package com.terracotta.management.resource.services.validator.impl;

import com.terracotta.management.resource.services.impl.ResourceServiceUtils;
import com.terracotta.management.security.Authorizer;
import com.terracotta.management.user.UserRole;
import java.util.EnumSet;
import java.util.List;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.PathSegment;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import net.sf.ehcache.management.resource.services.validator.AbstractEhcacheRequestValidator;
import org.terracotta.management.resource.services.Utils;

/* loaded from: input_file:WEB-INF/classes/com/terracotta/management/resource/services/validator/impl/AggregateEhcacheRequestValidator.class */
public class AggregateEhcacheRequestValidator extends AbstractEhcacheRequestValidator {
    private final Authorizer authorizer;

    public AggregateEhcacheRequestValidator(Authorizer authorizer) {
        this.authorizer = authorizer;
    }

    @Override // net.sf.ehcache.management.resource.services.validator.AbstractEhcacheRequestValidator, org.terracotta.management.resource.services.validator.RequestValidator
    public void validate(UriInfo uriInfo) {
        if (!this.authorizer.isUserInRole(UserRole.ADMIN)) {
            throw new WebApplicationException(Response.Status.UNAUTHORIZED);
        }
        super.validate(uriInfo);
    }

    @Override // net.sf.ehcache.management.resource.services.validator.AbstractEhcacheRequestValidator, org.terracotta.management.resource.services.validator.RequestValidator
    public void validateSafe(UriInfo uriInfo) {
        if (!this.authorizer.isUserInAnyRole(EnumSet.allOf(UserRole.class))) {
            throw new WebApplicationException(Response.Status.UNAUTHORIZED);
        }
    }

    @Override // net.sf.ehcache.management.resource.services.validator.AbstractEhcacheRequestValidator
    protected void validateAgentSegment(List<PathSegment> list) {
        String first = list.get(0).getMatrixParameters().getFirst(ResourceServiceUtils.AGENT_IDS_KEY);
        if (Utils.trimToNull(first) == null || first.split(",").length > 1) {
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Unsafe requests must specify a single agent id.").build());
        }
    }
}
