package org.yamcs.http.api;

import com.google.protobuf.Empty;
import java.io.IOException;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.yamcs.YamcsServer;
import org.yamcs.api.Observer;
import org.yamcs.http.Context;
import org.yamcs.http.InternalServerErrorException;
import org.yamcs.http.NotFoundException;
import org.yamcs.http.audit.AuditLog;
import org.yamcs.protobuf.AbstractClearanceApi;
import org.yamcs.protobuf.ClearanceInfo;
import org.yamcs.protobuf.DeleteClearanceRequest;
import org.yamcs.protobuf.ListClearancesResponse;
import org.yamcs.protobuf.Mdb;
import org.yamcs.protobuf.UpdateClearanceRequest;
import org.yamcs.security.ClearanceListener;
import org.yamcs.security.Directory;
import org.yamcs.security.ObjectPrivilegeType;
import org.yamcs.security.SecurityStore;
import org.yamcs.security.SystemPrivilege;
import org.yamcs.security.User;
import org.yamcs.security.protobuf.Clearance;
import org.yamcs.utils.TimeEncoding;

/* loaded from: input_file:org/yamcs/http/api/ClearanceApi.class */
public class ClearanceApi extends AbstractClearanceApi<Context> {
    public ClearanceApi(AuditLog auditLog) {
        auditLog.addPrivilegeChecker(getClass().getSimpleName(), user -> {
            return user.hasSystemPrivilege(SystemPrivilege.ControlCommandClearances);
        });
    }

    public void listClearances(Context context, Empty empty, Observer<ListClearancesResponse> observer) {
        context.checkSystemPrivilege(SystemPrivilege.ControlCommandClearances);
        List<User> users = YamcsServer.getServer().getSecurityStore().getDirectory().getUsers();
        Collections.sort(users, (user, user2) -> {
            return user.getName().compareToIgnoreCase(user2.getName());
        });
        ListClearancesResponse.Builder newBuilder = ListClearancesResponse.newBuilder();
        Iterator<User> it = users.iterator();
        while (it.hasNext()) {
            newBuilder.addClearances(toClearanceInfo(it.next()));
        }
        observer.complete(newBuilder.build());
    }

    public void updateClearance(Context context, UpdateClearanceRequest updateClearanceRequest, Observer<ClearanceInfo> observer) {
        context.checkSystemPrivilege(SystemPrivilege.ControlCommandClearances);
        SecurityStore securityStore = YamcsServer.getServer().getSecurityStore();
        String username = updateClearanceRequest.getUsername();
        Directory directory = securityStore.getDirectory();
        User user = directory.getUser(username);
        if (user == null) {
            throw new NotFoundException();
        }
        user.setClearance(Clearance.newBuilder().setLevel(updateClearanceRequest.getLevel().toString()).setIssuedBy(context.user.getId()).setIssueTime(TimeEncoding.toProtobufTimestamp(TimeEncoding.getWallclockTime())).m810build());
        try {
            directory.updateUserProperties(user);
            observer.complete(toClearanceInfo(user));
        } catch (IOException e) {
            throw new InternalServerErrorException(e);
        }
    }

    public void deleteClearance(Context context, DeleteClearanceRequest deleteClearanceRequest, Observer<Empty> observer) {
        context.checkSystemPrivilege(SystemPrivilege.ControlCommandClearances);
        SecurityStore securityStore = YamcsServer.getServer().getSecurityStore();
        String username = deleteClearanceRequest.getUsername();
        Directory directory = securityStore.getDirectory();
        User user = directory.getUser(username);
        if (user == null) {
            throw new NotFoundException();
        }
        user.setClearance(null);
        try {
            directory.updateUserProperties(user);
            observer.complete(Empty.getDefaultInstance());
        } catch (IOException e) {
            throw new InternalServerErrorException(e);
        }
    }

    public void subscribeClearance(Context context, Empty empty, Observer<ClearanceInfo> observer) {
        ClearanceListener clearanceListener = clearance -> {
            observer.next(toClearanceInfo(context.user));
        };
        context.user.addClearanceListener(clearanceListener);
        observer.setCancelHandler(() -> {
            context.user.removeClearanceListener(clearanceListener);
        });
        observer.next(toClearanceInfo(context.user));
    }

    private ClearanceInfo toClearanceInfo(User user) {
        SecurityStore securityStore = YamcsServer.getServer().getSecurityStore();
        ClearanceInfo.Builder hasCommandPrivileges = ClearanceInfo.newBuilder().setUsername(user.getName()).setHasCommandPrivileges(user.isSuperuser() || !user.getObjectPrivileges(ObjectPrivilegeType.Command).isEmpty());
        Clearance clearance = user.getClearance();
        if (clearance != null) {
            hasCommandPrivileges.setLevel(Mdb.SignificanceInfo.SignificanceLevelType.valueOf(clearance.getLevel()));
            hasCommandPrivileges.setIssueTime(clearance.getIssueTime());
            User user2 = securityStore.getDirectory().getUser(clearance.getIssuedBy());
            if (user2 != null) {
                hasCommandPrivileges.setIssuedBy(user2.getName());
            } else if (clearance.getIssuedBy() == securityStore.getGuestUser().getId()) {
                hasCommandPrivileges.setIssuedBy(securityStore.getGuestUser().getName());
            } else if (clearance.getIssuedBy() == securityStore.getSystemUser().getId()) {
                hasCommandPrivileges.setIssuedBy(securityStore.getSystemUser().getName());
            }
        }
        return hasCommandPrivileges.build();
    }

    public /* bridge */ /* synthetic */ void subscribeClearance(Object obj, Empty empty, Observer observer) {
        subscribeClearance((Context) obj, empty, (Observer<ClearanceInfo>) observer);
    }

    public /* bridge */ /* synthetic */ void deleteClearance(Object obj, DeleteClearanceRequest deleteClearanceRequest, Observer observer) {
        deleteClearance((Context) obj, deleteClearanceRequest, (Observer<Empty>) observer);
    }

    public /* bridge */ /* synthetic */ void updateClearance(Object obj, UpdateClearanceRequest updateClearanceRequest, Observer observer) {
        updateClearance((Context) obj, updateClearanceRequest, (Observer<ClearanceInfo>) observer);
    }

    public /* bridge */ /* synthetic */ void listClearances(Object obj, Empty empty, Observer observer) {
        listClearances((Context) obj, empty, (Observer<ListClearancesResponse>) observer);
    }
}
