package org.kuali.kfs.sys.rest.resource.businessobject;

import com.google.gson.Gson;
import com.opencsv.CSVWriter;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileWriter;
import java.io.IOException;
import java.util.Collections;
import java.util.Comparator;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.kuali.kfs.kns.datadictionary.BusinessObjectAdminService;
import org.kuali.kfs.kns.datadictionary.EntityNotFoundException;
import org.kuali.kfs.kns.service.BusinessObjectDictionaryService;
import org.kuali.kfs.krad.datadictionary.BusinessObjectEntry;
import org.kuali.kfs.krad.datadictionary.LookupResultAttributeDefinition;
import org.kuali.kfs.krad.datadictionary.SortDefinition;
import org.kuali.kfs.krad.exception.AuthorizationException;
import org.kuali.kfs.krad.service.DataDictionaryService;
import org.kuali.kfs.krad.service.LookupSearchService;
import org.kuali.kfs.krad.util.KRADUtils;
import org.kuali.kfs.sys.KFSConstants;
import org.kuali.kfs.sys.context.SpringContext;
import org.kuali.kfs.sys.rest.application.SysApiApplication;
import org.kuali.kfs.sys.rest.util.KualiMediaType;
import org.kuali.rice.kim.api.KimConstants;
import org.kuali.rice.kim.api.permission.PermissionService;
import org.kuali.rice.krad.bo.BusinessObject;

@Produces({"application/json", "application/octet-stream", "text/csv"})
@Path(SysApiApplication.BUSINESS_OBJECT_RESOURCE)
@Consumes({"application/json"})
/* loaded from: input_file:WEB-INF/lib/kfs-core-2018-06-28.jar:org/kuali/kfs/sys/rest/resource/businessobject/BusinessObjectResource.class */
public class BusinessObjectResource {
    private static final Log LOG = LogFactory.getLog(BusinessObjectResource.class);
    private BusinessObjectDictionaryService businessObjectDictionaryService;
    private DataDictionaryService dataDictionaryService;
    private PermissionService permissionService;

    @Context
    protected HttpServletRequest servletRequest;
    private final int DEFAULT_PAGE_SIZE = 100;
    private Gson gson = new Gson();

    @GET
    public Response describeBusinessObjectResource() {
        return Response.ok("Use this resource to interact with business objects.").build();
    }

    @Path("{businessObjectName}/lookup")
    public LookupResource getLookupResource(@PathParam("businessObjectName") String str) {
        return new LookupResource(this.servletRequest, str);
    }

    @GET
    @Path("{businessObjectName}")
    public Response getBusinessObjects(@PathParam("businessObjectName") String str, @Context UriInfo uriInfo, @Context HttpHeaders httpHeaders) {
        MultivaluedMap<String, String> queryParameters = uriInfo.getQueryParameters();
        Pair<List<Map<String, Object>>, Response> searchResultsData = getSearchResultsData(str, queryParameters);
        if (searchResultsData.getRight() != null) {
            return searchResultsData.getRight();
        }
        List<Map<String, Object>> left = searchResultsData.getLeft();
        List<MediaType> acceptableMediaTypes = httpHeaders.getAcceptableMediaTypes();
        if (!acceptableMediaTypes.contains(MediaType.WILDCARD_TYPE) && !acceptableMediaTypes.contains(MediaType.APPLICATION_JSON_TYPE)) {
            return acceptableMediaTypes.contains(KualiMediaType.TEXT_CSV_TYPE) ? convertSearchResultsToCsvResponse(str, left) : Response.status(Response.Status.UNSUPPORTED_MEDIA_TYPE).entity(this.gson.toJson("Only application/json and " + KualiMediaType.TEXT_CSV_TYPE + " are accepted at this time.")).build();
        }
        SortDefinition sortDefinition = getSortDefinition(queryParameters);
        if (sortDefinition == null) {
            Pair<Class<BusinessObject>, Response> determineBusinessObjectClass = determineBusinessObjectClass(str);
            if (determineBusinessObjectClass.getLeft() != null) {
                sortDefinition = getBusinessObjectDictionaryService().getLookupDefaultSortDefinition(determineBusinessObjectClass.getLeft());
            }
        }
        List<Map<String, Object>> sortResults = sortResults(str, left, sortDefinition);
        int size = sortResults.size();
        Pair<List<Map<String, Object>>, Response> pageOfResults = getPageOfResults(queryParameters, sortResults, size);
        return pageOfResults.getRight() != null ? pageOfResults.getRight() : Response.ok(this.gson.toJson(pageOfResults.getLeft())).header("Item-count", Integer.valueOf(size)).build();
    }

