package io.apicurio.registry.rest.v3;

import io.apicurio.common.apps.config.ConfigPropertyCategory;
import io.apicurio.common.apps.config.Dynamic;
import io.apicurio.common.apps.config.DynamicConfigPropertyDef;
import io.apicurio.common.apps.config.DynamicConfigPropertyDto;
import io.apicurio.common.apps.config.DynamicConfigPropertyIndex;
import io.apicurio.common.apps.config.Info;
import io.apicurio.registry.auth.Authorized;
import io.apicurio.registry.auth.AuthorizedLevel;
import io.apicurio.registry.auth.AuthorizedStyle;
import io.apicurio.registry.auth.RoleBasedAccessApiOperation;
import io.apicurio.registry.ccompat.rest.ContentTypes;
import io.apicurio.registry.logging.Logged;
import io.apicurio.registry.logging.audit.Audited;
import io.apicurio.registry.logging.audit.AuditingConstants;
import io.apicurio.registry.metrics.health.liveness.ResponseErrorLivenessCheck;
import io.apicurio.registry.metrics.health.readiness.ResponseTimeoutReadinessCheck;
import io.apicurio.registry.rest.ConflictException;
import io.apicurio.registry.rest.MissingRequiredParameterException;
import io.apicurio.registry.rest.v3.beans.ArtifactTypeInfo;
import io.apicurio.registry.rest.v3.beans.ConfigurationProperty;
import io.apicurio.registry.rest.v3.beans.CreateRule;
import io.apicurio.registry.rest.v3.beans.DownloadRef;
import io.apicurio.registry.rest.v3.beans.RoleMapping;
import io.apicurio.registry.rest.v3.beans.RoleMappingSearchResults;
import io.apicurio.registry.rest.v3.beans.Rule;
import io.apicurio.registry.rest.v3.beans.SnapshotMetaData;
import io.apicurio.registry.rest.v3.beans.UpdateConfigurationProperty;
import io.apicurio.registry.rest.v3.beans.UpdateRole;
import io.apicurio.registry.rest.v3.shared.DataExporter;
import io.apicurio.registry.rules.DefaultRuleDeletionException;
import io.apicurio.registry.rules.RulesProperties;
import io.apicurio.registry.storage.RegistryStorage;
import io.apicurio.registry.storage.dto.DownloadContextDto;
import io.apicurio.registry.storage.dto.DownloadContextType;
import io.apicurio.registry.storage.dto.RuleConfigurationDto;
import io.apicurio.registry.storage.error.ConfigPropertyNotFoundException;
import io.apicurio.registry.storage.error.InvalidPropertyValueException;
import io.apicurio.registry.storage.error.RuleNotFoundException;
import io.apicurio.registry.storage.importing.ImportExportConfigProperties;
import io.apicurio.registry.types.Current;
import io.apicurio.registry.types.RuleType;
import io.apicurio.registry.types.provider.ArtifactTypeUtilProviderFactory;
import io.apicurio.registry.utils.DtoUtil;
import io.apicurio.registry.utils.IoUtil;
import io.apicurio.registry.utils.impexp.EntityInputStream;
import io.apicurio.registry.utils.impexp.EntityInputStreamImpl;
import io.apicurio.registry.utils.impexp.EntityReader;
import io.apicurio.registry.utils.impexp.EntityType;
import io.apicurio.registry.utils.impexp.ManifestEntity;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.interceptor.Interceptors;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.ws.rs.BadRequestException;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.MediaType;
import jakarta.ws.rs.core.Response;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.util.HashMap;
import java.util.List;
import java.util.Set;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import java.util.zip.ZipInputStream;
import org.apache.commons.io.FileUtils;
import org.eclipse.microprofile.config.Config;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import org.slf4j.Logger;

@ApplicationScoped
@Interceptors({ResponseErrorLivenessCheck.class, ResponseTimeoutReadinessCheck.class})
@Logged
/* loaded from: input_file:io/apicurio/registry/rest/v3/AdminResourceImpl.class */
public class AdminResourceImpl implements AdminResource {

    @Inject
    Logger log;

    @Inject
    @Current
    RegistryStorage storage;

    @Inject
    RulesProperties rulesProperties;

    @Inject
    DynamicConfigPropertyIndex dynamicPropertyIndex;

    @Inject
    ArtifactTypeUtilProviderFactory factory;

    @Inject
    Config config;

    @Inject
    DataExporter exporter;

    @Inject
    ImportExportConfigProperties importExportProps;

