package net.unit8.bouncr.api.resource;

import enkan.collection.Parameters;
import enkan.component.BeansConverter;
import enkan.data.HttpRequest;
import enkan.security.bouncr.UserPermissionPrincipal;
import enkan.util.ThreadingUtils;
import enkan.util.jpa.EntityTransactionManager;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import javax.inject.Inject;
import javax.persistence.EntityGraph;
import javax.persistence.EntityManager;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.Root;
import kotowari.restful.Decision;
import kotowari.restful.DecisionPoint;
import kotowari.restful.component.BeansValidator;
import kotowari.restful.data.Problem;
import kotowari.restful.data.RestContext;
import kotowari.restful.resource.AllowedMethods;
import net.unit8.apistandard.resourcefilter.ResourceFilter;
import net.unit8.bouncr.api.boundary.ApplicationCreateRequest;
import net.unit8.bouncr.api.boundary.ApplicationSearchParams;
import net.unit8.bouncr.entity.Application;

@AllowedMethods({"GET", "POST"})
/* loaded from: input_file:net/unit8/bouncr/api/resource/ApplicationsResource.class */
public class ApplicationsResource {

    @Inject
    private BeansConverter converter;

    @Inject
    private BeansValidator validator;

    @Decision(DecisionPoint.AUTHORIZED)
    public boolean isAuthorized(UserPermissionPrincipal userPermissionPrincipal) {
        return userPermissionPrincipal != null;
    }

    @Decision(value = DecisionPoint.ALLOWED, method = {"GET"})
    public boolean isGetAllowed(UserPermissionPrincipal userPermissionPrincipal, HttpRequest httpRequest) {
        return Optional.ofNullable(userPermissionPrincipal).filter(userPermissionPrincipal2 -> {
            return userPermissionPrincipal2.hasPermission("application:read") || userPermissionPrincipal2.hasPermission("any_application:read");
        }).isPresent();
    }

    @Decision(value = DecisionPoint.ALLOWED, method = {"POST"})
    public boolean isPostAllowed(UserPermissionPrincipal userPermissionPrincipal, HttpRequest httpRequest) {
        return Optional.ofNullable(userPermissionPrincipal).filter(userPermissionPrincipal2 -> {
            return userPermissionPrincipal2.hasPermission("any_application:create");
        }).isPresent();
    }

    @Decision(value = DecisionPoint.MALFORMED, method = {"POST"})
    public Problem validateApplicationCreateRequest(ApplicationCreateRequest applicationCreateRequest, RestContext restContext) {
        Set validate = this.validator.validate(applicationCreateRequest);
        if (validate.isEmpty()) {
            return null;
        }
        return Problem.fromViolations(validate);
    }

    @Decision(value = DecisionPoint.MALFORMED, method = {"GET"})
    public Problem validateApplicationSearchParams(Parameters parameters, RestContext restContext) {
        ApplicationSearchParams applicationSearchParams = (ApplicationSearchParams) this.converter.createFrom(parameters, ApplicationSearchParams.class);
        Set validate = this.validator.validate(applicationSearchParams);
        if (validate.isEmpty()) {
            restContext.putValue(applicationSearchParams);
        }
        if (validate.isEmpty()) {
            return null;
        }
        return Problem.fromViolations(validate);
    }

    @Decision(value = DecisionPoint.CONFLICT, method = {"POST"})
    public boolean isConflict(ApplicationCreateRequest applicationCreateRequest, EntityManager entityManager) {
        CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
        CriteriaQuery createQuery = criteriaBuilder.createQuery(Application.class);
        createQuery.where(criteriaBuilder.equal(createQuery.from(Application.class).get("name"), applicationCreateRequest.getName()));
        return !entityManager.createQuery(createQuery).getResultList().isEmpty();
    }

    @Decision(DecisionPoint.POST)
    public Application create(ApplicationCreateRequest applicationCreateRequest, EntityManager entityManager) {
        Application application = (Application) this.converter.createFrom(applicationCreateRequest, Application.class);
        application.setWriteProtected(false);
        new EntityTransactionManager(entityManager).required(() -> {
            entityManager.persist(application);
        });
        entityManager.detach(application);
        return application;
    }

    @Decision(DecisionPoint.HANDLE_OK)
    public List<Application> handleOk(ApplicationSearchParams applicationSearchParams, UserPermissionPrincipal userPermissionPrincipal, EntityManager entityManager) {
        CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
        CriteriaQuery createQuery = criteriaBuilder.createQuery(Application.class);
        Root from = createQuery.from(Application.class);
        if (!userPermissionPrincipal.hasPermission("any_application:read")) {
            createQuery.where(criteriaBuilder.equal(from.join("realms").join("assignments").join("group").join("users").get("id"), userPermissionPrincipal.getId()));
        }
        List list = (List) ThreadingUtils.some(applicationSearchParams.getEmbed(), str -> {
            return new ResourceFilter().parse(str);
        }).orElse(Collections.emptyList());
        EntityGraph createEntityGraph = entityManager.createEntityGraph(Application.class);
        createEntityGraph.addAttributeNodes(new String[]{"name", "description", "passTo", "virtualPath", "topPage", "writeProtected"});
        if (list.stream().anyMatch(resourceField -> {
            return resourceField.getName().equalsIgnoreCase("realms");
        })) {
            createEntityGraph.addAttributeNodes(new String[]{"realms"});
            createEntityGraph.addSubgraph("realms").addAttributeNodes(new String[]{"name", "description", "url"});
        }
        return entityManager.createQuery(createQuery).setHint("javax.persistence.fetchgraph", createEntityGraph).setFirstResult(applicationSearchParams.getOffset().intValue()).setMaxResults(applicationSearchParams.getLimit().intValue()).getResultList();
    }
}
