package org.kuali.kfs.sys.rest.resource.businessobject;

import com.fasterxml.jackson.databind.JsonNode;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.ForbiddenException;
import javax.ws.rs.GET;
import javax.ws.rs.InternalServerErrorException;
import javax.ws.rs.NotAllowedException;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.NotSupportedException;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.container.ResourceContext;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.kuali.kfs.core.api.config.property.ConfigurationService;
import org.kuali.kfs.datadictionary.ActionsProvider;
import org.kuali.kfs.datadictionary.BusinessObjectAdminService;
import org.kuali.kfs.datadictionary.LookupDictionary;
import org.kuali.kfs.datadictionary.legacy.BusinessObjectDictionaryService;
import org.kuali.kfs.kim.api.KimConstants;
import org.kuali.kfs.kim.api.identity.Person;
import org.kuali.kfs.kim.api.permission.PermissionService;
import org.kuali.kfs.kns.datadictionary.BusinessObjectEntry;
import org.kuali.kfs.kns.datadictionary.EntityNotFoundException;
import org.kuali.kfs.krad.UserSession;
import org.kuali.kfs.krad.bo.BusinessObject;
import org.kuali.kfs.krad.bo.BusinessObjectBase;
import org.kuali.kfs.krad.datadictionary.SortDefinition;
import org.kuali.kfs.krad.exception.AuthorizationException;
import org.kuali.kfs.krad.util.KRADUtils;
import org.kuali.kfs.krad.util.ObjectUtils;
import org.kuali.kfs.sys.KFSConstants;
import org.kuali.kfs.sys.batch.BatchJobStatus;
import org.kuali.kfs.sys.businessobject.service.BusinessObjectCreationService;
import org.kuali.kfs.sys.businessobject.service.SearchService;
import org.kuali.kfs.sys.context.SpringContext;
import org.kuali.kfs.sys.rest.application.SysApiApplication;
import org.kuali.kfs.sys.rest.resource.responses.ActionResponse;
import org.kuali.kfs.sys.rest.util.KualiMediaType;

@Produces({"application/json", "application/octet-stream", "text/csv", KualiMediaType.LOOKUP_JSON})
@Path(SysApiApplication.BUSINESS_OBJECT_RESOURCE)
@Consumes({"application/json"})
/* loaded from: input_file:WEB-INF/lib/kfs-core-2021-03-25.jar:org/kuali/kfs/sys/rest/resource/businessobject/BusinessObjectResource.class */
public class BusinessObjectResource {
    private static final Logger LOG = LogManager.getLogger();
    private static final String acceptTypeErrorMessage = "Only */* ,application/json ,application/vnd.kuali.lookup+json , and text/csv are supported at this time";
    private final int DEFAULT_PAGE_SIZE = 100;
    private BusinessObjectDictionaryService businessObjectDictionaryService;
    private ConfigurationService configurationService;
    private LookupDictionary lookupDictionary;
    private PermissionService permissionService;

    @Context
    protected HttpServletRequest servletRequest;

    @Context
    protected HttpServletResponse servletResponse;

    @Context
    protected ResourceContext resourceContext;

    @GET
    @Produces({"application/json"})
    public Set<String> describeBusinessObjectResource() {
        BusinessObjectDictionaryService businessObjectDictionaryService = getBusinessObjectDictionaryService();
        Stream<R> map = businessObjectDictionaryService.getBusinessObjectEntries().values().parallelStream().map((v0) -> {
            return v0.getBusinessObjectClass();
        });
        Objects.requireNonNull(businessObjectDictionaryService);
        return (Set) map.filter(businessObjectDictionaryService::isLookupable).filter(cls -> {
            return getLookupDictionary().getSearchService(cls) != null;
        }).map((v0) -> {
            return v0.getSimpleName();
        }).collect(Collectors.toSet());
    }