    @GET
    @Path("{businessObjectName}/{id}")
    public Response getBusinessObject(@PathParam("businessObjectName") String str, @PathParam("id") String str2, @Context HttpHeaders httpHeaders) {
        Pair<Class<BusinessObject>, Response> determineBusinessObjectClass = determineBusinessObjectClass(str);
        if (determineBusinessObjectClass.getRight() != null) {
            return determineBusinessObjectClass.getRight();
        }
        BusinessObjectAdminService businessObjectAdminService = getBusinessObjectDictionaryService().getBusinessObjectAdminService(determineBusinessObjectClass.getLeft());
        if (businessObjectAdminService != null) {
            return httpHeaders.getAcceptableMediaTypes().contains(MediaType.APPLICATION_OCTET_STREAM_TYPE) ? attemptToDownloadFile(str, str2, businessObjectAdminService) : Response.status(Response.Status.UNSUPPORTED_MEDIA_TYPE).entity(this.gson.toJson("Only application/octet-stream is accepted at this time.")).build();
        }
        LOG.error(str + "Seems to be missing a BusinessObjectAdminService! This GET operation can not be performed without a BusinessObjectAdminService.");
        return Response.serverError().build();
    }

    @Path("{businessObjectName}/{id}")
    @DELETE
    public Response deleteBusinessObject(@PathParam("businessObjectName") String str, @PathParam("id") String str2) {
        Pair<Class<BusinessObject>, Response> determineBusinessObjectClass = determineBusinessObjectClass(str);
        if (determineBusinessObjectClass.getRight() != null) {
            return determineBusinessObjectClass.getRight();
        }
        BusinessObjectAdminService businessObjectAdminService = getBusinessObjectDictionaryService().getBusinessObjectAdminService(determineBusinessObjectClass.getLeft());
        if (businessObjectAdminService == null) {
            LOG.error(str + "Seems to be missing a BusinessObjectAdminService! This DELETE operation can not be performed without a BusinessObjectAdminService.");
            return Response.serverError().build();
        }
        if (!businessObjectAdminService.supportsDelete()) {
            LOG.debug("Delete request received for business object: " + str + ". According to " + businessObjectAdminService.getClass().getSimpleName() + " this bo doesn't support deletion.");
            return Response.status(Response.Status.METHOD_NOT_ALLOWED).entity(this.gson.toJson("The requested business object does not support DELETE.")).build();
        }
        try {
            return businessObjectAdminService.delete(str2) ? Response.noContent().build() : Response.serverError().build();
        } catch (EntityNotFoundException e) {
            return Response.status(Response.Status.NOT_FOUND).build();
        } catch (AuthorizationException e2) {
            return Response.status(Response.Status.FORBIDDEN).build();
        }
    }

    private Response attemptToDownloadFile(String str, String str2, BusinessObjectAdminService businessObjectAdminService) {
        if (!businessObjectAdminService.supportsDownload()) {
            LOG.debug("Download request received for business object: " + str + ". According to " + businessObjectAdminService.getClass().getSimpleName() + " this bo doesn't support download.");
            return Response.status(Response.Status.METHOD_NOT_ALLOWED).entity(this.gson.toJson("The requested business object does not support GETs with the supplied media type.")).build();
        }
        try {
            File download = businessObjectAdminService.download(str2);
            return Response.ok(new FileInputStream(download)).type(MediaType.APPLICATION_OCTET_STREAM_TYPE).header("Content-Disposition", "attachment; filename=" + download.getName()).build();
        } catch (FileNotFoundException | EntityNotFoundException e) {
            return Response.status(Response.Status.NOT_FOUND).build();
        } catch (AuthorizationException e2) {
            return Response.status(Response.Status.FORBIDDEN).build();
        }
    }

