package io.datarouter.auth.web;

import io.datarouter.auth.config.DatarouterAuthFiles;
import io.datarouter.auth.config.DatarouterAuthPaths;
import io.datarouter.auth.service.DatarouterAccountAvailableEndpointsProvider;
import io.datarouter.auth.service.DefaultDatarouterAccountAvailableEndpointsProvider;
import io.datarouter.auth.service.DefaultDatarouterAccountKeysSupplier;
import io.datarouter.auth.storage.account.BaseDatarouterAccountDao;
import io.datarouter.auth.storage.account.DatarouterAccount;
import io.datarouter.auth.storage.account.DatarouterAccountKey;
import io.datarouter.auth.storage.accountpermission.BaseDatarouterAccountPermissionDao;
import io.datarouter.auth.storage.accountpermission.DatarouterAccountPermission;
import io.datarouter.auth.storage.accountpermission.DatarouterAccountPermissionKey;
import io.datarouter.storage.config.DatarouterProperties;
import io.datarouter.storage.servertype.ServerType;
import io.datarouter.util.Require;
import io.datarouter.util.string.StringTool;
import io.datarouter.web.handler.BaseHandler;
import io.datarouter.web.handler.mav.Mav;
import io.datarouter.web.html.react.bootstrap4.Bootstrap4ReactPageFactory;
import io.datarouter.web.requirejs.DatarouterWebRequireJs;
import io.datarouter.web.user.session.CurrentSessionInfo;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.function.Consumer;
import javax.inject.Inject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/datarouter/auth/web/DatarouterAccountManagerHandler.class */
public class DatarouterAccountManagerHandler extends BaseHandler {
    private static final Logger logger = LoggerFactory.getLogger(DatarouterAccountManagerHandler.class);
    private final BaseDatarouterAccountDao datarouterAccountDao;
    private final BaseDatarouterAccountPermissionDao datarouterAccountPermissionDao;
    private final DatarouterProperties datarouterProperties;
    private final DatarouterAuthFiles files;
    private final DatarouterAccountAvailableEndpointsProvider datarouterAccountAvailableEndpointsProvider;
    private final Bootstrap4ReactPageFactory reactPageFactory;
    private final DefaultDatarouterAccountKeysSupplier defaultDatarouterAccountKeys;
    private final CurrentSessionInfo currentSessionInfo;
    private final String path;

    /* loaded from: input_file:io/datarouter/auth/web/DatarouterAccountManagerHandler$AvailableRouteSet.class */
    public static class AvailableRouteSet {
        public final String name;
        public final String className;
        public final List<String> rules;

        public AvailableRouteSet(String str, String str2, List<String> list) {
            this.name = str;
            this.className = str2;
            this.rules = list;
        }
    }

    /* loaded from: input_file:io/datarouter/auth/web/DatarouterAccountManagerHandler$DatarouterAccountDetails.class */
    public static class DatarouterAccountDetails {
        public final DatarouterAccount account;
        public final List<TextPermission> permissions;

        public DatarouterAccountDetails(DatarouterAccount datarouterAccount, List<TextPermission> list) {
            this.account = datarouterAccount;
            this.permissions = list;
        }
    }

    /* loaded from: input_file:io/datarouter/auth/web/DatarouterAccountManagerHandler$TextPermission.class */
    public static class TextPermission {
        public final String accountName;
        public final String endpoint;

        public TextPermission(String str, String str2) {
            this.accountName = str;
            this.endpoint = str2;
        }

        public static TextPermission create(DatarouterAccountPermissionKey datarouterAccountPermissionKey) {
            return new TextPermission(datarouterAccountPermissionKey.getAccountName(), datarouterAccountPermissionKey.getEndpoint());
        }
    }

    @Inject
    public DatarouterAccountManagerHandler(BaseDatarouterAccountDao baseDatarouterAccountDao, BaseDatarouterAccountPermissionDao baseDatarouterAccountPermissionDao, DatarouterProperties datarouterProperties, DatarouterAuthFiles datarouterAuthFiles, DatarouterAuthPaths datarouterAuthPaths, DefaultDatarouterAccountAvailableEndpointsProvider defaultDatarouterAccountAvailableEndpointsProvider, Bootstrap4ReactPageFactory bootstrap4ReactPageFactory, DefaultDatarouterAccountKeysSupplier defaultDatarouterAccountKeysSupplier, CurrentSessionInfo currentSessionInfo) {
        this(baseDatarouterAccountDao, baseDatarouterAccountPermissionDao, datarouterProperties, datarouterAuthFiles, defaultDatarouterAccountAvailableEndpointsProvider, bootstrap4ReactPageFactory, defaultDatarouterAccountKeysSupplier, currentSessionInfo, datarouterAuthPaths.admin.accounts.toSlashedString());
    }

    protected DatarouterAccountManagerHandler(BaseDatarouterAccountDao baseDatarouterAccountDao, BaseDatarouterAccountPermissionDao baseDatarouterAccountPermissionDao, DatarouterProperties datarouterProperties, DatarouterAuthFiles datarouterAuthFiles, DatarouterAccountAvailableEndpointsProvider datarouterAccountAvailableEndpointsProvider, Bootstrap4ReactPageFactory bootstrap4ReactPageFactory, DefaultDatarouterAccountKeysSupplier defaultDatarouterAccountKeysSupplier, CurrentSessionInfo currentSessionInfo, String str) {
        this.datarouterAccountDao = baseDatarouterAccountDao;
        this.datarouterAccountPermissionDao = baseDatarouterAccountPermissionDao;
        this.datarouterProperties = datarouterProperties;
        this.files = datarouterAuthFiles;
        this.datarouterAccountAvailableEndpointsProvider = datarouterAccountAvailableEndpointsProvider;
        this.reactPageFactory = bootstrap4ReactPageFactory;
        this.defaultDatarouterAccountKeys = defaultDatarouterAccountKeysSupplier;
        this.currentSessionInfo = currentSessionInfo;
        this.path = str;
    }

