package org.apache.ranger.rest;

import java.io.File;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.DELETE;
import javax.ws.rs.Encoded;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.hdfs.web.resources.OwnerParam;
import org.apache.log4j.Logger;
import org.apache.ranger.admin.client.datatype.RESTResponse;
import org.apache.ranger.biz.AssetMgr;
import org.apache.ranger.biz.RangerBizUtil;
import org.apache.ranger.common.PropertiesUtil;
import org.apache.ranger.common.RESTErrorUtil;
import org.apache.ranger.common.RangerSearchUtil;
import org.apache.ranger.common.SearchCriteria;
import org.apache.ranger.common.ServiceUtil;
import org.apache.ranger.common.StringUtil;
import org.apache.ranger.common.annotation.RangerAnnotationClassName;
import org.apache.ranger.common.annotation.RangerAnnotationJSMgrName;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.util.SearchFilter;
import org.apache.ranger.plugin.util.ServicePolicies;
import org.apache.ranger.service.XAccessAuditService;
import org.apache.ranger.service.XAssetService;
import org.apache.ranger.service.XCredentialStoreService;
import org.apache.ranger.service.XPolicyExportAuditService;
import org.apache.ranger.service.XPolicyService;
import org.apache.ranger.service.XResourceService;
import org.apache.ranger.service.XTrxLogService;
import org.apache.ranger.view.VXAccessAuditList;
import org.apache.ranger.view.VXAsset;
import org.apache.ranger.view.VXAssetList;
import org.apache.ranger.view.VXCredentialStore;
import org.apache.ranger.view.VXCredentialStoreList;
import org.apache.ranger.view.VXLong;
import org.apache.ranger.view.VXPolicy;
import org.apache.ranger.view.VXPolicyExportAuditList;
import org.apache.ranger.view.VXResource;
import org.apache.ranger.view.VXResourceList;
import org.apache.ranger.view.VXResponse;
import org.apache.ranger.view.VXTrxLogList;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Propagation;
import org.springframework.transaction.annotation.Transactional;

@Path("assets")
@Scope("request")
@Transactional(propagation = Propagation.REQUIRES_NEW)
@Component
@RangerAnnotationJSMgrName("AssetMgr")
/* loaded from: input_file:WEB-INF/classes/org/apache/ranger/rest/AssetREST.class */
public class AssetREST {
    private static final Logger logger = Logger.getLogger(AssetREST.class);

    @Autowired
    RangerSearchUtil searchUtil;

    @Autowired
    AssetMgr assetMgr;

    @Autowired
    XAssetService xAssetService;

    @Autowired
    XResourceService xResourceService;

    @Autowired
    XPolicyService xPolicyService;

    @Autowired
    XCredentialStoreService xCredentialStoreService;

    @Autowired
    RESTErrorUtil restErrorUtil;

    @Autowired
    XPolicyExportAuditService xPolicyExportAudits;

    @Autowired
    XTrxLogService xTrxLogService;

    @Autowired
    RangerBizUtil msBizUtil;

    @Autowired
    XAccessAuditService xAccessAuditService;

    @Autowired
    ServiceUtil serviceUtil;

    @Autowired
    ServiceREST serviceREST;

    @Autowired
    RangerDaoManager daoManager;

    @GET
    @Path("/assets/{id}")
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"AssetREST.getXAsset\")")
    @Produces({"application/xml", "application/json"})
    public VXAsset getXAsset(@PathParam("id") Long l) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.getXAsset(" + l + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        VXAsset vXAsset = this.serviceUtil.toVXAsset(this.serviceREST.getService(l));
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.getXAsset(" + l + "): " + vXAsset);
        }
        return vXAsset;
    }

    @Path("/assets")
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"AssetREST.createXAsset\")")
    @POST
    @Produces({"application/xml", "application/json"})
    public VXAsset createXAsset(VXAsset vXAsset) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.createXAsset(" + vXAsset + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        VXAsset vXAsset2 = this.serviceUtil.toVXAsset(this.serviceREST.createService(this.serviceUtil.toRangerService(vXAsset)));
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.createXAsset(" + vXAsset + "): " + vXAsset2);
        }
        return vXAsset2;
    }