    private Pair<List<Map<String, Object>>, Response> getPageOfResults(MultivaluedMap<String, String> multivaluedMap, List<Map<String, Object>> list, int i) {
        String first = multivaluedMap.getFirst("skip");
        int parseInt = first == null ? 0 : Integer.parseInt(first);
        if (parseInt > i) {
            return Pair.of(null, Response.status(Response.Status.REQUESTED_RANGE_NOT_SATISFIABLE).entity(this.gson.toJson("The requested page start: " + parseInt + " is larger than the results size: " + i + ".")).build());
        }
        int i2 = parseInt <= 0 ? 0 : parseInt;
        String first2 = multivaluedMap.getFirst(KFSConstants.Search.LIMIT);
        int parseInt2 = first2 == null ? 100 : Integer.parseInt(first2);
        if (parseInt2 < 0) {
            parseInt2 = 100;
        }
        return Pair.of(list.subList(i2, Math.min(i2 + parseInt2, i)), null);
    }

    private Pair<List<Map<String, Object>>, Response> getSearchResultsData(String str, MultivaluedMap<String, String> multivaluedMap) {
        Pair<Class<BusinessObject>, Response> determineBusinessObjectClass = determineBusinessObjectClass(str);
        if (determineBusinessObjectClass.getRight() != null) {
            return Pair.of(null, determineBusinessObjectClass.getRight());
        }
        Class<BusinessObject> left = determineBusinessObjectClass.getLeft();
        if (!isAuthorizedForLookup(left)) {
            return Pair.of(null, Response.status(Response.Status.FORBIDDEN).build());
        }
        LookupSearchService lookupSearchServiceForLookup = getBusinessObjectDictionaryService().getLookupSearchServiceForLookup(left);
        if (lookupSearchServiceForLookup != null) {
            return Pair.of(lookupSearchServiceForLookup.getSearchResults(multivaluedMap), null);
        }
        LOG.error(str + " seems to be missing a LookupSearchService! A lookup can not be performed without a LookupSearchService.");
        return Pair.of(null, Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(this.gson.toJson("The requested business object does not support lookup.")).build());
    }

    private Response convertSearchResultsToCsvResponse(String str, List<Map<String, Object>> list) {
        File file = null;
        FileWriter fileWriter = null;
        CSVWriter cSVWriter = null;
        try {
            try {
                file = File.createTempFile("searchResults-", ".csv");
                fileWriter = new FileWriter(file);
                cSVWriter = new CSVWriter(fileWriter);
                LinkedList linkedList = new LinkedList();
                if (list.size() > 0) {
                    cSVWriter.writeNext(getColumnHeaders(str, list, linkedList));
                    Iterator<Map<String, Object>> it = list.iterator();
                    while (it.hasNext()) {
                        cSVWriter.writeNext(getRowOfDataRepresentingThisResult(it.next()));
                    }
                }
                fileWriter.flush();
                FileInputStream fileInputStream = new FileInputStream(file);
                try {
                    cSVWriter.close();
                    fileWriter.close();
                } catch (IOException e) {
                    LOG.debug("Encountered an exception while trying to close a writer object. This should be non-fatal, so we're logging and ignoring.", e);
                }
                file.deleteOnExit();
                return Response.ok(fileInputStream).type(KualiMediaType.TEXT_CSV_TYPE).header("Content-Disposition", "attachment; filename=" + str + "-export.csv").build();
            } catch (Throwable th) {
                try {
                    cSVWriter.close();
                    fileWriter.close();
                } catch (IOException e2) {
                    LOG.debug("Encountered an exception while trying to close a writer object. This should be non-fatal, so we're logging and ignoring.", e2);
                }
                file.deleteOnExit();
                throw th;
            }
        } catch (IOException e3) {
            LOG.error("Encountered an exception while attempting to format search results as csv.", e3);
            Response build = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(this.gson.toJson("Encountered an " + e3.getClass().getSimpleName() + " while attempting to format search results as csv.")).build();
            try {
                cSVWriter.close();
                fileWriter.close();
            } catch (IOException e4) {
                LOG.debug("Encountered an exception while trying to close a writer object. This should be non-fatal, so we're logging and ignoring.", e4);
            }
            file.deleteOnExit();
            return build;
        }
    }

    private SortDefinition getSortDefinition(MultivaluedMap<String, String> multivaluedMap) {
        String first = multivaluedMap.getFirst("sort");
        if (first == null) {
            return null;
        }
        boolean startsWith = first.startsWith("-");
        String substring = startsWith ? first.substring(1, first.length()) : first;
        SortDefinition sortDefinition = new SortDefinition();
        sortDefinition.setAttributeName(substring);
        sortDefinition.setSortAscending(!startsWith);
        return sortDefinition;
    }

