package it.geosolutions.geostore.services.rest.impl;

import it.geosolutions.geostore.core.model.Category;
import it.geosolutions.geostore.core.model.Resource;
import it.geosolutions.geostore.core.model.SecurityRule;
import it.geosolutions.geostore.core.model.User;
import it.geosolutions.geostore.core.model.enums.DataType;
import it.geosolutions.geostore.core.model.enums.Role;
import it.geosolutions.geostore.services.ResourceService;
import it.geosolutions.geostore.services.SecurityService;
import it.geosolutions.geostore.services.dto.ShortAttribute;
import it.geosolutions.geostore.services.dto.search.BaseField;
import it.geosolutions.geostore.services.dto.search.FieldFilter;
import it.geosolutions.geostore.services.dto.search.SearchFilter;
import it.geosolutions.geostore.services.dto.search.SearchOperator;
import it.geosolutions.geostore.services.exception.BadRequestServiceEx;
import it.geosolutions.geostore.services.exception.DuplicatedResourceNameServiceEx;
import it.geosolutions.geostore.services.exception.InternalErrorServiceEx;
import it.geosolutions.geostore.services.exception.NotFoundServiceEx;
import it.geosolutions.geostore.services.rest.RESTResourceService;
import it.geosolutions.geostore.services.rest.exception.BadRequestWebEx;
import it.geosolutions.geostore.services.rest.exception.ConflictWebEx;
import it.geosolutions.geostore.services.rest.exception.ForbiddenErrorWebEx;
import it.geosolutions.geostore.services.rest.exception.InternalErrorWebEx;
import it.geosolutions.geostore.services.rest.exception.NotFoundWebEx;
import it.geosolutions.geostore.services.rest.model.RESTAttribute;
import it.geosolutions.geostore.services.rest.model.RESTCategory;
import it.geosolutions.geostore.services.rest.model.RESTResource;
import it.geosolutions.geostore.services.rest.model.ResourceList;
import it.geosolutions.geostore.services.rest.model.SecurityRuleList;
import it.geosolutions.geostore.services.rest.model.ShortAttributeList;
import it.geosolutions.geostore.services.rest.model.ShortResourceList;
import it.geosolutions.geostore.services.rest.utils.Convert;
import java.util.ArrayList;
import java.util.List;
import javax.ws.rs.core.SecurityContext;
import net.sf.json.util.JSONUtils;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:WEB-INF/lib/geostore-rest-impl-2.0.0.jar:it/geosolutions/geostore/services/rest/impl/RESTResourceServiceImpl.class */
public class RESTResourceServiceImpl extends RESTServiceImpl implements RESTResourceService {
    private static final Logger LOGGER = LogManager.getLogger((Class<?>) RESTResourceServiceImpl.class);
    private ResourceService resourceService;

    public void setResourceService(ResourceService resourceService) {
        this.resourceService = resourceService;
    }

    @Override // it.geosolutions.geostore.services.rest.impl.RESTServiceImpl
    protected SecurityService getSecurityService() {
        return this.resourceService;
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public long insert(SecurityContext securityContext, RESTResource rESTResource) {
        if (rESTResource == null) {
            throw new BadRequestWebEx("Resource is null");
        }
        if (rESTResource.getId() != null) {
            throw new BadRequestWebEx("Id should be null");
        }
        if (rESTResource.getCategory() == null) {
            throw new BadRequestWebEx("Category should be not null");
        }
        User extractAuthUser = extractAuthUser(securityContext);
        ArrayList arrayList = new ArrayList();
        SecurityRule securityRule = new SecurityRule();
        securityRule.setCanRead(true);
        securityRule.setCanWrite(true);
        securityRule.setUser(extractAuthUser);
        arrayList.add(securityRule);
        Resource convertResource = Convert.convertResource(rESTResource);
        convertResource.setSecurity(arrayList);
        try {
            return this.resourceService.insert(convertResource);
        } catch (BadRequestServiceEx e) {
            throw new BadRequestWebEx(e.getMessage());
        } catch (DuplicatedResourceNameServiceEx e2) {
            throw new ConflictWebEx(e2.getMessage());
        } catch (NotFoundServiceEx e3) {
            throw new NotFoundWebEx(e3.getMessage());
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public long update(SecurityContext securityContext, long j, RESTResource rESTResource) throws NotFoundWebEx, BadRequestWebEx {
        try {
            if (rESTResource == null) {
