package org.gcube.portal.social.networking.ws.methods.v2;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.Authorization;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.validation.ValidationException;
import javax.validation.constraints.NotNull;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
import org.gcube.common.authorization.library.utils.Caller;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.common.scope.impl.ScopeBean;
import org.gcube.portal.social.networking.caches.UsersCache;
import org.gcube.portal.social.networking.liferay.ws.GroupManagerWSBuilder;
import org.gcube.portal.social.networking.liferay.ws.RoleManagerWSBuilder;
import org.gcube.portal.social.networking.liferay.ws.UserManagerWSBuilder;
import org.gcube.portal.social.networking.swagger.config.Bootstrap;
import org.gcube.portal.social.networking.ws.outputs.ResponseBean;
import org.gcube.portal.social.networking.ws.utils.ErrorMessages;
import org.gcube.portal.social.networking.ws.utils.TokensUtils;
import org.gcube.vomanagement.usermanagement.GroupManager;
import org.gcube.vomanagement.usermanagement.UserManager;
import org.gcube.vomanagement.usermanagement.model.GCubeUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Api(value = "users", authorizations = {@Authorization(Bootstrap.GCUBE_TOKEN_IN_QUERY_DEF), @Authorization(Bootstrap.GCUBE_TOKEN_IN_HEADER_DEF)})
@Path("2/users")
/* loaded from: input_file:WEB-INF/classes/org/gcube/portal/social/networking/ws/methods/v2/Users.class */
public class Users {
    private static final String NOT_USER_TOKEN_CONTEXT_USED = "User's information can only be retrieved through a user token (not qualified)";
    private static final Logger logger = LoggerFactory.getLogger(Users.class);
    private static final List<String> GLOBAL_ROLES_ALLOWED_BY_LOCAL_CALL_METHOD = Arrays.asList("DataMiner-Manager", "Quota-Manager");

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "Successful read of the attribute, reported in the 'result' field of the returned object", response = ResponseBean.class), @ApiResponse(code = 404, message = "Such an attribute doesn't exist", response = ResponseBean.class), @ApiResponse(code = 500, message = ErrorMessages.ERROR_IN_API_RESULT, response = ResponseBean.class)})
    @Path("get-custom-attribute/")
    @ApiOperation(value = "Read a user's custom attribute", notes = "Read a user's custom attribute. The user is the one owning the token", response = ResponseBean.class, nickname = "get-custom-attribute")
    @Produces({"application/json"})
    public Response readCustomAttr(@NotNull(message = "attribute name is missing") @QueryParam("attribute") @ApiParam(name = "attribute", required = true, allowMultiple = false, value = "The key of the attribute to be read") String str) throws ValidationException {
        Caller caller = AuthorizationProvider.instance.get();
        String id = caller.getClient().getId();
        ResponseBean responseBean = new ResponseBean();
        Response.Status status = Response.Status.OK;
        if (TokensUtils.isUserTokenDefault(caller)) {
            UserManager userManager = UserManagerWSBuilder.getInstance().getUserManager();
            try {
                String str2 = (String) userManager.readCustomAttr(userManager.getUserByUsername(id).getUserId(), str);
                responseBean.setSuccess(true);
                responseBean.setResult(str2);
            } catch (Exception e) {
                logger.error("Unable to retrieve attribute for user.", e);
                responseBean.setMessage(e.toString());
                responseBean.setSuccess(false);
                status = Response.Status.NOT_FOUND;
            }
        } else {
            status = Response.Status.FORBIDDEN;
            responseBean.setMessage(NOT_USER_TOKEN_CONTEXT_USED);
            logger.warn("Trying to access users method via a token different than USER is not allowed");
        }
        return Response.status(status).entity(responseBean).build();
    }

