package info.magnolia.rest.service.command.v1;

import com.wordnik.swagger.annotations.Api;
import com.wordnik.swagger.annotations.ApiOperation;
import com.wordnik.swagger.annotations.ApiResponse;
import com.wordnik.swagger.annotations.ApiResponses;
import info.magnolia.cms.security.operations.AccessDefinition;
import info.magnolia.commands.CommandsManager;
import info.magnolia.commands.chain.Command;
import info.magnolia.context.MgnlContext;
import info.magnolia.rest.AbstractEndpoint;
import info.magnolia.rest.service.command.definition.CommandDefinition;
import info.magnolia.rest.service.command.definition.CommandEndpointDefinition;
import java.util.Map;
import javax.inject.Inject;
import javax.jcr.RepositoryException;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Api(value = "/commands/v1", description = "The commands API")
@Path("/commands/v1")
/* loaded from: input_file:WEB-INF/lib/magnolia-rest-services-1.0.3.jar:info/magnolia/rest/service/command/v1/CommandEndpoint.class */
public class CommandEndpoint<D extends CommandEndpointDefinition> extends AbstractEndpoint<D> {
    private static final String STATUS_MESSAGE_OK = "Command execution successful";
    private static final String STATUS_MESSAGE_FORBIDDEN = "Not authorized to execute command";
    private static final String STATUS_MESSAGE_COMMAND_NOT_FOUND = "Command not found";
    private static final String STATUS_MESSAGE_ERROR_OCCURRED = "Error executing command";
    private final Logger log;
    private final CommandsManager commandsManager;

    @Inject
    public CommandEndpoint(D d, CommandsManager commandsManager) {
        super(d);
        this.log = LoggerFactory.getLogger(getClass());
        this.commandsManager = commandsManager;
    }

    @Path("/{catalogName}/{commandName:(.)*}")
    @Consumes({MediaType.APPLICATION_JSON, "application/xml"})
    @ApiOperation(value = "Executes a command", notes = "Executes a command from a specific catalog")
    @ApiResponses({@ApiResponse(code = 200, message = STATUS_MESSAGE_OK), @ApiResponse(code = 403, message = STATUS_MESSAGE_FORBIDDEN), @ApiResponse(code = 404, message = STATUS_MESSAGE_COMMAND_NOT_FOUND), @ApiResponse(code = 500, message = STATUS_MESSAGE_ERROR_OCCURRED)})
    @POST
    public Response executeCommand(@PathParam("catalogName") String str, @PathParam("commandName") String str2, Map<String, Object> map) throws RepositoryException {
        if (!isCommandExecutableByCurrentUser(str, str2)) {
            this.log.error("Unauthorized access while executing command '{}' from catalog '{}' with commandMap '{}'", str2, str, map);
            return Response.status(Response.Status.FORBIDDEN).build();
        }
        Command command = this.commandsManager.getCommand(str, str2);
        if (command == null) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        try {
            return Response.status(Response.Status.OK).entity(Boolean.valueOf(!this.commandsManager.executeCommand(command, map))).type(MediaType.TEXT_PLAIN_TYPE).build();
        } catch (Exception e) {
            this.log.error("Error executing command '{}' from catalog '{}' with commandMap '{}'", str2, str, map, e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).type(MediaType.TEXT_PLAIN_TYPE).build();
        }
    }

    @Path("/{commandName:(.)*}")
    @Consumes({MediaType.APPLICATION_JSON, "application/xml"})
    @ApiOperation(value = "Executes a command", notes = "Executes a command from the default catalog")
    @ApiResponses({@ApiResponse(code = 200, message = STATUS_MESSAGE_OK), @ApiResponse(code = 403, message = STATUS_MESSAGE_FORBIDDEN), @ApiResponse(code = 404, message = STATUS_MESSAGE_COMMAND_NOT_FOUND), @ApiResponse(code = 500, message = STATUS_MESSAGE_ERROR_OCCURRED)})
    @POST
    public Response executeCommand(@PathParam("commandName") String str, Map<String, Object> map) throws RepositoryException {
        return executeCommand(null, str, map);
    }

    protected boolean isCommandExecutableByCurrentUser(String str, String str2) {
        if (((CommandEndpointDefinition) getEndpointDefinition()).getEnabledCommands() == null || str2 == null) {
            return false;
        }
        for (CommandDefinition commandDefinition : ((CommandEndpointDefinition) getEndpointDefinition()).getEnabledCommands()) {
            if (StringUtils.equals(str, commandDefinition.getCatalogName()) && StringUtils.equals(str2, commandDefinition.getCommandName())) {
                AccessDefinition access = commandDefinition.getAccess();
                if (access == null) {
                    return false;
                }
                return access.hasAccess(MgnlContext.getUser());
            }
        }
        return false;
    }
}
