package org.graylog.plugins.views.search.rest;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.MoreObjects;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Maps;
import com.google.common.util.concurrent.Uninterruptibles;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import java.net.URI;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.inject.Inject;
import javax.validation.constraints.NotNull;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.ForbiddenException;
import javax.ws.rs.GET;
import javax.ws.rs.InternalServerErrorException;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import one.util.streamex.StreamEx;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.graylog.plugins.views.audit.ViewsAuditEventTypes;
import org.graylog.plugins.views.search.Search;
import org.graylog.plugins.views.search.SearchExecutionGuard;
import org.graylog.plugins.views.search.SearchJob;
import org.graylog.plugins.views.search.SearchMetadata;
import org.graylog.plugins.views.search.db.SearchDbService;
import org.graylog.plugins.views.search.db.SearchJobService;
import org.graylog.plugins.views.search.engine.QueryEngine;
import org.graylog2.audit.jersey.AuditEvent;
import org.graylog2.audit.jersey.NoAuditEvent;
import org.graylog2.plugin.rest.PluginRestResource;
import org.graylog2.shared.rest.resources.RestResource;
import org.graylog2.shared.security.RestPermissions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Api("Enterprise/Search")
@RequiresAuthentication
@Path("/views/search")
@RequiresPermissions({ViewsRestPermissions.EXTENDEDSEARCH_USE})
@Produces({"application/json"})
/* loaded from: input_file:org/graylog/plugins/views/search/rest/SearchResource.class */
public class SearchResource extends RestResource implements PluginRestResource {
    private static final Logger LOG = LoggerFactory.getLogger(SearchResource.class);
    private static final String BASE_PATH = "views/search";
    private final QueryEngine queryEngine;
    private final SearchDbService searchDbService;
    private final SearchJobService searchJobService;
    private final ObjectMapper objectMapper;
    private final PermittedStreams permittedStreams;
    private final SearchExecutionGuard executionGuard;

    @Inject
    public SearchResource(QueryEngine queryEngine, SearchDbService searchDbService, SearchJobService searchJobService, ObjectMapper objectMapper, PermittedStreams permittedStreams, SearchExecutionGuard searchExecutionGuard) {
        this.queryEngine = queryEngine;
        this.searchDbService = searchDbService;
        this.searchJobService = searchJobService;
        this.objectMapper = objectMapper;
        this.permittedStreams = permittedStreams;
        this.executionGuard = searchExecutionGuard;
    }

    @VisibleForTesting
    boolean isOwnerOfSearch(Search search, String str) {
        return ((Boolean) search.owner().map(str2 -> {
            return Boolean.valueOf(str2.equals(str));
        }).orElse(true)).booleanValue();
    }

    @RequiresPermissions({ViewsRestPermissions.EXTENDEDSEARCH_CREATE})
    @AuditEvent(type = ViewsAuditEventTypes.SEARCH_CREATE)
    @ApiOperation(value = "Create a search query", response = Search.class, code = 201)
    @POST
    public Response createSearch(@ApiParam Search search) {
        String username = username();
        boolean z = getCurrentUser() != null && (getCurrentUser().isLocalAdmin() || isPermitted("*"));
        Optional<Search> optional = this.searchDbService.get(search.id());
        if (!z && !((Boolean) optional.map(search2 -> {
            return Boolean.valueOf(isOwnerOfSearch(search2, username));
        }).orElse(true)).booleanValue()) {
            throw new ForbiddenException("Unable to update search with id <" + search.id() + ">, already exists and user is not permitted to overwrite it.");
        }
        Search save = this.searchDbService.save(search.toBuilder().owner(username).build());
        if (save == null || save.id() == null) {
            return Response.serverError().build();
        }
        LOG.debug("Created new search object {}", save.id());
        return Response.created(URI.create((String) Objects.requireNonNull(save.id()))).entity(save).build();
    }

    private String username() {
        if (getCurrentUser() != null) {
            return getCurrentUser().getName();
        }
        return null;
    }

    @GET
    @Path("{id}")
    @ApiOperation("Retrieve a search query")
    public Search getSearch(@PathParam("id") @ApiParam(name = "id") String str) {
        return this.searchDbService.getForUser(str, getCurrentUser(), str2 -> {
            return isPermitted(ViewsRestPermissions.VIEW_READ, str2);
        }).orElseThrow(() -> {
            return new NotFoundException("No such search " + str);
        });
    }