    private List<Map<String, Object>> sortResults(String str, List<Map<String, Object>> list, SortDefinition sortDefinition) {
        if (sortDefinition != null && sortDefinition.getAttributeNames().size() > 0) {
            Pair<Class<BusinessObject>, Response> determineBusinessObjectClass = determineBusinessObjectClass(str);
            if (determineBusinessObjectClass.getRight() != null) {
                return list;
            }
            String str2 = sortDefinition.getAttributeNames().get(0);
            LookupResultAttributeDefinition lookupResultAttributeDefinition = getBusinessObjectDictionaryService().getLookupResultAttributeDefinition(determineBusinessObjectClass.getLeft(), str2);
            if (lookupResultAttributeDefinition != null) {
                Comparator comparator = lookupResultAttributeDefinition.getComparator();
                if (!sortDefinition.getSortAscending()) {
                    comparator = comparator.reversed();
                }
                Comparator comparator2 = comparator;
                list.sort((map, map2) -> {
                    return comparator2.compare(map.get(str2), map2.get(str2));
                });
            }
        }
        return list;
    }

    private String[] getRowOfDataRepresentingThisResult(Map<String, Object> map) {
        LinkedList linkedList = new LinkedList();
        for (String str : map.keySet()) {
            if (!str.equals("actions")) {
                linkedList.add(map.get(str).toString());
            }
        }
        return (String[]) linkedList.toArray(new String[linkedList.size()]);
    }

    private String[] getColumnHeaders(String str, List<Map<String, Object>> list, List<String> list2) {
        for (String str2 : list.get(0).keySet()) {
            if (!str2.equals("actions")) {
                list2.add(getCorrespondingLabel(str, str2));
            }
        }
        return (String[]) list2.toArray(new String[list2.size()]);
    }

    private String getCorrespondingLabel(String str, String str2) {
        String attributeLabel = getDataDictionaryService().getAttributeLabel(str, str2);
        if (attributeLabel == null) {
            attributeLabel = "*error*";
            LOG.warn("While attempting to return search results as csv, we were unable to locate a label for business object: " + str + " fieldName: " + str2);
        }
        return attributeLabel;
    }

    private Pair<Class<BusinessObject>, Response> determineBusinessObjectClass(String str) {
        BusinessObjectEntry businessObjectEntry = getDataDictionaryService().getDataDictionary().getBusinessObjectEntry(str);
        return businessObjectEntry == null ? Pair.of(null, Response.status(Response.Status.NOT_FOUND).entity(this.gson.toJson("Could not find BusinessObjectEntry for " + str + ".")).build()) : Pair.of(businessObjectEntry.getBusinessObjectClass(), null);
    }

    private boolean isAuthorizedForLookup(Class cls) {
        return getPermissionService().isAuthorizedByTemplate(getPrincipalId(), "KR-NS", KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS, KRADUtils.getNamespaceAndComponentSimpleName(cls), Collections.emptyMap());
    }

    private String getPrincipalId() {
        return KRADUtils.getPrincipalIdFromRequest(this.servletRequest);
    }

    private BusinessObjectDictionaryService getBusinessObjectDictionaryService() {
        if (this.businessObjectDictionaryService == null) {
            this.businessObjectDictionaryService = (BusinessObjectDictionaryService) SpringContext.getBean(BusinessObjectDictionaryService.class);
        }
        return this.businessObjectDictionaryService;
    }

    protected void setBusinessObjectDictionaryService(BusinessObjectDictionaryService businessObjectDictionaryService) {
        this.businessObjectDictionaryService = businessObjectDictionaryService;
    }

    private DataDictionaryService getDataDictionaryService() {
        if (this.dataDictionaryService == null) {
            this.dataDictionaryService = (DataDictionaryService) SpringContext.getBean(DataDictionaryService.class);
        }
        return this.dataDictionaryService;
    }

    protected void setDataDictionaryService(DataDictionaryService dataDictionaryService) {
        this.dataDictionaryService = dataDictionaryService;
    }

    private PermissionService getPermissionService() {
        if (this.permissionService == null) {
            this.permissionService = (PermissionService) SpringContext.getBean(PermissionService.class);
        }
        return this.permissionService;
    }

    protected void setPermissionService(PermissionService permissionService) {
        this.permissionService = permissionService;
    }
}
