package org.graylog2.rest.resources.dashboards;

import com.codahale.metrics.MetricRegistry;
import com.codahale.metrics.annotation.Timed;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.wordnik.swagger.annotations.Api;
import com.wordnik.swagger.annotations.ApiOperation;
import com.wordnik.swagger.annotations.ApiParam;
import com.wordnik.swagger.annotations.ApiResponse;
import com.wordnik.swagger.annotations.ApiResponses;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.concurrent.ExecutionException;
import javax.inject.Inject;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.config.Ini;
import org.graylog2.dashboards.Dashboard;
import org.graylog2.dashboards.DashboardImpl;
import org.graylog2.dashboards.DashboardRegistry;
import org.graylog2.dashboards.DashboardService;
import org.graylog2.dashboards.widgets.DashboardWidget;
import org.graylog2.dashboards.widgets.InvalidWidgetConfigurationException;
import org.graylog2.database.NotFoundException;
import org.graylog2.database.ValidationException;
import org.graylog2.indexer.searches.Searches;
import org.graylog2.indexer.searches.timeranges.InvalidRangeParametersException;
import org.graylog2.rest.resources.RestResource;
import org.graylog2.rest.resources.dashboards.requests.AddWidgetRequest;
import org.graylog2.rest.resources.dashboards.requests.CreateRequest;
import org.graylog2.rest.resources.dashboards.requests.UpdateRequest;
import org.graylog2.rest.resources.dashboards.requests.UpdateWidgetPositionsRequest;
import org.graylog2.rest.resources.dashboards.requests.UpdateWidgetRequest;
import org.graylog2.security.RestPermissions;
import org.graylog2.streams.StreamRuleImpl;
import org.graylog2.system.activities.Activity;
import org.graylog2.system.activities.ActivityWriter;
import org.joda.time.DateTime;
import org.joda.time.DateTimeZone;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@RequiresAuthentication
@Api(value = "Dashboards", description = "Manage dashboards")
@Path("/dashboards")
/* loaded from: input_file:org/graylog2/rest/resources/dashboards/DashboardsResource.class */
public class DashboardsResource extends RestResource {
    private static final Logger LOG = LoggerFactory.getLogger(DashboardsResource.class);
    private DashboardService dashboardService;
    private DashboardRegistry dashboardRegistry;
    private ActivityWriter activityWriter;
    private MetricRegistry metricRegistry;
    private final Searches searches;

    @Inject
    public DashboardsResource(DashboardService dashboardService, DashboardRegistry dashboardRegistry, ActivityWriter activityWriter, MetricRegistry metricRegistry, Searches searches) {
        this.dashboardService = dashboardService;
        this.dashboardRegistry = dashboardRegistry;
        this.activityWriter = activityWriter;
        this.metricRegistry = metricRegistry;
        this.searches = searches;
    }

    @Timed
    @ApiResponses({@ApiResponse(code = 403, message = "Request must be performed against master node.")})
    @POST
    @RequiresPermissions({RestPermissions.DASHBOARDS_CREATE})
    @Consumes({MediaType.APPLICATION_JSON})
    @ApiOperation("Create a dashboard")
    @Produces({MediaType.APPLICATION_JSON})
    public Response create(@ApiParam(required = true) String str) {
        restrictToMaster();
        try {
            CreateRequest createRequest = (CreateRequest) this.objectMapper.readValue(str, CreateRequest.class);
            HashMap newHashMap = Maps.newHashMap();
            newHashMap.put("title", createRequest.title);
            newHashMap.put("description", createRequest.description);
            newHashMap.put("creator_user_id", getCurrentUser().getName());
            newHashMap.put("created_at", new DateTime(DateTimeZone.UTC));
            DashboardImpl dashboardImpl = new DashboardImpl(newHashMap);
            try {
                String save = this.dashboardService.save(dashboardImpl);
                this.dashboardRegistry.add(dashboardImpl);
                HashMap newHashMap2 = Maps.newHashMap();
                newHashMap2.put("dashboard_id", save);
                return Response.status(Response.Status.CREATED).entity(json(newHashMap2)).build();
            } catch (ValidationException e) {
                LOG.error("Validation error.", (Throwable) e);
                throw new WebApplicationException(e, Response.Status.BAD_REQUEST);
            }
        } catch (IOException e2) {
            LOG.error("Error while parsing JSON", (Throwable) e2);
            throw new WebApplicationException(e2, Response.Status.BAD_REQUEST);
        }
    }

