package org.gcube.accounting.usagetracker.rest.resources;

import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.Vector;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import org.apache.log4j.Logger;
import org.gcube.accounting.datamodel.Group;
import org.gcube.accounting.datamodel.RawUsageRecord;
import org.gcube.accounting.datamodel.UsageRecord;
import org.gcube.accounting.datamodel.query.QueryClause;
import org.gcube.accounting.datamodel.query.QueryHelper;
import org.gcube.accounting.exception.InvalidValueException;
import org.gcube.accounting.exception.QueryFormatException;
import org.gcube.accounting.exception.rest.BadRequestException;
import org.gcube.accounting.exception.rest.NotAuthorizedException;
import org.gcube.accounting.exception.rest.ServerErrorException;
import org.gcube.accounting.security.SecurityManager;
import org.gcube.accounting.security.authz.Action;
import org.gcube.accounting.usagetracker.configuration.Configuration;
import org.gcube.accounting.usagetracker.membership.MembershipRestAPI;
import org.gcube.accounting.usagetracker.persistence.UsageTrackerDB;

/* loaded from: input_file:WEB-INF/classes/org/gcube/accounting/usagetracker/rest/resources/AbstractRecordsResource.class */
public abstract class AbstractRecordsResource<T extends UsageRecord> {

    @Context
    protected HttpServletRequest request;
    private static Logger logger = Logger.getLogger(AbstractRecordsResource.class);

    private List<String> getGroupPathFor(String str) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(str);
        if (Configuration.getInstance().isMembershipServiceEnabled().booleanValue()) {
            MembershipRestAPI membershipRestAPI = new MembershipRestAPI(Configuration.getInstance().getMembershipServiceURL());
            if (Configuration.getInstance().isMembershipServiceAuthnEnabled().booleanValue()) {
                logger.debug("accessing the membership service with username/password");
                membershipRestAPI.setUserToken(Configuration.getInstance().getMembershipUsername(), Configuration.getInstance().getMembershipPassword());
            } else {
                logger.debug("accessing the membership service anonymously");
            }
            Group groups = membershipRestAPI.getGroups(str);
            if (groups != null) {
                logger.debug("Membership found: " + groups.toString());
                arrayList.addAll(groups.getPath());
            } else {
                logger.warn("Membership not found for consumer " + str);
                arrayList.add(Configuration.getInstance().getDefaultGroup());
            }
        } else {
            logger.info("No membership service available. Using consumerId");
            arrayList.add(Configuration.getInstance().getDefaultGroup());
        }
        Collections.reverse(arrayList);
        return arrayList;
    }

    private String getStringPath(List<String> list) {
        String str = "";
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            str = str + "." + it.next();
        }
        return str.substring(1);
    }

    @POST
    @Consumes({MediaType.APPLICATION_XML})
    public String insertUsageRecord(T t) throws NotAuthorizedException {
        logger.info("inserting new usage record...");
        if (!SecurityManager.isAllowed(getUserId(), Action.WRITE_RECORD)) {
            logger.info("User " + getUserId() + " doesn't have permission to perform " + Action.WRITE_RECORD);
            throw new NotAuthorizedException();
        }
        try {
            if (t.getResourceType() == null || t.getResourceType().isEmpty()) {
                logger.warn("unable to insert record: a 'resourceType' must be set");
                throw new BadRequestException("unable to insert record: a 'resourceType' must be set");
            }
            UsageTrackerDB storage = UsageTrackerDB.getStorage();
            if (t.getFullyQualifiedConsumerId() == null) {
                t.setFullyQualifiedConsumerId(getStringPath(getGroupPathFor(t.getConsumerId())));
            }
            if (!SecurityManager.isAllowed(getUserId(), Action.WRITE_RECORD, t.getFullyQualifiedConsumerId())) {
                logger.info("User " + getUserId() + " doesn't have permission to perform '" + Action.WRITE_RECORD + "' over " + t.getFullyQualifiedConsumerId());
                throw new NotAuthorizedException();
            }
            t.setId(UUID.randomUUID().toString());
            logger.debug("setting record id to '" + t.getId() + "'");
            if (SecurityManager.isAuthnEnabled()) {
                t.setCreatorId(getUserId());
                logger.debug("forcing creator id to '" + t.getCreatorId() + "'");
            }
            try {
                validate(t);
                storage.addUsageRecord(t);
                logger.info("record added: " + t.getId());
                return t.getId();
            } catch (InvalidValueException e) {
                logger.info("invalid data for upload: " + e.getMessage());
                throw new BadRequestException(e.getMessage());
            }
        } catch (UnknownHostException e2) {
            logger.error(e2.getMessage(), e2);
            throw new ServerErrorException(e2.getMessage());
        }
    }