    @GET
    @ApiOperation("Get all current search queries in the system")
    public List<Search> getAllSearches() {
        Stream<Search> streamAll = this.searchDbService.streamAll();
        Throwable th = null;
        try {
            List<Search> list = (List) streamAll.collect(Collectors.toList());
            if (streamAll != null) {
                if (0 != 0) {
                    try {
                        streamAll.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    streamAll.close();
                }
            }
            return list;
        } catch (Throwable th3) {
            if (streamAll != null) {
                if (0 != 0) {
                    try {
                        streamAll.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    streamAll.close();
                }
            }
            throw th3;
        }
    }

    @Path("{id}/execute")
    @AuditEvent(type = ViewsAuditEventTypes.SEARCH_JOB_CREATE)
    @ApiOperation(value = "Execute the referenced search query asynchronously", notes = "Starts a new search, irrespective whether or not another is already running")
    @POST
    public Response executeQuery(@PathParam("id") @ApiParam(name = "id") String str, @ApiParam Map<String, Object> map) {
        Search addStreamsToQueriesWithoutStreams = getSearch(str).addStreamsToQueriesWithoutStreams(this::loadAllAllowedStreamsForUser);
        authorize(addStreamsToQueriesWithoutStreams);
        SearchJob execute = this.queryEngine.execute(this.searchJobService.create(addStreamsToQueriesWithoutStreams.applyExecutionState(this.objectMapper, (Map) MoreObjects.firstNonNull(map, Collections.emptyMap())), username()));
        return Response.created(URI.create("views/search/status/" + execute.getId())).entity(execute).build();
    }

    private ImmutableSet<String> loadAllAllowedStreamsForUser() {
        return this.permittedStreams.load(str -> {
            return isPermitted(RestPermissions.STREAMS_READ, str);
        });
    }

    private void authorize(Search search) {
        this.executionGuard.check(search, str -> {
            return isPermitted(RestPermissions.STREAMS_READ, str);
        });
    }

    @Path("sync")
    @AuditEvent(type = ViewsAuditEventTypes.SEARCH_EXECUTE)
    @ApiOperation(value = "Execute a new synchronous search", notes = "Executes a new search and waits for its result")
    @POST
    public Response executeSyncJob(@ApiParam Search search, @QueryParam("timeout") @ApiParam(name = "timeout", defaultValue = "60000") @DefaultValue("60000") long j) {
        String username = username();
        Search addStreamsToQueriesWithoutStreams = search.addStreamsToQueriesWithoutStreams(this::loadAllAllowedStreamsForUser);
        authorize(addStreamsToQueriesWithoutStreams);
        SearchJob execute = this.queryEngine.execute(this.searchJobService.create(addStreamsToQueriesWithoutStreams, username));
        try {
            Uninterruptibles.getUninterruptibly(execute.getResultFuture(), j, TimeUnit.MILLISECONDS);
            return Response.ok(execute).build();
        } catch (ExecutionException e) {
            LOG.error("Error executing search job <{}>", execute.getId(), e);
            throw new InternalServerErrorException("Error executing search job: " + e.getMessage());
        } catch (TimeoutException e2) {
            throw new InternalServerErrorException("Timeout while executing search job");
        } catch (Exception e3) {
            LOG.error("Other error", e3);
            throw e3;
        }
    }

    @GET
    @Path("status/{jobId}")
    @ApiOperation("Retrieve the status of an executed query")
    public SearchJob jobStatus(@PathParam("jobId") @ApiParam(name = "jobId") String str) {
        SearchJob orElseThrow = this.searchJobService.load(str, username()).orElseThrow(NotFoundException::new);
        try {
            Uninterruptibles.getUninterruptibly(orElseThrow.getResultFuture(), 5L, TimeUnit.MILLISECONDS);
        } catch (ExecutionException | TimeoutException e) {
        }
        return orElseThrow;
    }

    @GET
    @Path("metadata/{searchId}")
    @ApiOperation(value = "Metadata for the given Search object", notes = "Used for already persisted search objects")
    public SearchMetadata metadata(@PathParam("searchId") @ApiParam("searchId") String str) {
        return metadataForObject(getSearch(str));
    }

    @Path("metadata")
    @ApiOperation(value = "Metadata for the posted Search object", notes = "Intended for search objects that aren't yet persisted (e.g. for validation or interactive purposes)")
    @POST
    @NoAuditEvent("Only returning metadata for given search, not changing any data")
    public SearchMetadata metadataForObject(@NotNull @ApiParam Search search) {
        if (search == null) {
            throw new IllegalArgumentException("Search must not be null.");
        }
        return SearchMetadata.create(StreamEx.of(search.queries()).toMap((v0) -> {
            return v0.id();
        }, query -> {
            return this.queryEngine.parse(search, query);
        }), Maps.uniqueIndex(search.parameters(), (v0) -> {
            return v0.name();
        }));
    }
}
