package org.graylog2.audit.jersey;

import com.google.common.base.Strings;
import jakarta.ws.rs.DELETE;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.core.Configuration;
import java.lang.reflect.Method;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import java.util.stream.Collectors;
import org.glassfish.jersey.server.model.ModelProcessor;
import org.glassfish.jersey.server.model.Resource;
import org.glassfish.jersey.server.model.ResourceMethod;
import org.glassfish.jersey.server.model.ResourceModel;
import org.graylog2.audit.PluginAuditEventTypes;
import org.graylog2.rest.RestTools;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/graylog2/audit/jersey/AuditEventModelProcessor.class */
public class AuditEventModelProcessor implements ModelProcessor {
    private static final Logger LOG = LoggerFactory.getLogger(AuditEventModelProcessor.class);
    private final Set<String> auditEventTypes;

    public AuditEventModelProcessor(Set<PluginAuditEventTypes> set) {
        this.auditEventTypes = (Set) set.stream().flatMap(pluginAuditEventTypes -> {
            return pluginAuditEventTypes.auditEventTypes().stream();
        }).collect(Collectors.toSet());
    }

    public ResourceModel processResourceModel(ResourceModel resourceModel, Configuration configuration) {
        checkResources(resourceModel.getResources());
        return resourceModel;
    }

    public ResourceModel processSubResource(ResourceModel resourceModel, Configuration configuration) {
        checkResources(resourceModel.getResources());
        return resourceModel;
    }

    private void checkResources(List<Resource> list) {
        for (Resource resource : list) {
            for (ResourceMethod resourceMethod : resource.getResourceMethods()) {
                Method definitionMethod = resourceMethod.getInvocable().getDefinitionMethod();
                if (definitionMethod.isAnnotationPresent(POST.class) || definitionMethod.isAnnotationPresent(PUT.class) || definitionMethod.isAnnotationPresent(DELETE.class)) {
                    if (!definitionMethod.isAnnotationPresent(AuditEvent.class) && !definitionMethod.isAnnotationPresent(NoAuditEvent.class)) {
                        LOG.warn("REST endpoint not included in audit trail: {}", String.format(Locale.US, "%6s %s", resourceMethod.getHttpMethod(), RestTools.getPathFromResource(resource)));
                        LOG.debug("Missing @AuditEvent or @NoAuditEvent annotation: {}#{}", definitionMethod.getDeclaringClass().getCanonicalName(), definitionMethod.getName());
                    } else if (definitionMethod.isAnnotationPresent(AuditEvent.class)) {
                        AuditEvent auditEvent = (AuditEvent) definitionMethod.getAnnotation(AuditEvent.class);
                        if (!this.auditEventTypes.contains(auditEvent.type())) {
                            LOG.warn("REST endpoint does not use a registered audit type: {} (type: \"{}\")", String.format(Locale.US, "%6s %s", resourceMethod.getHttpMethod(), RestTools.getPathFromResource(resource)), auditEvent.type());
                            LOG.debug("Make sure the audit event types are registered in a class that implements PluginAuditEventTypes: {}#{}", definitionMethod.getDeclaringClass().getCanonicalName(), definitionMethod.getName());
                        }
                    } else if (definitionMethod.isAnnotationPresent(NoAuditEvent.class) && Strings.isNullOrEmpty(((NoAuditEvent) definitionMethod.getAnnotation(NoAuditEvent.class)).value())) {
                        LOG.warn("REST endpoint uses @NoAuditEvent annotation with an empty value: {}", String.format(Locale.US, "%6s %s", resourceMethod.getHttpMethod(), RestTools.getPathFromResource(resource)));
                    }
                }
            }
            checkResources(resource.getChildResources());
        }
    }
}
