package org.graylog2.rest.resources.dashboards;

import com.codahale.metrics.annotation.Timed;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Lists;
import com.wordnik.swagger.annotations.Api;
import com.wordnik.swagger.annotations.ApiOperation;
import com.wordnik.swagger.annotations.ApiParam;
import com.wordnik.swagger.annotations.ApiResponse;
import com.wordnik.swagger.annotations.ApiResponses;
import java.util.ArrayList;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import javax.inject.Inject;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.config.Ini;
import org.graylog2.dashboards.Dashboard;
import org.graylog2.dashboards.DashboardService;
import org.graylog2.dashboards.widgets.DashboardWidget;
import org.graylog2.dashboards.widgets.DashboardWidgetCreator;
import org.graylog2.dashboards.widgets.InvalidWidgetConfigurationException;
import org.graylog2.database.NotFoundException;
import org.graylog2.indexer.searches.Searches;
import org.graylog2.indexer.searches.timeranges.InvalidRangeParametersException;
import org.graylog2.plugin.Tools;
import org.graylog2.plugin.database.ValidationException;
import org.graylog2.rest.models.dashboards.requests.AddWidgetRequest;
import org.graylog2.rest.models.dashboards.requests.CreateDashboardRequest;
import org.graylog2.rest.models.dashboards.requests.UpdateDashboardRequest;
import org.graylog2.rest.models.dashboards.requests.UpdateWidgetRequest;
import org.graylog2.rest.models.dashboards.requests.WidgetPositionsRequest;
import org.graylog2.rest.models.dashboards.responses.DashboardList;
import org.graylog2.shared.rest.resources.RestResource;
import org.graylog2.shared.security.RestPermissions;
import org.graylog2.shared.system.activities.Activity;
import org.graylog2.shared.system.activities.ActivityWriter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@RequiresAuthentication
@Api(value = "Dashboards", description = "Manage dashboards")
@Path("/dashboards")
/* loaded from: input_file:org/graylog2/rest/resources/dashboards/DashboardsResource.class */
public class DashboardsResource extends RestResource {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) DashboardsResource.class);
    private DashboardService dashboardService;
    private final DashboardWidgetCreator dashboardWidgetCreator;
    private ActivityWriter activityWriter;
    private final Searches searches;

    @Inject
    public DashboardsResource(DashboardService dashboardService, DashboardWidgetCreator dashboardWidgetCreator, ActivityWriter activityWriter, Searches searches) {
        this.dashboardService = dashboardService;
        this.dashboardWidgetCreator = dashboardWidgetCreator;
        this.activityWriter = activityWriter;
        this.searches = searches;
    }

    @RequiresPermissions({RestPermissions.DASHBOARDS_CREATE})
    @Timed
    @Consumes({MediaType.APPLICATION_JSON})
    @ApiOperation("Create a dashboard")
    @POST
    @Produces({MediaType.APPLICATION_JSON})
    public Response create(@ApiParam(name = "JSON body", required = true) CreateDashboardRequest createDashboardRequest) throws ValidationException {
        String save = this.dashboardService.save(this.dashboardService.create(createDashboardRequest.title(), createDashboardRequest.description(), getCurrentUser().getName(), Tools.iso8601()));
        return Response.created(getUriBuilderToSelf().path(DashboardsResource.class).path("{dashboardId}").build(save)).entity(ImmutableMap.of("dashboard_id", save)).build();
    }

    @GET
    @Timed
    @ApiOperation("Get a list of all dashboards and all configurations of their widgets.")
    @Produces({MediaType.APPLICATION_JSON})
    public DashboardList list() {
        ArrayList newArrayList = Lists.newArrayList();
        for (Dashboard dashboard : this.dashboardService.all()) {
            if (isPermitted(RestPermissions.DASHBOARDS_READ, dashboard.getId())) {
                newArrayList.add(dashboard.asMap());
            }
        }
        return DashboardList.create(newArrayList.size(), newArrayList);
    }

    @GET
    @Path("/{dashboardId}")
    @Timed
    @ApiOperation("Get a single dashboards and all configurations of its widgets.")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found.")})
    @Produces({MediaType.APPLICATION_JSON})
    public Map<String, Object> get(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str) throws NotFoundException {
        checkPermission(RestPermissions.DASHBOARDS_READ, str);
        return this.dashboardService.load(str).asMap();
    }