    @Context
    HttpServletRequest request;

    @Dynamic(label = "Download link expiry", description = "The number of seconds that a generated link to a .zip download file is active before expiring.")
    @ConfigProperty(name = "apicurio.download.href.ttl.seconds", defaultValue = "30")
    @Info(category = ConfigPropertyCategory.CATEGORY_DOWNLOAD, description = "Download link expiry", availableSince = "2.1.2.Final")
    Supplier<Long> downloadHrefTtl;

    private static void requireParameter(String str, Object obj) {
        if (obj == null) {
            throw new MissingRequiredParameterException(str);
        }
    }

    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Read)
    public List<ArtifactTypeInfo> listArtifactTypes() {
        return (List) this.factory.getAllArtifactTypes().stream().map(str -> {
            ArtifactTypeInfo artifactTypeInfo = new ArtifactTypeInfo();
            artifactTypeInfo.setName(str);
            return artifactTypeInfo;
        }).collect(Collectors.toList());
    }

    @Audited
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public SnapshotMetaData triggerSnapshot() {
        this.storage.triggerSnapshotCreation();
        return SnapshotMetaData.builder().build();
    }

    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Read)
    public List<RuleType> listGlobalRules() {
        return (List) ((Set) Stream.concat(this.storage.getGlobalRules().stream(), this.rulesProperties.getDefaultGlobalRules().stream()).collect(Collectors.toSet())).stream().sorted().collect(Collectors.toList());
    }

    @Audited(extractParameters = {"0", AuditingConstants.KEY_RULE})
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public void createGlobalRule(CreateRule createRule) {
        requireParameter("ruleType", createRule.getRuleType());
        if (createRule.getConfig() == null || createRule.getConfig().trim().isEmpty()) {
            throw new MissingRequiredParameterException("config");
        }
        RuleConfigurationDto ruleConfigurationDto = new RuleConfigurationDto();
        ruleConfigurationDto.setConfiguration(createRule.getConfig());
        this.storage.createGlobalRule(createRule.getRuleType(), ruleConfigurationDto);
    }

    @Audited
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public void deleteAllGlobalRules() {
        this.storage.deleteGlobalRules();
    }

    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Read)
    public Rule getGlobalRuleConfig(RuleType ruleType) {
        RuleConfigurationDto defaultGlobalRuleConfiguration;
        try {
            defaultGlobalRuleConfiguration = this.storage.getGlobalRule(ruleType);
        } catch (RuleNotFoundException e) {
            defaultGlobalRuleConfiguration = this.rulesProperties.getDefaultGlobalRuleConfiguration(ruleType);
            if (defaultGlobalRuleConfiguration == null) {
                throw e;
            }
        }
        Rule rule = new Rule();
        rule.setRuleType(ruleType);
        rule.setConfig(defaultGlobalRuleConfiguration.getConfiguration());
        return rule;
    }

    @Audited(extractParameters = {"0", AuditingConstants.KEY_RULE_TYPE, "1", AuditingConstants.KEY_RULE})
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public Rule updateGlobalRuleConfig(RuleType ruleType, Rule rule) {
        if (rule.getConfig() == null || rule.getConfig().trim().isEmpty()) {
            throw new MissingRequiredParameterException("config");
        }
        RuleConfigurationDto ruleConfigurationDto = new RuleConfigurationDto();
        ruleConfigurationDto.setConfiguration(rule.getConfig());
        try {
            this.storage.updateGlobalRule(ruleType, ruleConfigurationDto);
        } catch (RuleNotFoundException e) {
            if (!this.rulesProperties.isDefaultGlobalRuleConfigured(ruleType)) {
                throw e;
            }
            this.storage.createGlobalRule(ruleType, ruleConfigurationDto);
        }
        Rule rule2 = new Rule();
        rule2.setRuleType(ruleType);
        rule2.setConfig(rule.getConfig());
        return rule2;
    }

    @Audited(extractParameters = {"0", AuditingConstants.KEY_RULE_TYPE})
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public void deleteGlobalRule(RuleType ruleType) {
        try {
            this.storage.deleteGlobalRule(ruleType);
        } catch (RuleNotFoundException e) {
            if (!this.rulesProperties.isDefaultGlobalRuleConfigured(ruleType)) {
                throw e;
            }
            throw new DefaultRuleDeletionException(ruleType);
        }
    }

