package org.apache.kylin.rest.controller;

import io.swagger.annotations.ApiOperation;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.commons.lang.StringUtils;
import org.apache.kylin.common.exception.KylinException;
import org.apache.kylin.common.exception.ServerErrorCode;
import org.apache.kylin.common.exception.code.ErrorCodeServer;
import org.apache.kylin.common.msg.Message;
import org.apache.kylin.common.msg.MsgPicker;
import org.apache.kylin.common.persistence.transaction.AclTCRRevokeEventNotifier;
import org.apache.kylin.common.scheduler.EventBusFactory;
import org.apache.kylin.metadata.user.ManagedUser;
import org.apache.kylin.rest.request.UpdateGroupRequest;
import org.apache.kylin.rest.request.UserGroupRequest;
import org.apache.kylin.rest.response.DataResult;
import org.apache.kylin.rest.response.EnvelopeResponse;
import org.apache.kylin.rest.response.UserGroupResponseKI;
import org.apache.kylin.rest.service.AclTCRService;
import org.apache.kylin.rest.service.IUserGroupService;
import org.apache.kylin.rest.service.UserService;
import org.apache.kylin.rest.util.PagingUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping(value = {"/api/user_group"}, produces = {"application/vnd.apache.kylin-v4+json"})
@Controller
/* loaded from: input_file:org/apache/kylin/rest/controller/NUserGroupController.class */
public class NUserGroupController extends NBasicController {

    @Autowired
    @Qualifier("userGroupService")
    private IUserGroupService userGroupService;

    @Autowired
    @Qualifier("userService")
    private UserService userService;

    @Autowired
    @Qualifier("aclTCRService")
    private AclTCRService aclTCRService;

    @ApiOperation(value = "getUsersByGroup", tags = {"MID"}, notes = "Update URL: group_members, group_name; Update Param: group_name, page_offset, page_size; Update Response: total_size")
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @GetMapping({"/group_members/{uuid:.+}"})
    @ResponseBody
    public EnvelopeResponse<DataResult<List<ManagedUser>>> getUsersByGroupName(@PathVariable("uuid") String str, @RequestParam(value = "name", required = false) String str2, @RequestParam(value = "page_offset", required = false, defaultValue = "0") Integer num, @RequestParam(value = "page_size", required = false, defaultValue = "10") Integer num2) throws IOException {
        List groupMembersByName = this.userGroupService.getGroupMembersByName(this.userGroupService.getGroupNameByUuid(str));
        if (StringUtils.isNotBlank(str2)) {
            groupMembersByName = (List) groupMembersByName.stream().filter(managedUser -> {
                return StringUtils.containsIgnoreCase(managedUser.getUsername(), str2);
            }).collect(Collectors.toList());
        }
        List cutPage = PagingUtil.cutPage(groupMembersByName, num.intValue(), num2.intValue());
        Iterator it = cutPage.iterator();
        while (it.hasNext()) {
            this.userService.completeUserInfo((ManagedUser) it.next());
        }
        return new EnvelopeResponse<>("000", DataResult.get(cutPage, groupMembersByName, num.intValue(), num2.intValue()), "get groups members");
    }

    @ApiOperation(value = "groups", tags = {"MID"})
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @GetMapping({"/groups"})
    @ResponseBody
    public EnvelopeResponse<DataResult<List<String>>> listUserAuthorities(@RequestParam(value = "name", required = false) String str, @RequestParam(value = "is_case_sensitive", required = false) boolean z, @RequestParam(value = "page_offset", required = false, defaultValue = "0") Integer num, @RequestParam(value = "page_size", required = false, defaultValue = "10") Integer num2) throws IOException {
        List listAllAuthorities = this.userGroupService.listAllAuthorities();
        if (StringUtils.isNotBlank(str)) {
            listAllAuthorities = (List) listAllAuthorities.stream().filter(str2 -> {
                return z ? str2.contains(str) : StringUtils.containsIgnoreCase(str2, str);
            }).collect(Collectors.toList());
        }
        return new EnvelopeResponse<>("000", DataResult.get(listAllAuthorities, num.intValue(), num2.intValue()), "get groups");
    }

    @ApiOperation(value = "getUsersByGroup", tags = {"MID"}, notes = "Update URL: users_with_group; Update Param: page_offset, page_size, user_group_name; Update Response: total_size")
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @GetMapping(value = {"/users_with_group"}, produces = {"application/vnd.apache.kylin-v4+json", "application/vnd.apache.kylin-v4-public+json"})
    @ResponseBody
    public EnvelopeResponse<DataResult<List<UserGroupResponseKI>>> getUsersWithGroup(@RequestParam(value = "page_offset", required = false, defaultValue = "0") Integer num, @RequestParam(value = "page_size", required = false, defaultValue = "10") Integer num2, @RequestParam(value = "user_group_name", required = false, defaultValue = "") String str) throws IOException {
        List userGroupsFilterByGroupName = this.userGroupService.getUserGroupsFilterByGroupName(str);
        return new EnvelopeResponse<>("000", DataResult.get(this.userGroupService.getUserGroupResponse(PagingUtil.cutPage(userGroupsFilterByGroupName, num.intValue(), num2.intValue())), userGroupsFilterByGroupName.size()), "get users with group and id");
    }