    @Path("/{dashboardId}")
    @Timed
    @DELETE
    @ApiOperation("Delete a dashboard and all its widgets")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found.")})
    @Produces({MediaType.APPLICATION_JSON})
    public void delete(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str) throws NotFoundException {
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str);
        Dashboard load = this.dashboardService.load(str);
        this.dashboardService.destroy(load);
        String str2 = "Deleted dashboard <" + load.getId() + ">. Reason: REST request.";
        LOG.info(str2);
        this.activityWriter.write(new Activity(str2, DashboardsResource.class));
    }

    @Path("/{dashboardId}")
    @Timed
    @ApiOperation("Update the settings of a dashboard.")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found.")})
    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    public void update(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str, @ApiParam(name = "JSON body", required = true) UpdateDashboardRequest updateDashboardRequest) throws ValidationException, NotFoundException {
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str);
        Dashboard load = this.dashboardService.load(str);
        if (updateDashboardRequest.title() != null) {
            load.setTitle(updateDashboardRequest.title());
        }
        if (updateDashboardRequest.description() != null) {
            load.setDescription(updateDashboardRequest.description());
        }
        this.dashboardService.save(load);
    }

    @Path("/{dashboardId}/positions")
    @Timed
    @ApiOperation("Update/set the positions of dashboard widgets.")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found.")})
    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    public void setPositions(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str, @ApiParam(name = "JSON body", required = true) @Valid WidgetPositionsRequest widgetPositionsRequest) throws NotFoundException, ValidationException {
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str);
        this.dashboardService.updateWidgetPositions(this.dashboardService.load(str), widgetPositionsRequest);
    }

    @Path("/{dashboardId}/widgets")
    @Timed
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 400, message = "Validation error."), @ApiResponse(code = 400, message = "No such widget type.")})
    @POST
    @Consumes({MediaType.APPLICATION_JSON})
    @ApiOperation("Add a widget to a dashboard")
    @Produces({MediaType.APPLICATION_JSON})
    public Response addWidget(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str, @ApiParam(name = "JSON body", required = true) AddWidgetRequest addWidgetRequest) throws ValidationException, NotFoundException {
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str);
        if (addWidgetRequest.config().containsKey("stream_id")) {
            checkPermission(RestPermissions.STREAMS_READ, (String) addWidgetRequest.config().get("stream_id"));
        } else {
            checkPermission(RestPermissions.SEARCHES_ABSOLUTE);
            checkPermission(RestPermissions.SEARCHES_RELATIVE);
            checkPermission(RestPermissions.SEARCHES_KEYWORD);
        }
        try {
            DashboardWidget fromRequest = this.dashboardWidgetCreator.fromRequest(this.searches, addWidgetRequest, getCurrentUser().getName());
            this.dashboardService.addWidget(this.dashboardService.load(str), fromRequest);
            return Response.created(getUriBuilderToSelf().path(DashboardsResource.class).path("{dashboardId}/widgets/{widgetId}").build(str, fromRequest.getId())).entity(ImmutableMap.of("widget_id", fromRequest.getId())).build();
        } catch (DashboardWidget.NoSuchWidgetTypeException e) {
            LOG.debug("No such widget type.", (Throwable) e);
            throw new BadRequestException("No such widget type.", e);
        } catch (InvalidWidgetConfigurationException e2) {
            LOG.debug("Invalid widget configuration.", (Throwable) e2);
            throw new BadRequestException("Invalid widget configuration.", e2);
        } catch (InvalidRangeParametersException e3) {
            LOG.debug("Invalid timerange parameters provided.", (Throwable) e3);
            throw new BadRequestException("Invalid timerange parameters provided.", e3);
        }
    }

    @Path("/{dashboardId}/widgets/{widgetId}")
    @Timed
    @DELETE
    @ApiOperation("Delete a widget")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 404, message = "Widget not found.")})
    @Produces({MediaType.APPLICATION_JSON})
    public void remove(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str, @PathParam("widgetId") @ApiParam(name = "widgetId", required = true) String str2) throws NotFoundException {
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str);
        Dashboard load = this.dashboardService.load(str);
        this.dashboardService.removeWidget(load, load.getWidget(str2));
        String str3 = "Deleted widget <" + str2 + "> from dashboard <" + str + ">. Reason: REST request.";
        LOG.info(str3);
        this.activityWriter.write(new Activity(str3, DashboardsResource.class));
    }

