package io.opencmw.server.rest.admin;

import io.javalin.apibuilder.ApiBuilder;
import io.javalin.http.Handler;
import io.javalin.plugin.openapi.annotations.OpenApi;
import io.javalin.plugin.openapi.annotations.OpenApiContent;
import io.javalin.plugin.openapi.annotations.OpenApiResponse;
import io.opencmw.rbac.BasicRbacRole;
import io.opencmw.server.rest.RestRole;
import io.opencmw.server.rest.RestServer;
import io.opencmw.server.rest.login.LoginController;
import io.opencmw.server.rest.user.RestUserHandler;
import io.opencmw.server.rest.util.MessageBundle;
import java.util.Collections;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/opencmw/server/rest/admin/RestServerAdmin.class */
public class RestServerAdmin {
    private static final String ENDPOINT_ADMIN = "/admin";
    private static final String TEMPLATE_ADMIN = "/velocity/admin/admin.vm";
    private static final Logger LOGGER = LoggerFactory.getLogger(RestServerAdmin.class);

    @OpenApi(description = "endpoint to receive admin requests", operationId = "serveAdminPage", summary = "serve ", tags = {"RestServerAdmin"}, responses = {@OpenApiResponse(status = "200", content = {@OpenApiContent(type = "text/html")})})
    private static final Handler serveAdminPage = context -> {
        String sessionCurrentUser = LoginController.getSessionCurrentUser(context);
        if (!LoginController.getSessionCurrentRoles(context).contains(BasicRbacRole.ADMIN)) {
            LOGGER.atWarn().addArgument(sessionCurrentUser).log("user '{}' does not have the required admin access rights");
            context.status(401).result("admin access denied");
            return;
        }
        RestUserHandler userHandler = RestServer.getUserHandler();
        Map<String, Object> baseModel = MessageBundle.baseModel(context);
        baseModel.put("userHandler", userHandler);
        baseModel.put("users", userHandler.getAllUserNames());
        baseModel.put("endpoints", RestServer.getEndpoints());
        context.render(TEMPLATE_ADMIN, baseModel);
    };

    @OpenApi(description = "endpoint to receive admin requests", operationId = "handleAdminPost", summary = "POST ", tags = {"RestServerAdmin"}, responses = {@OpenApiResponse(status = "200", content = {@OpenApiContent(type = "text/html")})})
    private static final Handler handleAdminPost = context -> {
        String sessionCurrentUser = LoginController.getSessionCurrentUser(context);
        if (LoginController.getSessionCurrentRoles(context).contains(BasicRbacRole.ADMIN)) {
            context.render(TEMPLATE_ADMIN, MessageBundle.baseModel(context));
        } else {
            LOGGER.atWarn().addArgument(sessionCurrentUser).log("user '{}' does not have the required admin access rights");
            context.status(401).result("admin access denied");
        }
    };

    public static void register() {
        RestServer.getInstance().routes(() -> {
            ApiBuilder.post(ENDPOINT_ADMIN, handleAdminPost, Collections.singleton(new RestRole(BasicRbacRole.ADMIN)));
            ApiBuilder.get(ENDPOINT_ADMIN, serveAdminPage, Collections.singleton(new RestRole(BasicRbacRole.ADMIN)));
        });
    }
}
