package org.openmetadata.service.jdbi3;

import com.fasterxml.jackson.core.JsonProcessingException;
import java.io.IOException;
import java.net.URI;
import java.util.ArrayList;
import java.util.Comparator;
import java.util.Iterator;
import java.util.List;
import org.jdbi.v3.sqlobject.transaction.Transaction;
import org.openmetadata.common.utils.CommonUtil;
import org.openmetadata.schema.entity.data.Location;
import org.openmetadata.schema.entity.policies.Policy;
import org.openmetadata.schema.entity.policies.accessControl.Rule;
import org.openmetadata.schema.type.EntityReference;
import org.openmetadata.schema.type.Relationship;
import org.openmetadata.service.Entity;
import org.openmetadata.service.exception.CatalogExceptionMessage;
import org.openmetadata.service.jdbi3.EntityRepository;
import org.openmetadata.service.resources.policies.PolicyResource;
import org.openmetadata.service.security.policyevaluator.CompiledRule;
import org.openmetadata.service.util.EntityUtil;
import org.openmetadata.service.util.JsonUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/openmetadata/service/jdbi3/PolicyRepository.class */
public class PolicyRepository extends EntityRepository<Policy> {
    private static final Logger LOG = LoggerFactory.getLogger(PolicyRepository.class);
    private static final String POLICY_UPDATE_FIELDS = "owner,location";
    private static final String POLICY_PATCH_FIELDS = "owner,location";
    public static final String ENABLED = "enabled";

    /* loaded from: input_file:org/openmetadata/service/jdbi3/PolicyRepository$PolicyUpdater.class */
    public class PolicyUpdater extends EntityRepository<Policy>.EntityUpdater {
        public PolicyUpdater(Policy policy, Policy policy2, EntityRepository.Operation operation) {
            super(policy, policy2, operation);
        }

        @Override // org.openmetadata.service.jdbi3.EntityRepository.EntityUpdater
        public void entitySpecificUpdate() throws IOException {
            recordChange(PolicyRepository.ENABLED, this.original.getEnabled(), this.updated.getEnabled());
            updateLocation(this.original, this.updated);
            updateRules(this.original.getRules(), this.updated.getRules());
        }

        private void updateLocation(Policy policy, Policy policy2) throws IOException {
            if (policy.getLocation() != null && policy.getLocation().getId() != null) {
                PolicyRepository.this.deleteRelationship(policy.getId(), Entity.POLICY, policy.getLocation().getId(), Entity.LOCATION, Relationship.APPLIED_TO);
            }
            if (policy2.getLocation() != null && policy2.getLocation().getId() != null) {
                PolicyRepository.this.addRelationship(policy2.getId(), policy2.getLocation().getId(), Entity.POLICY, Entity.LOCATION, Relationship.APPLIED_TO);
            }
            recordChange(Entity.LOCATION, policy.getLocation(), policy2.getLocation(), true, EntityUtil.entityReferenceMatch);
        }

        private void updateRules(List<Rule> list, List<Rule> list2) throws IOException {
            recordListChange("rules", list, list2, new ArrayList(), new ArrayList(), EntityUtil.ruleMatch);
            for (Rule rule : list2) {
                Rule orElse = list.stream().filter(rule2 -> {
                    return EntityUtil.ruleMatch.test(rule2, rule);
                }).findAny().orElse(null);
                if (orElse != null) {
                    updateRuleDescription(orElse, rule);
                    updateRuleEffect(orElse, rule);
                    updateRuleOperations(orElse, rule);
                    updateRuleResources(orElse, rule);
                    updateRuleCondition(orElse, rule);
                }
            }
        }

        private void updateRuleDescription(Rule rule, Rule rule2) throws JsonProcessingException {
            recordChange(EntityUtil.getRuleField(rule, Entity.FIELD_DESCRIPTION), rule.getDescription(), rule2.getDescription());
        }

        private void updateRuleEffect(Rule rule, Rule rule2) throws JsonProcessingException {
            recordChange(EntityUtil.getRuleField(rule, "effect"), rule.getEffect(), rule2.getEffect());
        }

        private void updateRuleOperations(Rule rule, Rule rule2) throws JsonProcessingException {
            recordChange(EntityUtil.getRuleField(rule, "operations"), rule.getOperations(), rule2.getOperations());
        }

        private void updateRuleResources(Rule rule, Rule rule2) throws JsonProcessingException {
            recordChange(EntityUtil.getRuleField(rule, "resources"), rule.getResources(), rule2.getResources());
        }

        private void updateRuleCondition(Rule rule, Rule rule2) throws JsonProcessingException {
            recordChange(EntityUtil.getRuleField(rule, "condition"), rule.getCondition(), rule2.getCondition());
        }
    }

    public PolicyRepository(CollectionDAO collectionDAO) {
        super(PolicyResource.COLLECTION_PATH, Entity.POLICY, Policy.class, collectionDAO.policyDAO(), collectionDAO, "owner,location", "owner,location");
    }

