package org.graylog.events.rest;

import com.codahale.metrics.annotation.Timed;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableMap;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import javax.inject.Inject;
import javax.mail.internet.AddressException;
import javax.mail.internet.InternetAddress;
import javax.validation.constraints.NotBlank;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.graylog.events.audit.EventsAuditEventTypes;
import org.graylog.events.notifications.DBNotificationService;
import org.graylog.events.notifications.NotificationDto;
import org.graylog.events.notifications.NotificationResourceHandler;
import org.graylog.events.notifications.types.EmailEventNotificationConfig;
import org.graylog.events.processor.EventDefinitionDto;
import org.graylog.grn.GRNTypes;
import org.graylog.plugins.views.startpage.recentActivities.RecentActivityService;
import org.graylog.security.UserContext;
import org.graylog2.alarmcallbacks.EmailAlarmCallback;
import org.graylog2.audit.jersey.AuditEvent;
import org.graylog2.audit.jersey.NoAuditEvent;
import org.graylog2.configuration.EmailConfiguration;
import org.graylog2.database.PaginatedList;
import org.graylog2.plugin.alarms.callbacks.AlarmCallback;
import org.graylog2.plugin.configuration.ConfigurationRequest;
import org.graylog2.plugin.inputs.MessageInput;
import org.graylog2.plugin.rest.PluginRestResource;
import org.graylog2.plugin.rest.ValidationResult;
import org.graylog2.rest.MoreMediaTypes;
import org.graylog2.rest.models.PaginatedResponse;
import org.graylog2.rest.models.tools.responses.PageListResponse;
import org.graylog2.rest.resources.entities.EntityAttribute;
import org.graylog2.rest.resources.entities.EntityDefaults;
import org.graylog2.rest.resources.entities.Sorting;
import org.graylog2.rest.resources.system.indexer.responses.IndexSetFieldTypeSummary;
import org.graylog2.search.SearchQuery;
import org.graylog2.search.SearchQueryField;
import org.graylog2.search.SearchQueryParser;
import org.graylog2.shared.rest.documentation.generator.Generator;
import org.graylog2.shared.rest.resources.RestResource;
import org.graylog2.shared.security.RestPermissions;

@Api(value = "Events/Notifications", description = "Manage event notifications", tags = {Generator.CLOUD_VISIBLE})
@RequiresAuthentication
@Path("/events/notifications")
@Consumes({MoreMediaTypes.APPLICATION_JSON})
@Produces({MoreMediaTypes.APPLICATION_JSON})
/* loaded from: input_file:org/graylog/events/rest/EventNotificationsResource.class */
public class EventNotificationsResource extends RestResource implements PluginRestResource {
    private static final String DEFAULT_SORT_FIELD = "title";
    private final DBNotificationService dbNotificationService;
    private final Set<AlarmCallback> availableLegacyAlarmCallbacks;
    private final SearchQueryParser searchQueryParser = new SearchQueryParser("title", (Map<String, SearchQueryField>) SEARCH_FIELD_MAPPING);
    private final NotificationResourceHandler resourceHandler;
    private final EmailConfiguration emailConfiguration;
    private final RecentActivityService recentActivityService;
    private static final ImmutableMap<String, SearchQueryField> SEARCH_FIELD_MAPPING = ImmutableMap.builder().put("id", SearchQueryField.create("_id", SearchQueryField.Type.OBJECT_ID)).put("title", SearchQueryField.create("title")).put("description", SearchQueryField.create("description")).build();
    private static final List<EntityAttribute> attributes = List.of(EntityAttribute.builder().id("title").title("Title").build(), EntityAttribute.builder().id("description").title("Description").build(), EntityAttribute.builder().id("type").title("Type").build());
    private static final String DEFAULT_SORT_DIRECTION = "asc";
    private static final EntityDefaults settings = EntityDefaults.builder().sort(Sorting.create("title", Sorting.Direction.valueOf(DEFAULT_SORT_DIRECTION.toUpperCase(Locale.ROOT)))).build();

    @Inject
    public EventNotificationsResource(DBNotificationService dBNotificationService, Set<AlarmCallback> set, NotificationResourceHandler notificationResourceHandler, EmailConfiguration emailConfiguration, RecentActivityService recentActivityService) {
        this.dbNotificationService = dBNotificationService;
        this.availableLegacyAlarmCallbacks = set;
        this.resourceHandler = notificationResourceHandler;
        this.emailConfiguration = emailConfiguration;
        this.recentActivityService = recentActivityService;
    }