    @Path("/assets/{id}")
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"AssetREST.updateXAsset\")")
    @Produces({"application/xml", "application/json"})
    @PUT
    public VXAsset updateXAsset(VXAsset vXAsset) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.updateXAsset(" + vXAsset + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        VXAsset vXAsset2 = this.serviceUtil.toVXAsset(this.serviceREST.updateService(this.serviceUtil.toRangerService(vXAsset), null));
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.updateXAsset(" + vXAsset + "): " + vXAsset2);
        }
        return vXAsset2;
    }

    @Path("/assets/{id}")
    @RangerAnnotationClassName(class_name = VXAsset.class)
    @DELETE
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"AssetREST.deleteXAsset\")")
    public void deleteXAsset(@PathParam("id") Long l, @Context HttpServletRequest httpServletRequest) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.deleteXAsset(" + l + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        this.serviceREST.deleteService(l);
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.deleteXAsset(" + l + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
    }

    @Path("/assets/testConfig")
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"AssetREST.testConfig\")")
    @POST
    @Produces({"application/xml", "application/json"})
    public VXResponse configTest(VXAsset vXAsset) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.configTest(" + vXAsset + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        VXResponse validateConfig = this.serviceREST.validateConfig(this.serviceUtil.toRangerService(vXAsset));
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.testConfig(" + vXAsset + "): " + validateConfig);
        }
        return validateConfig;
    }

    @GET
    @Path("/assets")
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"AssetREST.searchXAssets\")")
    @Produces({"application/xml", "application/json"})
    public VXAssetList searchXAssets(@Context HttpServletRequest httpServletRequest) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.searchXAssets()");
        }
        VXAssetList vXAssetList = new VXAssetList();
        List<RangerService> services = this.serviceREST.getServices(this.searchUtil.getSearchFilterFromLegacyRequestForRepositorySearch(httpServletRequest, this.xAssetService.sortFields));
        if (services != null) {
            ArrayList arrayList = new ArrayList();
            Iterator<RangerService> it = services.iterator();
            while (it.hasNext()) {
                VXAsset vXAsset = this.serviceUtil.toVXAsset(it.next());
                if (vXAsset != null) {
                    arrayList.add(vXAsset);
                }
            }
            vXAssetList.setVXAssets(arrayList);
        }
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.searchXAssets(): count=" + vXAssetList.getListSize());
        }
        return vXAssetList;
    }

    @GET
    @Path("/assets/count")
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"AssetREST.countXAssets\")")
    @Produces({"application/xml", "application/json"})
    public VXLong countXAssets(@Context HttpServletRequest httpServletRequest) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.countXAssets()");
        }
        VXLong vXLong = new VXLong();
        vXLong.setValue(searchXAssets(httpServletRequest).getListSize());
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.countXAssets(): " + vXLong);
        }
        return vXLong;
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/resources/{id}")
    public VXResource getXResource(@PathParam("id") Long l) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.getXResource(" + l + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        RangerService rangerService = null;
        RangerPolicy policy = this.serviceREST.getPolicy(l);
        if (policy != null) {
            rangerService = this.serviceREST.getServiceByName(policy.getService());
        }
        VXResource vXResource = this.serviceUtil.toVXResource(policy, rangerService);
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.getXResource(" + l + "): " + vXResource);
        }
        return vXResource;
    }

    @POST
    @Produces({"application/xml", "application/json"})
    @Path("/resources")
    public VXResource createXResource(VXResource vXResource) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.createXResource(" + vXResource + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        RangerService service = this.serviceREST.getService(vXResource.getAssetId());
        VXResource vXResource2 = this.serviceUtil.toVXResource(this.serviceREST.createPolicy(this.serviceUtil.toRangerPolicy(vXResource, service), null), service);
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.createXResource(" + vXResource + "): " + vXResource2);
        }
        return vXResource2;
    }

    @Produces({"application/xml", "application/json"})
    @Path("/resources/{id}")
    @PUT
    public VXResource updateXResource(VXResource vXResource) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.updateXResource(" + vXResource + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        RangerService service = this.serviceREST.getService(vXResource.getAssetId());
        VXResource vXResource2 = this.serviceUtil.toVXResource(this.serviceREST.updatePolicy(this.serviceUtil.toRangerPolicy(vXResource, service)), service);
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.updateXResource(" + vXResource + "): " + vXResource2);
        }
        return vXResource2;
    }