    @GET
    @Path("/{dashboardId}/widgets/{widgetId}/value")
    @Timed
    @ApiOperation("Get a single widget value.")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 404, message = "Widget not found."), @ApiResponse(code = 504, message = "Computation failed on indexer side.")})
    @Produces({MediaType.APPLICATION_JSON})
    public Map<String, Object> widgetValue(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str, @PathParam("widgetId") @ApiParam(name = "widgetId", required = true) String str2) throws NotFoundException {
        checkPermission(RestPermissions.DASHBOARDS_READ, str);
        DashboardWidget widget = this.dashboardService.load(str).getWidget(str2);
        if (widget == null) {
            LOG.error("Widget not found.");
            throw new javax.ws.rs.NotFoundException();
        }
        try {
            return widget.getComputationResult().asMap();
        } catch (ExecutionException e) {
            LOG.error("Error while computing dashboard.", (Throwable) e);
            throw new WebApplicationException(e, Response.Status.GATEWAY_TIMEOUT);
        }
    }

    @Path("/{dashboardId}/widgets/{widgetId}")
    @Timed
    @ApiOperation("Update a widget")
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 404, message = "Widget not found.")})
    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    public void updateWidget(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str, @PathParam("widgetId") @ApiParam(name = "widgetId", required = true) String str2, @NotNull @ApiParam(name = "JSON body", required = true) @Valid AddWidgetRequest addWidgetRequest) throws ValidationException, NotFoundException {
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str);
        Dashboard load = this.dashboardService.load(str);
        DashboardWidget widget = load.getWidget(str2);
        if (widget == null) {
            LOG.error("Widget not found.");
            throw new javax.ws.rs.NotFoundException();
        }
        try {
            DashboardWidget fromRequest = this.dashboardWidgetCreator.fromRequest(this.searches, str2, addWidgetRequest, widget.getCreatorUserId());
            fromRequest.setCacheTime(addWidgetRequest.cacheTime());
            this.dashboardService.removeWidget(load, widget);
            this.dashboardService.addWidget(load, fromRequest);
            LOG.info("Updated widget <" + str2 + "> on dashboard <" + str + ">. Reason: REST request.");
        } catch (DashboardWidget.NoSuchWidgetTypeException e) {
            LOG.error("No such widget type.", (Throwable) e);
            throw new BadRequestException(e);
        } catch (InvalidWidgetConfigurationException e2) {
            LOG.error("Invalid widget configuration.", (Throwable) e2);
            throw new BadRequestException(e2);
        } catch (InvalidRangeParametersException e3) {
            LOG.error("Invalid timerange parameters provided.", (Throwable) e3);
            throw new BadRequestException(e3);
        }
    }

    @Path("/{dashboardId}/widgets/{widgetId}/description")
    @Timed
    @Deprecated
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 404, message = "Widget not found.")})
    @ApiOperation("Update description of a widget")
    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    public void updateDescription(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str, @PathParam("widgetId") @ApiParam(name = "widgetId", required = true) String str2, @ApiParam(name = "JSON body", required = true) @Valid UpdateWidgetRequest updateWidgetRequest) throws ValidationException, NotFoundException {
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str);
        Dashboard load = this.dashboardService.load(str);
        DashboardWidget widget = load.getWidget(str2);
        if (widget == null) {
            LOG.error("Widget not found.");
            throw new javax.ws.rs.NotFoundException();
        }
        this.dashboardService.updateWidgetDescription(load, widget, updateWidgetRequest.description());
        LOG.info("Updated description of widget <" + str2 + "> on dashboard <" + str + ">. Reason: REST request.");
    }

    @Path("/{dashboardId}/widgets/{widgetId}/cachetime")
    @Timed
    @Deprecated
    @ApiResponses({@ApiResponse(code = 404, message = "Dashboard not found."), @ApiResponse(code = 404, message = "Widget not found.")})
    @ApiOperation("Update cache time of a widget")
    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    public void updateCacheTime(@PathParam("dashboardId") @ApiParam(name = "dashboardId", required = true) String str, @PathParam("widgetId") @ApiParam(name = "widgetId", required = true) String str2, @ApiParam(name = "JSON body", required = true) @Valid UpdateWidgetRequest updateWidgetRequest) throws ValidationException, NotFoundException {
        checkPermission(RestPermissions.DASHBOARDS_EDIT, str);
        Dashboard load = this.dashboardService.load(str);
        DashboardWidget widget = load.getWidget(str2);
        if (widget == null) {
            LOG.error("Widget not found.");
            throw new javax.ws.rs.NotFoundException();
        }
        this.dashboardService.updateWidgetCacheTime(load, widget, updateWidgetRequest.cacheTime());
        LOG.info("Updated cache time of widget <" + str2 + "> on dashboard <" + str + "> to " + Ini.SECTION_PREFIX + updateWidgetRequest.cacheTime() + "]. Reason: REST request.");
    }
}