                throw new BadRequestWebEx("Resource is null");
            }
            rESTResource.setId(Long.valueOf(j));
            Resource resource = this.resourceService.get(j);
            if (resource == null) {
                throw new NotFoundWebEx("Resource not found");
            }
            if (rESTResource.getCategory() != null) {
                RESTCategory category = rESTResource.getCategory();
                Category category2 = resource.getCategory();
                if ((category.getId() != null && !category.getId().equals(category2.getId())) || (category.getName() != null && !category.getName().equals(category2.getName()))) {
                    LOGGER.info("Trying to change category old(" + category2.getId() + ":" + category2.getName() + ") new(" + category.getId() + ":" + category.getName() + ")");
                    throw new BadRequestWebEx("Can't change resource category");
                }
            }
            if (!resourceAccessWrite(extractAuthUser(securityContext), resource.getId().longValue())) {
                throw new ForbiddenErrorWebEx("Can't update resource");
            }
            if (rESTResource.getDescription() != null) {
                resource.setDescription(rESTResource.getDescription());
            }
            if (rESTResource.getName() != null) {
                resource.setName(rESTResource.getName());
            }
            if (rESTResource.getMetadata() != null) {
                resource.setMetadata(rESTResource.getMetadata());
            }
            try {
                this.resourceService.update(resource);
                if (rESTResource.getAttribute() != null) {
                    if (LOGGER.isDebugEnabled()) {
                        LOGGER.debug("Attribute list is " + rESTResource.getAttribute().size());
                    }
                    this.resourceService.updateAttributes(j, Convert.convertAttributeList(rESTResource.getAttribute()));
                } else if (LOGGER.isDebugEnabled()) {
                    LOGGER.debug("Attribute list is null: no change in the attrib list");
                }
                return j;
            } catch (DuplicatedResourceNameServiceEx e) {
                throw new ConflictWebEx(e.getMessage());
            }
        } catch (NotFoundServiceEx e2) {
            LOGGER.warn("Resource not found (" + j + "): " + e2.getMessage(), (Throwable) e2);
            throw new NotFoundWebEx("Resource not found");
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public void delete(SecurityContext securityContext, long j) throws NotFoundWebEx {
        if (!resourceAccessWrite(extractAuthUser(securityContext), j)) {
            throw new ForbiddenErrorWebEx("This user cannot delete this resource !");
        }
        if (!this.resourceService.delete(j)) {
            throw new NotFoundWebEx("Resource not found");
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public void deleteResources(SecurityContext securityContext, SearchFilter searchFilter) throws BadRequestWebEx, InternalErrorWebEx {
        try {
            this.resourceService.deleteResources(searchFilter);
        } catch (BadRequestServiceEx e) {
            if (LOGGER.isEnabled(Level.ERROR)) {
                LOGGER.error(e.getMessage());
            }
            throw new BadRequestWebEx(e.getMessage());
        } catch (InternalErrorServiceEx e2) {
            if (LOGGER.isEnabled(Level.ERROR)) {
                LOGGER.error(e2.getMessage());
            }
            throw new InternalErrorWebEx(e2.getMessage());
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public Resource get(SecurityContext securityContext, long j, boolean z) throws NotFoundWebEx {
        User extractAuthUser = extractAuthUser(securityContext);
        if (!resourceAccessRead(extractAuthUser, j)) {
            throw new ForbiddenErrorWebEx("This user cannot read this resource !");
        }
        if (!z) {
            Resource resource = this.resourceService.get(j);
            if (resource == null) {
                throw new NotFoundWebEx("Resource not found");
            }
            if (resource.getData() != null) {
                LOGGER.warn("Resource has data attached. It should not. Please check.");
                resource.setData(null);
            }
            return resource;
        }
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Retrieving a full resource");
        }
        try {
