package com.atlassian.gadgets.dashboard.internal.rest;

import com.atlassian.fugue.Maybe;
import com.atlassian.fugue.Option;
import com.atlassian.gadgets.GadgetId;
import com.atlassian.gadgets.GadgetRequestContext;
import com.atlassian.gadgets.GadgetRequestContextFactory;
import com.atlassian.gadgets.dashboard.Color;
import com.atlassian.gadgets.dashboard.DashboardId;
import com.atlassian.gadgets.dashboard.DashboardNotFoundException;
import com.atlassian.gadgets.dashboard.DashboardState;
import com.atlassian.gadgets.dashboard.internal.Dashboard;
import com.atlassian.gadgets.dashboard.internal.DashboardRepository;
import com.atlassian.gadgets.dashboard.internal.Gadget;
import com.atlassian.gadgets.dashboard.internal.rest.representations.GadgetRepresentation;
import com.atlassian.gadgets.dashboard.internal.rest.representations.RepresentationFactory;
import com.atlassian.gadgets.dashboard.spi.DashboardPermissionService;
import com.atlassian.plugin.spring.scanner.annotation.imports.ComponentImport;
import com.atlassian.plugins.rest.common.security.AnonymousAllowed;
import com.atlassian.sal.api.message.I18nResolver;
import com.google.common.base.Function;
import com.google.common.collect.ImmutableMap;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.JSONException;
import org.json.JSONObject;

@Path("{dashboardId}/gadget/{gadgetId}")
/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-gadgets-dashboard-plugin-3.11.6.jar:com/atlassian/gadgets/dashboard/internal/rest/GadgetResource.class */
public class GadgetResource {
    private static final int HTTP_METHOD_NOT_ALLOWED = 405;
    private final Log log = LogFactory.getLog(getClass());
    private final DashboardPermissionService permissionService;
    private final DashboardRepository repository;
    private final GadgetRequestContextFactory gadgetRequestContextFactory;
    private final AddGadgetHandler addGadgetHandler;
    private final DeleteGadgetHandler deleteGadgetHandler;
    private final ChangeGadgetColorHandler changeGadgetColorHandler;
    private final UpdateGadgetUserPrefsHandler updateGadgetUserPrefsHandler;
    private final I18nResolver i18n;
    private RepresentationFactory representationFactory;

    public GadgetResource(@ComponentImport DashboardPermissionService dashboardPermissionService, DashboardRepository dashboardRepository, @ComponentImport GadgetRequestContextFactory gadgetRequestContextFactory, AddGadgetHandler addGadgetHandler, DeleteGadgetHandler deleteGadgetHandler, ChangeGadgetColorHandler changeGadgetColorHandler, UpdateGadgetUserPrefsHandler updateGadgetUserPrefsHandler, @ComponentImport I18nResolver i18nResolver, RepresentationFactory representationFactory) {
        this.permissionService = dashboardPermissionService;
        this.repository = dashboardRepository;
        this.gadgetRequestContextFactory = gadgetRequestContextFactory;
        this.addGadgetHandler = addGadgetHandler;
        this.deleteGadgetHandler = deleteGadgetHandler;
        this.changeGadgetColorHandler = changeGadgetColorHandler;
        this.updateGadgetUserPrefsHandler = updateGadgetUserPrefsHandler;
        this.i18n = i18nResolver;
        this.representationFactory = representationFactory;
    }

    @GET
    @AnonymousAllowed
    @Produces({"application/json", "application/xml"})
    public Response getRenderedGadget(@PathParam("dashboardId") DashboardId dashboardId, @PathParam("gadgetId") GadgetId gadgetId, @Context HttpServletRequest httpServletRequest) {
        this.log.debug("GadgetResource: GET received: dashboardId=" + dashboardId + ", gadgetId = " + gadgetId);
        return buildResponseWithGadgetRepresentation(dashboardId, gadgetId, httpServletRequest, fullGadgetRepresentation());
    }

    @GET
    @Path("/prefs")
    @AnonymousAllowed
    @Produces({"application/json", "application/xml"})
    public Response getUserPrefs(@PathParam("dashboardId") DashboardId dashboardId, @PathParam("gadgetId") GadgetId gadgetId, @Context HttpServletRequest httpServletRequest) {
        this.log.debug("GadgetResource: GET user preferences received: dashboardId=" + dashboardId + ", gadgetId = " + gadgetId);
        return buildResponseWithGadgetRepresentation(dashboardId, gadgetId, httpServletRequest, userPrefsRepresentation());
    }