    @Audited
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public void importData(Boolean bool, Boolean bool2, Boolean bool3, InputStream inputStream) {
        boolean z;
        boolean booleanValue = bool == null ? this.importExportProps.preserveGlobalId : bool.booleanValue();
        boolean booleanValue2 = bool2 == null ? this.importExportProps.preserveContentId : bool2.booleanValue();
        if ((bool3 == null ? this.importExportProps.requireEmptyRegistry : bool3.booleanValue()) && !this.storage.isEmpty()) {
            throw new ConflictException("Registry is not empty.");
        }
        ZipInputStream zipInputStream = new ZipInputStream(inputStream, StandardCharsets.UTF_8);
        try {
            Path createTempDirectory = Files.createTempDirectory(Paths.get(this.importExportProps.workDir, new String[0]), "apicurio-import_", new FileAttribute[0]);
            IoUtil.unpackToDisk(zipInputStream, createTempDirectory);
            zipInputStream.close();
            try {
                EntityReader entityReader = new EntityReader(createTempDirectory);
                try {
                    ManifestEntity readNextEntity = entityReader.readNextEntity();
                    if (readNextEntity.getEntityType() != EntityType.Manifest) {
                        throw new BadRequestException("Invalid import file: missing Manifest file");
                    }
                    ManifestEntity manifestEntity = readNextEntity;
                    if (manifestEntity.exportVersion.startsWith("3")) {
                        z = false;
                    } else {
                        if (!manifestEntity.exportVersion.startsWith("2") && !manifestEntity.exportVersion.startsWith("1")) {
                            throw new BadRequestException("Invalid import file, unknown manifest version: " + manifestEntity.systemVersion);
                        }
                        z = true;
                    }
                    EntityInputStream entityInputStreamImpl = new EntityInputStreamImpl(entityReader);
                    if (z) {
                        this.storage.upgradeData(entityInputStreamImpl, booleanValue, booleanValue2);
                    } else {
                        this.storage.importData(entityInputStreamImpl, booleanValue, booleanValue2);
                    }
                } catch (IOException e) {
                    throw new BadRequestException("Error importing data: " + e.getMessage(), e);
                }
            } finally {
                try {
                    FileUtils.deleteDirectory(createTempDirectory.toFile());
                } catch (IOException e2) {
                }
            }
        } catch (IOException e3) {
            throw new BadRequestException("Error importing data: " + e3.getMessage(), e3);
        }
    }

    @Audited(extractParameters = {"0", AuditingConstants.KEY_FOR_BROWSER})
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public Response exportData(Boolean bool) {
        String header = this.request.getHeader("Accept");
        if (!Boolean.TRUE.equals(bool) && !ContentTypes.JSON.equals(header)) {
            return this.exporter.exportData();
        }
        String createDownload = this.storage.createDownload(DownloadContextDto.builder().type(DownloadContextType.EXPORT).expires(System.currentTimeMillis() + (this.downloadHrefTtl.get().longValue() * 1000)).build());
        String createDownloadHref = createDownloadHref(createDownload);
        DownloadRef downloadRef = new DownloadRef();
        downloadRef.setDownloadId(createDownload);
        downloadRef.setHref(createDownloadHref);
        return Response.ok(downloadRef).type(MediaType.APPLICATION_JSON_TYPE).build();
    }

    @Audited(extractParameters = {"0", AuditingConstants.KEY_ROLE_MAPPING})
    @RoleBasedAccessApiOperation
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public void createRoleMapping(RoleMapping roleMapping) {
        this.storage.createRoleMapping(roleMapping.getPrincipalId(), roleMapping.getRole().name(), roleMapping.getPrincipalName());
    }

    @RoleBasedAccessApiOperation
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public RoleMappingSearchResults listRoleMappings(BigInteger bigInteger, BigInteger bigInteger2) {
        if (bigInteger2 == null) {
            bigInteger2 = BigInteger.valueOf(0L);
        }
        if (bigInteger == null) {
            bigInteger = BigInteger.valueOf(20L);
        }
        return V3ApiUtil.dtoToRoleMappingSearchResults(this.storage.searchRoleMappings(bigInteger2.intValue(), bigInteger.intValue()));
    }

    @RoleBasedAccessApiOperation
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public RoleMapping getRoleMapping(String str) {
        return V3ApiUtil.dtoToRoleMapping(this.storage.getRoleMapping(str));
    }

    @Audited(extractParameters = {"0", AuditingConstants.KEY_PRINCIPAL_ID, "1", AuditingConstants.KEY_UPDATE_ROLE})
    @RoleBasedAccessApiOperation
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public void updateRoleMapping(String str, UpdateRole updateRole) {
        requireParameter("principalId", str);
        requireParameter("role", updateRole.getRole());
        this.storage.updateRoleMapping(str, updateRole.getRole().name());
    }