    @Path("/resources/{id}")
    @RangerAnnotationClassName(class_name = VXResource.class)
    @DELETE
    @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
    public void deleteXResource(@PathParam("id") Long l, @Context HttpServletRequest httpServletRequest) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.deleteXResource(" + l + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        this.serviceREST.deletePolicy(l);
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.deleteXResource(" + l + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/resources")
    public VXResourceList searchXResources(@Context HttpServletRequest httpServletRequest) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.searchXResources()");
        }
        VXResourceList vXResourceList = new VXResourceList();
        List<RangerPolicy> policies = this.serviceREST.getPolicies(this.searchUtil.getSearchFilterFromLegacyRequest(httpServletRequest, this.xResourceService.sortFields));
        if (policies != null) {
            ArrayList arrayList = new ArrayList();
            for (RangerPolicy rangerPolicy : policies) {
                VXResource vXResource = this.serviceUtil.toVXResource(rangerPolicy, this.serviceREST.getServiceByName(rangerPolicy.getService()));
                if (vXResource != null) {
                    arrayList.add(vXResource);
                }
            }
            vXResourceList.setVXResources(arrayList);
        }
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.searchXResources(): count=" + vXResourceList.getResultSize());
        }
        return vXResourceList;
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/resources/count")
    public VXLong countXResources(@Context HttpServletRequest httpServletRequest) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.countXResources()");
        }
        VXLong vXLong = new VXLong();
        vXLong.setValue(searchXResources(httpServletRequest).getListSize());
        if (logger.isDebugEnabled()) {
            logger.debug("<== AssetREST.countXAssets(): " + vXLong);
        }
        return vXLong;
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/credstores/{id}")
    public VXCredentialStore getXCredentialStore(@PathParam("id") Long l) {
        return this.assetMgr.getXCredentialStore(l);
    }

    @POST
    @Produces({"application/xml", "application/json"})
    @Path("/credstores")
    public VXCredentialStore createXCredentialStore(VXCredentialStore vXCredentialStore) {
        return this.assetMgr.createXCredentialStore(vXCredentialStore);
    }

    @Produces({"application/xml", "application/json"})
    @Path("/credstores")
    @PUT
    public VXCredentialStore updateXCredentialStore(VXCredentialStore vXCredentialStore) {
        return this.assetMgr.updateXCredentialStore(vXCredentialStore);
    }

    @Path("/credstores/{id}")
    @RangerAnnotationClassName(class_name = VXCredentialStore.class)
    @DELETE
    @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
    public void deleteXCredentialStore(@PathParam("id") Long l, @Context HttpServletRequest httpServletRequest) {
        this.assetMgr.deleteXCredentialStore(l, false);
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/credstores")
    public VXCredentialStoreList searchXCredentialStores(@Context HttpServletRequest httpServletRequest) {
        return this.assetMgr.searchXCredentialStores(this.searchUtil.extractCommonCriterias(httpServletRequest, this.xCredentialStoreService.sortFields));
    }

    @GET
    @Produces({"application/xml", "application/json"})
    @Path("/credstores/count")
    public VXLong countXCredentialStores(@Context HttpServletRequest httpServletRequest) {
        return this.assetMgr.getXCredentialStoreSearchCount(this.searchUtil.extractCommonCriterias(httpServletRequest, this.xCredentialStoreService.sortFields));
    }

    @GET
    @Path("/resource/{id}")
    public Response getXResourceFile(@Context HttpServletRequest httpServletRequest, @PathParam("id") Long l) {
        File xResourceFile;
        String extractString = this.searchUtil.extractString(httpServletRequest, new SearchCriteria(), "fileType", "File type", StringUtil.VALIDATION_TEXT);
        VXResource xResource = getXResource(l);
        Response response = null;
        if (xResource != null && StringUtils.isNotEmpty(extractString) && (xResourceFile = this.assetMgr.getXResourceFile(xResource, extractString)) != null) {
            response = Response.ok(xResourceFile, "application/octet-stream").header("Content-Disposition", "attachment;filename=" + xResourceFile.getName()).build();
        }
        return response;
    }