    @ApiOperation(value = "userAndGroup", tags = {"MID"})
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @GetMapping({"/users_and_groups"})
    @ResponseBody
    public EnvelopeResponse<Map<String, List<String>>> getUsersAndGroups() throws IOException {
        return new EnvelopeResponse<>("000", this.userGroupService.getUserAndUserGroup(), "");
    }

    @PostMapping({""})
    @ApiOperation(value = "getUsersByGroup", tags = {"MID"}, notes = "Update URL: group_name; Update Param: group_name")
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @ResponseBody
    public EnvelopeResponse<String> addUserGroup(@RequestBody UserGroupRequest userGroupRequest) throws IOException {
        checkGroupName(userGroupRequest.getGroupName());
        this.userGroupService.addGroup(userGroupRequest.getGroupName());
        return new EnvelopeResponse<>("000", "", "add user group");
    }

    @ApiOperation(value = "getUsersByGroup", tags = {"MID"}, notes = "Update URL: group_name; Update Param: group_name")
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @DeleteMapping({"/{uuid:.+}"})
    @ResponseBody
    public EnvelopeResponse<String> delUserGroup(@PathVariable("uuid") String str) throws IOException {
        String groupNameByUuid = this.userGroupService.getGroupNameByUuid(str);
        this.userGroupService.deleteGroup(groupNameByUuid);
        this.aclTCRService.revokeAclTCR(groupNameByUuid, false);
        EventBusFactory.getInstance().postAsync(new AclTCRRevokeEventNotifier(groupNameByUuid, true));
        return new EnvelopeResponse<>("000", "", "del user group");
    }

    @PutMapping({"/users"})
    @ApiOperation(value = "updateUserAndGroup", tags = {"MID"})
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @ResponseBody
    public EnvelopeResponse<String> addOrDelUsers(@RequestBody UpdateGroupRequest updateGroupRequest) throws IOException {
        checkGroupName(updateGroupRequest.getGroup());
        this.userGroupService.modifyGroupUsers(updateGroupRequest.getGroup(), updateGroupRequest.getUsers());
        return new EnvelopeResponse<>("000", "", "modify users in user group");
    }

    @PostMapping({"/batch"})
    @ApiOperation(value = "getUsersByGroup", tags = {"MID"}, notes = "Update URL: group_name; Update Param: group_name")
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @ResponseBody
    public EnvelopeResponse<String> batchAddUserGroups(@RequestBody List<String> list) {
        list.forEach(this::checkGroupName);
        this.userGroupService.addGroups(list);
        return new EnvelopeResponse<>("000", "", "batch add user groups");
    }

    @ApiOperation(value = "getUsersByGroup", tags = {"MID"}, notes = "Update URL: group_name; Update Param: group_name")
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @DeleteMapping({"/batch"})
    @ResponseBody
    public EnvelopeResponse<String> batchDelUserGroup(@RequestBody List<String> list) throws IOException {
        for (String str : list) {
            this.userGroupService.deleteGroup(str);
            this.aclTCRService.revokeAclTCR(str, false);
            EventBusFactory.getInstance().postAsync(new AclTCRRevokeEventNotifier(str, true));
        }
        return new EnvelopeResponse<>("000", "", "batch del user group");
    }

    public void checkGroupName(String str) {
        Message msg = MsgPicker.getMsg();
        if (StringUtils.isEmpty(str)) {
            throw new KylinException(ErrorCodeServer.REQUEST_PARAMETER_EMPTY_OR_VALUE_EMPTY, new Object[]{"group_name"});
        }
        if (str.startsWith(".")) {
            throw new KylinException(ServerErrorCode.INVALID_USERGROUP_NAME, msg.getInvalidNameStartWithDot());
        }
        if (!str.equals(str.trim())) {
            throw new KylinException(ServerErrorCode.INVALID_USERGROUP_NAME, msg.getInvalidNameStartOrEndWithBlank());
        }
        if (Pattern.compile("[^\\x00-\\xff]").matcher(str).find()) {
            throw new KylinException(ServerErrorCode.INVALID_USERGROUP_NAME, msg.getInvalidNameContainsOtherCharacter());
        }
        if (Pattern.compile("[\\\\/:*?\"<>|]").matcher(str).find()) {
            throw new KylinException(ServerErrorCode.INVALID_USERGROUP_NAME, msg.getInvalidNameContainsInlegalCharacter());
        }
    }
}
