package co.cask.cdap.security.authorization;

import co.cask.cdap.api.dataset.lib.ACLTable;
import co.cask.cdap.api.security.ACL;
import co.cask.cdap.api.security.EntityId;
import co.cask.cdap.api.security.EntityType;
import co.cask.cdap.api.security.PermissionType;
import co.cask.cdap.api.security.Principal;
import co.cask.cdap.api.security.PrincipalType;
import co.cask.cdap.api.security.Principals;
import co.cask.http.AbstractHttpHandler;
import co.cask.http.HttpResponder;
import com.google.common.base.Charsets;
import com.google.common.collect.Lists;
import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import java.lang.reflect.Type;
import java.util.ArrayList;
import java.util.List;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import org.jboss.netty.handler.codec.http.HttpRequest;
import org.jboss.netty.handler.codec.http.HttpResponseStatus;

@Path("/v2")
/* loaded from: input_file:co/cask/cdap/security/authorization/ACLHandler.class */
public final class ACLHandler extends AbstractHttpHandler {
    private static final Gson GSON = new Gson();
    private static final Type LIST_ACL_TYPE = new TypeToken<List<ACL>>() { // from class: co.cask.cdap.security.authorization.ACLHandler.1
    }.getType();
    private static final Type LIST_PERMISSION_TYPE = new TypeToken<List<PermissionType>>() { // from class: co.cask.cdap.security.authorization.ACLHandler.2
    }.getType();
    private final ACLTable aclTable;

    public ACLHandler(ACLTable aCLTable) {
        this.aclTable = aCLTable;
    }

    @GET
    @Path("/admin/acls/{entity-type}/{entity-id}")
    public void listByEntity(HttpRequest httpRequest, HttpResponder httpResponder, @PathParam("entity-type") String str, @PathParam("entity-id") String str2) {
        if (!entityExists(str, str2)) {
            httpResponder.sendStatus(HttpResponseStatus.NOT_FOUND);
        } else {
            httpResponder.sendJson(HttpResponseStatus.OK, this.aclTable.getAcls(new EntityId(EntityType.fromPluralForm(str), str2)), LIST_ACL_TYPE);
        }
    }

    @GET
    @Path("/admin/acls/{entity-type}/{entity-id}/user/{user-id}")
    public void listByEntityAndUser(HttpRequest httpRequest, HttpResponder httpResponder, @PathParam("entity-type") String str, @PathParam("entity-id") String str2, @PathParam("user-id") String str3) {
        if (!entityExists(str, str2) || !userExists(str3)) {
            httpResponder.sendStatus(HttpResponseStatus.NOT_FOUND);
            return;
        }
        EntityId entityId = new EntityId(EntityType.fromPluralForm(str), str2);
        ArrayList newArrayList = Lists.newArrayList();
        List acls = this.aclTable.getAcls(entityId, new Principal[]{new Principal(PrincipalType.USER, str3)});
        if (acls.isEmpty()) {
            newArrayList.addAll(this.aclTable.getAcls(entityId, Principals.fromIds(PrincipalType.GROUP, Lists.newArrayList())));
        } else {
            newArrayList.addAll(acls);
        }
        httpResponder.sendJson(HttpResponseStatus.OK, newArrayList, LIST_ACL_TYPE);
    }

    @Path("/admin/acls/{entity-type}/{entity-id}/user/{user-id}")
    @PUT
    public void setAclForUser(HttpRequest httpRequest, HttpResponder httpResponder, @PathParam("entity-type") String str, @PathParam("entity-id") String str2, @PathParam("user-id") String str3) {
        if (!entityExists(str, str2) || !userExists(str3)) {
            httpResponder.sendStatus(HttpResponseStatus.NOT_FOUND);
            return;
        }
        this.aclTable.setAcl(new Principal(PrincipalType.USER, str3), new EntityId(EntityType.fromPluralForm(str), str2), (List) GSON.fromJson(httpRequest.getContent().toString(Charsets.UTF_8), LIST_PERMISSION_TYPE));
        httpResponder.sendStatus(HttpResponseStatus.OK);
    }

    @Path("/admin/acls/{entity-type}/{entity-id}/group/{group-id}")
    @PUT
    public void setAclForGroup(HttpRequest httpRequest, HttpResponder httpResponder, @PathParam("entity-type") String str, @PathParam("entity-id") String str2, @PathParam("group-id") String str3) {
        if (!entityExists(str, str2) || !groupExists(str3)) {
            httpResponder.sendStatus(HttpResponseStatus.NOT_FOUND);
            return;
        }
        this.aclTable.setAcl(new Principal(PrincipalType.GROUP, str3), new EntityId(EntityType.fromPluralForm(str), str2), (List) GSON.fromJson(httpRequest.getContent().toString(Charsets.UTF_8), LIST_PERMISSION_TYPE));
        httpResponder.sendStatus(HttpResponseStatus.OK);
    }

    private boolean groupExists(String str) {
        return true;
    }

    private boolean userExists(String str) {
        return true;
    }

    private boolean entityExists(String str, String str2) {
        try {
            new EntityId(EntityType.fromPluralForm(str), str2);
            return true;
        } catch (IllegalArgumentException e) {
            return false;
        }
    }
}
