package org.qubership.integration.platform.variables.management.service;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.dataformat.yaml.YAMLMapper;
import jakarta.persistence.EntityExistsException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
import java.util.stream.Collectors;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.qubership.integration.platform.variables.management.kubernetes.KubeApiException;
import org.qubership.integration.platform.variables.management.kubernetes.KubeApiNotFoundException;
import org.qubership.integration.platform.variables.management.kubernetes.KubeOperator;
import org.qubership.integration.platform.variables.management.kubernetes.SecretUpdateCallback;
import org.qubership.integration.platform.variables.management.model.SecretEntity;
import org.qubership.integration.platform.variables.management.persistence.configs.entity.actionlog.ActionLog;
import org.qubership.integration.platform.variables.management.persistence.configs.entity.actionlog.EntityType;
import org.qubership.integration.platform.variables.management.persistence.configs.entity.actionlog.LogOperation;
import org.qubership.integration.platform.variables.management.rest.exception.EmptyVariableFieldException;
import org.qubership.integration.platform.variables.management.rest.exception.SecuredVariablesException;
import org.qubership.integration.platform.variables.management.rest.exception.SecuredVariablesNotFoundException;
import org.qubership.integration.platform.variables.management.rest.v2.dto.variables.SecretErrorResponse;
import org.qubership.integration.platform.variables.management.util.DevModeUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Lazy;
import org.springframework.lang.Nullable;
import org.springframework.stereotype.Service;
import org.springframework.web.multipart.MultipartFile;

@Service
/* loaded from: input_file:org/qubership/integration/platform/variables/management/service/SecuredVariableService.class */
public class SecuredVariableService extends SecretService {
    private static final Logger log = LoggerFactory.getLogger(SecuredVariableService.class);
    public static final String EMPTY_SECURED_VARIABLE_NAME_ERROR_MESSAGE = "Secured variable's name is empty";
    private final CommonVariablesService commonVariablesService;
    private final Lock lock;
    private final ConcurrentMap<String, SecretEntity> securedVariablesSecrets;
    private final ObjectMapper objectMapperWithSorting;
    private final DevModeUtil devModeUtil;

    @Autowired
    public SecuredVariableService(@Qualifier("yamlMapper") YAMLMapper yAMLMapper, @Qualifier("primaryObjectMapper") ObjectMapper objectMapper, KubeOperator kubeOperator, ActionsLogService actionsLogService, @Value("${kubernetes.variables-secret.label}") String str, @Value("${kubernetes.variables-secret.name}") String str2, DevModeUtil devModeUtil, @Lazy CommonVariablesService commonVariablesService, @Qualifier("objectMapperWithSorting") ObjectMapper objectMapper2) {
        super(yAMLMapper, objectMapper, kubeOperator, actionsLogService, str, str2);
        this.securedVariablesSecrets = new ConcurrentHashMap();
        this.commonVariablesService = commonVariablesService;
        this.lock = new ReentrantLock(true);
        this.objectMapperWithSorting = objectMapper2;
        this.devModeUtil = devModeUtil;
    }

    public Map<String, Set<String>> getAllSecretsVariablesNames() {
        this.lock.lock();
        try {
            refreshAllVariablesSecrets();
            return (Map) getVariablesBySecret().entrySet().stream().collect(Collectors.toMap((v0) -> {
                return v0.getKey();
            }, entry -> {
                return ((ConcurrentMap) entry.getValue()).keySet();
            }));
        } finally {
            this.lock.unlock();
        }
    }

    public Set<String> getVariablesForDefaultSecret(boolean z) {
        return getVariablesForSecret(getKubeSecretV2Name(), z);
    }

