package net.krotscheck.kangaroo.authz.admin.v1.resource;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.Authorization;
import io.swagger.annotations.AuthorizationScope;
import java.math.BigInteger;
import javax.inject.Inject;
import javax.ws.rs.ClientErrorException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.ForbiddenException;
import javax.ws.rs.GET;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import net.krotscheck.kangaroo.authz.admin.Scope;
import net.krotscheck.kangaroo.authz.admin.v1.auth.ScopesAllowed;
import net.krotscheck.kangaroo.authz.admin.v1.exception.EntityRequiredException;
import net.krotscheck.kangaroo.authz.admin.v1.exception.InvalidEntityPropertyException;
import net.krotscheck.kangaroo.authz.common.database.entity.AbstractAuthzEntity;
import net.krotscheck.kangaroo.authz.common.database.entity.Client;
import net.krotscheck.kangaroo.authz.common.database.entity.ClientRedirect;
import net.krotscheck.kangaroo.authz.common.database.util.SortUtil;
import net.krotscheck.kangaroo.common.hibernate.id.IdUtil;
import net.krotscheck.kangaroo.common.hibernate.transaction.Transactional;
import net.krotscheck.kangaroo.common.response.ListResponseBuilder;
import net.krotscheck.kangaroo.common.response.SortOrder;
import org.apache.lucene.analysis.wikipedia.WikipediaTokenizer;
import org.hibernate.Criteria;
import org.hibernate.Session;
import org.hibernate.criterion.Projections;
import org.hibernate.criterion.Restrictions;

@Transactional
@Api(tags = {"Client"}, authorizations = {@Authorization(value = "Kangaroo", scopes = {@AuthorizationScope(scope = Scope.CLIENT, description = "Modify redirects in one application."), @AuthorizationScope(scope = Scope.CLIENT_ADMIN, description = "Modify redirects in all applications.")})})
@ScopesAllowed({Scope.CLIENT, Scope.CLIENT_ADMIN})
/* loaded from: input_file:net/krotscheck/kangaroo/authz/admin/v1/resource/ClientRedirectService.class */
public final class ClientRedirectService extends AbstractService {
    private final BigInteger clientId;

    @Inject
    public ClientRedirectService(@PathParam("clientId") @ApiParam(type = "string") BigInteger bigInteger) {
        this.clientId = bigInteger;
    }

    @GET
    @Produces({MediaType.APPLICATION_JSON})
    @ApiOperation("Browse client redirects")
    public Response browse(@QueryParam("offset") @DefaultValue("0") int i, @QueryParam("limit") @DefaultValue("10") int i2, @QueryParam("sort") @DefaultValue("createdDate") String str, @QueryParam("order") @DefaultValue("ASC") SortOrder sortOrder) {
        Client client = (Client) getSession().get(Client.class, this.clientId);
        assertCanAccess(client, getAdminScope());
        Criteria projection = getSession().createCriteria(ClientRedirect.class).createAlias("client", WikipediaTokenizer.CATEGORY).add(Restrictions.eq("c.id", client.getId())).setProjection(Projections.rowCount());
        Criteria addOrder = getSession().createCriteria(ClientRedirect.class).createAlias("client", WikipediaTokenizer.CATEGORY).add(Restrictions.eq("c.id", client.getId())).setFirstResult(i).setMaxResults(i2).setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY).addOrder(SortUtil.order(sortOrder, str));
        addOrder.add(Restrictions.eq("c.id", client.getId()));
        projection.add(Restrictions.eq("c.id", client.getId()));
        return ListResponseBuilder.builder().offset(Integer.valueOf(i)).limit(Integer.valueOf(i2)).order(sortOrder).sort(str).total(projection.uniqueResult()).addResult(addOrder.list()).build();
    }

    @GET
    @Path("/{id: [a-f0-9]{32}}")
    @ApiOperation("Read client redirect")
    @Produces({MediaType.APPLICATION_JSON})
    public Response getResource(@PathParam("id") @ApiParam(type = "string") BigInteger bigInteger) {
        Session session = getSession();
        AbstractAuthzEntity abstractAuthzEntity = (Client) session.get(Client.class, this.clientId);
        assertCanAccess(abstractAuthzEntity, getAdminScope());
        ClientRedirect clientRedirect = (ClientRedirect) session.get(ClientRedirect.class, bigInteger);
        if (clientRedirect == null || !clientRedirect.getClient().equals(abstractAuthzEntity)) {
            throw new NotFoundException();
        }
        assertCanAccess(clientRedirect, getAdminScope());
        return Response.ok(clientRedirect).build();
    }

