package org.apache.nifi.registry.web.api;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.Authorization;
import io.swagger.annotations.Extension;
import io.swagger.annotations.ExtensionProperty;
import java.net.URI;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.nifi.registry.authorization.User;
import org.apache.nifi.registry.authorization.UserGroup;
import org.apache.nifi.registry.event.EventFactory;
import org.apache.nifi.registry.event.EventService;
import org.apache.nifi.registry.revision.web.ClientIdParameter;
import org.apache.nifi.registry.revision.web.LongParameter;
import org.apache.nifi.registry.web.service.ServiceFacade;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader;
import org.springframework.stereotype.Component;

@Api(value = "tenants", description = "Endpoint for managing users and user groups.", authorizations = {@Authorization("Authorization")})
@Path("tenants")
@Component
/* loaded from: input_file:WEB-INF/classes/org/apache/nifi/registry/web/api/TenantResource.class */
public class TenantResource extends ApplicationResource {
    @Autowired
    public TenantResource(ServiceFacade serviceFacade, EventService eventService) {
        super(serviceFacade, eventService);
    }

    @ApiResponses({@ApiResponse(code = 400, message = "NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "NiFi Registry was unable to complete the request because it assumes a server state that is not valid.")})
    @Path("users")
    @Consumes({"application/json"})
    @ApiOperation(value = "Create user", notes = ApplicationResource.NON_GUARANTEED_ENDPOINT, response = User.class, extensions = {@Extension(name = "access-policy", properties = {@ExtensionProperty(name = "action", value = "write"), @ExtensionProperty(name = DefaultBeanDefinitionDocumentReader.RESOURCE_ATTRIBUTE, value = "/tenants")})})
    @POST
    @Produces({"application/json"})
    public Response createUser(@Context HttpServletRequest httpServletRequest, @ApiParam(value = "The user configuration details.", required = true) User user) {
        User createUser = this.serviceFacade.createUser(user);
        publish(EventFactory.userCreated(createUser));
        return generateCreatedResponse(URI.create(generateUserUri(createUser)), createUser).build();
    }

    @GET
    @ApiResponses({@ApiResponse(code = 400, message = "NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 409, message = "NiFi Registry was unable to complete the request because it assumes a server state that is not valid.")})
    @Path("users")
    @Consumes({"*/*"})
    @ApiOperation(value = "Get all users", notes = ApplicationResource.NON_GUARANTEED_ENDPOINT, response = User.class, responseContainer = "List", extensions = {@Extension(name = "access-policy", properties = {@ExtensionProperty(name = "action", value = "read"), @ExtensionProperty(name = DefaultBeanDefinitionDocumentReader.RESOURCE_ATTRIBUTE, value = "/tenants")})})
    @Produces({"application/json"})
    public Response getUsers() {
        return generateOkResponse(this.serviceFacade.getUsers()).build();
    }

    @GET
    @ApiResponses({@ApiResponse(code = 400, message = "NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "NiFi Registry was unable to complete the request because it assumes a server state that is not valid.")})
    @Path("users/{id}")
    @Consumes({"*/*"})
    @ApiOperation(value = "Get user", notes = ApplicationResource.NON_GUARANTEED_ENDPOINT, response = User.class, extensions = {@Extension(name = "access-policy", properties = {@ExtensionProperty(name = "action", value = "read"), @ExtensionProperty(name = DefaultBeanDefinitionDocumentReader.RESOURCE_ATTRIBUTE, value = "/tenants")})})
    @Produces({"application/json"})
    public Response getUser(@PathParam("id") @ApiParam(value = "The user id.", required = true) String str) {
        return generateOkResponse(this.serviceFacade.getUser(str)).build();
    }