    @GET
    @Path("/policyList/{repository}")
    @Encoded
    public String getResourceJSON(@Context HttpServletRequest httpServletRequest, @PathParam("repository") String str) {
        String parameter = httpServletRequest.getParameter("epoch");
        X509Certificate[] x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
        String header = httpServletRequest.getHeader("X-FORWARDED-FOR");
        boolean isSecure = httpServletRequest.isSecure();
        String parameter2 = httpServletRequest.getParameter("policyCount");
        String parameter3 = httpServletRequest.getParameter("agentId");
        if (header == null) {
            header = httpServletRequest.getRemoteAddr();
        }
        boolean booleanProperty = PropertiesUtil.getBooleanProperty("ranger.service.http.enabled", true);
        ServicePolicies servicePolicies = null;
        try {
            servicePolicies = this.serviceREST.getServicePoliciesIfUpdated(str, -1L, 0L, parameter3, "", httpServletRequest);
        } catch (Exception e) {
            logger.error("failed to retrieve policies for repository " + str, e);
        }
        RangerService serviceByName = this.serviceUtil.getServiceByName(str);
        List<RangerPolicy> policies = servicePolicies != null ? servicePolicies.getPolicies() : null;
        long time = (servicePolicies == null || servicePolicies.getPolicyUpdateTime() == null) ? 0L : servicePolicies.getPolicyUpdateTime().getTime();
        VXAsset vXAsset = this.serviceUtil.toVXAsset(serviceByName);
        ArrayList arrayList = new ArrayList();
        if (policies != null) {
            Iterator<RangerPolicy> it = policies.iterator();
            while (it.hasNext()) {
                arrayList.add(this.serviceUtil.toVXResource(it.next(), serviceByName));
            }
        }
        return this.assetMgr.getLatestRepoPolicy(vXAsset, arrayList, Long.valueOf(time), x509CertificateArr, booleanProperty, parameter, header, isSecure, parameter2, parameter3);
    }

    @GET
    @Path("/exportAudit")
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"AssetREST.searchXPolicyExportAudits\")")
    @Produces({"application/xml", "application/json"})
    public VXPolicyExportAuditList searchXPolicyExportAudits(@Context HttpServletRequest httpServletRequest) {
        SearchCriteria extractCommonCriterias = this.searchUtil.extractCommonCriterias(httpServletRequest, this.xPolicyExportAudits.sortFields);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "agentId", "The XA agent id pulling the policies.", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "clientIP", "The XA agent ip pulling the policies.", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "repositoryName", "Repository name for which export was done.", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractInt(httpServletRequest, extractCommonCriterias, "httpRetCode", "HTTP response code for exported policy.");
        this.searchUtil.extractDate(httpServletRequest, extractCommonCriterias, "startDate", "Start Date", null);
        this.searchUtil.extractDate(httpServletRequest, extractCommonCriterias, "endDate", "End Date", null);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "cluster", "Cluster Name", StringUtil.VALIDATION_TEXT);
        return this.assetMgr.searchXPolicyExportAudits(extractCommonCriterias);
    }

    @GET
    @Path("/report")
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"AssetREST.getReportLogs\")")
    @Produces({"application/xml", "application/json"})
    public VXTrxLogList getReportLogs(@Context HttpServletRequest httpServletRequest) {
        SearchCriteria extractCommonCriterias = this.searchUtil.extractCommonCriterias(httpServletRequest, this.xTrxLogService.sortFields);
        this.searchUtil.extractInt(httpServletRequest, extractCommonCriterias, "objectClassType", "audit type.");
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "attributeName", "Attribute Name", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "action", "CRUD Action Type", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "sessionId", "Session Id", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, OwnerParam.NAME, "Owner", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractDate(httpServletRequest, extractCommonCriterias, "startDate", "Trasaction date since", "MM/dd/yyyy");
        this.searchUtil.extractDate(httpServletRequest, extractCommonCriterias, "endDate", "Trasaction date till", "MM/dd/yyyy");
        return this.assetMgr.getReportLogs(extractCommonCriterias);
    }

    @GET
    @Path("/report/{transactionId}")
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"AssetREST.getTransactionReport\")")
    @Produces({"application/xml", "application/json"})
    public VXTrxLogList getTransactionReport(@Context HttpServletRequest httpServletRequest, @PathParam("transactionId") String str) {
        return this.assetMgr.getTransactionReport(str);
    }