    public Set<String> getVariablesForSecret(String str, boolean z) {
        String resolveSecretName = resolveSecretName(str);
        this.lock.lock();
        try {
            refreshVariablesForSecret(resolveSecretName, z);
            SecretEntity secretEntity = this.securedVariablesSecrets.get(resolveSecretName);
            if (secretEntity != null) {
                Set<String> keySet = secretEntity.getVariables().keySet();
                this.lock.unlock();
                return keySet;
            }
            if (z) {
                throw new SecuredVariablesNotFoundException(SecretService.SECRET_NOT_FOUND_ERROR_MESSAGE_FORMAT.formatted(resolveSecretName));
            }
            Set<String> emptySet = Collections.emptySet();
            this.lock.unlock();
            return emptySet;
        } catch (Throwable th) {
            this.lock.unlock();
            throw th;
        }
    }

    public Set<String> addVariablesToDefaultSecret(Map<String, String> map) {
        return addVariables(getKubeSecretV2Name(), map).get(getKubeSecretV2Name());
    }

    public Map<String, Set<String>> addVariables(String str, Map<String, String> map) {
        return addVariables(str, map, false);
    }

    public Map<String, Set<String>> addVariables(String str, Map<String, String> map, boolean z) {
        if (map.isEmpty()) {
            return Collections.singletonMap(str, Collections.emptySet());
        }
        this.lock.lock();
        try {
            String resolveSecretName = resolveSecretName(str);
            refreshVariablesForSecret(resolveSecretName, true);
            SecretEntity secretEntity = this.securedVariablesSecrets.get(resolveSecretName);
            if (secretEntity == null) {
                throw new SecuredVariablesNotFoundException(SecretService.SECRET_NOT_FOUND_ERROR_MESSAGE_FORMAT.formatted(resolveSecretName));
            }
            ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap(secretEntity.getVariables());
            HashMap hashMap = new HashMap(concurrentHashMap);
            if (isDefaultSecret(resolveSecretName)) {
                validateSecuredVariablesUniqueness(concurrentHashMap, map);
            }
            for (Map.Entry<String, String> entry : map.entrySet()) {
                validateSecuredVariable(entry.getKey(), entry.getValue());
            }
            updateVariablesCache(resolveSecretName, this.operator.addSecretData(resolveSecretName, map, concurrentHashMap.isEmpty()));
            this.lock.unlock();
            for (String str2 : map.keySet()) {
                logSecuredVariableAction(str2, resolveSecretName, z ? LogOperation.IMPORT : hashMap.containsKey(str2) ? LogOperation.UPDATE : LogOperation.CREATE);
            }
            return Collections.singletonMap(resolveSecretName, map.keySet());
        } catch (Throwable th) {
            this.lock.unlock();
            throw th;
        }
    }

    public void deleteVariablesFromDefaultSecret(Set<String> set) {
        deleteVariables(getKubeSecretV2Name(), set);
    }

    public void deleteVariables(String str, Set<String> set) {
        deleteVariables(str, set, true);
    }

    public void deleteVariables(String str, Set<String> set, boolean z) {
        String resolveSecretName = resolveSecretName(str);
        if (CollectionUtils.isEmpty(set)) {
            return;
        }
        this.lock.lock();
        try {
            refreshVariablesForSecret(resolveSecretName, true);
            if (this.securedVariablesSecrets.get(resolveSecretName) == null) {
                throw new SecuredVariablesNotFoundException(SecretService.SECRET_NOT_FOUND_ERROR_MESSAGE_FORMAT.formatted(resolveSecretName));
            }
            updateVariablesCache(resolveSecretName, this.operator.removeSecretData(resolveSecretName, set));
            this.lock.unlock();
            if (z) {
                set.forEach(str2 -> {
                    logSecuredVariableAction(str2, resolveSecretName, LogOperation.DELETE);
                });
            }
        } catch (Throwable th) {
            this.lock.unlock();
            throw th;
        }
    }

