package org.apache.guacamole.rest.user;

import com.google.inject.assistedinject.Assisted;
import com.google.inject.assistedinject.AssistedInject;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.GuacamoleSecurityException;
import org.apache.guacamole.GuacamoleUnsupportedException;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.Directory;
import org.apache.guacamole.net.auth.User;
import org.apache.guacamole.net.auth.UserContext;
import org.apache.guacamole.net.auth.credentials.GuacamoleCredentialsException;
import org.apache.guacamole.net.auth.simple.SimpleActivityRecordSet;
import org.apache.guacamole.rest.directory.DirectoryObjectResource;
import org.apache.guacamole.rest.directory.DirectoryObjectTranslator;
import org.apache.guacamole.rest.history.UserHistoryResource;
import org.apache.guacamole.rest.identifier.RelatedObjectSetResource;
import org.apache.guacamole.rest.permission.APIPermissionSet;
import org.apache.guacamole.rest.permission.PermissionSetResource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Produces({MediaType.APPLICATION_JSON})
@Consumes({MediaType.APPLICATION_JSON})
/* loaded from: input_file:WEB-INF/classes/org/apache/guacamole/rest/user/UserResource.class */
public class UserResource extends DirectoryObjectResource<User, APIUser> {
    private static final Logger logger = LoggerFactory.getLogger(UserResource.class);
    private final UserContext userContext;
    private final Directory<User> directory;
    private final User user;

    @AssistedInject
    public UserResource(@Assisted UserContext userContext, @Assisted Directory<User> directory, @Assisted User user, DirectoryObjectTranslator<User, APIUser> directoryObjectTranslator) {
        super(userContext, directory, user, directoryObjectTranslator);
        this.userContext = userContext;
        this.directory = directory;
        this.user = user;
    }

    @Path("history")
    public UserHistoryResource getUserHistory() throws GuacamoleException {
        try {
            return new UserHistoryResource(this.user.getUserHistory());
        } catch (GuacamoleUnsupportedException e) {
            logger.debug("Call to getUserHistory() is unsupported, falling back to deprecated method getHistory().", (Throwable) e);
            try {
                return new UserHistoryResource(new SimpleActivityRecordSet(this.user.getHistory()));
            } catch (GuacamoleUnsupportedException e2) {
                logger.debug("Call to getHistory() is unsupported, no user history records will be returned.", (Throwable) e2);
                return new UserHistoryResource(new SimpleActivityRecordSet());
            }
        }
    }

    @Override // org.apache.guacamole.rest.directory.DirectoryObjectResource
    public void updateObject(APIUser aPIUser) throws GuacamoleException {
        if (this.userContext.self().getIdentifier().equals(aPIUser.getUsername())) {
            throw new GuacamoleSecurityException("Permission denied.");
        }
        super.updateObject((UserResource) aPIUser);
    }

    @Path("password")
    @PUT
    public void updatePassword(APIUserPasswordUpdate aPIUserPasswordUpdate, @Context HttpServletRequest httpServletRequest) throws GuacamoleException {
        try {
            if (this.userContext.getAuthenticationProvider().authenticateUser(new Credentials(this.user.getIdentifier(), aPIUserPasswordUpdate.getOldPassword(), httpServletRequest)) == null) {
                throw new GuacamoleSecurityException("Permission denied.");
            }
            this.user.setPassword(aPIUserPasswordUpdate.getNewPassword());
            this.directory.update(this.user);
        } catch (GuacamoleCredentialsException e) {
            throw new GuacamoleSecurityException("Permission denied.");
        }
    }

    @Path("permissions")
    public PermissionSetResource getPermissions() {
        return new PermissionSetResource(this.user);
    }

    @GET
    @Path("effectivePermissions")
    public APIPermissionSet getEffectivePermissions() throws GuacamoleException {
        return new APIPermissionSet(this.user.getEffectivePermissions());
    }

    @Path("userGroups")
    public RelatedObjectSetResource getUserGroups() throws GuacamoleException {
        return new RelatedObjectSetResource(this.user.getUserGroups());
    }
}
