package org.sakaiproject.pasystem.impl.rest;

import java.io.ByteArrayInputStream;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import org.json.simple.JSONObject;
import org.sakaiproject.authz.cover.SecurityService;
import org.sakaiproject.component.cover.ComponentManager;
import org.sakaiproject.entitybroker.DeveloperHelperService;
import org.sakaiproject.entitybroker.EntityView;
import org.sakaiproject.entitybroker.entityprovider.EntityProvider;
import org.sakaiproject.entitybroker.entityprovider.EntityProviderManager;
import org.sakaiproject.entitybroker.entityprovider.annotations.EntityCustomAction;
import org.sakaiproject.entitybroker.entityprovider.capabilities.ActionsExecutable;
import org.sakaiproject.entitybroker.entityprovider.capabilities.AutoRegisterEntityProvider;
import org.sakaiproject.entitybroker.entityprovider.capabilities.Describeable;
import org.sakaiproject.entitybroker.entityprovider.capabilities.Outputable;
import org.sakaiproject.pasystem.api.Banner;
import org.sakaiproject.pasystem.api.Errors;
import org.sakaiproject.pasystem.api.PASystem;
import org.sakaiproject.pasystem.api.PASystemException;
import org.sakaiproject.pasystem.api.Popup;
import org.sakaiproject.pasystem.api.TemplateStream;
import org.sakaiproject.tool.cover.SessionManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/sakaiproject/pasystem/impl/rest/PASystemAdminEntityProvider.class */
public class PASystemAdminEntityProvider implements EntityProvider, AutoRegisterEntityProvider, ActionsExecutable, Outputable, Describeable {
    private static final Logger LOG = LoggerFactory.getLogger(PASystemAdminEntityProvider.class);
    private static final String ADMIN_SITE_REALM = "/site/!admin";
    private static final String SAKAI_SESSION_TOKEN_PROPERTY = "sakai.pasystem-admin.token";
    private static final String REQUEST_SESSION_PARAMETER = "session";
    protected DeveloperHelperService developerHelperService;
    private EntityProviderManager entityProviderManager;

    /* loaded from: input_file:org/sakaiproject/pasystem/impl/rest/PASystemAdminEntityProvider$WrappedParams.class */
    private class WrappedParams {
        private final Map<String, Object> params;

        public WrappedParams(Map<String, Object> map) {
            this.params = map;
        }

        public String getString(String str) {
            String str2 = (String) this.params.get(str);
            if (str2 == null) {
                throw new IllegalArgumentException("Parameter " + str + " cannot be null.");
            }
            return str2;
        }

        public String getString(String str, String str2) {
            return containsKey(str) ? getString(str) : str2;
        }

        public long getEpochMS(String str) {
            return Long.valueOf(getString(str)).longValue();
        }

        public boolean getBoolean(String str) {
            return Boolean.valueOf(getString(str)).booleanValue();
        }

        public List<String> getCommaList(String str) {
            if (containsKey("assign_to_users")) {
                return Arrays.asList(getString("assign_to_users").split("[, ]+"));
            }
            return null;
        }

        public boolean containsKey(String str) {
            return this.params.containsKey(str);
        }
    }

    public String[] getHandledOutputFormats() {
        return new String[]{"json"};
    }

    public String getEntityPrefix() {
        return "pasystem-admin";
    }

    @EntityCustomAction(action = "startSession", viewKey = "new")
    public String startSession(EntityView entityView, Map<String, Object> map) {
        try {
            assertPermission();
            JSONObject jSONObject = new JSONObject();
            String mintSessionId = mintSessionId();
            jSONObject.put(REQUEST_SESSION_PARAMETER, mintSessionId);
            SessionManager.getCurrentSession().setAttribute(SAKAI_SESSION_TOKEN_PROPERTY, mintSessionId);
            return jSONObject.toJSONString();
        } catch (Exception e) {
            return respondWithError(e);
        }
    }