    @BaseHandler.Handler(defaultHandler = true)
    public Mav index() {
        return this.reactPageFactory.startBuilder(this.request).withTitle("Datarouter Account Manager").withRequires(new String[]{DatarouterWebRequireJs.SORTTABLE}).withReactScript(this.files.js.accountManagerJsx).withJsStringConstant("REACT_BASE_PATH", String.valueOf(this.request.getContextPath()) + this.path + "/").buildMav();
    }

    @BaseHandler.Handler
    public List<DatarouterAccountDetails> list() {
        return this.datarouterAccountDao.scan().map(this::getDetailsForAccount).list();
    }

    @BaseHandler.Handler
    public DatarouterAccountDetails getDetails(String str) {
        return getDetailsForAccountName(str);
    }

    @BaseHandler.Handler
    public DatarouterAccountDetails add(String str) {
        Require.isTrue(!str.isEmpty());
        DatarouterAccount datarouterAccount = new DatarouterAccount(str, new Date(), getSessionInfo().getRequiredSession().getUsername());
        this.datarouterAccountDao.put(datarouterAccount);
        logAction(str, "add");
        return getDetailsForAccount(datarouterAccount);
    }

    @BaseHandler.Handler
    public DatarouterAccountDetails resetApiKeyToDefault(String str) throws Exception {
        if (isServerTypeDev()) {
            return updateAccount(str, datarouterAccount -> {
                datarouterAccount.resetApiKeyToDefault(this.defaultDatarouterAccountKeys.getDefaultApiKey());
            }, "resetApiKeyToDefault");
        }
        throw new Exception("Default apiKey is only allowed for dev serverType.");
    }

    @BaseHandler.Handler
    public DatarouterAccountDetails resetSecretKeyToDefault(String str) throws Exception {
        if (isServerTypeDev()) {
            return updateAccount(str, datarouterAccount -> {
                datarouterAccount.resetSecretKeyToDefault(this.defaultDatarouterAccountKeys.getDefaultSecretKey());
            }, "resetSecretKeyToDefault");
        }
        throw new Exception("Default secretKey is only allowed for dev serverType.");
    }

    @BaseHandler.Handler
    public DatarouterAccountDetails generateApiKey(String str) {
        return updateAccount(str, (v0) -> {
            v0.resetApiKey();
        }, "generateApiKey");
    }

    @BaseHandler.Handler
    public DatarouterAccountDetails generateSecretKey(String str) {
        return updateAccount(str, (v0) -> {
            v0.resetSecretKey();
        }, "generateSecretKey");
    }

    @BaseHandler.Handler
    public DatarouterAccountDetails toggleUserMappings(String str) {
        return updateAccount(str, (v0) -> {
            v0.toggleUserMappings();
        }, "toggleUserMappings");
    }

    @BaseHandler.Handler
    public void delete(String str) {
        this.datarouterAccountDao.delete(new DatarouterAccountKey(str));
        this.datarouterAccountPermissionDao.deleteWithPrefix(new DatarouterAccountPermissionKey(str));
        logAction(str, "delete");
    }

    @BaseHandler.Handler
    public List<String> getAvailableEndpoints() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(DatarouterAccountPermissionKey.ALL_ENDPOINTS);
        arrayList.addAll(this.datarouterAccountAvailableEndpointsProvider.getAvailableEndpoints());
        return arrayList;
    }

    @BaseHandler.Handler
    public DatarouterAccountDetails addPermission(String str, String str2) {
        this.datarouterAccountPermissionDao.put(new DatarouterAccountPermission(str, str2));
        logAction(str, "addPermission");
        return getDetails(str);
    }

    @BaseHandler.Handler
    public DatarouterAccountDetails deletePermission(String str, String str2) {
        this.datarouterAccountPermissionDao.delete(new DatarouterAccountPermissionKey(str, str2));
        logAction(str, "deletePermission");
        return getDetails(str);
    }

    @BaseHandler.Handler
    public boolean isServerTypeDev() {
        return StringTool.equalsCaseInsensitive(this.datarouterProperties.getServerTypeString(), ServerType.DEV.getPersistentString());
    }

    private DatarouterAccountDetails updateAccount(String str, Consumer<DatarouterAccount> consumer, String str2) {
        DatarouterAccount datarouterAccount = this.datarouterAccountDao.get(new DatarouterAccountKey(str));
        consumer.accept(datarouterAccount);
        this.datarouterAccountDao.put(datarouterAccount);
        logAction(str, str2);
        return getDetails(str);
    }

    private DatarouterAccountDetails getDetailsForAccount(DatarouterAccount datarouterAccount) {
        return new DatarouterAccountDetails(datarouterAccount, this.datarouterAccountPermissionDao.scanKeysWithPrefix(new DatarouterAccountPermissionKey(datarouterAccount.getKey().getAccountName())).map(TextPermission::create).list());
    }

    public DatarouterAccountDetails getDetailsForAccountName(String str) {
        return getDetailsForAccount(this.datarouterAccountDao.get(new DatarouterAccountKey(str)));
    }

    private void logAction(String str, String str2) {
        logger.warn("account={} action={} by={}", new Object[]{str, str2, this.currentSessionInfo.getNonEmptyUsernameOrElse(this.request, "unknown")});
    }
}