    @Path("{businessObjectName}/lookup")
    public LookupResource getLookupResource(@PathParam("businessObjectName") BusinessObjectEntry businessObjectEntry) {
        return new LookupResource(this.servletRequest, businessObjectEntry);
    }

    @Path("{businessObjectName}/details")
    public DetailsResource getDetailResource(@PathParam("businessObjectName") BusinessObjectEntry businessObjectEntry) {
        if (isAuthorizedToView(businessObjectEntry.getBusinessObjectClass())) {
            return (DetailsResource) this.resourceContext.initResource(new DetailsResource(businessObjectEntry));
        }
        throw new ForbiddenException();
    }

    @GET
    @Produces({"application/json", "*/*", KualiMediaType.LOOKUP_JSON, "text/csv"})
    @Path("{businessObjectName}")
    public List<BusinessObjectBase> getBusinessObjects(@PathParam("businessObjectName") BusinessObjectEntry businessObjectEntry, @Context UriInfo uriInfo, @Context HttpHeaders httpHeaders) {
        if (businessObjectEntry == null) {
            throw new NotFoundException();
        }
        Class<? extends BusinessObject> businessObjectClass = businessObjectEntry.getBusinessObjectClass();
        if (!isAuthorizedToView(businessObjectClass)) {
            throw new ForbiddenException();
        }
        BusinessObjectDictionaryService businessObjectDictionaryService = getBusinessObjectDictionaryService();
        SearchService searchService = getLookupDictionary().getSearchService(businessObjectClass);
        if (searchService == null) {
            LOG.error(businessObjectEntry.getName() + " seems to be missing a SearchService! A lookup can not be performed without a SearchService.");
            throw new InternalServerErrorException("The requested business object does not support lookup.");
        }
        if (!acceptTypeIsSupported(httpHeaders.getAcceptableMediaTypes())) {
            throw new NotSupportedException(acceptTypeErrorMessage);
        }
        MultivaluedMap<String, String> queryParameters = uriInfo.getQueryParameters();
        Pair<Integer, Integer> skipAndLimit = getSkipAndLimit(queryParameters);
        SortDefinition sortDefinition = getSortDefinition(queryParameters);
        if (sortDefinition == null) {
            sortDefinition = businessObjectDictionaryService.getLookupDefaultSortDefinition(businessObjectClass);
        }
        String str = null;
        boolean z = true;
        if (sortDefinition != null && sortDefinition.getAttributeNames().size() > 0) {
            str = sortDefinition.getAttributeNames().get(0);
            z = sortDefinition.getSortAscending();
        }
        Pair<Collection<? extends BusinessObjectBase>, Integer> searchResults = searchService.getSearchResults(businessObjectClass, queryParameters, skipAndLimit.getLeft().intValue(), skipAndLimit.getRight().intValue(), str, z);
        this.servletResponse.setIntHeader("Item-Count", searchResults.getRight().intValue());
        return (List) searchResults.getLeft();
    }

    @GET
    @Produces({"application/json", "*/*", "application/octet-stream", KualiMediaType.DETAIL_JSON})
    @Path("{businessObjectName}/{id}")
    public Object getBusinessObject(@PathParam("businessObjectName") BusinessObjectEntry businessObjectEntry, @PathParam("id") String str) {
        if (businessObjectEntry == null) {
            throw new NotFoundException();
        }
        Class<? extends BusinessObject> businessObjectClass = businessObjectEntry.getBusinessObjectClass();
        if (!isAuthorizedToView(businessObjectClass)) {
            throw new ForbiddenException();
        }
        Object find = getLookupDictionary().getSearchService(businessObjectClass).find(businessObjectClass, str);
        if (ObjectUtils.isNull(find)) {
            throw new NotFoundException();
        }
        return find;
    }