            List<Resource> resourcesFull = this.resourceService.getResourcesFull(new FieldFilter(BaseField.ID, Long.toString(j), SearchOperator.EQUAL_TO), extractAuthUser);
            if (resourcesFull.isEmpty()) {
                throw new NotFoundWebEx("Resource not found");
            }
            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug("DATA is " + resourcesFull.get(0).getData());
            }
            return resourcesFull.get(0);
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), (Throwable) e);
            throw new InternalErrorWebEx("Internal error");
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public ShortResourceList getList(SecurityContext securityContext, String str, Integer num, Integer num2) throws BadRequestWebEx {
        User extractAuthUser = extractAuthUser(securityContext);
        try {
            return new ShortResourceList(this.resourceService.getList(str.replaceAll("[*]", "%"), num, num2, extractAuthUser));
        } catch (BadRequestServiceEx e) {
            throw new BadRequestWebEx(e.getMessage());
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public ShortResourceList getAll(SecurityContext securityContext, Integer num, Integer num2) throws BadRequestWebEx {
        try {
            return new ShortResourceList(this.resourceService.getAll(num, num2, extractAuthUser(securityContext)));
        } catch (BadRequestServiceEx e) {
            throw new BadRequestWebEx(e.getMessage());
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public long getCount(SecurityContext securityContext, String str) {
        return this.resourceService.getCount(str.replaceAll("[*]", "%"));
    }

    private long parseId(SecurityContext securityContext, String str) throws BadRequestWebEx {
        try {
            return Long.parseLong(str);
        } catch (Exception e) {
            LOGGER.info("Bad id requested '" + str + JSONUtils.SINGLE_QUOTE);
            throw new BadRequestWebEx("Bad id");
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public ShortAttributeList getAttributes(SecurityContext securityContext, long j) throws NotFoundWebEx {
        if (this.resourceService.get(j) == null) {
            throw new NotFoundWebEx("Resource not found");
        }
        if (resourceAccessRead(extractAuthUser(securityContext), j)) {
            return new ShortAttributeList(this.resourceService.getAttributes(j));
        }
        throw new ForbiddenErrorWebEx("This user cannot read this resource so neither its attributes!");
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public String getAttribute(SecurityContext securityContext, long j, String str) throws NotFoundWebEx {
        if (this.resourceService.get(j) == null) {
            throw new NotFoundWebEx("Resource not found");
        }
        if (!resourceAccessRead(extractAuthUser(securityContext), j)) {
            throw new ForbiddenErrorWebEx("This user cannot read this resource so neither its attributes!");
        }
        ShortAttribute attribute = this.resourceService.getAttribute(j, str);
        if (attribute == null) {
            throw new NotFoundWebEx("Resource attribute not found");
        }
        return attribute.getValue();
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public long updateAttribute(SecurityContext securityContext, long j, String str, String str2, DataType dataType) throws NotFoundWebEx, InternalErrorWebEx {
        Resource resource = this.resourceService.get(j);
        if (resource == null) {
            throw new NotFoundWebEx("Resource not found");
        }
        try {
            if (resourceAccessWrite(extractAuthUser(securityContext), resource.getId().longValue())) {
                return this.resourceService.getAttribute(j, str) != null ? this.resourceService.updateAttribute(j, str, str2) : dataType != null ? this.resourceService.insertAttribute(j, str, str2, dataType) : this.resourceService.insertAttribute(j, str, str2, DataType.STRING);
            }
            throw new InternalErrorServiceEx("This user cannot access this resource !");
        } catch (InternalErrorServiceEx e) {
            throw new InternalErrorWebEx(e.getMessage());
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public long updateAttribute(SecurityContext securityContext, long j, String str, String str2) {
        return updateAttribute(securityContext, j, str, str2, null);
