package org.opendaylight.controller.usermanager.northbound;

import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriInfo;
import org.codehaus.enunciate.jaxrs.ResponseCode;
import org.codehaus.enunciate.jaxrs.StatusCodes;
import org.codehaus.enunciate.jaxrs.TypeHint;
import org.opendaylight.controller.northbound.commons.RestMessages;
import org.opendaylight.controller.northbound.commons.exception.BadRequestException;
import org.opendaylight.controller.northbound.commons.exception.ResourceConflictException;
import org.opendaylight.controller.northbound.commons.exception.ServiceUnavailableException;
import org.opendaylight.controller.northbound.commons.exception.UnauthorizedException;
import org.opendaylight.controller.northbound.commons.utils.NorthboundUtils;
import org.opendaylight.controller.sal.authorization.UserLevel;
import org.opendaylight.controller.sal.utils.ServiceHelper;
import org.opendaylight.controller.sal.utils.Status;
import org.opendaylight.controller.usermanager.IUserManager;
import org.opendaylight.controller.usermanager.UserConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/")
/* loaded from: input_file:org/opendaylight/controller/usermanager/northbound/UserManagerNorthbound.class */
public class UserManagerNorthbound {
    protected static final Logger logger = LoggerFactory.getLogger(UserManagerNorthbound.class);
    private String username;

    @Context
    UriInfo uriInfo;

    @Context
    public void setSecurityContext(SecurityContext securityContext) {
        if (securityContext == null || securityContext.getUserPrincipal() == null) {
            return;
        }
        this.username = securityContext.getUserPrincipal().getName();
    }

    protected String getUserName() {
        return this.username;
    }

    private void handleNameMismatch(String str, String str2) {
        if (str == null || str2 == null) {
            throw new BadRequestException(RestMessages.INVALIDDATA.toString() + " : Name is null");
        }
        if (!str.equals(str2)) {
            throw new ResourceConflictException(RestMessages.INVALIDDATA.toString() + " : Name in URL does not match the name in request body");
        }
    }

    @Path("/users")
    @Consumes({"application/json", "application/xml"})
    @POST
    @StatusCodes({@ResponseCode(code = 201, condition = "User created successfully"), @ResponseCode(code = 400, condition = "Invalid data passed"), @ResponseCode(code = 401, condition = "User not authorized to perform this operation"), @ResponseCode(code = 409, condition = "User name in url conflicts with name in request body"), @ResponseCode(code = 404, condition = "User config is null"), @ResponseCode(code = 500, condition = "Internal Server Error: Addition of user failed"), @ResponseCode(code = 503, condition = "Service unavailable")})
    public Response addLocalUser(@TypeHint(UserConfig.class) UserConfig userConfig) {
        if (!isAdminUser()) {
            throw new UnauthorizedException("User is not authorized to perform user management operations ");
        }
        UserConfig userConfig2 = new UserConfig(userConfig.getUser(), userConfig.getPassword(), userConfig.getRoles());
        IUserManager iUserManager = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
        if (iUserManager == null) {
            throw new ServiceUnavailableException("UserManager " + RestMessages.SERVICEUNAVAILABLE.toString());
        }
        Status addLocalUser = iUserManager.addLocalUser(userConfig2);
        if (!addLocalUser.isSuccess()) {
            return NorthboundUtils.getResponse(addLocalUser);
        }
        NorthboundUtils.auditlog("User", this.username, "added", userConfig2.getUser());
        return Response.created(this.uriInfo.getAbsolutePathBuilder().path("/" + userConfig2.getUser()).build(new Object[0])).build();
    }

    @Path("/users/{userName}")
    @StatusCodes({@ResponseCode(code = 204, condition = "User Deleted Successfully"), @ResponseCode(code = 401, condition = "User not authorized to perform this operation"), @ResponseCode(code = 404, condition = "The userName passed was not found"), @ResponseCode(code = 500, condition = "Internal Server Error : Removal of user failed"), @ResponseCode(code = 503, condition = "Service unavailable")})
    @DELETE
    public Response removeLocalUser(@PathParam("userName") String str) {
        if (!isAdminUser()) {
            throw new UnauthorizedException("User is not authorized to perform user management operations ");
        }
        IUserManager iUserManager = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
        if (iUserManager == null) {
            throw new ServiceUnavailableException("UserManager " + RestMessages.SERVICEUNAVAILABLE.toString());
        }
        Status removeLocalUser = iUserManager.removeLocalUser(str);
        if (!removeLocalUser.isSuccess()) {
            return NorthboundUtils.getResponse(removeLocalUser);
        }
        NorthboundUtils.auditlog("User", this.username, "removed", str);
        return Response.noContent().build();
    }

    private boolean isAdminUser() {
        return ((IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this)).getUserLevel(getUserName()).ordinal() <= UserLevel.NETWORKADMIN.ordinal();
    }
}
