package org.pentaho.cdf.comments;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.Consumes;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.JSONException;
import org.pentaho.cdf.InvalidCdfOperationException;
import org.pentaho.cdf.PluginHibernateException;
import org.pentaho.cdf.utils.CorsUtil;
import org.pentaho.platform.engine.core.system.PentahoSessionHolder;
import org.pentaho.platform.web.http.api.resources.utils.SystemUtils;
import pt.webdetails.cpf.utils.CharsetHelper;

@Path("/pentaho-cdf/api/comments")
/* loaded from: input_file:org/pentaho/cdf/comments/CommentsApi.class */
public class CommentsApi {
    private static final Log logger = LogFactory.getLog(CommentsApi.class);

    @GET
    @Path("/add")
    @Consumes({"application/xml", "application/json", "application/x-www-form-urlencoded"})
    @Produces({"application/json"})
    public Response add(@QueryParam("page") @DefaultValue("") String str, @QueryParam("comment") @DefaultValue("") String str2, @Context HttpServletResponse httpServletResponse, @Context HttpServletRequest httpServletRequest) {
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding(CharsetHelper.getEncoding());
        setCorsHeaders(httpServletRequest, httpServletResponse);
        try {
            return Response.ok(addComment(str, str2)).build();
        } catch (Exception e) {
            logger.error("Error adding comment", e);
            return Response.serverError().build();
        }
    }

    @GET
    @Path("/list")
    @Consumes({"application/xml", "application/json", "application/x-www-form-urlencoded"})
    @Produces({"application/json"})
    public Response list(@QueryParam("page") @DefaultValue("") String str, @QueryParam("firstResult") @DefaultValue("0") int i, @QueryParam("maxResults") @DefaultValue("20") int i2, @QueryParam("deleted") @DefaultValue("false") boolean z, @QueryParam("archived") @DefaultValue("false") boolean z2, @Context HttpServletResponse httpServletResponse, @Context HttpServletRequest httpServletRequest) {
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding(CharsetHelper.getEncoding());
        setCorsHeaders(httpServletRequest, httpServletResponse);
        boolean isAdministrator = isAdministrator();
        if (z && !isAdministrator) {
            z = false;
            logger.warn("only admin users are allowed to see deleted comments");
        }
        if (z2 && !isAdministrator) {
            z2 = false;
            logger.warn("only admin users are allowed to see archived comments");
        }
        try {
            return Response.ok(listComments(str, i, i2, z, z2)).build();
        } catch (Exception e) {
            logger.error("Error listing comments", e);
            return Response.serverError().build();
        }
    }

    @GET
    @Path("/archive")
    @Consumes({"application/xml", "application/json", "application/x-www-form-urlencoded"})
    @Produces({"application/json"})
    public Response archive(@QueryParam("commentId") @DefaultValue("0") int i, @QueryParam("value") @DefaultValue("true") boolean z, @Context HttpServletResponse httpServletResponse, @Context HttpServletRequest httpServletRequest) {
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding(CharsetHelper.getEncoding());
        setCorsHeaders(httpServletRequest, httpServletResponse);
        if (!isAuthenticated()) {
            logger.error("Operation not authorized: requires authentication");
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        try {
            return Response.ok(archiveComment(i, z)).build();
        } catch (Exception e) {
            logger.error("Error archiving comment", e);
            return Response.serverError().build();
        }
    }

    @GET
    @Path("/delete")
    @Consumes({"application/xml", "application/json", "application/x-www-form-urlencoded"})
    @Produces({"application/json"})
    public Response delete(@QueryParam("commentId") @DefaultValue("0") int i, @QueryParam("value") @DefaultValue("true") boolean z, @Context HttpServletResponse httpServletResponse, @Context HttpServletRequest httpServletRequest) {
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding(CharsetHelper.getEncoding());
        setCorsHeaders(httpServletRequest, httpServletResponse);
        if (!isAuthenticated()) {
            logger.error("Operation not authorized: requires authentication");
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        try {
            return Response.ok(deleteComment(i, z)).build();
        } catch (Exception e) {
            logger.error("Error deleting comment", e);
            return Response.serverError().build();
        }
    }

    private String getUserName() {
        return PentahoSessionHolder.getSession().getName();
    }

    protected void setCorsHeaders(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CorsUtil.getInstance().setCorsHeaders(httpServletRequest, httpServletResponse);
    }

    protected boolean isAdministrator() {
        return SystemUtils.canAdminister();
    }

    protected boolean isAuthenticated() {
        return PentahoSessionHolder.getSession().isAuthenticated();
    }

    protected String addComment(String str, String str2) throws PluginHibernateException, JSONException, InvalidCdfOperationException {
        return CommentsEngine.getInstance().add(str, str2, getUserName()).toString(2);
    }

    protected String listComments(String str, int i, int i2, boolean z, boolean z2) throws PluginHibernateException, JSONException, InvalidCdfOperationException {
        return CommentsEngine.getInstance().list(str, i, i2, z, z2, getUserName()).toString(2);
    }

    protected String archiveComment(int i, boolean z) throws JSONException, PluginHibernateException {
        return CommentsEngine.getInstance().archive(i, z, getUserName(), isAdministrator()).toString(2);
    }

    protected String deleteComment(int i, boolean z) throws JSONException, PluginHibernateException {
        return CommentsEngine.getInstance().delete(i, z, getUserName(), isAdministrator()).toString(2);
    }
}
