package org.overlord.apiman.dt.api.rest.impl;

import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.TreeMap;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import org.overlord.apiman.dt.api.beans.idm.GrantRolesBean;
import org.overlord.apiman.dt.api.beans.idm.PermissionType;
import org.overlord.apiman.dt.api.beans.idm.RoleBean;
import org.overlord.apiman.dt.api.beans.idm.RoleMembershipBean;
import org.overlord.apiman.dt.api.beans.idm.UserBean;
import org.overlord.apiman.dt.api.beans.members.MemberBean;
import org.overlord.apiman.dt.api.beans.members.MemberRoleBean;
import org.overlord.apiman.dt.api.core.IIdmStorage;
import org.overlord.apiman.dt.api.core.IStorage;
import org.overlord.apiman.dt.api.core.exceptions.AlreadyExistsException;
import org.overlord.apiman.dt.api.core.exceptions.DoesNotExistException;
import org.overlord.apiman.dt.api.core.exceptions.StorageException;
import org.overlord.apiman.dt.api.rest.contract.IMemberResource;
import org.overlord.apiman.dt.api.rest.contract.IOrganizationResource;
import org.overlord.apiman.dt.api.rest.contract.IRoleResource;
import org.overlord.apiman.dt.api.rest.contract.IUserResource;
import org.overlord.apiman.dt.api.rest.contract.exceptions.NotAuthorizedException;
import org.overlord.apiman.dt.api.rest.contract.exceptions.OrganizationNotFoundException;
import org.overlord.apiman.dt.api.rest.contract.exceptions.RoleNotFoundException;
import org.overlord.apiman.dt.api.rest.contract.exceptions.SystemErrorException;
import org.overlord.apiman.dt.api.rest.contract.exceptions.UserNotFoundException;
import org.overlord.apiman.dt.api.rest.impl.util.ExceptionFactory;
import org.overlord.apiman.dt.api.security.ISecurityContext;

@ApplicationScoped
/* loaded from: input_file:WEB-INF/lib/apiman-dt-api-rest-impl-1.0.0.Alpha1.jar:org/overlord/apiman/dt/api/rest/impl/MemberResourceImpl.class */
public class MemberResourceImpl implements IMemberResource {

    @Inject
    IStorage storage;

    @Inject
    IIdmStorage idmStorage;

    @Inject
    IOrganizationResource orgs;

    @Inject
    IUserResource users;

    @Inject
    IRoleResource roles;

    @Inject
    ISecurityContext securityContext;

    @Override // org.overlord.apiman.dt.api.rest.contract.IMemberResource
    public void grant(String str, GrantRolesBean grantRolesBean) throws OrganizationNotFoundException, RoleNotFoundException, UserNotFoundException, NotAuthorizedException {
        if (!this.securityContext.hasPermission(PermissionType.orgEdit, str)) {
            throw ExceptionFactory.notAuthorizedException();
        }
        this.orgs.get(str);
        this.users.get(grantRolesBean.getUserId());
        Iterator<String> it = grantRolesBean.getRoleIds().iterator();
        while (it.hasNext()) {
            this.roles.get(it.next());
        }
        try {
            Iterator<String> it2 = grantRolesBean.getRoleIds().iterator();
            while (it2.hasNext()) {
                RoleMembershipBean create = RoleMembershipBean.create(grantRolesBean.getUserId(), it2.next(), str);
                create.setCreatedOn(new Date());
                this.idmStorage.createMembership(create);
            }
        } catch (AlreadyExistsException e) {
        } catch (StorageException e2) {
            throw new SystemErrorException(e2);
        }
    }

    @Override // org.overlord.apiman.dt.api.rest.contract.IMemberResource
    public void revoke(String str, String str2, String str3) throws OrganizationNotFoundException, RoleNotFoundException, UserNotFoundException, NotAuthorizedException {
        if (!this.securityContext.hasPermission(PermissionType.orgEdit, str)) {
            throw ExceptionFactory.notAuthorizedException();
        }
        this.orgs.get(str);
        this.users.get(str3);
        this.roles.get(str2);
        try {
            this.idmStorage.deleteMembership(str3, str2, str);
        } catch (DoesNotExistException e) {
        } catch (StorageException e2) {
            throw new SystemErrorException(e2);
        }
    }

    @Override // org.overlord.apiman.dt.api.rest.contract.IMemberResource
    public void revokeAll(String str, String str2) throws OrganizationNotFoundException, RoleNotFoundException, UserNotFoundException, NotAuthorizedException {
        if (!this.securityContext.hasPermission(PermissionType.orgEdit, str)) {
            throw ExceptionFactory.notAuthorizedException();
        }
        this.orgs.get(str);
        this.users.get(str2);
        try {
            this.idmStorage.deleteMemberships(str2, str);
        } catch (DoesNotExistException e) {
        } catch (StorageException e2) {
            throw new SystemErrorException(e2);
        }
    }

    @Override // org.overlord.apiman.dt.api.rest.contract.IMemberResource
    public List<MemberBean> listMembers(String str) throws OrganizationNotFoundException, NotAuthorizedException {
        if (!this.securityContext.hasPermission(PermissionType.orgView, str)) {
            throw ExceptionFactory.notAuthorizedException();
        }
        this.orgs.get(str);
        try {
            Set<RoleMembershipBean> orgMemberships = this.idmStorage.getOrgMemberships(str);
            TreeMap treeMap = new TreeMap();
            for (RoleMembershipBean roleMembershipBean : orgMemberships) {
                String userId = roleMembershipBean.getUserId();
                MemberBean memberBean = (MemberBean) treeMap.get(userId);
                if (memberBean == null) {
                    UserBean user = this.idmStorage.getUser(userId);
                    memberBean = new MemberBean();
                    memberBean.setEmail(user.getEmail());
                    memberBean.setUserId(userId);
                    memberBean.setUserName(user.getFullName());
                    memberBean.setRoles(new ArrayList());
                    treeMap.put(userId, memberBean);
                }
                String roleId = roleMembershipBean.getRoleId();
                RoleBean role = this.idmStorage.getRole(roleId);
                MemberRoleBean memberRoleBean = new MemberRoleBean();
                memberRoleBean.setRoleId(roleId);
                memberRoleBean.setRoleName(role.getName());
                memberBean.getRoles().add(memberRoleBean);
                if (memberBean.getJoinedOn() == null || roleMembershipBean.getCreatedOn().compareTo(memberBean.getJoinedOn()) < 0) {
                    memberBean.setJoinedOn(roleMembershipBean.getCreatedOn());
                }
            }
            return new ArrayList(treeMap.values());
        } catch (StorageException e) {
            throw new SystemErrorException(e);
        }
    }
}