    @GET
    @Path("/accessAudit")
    @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"AssetREST.getAccessLogs\")")
    @Produces({"application/xml", "application/json"})
    public VXAccessAuditList getAccessLogs(@Context HttpServletRequest httpServletRequest) {
        SearchCriteria extractCommonCriterias = this.searchUtil.extractCommonCriterias(httpServletRequest, this.xAccessAuditService.sortFields);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "accessType", "Access Type", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "aclEnforcer", "Access Type", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "agentId", "Access Type", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "repoName", "Access Type", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "sessionId", "Access Type", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "requestUser", "Access Type", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "requestData", "Access Type", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "resourcePath", "Access Type", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "clientIP", "Client IP", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "resourceType", "Resource Type", StringUtil.VALIDATION_TEXT);
        this.searchUtil.extractInt(httpServletRequest, extractCommonCriterias, "auditType", "Audit Type");
        this.searchUtil.extractInt(httpServletRequest, extractCommonCriterias, "accessResult", "Result");
        this.searchUtil.extractInt(httpServletRequest, extractCommonCriterias, "assetId", "Audit Type");
        this.searchUtil.extractLong(httpServletRequest, extractCommonCriterias, SearchFilter.POLICY_ID, "Audit Type");
        this.searchUtil.extractInt(httpServletRequest, extractCommonCriterias, "repoType", "Service Type");
        this.searchUtil.extractDate(httpServletRequest, extractCommonCriterias, "startDate", "Start Date", "MM/dd/yyyy");
        this.searchUtil.extractDate(httpServletRequest, extractCommonCriterias, "endDate", "End Date", "MM/dd/yyyy");
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, TagRESTConstants.TAGDEF_NAME_AND_VERSION, TagRESTConstants.TAGDEF_NAME_AND_VERSION, null);
        this.searchUtil.extractString(httpServletRequest, extractCommonCriterias, "cluster", "Cluster Name", StringUtil.VALIDATION_TEXT);
        boolean isKeyAdmin = this.msBizUtil.isKeyAdmin();
        XXServiceDef findByName = this.daoManager.getXXServiceDef().findByName("kms");
        if (isKeyAdmin && findByName != null) {
            extractCommonCriterias.getParamList().put("repoType", findByName.getId());
        }
        return this.assetMgr.getAccessLogs(extractCommonCriterias);
    }

    @POST
    @Produces({"application/xml", "application/json"})
    @Path("/resources/grant")
    public VXPolicy grantPermission(@Context HttpServletRequest httpServletRequest, VXPolicy vXPolicy) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.grantPermission(" + vXPolicy + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        if (vXPolicy == null) {
            logger.error("400Bad Request parameter");
            throw this.restErrorUtil.createRESTException("Bad Request parameter");
        }
        try {
            RESTResponse grantAccess = this.serviceREST.grantAccess(vXPolicy.getRepositoryName(), this.serviceUtil.toGrantRevokeRequest(vXPolicy), httpServletRequest);
            if (logger.isDebugEnabled()) {
                logger.debug("<== AssetREST.grantPermission(" + grantAccess + DefaultExpressionEngine.DEFAULT_INDEX_END);
            }
            return vXPolicy;
        } catch (WebApplicationException e) {
            throw e;
        } catch (Throwable th) {
            logger.error("400Grant Access Failed for the request " + vXPolicy, th);
            throw this.restErrorUtil.createRESTException("Grant Access Failed for the request: " + vXPolicy + ". " + th.getMessage());
        }
    }

    @POST
    @Produces({"application/xml", "application/json"})
    @Path("/resources/revoke")
    public VXPolicy revokePermission(@Context HttpServletRequest httpServletRequest, VXPolicy vXPolicy) {
        if (logger.isDebugEnabled()) {
            logger.debug("==> AssetREST.revokePermission(" + vXPolicy + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        if (vXPolicy == null) {
            logger.error("400Bad Request parameter");
            throw this.restErrorUtil.createRESTException("Bad Request parameter");
        }
        try {
            RESTResponse revokeAccess = this.serviceREST.revokeAccess(vXPolicy.getRepositoryName(), this.serviceUtil.toGrantRevokeRequest(vXPolicy), httpServletRequest);
            if (logger.isDebugEnabled()) {
                logger.debug("<== AssetREST.revokePermission(" + revokeAccess + DefaultExpressionEngine.DEFAULT_INDEX_END);
            }
            return vXPolicy;
        } catch (WebApplicationException e) {
            throw e;
        } catch (Throwable th) {
            logger.error("400Revoke Access Failed for the request " + vXPolicy, th);
            throw this.restErrorUtil.createRESTException("Revoke Access Failed for the request: " + vXPolicy + ". " + th.getMessage());
        }
    }
}
