package org.dataone.bookkeeper.resources;

import com.codahale.metrics.annotation.Timed;
import java.time.Instant;
import javax.annotation.security.PermitAll;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.dataone.bookkeeper.api.Customer;
import org.dataone.bookkeeper.api.Product;
import org.dataone.bookkeeper.api.ProductList;
import org.dataone.bookkeeper.jdbi.ProductStore;
import org.dataone.bookkeeper.security.DataONEAuthHelper;
import org.jdbi.v3.core.Jdbi;

@Produces({MediaType.APPLICATION_JSON})
@Path("/products")
@Timed
/* loaded from: input_file:org/dataone/bookkeeper/resources/ProductsResource.class */
public class ProductsResource extends BaseResource {
    private Log log = LogFactory.getLog(ProductsResource.class);
    private final ProductStore productStore;
    private final DataONEAuthHelper dataoneAuthHelper;

    public ProductsResource(Jdbi jdbi, DataONEAuthHelper dataONEAuthHelper) {
        this.productStore = (ProductStore) jdbi.onDemand(ProductStore.class);
        this.dataoneAuthHelper = dataONEAuthHelper;
    }

    @GET
    @Produces({MediaType.APPLICATION_JSON})
    @Timed
    public ProductList listProducts(@QueryParam("start") @DefaultValue("0") Integer num, @QueryParam("count") @DefaultValue("1000") Integer num2, @QueryParam("name") String str, @QueryParam("description") String str2, @QueryParam("status") Boolean bool) throws WebApplicationException {
        return new ProductList(str != null ? this.productStore.findProductsByName(str) : str2 != null ? this.productStore.findProductsByDescription(str2) : bool != null ? this.productStore.findProductsByActiveStatus(bool.booleanValue()) : this.productStore.listProducts());
    }

    @PermitAll
    @Timed
    @Consumes({MediaType.APPLICATION_JSON})
    @POST
    public Product create(@Context SecurityContext securityContext, @NotNull @Valid Product product) throws WebApplicationException {
        Customer customer = (Customer) securityContext.getUserPrincipal();
        if (!this.dataoneAuthHelper.isBookkeeperAdmin(customer.getSubject())) {
            throw new WebApplicationException("Bookkeeper admin privilege is required to create a product, " + customer.getSubject() + " is not authorized.", Response.Status.FORBIDDEN);
        }
        try {
            product.setCreated(new Integer((int) Instant.now().getEpochSecond()));
            return this.productStore.getProduct(this.productStore.insert(product));
        } catch (Exception e) {
            throw new WebApplicationException("Couldn't insert the product: " + e.getMessage(), Response.Status.INTERNAL_SERVER_ERROR);
        }
    }

    @GET
    @Path("{productId}")
    @Timed
    @Produces({MediaType.APPLICATION_JSON})
    public Product retrieve(@PathParam("productId") @NotNull Integer num) throws WebApplicationException {
        try {
            return this.productStore.getProduct(num);
        } catch (Exception e) {
            throw new WebApplicationException("Couldn't get the product: " + e.getMessage(), Response.Status.NOT_FOUND);
        }
    }

    @PermitAll
    @Path("{productId}")
    @Timed
    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    public Product update(@Context SecurityContext securityContext, @NotNull @Valid Product product) throws WebApplicationException {
        Customer customer = (Customer) securityContext.getUserPrincipal();
        if (!this.dataoneAuthHelper.isBookkeeperAdmin(customer.getSubject())) {
            throw new WebApplicationException("Bookkeeper admin privilege is required to update a product, " + customer.getSubject() + " is not authorized.", Response.Status.FORBIDDEN);
        }
        try {
            product.setCreated(this.productStore.getProduct(product.getId()).getCreated());
            this.productStore.update(product);
            return product;
        } catch (Exception e) {
            throw new WebApplicationException("Couldn't update the product: " + e.getMessage(), Response.Status.INTERNAL_SERVER_ERROR);
        }
    }

    @PermitAll
    @Path("{productId}")
    @Timed
    @DELETE
    public Response delete(@Context SecurityContext securityContext, @PathParam("productId") @Valid Integer num) throws WebApplicationException {
        Customer customer = (Customer) securityContext.getUserPrincipal();
        if (!this.dataoneAuthHelper.isBookkeeperAdmin(customer.getSubject())) {
            throw new WebApplicationException("Bookkeeper admin privilege is required to delete a product, " + customer.getSubject() + " is not authorized.", Response.Status.FORBIDDEN);
        }
        if (num == null) {
            throw new WebApplicationException("The productId cannot be null.", Response.Status.BAD_REQUEST);
        }
        try {
            this.productStore.delete(num);
            return Response.ok().build();
        } catch (Exception e) {
            this.log.error("Deleting the product with id " + num + " failed: " + e.getMessage());
            e.printStackTrace();
            throw e;
        }
    }
}