    @ApiResponses({@ApiResponse(code = 400, message = "NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "NiFi Registry was unable to complete the request because it assumes a server state that is not valid.")})
    @Path("users/{id}")
    @Consumes({"application/json"})
    @ApiOperation(value = "Update user", notes = ApplicationResource.NON_GUARANTEED_ENDPOINT, response = User.class, extensions = {@Extension(name = "access-policy", properties = {@ExtensionProperty(name = "action", value = "write"), @ExtensionProperty(name = DefaultBeanDefinitionDocumentReader.RESOURCE_ATTRIBUTE, value = "/tenants")})})
    @Produces({"application/json"})
    @PUT
    public Response updateUser(@Context HttpServletRequest httpServletRequest, @PathParam("id") @ApiParam(value = "The user id.", required = true) String str, @ApiParam(value = "The user configuration details.", required = true) User user) {
        if (user == null) {
            throw new IllegalArgumentException("User details must be specified when updating a user.");
        }
        if (!str.equals(user.getIdentifier())) {
            throw new IllegalArgumentException(String.format("The user id in the request body (%s) does not equal the user id of the requested resource (%s).", user.getIdentifier(), str));
        }
        User updateUser = this.serviceFacade.updateUser(user);
        publish(EventFactory.userUpdated(updateUser));
        return generateOkResponse(updateUser).build();
    }

    @ApiResponses({@ApiResponse(code = 400, message = "NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "NiFi Registry was unable to complete the request because it assumes a server state that is not valid.")})
    @Path("users/{id}")
    @Consumes({"*/*"})
    @DELETE
    @ApiOperation(value = "Delete user", notes = ApplicationResource.NON_GUARANTEED_ENDPOINT, response = User.class, extensions = {@Extension(name = "access-policy", properties = {@ExtensionProperty(name = "action", value = "delete"), @ExtensionProperty(name = DefaultBeanDefinitionDocumentReader.RESOURCE_ATTRIBUTE, value = "/tenants")})})
    @Produces({"application/json"})
    public Response removeUser(@Context HttpServletRequest httpServletRequest, @QueryParam("version") @ApiParam(value = "The version is used to verify the client is working with the latest version of the entity.", required = true) LongParameter longParameter, @QueryParam("clientId") @ApiParam("If the client id is not specified, new one will be generated. This value (whether specified or generated) is included in the response.") @DefaultValue("") ClientIdParameter clientIdParameter, @PathParam("id") @ApiParam(value = "The user id.", required = true) String str) {
        User deleteUser = this.serviceFacade.deleteUser(str, getRevisionInfo(longParameter, clientIdParameter));
        publish(EventFactory.userDeleted(deleteUser));
        return generateOkResponse(deleteUser).build();
    }

    @ApiResponses({@ApiResponse(code = 400, message = "NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "NiFi Registry was unable to complete the request because it assumes a server state that is not valid.")})
    @Path("user-groups")
    @Consumes({"application/json"})
    @ApiOperation(value = "Create user group", notes = ApplicationResource.NON_GUARANTEED_ENDPOINT, response = UserGroup.class, extensions = {@Extension(name = "access-policy", properties = {@ExtensionProperty(name = "action", value = "write"), @ExtensionProperty(name = DefaultBeanDefinitionDocumentReader.RESOURCE_ATTRIBUTE, value = "/tenants")})})
    @POST
    @Produces({"application/json"})
    public Response createUserGroup(@Context HttpServletRequest httpServletRequest, @ApiParam(value = "The user group configuration details.", required = true) UserGroup userGroup) {
        UserGroup createUserGroup = this.serviceFacade.createUserGroup(userGroup);
        publish(EventFactory.userGroupCreated(createUserGroup));
        return generateCreatedResponse(URI.create(generateUserGroupUri(createUserGroup)), createUserGroup).build();
    }

    @GET
    @ApiResponses({@ApiResponse(code = 400, message = "NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "NiFi Registry was unable to complete the request because it assumes a server state that is not valid.")})
    @Path("user-groups")
    @Consumes({"*/*"})
    @ApiOperation(value = "Get user groups", notes = ApplicationResource.NON_GUARANTEED_ENDPOINT, response = UserGroup.class, responseContainer = "List", extensions = {@Extension(name = "access-policy", properties = {@ExtensionProperty(name = "action", value = "read"), @ExtensionProperty(name = DefaultBeanDefinitionDocumentReader.RESOURCE_ATTRIBUTE, value = "/tenants")})})
    @Produces({"application/json"})
    public Response getUserGroups() {
        return generateOkResponse(this.serviceFacade.getUserGroups()).build();
    }