    @GET
    @Timed
    @ApiOperation("Get a list of all dashboards and all configurations of their widgets.")
    @ApiResponses({@ApiResponse(code = 403, message = "Request must be performed against master node.")})
    @Produces({MediaType.APPLICATION_JSON})
    public String list() {
        restrictToMaster();
        ArrayList newArrayList = Lists.newArrayList();
        for (Dashboard dashboard : this.dashboardService.all()) {
            if (isPermitted(RestPermissions.DASHBOARDS_READ, dashboard.getId())) {
                newArrayList.add(dashboard.asMap());
            }
        }
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put("total", Integer.valueOf(newArrayList.size()));
        newHashMap.put("dashboards", newArrayList);
        return json(newHashMap);
    }

    @GET
    @Path("/{dashboardId}")
    @Timed
    @ApiOperation("Get a single dashboards and all configurations of its widgets.")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 403, message = "Request must be performed against master node.")})
    @Produces({MediaType.APPLICATION_JSON})
    public String get(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str) {
        restrictToMaster();
        checkPermission(RestPermissions.DASHBOARDS_READ, str);
        try {
            return json(this.dashboardService.load(str).asMap());
        } catch (NotFoundException e) {
            throw new WebApplicationException(404);
        }
    }

    @Path("/{dashboardId}")
    @Timed
    @DELETE
    @ApiOperation("Delete a dashboard and all its widgets")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 403, message = "Request must be performed against master node.")})
    @Produces({MediaType.APPLICATION_JSON})
    public Response delete(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str) {
        restrictToMaster();
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str);
        try {
            Dashboard load = this.dashboardService.load(str);
            this.dashboardRegistry.remove(str);
            this.dashboardService.destroy(load);
            String str2 = "Deleted dashboard <" + load.getId() + ">. Reason: REST request.";
            LOG.info(str2);
            this.activityWriter.write(new Activity(str2, DashboardsResource.class));
            return Response.status(Response.Status.fromStatusCode(204)).build();
        } catch (NotFoundException e) {
            throw new WebApplicationException(404);
        }
    }

    @Path("/{dashboardId}")
    @Timed
    @ApiOperation("Update the settings of a dashboard.")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found.")})
    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    public Response update(@ApiParam(name = "JSON body", required = true) String str, @PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str2) {
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str2);
        try {
            try {
                UpdateRequest updateRequest = (UpdateRequest) this.objectMapper.readValue(str, UpdateRequest.class);
                Dashboard load = this.dashboardService.load(str2);
                if (updateRequest.title != null) {
                    load.setTitle(updateRequest.title);
                }
                if (updateRequest.description != null) {
                    load.setDescription(updateRequest.description);
                }
                this.dashboardService.save(load);
                return Response.status(Response.Status.OK).build();
            } catch (IOException e) {
                LOG.error("Error while parsing JSON", (Throwable) e);
                throw new WebApplicationException(e, Response.Status.BAD_REQUEST);
            }
        } catch (NotFoundException e2) {
            throw new WebApplicationException(404);
        } catch (ValidationException e3) {
            LOG.error("Validation error.", (Throwable) e3);
            throw new WebApplicationException(e3, Response.Status.BAD_REQUEST);
        }
    }

    @Path("/{dashboardId}/positions")
    @Timed
    @ApiOperation("Update/set the positions of dashboard widgets.")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found.")})
    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    public Response setPositions(@ApiParam(name = "JSON body", required = true) String str, @PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str2) {
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str2);
        try {
            try {
                UpdateWidgetPositionsRequest updateWidgetPositionsRequest = (UpdateWidgetPositionsRequest) this.objectMapper.readValue(str, UpdateWidgetPositionsRequest.class);
                this.dashboardService.updateWidgetPositions(this.dashboardService.load(str2), updateWidgetPositionsRequest.positions);
                return Response.status(Response.Status.OK).build();
            } catch (IOException e) {
                LOG.error("Error while parsing JSON", (Throwable) e);
                throw new WebApplicationException(e, Response.Status.BAD_REQUEST);
            }
        } catch (NotFoundException e2) {
            throw new WebApplicationException(404);
        } catch (ValidationException e3) {
            LOG.error("Validation error.", (Throwable) e3);
            throw new WebApplicationException(e3, Response.Status.BAD_REQUEST);
        }
    }