    @POST
    @Consumes({MediaType.APPLICATION_JSON})
    @ApiOperation("Create client redirect")
    public Response createResource(ClientRedirect clientRedirect) {
        Session session = getSession();
        Client client = (Client) session.get(Client.class, this.clientId);
        assertCanAccess(client, getAdminScope());
        if (clientRedirect == null) {
            throw new EntityRequiredException();
        }
        if (clientRedirect.getId() != null) {
            throw new InvalidEntityPropertyException("id");
        }
        if (clientRedirect.getUri() == null) {
            throw new InvalidEntityPropertyException("uri");
        }
        if (Boolean.valueOf(client.getRedirects().stream().map((v0) -> {
            return v0.getUri();
        }).anyMatch(uri -> {
            return uri.equals(clientRedirect.getUri());
        })).booleanValue()) {
            throw new ClientErrorException(Response.Status.CONFLICT);
        }
        clientRedirect.setClient(client);
        client.getRedirects().add(clientRedirect);
        session.update(client);
        session.save(clientRedirect);
        return Response.created(getUriInfo().getAbsolutePathBuilder().path(ClientRedirectService.class, "getResource").build(IdUtil.toString(clientRedirect.getId()))).build();
    }

    @Path("/{id: [a-f0-9]{32}}")
    @Consumes({MediaType.APPLICATION_JSON})
    @ApiOperation("Update client redirect")
    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    public Response updateResource(@PathParam("id") @ApiParam(type = "string") BigInteger bigInteger, ClientRedirect clientRedirect) {
        Session session = getSession();
        Client client = (Client) session.get(Client.class, this.clientId);
        assertCanAccess(client, getAdminScope());
        ClientRedirect clientRedirect2 = (ClientRedirect) session.get(ClientRedirect.class, bigInteger);
        if (clientRedirect2 == null) {
            throw new NotFoundException();
        }
        if (!clientRedirect2.getClient().equals(client)) {
            throw new NotFoundException();
        }
        if (!clientRedirect2.equals(clientRedirect)) {
            throw new InvalidEntityPropertyException("id");
        }
        if (clientRedirect.getUri() == null) {
            throw new InvalidEntityPropertyException("uri");
        }
        if (Boolean.valueOf(client.getRedirects().stream().filter(clientRedirect3 -> {
            return !clientRedirect2.equals(clientRedirect3);
        }).anyMatch(clientRedirect4 -> {
            return clientRedirect4.getUri().equals(clientRedirect.getUri());
        })).booleanValue()) {
            throw new ClientErrorException(Response.Status.CONFLICT);
        }
        clientRedirect2.setUri(clientRedirect.getUri());
        session.update(clientRedirect2);
        return Response.ok(clientRedirect).build();
    }

    @Path("/{id: [a-f0-9]{32}}")
    @DELETE
    @ApiOperation("Delete client redirect")
    public Response deleteResource(@PathParam("id") @ApiParam(type = "string") BigInteger bigInteger) {
        Session session = getSession();
        Client client = (Client) session.get(Client.class, this.clientId);
        assertCanAccess(client, getAdminScope());
        ClientRedirect clientRedirect = (ClientRedirect) session.get(ClientRedirect.class, bigInteger);
        if (clientRedirect == null) {
            throw new NotFoundException();
        }
        if (!clientRedirect.getClient().equals(client)) {
            throw new NotFoundException();
        }
        if (getAdminApplication().equals(client.getApplication())) {
            throw new ForbiddenException();
        }
        client.getRedirects().remove(clientRedirect);
        session.delete(clientRedirect);
        session.update(client);
        return Response.status(Response.Status.RESET_CONTENT).build();
    }

    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractService
    protected String getAdminScope() {
        return Scope.CLIENT_ADMIN;
    }

    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractService
    protected String getAccessScope() {
        return Scope.CLIENT;
    }
}