    @GET
    @Path("/paginated")
    @Timed
    @ApiOperation("Get a paginated list of event notifications")
    @Produces({MoreMediaTypes.APPLICATION_JSON})
    public PageListResponse<NotificationDto> getPage(@QueryParam("page") @ApiParam(name = "page") @DefaultValue("1") int i, @QueryParam("per_page") @ApiParam(name = "per_page") @DefaultValue("50") int i2, @QueryParam("query") @ApiParam(name = "query") @DefaultValue("") String str, @QueryParam("sort") @ApiParam(name = "sort", value = "The field to sort the result on", required = true, allowableValues = "title,description,type") @DefaultValue("title") String str2, @QueryParam("order") @ApiParam(name = "order", value = "The sort direction", allowableValues = "asc, desc") @DefaultValue("asc") String str3) {
        SearchQuery parse = this.searchQueryParser.parse(str);
        if ("type".equals(str2)) {
            str2 = "config.type";
        }
        PaginatedList<NotificationDto> searchPaginated = this.dbNotificationService.searchPaginated(parse, notificationDto -> {
            return isPermitted(RestPermissions.EVENT_NOTIFICATIONS_READ, notificationDto.id());
        }, str2, str3, i, i2);
        return PageListResponse.create(str, searchPaginated.pagination(), searchPaginated.grandTotal().orElse(0L).longValue(), str2, str3, searchPaginated.m681delegate(), attributes, settings);
    }

    @GET
    @ApiOperation("List all available notifications")
    @Deprecated
    public PaginatedResponse<NotificationDto> listNotifications(@QueryParam("page") @ApiParam(name = "page") @DefaultValue("1") int i, @QueryParam("per_page") @ApiParam(name = "per_page") @DefaultValue("50") int i2, @QueryParam("query") @ApiParam(name = "query") @DefaultValue("") String str) {
        return PaginatedResponse.create(EventDefinitionDto.FIELD_NOTIFICATIONS, this.dbNotificationService.searchPaginated(this.searchQueryParser.parse(str), notificationDto -> {
            return isPermitted(RestPermissions.EVENT_NOTIFICATIONS_READ, notificationDto.id());
        }, "title", DEFAULT_SORT_DIRECTION, i, i2), str);
    }

    @GET
    @Path("/{notificationId}")
    @ApiOperation("Get a notification")
    public NotificationDto get(@PathParam("notificationId") @NotBlank @ApiParam(name = "notificationId") String str) {
        checkPermission(RestPermissions.EVENT_NOTIFICATIONS_READ, str);
        return this.dbNotificationService.get(str).orElseThrow(() -> {
            return new NotFoundException("Notification " + str + " doesn't exist");
        });
    }

    @RequiresPermissions({RestPermissions.EVENT_NOTIFICATIONS_CREATE})
    @AuditEvent(type = EventsAuditEventTypes.EVENT_NOTIFICATION_CREATE)
    @ApiOperation("Create new notification definition")
    @POST
    public Response create(@ApiParam(name = "JSON Body") NotificationDto notificationDto, @Context UserContext userContext) {
        ValidationResult validate = notificationDto.validate();
        validateEmailConfiguration(notificationDto, validate);
        if (validate.failed()) {
            return Response.status(Response.Status.BAD_REQUEST).entity(validate).build();
        }
        NotificationDto create = this.resourceHandler.create(notificationDto, Optional.ofNullable(userContext.getUser()));
        this.recentActivityService.create(create.id(), GRNTypes.EVENT_NOTIFICATION, userContext.getUser());
        return Response.ok().entity(create).build();
    }

    @Path("/{notificationId}")
    @AuditEvent(type = EventsAuditEventTypes.EVENT_NOTIFICATION_UPDATE)
    @ApiOperation("Update existing notification")
    @PUT
    public Response update(@PathParam("notificationId") @NotBlank @ApiParam(name = "notificationId") String str, @ApiParam(name = "JSON Body") NotificationDto notificationDto, @Context UserContext userContext) {
        checkPermission(RestPermissions.EVENT_NOTIFICATIONS_EDIT, str);
        if (this.dbNotificationService.get(str).isEmpty()) {
            throw new NotFoundException("Notification " + str + " doesn't exist");
        }
        if (!str.equals(notificationDto.id())) {
            throw new BadRequestException("Notification IDs don't match");
        }
        ValidationResult validate = notificationDto.validate();
        validateEmailConfiguration(notificationDto, validate);
        if (validate.failed()) {
            return Response.status(Response.Status.BAD_REQUEST).entity(validate).build();
        }
        this.recentActivityService.update(str, GRNTypes.EVENT_NOTIFICATION, userContext.getUser());
        return Response.ok().entity(this.resourceHandler.update(notificationDto)).build();
    }