    @Path("/{dashboardId}/widgets")
    @Timed
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 400, message = "Validation error."), @ApiResponse(code = 400, message = "No such widget type."), @ApiResponse(code = 403, message = "Request must be performed against master node.")})
    @POST
    @Consumes({MediaType.APPLICATION_JSON})
    @ApiOperation("Add a widget to a dashboard")
    @Produces({MediaType.APPLICATION_JSON})
    public Response addWidget(@ApiParam(name = "JSON body", required = true) String str, @PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str2) {
        restrictToMaster();
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str2);
        try {
            AddWidgetRequest addWidgetRequest = (AddWidgetRequest) this.objectMapper.readValue(str, AddWidgetRequest.class);
            if (addWidgetRequest.config.containsKey(StreamRuleImpl.FIELD_STREAM_ID)) {
                checkPermission(RestPermissions.STREAMS_READ, (String) addWidgetRequest.config.get(StreamRuleImpl.FIELD_STREAM_ID));
            } else {
                checkPermission(RestPermissions.SEARCHES_ABSOLUTE);
                checkPermission(RestPermissions.SEARCHES_RELATIVE);
                checkPermission(RestPermissions.SEARCHES_KEYWORD);
            }
            try {
                DashboardWidget fromRequest = DashboardWidget.fromRequest(this.metricRegistry, this.searches, addWidgetRequest, getCurrentUser().getName());
                Dashboard dashboard = this.dashboardRegistry.get(str2);
                if (dashboard == null) {
                    LOG.error("Dashboard [{}] not found.", str2);
                    throw new WebApplicationException(404);
                }
                this.dashboardService.addWidget(dashboard, fromRequest);
                HashMap newHashMap = Maps.newHashMap();
                newHashMap.put("widget_id", fromRequest.getId());
                return Response.status(Response.Status.CREATED).entity(json(newHashMap)).build();
            } catch (DashboardWidget.NoSuchWidgetTypeException e) {
                LOG.error("No such widget type.", (Throwable) e);
                throw new WebApplicationException(e, Response.Status.BAD_REQUEST);
            } catch (InvalidWidgetConfigurationException e2) {
                LOG.error("Invalid widget configuration.", (Throwable) e2);
                throw new WebApplicationException(e2, Response.Status.BAD_REQUEST);
            } catch (ValidationException e3) {
                LOG.error("Validation error.", (Throwable) e3);
                throw new WebApplicationException(e3, Response.Status.BAD_REQUEST);
            } catch (InvalidRangeParametersException e4) {
                LOG.error("Invalid timerange parameters provided.", (Throwable) e4);
                throw new WebApplicationException(e4, Response.Status.BAD_REQUEST);
            }
        } catch (IOException e5) {
            LOG.error("Error while parsing JSON", (Throwable) e5);
            throw new WebApplicationException(e5, Response.Status.BAD_REQUEST);
        }
    }

    @Path("/{dashboardId}/widgets/{widgetId}")
    @Timed
    @DELETE
    @ApiOperation("Delete a widget")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 404, message = "Widget not found."), @ApiResponse(code = 403, message = "Request must be performed against master node.")})
    @Produces({MediaType.APPLICATION_JSON})
    public Response remove(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str, @PathParam("widgetId") @ApiParam(name = "widgetId", required = true) String str2) {
        restrictToMaster();
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str);
        if (str == null || str.isEmpty()) {
            LOG.error("Missing dashboard ID. Returning HTTP 400.");
            throw new WebApplicationException(400);
        }
        if (str2 == null || str2.isEmpty()) {
            LOG.error("Missing widget ID. Returning HTTP 400.");
            throw new WebApplicationException(400);
        }
        Dashboard dashboard = this.dashboardRegistry.get(str);
        if (dashboard == null) {
            LOG.error("Dashboard not found.");
            throw new WebApplicationException(404);
        }
        this.dashboardService.removeWidget(dashboard, dashboard.getWidget(str2));
        String str3 = "Deleted widget <" + str2 + "> from dashboard <" + str + ">. Reason: REST request.";
        LOG.info(str3);
        this.activityWriter.write(new Activity(str3, DashboardsResource.class));
        return Response.status(Response.Status.NO_CONTENT).build();
    }

    @GET
    @Path("/{dashboardId}/widgets/{widgetId}/value")
    @Timed
    @ApiOperation("Get a single widget value.")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 404, message = "Widget not found."), @ApiResponse(code = 403, message = "Request must be performed against master node."), @ApiResponse(code = 504, message = "Computation failed on indexer side.")})
    @Produces({MediaType.APPLICATION_JSON})
    public Response widgetValue(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str, @PathParam("widgetId") @ApiParam(name = "widgetId", required = true) String str2) {
        restrictToMaster();
        checkPermission(RestPermissions.DASHBOARDS_READ, str);
        Dashboard dashboard = this.dashboardRegistry.get(str);
        if (dashboard == null) {
            LOG.error("Dashboard not found.");
            throw new WebApplicationException(404);
        }
        DashboardWidget widget = dashboard.getWidget(str2);
        if (widget == null) {
            LOG.error("Widget not found.");
            throw new WebApplicationException(404);
        }
        try {
            return Response.status(Response.Status.OK).entity(json(widget.getComputationResult().asMap())).build();
        } catch (ExecutionException e) {
            LOG.error("Error while computing dashboard.", (Throwable) e);
            return Response.status(Response.Status.GATEWAY_TIMEOUT).build();
        }
    }