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "The user's fullname is reported in the 'result' field of the returned object", response = ResponseBean.class), @ApiResponse(code = 500, message = ErrorMessages.ERROR_IN_API_RESULT, response = ResponseBean.class)})
    @Path("get-fullname")
    @ApiOperation(value = "Read the user's fullname", notes = "Read the user's fullname. The user is the one owning the token", response = ResponseBean.class, nickname = "get-fullname")
    @Produces({"application/json"})
    public Response getUserFullname() {
        Caller caller = AuthorizationProvider.instance.get();
        String id = caller.getClient().getId();
        ResponseBean responseBean = new ResponseBean();
        Response.Status status = Response.Status.OK;
        if (TokensUtils.isUserTokenDefault(caller)) {
            try {
                String fullname = UserManagerWSBuilder.getInstance().getUserManager().getUserByUsername(id).getFullname();
                logger.info("Found fullname " + fullname + " for user " + id);
                responseBean.setResult(fullname);
                responseBean.setSuccess(true);
            } catch (Exception e) {
                logger.error("Unable to retrieve attribute for user.", e);
                status = Response.Status.INTERNAL_SERVER_ERROR;
            }
        } else {
            status = Response.Status.FORBIDDEN;
            responseBean.setMessage(NOT_USER_TOKEN_CONTEXT_USED);
            logger.warn("Trying to access users method via a token different than USER is not allowed");
        }
        return Response.status(status).entity(responseBean).build();
    }

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "The user's email value is reported in the 'result' field of the returned object", response = ResponseBean.class), @ApiResponse(code = 500, message = ErrorMessages.ERROR_IN_API_RESULT, response = ResponseBean.class)})
    @Path("get-email")
    @ApiOperation(value = "Read the user's email address", notes = "Read the user's email address. The user is the one owning the token", response = ResponseBean.class, nickname = "get-email")
    @Produces({"application/json"})
    public Response getUserEmail() {
        Caller caller = AuthorizationProvider.instance.get();
        String id = caller.getClient().getId();
        ResponseBean responseBean = new ResponseBean();
        Response.Status status = Response.Status.OK;
        if (TokensUtils.isUserTokenDefault(caller)) {
            try {
                String email = UserManagerWSBuilder.getInstance().getUserManager().getUserByUsername(id).getEmail();
                logger.info("Found email " + email + " for user " + id);
                responseBean.setResult(email);
                responseBean.setSuccess(true);
            } catch (Exception e) {
                logger.error("Unable to retrieve attribute for user.", e);
                status = Response.Status.INTERNAL_SERVER_ERROR;
            }
        } else {
            status = Response.Status.FORBIDDEN;
            responseBean.setMessage(NOT_USER_TOKEN_CONTEXT_USED);
            logger.warn("Trying to access users method via a token different than USER is not allowed");
        }
        return Response.status(status).entity(responseBean).build();
    }

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "The user's profile is reported in the 'result' field of the returned object", response = ResponseBean.class), @ApiResponse(code = 500, message = ErrorMessages.ERROR_IN_API_RESULT, response = ResponseBean.class)})
    @Path("get-profile")
    @ApiOperation(value = "Read the user's profile", notes = "Read the user's profile. The user is the one owning the token", response = ResponseBean.class, nickname = "get-profile")
    @Produces({"application/json"})
    public Response getUserProfile() {
        Caller caller = AuthorizationProvider.instance.get();
        String id = caller.getClient().getId();
        ResponseBean responseBean = new ResponseBean();
        Response.Status status = Response.Status.OK;
        if (TokensUtils.isUserTokenDefault(caller)) {
            try {
                responseBean.setResult(UserManagerWSBuilder.getInstance().getUserManager().getUserByUsername(id));
                responseBean.setSuccess(true);
            } catch (Exception e) {
                logger.error("Unable to retrieve user's profile", e);
                responseBean.setMessage(e.getMessage());
                status = Response.Status.INTERNAL_SERVER_ERROR;
            }
        } else {
            status = Response.Status.FORBIDDEN;
            responseBean.setMessage(NOT_USER_TOKEN_CONTEXT_USED);
            logger.warn("Trying to access users method via a token different than USER is not allowed");
        }
        return Response.status(status).entity(responseBean).build();
    }