    @EntityCustomAction(action = "createPopup", viewKey = "new")
    public String createPopup(EntityView entityView, Map<String, Object> map) {
        try {
            assertSession(map);
            WrappedParams wrappedParams = new WrappedParams(map);
            Popup create = Popup.create(wrappedParams.getString("descriptor"), wrappedParams.getEpochMS("start_time"), wrappedParams.getEpochMS("end_time"), wrappedParams.getBoolean("is_open_campaign"));
            Errors validate = create.validate();
            if (validate.hasErrors()) {
                return respondWithError(validate);
            }
            String createCampaign = paSystem().getPopups().createCampaign(create, new TemplateStream(new ByteArrayInputStream(wrappedParams.getString("template").getBytes()), r0.length()), Optional.ofNullable(wrappedParams.getCommaList("assign_to_users")));
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("status", "OK");
            jSONObject.put("created_id", createCampaign);
            return jSONObject.toJSONString();
        } catch (Exception e) {
            return respondWithError(e);
        }
    }

    @EntityCustomAction(action = "deletePopup", viewKey = "new")
    public String deletePopup(EntityView entityView, Map<String, Object> map) {
        try {
            assertSession(map);
            String string = new WrappedParams(map).getString("id");
            paSystem().getPopups().deleteCampaign(string);
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("status", "OK");
            jSONObject.put("id", string);
            return jSONObject.toJSONString();
        } catch (Exception e) {
            return respondWithError(e);
        }
    }

    @EntityCustomAction(action = "createBanner", viewKey = "new")
    public String createBanner(EntityView entityView, Map<String, Object> map) {
        try {
            assertSession(map);
            WrappedParams wrappedParams = new WrappedParams(map);
            Banner banner = new Banner(wrappedParams.getString("message"), wrappedParams.getString("hosts", ""), wrappedParams.getBoolean("is_active"), wrappedParams.getEpochMS("start_time"), wrappedParams.getEpochMS("end_time"), wrappedParams.getString("type"));
            Errors validate = banner.validate();
            if (validate.hasErrors()) {
                return respondWithError(validate);
            }
            String createBanner = paSystem().getBanners().createBanner(banner);
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("status", "OK");
            jSONObject.put("created_id", createBanner);
            return jSONObject.toJSONString();
        } catch (Exception e) {
            return respondWithError(e);
        }
    }

    @EntityCustomAction(action = "deleteBanner", viewKey = "new")
    public String deleteBanner(EntityView entityView, Map<String, Object> map) {
        try {
            assertSession(map);
            String string = new WrappedParams(map).getString("id");
            paSystem().getBanners().deleteBanner(string);
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("status", "OK");
            jSONObject.put("id", string);
            return jSONObject.toJSONString();
        } catch (Exception e) {
            return respondWithError(e);
        }
    }

    private String respondWithError(Exception exc) {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("status", "ERROR");
        jSONObject.put("message", exc.getMessage());
        LOG.error("Caught an error while handling a request", exc);
        return jSONObject.toJSONString();
    }

    private String respondWithError(Errors errors) {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("status", "ERROR");
        jSONObject.put("message", errors.toMap());
        return jSONObject.toJSONString();
    }

    private void assertSession(Map<String, Object> map) {
        assertPermission();
        String str = (String) map.get(REQUEST_SESSION_PARAMETER);
        String str2 = (String) SessionManager.getCurrentSession().getAttribute(SAKAI_SESSION_TOKEN_PROPERTY);
        if (str2 == null || str == null || !str2.equals(str)) {
            LOG.error("assertSession failed for user " + SessionManager.getCurrentSessionUserId());
            throw new PASystemException("Access denied");
        }
    }

    private void assertPermission() {
        if (SecurityService.unlock("pasystem.manage", ADMIN_SITE_REALM)) {
            return;
        }
        LOG.error("assertPermission denied access to user " + SessionManager.getCurrentSessionUserId());
        throw new PASystemException("Access denied");
    }

    private PASystem paSystem() {
        return (PASystem) ComponentManager.get(PASystem.class);
    }

    private String mintSessionId() {
        byte[] bArr = new byte[32];
        try {
            SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
            StringBuilder sb = new StringBuilder();
            for (byte b : bArr) {
                sb.append(String.format("%02x", Byte.valueOf(b)));
            }
            return sb.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("Couldn't generate a session ID", e);
        }
    }

    public void setEntityProviderManager(EntityProviderManager entityProviderManager) {
        this.entityProviderManager = entityProviderManager;
    }

    public void setDeveloperHelperService(DeveloperHelperService developerHelperService) {
        this.developerHelperService = developerHelperService;
    }
}