    @GET
    @ApiResponses({@ApiResponse(code = 400, message = "NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "NiFi Registry was unable to complete the request because it assumes a server state that is not valid.")})
    @Path("user-groups/{id}")
    @Consumes({"*/*"})
    @ApiOperation(value = "Get user group", notes = ApplicationResource.NON_GUARANTEED_ENDPOINT, response = UserGroup.class, extensions = {@Extension(name = "access-policy", properties = {@ExtensionProperty(name = "action", value = "read"), @ExtensionProperty(name = DefaultBeanDefinitionDocumentReader.RESOURCE_ATTRIBUTE, value = "/tenants")})})
    @Produces({"application/json"})
    public Response getUserGroup(@PathParam("id") @ApiParam(value = "The user group id.", required = true) String str) {
        return generateOkResponse(this.serviceFacade.getUserGroup(str)).build();
    }

    @ApiResponses({@ApiResponse(code = 400, message = "NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "NiFi Registry was unable to complete the request because it assumes a server state that is not valid.")})
    @Path("user-groups/{id}")
    @Consumes({"application/json"})
    @ApiOperation(value = "Update user group", notes = ApplicationResource.NON_GUARANTEED_ENDPOINT, response = UserGroup.class, extensions = {@Extension(name = "access-policy", properties = {@ExtensionProperty(name = "action", value = "write"), @ExtensionProperty(name = DefaultBeanDefinitionDocumentReader.RESOURCE_ATTRIBUTE, value = "/tenants")})})
    @Produces({"application/json"})
    @PUT
    public Response updateUserGroup(@Context HttpServletRequest httpServletRequest, @PathParam("id") @ApiParam(value = "The user group id.", required = true) String str, @ApiParam(value = "The user group configuration details.", required = true) UserGroup userGroup) {
        if (userGroup == null) {
            throw new IllegalArgumentException("User group details must be specified to update a user group.");
        }
        if (!str.equals(userGroup.getIdentifier())) {
            throw new IllegalArgumentException(String.format("The user group id in the request body (%s) does not equal the user group id of the requested resource (%s).", userGroup.getIdentifier(), str));
        }
        UserGroup updateUserGroup = this.serviceFacade.updateUserGroup(userGroup);
        publish(EventFactory.userGroupUpdated(updateUserGroup));
        return generateOkResponse(updateUserGroup).build();
    }

    @ApiResponses({@ApiResponse(code = 400, message = "NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "NiFi Registry was unable to complete the request because it assumes a server state that is not valid.")})
    @Path("user-groups/{id}")
    @Consumes({"*/*"})
    @DELETE
    @ApiOperation(value = "Delete user group", notes = ApplicationResource.NON_GUARANTEED_ENDPOINT, response = UserGroup.class, extensions = {@Extension(name = "access-policy", properties = {@ExtensionProperty(name = "action", value = "delete"), @ExtensionProperty(name = DefaultBeanDefinitionDocumentReader.RESOURCE_ATTRIBUTE, value = "/tenants")})})
    @Produces({"application/json"})
    public Response removeUserGroup(@Context HttpServletRequest httpServletRequest, @QueryParam("version") @ApiParam(value = "The version is used to verify the client is working with the latest version of the entity.", required = true) LongParameter longParameter, @QueryParam("clientId") @ApiParam("If the client id is not specified, new one will be generated. This value (whether specified or generated) is included in the response.") @DefaultValue("") ClientIdParameter clientIdParameter, @PathParam("id") @ApiParam(value = "The user group id.", required = true) String str) {
        UserGroup deleteUserGroup = this.serviceFacade.deleteUserGroup(str, getRevisionInfo(longParameter, clientIdParameter));
        publish(EventFactory.userGroupDeleted(deleteUserGroup));
        return generateOkResponse(deleteUserGroup).build();
    }

    private String generateUserUri(User user) {
        return generateResourceUri("tenants", "users", user.getIdentifier());
    }

    private String generateUserGroupUri(UserGroup userGroup) {
        return generateResourceUri("tenants", "user-groups", userGroup.getIdentifier());
    }
}
