package org.trustedanalytics.usermanagement.invitations.rest;

import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import java.util.Set;
import org.apache.xalan.xsltc.compiler.Constants;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import org.trustedanalytics.usermanagement.invitations.InvitationNotSentException;
import org.trustedanalytics.usermanagement.invitations.UserExistsException;
import org.trustedanalytics.usermanagement.invitations.model.Invitation;
import org.trustedanalytics.usermanagement.invitations.model.InvitationErrorDescription;
import org.trustedanalytics.usermanagement.invitations.service.AccessInvitationsService;
import org.trustedanalytics.usermanagement.invitations.service.InvitationsService;
import org.trustedanalytics.usermanagement.orgs.mocks.OrgResourceMock;
import org.trustedanalytics.usermanagement.security.service.UserDetailsFinder;
import org.trustedanalytics.usermanagement.users.BlacklistEmailValidator;
import org.trustedanalytics.usermanagement.users.model.UserRole;

@RequestMapping({"/rest/invitations"})
@ControllerAdvice
@RestController
/* loaded from: input_file:org/trustedanalytics/usermanagement/invitations/rest/InvitationsController.class */
public class InvitationsController {
    public static final String IS_ADMIN_CONDITION = "hasRole('tap.admin')";
    public static final String RESEND_INVITATION_URL = "/{email}/resend";
    public static final String DELETE_INVITATION_URL = "/{email:.+}";
    private final InvitationsService invitationsService;
    private final AccessInvitationsService accessInvitationsService;
    private final UserDetailsFinder detailsFinder;
    private final BlacklistEmailValidator emailValidator;
    private final OrgResourceMock orgResourceMock;

    @Autowired
    public InvitationsController(InvitationsService invitationsService, UserDetailsFinder userDetailsFinder, AccessInvitationsService accessInvitationsService, BlacklistEmailValidator blacklistEmailValidator, OrgResourceMock orgResourceMock) {
        this.invitationsService = invitationsService;
        this.detailsFinder = userDetailsFinder;
        this.accessInvitationsService = accessInvitationsService;
        this.emailValidator = blacklistEmailValidator;
        this.orgResourceMock = orgResourceMock;
    }

    @ApiResponses({@ApiResponse(code = 201, message = "OK", response = InvitationErrorDescription.class), @ApiResponse(code = 409, message = "Invalid email format."), @ApiResponse(code = 409, message = "User already exists."), @ApiResponse(code = 500, message = "Internal server error, e.g. error connecting to CloudController")})
    @RequestMapping(method = {RequestMethod.POST})
    @ApiOperation(value = "Add a new invitation for email.", notes = "Privilege level: Consumer of this endpoint must have a valid token containing console.admin scope")
    @PreAuthorize(IS_ADMIN_CONDITION)
    @ResponseStatus(HttpStatus.CREATED)
    public InvitationErrorDescription addInvitation(@RequestBody Invitation invitation, @ApiParam(hidden = true) Authentication authentication) {
        String email = invitation.getEmail();
        this.emailValidator.validate(email);
        if (this.invitationsService.userExists(email)) {
            throw new UserExistsException(String.format("User %s already exists", email));
        }
        return (InvitationErrorDescription) this.accessInvitationsService.getAccessInvitations(email).map(accessInvitations -> {
            this.accessInvitationsService.updateAccessInvitation(email, accessInvitations);
            return new InvitationErrorDescription(InvitationErrorDescription.State.UPDATED, "Updated pending invitation");
        }).orElseGet(() -> {
            String sendInviteEmail = this.invitationsService.sendInviteEmail(email, this.detailsFinder.findUserName(authentication));
            this.accessInvitationsService.createOrUpdateInvitation(email, accessInvitations2 -> {
                accessInvitations2.addOrgAccessInvitation(this.orgResourceMock.get().getGuid(), UserRole.USER);
            });
            return new InvitationErrorDescription(InvitationErrorDescription.State.NEW, sendInviteEmail);
        });
    }

    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = Constants.STRING_SIG, responseContainer = "List"), @ApiResponse(code = 500, message = "Internal server error, e.g. error connecting to CloudController")})
    @RequestMapping(method = {RequestMethod.GET})
    @ApiOperation(value = "Get pending invitations.", notes = "Privilege level: Consumer of this endpoint must have a valid token containing console.admin scope ")
    @PreAuthorize(IS_ADMIN_CONDITION)
    public Set<String> getPendingInvitations() {
        return this.invitationsService.getPendingInvitationsEmails();
    }

    @ApiResponses({@ApiResponse(code = 200, message = "OK"), @ApiResponse(code = 404, message = "Invitation not found."), @ApiResponse(code = 500, message = "Internal server error, e.g. error connecting to CloudController")})
    @RequestMapping(value = {RESEND_INVITATION_URL}, method = {RequestMethod.POST})
    @ApiOperation(value = "Resend invitation to the email.", notes = "Privilege level: Consumer of this endpoint must have a valid token containing console.admin scope ")
    @PreAuthorize(IS_ADMIN_CONDITION)
    public void resendInvitation(@PathVariable("email") String str, @ApiParam(hidden = true) Authentication authentication) {
        this.invitationsService.resendInviteEmail(str, this.detailsFinder.findUserName(authentication));
    }

    @ApiResponses({@ApiResponse(code = 204, message = "OK"), @ApiResponse(code = 404, message = "Invitation not found."), @ApiResponse(code = 500, message = "Internal server error, e.g. error connecting to CloudController")})
    @RequestMapping(value = {DELETE_INVITATION_URL}, method = {RequestMethod.DELETE})
    @ApiOperation(value = "Delete an invitation.", notes = "Privilege level: Consumer of this endpoint must have a valid token containing console.admin scope ")
    @PreAuthorize(IS_ADMIN_CONDITION)
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void deleteInvitation(@PathVariable("email") String str) {
        this.invitationsService.deleteInvitation(str);
    }

    @ExceptionHandler({InvitationNotSentException.class})
    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
    protected InvitationErrorDescription invitationNotSend(InvitationNotSentException invitationNotSentException) {
        return new InvitationErrorDescription(InvitationErrorDescription.State.ERROR, invitationNotSentException.getInvContent());
    }
}
