package org.sonar.server.usertoken.ws;

import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.server.user.UserSession;
import org.sonar.server.user.index.UserIndexDefinition;
import org.sonarqube.ws.client.usertoken.RevokeWsRequest;

/* loaded from: input_file:org/sonar/server/usertoken/ws/RevokeAction.class */
public class RevokeAction implements UserTokensWsAction {
    private final DbClient dbClient;
    private final UserSession userSession;

    public RevokeAction(DbClient dbClient, UserSession userSession) {
        this.dbClient = dbClient;
        this.userSession = userSession;
    }

    public void define(WebService.NewController newController) {
        WebService.NewAction handler = newController.createAction("revoke").setDescription("Revoke a user access token. <br/>If the login is set, it requires administration permissions. Otherwise, a token is generated for the authenticated user.").setSince("5.3").setPost(true).setHandler(this);
        handler.createParam(UserIndexDefinition.FIELD_LOGIN).setDescription("User login").setExampleValue("g.hopper");
        handler.createParam("name").setRequired(true).setDescription("Token name").setExampleValue("Project scan on Travis");
    }

    public void handle(Request request, Response response) throws Exception {
        doHandle(toRevokeWsRequest(request));
        response.noContent();
    }

    private void doHandle(RevokeWsRequest revokeWsRequest) {
        TokenPermissionsValidator.validate(this.userSession, revokeWsRequest.getLogin());
        DbSession openSession = this.dbClient.openSession(false);
        try {
            this.dbClient.userTokenDao().deleteByLoginAndName(openSession, revokeWsRequest.getLogin(), revokeWsRequest.getName());
            openSession.commit();
        } finally {
            this.dbClient.closeSession(openSession);
        }
    }

    private RevokeWsRequest toRevokeWsRequest(Request request) {
        RevokeWsRequest name = new RevokeWsRequest().setLogin(request.param(UserIndexDefinition.FIELD_LOGIN)).setName(request.mandatoryParam("name"));
        if (name.getLogin() == null) {
            name.setLogin(this.userSession.getLogin());
        }
        return name;
    }
}
