package io.gravitee.am.management.handlers.management.api.resources.organizations.environments.domains;

import io.gravitee.am.identityprovider.api.User;
import io.gravitee.am.management.handlers.management.api.model.MembershipListItem;
import io.gravitee.am.management.handlers.management.api.resources.AbstractResource;
import io.gravitee.am.model.Acl;
import io.gravitee.am.model.Membership;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.permissions.Permission;
import io.gravitee.am.service.ApplicationService;
import io.gravitee.am.service.DomainService;
import io.gravitee.am.service.MembershipService;
import io.gravitee.am.service.exception.ApplicationNotFoundException;
import io.gravitee.am.service.exception.DomainNotFoundException;
import io.gravitee.am.service.model.NewMembership;
import io.reactivex.rxjava3.core.Maybe;
import io.reactivex.rxjava3.core.Single;
import io.reactivex.rxjava3.functions.Consumer;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotNull;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.container.AsyncResponse;
import jakarta.ws.rs.container.ResourceContext;
import jakarta.ws.rs.container.Suspended;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.Response;
import java.net.URI;
import java.util.List;
import java.util.Objects;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:io/gravitee/am/management/handlers/management/api/resources/organizations/environments/domains/ApplicationMembersResource.class */
public class ApplicationMembersResource extends AbstractResource {

    @Context
    private ResourceContext resourceContext;

    @Autowired
    private DomainService domainService;

    @Autowired
    private MembershipService membershipService;

    @Autowired
    private ApplicationService applicationService;

    @Produces({"application/json"})
    @Operation(summary = "List members for an application", description = "User must have APPLICATION_MEMBER[LIST] permission on the specified application or APPLICATION_MEMBER[LIST] permission on the specified domain or APPLICATION_MEMBER[LIST] permission on the specified environment or APPLICATION_MEMBER[LIST] permission on the specified organization")
    @GET
    @ApiResponses({@ApiResponse(responseCode = "200", description = "List members for an application", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = MembershipListItem.class))}), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void getMembers(@PathParam("organizationId") String str, @PathParam("environmentId") String str2, @PathParam("domain") String str3, @PathParam("application") String str4, @Suspended AsyncResponse asyncResponse) {
        Single andThen = checkAnyPermission(str, str2, str3, str4, Permission.APPLICATION_MEMBER, Acl.LIST).andThen(this.domainService.findById(str3).switchIfEmpty(Maybe.error(new DomainNotFoundException(str3))).flatMap(domain -> {
            return this.applicationService.findById(str4);
        }).switchIfEmpty(Single.error(new ApplicationNotFoundException(str4))).flatMap(application -> {
            return this.membershipService.findByReference(application.getId(), ReferenceType.APPLICATION).toList();
        }).flatMap(list -> {
            return this.membershipService.getMetadata(list).map(map -> {
                return new MembershipListItem(list, map);
            });
        }));
        Objects.requireNonNull(asyncResponse);
        Consumer consumer = (v1) -> {
            r1.resume(v1);
        };
        Objects.requireNonNull(asyncResponse);
        andThen.subscribe(consumer, asyncResponse::resume);
    }

    @Produces({"application/json"})
    @Operation(summary = "Add or update an application member", description = "User must have APPLICATION_MEMBER[CREATE] permission on the specified application or APPLICATION_MEMBER[CREATE] permission on the specified domain or APPLICATION_MEMBER[CREATE] permission on the specified environment or APPLICATION_MEMBER[CREATE] permission on the specified organization")
    @POST
    @Consumes({"application/json"})
    @ApiResponses({@ApiResponse(responseCode = "201", description = "Member has been added or updated successfully"), @ApiResponse(responseCode = "400", description = "Membership parameter is not valid"), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void addOrUpdateMember(@PathParam("organizationId") String str, @PathParam("environmentId") String str2, @PathParam("domain") String str3, @PathParam("application") String str4, @Valid @NotNull NewMembership newMembership, @Suspended AsyncResponse asyncResponse) {
        User authenticatedUser = getAuthenticatedUser();
        Membership convert = convert(newMembership);
        convert.setDomain(str3);
        convert.setReferenceId(str4);
        convert.setReferenceType(ReferenceType.APPLICATION);
        Single andThen = checkAnyPermission(str, str2, str3, str4, Permission.APPLICATION_MEMBER, Acl.CREATE).andThen(this.domainService.findById(str3).switchIfEmpty(Maybe.error(new DomainNotFoundException(str3))).flatMap(domain -> {
            return this.applicationService.findById(str4);
        }).switchIfEmpty(Single.error(new ApplicationNotFoundException(str4))).flatMap(application -> {
            return this.membershipService.addOrUpdate(str, convert, authenticatedUser);
        }).flatMap(membership -> {
            return this.membershipService.addDomainUserRoleIfNecessary(str, str2, str3, newMembership, authenticatedUser).andThen(Single.just(Response.created(URI.create("/organizations/" + str + "/environments/" + str2 + "/domains/" + str3 + "/applications/" + str4 + "/members/" + membership.getId())).entity(membership).build()));
        }));
        Objects.requireNonNull(asyncResponse);
        Consumer consumer = (v1) -> {
            r1.resume(v1);
        };
        Objects.requireNonNull(asyncResponse);
        andThen.subscribe(consumer, asyncResponse::resume);
    }

    @Produces({"application/json"})
    @Operation(summary = "List application member's permissions", description = "User must have APPLICATION[READ] permission on the specified application or APPLICATION[READ] permission on the specified domain or APPLICATION[READ] permission on the specified environment or APPLICATION[READ] permission on the specified organization")
    @GET
    @Path("permissions")
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Application member's permissions", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = List.class))}), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void permissions(@PathParam("organizationId") String str, @PathParam("environmentId") String str2, @PathParam("domain") String str3, @PathParam("application") String str4, @Suspended AsyncResponse asyncResponse) {
        Single andThen = checkAnyPermission(str, str2, str3, str4, Permission.APPLICATION, Acl.READ).andThen(this.permissionService.findAllPermissions(getAuthenticatedUser(), ReferenceType.APPLICATION, str4).map(Permission::flatten));
        Objects.requireNonNull(asyncResponse);
        Consumer consumer = (v1) -> {
            r1.resume(v1);
        };
        Objects.requireNonNull(asyncResponse);
        andThen.subscribe(consumer, asyncResponse::resume);
    }

    @Path("{member}")
    public ApplicationMemberResource getMemberResource() {
        return (ApplicationMemberResource) this.resourceContext.getResource(ApplicationMemberResource.class);
    }

    private Membership convert(NewMembership newMembership) {
        Membership membership = new Membership();
        membership.setMemberId(newMembership.getMemberId());
        membership.setMemberType(newMembership.getMemberType());
        membership.setRoleId(newMembership.getRole());
        return membership;
    }
}