    private Response buildResponseWithGadgetRepresentation(DashboardId dashboardId, GadgetId gadgetId, HttpServletRequest httpServletRequest, final Function<GadgetRepresentation, Object> function) {
        GadgetRequestContext gadgetRequestContext = this.gadgetRequestContextFactory.get(httpServletRequest);
        return !this.permissionService.isReadableBy(dashboardId, gadgetRequestContext.getViewer()) ? Response.status(Response.Status.UNAUTHORIZED).build() : (Response) getGadgetRepresentation(dashboardId, gadgetId, gadgetRequestContext).map(new Function<GadgetRepresentation, Response>() { // from class: com.atlassian.gadgets.dashboard.internal.rest.GadgetResource.1
            @Override // com.google.common.base.Function
            public Response apply(GadgetRepresentation gadgetRepresentation) {
                return Response.ok().entity(function.apply(gadgetRepresentation)).build();
            }
        }).getOrElse((Maybe) Response.status(Response.Status.NOT_FOUND).build());
    }

    private Option<GadgetRepresentation> getGadgetRepresentation(DashboardId dashboardId, GadgetId gadgetId, GadgetRequestContext gadgetRequestContext) {
        Dashboard dashboard = this.repository.get(dashboardId, gadgetRequestContext);
        Gadget findGadget = dashboard.findGadget(gadgetId);
        if (findGadget == null) {
            return Option.none();
        }
        return this.representationFactory.createGadgetRepresentation(dashboardId, findGadget, gadgetRequestContext, this.permissionService.isWritableBy(dashboardId, gadgetRequestContext.getViewer()), dashboard.getGadgetColumn(gadgetId));
    }

    private Function<GadgetRepresentation, Object> fullGadgetRepresentation() {
        return new Function<GadgetRepresentation, Object>() { // from class: com.atlassian.gadgets.dashboard.internal.rest.GadgetResource.2
            @Override // com.google.common.base.Function
            public Object apply(GadgetRepresentation gadgetRepresentation) {
                return gadgetRepresentation;
            }
        };
    }

    private Function<GadgetRepresentation, Object> userPrefsRepresentation() {
        return new Function<GadgetRepresentation, Object>() { // from class: com.atlassian.gadgets.dashboard.internal.rest.GadgetResource.3
            @Override // com.google.common.base.Function
            public Object apply(GadgetRepresentation gadgetRepresentation) {
                return gadgetRepresentation.getUserPrefs();
            }
        };
    }

    @POST
    @AnonymousAllowed
    public Response deleteOrMoveGadgetViaPost(@HeaderParam("X-HTTP-Method-Override") String str, @PathParam("dashboardId") DashboardId dashboardId, @PathParam("gadgetId") GadgetId gadgetId, @Context HttpServletRequest httpServletRequest) {
        if (str != null && str.equalsIgnoreCase("DELETE")) {
            this.log.debug("GadgetResource: POST redirected to DELETE");
            return deleteGadget(dashboardId, gadgetId, httpServletRequest);
        }
        if (str == null || !str.equalsIgnoreCase("PUT")) {
            return Response.status(405).build();
        }
        this.log.debug("GadgetResource: POST redirected to PUT");
        return moveGadget(dashboardId, gadgetId, httpServletRequest);
    }

    @AnonymousAllowed
    @DELETE
    public Response deleteGadget(@PathParam("dashboardId") DashboardId dashboardId, @PathParam("gadgetId") GadgetId gadgetId, @Context HttpServletRequest httpServletRequest) {
        GadgetRequestContext gadgetRequestContext = this.gadgetRequestContextFactory.get(httpServletRequest);
        if (this.permissionService.isWritableBy(dashboardId, gadgetRequestContext.getViewer())) {
            return this.deleteGadgetHandler.deleteGadget(dashboardId, gadgetRequestContext, gadgetId);
        }
        this.log.warn("GadgetResource: DELETE: prevented gadget delete due to insufficient permission");
        return Response.status(Response.Status.UNAUTHORIZED).build();
    }

    @AnonymousAllowed
    @PUT
    public Response moveGadget(@PathParam("dashboardId") DashboardId dashboardId, @PathParam("gadgetId") GadgetId gadgetId, @Context HttpServletRequest httpServletRequest) {
        GadgetRequestContext gadgetRequestContext = this.gadgetRequestContextFactory.get(httpServletRequest);
        if (!this.permissionService.isWritableBy(dashboardId, gadgetRequestContext.getViewer())) {
            this.log.warn("GadgetResource: PUT: prevented gadget move due to insufficient permissions on target dashboard");
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        try {
            DashboardId findDashboardByGadgetId = this.repository.findDashboardByGadgetId(gadgetId);
            if (this.permissionService.isWritableBy(findDashboardByGadgetId, gadgetRequestContext.getViewer())) {
                return this.addGadgetHandler.moveGadget(dashboardId, gadgetId, findDashboardByGadgetId, DashboardState.ColumnIndex.ZERO, 0, gadgetRequestContext);
            }
            this.log.warn("GadgetResource: PUT: prevented gadget move due to insufficient permissions on source dashboard");
            return Response.status(Response.Status.UNAUTHORIZED).build();
        } catch (DashboardNotFoundException e) {
            this.log.error("DashboardResource: PUT: could not find a dashboard containing gadget " + gadgetId);
            return Response.status(Response.Status.BAD_REQUEST).type("text/plain").entity(this.i18n.getText("gadgetResource.error.moving.gadget", e.getMessage())).build();
        }
    }