    @Transaction
    private EntityReference getLocationForPolicy(Policy policy) throws IOException {
        return getToEntityRef(policy.getId(), Relationship.APPLIED_TO, Entity.LOCATION, false);
    }

    @Override // org.openmetadata.service.jdbi3.EntityRepository
    public Policy setFields(Policy policy, EntityUtil.Fields fields) throws IOException {
        policy.setOwner(fields.contains("owner") ? getOwner((PolicyRepository) policy) : null);
        policy.setLocation(fields.contains(Entity.LOCATION) ? getLocationForPolicy(policy) : null);
        policy.setTeams(fields.contains("teams") ? getTeams(policy) : null);
        policy.setRoles(fields.contains("roles") ? getRoles(policy) : null);
        return policy;
    }

    private List<EntityReference> getTeams(Policy policy) throws IOException {
        return EntityUtil.populateEntityReferences(findFrom(policy.getId(), Entity.POLICY, Relationship.HAS, Entity.TEAM), Entity.TEAM);
    }

    private List<EntityReference> getRoles(Policy policy) throws IOException {
        return EntityUtil.populateEntityReferences(findFrom(policy.getId(), Entity.POLICY, Relationship.HAS, Entity.ROLE), Entity.ROLE);
    }

    @Transaction
    private EntityReference getLocationReference(Policy policy) throws IOException {
        Location findEntityById;
        if (policy == null || policy.getLocation() == null || policy.getLocation().getId() == null || (findEntityById = this.daoCollection.locationDAO().findEntityById(policy.getLocation().getId())) == null) {
            return null;
        }
        return findEntityById.getEntityReference();
    }

    @Override // org.openmetadata.service.jdbi3.EntityRepository
    public void prepare(Policy policy) throws IOException {
        setFullyQualifiedName(policy);
        validateRules(policy);
        policy.setLocation(getLocationReference(policy));
    }

    @Override // org.openmetadata.service.jdbi3.EntityRepository
    public void storeEntity(Policy policy, boolean z) throws IOException {
        EntityReference owner = policy.getOwner();
        EntityReference location = policy.getLocation();
        URI href = policy.getHref();
        policy.withOwner((EntityReference) null).withLocation((EntityReference) null).withHref((URI) null);
        store(policy.getId(), policy, z);
        policy.withOwner(owner).withLocation(location).withHref(href);
    }

    @Override // org.openmetadata.service.jdbi3.EntityRepository
    public void storeRelationships(Policy policy) {
        storeOwner(policy, policy.getOwner());
        setLocation(policy, policy.getLocation());
    }

    @Override // org.openmetadata.service.jdbi3.EntityRepository
    public PolicyUpdater getUpdater(Policy policy, Policy policy2, EntityRepository.Operation operation) {
        return new PolicyUpdater(policy, policy2, operation);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.openmetadata.service.jdbi3.EntityRepository
    public void preDelete(Policy policy) {
        if (Boolean.FALSE.equals(policy.getAllowDelete())) {
            throw new IllegalArgumentException(CatalogExceptionMessage.deletionNotAllowed(Entity.POLICY, policy.getName()));
        }
    }

    public void validateRules(Policy policy) throws IOException {
        List<Rule> rules = policy.getRules();
        if (CommonUtil.listOrEmpty(rules).isEmpty()) {
            throw new IllegalArgumentException(CatalogExceptionMessage.EMPTY_RULES_IN_POLICY);
        }
        for (Rule rule : rules) {
            CompiledRule.validateExpression(rule.getCondition(), Boolean.class);
            rule.getResources().sort(String.CASE_INSENSITIVE_ORDER);
            rule.getOperations().sort(Comparator.comparing((v0) -> {
                return v0.value();
            }));
        }
        rules.sort(Comparator.comparing((v0) -> {
            return v0.getName();
        }));
    }

    public List<Policy> getAccessControlPolicies() throws IOException {
        EntityUtil.Fields fields = new EntityUtil.Fields(List.of("rules", ENABLED));
        List<String> listAfter = this.daoCollection.policyDAO().listAfter(new ListFilter(), Integer.MAX_VALUE, "");
        ArrayList arrayList = new ArrayList(listAfter.size());
        Iterator<String> it = listAfter.iterator();
        while (it.hasNext()) {
            Policy fieldsInternal = setFieldsInternal((Policy) JsonUtils.readValue(it.next(), Policy.class), fields);
            if (Boolean.TRUE.equals(fieldsInternal.getEnabled())) {
                arrayList.add(fieldsInternal);
            }
        }
        return arrayList;
    }

    private void setLocation(Policy policy, EntityReference entityReference) {
        if (entityReference == null || entityReference.getId() == null) {
            return;
        }
        addRelationship(policy.getId(), policy.getLocation().getId(), Entity.POLICY, Entity.LOCATION, Relationship.APPLIED_TO);
    }
}