    public List<SecretErrorResponse> deleteVariablesForMultipleSecrets(Map<String, Set<String>> map) {
        ArrayList arrayList = new ArrayList();
        HashMap hashMap = new HashMap();
        this.lock.lock();
        try {
            try {
                refreshAllVariablesSecrets();
                for (Map.Entry<String, Set<String>> entry : map.entrySet()) {
                    String resolveSecretName = resolveSecretName(entry.getKey());
                    Set<String> value = entry.getValue();
                    if (this.securedVariablesSecrets.get(resolveSecretName) == null) {
                        hashMap.put(resolveSecretName, new SecuredVariablesNotFoundException(SecretService.SECRET_NOT_FOUND_ERROR_MESSAGE_FORMAT.formatted(resolveSecretName)));
                    } else {
                        try {
                            CompletableFuture whenComplete = new CompletableFuture().whenComplete((map2, th) -> {
                                if (map2 != null) {
                                    updateVariablesCache(resolveSecretName, map2);
                                } else if (th != null) {
                                    hashMap.put(resolveSecretName, th);
                                }
                            });
                            arrayList.add(whenComplete);
                            this.operator.removeSecretDataAsync(resolveSecretName, value, new SecretUpdateCallback(whenComplete));
                        } catch (Exception e) {
                            hashMap.putIfAbsent(resolveSecretName, new SecuredVariablesException("Failed to delete variables from secret: " + resolveSecretName, e));
                        }
                    }
                }
                CompletableFuture.allOf((CompletableFuture[]) arrayList.toArray(new CompletableFuture[0])).get();
                this.lock.unlock();
                map.entrySet().stream().filter(entry2 -> {
                    return !hashMap.containsKey(entry2.getKey());
                }).forEach(entry3 -> {
                    ((Set) entry3.getValue()).forEach(str -> {
                        logSecuredVariableAction(str, (String) entry3.getKey(), LogOperation.DELETE);
                    });
                });
                if (hashMap.isEmpty()) {
                    return Collections.emptyList();
                }
                ArrayList arrayList2 = new ArrayList();
                for (Map.Entry entry4 : hashMap.entrySet()) {
                    arrayList2.add(new SecretErrorResponse((String) entry4.getKey(), ((Throwable) entry4.getValue()).getMessage()));
                    log.error("Failed to delete variables from secret {}", entry4.getKey(), entry4.getValue());
                }
                if (hashMap.keySet().containsAll(map.keySet())) {
                    throw new SecuredVariablesException("Failed to delete variables from multiple secrets");
                }
                return arrayList2;
            } catch (Throwable th2) {
                this.lock.unlock();
                throw th2;
            }
        } catch (InterruptedException | ExecutionException e2) {
            log.error("Failed to delete variables", e2);
            throw new SecuredVariablesException("Failed to delete variables", e2);
        }
    }

    public String updateVariableInDefaultSecret(String str, String str2) {
        updateVariables(getKubeSecretV2Name(), Collections.singletonMap(str, str2));
        return str;
    }

    public Pair<String, Set<String>> updateVariables(String str, Map<String, String> map) {
        String resolveSecretName = resolveSecretName(str);
        this.lock.lock();
        try {
            refreshVariablesForSecret(resolveSecretName, true);
            ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap(this.securedVariablesSecrets.get(resolveSecretName).getVariables());
            for (Map.Entry<String, String> entry : map.entrySet()) {
                String key = entry.getKey();
                String value = entry.getValue();
                validateSecuredVariable(key, value);
                if (!concurrentHashMap.containsKey(key)) {
                    throw new SecuredVariablesNotFoundException("Cannot find variable " + key);
                }
                concurrentHashMap.put(key, Objects.isNull(value) ? "" : value);
            }
            updateVariablesCache(resolveSecretName, this.operator.updateSecretData(resolveSecretName, concurrentHashMap));
            this.lock.unlock();
            map.keySet().forEach(str2 -> {
                logSecuredVariableAction(str2, resolveSecretName, LogOperation.UPDATE);
            });
            return Pair.of(resolveSecretName, map.keySet());
        } catch (Throwable th) {
            this.lock.unlock();
            throw th;
        }
    }

