package io.gravitee.am.management.handlers.management.api.resources.organizations.environments.domains;

import io.gravitee.am.identityprovider.api.User;
import io.gravitee.am.management.handlers.management.api.resources.AbstractResource;
import io.gravitee.am.management.service.DomainService;
import io.gravitee.am.model.Acl;
import io.gravitee.am.model.Role;
import io.gravitee.am.model.common.Page;
import io.gravitee.am.model.permissions.Permission;
import io.gravitee.am.service.RoleService;
import io.gravitee.am.service.exception.DomainNotFoundException;
import io.gravitee.am.service.model.NewRole;
import io.reactivex.rxjava3.core.Maybe;
import io.reactivex.rxjava3.core.Single;
import io.reactivex.rxjava3.functions.Consumer;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotNull;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.DefaultValue;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.QueryParam;
import jakarta.ws.rs.container.AsyncResponse;
import jakarta.ws.rs.container.ResourceContext;
import jakarta.ws.rs.container.Suspended;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.Response;
import java.net.URI;
import java.util.Collection;
import java.util.Comparator;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import org.springframework.beans.factory.annotation.Autowired;

@Tag(name = "role")
/* loaded from: input_file:io/gravitee/am/management/handlers/management/api/resources/organizations/environments/domains/RolesResource.class */
public class RolesResource extends AbstractResource {
    private static final String MAX_ROLES_SIZE_PER_PAGE_STRING = "50";
    private static final int MAX_ROLES_SIZE_PER_PAGE = 50;

    @Context
    private ResourceContext resourceContext;

    @Autowired
    private RoleService roleService;

    @Autowired
    private DomainService domainService;

    /* loaded from: input_file:io/gravitee/am/management/handlers/management/api/resources/organizations/environments/domains/RolesResource$RolePage.class */
    public static final class RolePage extends Page<Role> {
        public RolePage(Collection<Role> collection, int i, long j) {
            super(collection, i, j);
        }
    }

    @Produces({"application/json"})
    @Operation(operationId = "findRoles", summary = "List registered roles for a security domain", description = "User must have the DOMAIN_ROLE[LIST] permission on the specified domain or DOMAIN_ROLE[LIST] permission on the specified environment or DOMAIN_ROLE[LIST] permission on the specified organization. Each returned role is filtered and contains only basic information such as id and name.")
    @GET
    @ApiResponses({@ApiResponse(responseCode = "200", description = "List registered roles for a security domain", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = RolePage.class))}), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void list(@PathParam("organizationId") String str, @PathParam("environmentId") String str2, @PathParam("domain") String str3, @QueryParam("page") @DefaultValue("0") int i, @QueryParam("size") @DefaultValue("50") int i2, @QueryParam("q") String str4, @Suspended AsyncResponse asyncResponse) {
        Maybe map = checkAnyPermission(str, str2, str3, Permission.DOMAIN_ROLE, Acl.LIST).andThen(this.domainService.findById(str3).switchIfEmpty(Maybe.error(new DomainNotFoundException(str3)))).flatMapSingle(domain -> {
            return searchRoles(str3, str4, i, i2);
        }).map(page -> {
            return new RolePage((List) page.getData().stream().map(this::filterRoleInfos).sorted(Comparator.comparing((v0) -> {
                return v0.getName();
            })).collect(Collectors.toList()), page.getCurrentPage(), page.getTotalCount());
        });
        Objects.requireNonNull(asyncResponse);
        Consumer consumer = (v1) -> {
            r1.resume(v1);
        };
        Objects.requireNonNull(asyncResponse);
        map.subscribe(consumer, asyncResponse::resume);
    }

    @Produces({"application/json"})
    @Operation(operationId = "createRole", summary = "Create a role", description = "User must have the DOMAIN_ROLE[CREATE] permission on the specified domain or DOMAIN_ROLE[CREATE] permission on the specified environment or DOMAIN_ROLE[CREATE] permission on the specified organization")
    @POST
    @Consumes({"application/json"})
    @ApiResponses({@ApiResponse(responseCode = "201", description = "Role successfully created", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = Role.class))}), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void create(@PathParam("organizationId") String str, @PathParam("environmentId") String str2, @PathParam("domain") String str3, @Parameter(name = "role", required = true) @Valid @NotNull NewRole newRole, @Suspended AsyncResponse asyncResponse) {
        User authenticatedUser = getAuthenticatedUser();
        Maybe andThen = checkAnyPermission(str, str2, str3, Permission.DOMAIN_ROLE, Acl.CREATE).andThen(this.domainService.findById(str3).switchIfEmpty(Maybe.error(new DomainNotFoundException(str3))).flatMapSingle(domain -> {
            return this.roleService.create(str3, newRole, authenticatedUser).map(role -> {
                return Response.created(URI.create("/organizations/" + str + "/environments/" + str2 + "/domains/" + str3 + "/roles/" + role.getId())).entity(role).build();
            });
        }));
        Objects.requireNonNull(asyncResponse);
        Consumer consumer = (v1) -> {
            r1.resume(v1);
        };
        Objects.requireNonNull(asyncResponse);
        andThen.subscribe(consumer, asyncResponse::resume);
    }

    @Path("{role}")
    public RoleResource getRoleResource() {
        return (RoleResource) this.resourceContext.getResource(RoleResource.class);
    }

    private Single<Page<Role>> searchRoles(String str, String str2, int i, int i2) {
        return str2 == null ? this.roleService.findByDomain(str, i, Math.min(MAX_ROLES_SIZE_PER_PAGE, i2)) : this.roleService.searchByDomain(str, str2, i, Math.min(MAX_ROLES_SIZE_PER_PAGE, i2));
    }

    private Role filterRoleInfos(Role role) {
        Role role2 = new Role();
        role2.setId(role.getId());
        role2.setName(role.getName());
        role2.setDescription(role.getDescription());
        return role2;
    }
}
