package org.graylog.security.rest;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.google.auto.value.AutoValue;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import java.time.ZonedDateTime;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
import javax.annotation.Nullable;
import javax.inject.Inject;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Response;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.graylog.grn.GRN;
import org.graylog.grn.GRNDescriptorService;
import org.graylog.security.Capability;
import org.graylog.security.DBGrantService;
import org.graylog.security.GrantDTO;
import org.graylog.security.rest.AutoValue_GrantsOverviewResource_GrantSummary;
import org.graylog2.contentpacks.model.ContentPackInstallation;
import org.graylog2.shared.rest.resources.RestResource;
import org.graylog2.shared.security.RestPermissions;

@Api(value = "Authorization/GrantsOverview", description = "Grants overview")
@RequiresAuthentication
@Path("/authz/grants-overview")
@Consumes({"application/json"})
@Produces({"application/json"})
/* loaded from: input_file:org/graylog/security/rest/GrantsOverviewResource.class */
public class GrantsOverviewResource extends RestResource {
    private final DBGrantService grantService;
    private final GRNDescriptorService descriptorService;

    @AutoValue
    /* loaded from: input_file:org/graylog/security/rest/GrantsOverviewResource$GrantSummary.class */
    public static abstract class GrantSummary {

        @AutoValue.Builder
        /* loaded from: input_file:org/graylog/security/rest/GrantsOverviewResource$GrantSummary$Builder.class */
        public static abstract class Builder {
            public abstract Builder id(String str);

            public abstract Builder grantee(GRN grn);

            public abstract Builder granteeTitle(String str);

            public abstract Builder capability(Capability capability);

            public abstract Builder target(GRN grn);

            public abstract Builder targetTitle(String str);

            public abstract Builder createdBy(String str);

            public abstract Builder createdAt(ZonedDateTime zonedDateTime);

            public abstract Builder updatedBy(String str);

            public abstract Builder updatedAt(ZonedDateTime zonedDateTime);

            public abstract Builder expiresAt(@Nullable ZonedDateTime zonedDateTime);

            public abstract GrantSummary build();
        }

        @JsonProperty("id")
        public abstract String id();

        @JsonProperty("grantee")
        public abstract GRN grantee();

        @JsonProperty("grantee_title")
        public abstract String granteeTitle();

        @JsonProperty("capability")
        public abstract Capability capability();

        @JsonProperty(GrantDTO.FIELD_TARGET)
        public abstract GRN target();

        @JsonProperty("target_title")
        public abstract String targetTitle();

        @JsonProperty(ContentPackInstallation.FIELD_CREATED_BY)
        public abstract String createdBy();

        @JsonProperty("created_at")
        public abstract ZonedDateTime createdAt();

        @JsonProperty("updated_by")
        public abstract String updatedBy();

        @JsonProperty("updated_at")
        public abstract ZonedDateTime updatedAt();

        @JsonProperty("expires_at")
        public abstract Optional<ZonedDateTime> expiresAt();

        public static GrantSummary of(GrantDTO grantDTO, GRNDescriptorService gRNDescriptorService) {
            return builder().id(grantDTO.id()).grantee(grantDTO.grantee()).granteeTitle(grantDTO.grantee().type() + ": " + gRNDescriptorService.getDescriptor(grantDTO.grantee()).title()).capability(grantDTO.capability()).target(grantDTO.target()).targetTitle(grantDTO.target().type() + ": " + gRNDescriptorService.getDescriptor(grantDTO.target()).title()).createdBy(grantDTO.createdBy()).createdAt(grantDTO.createdAt()).updatedBy(grantDTO.updatedBy()).updatedAt(grantDTO.updatedAt()).expiresAt(grantDTO.expiresAt().orElse(null)).build();
        }

        public static Builder builder() {
            return new AutoValue_GrantsOverviewResource_GrantSummary.Builder();
        }
    }

    @Inject
    public GrantsOverviewResource(DBGrantService dBGrantService, GRNDescriptorService gRNDescriptorService) {
        this.grantService = dBGrantService;
        this.descriptorService = gRNDescriptorService;
    }

    @GET
    @RequiresPermissions({RestPermissions.GRANTS_OVERVIEW_READ})
    @ApiOperation("Return an overview of all grants in the system")
    public Response getOverview() {
        return Response.ok(Collections.singletonMap(DBGrantService.COLLECTION_NAME, (List) this.grantService.getAll().stream().map(grantDTO -> {
            return GrantSummary.of(grantDTO, this.descriptorService);
        }).collect(Collectors.toList()))).build();
    }
}