    @Path("/color")
    @Consumes({"application/json"})
    @POST
    @AnonymousAllowed
    public Response changeGadgetColorViaPOST(@HeaderParam("X-HTTP-Method-Override") String str, @PathParam("dashboardId") DashboardId dashboardId, @PathParam("gadgetId") GadgetId gadgetId, @Context HttpServletRequest httpServletRequest, String str2) {
        if (!str.equalsIgnoreCase("PUT")) {
            return Response.status(405).build();
        }
        this.log.debug("GadgetResource: POST /color delegated to PUT");
        return changeGadgetColor(dashboardId, gadgetId, httpServletRequest, str2);
    }

    @Path("/color")
    @Consumes({"application/json"})
    @AnonymousAllowed
    @PUT
    public Response changeGadgetColor(@PathParam("dashboardId") DashboardId dashboardId, @PathParam("gadgetId") GadgetId gadgetId, @Context HttpServletRequest httpServletRequest, String str) {
        GadgetRequestContext gadgetRequestContext = this.gadgetRequestContextFactory.get(httpServletRequest);
        if (!this.permissionService.isWritableBy(dashboardId, gadgetRequestContext.getViewer())) {
            this.log.warn("GadgetResource: PUT: prevented gadget color change due to insufficient permission");
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        try {
            String str2 = null;
            try {
                str2 = new JSONObject(str).getString("color");
                Color valueOf = Color.valueOf(str2);
                this.log.debug("GadgetResource: PUT /color: dashboardId=" + dashboardId + " gadgetId=" + gadgetId + " color=" + valueOf);
                return this.changeGadgetColorHandler.setGadgetColor(dashboardId, gadgetRequestContext, gadgetId, valueOf);
            } catch (IllegalArgumentException e) {
                return invalidColor(str2);
            } catch (JSONException e2) {
                return invalidColor(str2);
            }
        } catch (JSONException e3) {
            return errorParsingJson(e3);
        }
    }

    private Response invalidColor(String str) {
        return Response.status(Response.Status.BAD_REQUEST).type("text/plain").entity(this.i18n.getText("gadgetResource.invalid.color", str, Arrays.toString(Color.values()))).build();
    }

    @Path("/prefs")
    @Consumes({"application/json"})
    @POST
    @AnonymousAllowed
    public Response updateUserPrefsViaPOST(@HeaderParam("X-HTTP-Method-Override") String str, @PathParam("dashboardId") DashboardId dashboardId, @PathParam("gadgetId") GadgetId gadgetId, @Context HttpServletRequest httpServletRequest, String str2) {
        if (!str.equalsIgnoreCase("PUT")) {
            return Response.status(405).build();
        }
        try {
            return updateUserPrefs(dashboardId, gadgetId, httpServletRequest, new JSONObject(str2));
        } catch (JSONException e) {
            return errorParsingJson(e);
        }
    }

    @Path("/prefs")
    @Consumes({"application/json"})
    @AnonymousAllowed
    @PUT
    public Response updateUserPrefsViaPUT(@PathParam("dashboardId") DashboardId dashboardId, @PathParam("gadgetId") GadgetId gadgetId, @Context HttpServletRequest httpServletRequest, String str) {
        try {
            return updateUserPrefs(dashboardId, gadgetId, httpServletRequest, new JSONObject(str));
        } catch (JSONException e) {
            return errorParsingJson(e);
        }
    }

    private Response updateUserPrefs(DashboardId dashboardId, GadgetId gadgetId, HttpServletRequest httpServletRequest, JSONObject jSONObject) {
        GadgetRequestContext gadgetRequestContext = this.gadgetRequestContextFactory.get(httpServletRequest);
        if (this.permissionService.isWritableBy(dashboardId, gadgetRequestContext.getViewer())) {
            this.log.debug("GadgetResource: update /prefs: dashboardId=" + dashboardId + " gadgetId=" + gadgetId);
            return this.updateGadgetUserPrefsHandler.updateUserPrefs(dashboardId, gadgetRequestContext, gadgetId, toMap(jSONObject));
        }
        this.log.warn("GadgetResource: prevented gadget prefs change due to insufficient permission");
        return Response.status(Response.Status.UNAUTHORIZED).build();
    }

    private Map<String, String> toMap(JSONObject jSONObject) {
        ImmutableMap.Builder builder = ImmutableMap.builder();
        Iterator keys = jSONObject.keys();
        while (keys.hasNext()) {
            String str = (String) keys.next();
            try {
                builder.put(str, jSONObject.getString(str));
            } catch (JSONException e) {
                throw new RuntimeException("key '" + str + "' not found in " + jSONObject);
            }
        }
        return builder.build();
    }

    private Response errorParsingJson(JSONException jSONException) {
        this.log.warn("GadgetResource: POST: error parsing json", jSONException);
        return Response.status(Response.Status.BAD_REQUEST).type("text/plain").entity(this.i18n.getText("dashboardResource.error.parsing.json", jSONException.getMessage())).build();
    }
}
