package org.wso2.carbon.registry.rest.api;

import javax.ws.rs.DELETE;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.registry.rest.api.security.RestAPIAuthContext;
import org.wso2.carbon.registry.rest.api.security.RestAPISecurityUtils;

@Path("/association")
/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/registry/rest/api/Association.class */
public class Association extends RegistryRestSuper {
    private Log log = LogFactory.getLog(Association.class);

    @POST
    @Produces({"application/json"})
    public Response addAssociation(@QueryParam("path") String str, @QueryParam("targetPath") String str2, @QueryParam("type") String str3, @HeaderParam("X-JWT-Assertion") String str4) {
        RestAPIAuthContext authContext = RestAPISecurityUtils.getAuthContext(PrivilegedCarbonContext.getThreadLocalCarbonContext(), str4);
        if (!authContext.isAuthorized()) {
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        try {
            Registry userRegistry = getUserRegistry(authContext.getUserName(), authContext.getTenantId());
            if (!userRegistry.resourceExists(str)) {
                return Response.status(Response.Status.NOT_FOUND).entity(RestAPIConstants.RESOURCE_NOT_FOUND + str).build();
            }
            userRegistry.addAssociation(str, str2, str3);
            return Response.status(Response.Status.NO_CONTENT).build();
        } catch (RegistryException e) {
            this.log.error("user is not allowed to delete association on the resource", e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
        }
    }

    @Produces({"application/json"})
    @DELETE
    public Response deleteAssociation(@QueryParam("path") String str, @QueryParam("targetPath") String str2, @QueryParam("type") String str3, @HeaderParam("X-JWT-Assertion") String str4) {
        RestAPIAuthContext authContext = RestAPISecurityUtils.getAuthContext(PrivilegedCarbonContext.getThreadLocalCarbonContext(), str4);
        if (!authContext.isAuthorized()) {
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        try {
            Registry userRegistry = getUserRegistry(authContext.getUserName(), authContext.getTenantId());
            if (!userRegistry.resourceExists(str)) {
                return Response.status(Response.Status.NOT_FOUND).entity(RestAPIConstants.RESOURCE_NOT_FOUND + str).build();
            }
            if (!userRegistry.resourceExists(str2)) {
                return Response.status(Response.Status.NOT_FOUND).entity(RestAPIConstants.RESOURCE_NOT_FOUND + str2).build();
            }
            userRegistry.removeAssociation(str, str2, str3);
            return Response.status(Response.Status.NO_CONTENT).build();
        } catch (RegistryException e) {
            this.log.error("user is not allowed to delete association on the resource", e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
        }
    }
}