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public long updateAttribute(SecurityContext securityContext, long j, RESTAttribute rESTAttribute) {
        if (rESTAttribute == null || rESTAttribute.getName() == null) {
            throw new BadRequestWebEx("missing attribute content or attribute name in request");
        }
        return updateAttribute(securityContext, j, rESTAttribute.getName(), rESTAttribute.getValue(), rESTAttribute.getType());
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public ShortResourceList getResources(SecurityContext securityContext, SearchFilter searchFilter) {
        try {
            return new ShortResourceList(this.resourceService.getResources(searchFilter, extractAuthUser(securityContext)));
        } catch (BadRequestServiceEx e) {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info(e.getMessage());
            }
            throw new BadRequestWebEx(e.getMessage());
        } catch (InternalErrorServiceEx e2) {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info(e2.getMessage());
            }
            throw new InternalErrorWebEx(e2.getMessage());
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public ResourceList getResourcesList(SecurityContext securityContext, Integer num, Integer num2, boolean z, boolean z2, SearchFilter searchFilter) {
        try {
            return new ResourceList(this.resourceService.getResources(searchFilter, num, num2, z, z2, extractAuthUser(securityContext)));
        } catch (BadRequestServiceEx e) {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info(e.getMessage());
            }
            throw new BadRequestWebEx(e.getMessage());
        } catch (InternalErrorServiceEx e2) {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info(e2.getMessage());
            }
            throw new InternalErrorWebEx(e2.getMessage());
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public void updateSecurityRules(SecurityContext securityContext, long j, SecurityRuleList securityRuleList) {
        User extractAuthUser = extractAuthUser(securityContext);
        if (!resourceAccessWrite(extractAuthUser, j)) {
            throw new ForbiddenErrorWebEx("This user cannot write this resource so neither its permissions!");
        }
        ShortAttribute attribute = this.resourceService.getAttribute(j, "owner");
        if (extractAuthUser.getRole() != Role.ADMIN && attribute != null && !attribute.getValue().equals(extractAuthUser.getName())) {
            throw new ForbiddenErrorWebEx("This user cannot update this resource permissions!");
        }
        try {
            this.resourceService.updateSecurityRules(j, Convert.convertSecurityRuleList(securityRuleList.getList(), Long.valueOf(j)));
        } catch (BadRequestServiceEx e) {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info(e.getMessage());
            }
            throw new BadRequestWebEx(e.getMessage());
        } catch (InternalErrorServiceEx e2) {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info(e2.getMessage());
            }
            throw new InternalErrorWebEx(e2.getMessage());
        } catch (NotFoundServiceEx e3) {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info(e3.getMessage());
            }
            throw new NotFoundWebEx(e3.getMessage());
        }
    }

    @Override // it.geosolutions.geostore.services.rest.RESTResourceService
    public SecurityRuleList getSecurityRules(SecurityContext securityContext, long j) {
        User extractAuthUser = extractAuthUser(securityContext);
        if (!resourceAccessRead(extractAuthUser, j)) {
            throw new ForbiddenErrorWebEx("This user cannot read this resource so neither its permissions!");
        }
        ShortAttribute attribute = this.resourceService.getAttribute(j, "owner");
        if (extractAuthUser.getRole() != Role.ADMIN && attribute != null && !attribute.getValue().equals(extractAuthUser.getName())) {
            throw new ForbiddenErrorWebEx("This user cannot read this resource permissions!");
        }
        try {
            return new SecurityRuleList(this.resourceService.getSecurityRules(j));
        } catch (BadRequestServiceEx e) {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info(e.getMessage());
            }
            throw new BadRequestWebEx(e.getMessage());
        } catch (InternalErrorServiceEx e2) {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info(e2.getMessage());
            }
            throw new InternalErrorWebEx(e2.getMessage());
        }
    }
}