    @Path("/{dashboardId}/widgets/{widgetId}/description")
    @Timed
    @ApiOperation("Update description of a widget")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 404, message = "Widget not found."), @ApiResponse(code = 403, message = "Request must be performed against master node.")})
    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    public Response updateDescription(@ApiParam(name = "JSON body", required = true) String str, @PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str2, @PathParam("widgetId") @ApiParam(name = "widgetId", required = true) String str3) {
        restrictToMaster();
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str2);
        try {
            UpdateWidgetRequest updateWidgetRequest = (UpdateWidgetRequest) this.objectMapper.readValue(str, UpdateWidgetRequest.class);
            if (str2 == null || str2.isEmpty()) {
                LOG.error("Missing dashboard ID. Returning HTTP 400.");
                throw new WebApplicationException(400);
            }
            if (str3 == null || str3.isEmpty()) {
                LOG.error("Missing widget ID. Returning HTTP 400.");
                throw new WebApplicationException(400);
            }
            try {
                Dashboard dashboard = this.dashboardRegistry.get(str2);
                if (dashboard == null) {
                    LOG.error("Dashboard not found.");
                    throw new WebApplicationException(404);
                }
                DashboardWidget widget = dashboard.getWidget(str3);
                if (widget == null) {
                    LOG.error("Widget not found.");
                    throw new WebApplicationException(404);
                }
                this.dashboardService.updateWidgetDescription(dashboard, widget, updateWidgetRequest.description);
                LOG.info("Updated description of widget <" + str3 + "> on dashboard <" + str2 + ">. Reason: REST request.");
                return Response.status(Response.Status.OK).build();
            } catch (ValidationException e) {
                LOG.error("Validation error.", (Throwable) e);
                throw new WebApplicationException(e, Response.Status.BAD_REQUEST);
            }
        } catch (IOException e2) {
            LOG.error("Error while parsing JSON", (Throwable) e2);
            throw new WebApplicationException(e2, Response.Status.BAD_REQUEST);
        }
    }

    @Path("/{dashboardId}/widgets/{widgetId}/cachetime")
    @Timed
    @ApiOperation("Update cache time of a widget")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 404, message = "Widget not found."), @ApiResponse(code = 403, message = "Request must be performed against master node.")})
    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    public Response updateCacheTime(@ApiParam(name = "JSON body", required = true) String str, @PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str2, @PathParam("widgetId") @ApiParam(name = "widgetId", required = true) String str3) {
        restrictToMaster();
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str2);
        try {
            UpdateWidgetRequest updateWidgetRequest = (UpdateWidgetRequest) this.objectMapper.readValue(str, UpdateWidgetRequest.class);
            if (str2 == null || str2.isEmpty()) {
                LOG.error("Missing dashboard ID. Returning HTTP 400.");
                throw new WebApplicationException(400);
            }
            if (str3 == null || str3.isEmpty()) {
                LOG.error("Missing widget ID. Returning HTTP 400.");
                throw new WebApplicationException(400);
            }
            try {
                Dashboard dashboard = this.dashboardRegistry.get(str2);
                if (dashboard == null) {
                    LOG.error("Dashboard not found.");
                    throw new WebApplicationException(404);
                }
                DashboardWidget widget = dashboard.getWidget(str3);
                if (widget == null) {
                    LOG.error("Widget not found.");
                    throw new WebApplicationException(404);
                }
                this.dashboardService.updateWidgetCacheTime(dashboard, widget, updateWidgetRequest.cacheTime);
                LOG.info("Updated cache time of widget <" + str3 + "> on dashboard <" + str2 + "> to " + Ini.SECTION_PREFIX + updateWidgetRequest.cacheTime + "]. Reason: REST request.");
                return Response.status(Response.Status.OK).build();
            } catch (ValidationException e) {
                LOG.error("Validation error.", (Throwable) e);
                throw new WebApplicationException(e, Response.Status.BAD_REQUEST);
            }
        } catch (IOException e2) {
            LOG.error("Error while parsing JSON", (Throwable) e2);
            throw new WebApplicationException(e2, Response.Status.BAD_REQUEST);
        }
    }
}