    private void validateEmailConfiguration(NotificationDto notificationDto, ValidationResult validationResult) {
        if (notificationDto.config() instanceof EmailEventNotificationConfig) {
            EmailEventNotificationConfig emailEventNotificationConfig = (EmailEventNotificationConfig) notificationDto.config();
            if (!this.emailConfiguration.isEnabled()) {
                validationResult.addError("config", "Email transport is not configured in graylog.conf");
            }
            if (Strings.isNullOrEmpty(this.emailConfiguration.getFromEmail()) && Strings.isNullOrEmpty(emailEventNotificationConfig.sender())) {
                validationResult.addError("sender", "No default sender specified in graylog.conf. You must specify one here.");
                return;
            }
            if (!Strings.isNullOrEmpty(emailEventNotificationConfig.sender())) {
                try {
                    new InternetAddress(emailEventNotificationConfig.sender()).validate();
                } catch (AddressException e) {
                    validationResult.addError("sender", "Invalid email address.");
                }
            }
            if (Strings.isNullOrEmpty(this.emailConfiguration.getFromEmail())) {
                return;
            }
            try {
                new InternetAddress(this.emailConfiguration.getFromEmail()).validate();
            } catch (AddressException e2) {
                validationResult.addError("sender", "Invalid default sender email address specified in graylog.conf.");
            }
        }
    }

    @Path("/{notificationId}")
    @AuditEvent(type = EventsAuditEventTypes.EVENT_NOTIFICATION_DELETE)
    @DELETE
    @ApiOperation("Delete a notification")
    public void delete(@PathParam("notificationId") @NotBlank @ApiParam(name = "notificationId") String str, @Context UserContext userContext) {
        checkPermission(RestPermissions.EVENT_NOTIFICATIONS_DELETE, str);
        this.dbNotificationService.get(str).ifPresent(notificationDto -> {
            this.recentActivityService.delete(str, GRNTypes.EVENT_NOTIFICATION, notificationDto.title(), userContext.getUser());
        });
        this.resourceHandler.delete(str);
    }

    @ApiResponses({@ApiResponse(code = 404, message = "Event notification not found."), @ApiResponse(code = 500, message = "Error while testing event notification")})
    @Path("/{notificationId}/test")
    @Timed
    @ApiOperation("Send a test alert for a given event notification")
    @POST
    @NoAuditEvent("only used to test event notifications")
    public Response test(@PathParam("notificationId") @NotBlank @ApiParam(name = "notificationId", value = "The event notification id to send a test alert for.", required = true) String str) {
        checkPermission(RestPermissions.EVENT_NOTIFICATIONS_EDIT, str);
        this.resourceHandler.test(this.dbNotificationService.get(str).orElseThrow(() -> {
            return new NotFoundException("Notification " + str + " doesn't exist");
        }), getSubject().getPrincipal().toString());
        return Response.ok().build();
    }

    @Path("/test")
    @Timed
    @POST
    @NoAuditEvent("only used to test event notifications")
    @ApiResponses({@ApiResponse(code = 400, message = "Event notification is invalid."), @ApiResponse(code = 500, message = "Error while testing event notification")})
    @RequiresPermissions({RestPermissions.EVENT_NOTIFICATIONS_CREATE})
    @ApiOperation("Send a test alert for a given event notification")
    public Response test(@ApiParam(name = "JSON Body") NotificationDto notificationDto) {
        checkPermission(RestPermissions.EVENT_NOTIFICATIONS_CREATE);
        ValidationResult validate = notificationDto.validate();
        if (validate.failed()) {
            return Response.status(Response.Status.BAD_REQUEST).entity(validate).build();
        }
        this.resourceHandler.test(notificationDto, getSubject().getPrincipal().toString());
        return Response.ok().build();
    }

    @GET
    @Path("/legacy/types")
    @ApiOperation("List all available legacy alarm callback types")
    public Response legacyTypes() {
        ImmutableMap.Builder builder = ImmutableMap.builder();
        for (AlarmCallback alarmCallback : this.availableLegacyAlarmCallbacks) {
            builder.put(alarmCallback.getClass().getCanonicalName(), ImmutableMap.of("name", alarmCallback.getName(), MessageInput.FIELD_CONFIGURATION, getConfigurationRequest(alarmCallback).asList()));
        }
        return Response.ok(ImmutableMap.of(IndexSetFieldTypeSummary.FIELD_TYPE_HISTORY, builder.build())).build();
    }

    private ConfigurationRequest getConfigurationRequest(AlarmCallback alarmCallback) {
        return ((alarmCallback instanceof EmailAlarmCallback) && isPermitted(RestPermissions.USERS_LIST)) ? ((EmailAlarmCallback) alarmCallback).getEnrichedRequestedConfiguration() : alarmCallback.getRequestedConfiguration();
    }
}
