassword(@QueryParam("username") String str, PasswordEntity passwordEntity) throws InvalidCredentialException, UserNotFoundException, ApplicationPermissionException, OperationFailedException {
        Validate.notNull(str, USER_NAME_NULL_ERROR_MSG, new Object[0]);
        this.usersController.updateUserPassword(str, passwordEntity.getValue());
        return Response.noContent().build();
    }

    @Path("password")
    @DELETE
    public Response deleteUserPassword(@QueryParam("username") String str) throws InvalidCredentialException, UserNotFoundException, ApplicationPermissionException, OperationFailedException {
        Validate.notNull(str, USER_NAME_NULL_ERROR_MSG, new Object[0]);
        this.usersController.clearUserPassword(str);
        return Response.noContent().build();
    }

    @POST
    @Path("mail/password")
    public Response requestPasswordReset(@QueryParam("username") String str) throws InvalidEmailAddressException, UserNotFoundException, ApplicationPermissionException, OperationFailedException {
        Validate.notNull(str, USER_NAME_NULL_ERROR_MSG, new Object[0]);
        this.usersController.requestPasswordReset(str);
        return Response.noContent().build();
    }

    @POST
    @Path("expire-all-passwords")
    @ExperimentalApi
    public Response expireAllPasswords(@QueryParam("confirm") boolean z) throws OperationFailedException {
        Validate.isTrue(z, NOT_CONFIRMED_ERROR_MSG, new Object[0]);
        this.usersController.expireAllPasswords();
        return Response.noContent().build();
    }

    @POST
    @Path("mail/usernames")
    public Response requestUsernamesReminder(@QueryParam("email") String str) throws InvalidEmailAddressException {
        Validate.notNull(str, EMAIL_NULL_ERROR_MSG, new Object[0]);
        return this.usersController.requestUsernames(str) ? Response.noContent().build() : Response.status(Response.Status.NOT_FOUND).build();
    }

    @GET
    @Path("group/direct")
    public Response getDirectGroups(@QueryParam("username") String str, @QueryParam("groupname") String str2, @QueryParam("max-results") @DefaultValue("1000") int i, @QueryParam("start-index") @DefaultValue("0") int i2) throws MembershipNotFoundException, UserNotFoundException {
        Validate.notNull(str, USER_NAME_NULL_ERROR_MSG, new Object[0]);
        return StringUtils.isEmpty(str2) ? Response.ok(this.usersController.getDirectGroups(str, expandGroups(), expandAttributes(), i, i2, getBaseUri())).build() : Response.ok(this.usersController.getDirectGroup(str, str2, getBaseUri())).build();
    }

    @POST
    @Path("group/direct")
    public Response addUserToGroup(@QueryParam("username") String str, GroupEntity groupEntity) throws UserNotFoundException, ApplicationPermissionException, OperationFailedException, MembershipAlreadyExistsException {
        Validate.notNull(str, USER_NAME_NULL_ERROR_MSG, new Object[0]);
        try {
            this.usersController.addUserToGroup(str, groupEntity.getName());
            return Response.created(LinkUriHelper.buildDirectParentGroupOfUserUri(getBaseUri(), str, groupEntity.getName())).build();
        } catch (GroupNotFoundException e) {
            return Response.status(Response.Status.BAD_REQUEST).entity(new ErrorEntity(ErrorEntity.ErrorReason.of(e), e.getMessage())).build();
        }
    }

    @Path("group/direct")
    @DELETE
    public Response removeUserFromGroup(@QueryParam("username") String str, @QueryParam("groupname") String str2) throws GroupNotFoundException, MembershipNotFoundException, UserNotFoundException, ApplicationPermissionException, OperationFailedException {
        this.usersController.removeUserFromGroup(str, str2);
        return Response.noContent().build();
    }

    @GET
    @Path("group/nested")
    public Response getNestedGroups(@QueryParam("username") String str, @QueryParam("groupname") String str2, @QueryParam("max-results") @DefaultValue("1000") int i, @QueryParam("start-index") @DefaultValue("0") int i2) throws MembershipNotFoundException, UserNotFoundException {
        Validate.notNull(str, USER_NAME_NULL_ERROR_MSG, new Object[0]);
        return StringUtils.isEmpty(str2) ? Response.ok(this.usersController.getNestedGroups(str, expandGroups(), i, i2, getBaseUri())).build() : Response.ok(this.usersController.getNestedGroup(str, str2, getBaseUri())).build();
    }

    private boolean expandAttributes() {
        return EntityExpansionUtil.shouldExpandField(UserEntity.class, "attributes", this.request);
    }

    private boolean expandGroups() {
        return EntityExpansionUtil.shouldExpandField(GroupEntityList.class, GroupEntityList.GROUP_LIST_FIELD_NAME, this.request);
    }

    @GET
    @Path("avatar")
    @ExperimentalApi
    public Response getAvatarForUser(@QueryParam("username") String str, @QueryParam("s") @DefaultValue("128") int i) throws UserNotFoundException, DirectoryNotFoundException, OperationFailedException {
        if (str == null) {
            throw new UserNotFoundException("");
        }
        if (i <= 0 || i >= 2048) {
            throw new IllegalArgumentException("Size must be at least 1 and less than 2048 pixels");
        }
        URI avatarForUser = this.usersController.getAvatarForUser(str, i);
        if (avatarForUser == null) {
            return Response.status(Response.Status.NOT_FOUND).entity("No avatar of " + i + " found for " + str).build();
        }
        try {
            URI resolve = absoluteContextPathUrl(this.request).resolve(avatarForUser);
            return Response.seeOther(resolve).type(MediaType.TEXT_PLAIN_TYPE).entity("This avatar can be found at " + resolve + "\n").build();
        } catch (URISyntaxException e) {
            throw new IllegalArgumentException(e);
        }
    }

    static URI absoluteContextPathUrl(HttpServletRequest httpServletRequest) throws URISyntaxException {
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        requestURL.setLength(requestURL.length() - (httpServletRequest.getRequestURI().length() - httpServletRequest.getContextPath().length()));
        return new URI(requestURL.toString() + "/");
    }
}
