package org.pentaho.platform.web.http.api.resources;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.pentaho.platform.api.engine.IAuthorizationPolicy;
import org.pentaho.platform.api.engine.IUserRoleListService;
import org.pentaho.platform.engine.core.system.PentahoSessionHolder;
import org.pentaho.platform.engine.core.system.PentahoSystem;

@Path("/userrolelist/")
/* loaded from: input_file:org/pentaho/platform/web/http/api/resources/UserRoleListResource.class */
public class UserRoleListResource extends AbstractJaxRSResource {
    private ArrayList<String> systemRoles;
    private String adminRole;
    private ArrayList<String> extraRoles;

    public UserRoleListResource() {
        this((ArrayList) PentahoSystem.get(ArrayList.class, "singleTenantSystemAuthorities", PentahoSessionHolder.getSession()), (String) PentahoSystem.get(String.class, "singleTenantAdminAuthorityName", PentahoSessionHolder.getSession()), (ArrayList) PentahoSystem.get(ArrayList.class, "extraSystemAuthorities", PentahoSessionHolder.getSession()));
    }

    public UserRoleListResource(ArrayList<String> arrayList, String str, ArrayList<String> arrayList2) {
        this.systemRoles = arrayList;
        this.adminRole = str;
        this.extraRoles = arrayList2;
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/permission-users")
    public UserListWrapper getPermissionUsers() throws Exception {
        return getUsers();
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/permission-roles")
    public RoleListWrapper getPermissionRoles() throws Exception {
        List allRoles = ((IUserRoleListService) PentahoSystem.get(IUserRoleListService.class)).getAllRoles();
        if (allRoles.contains(this.adminRole)) {
            allRoles.remove(this.adminRole);
        }
        Iterator<String> it = this.extraRoles.iterator();
        while (it.hasNext()) {
            String next = it.next();
            if (!allRoles.contains(next)) {
                allRoles.add(next);
            }
        }
        return new RoleListWrapper((Collection<String>) allRoles);
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/users")
    public UserListWrapper getUsers() throws Exception {
        return new UserListWrapper((Collection<String>) ((IUserRoleListService) PentahoSystem.get(IUserRoleListService.class)).getAllUsers());
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/roles")
    public RoleListWrapper getRoles() throws Exception {
        return new RoleListWrapper((Collection<String>) ((IUserRoleListService) PentahoSystem.get(IUserRoleListService.class)).getAllRoles());
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/allRoles")
    public RoleListWrapper getAllRoles() throws Exception {
        List allRoles = ((IUserRoleListService) PentahoSystem.get(IUserRoleListService.class)).getAllRoles();
        allRoles.addAll(this.extraRoles);
        return new RoleListWrapper((Collection<String>) allRoles);
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/systemRoles")
    public RoleListWrapper getSystemRoles() throws Exception {
        return new RoleListWrapper((Collection<String>) this.systemRoles);
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/extraRoles")
    public RoleListWrapper getExtraRoles() throws Exception {
        return new RoleListWrapper((Collection<String>) this.extraRoles);
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/getRolesForUser")
    public Response getRolesForUser(@QueryParam("user") String str) throws Exception {
        if (!canAdminister()) {
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        try {
            return Response.ok(SystemResourceUtil.getRolesForUser(str).asXML()).type("application/xml").build();
        } catch (Throwable th) {
            throw new WebApplicationException(th);
        }
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/getUsersInRole")
    public Response getUsersInRole(@QueryParam("role") String str) throws Exception {
        if (!canAdminister()) {
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        try {
            return Response.ok(SystemResourceUtil.getUsersInRole(str).asXML()).type("application/xml").build();
        } catch (Throwable th) {
            throw new WebApplicationException(th);
        }
    }

    private boolean canAdminister() {
        IAuthorizationPolicy iAuthorizationPolicy = (IAuthorizationPolicy) PentahoSystem.get(IAuthorizationPolicy.class);
        return iAuthorizationPolicy.isAllowed("org.pentaho.repository.read") && iAuthorizationPolicy.isAllowed("org.pentaho.repository.create") && iAuthorizationPolicy.isAllowed("org.pentaho.security.administerSecurity");
    }
}
