package org.sonatype.nexus.security.privilege.rest;

import com.google.common.base.Preconditions;
import java.util.Map;
import javax.ws.rs.core.Response;
import org.sonatype.goodies.common.ComponentSupport;
import org.sonatype.nexus.rest.WebApplicationMessageException;
import org.sonatype.nexus.security.SecuritySystem;
import org.sonatype.nexus.security.authz.AuthorizationManager;
import org.sonatype.nexus.security.authz.NoSuchAuthorizationManagerException;
import org.sonatype.nexus.security.privilege.DuplicatePrivilegeException;
import org.sonatype.nexus.security.privilege.NoSuchPrivilegeException;
import org.sonatype.nexus.security.privilege.Privilege;
import org.sonatype.nexus.security.privilege.PrivilegeDescriptor;
import org.sonatype.nexus.security.privilege.ReadonlyPrivilegeException;

/* loaded from: input_file:org/sonatype/nexus/security/privilege/rest/PrivilegeApiResourceSupport.class */
public abstract class PrivilegeApiResourceSupport extends ComponentSupport {
    public static final String PRIV_NOT_FOUND = "\"Privilege '%s' not found.\"";
    public static final String PRIV_INTERNAL = "\"Privilege '%s' is internal and cannot be modified or deleted.\"";
    public static final String PRIV_UNIQUE = "\"Privilege '%s' already exists, use a unique name.\"";
    public static final String PRIV_CONFLICT = "\"The privilege name '%s' does not match the name used in the path '%s'.\"";
    private final SecuritySystem securitySystem;
    private final Map<String, PrivilegeDescriptor> privilegeDescriptors;

    public PrivilegeApiResourceSupport(SecuritySystem securitySystem, Map<String, PrivilegeDescriptor> map) {
        this.securitySystem = (SecuritySystem) Preconditions.checkNotNull(securitySystem);
        this.privilegeDescriptors = (Map) Preconditions.checkNotNull(map);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Response doCreate(String str, ApiPrivilegeRequest apiPrivilegeRequest) {
        try {
            this.privilegeDescriptors.get(str).validate(apiPrivilegeRequest);
            getDefaultAuthorizationManager().addPrivilege(apiPrivilegeRequest.asPrivilege());
            return Response.status(Response.Status.CREATED).build();
        } catch (DuplicatePrivilegeException e) {
            this.log.debug("Attempt to create privilege '{}' failed, the name is already in use.", apiPrivilegeRequest.getName(), e);
            throw new WebApplicationMessageException(Response.Status.BAD_REQUEST, String.format(PRIV_UNIQUE, apiPrivilegeRequest.getName()), "application/json");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doUpdate(String str, String str2, ApiPrivilegeRequest apiPrivilegeRequest) {
        try {
            if (!apiPrivilegeRequest.getName().equals(str)) {
                throw new WebApplicationMessageException(Response.Status.CONFLICT, String.format(PRIV_CONFLICT, apiPrivilegeRequest.getName(), str), "application/json");
            }
            this.privilegeDescriptors.get(str2).validate(apiPrivilegeRequest);
            AuthorizationManager defaultAuthorizationManager = getDefaultAuthorizationManager();
            Privilege privilege = defaultAuthorizationManager.getPrivilege(str);
            Privilege asPrivilege = apiPrivilegeRequest.asPrivilege();
            privilege.setDescription(asPrivilege.getDescription());
            privilege.setProperties(asPrivilege.getProperties());
            defaultAuthorizationManager.updatePrivilege(privilege);
        } catch (NoSuchPrivilegeException e) {
            this.log.debug("Attempt to update privilege '{}' failed, as it wasn't found in the system.", str, e);
            throw new WebApplicationMessageException(Response.Status.NOT_FOUND, String.format(PRIV_NOT_FOUND, str), "application/json");
        } catch (ReadonlyPrivilegeException e2) {
            this.log.debug("Attempt to update internal privilege '{}' failed.", str, e2);
            throw new WebApplicationMessageException(Response.Status.BAD_REQUEST, String.format(PRIV_INTERNAL, str), "application/json");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ApiPrivilege toApiPrivilege(Privilege privilege) {
        PrivilegeDescriptor privilegeDescriptor;
        if (privilege == null || (privilegeDescriptor = this.privilegeDescriptors.get(privilege.getType())) == null) {
            return null;
        }
        return privilegeDescriptor.createApiPrivilegeImpl(privilege);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SecuritySystem getSecuritySystem() {
        return this.securitySystem;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthorizationManager getDefaultAuthorizationManager() {
        try {
            return this.securitySystem.getAuthorizationManager("default");
        } catch (NoSuchAuthorizationManagerException e) {
            this.log.error("Unable to retrieve the default authorization manager", (Throwable) e);
            return null;
        }
    }
}
