package io.apicurio.registry.rest.v2;

import io.apicurio.registry.auth.AdminOverride;
import io.apicurio.registry.auth.AuthConfig;
import io.apicurio.registry.auth.Authorized;
import io.apicurio.registry.auth.AuthorizedLevel;
import io.apicurio.registry.auth.AuthorizedStyle;
import io.apicurio.registry.auth.RoleBasedAccessController;
import io.apicurio.registry.logging.Logged;
import io.apicurio.registry.metrics.health.liveness.ResponseErrorLivenessCheck;
import io.apicurio.registry.metrics.health.readiness.ResponseTimeoutReadinessCheck;
import io.apicurio.registry.rest.v2.beans.UserInfo;
import io.quarkus.security.identity.SecurityIdentity;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.interceptor.Interceptors;
import org.slf4j.Logger;

@ApplicationScoped
@Interceptors({ResponseErrorLivenessCheck.class, ResponseTimeoutReadinessCheck.class})
@Logged
/* loaded from: input_file:io/apicurio/registry/rest/v2/UsersResourceImpl.class */
public class UsersResourceImpl implements UsersResource {

    @Inject
    Logger log;

    @Inject
    AuthConfig authConfig;

    @Inject
    SecurityIdentity securityIdentity;

    @Inject
    RoleBasedAccessController rbac;

    @Inject
    AdminOverride adminOverride;

    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.None)
    public UserInfo getCurrentUserInfo() {
        UserInfo userInfo = new UserInfo();
        userInfo.setUsername(this.securityIdentity.getPrincipal().getName());
        userInfo.setDisplayName(this.securityIdentity.getPrincipal().getName());
        if (this.authConfig.isRbacEnabled()) {
            userInfo.setAdmin(Boolean.valueOf(this.rbac.isAdmin()));
            userInfo.setDeveloper(Boolean.valueOf(this.rbac.isDeveloper()));
            userInfo.setViewer(Boolean.valueOf(this.rbac.isReadOnly()));
        } else {
            userInfo.setAdmin(true);
            userInfo.setDeveloper(false);
            userInfo.setViewer(false);
        }
        if (this.authConfig.isAdminOverrideEnabled() && this.adminOverride.isAdmin()) {
            userInfo.setAdmin(true);
        }
        if (this.securityIdentity.isAnonymous() && this.authConfig.isAnonymousReadsEnabled()) {
            userInfo.setViewer(true);
        }
        if (!this.securityIdentity.isAnonymous() && this.authConfig.isAuthenticatedReadsEnabled()) {
            userInfo.setViewer(true);
        }
        return userInfo;
    }
}