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "The list of usernames is put into the 'result' field of the returned object", response = ResponseBean.class), @ApiResponse(code = 500, message = ErrorMessages.ERROR_IN_API_RESULT, response = ResponseBean.class)})
    @Path("get-all-usernames")
    @ApiOperation(value = "Get the list of usernames belonging to a given context", notes = "Retrieve the list of usernames for the user belonging to the context linked to the provided token.", response = ResponseBean.class, nickname = "get-all-usernames")
    @Produces({"application/json"})
    public Response getAllUserNames() {
        ResponseBean responseBean = new ResponseBean();
        Response.Status status = Response.Status.OK;
        ArrayList arrayList = new ArrayList();
        try {
            GroupManager groupManager = GroupManagerWSBuilder.getInstance().getGroupManager();
            UserManager userManager = UserManagerWSBuilder.getInstance().getUserManager();
            List<Long> userIdsByGroup = userManager.getUserIdsByGroup(groupManager.getGroupIdFromInfrastructureScope(ScopeProvider.instance.get()));
            UsersCache singleton = UsersCache.getSingleton();
            for (Long l : userIdsByGroup) {
                if (singleton.getUser(l.longValue()) == null) {
                    GCubeUser userById = userManager.getUserById(l.longValue());
                    if (userById != null) {
                        arrayList.add(userById.getUsername());
                        singleton.pushEntry(l.longValue(), userById);
                    }
                } else {
                    arrayList.add(singleton.getUser(l.longValue()).getUsername());
                }
            }
            responseBean.setResult(arrayList);
            responseBean.setSuccess(true);
        } catch (Exception e) {
            logger.error("Unable to retrieve user's usernames", e);
            responseBean.setMessage(e.getMessage());
            status = Response.Status.INTERNAL_SERVER_ERROR;
        }
        return Response.status(status).entity(responseBean).build();
    }

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "The map is put into the 'result' field of the returned object", response = ResponseBean.class), @ApiResponse(code = 500, message = ErrorMessages.ERROR_IN_API_RESULT, response = ResponseBean.class)})
    @Path("get-all-fullnames-and-usernames")
    @ApiOperation(value = "Get the map of couples username/fullname of the users belonging to a given context", notes = "Get the map of couples username/fullname of the users belonging to the context linked to the provided token.", response = ResponseBean.class, nickname = "get-all-fullnames-and-usernames")
    @Produces({"application/json"})
    public Response getFullnamesAndUsernames() {
        ResponseBean responseBean = new ResponseBean();
        Response.Status status = Response.Status.OK;
        HashMap hashMap = new HashMap();
        try {
            GroupManager groupManager = GroupManagerWSBuilder.getInstance().getGroupManager();
            UserManager userManager = UserManagerWSBuilder.getInstance().getUserManager();
            List<Long> userIdsByGroup = userManager.getUserIdsByGroup(groupManager.getGroupIdFromInfrastructureScope(ScopeProvider.instance.get()));
            UsersCache singleton = UsersCache.getSingleton();
            for (Long l : userIdsByGroup) {
                if (singleton.getUser(l.longValue()) == null) {
                    GCubeUser userById = userManager.getUserById(l.longValue());
                    if (userById != null) {
                        hashMap.put(userById.getUsername(), userById.getFullname());
                        singleton.pushEntry(l.longValue(), userById);
                    }
                } else {
                    hashMap.put(singleton.getUser(l.longValue()).getUsername(), singleton.getUser(l.longValue()).getFullname());
                }
            }
            responseBean.setResult(hashMap);
            responseBean.setSuccess(true);
        } catch (Exception e) {
            logger.error("Unable to retrieve user's usernames", e);
            responseBean.setMessage(e.getMessage());
            status = Response.Status.INTERNAL_SERVER_ERROR;
        }
        return Response.status(status).entity(responseBean).build();
    }

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "The list is put into the 'result' field of the returned object", response = ResponseBean.class), @ApiResponse(code = 500, message = ErrorMessages.ERROR_IN_API_RESULT, response = ResponseBean.class)})
    @Path("get-usernames-by-global-role")
    @ApiOperation(value = "Get the list of users having a given global-role", notes = "Get the list of users having a given global-role, e.g. 'Administrator'.", response = ResponseBean.class, nickname = "get-usernames-by-global-role")
    @Produces({"application/json"})
    public Response getUsernamesByGlobalRole(@QueryParam("role-name") @ApiParam(value = "role-name: the name of the role to be checked (e.g. Administrator)", required = true) String str) {
        ResponseBean responseBean = new ResponseBean();
        Response.Status status = Response.Status.OK;
        if (new ScopeBean(ScopeProvider.instance.get()).is(ScopeBean.Type.INFRASTRUCTURE)) {
            ArrayList arrayList = new ArrayList();
            try {
                long roleIdByName = RoleManagerWSBuilder.getInstance().getRoleManager().getRoleIdByName(str);
                if (roleIdByName > 0) {
                    List<GCubeUser> listUsersByGlobalRole = UserManagerWSBuilder.getInstance().getUserManager().listUsersByGlobalRole(roleIdByName);
                    if (listUsersByGlobalRole != null) {
                        Iterator<GCubeUser> it = listUsersByGlobalRole.iterator();
                        while (it.hasNext()) {
                            arrayList.add(it.next().getUsername());
                        }
                    }
                    responseBean.setResult(arrayList);
                    responseBean.setSuccess(true);
                } else {
                    responseBean.setMessage("No global role exists whit such a name");
                    status = Response.Status.BAD_REQUEST;
                }
            } catch (Exception e) {
                logger.error("Unable to retrieve user's usernames", e);
                responseBean.setMessage(e.getMessage());
                status = Response.Status.INTERNAL_SERVER_ERROR;
            }
        } else {
            status = Response.Status.BAD_REQUEST;
            responseBean.setMessage("This method can only be called with an infrastructure token");
        }
        return Response.status(status).entity(responseBean).build();
    }