    protected abstract void validate(T t) throws InvalidValueException;

    public Collection<T> getRecords(Map<String, QueryClause> map) {
        try {
            return convert(UsageTrackerDB.getStorage().getUsageRecordByQuery(map));
        } catch (UnknownHostException e) {
            logger.error(e.getMessage(), e);
            throw new ServerErrorException(e.getMessage());
        }
    }

    private List<QueryClause> getTypeSpecificClause() {
        Vector vector = new Vector();
        QueryClause typeClause = getTypeClause();
        if (typeClause != null) {
            vector.add(typeClause);
        }
        return vector;
    }

    protected QueryClause getTypeClause() {
        return null;
    }

    @GET
    @Path("/records_size")
    public String getNumberOfRecords(@QueryParam("query") String str) throws NotAuthorizedException, QueryFormatException, UnknownHostException {
        Map<String, QueryClause> parseQuery = QueryHelper.parseQuery(str);
        for (QueryClause queryClause : getTypeSpecificClause()) {
            parseQuery.put(queryClause.getKey(), queryClause);
        }
        return String.valueOf(UsageTrackerDB.getStorage().size(parseQuery));
    }

    @POST
    @Produces({MediaType.APPLICATION_XML})
    @Consumes({MediaType.APPLICATION_XML})
    public Collection<T> getRecordsWithPost(String str, QueryClause queryClause) throws NotAuthorizedException {
        if (!SecurityManager.isAllowed(getUserId(), Action.READ_RECORD)) {
            logger.info("User " + getUserId() + " doesn't have permission to perform " + Action.READ_RECORD);
            throw new NotAuthorizedException();
        }
        HashMap hashMap = new HashMap();
        hashMap.put(str, queryClause);
        Collection<T> records = getRecords(hashMap);
        ArrayList arrayList = new ArrayList();
        for (T t : records) {
            if (SecurityManager.isAllowed(getUserId(), Action.READ_RECORD, t.getFullyQualifiedConsumerId())) {
                arrayList.add(t);
            } else {
                logger.debug("filtering out record " + t.getId());
            }
        }
        return arrayList;
    }

    @GET
    @Produces({MediaType.APPLICATION_XML})
    public Collection<T> getRecords(@QueryParam("query") String str) throws NotAuthorizedException {
        if (!SecurityManager.isAllowed(getUserId(), Action.READ_RECORD)) {
            logger.info("User " + getUserId() + " doesn't have permission to perform " + Action.READ_RECORD);
            throw new NotAuthorizedException();
        }
        try {
            Map<String, QueryClause> parseQuery = QueryHelper.parseQuery(str);
            for (QueryClause queryClause : getTypeSpecificClause()) {
                parseQuery.put(queryClause.getKey(), queryClause);
            }
            Collection<T> records = getRecords(parseQuery);
            ArrayList arrayList = new ArrayList();
            for (T t : records) {
                if (SecurityManager.isAllowed(getUserId(), Action.READ_RECORD, t.getFullyQualifiedConsumerId())) {
                    arrayList.add(t);
                } else {
                    logger.debug("filtering out record " + t.getId());
                }
            }
            return arrayList;
        } catch (QueryFormatException e) {
            throw new BadRequestException(e.getMessage());
        }
    }

    private String getUserId() {
        return (String) this.request.getAttribute("userId");
    }

    private Collection<T> convert(Collection<RawUsageRecord> collection) {
        Vector vector = new Vector();
        Iterator<RawUsageRecord> it = collection.iterator();
        while (it.hasNext()) {
            vector.add(createRecord(it.next()));
        }
        return vector;
    }

    protected abstract T createRecord(RawUsageRecord rawUsageRecord);
}
