package org.sonatype.security.rest.privileges;

import org.codehaus.plexus.component.annotations.Component;
import org.restlet.Context;
import org.restlet.data.Request;
import org.restlet.data.Response;
import org.restlet.data.Status;
import org.restlet.resource.ResourceException;
import org.restlet.resource.Variant;
import org.sonatype.plexus.rest.resource.PathProtectionDescriptor;
import org.sonatype.plexus.rest.resource.PlexusResource;
import org.sonatype.security.authorization.AuthorizationManager;
import org.sonatype.security.authorization.NoSuchAuthorizationManager;
import org.sonatype.security.authorization.NoSuchPrivilegeException;
import org.sonatype.security.rest.model.PrivilegeStatusResourceResponse;

@Component(role = PlexusResource.class, hint = "PrivilegePlexusResource")
/* loaded from: input_file:org/sonatype/security/rest/privileges/PrivilegePlexusResource.class */
public class PrivilegePlexusResource extends AbstractPrivilegePlexusResource {
    protected static final String PRIVILEGE_SOURCE = "default";

    public PrivilegePlexusResource() {
        setModifiable(true);
    }

    public Object getPayloadInstance() {
        return null;
    }

    public String getResourceUri() {
        return "/privileges/{privilegeId}";
    }

    public PathProtectionDescriptor getResourceProtection() {
        return new PathProtectionDescriptor("/privileges/*", "authcBasic,perms[security:privileges]");
    }

    protected String getPrivilegeId(Request request) {
        return request.getAttributes().get(AbstractPrivilegePlexusResource.PRIVILEGE_ID_KEY).toString();
    }

    public Object get(Context context, Request request, Response response, Variant variant) throws ResourceException {
        PrivilegeStatusResourceResponse privilegeStatusResourceResponse = new PrivilegeStatusResourceResponse();
        try {
            privilegeStatusResourceResponse.setData(securityToRestModel(getSecuritySystem().getAuthorizationManager(PRIVILEGE_SOURCE).getPrivilege(getPrivilegeId(request)), request, false));
            return privilegeStatusResourceResponse;
        } catch (NoSuchAuthorizationManager e) {
            getLogger().warn("Could not found AuthorizationManager: default", e);
            throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Authorization Manager for: default could not be found.");
        } catch (NoSuchPrivilegeException e2) {
            throw new ResourceException(Status.CLIENT_ERROR_NOT_FOUND, "Privilege could not be found.");
        }
    }

    public void delete(Context context, Request request, Response response) throws ResourceException {
        try {
            AuthorizationManager authorizationManager = getSecuritySystem().getAuthorizationManager(PRIVILEGE_SOURCE);
            if (authorizationManager.getPrivilege(getPrivilegeId(request)).getType().equals("method")) {
                throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Cannot delete an application type privilege");
            }
            authorizationManager.deletePrivilege(getPrivilegeId(request));
        } catch (NoSuchAuthorizationManager e) {
            getLogger().warn("Could not found AuthorizationManager: default", e);
            throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Authorization Manager for: default could not be found.");
        } catch (NoSuchPrivilegeException e2) {
            throw new ResourceException(Status.CLIENT_ERROR_NOT_FOUND, e2.getMessage());
        }
    }
}
