package com.supermap.services.rest.resources.impl;

import com.supermap.services.rest.HttpException;
import com.supermap.services.rest.resources.SecurityResource;
import com.supermap.services.security.SecurityConstants;
import com.supermap.services.security.SubjectType;
import com.supermap.services.security.User;
import com.supermap.services.util.ProductTypeUtil;
import com.supermap.services.util.ResourceManager;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.shiro.util.ThreadContext;
import org.restlet.Context;
import org.restlet.Request;
import org.restlet.Response;
import org.restlet.data.Status;

/* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/rest/resources/impl/UserResource.class */
public class UserResource extends SecuritySubjectResourceBase {
    private static final ResourceManager a = new ResourceManager((Class<? extends Enum<?>>) SecurityResource.class);
    private String b;
    private User c;

    public UserResource(Context context, Request request, Response response) {
        super(context, request, response);
        this.b = getResourceName(request, "userName");
        try {
            this.b = URLDecoder.decode(this.b, "UTF-8");
        } catch (UnsupportedEncodingException e) {
        }
        this.c = getSecurityManager().getUser(this.b);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.supermap.services.rest.resources.impl.SecurityResourceBase
    public SubjectType a() {
        return SubjectType.USER;
    }

    @Override // com.supermap.services.rest.resources.impl.SecuritySubjectResourceBase, com.supermap.services.rest.resources.impl.SecurityResourceBase, com.supermap.services.rest.resources.ResourceBase
    public Object getResourceContent() {
        if (this.c != null && ArrayUtils.isNotEmpty(this.c.userGroups)) {
            this.c.userGroups = (String[]) ArrayUtils.removeElement(this.c.userGroups, SecurityConstants.GROUP_LDAP_AUTHORIZED);
        }
        return this.c;
    }

    @Override // com.supermap.services.rest.resources.impl.SecuritySubjectResourceBase, com.supermap.services.rest.resources.ResourceBase
    public void checkRequestEntityObjectValid(Object obj) {
        super.checkRequestEntityObjectValid(obj);
        User user = (User) obj;
        if (!ThreadContext.getSubject().hasRole("ADMIN") && user.roles != null && user.isRole("ADMIN")) {
            throw new HttpException(Status.CLIENT_ERROR_BAD_REQUEST, a.getMessage((ResourceManager) SecurityResource.USERRESOURCE_NONADMIN_CANNOT_ADDADMINROLE, new Object[0]));
        }
        if (ProductTypeUtil.isPortal()) {
            a(user);
        }
    }

    private void a(User user) {
        if (user.roles == null || user.roles.length < 2) {
            return;
        }
        List asList = Arrays.asList(user.roles);
        if (asList.size() == 2 && asList.contains(SecurityConstants.ROLE_NO_PW)) {
            return;
        }
        if (!(asList.contains("ADMIN") || asList.contains("PORTAL_USER")) && asList.contains(SecurityConstants.ROLE_PORTAL_VIEWER)) {
            throw new HttpException(Status.CLIENT_ERROR_BAD_REQUEST, a.getMessage((ResourceManager) SecurityResource.USERRESOURCE_ROLES_UNREASONABLE, new Object[0]));
        }
    }

    @Override // com.supermap.services.rest.resources.impl.SecuritySubjectResourceBase, com.supermap.services.rest.resources.impl.SecurityResourceBase, com.supermap.services.rest.resources.ResourceBase
    public Map<String, Object> getCustomVariableMap() {
        Map<String, Object> customVariableMap = super.getCustomVariableMap();
        customVariableMap.put("password", Boolean.valueOf((this.c == null || ArrayUtils.contains(this.c.roles, SecurityConstants.ROLE_NO_PW)) ? false : true));
        return customVariableMap;
    }

    @Override // com.supermap.services.rest.resources.impl.SecurityResourceBase, com.supermap.services.rest.resources.ResourceBase
    public final boolean isResourceExist() {
        return this.c != null;
    }
}