    @GET
    @Path("{businessObjectName}/{id}/actions")
    public List<ActionResponse> getBusinessObjectActions(@PathParam("businessObjectName") BusinessObjectEntry businessObjectEntry, @PathParam("id") String str) {
        Object businessObject = getBusinessObject(businessObjectEntry, str);
        ActionsProvider actionsProvider = businessObjectEntry.getActionsProvider();
        if (actionsProvider == null) {
            LOG.error("No actions provider for business object entry {}", businessObjectEntry.getName());
            throw new NotSupportedException();
        }
        return (List) actionsProvider.getActionLinks((BusinessObjectBase) businessObject, getUserSessionFromRequest(this.servletRequest).getPerson()).stream().map(ActionResponse::from).collect(Collectors.toList());
    }

    @POST
    @Path("{businessObjectName}")
    public Response createBusinessObject(@PathParam("businessObjectName") BusinessObjectEntry businessObjectEntry, JsonNode jsonNode) {
        if (businessObjectEntry == null) {
            throw new NotFoundException();
        }
        Class<? extends BusinessObject> businessObjectClass = businessObjectEntry.getBusinessObjectClass();
        BusinessObjectCreationService businessObjectCreationService = getBusinessObjectDictionaryService().getBusinessObjectCreationService(businessObjectClass);
        BusinessObjectAdminService businessObjectAdminService = getBusinessObjectDictionaryService().getBusinessObjectAdminService(businessObjectClass);
        if (businessObjectAdminService == null) {
            LOG.error("Could not find admin for business object entry {}", businessObjectEntry.getName());
            throw new InternalServerErrorException();
        }
        if (businessObjectCreationService == null) {
            LOG.error("Could not find creation service for business object entry {}", businessObjectEntry.getName());
            return Response.status(Response.Status.NOT_IMPLEMENTED).build();
        }
        Person person = getUserSessionFromRequest(this.servletRequest).getPerson();
        if (!businessObjectAdminService.allowsCreate(businessObjectClass, person)) {
            throw new ForbiddenException();
        }
        BusinessObjectBase initialize = businessObjectCreationService.initialize(jsonNode, person);
        if (initialize != null) {
            return Response.status(Response.Status.CREATED).header("Location", this.servletRequest.getRequestURI() + "/" + (initialize instanceof BatchJobStatus ? ((BatchJobStatus) initialize).getId() : "")).entity(initialize).build();
        }
        LOG.error("Could not create business object of type {} with data {}", businessObjectEntry.getName(), jsonNode.toString());
        throw new InternalServerErrorException();
    }

    @Path("{businessObjectName}/{id}")
    @DELETE
    public Response deleteBusinessObject(@PathParam("businessObjectName") BusinessObjectEntry businessObjectEntry, @PathParam("id") String str) {
        if (businessObjectEntry == null) {
            throw new NotFoundException();
        }
        BusinessObjectAdminService businessObjectAdminService = getBusinessObjectDictionaryService().getBusinessObjectAdminService(businessObjectEntry.getBusinessObjectClass());
        if (businessObjectAdminService == null) {
            LOG.error(businessObjectEntry.getName() + "Seems to be missing a BusinessObjectAdminService! This DELETE operation can not be performed without a BusinessObjectAdminService.");
            throw new InternalServerErrorException();
        }
        if (!businessObjectAdminService.allowsDelete(null, null)) {
            LOG.debug("Delete request received for business object: " + businessObjectEntry.getName() + ". According to " + businessObjectAdminService.getClass().getSimpleName() + " this bo doesn't support deletion.");
            throw new NotAllowedException("The requested business object does not support DELETE.", new String[0]);
        }
        try {
            if (businessObjectAdminService.delete(str)) {
                return Response.noContent().build();
            }
            throw new InternalServerErrorException();
        } catch (EntityNotFoundException e) {
            throw new NotFoundException();
        } catch (AuthorizationException e2) {
            throw new ForbiddenException();
        }
    }