    @GET
    @Produces({"application/json"})
    @Path("get-usernames-by-role")
    public Response getUsernamesByRole(@QueryParam("role-name") String str) {
        ResponseBean responseBean = new ResponseBean();
        Response.Status status = Response.Status.OK;
        String str2 = ScopeProvider.instance.get();
        ArrayList arrayList = new ArrayList();
        try {
            GroupManager groupManager = GroupManagerWSBuilder.getInstance().getGroupManager();
            long roleIdByName = RoleManagerWSBuilder.getInstance().getRoleManager().getRoleIdByName(str);
            if (roleIdByName > 0) {
                UserManager userManager = UserManagerWSBuilder.getInstance().getUserManager();
                List<GCubeUser> list = null;
                long groupIdFromInfrastructureScope = groupManager.getGroupIdFromInfrastructureScope(str2);
                try {
                    if (GLOBAL_ROLES_ALLOWED_BY_LOCAL_CALL_METHOD.contains(str)) {
                        list = userManager.listUsersByGlobalRole(roleIdByName);
                    }
                } catch (Exception e) {
                    logger.warn("Failed while checking for global role... trying with local one", e);
                }
                if (list == null || list.isEmpty()) {
                    logger.debug("User list is still null/empty, checking for local information");
                    list = userManager.listUsersByGroupAndRole(groupIdFromInfrastructureScope, roleIdByName);
                }
                if (list != null) {
                    Iterator<GCubeUser> it = list.iterator();
                    while (it.hasNext()) {
                        arrayList.add(it.next().getUsername());
                    }
                }
                responseBean.setResult(arrayList);
                responseBean.setSuccess(true);
            } else {
                responseBean.setMessage("No role exists whit such a name");
                status = Response.Status.BAD_REQUEST;
            }
        } catch (Exception e2) {
            logger.error("Unable to retrieve user's usernames", e2);
            responseBean.setMessage(e2.getMessage());
            status = Response.Status.INTERNAL_SERVER_ERROR;
        }
        return Response.status(status).entity(responseBean).build();
    }

    @GET
    @Produces({"application/json"})
    @Path("user-exists")
    public Response existUser(@QueryParam("username") String str) {
        Response.Status status;
        ResponseBean responseBean = new ResponseBean();
        Response.Status status2 = Response.Status.BAD_REQUEST;
        responseBean.setMessage("This method can be invoked only by using an application token bound to the root context");
        responseBean.setSuccess(false);
        if (TokensUtils.isApplicationToken(AuthorizationProvider.instance.get()) && new ScopeBean(ScopeProvider.instance.get()).is(ScopeBean.Type.INFRASTRUCTURE)) {
            try {
                GCubeUser userByUsername = UserManagerWSBuilder.getInstance().getUserManager().getUserByUsername(str);
                responseBean.setSuccess(true);
                responseBean.setMessage(null);
                responseBean.setResult(Boolean.valueOf(userByUsername != null));
                status = Response.Status.OK;
            } catch (Exception e) {
                logger.error("Unable to retrieve such information", e);
                responseBean.setMessage(e.getMessage());
                status = Response.Status.INTERNAL_SERVER_ERROR;
            }
            return Response.status(status).entity(responseBean).build();
        }
        return Response.status(status2).entity(responseBean).build();
    }
}