    public Set<String> importVariablesRequest(MultipartFile multipartFile) {
        try {
            Map<String, String> map = (Map) this.yamlMapper.readValue(new String(multipartFile.getBytes()), new TypeReference<Map<String, String>>() { // from class: org.qubership.integration.platform.variables.management.service.SecuredVariableService.1
            });
            addVariables(getKubeSecretV2Name(), map, true);
            map.keySet().forEach(str -> {
                logSecuredVariableAction(str, getKubeSecretV2Name(), LogOperation.IMPORT);
            });
            return map.keySet();
        } catch (IOException e) {
            log.error("Unable to convert file to variables {}", e.getMessage());
            throw new RuntimeException("Unable to convert file to variables");
        }
    }

    protected Map<String, SecretEntity> getSecuredVariablesSecrets() {
        return this.securedVariablesSecrets;
    }

    private void validateSecuredVariable(String str, String str2) {
        if (StringUtils.isBlank(str)) {
            throw new EmptyVariableFieldException(EMPTY_SECURED_VARIABLE_NAME_ERROR_MESSAGE);
        }
    }

    private void validateSecuredVariablesUniqueness(Map<String, String> map, Map<String, String> map2) {
        Iterator<Map.Entry<String, String>> it = this.commonVariablesService.getVariables().entrySet().iterator();
        while (it.hasNext()) {
            String key = it.next().getKey();
            if (map.containsKey(key) || map2.containsKey(key)) {
                throw new EntityExistsException("Common variable with name " + key + " already exists");
            }
        }
    }

    private ConcurrentMap<String, ConcurrentMap<String, String>> getVariablesBySecret() {
        ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap();
        for (Map.Entry<String, SecretEntity> entry : this.securedVariablesSecrets.entrySet()) {
            concurrentHashMap.put(entry.getKey(), entry.getValue().getVariables());
        }
        return concurrentHashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void refreshAllVariablesSecrets() {
        ConcurrentMap concurrentHashMap;
        try {
            concurrentHashMap = this.operator.getAllSecretsWithLabel(getKubeSecretsLabel());
        } catch (KubeApiException e) {
            log.error("Can't get kube secrets {}", e.getMessage());
            if (!this.devModeUtil.isDevMode()) {
                throw e;
            }
            concurrentHashMap = new ConcurrentHashMap();
        }
        this.securedVariablesSecrets.clear();
        for (Map.Entry entry : concurrentHashMap.entrySet()) {
            updateVariablesCache((String) entry.getKey(), (ConcurrentMap) entry.getValue());
        }
    }

    private void refreshVariablesForSecret(String str, boolean z) {
        try {
            updateVariablesCache(str, this.operator.getSecretByName(str, z));
        } catch (KubeApiNotFoundException e) {
            log.error("Cannot get secured variables from secret", e);
            this.securedVariablesSecrets.remove(str);
            if (!this.devModeUtil.isDevMode()) {
                throw new SecuredVariablesNotFoundException(SecretService.SECRET_NOT_FOUND_ERROR_MESSAGE_FORMAT.formatted(str), e);
            }
        } catch (KubeApiException e2) {
            log.error("Can't get kube secret: {}", e2.getMessage());
            if (!this.devModeUtil.isDevMode()) {
                throw e2;
            }
        }
    }

    private void updateVariablesCache(String str, Map<String, String> map) {
        this.securedVariablesSecrets.put(str, SecretEntity.builder().secretName(str).variables(new ConcurrentHashMap(map)).build());
    }

    private String resolveSecretName(@Nullable String str) {
        return (StringUtils.isBlank(str) || "default".equalsIgnoreCase(str)) ? getKubeSecretV2Name() : str;
    }

    private void logSecuredVariableAction(String str, String str2, LogOperation logOperation) {
        this.actionLogger.logAction(ActionLog.builder().entityType(EntityType.SECURED_VARIABLE).entityName(str).parentType(EntityType.SECRET).parentName(str2).operation(logOperation).build());
    }
}