    @Audited(extractParameters = {"0", AuditingConstants.KEY_PRINCIPAL_ID})
    @RoleBasedAccessApiOperation
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public void deleteRoleMapping(String str) {
        this.storage.deleteRoleMapping(str);
    }

    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public List<ConfigurationProperty> listConfigProperties() {
        List configProperties = this.storage.getConfigProperties();
        HashMap hashMap = new HashMap();
        configProperties.forEach(dynamicConfigPropertyDto -> {
            hashMap.put(dynamicConfigPropertyDto.getName(), dynamicConfigPropertyDto);
        });
        return (List) this.dynamicPropertyIndex.getAcceptedPropertyNames().stream().sorted((v0, v1) -> {
            return v0.compareTo(v1);
        }).map(str -> {
            return hashMap.containsKey(str) ? V3ApiUtil.dtoToConfigurationProperty(this.dynamicPropertyIndex.getProperty(str), (DynamicConfigPropertyDto) hashMap.get(str)) : defToConfigurationProperty(this.dynamicPropertyIndex.getProperty(str));
        }).collect(Collectors.toList());
    }

    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public ConfigurationProperty getConfigProperty(String str) {
        DynamicConfigPropertyDef resolveConfigProperty = resolveConfigProperty(str);
        DynamicConfigPropertyDto rawConfigProperty = this.storage.getRawConfigProperty(str);
        return rawConfigProperty == null ? defToConfigurationProperty(resolveConfigProperty) : V3ApiUtil.dtoToConfigurationProperty(resolveConfigProperty, rawConfigProperty);
    }

    @Audited(extractParameters = {"0", AuditingConstants.KEY_NAME, "1", AuditingConstants.KEY_PROPERTY_CONFIGURATION})
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public void updateConfigProperty(String str, UpdateConfigurationProperty updateConfigurationProperty) {
        validateConfigPropertyValue(resolveConfigProperty(str), updateConfigurationProperty.getValue());
        DynamicConfigPropertyDto dynamicConfigPropertyDto = new DynamicConfigPropertyDto();
        dynamicConfigPropertyDto.setName(str);
        dynamicConfigPropertyDto.setValue(updateConfigurationProperty.getValue());
        this.storage.setConfigProperty(dynamicConfigPropertyDto);
    }

    @Audited(extractParameters = {"0", AuditingConstants.KEY_NAME})
    @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin)
    public void resetConfigProperty(String str) {
        resolveConfigProperty(str);
        this.storage.deleteConfigProperty(str);
    }

    private String createDownloadHref(String str) {
        return "/apis/registry/v3/downloads/" + str;
    }

    private ConfigurationProperty defToConfigurationProperty(DynamicConfigPropertyDef dynamicConfigPropertyDef) {
        String str = (String) this.config.getOptionalValue(dynamicConfigPropertyDef.getName(), String.class).orElse(dynamicConfigPropertyDef.getDefaultValue());
        ConfigurationProperty configurationProperty = new ConfigurationProperty();
        configurationProperty.setName(DtoUtil.appAuthPropertyToRegistry(dynamicConfigPropertyDef.getName()));
        configurationProperty.setValue(str);
        configurationProperty.setType(dynamicConfigPropertyDef.getType().getName());
        configurationProperty.setLabel(dynamicConfigPropertyDef.getLabel());
        configurationProperty.setDescription(dynamicConfigPropertyDef.getDescription());
        return configurationProperty;
    }

    private DynamicConfigPropertyDef resolveConfigProperty(String str) {
        if (this.dynamicPropertyIndex.getProperty(str) == null) {
            str = DtoUtil.registryAuthPropertyToApp(str);
        }
        DynamicConfigPropertyDef property = this.dynamicPropertyIndex.getProperty(str);
        if (property == null) {
            throw new ConfigPropertyNotFoundException(str);
        }
        if (this.dynamicPropertyIndex.isAccepted(str)) {
            return property;
        }
        throw new ConfigPropertyNotFoundException(str);
    }

    private void validateConfigPropertyValue(DynamicConfigPropertyDef dynamicConfigPropertyDef, String str) {
        if (!dynamicConfigPropertyDef.isValidValue(str)) {
            throw new InvalidPropertyValueException("Invalid dynamic configuration property value for: " + dynamicConfigPropertyDef.getName());
        }
    }
}