    private static boolean acceptTypeIsSupported(List<MediaType> list) {
        Stream stream = Arrays.asList(MediaType.WILDCARD_TYPE, MediaType.APPLICATION_JSON_TYPE, KualiMediaType.LOOKUP_JSON_TYPE, KualiMediaType.TEXT_CSV_TYPE).stream();
        Objects.requireNonNull(list);
        return stream.anyMatch((v1) -> {
            return r1.contains(v1);
        });
    }

    private Pair<Integer, Integer> getSkipAndLimit(MultivaluedMap<String, String> multivaluedMap) {
        String first = multivaluedMap.getFirst("skip");
        int max = Math.max(0, first == null ? 0 : Integer.parseInt(first));
        String first2 = multivaluedMap.getFirst(KFSConstants.Search.LIMIT);
        return Pair.of(Integer.valueOf(max), Integer.valueOf(Math.min(Math.max(1, first2 == null ? 100 : Integer.parseInt(first2)), getMaxResultsLimit())));
    }

    private static SortDefinition getSortDefinition(MultivaluedMap<String, String> multivaluedMap) {
        String first = multivaluedMap.getFirst("sort");
        if (first == null) {
            return null;
        }
        boolean startsWith = first.startsWith("-");
        String substring = startsWith ? first.substring(1) : first;
        SortDefinition sortDefinition = new SortDefinition();
        sortDefinition.setAttributeName(substring);
        sortDefinition.setSortAscending(!startsWith);
        return sortDefinition;
    }

    private boolean isAuthorizedToView(Class cls) {
        return getPermissionService().isAuthorizedByTemplate(getPrincipalId(), "KFS-SYS", KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS, getNamespaceAndComponentSimpleName(cls), Collections.emptyMap());
    }

    private int getMaxResultsLimit() {
        String propertyValueAsString = getConfigurationService().getPropertyValueAsString(KFSConstants.BUSINESS_OBJECT_API_MAX_RESULTS_KEY);
        try {
            return Integer.parseInt(propertyValueAsString);
        } catch (NumberFormatException e) {
            LOG.error("Max limit configuration is an invalid integer. Value: " + propertyValueAsString);
            return 100;
        }
    }

    protected String getPrincipalId() {
        return KRADUtils.getPrincipalIdFromRequest(this.servletRequest);
    }

    private BusinessObjectDictionaryService getBusinessObjectDictionaryService() {
        if (this.businessObjectDictionaryService == null) {
            this.businessObjectDictionaryService = (BusinessObjectDictionaryService) SpringContext.getBean(BusinessObjectDictionaryService.class);
        }
        return this.businessObjectDictionaryService;
    }

    protected void setBusinessObjectDictionaryService(BusinessObjectDictionaryService businessObjectDictionaryService) {
        this.businessObjectDictionaryService = businessObjectDictionaryService;
    }

    private PermissionService getPermissionService() {
        if (this.permissionService == null) {
            this.permissionService = (PermissionService) SpringContext.getBean(PermissionService.class);
        }
        return this.permissionService;
    }

    protected void setPermissionService(PermissionService permissionService) {
        this.permissionService = permissionService;
    }

    private ConfigurationService getConfigurationService() {
        if (this.configurationService == null) {
            this.configurationService = (ConfigurationService) SpringContext.getBean(ConfigurationService.class);
        }
        return this.configurationService;
    }

    protected void setConfigurationService(ConfigurationService configurationService) {
        this.configurationService = configurationService;
    }

    private LookupDictionary getLookupDictionary() {
        if (this.lookupDictionary == null) {
            this.lookupDictionary = (LookupDictionary) SpringContext.getBean(LookupDictionary.class);
        }
        return this.lookupDictionary;
    }

    UserSession getUserSessionFromRequest(HttpServletRequest httpServletRequest) {
        return KRADUtils.getUserSessionFromRequest(httpServletRequest);
    }

    Map getNamespaceAndComponentSimpleName(Class cls) {
        return KRADUtils.getNamespaceAndComponentSimpleName(cls);
    }
}
