package org.molgenis.data.rest;

import com.google.common.base.Function;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import cz.jirutka.rsql.parser.RSQLParserException;
import java.io.IOException;
import java.sql.Date;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.persistence.jpa.jpql.parser.Expression;
import org.molgenis.MolgenisFieldTypes;
import org.molgenis.auth.MolgenisUser;
import org.molgenis.data.AttributeMetaData;
import org.molgenis.data.DataService;
import org.molgenis.data.Entity;
import org.molgenis.data.EntityCollection;
import org.molgenis.data.EntityMetaData;
import org.molgenis.data.MolgenisDataAccessException;
import org.molgenis.data.MolgenisDataException;
import org.molgenis.data.MolgenisReferencedEntityException;
import org.molgenis.data.Query;
import org.molgenis.data.Repository;
import org.molgenis.data.Sort;
import org.molgenis.data.UnknownAttributeException;
import org.molgenis.data.UnknownEntityException;
import org.molgenis.data.i18n.LanguageService;
import org.molgenis.data.rest.SortV1;
import org.molgenis.data.rest.service.RestService;
import org.molgenis.data.rsql.MolgenisRSQL;
import org.molgenis.data.support.DefaultEntityCollection;
import org.molgenis.data.support.QueryImpl;
import org.molgenis.data.validation.ConstraintViolation;
import org.molgenis.data.validation.MolgenisValidationException;
import org.molgenis.model.elements.Field;
import org.molgenis.security.core.MolgenisPermissionService;
import org.molgenis.security.core.runas.RunAsSystem;
import org.molgenis.security.core.token.TokenService;
import org.molgenis.security.core.token.UnknownTokenException;
import org.molgenis.security.token.TokenExtractor;
import org.molgenis.util.ErrorMessageResponse;
import org.molgenis.util.ResourceFingerprintRegistry;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.convert.ConversionException;
import org.springframework.core.convert.ConversionFailedException;
import org.springframework.http.HttpStatus;
import org.springframework.http.converter.HttpMessageNotReadableException;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.multipart.MultipartHttpServletRequest;
import uk.ac.ebi.mydas.writeback.MyDasParser;

@RequestMapping({RestController.BASE_URI})
@Controller
/* loaded from: input_file:WEB-INF/lib/molgenis-data-rest-1.15.1-SNAPSHOT.jar:org/molgenis/data/rest/RestController.class */
public class RestController {
    public static final String BASE_URI = "/api/v1";
    private final DataService dataService;
    private final TokenService tokenService;
    private final AuthenticationManager authenticationManager;
    private final MolgenisPermissionService molgenisPermissionService;
    private final MolgenisRSQL molgenisRSQL;
    private final RestService restService;
    private final LanguageService languageService;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) RestController.class);
    private static final Pattern PATTERN_EXPANDS = Pattern.compile("([^\\[^\\]]+)(?:\\[(.+)\\])?");

    @Autowired
    public RestController(DataService dataService, TokenService tokenService, AuthenticationManager authenticationManager, MolgenisPermissionService molgenisPermissionService, ResourceFingerprintRegistry resourceFingerprintRegistry, MolgenisRSQL molgenisRSQL, RestService restService, LanguageService languageService) {
        this.dataService = (DataService) Objects.requireNonNull(dataService);
        this.tokenService = (TokenService) Objects.requireNonNull(tokenService);
        this.authenticationManager = (AuthenticationManager) Objects.requireNonNull(authenticationManager);
        this.molgenisPermissionService = (MolgenisPermissionService) Objects.requireNonNull(molgenisPermissionService);
        this.molgenisRSQL = (MolgenisRSQL) Objects.requireNonNull(molgenisRSQL);
        this.restService = (RestService) Objects.requireNonNull(restService);
        this.languageService = (LanguageService) Objects.requireNonNull(languageService);
    }

    @RequestMapping(value = {"/{entityName}/exist"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @ResponseBody
    public boolean entityExists(@PathVariable("entityName") String str) {
        try {
            this.dataService.getRepository(str);
            return true;
        } catch (UnknownEntityException e) {
            return false;
        }
    }

    @RequestMapping(value = {"/{entityName}/meta"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @ResponseBody
    public EntityMetaDataResponse retrieveEntityMeta(@PathVariable("entityName") String str, @RequestParam(value = "attributes", required = false) String[] strArr, @RequestParam(value = "expand", required = false) String[] strArr2) {
        return new EntityMetaDataResponse(this.dataService.getEntityMetaData(str), toAttributeSet(strArr), toExpandMap(strArr2), this.molgenisPermissionService, this.dataService, this.languageService);
    }

    @RequestMapping(value = {"/{entityName}/meta"}, method = {RequestMethod.POST}, params = {"_method=GET"}, produces = {"application/json"})
    @ResponseBody
    public EntityMetaDataResponse retrieveEntityMetaPost(@PathVariable("entityName") String str, @Valid @RequestBody EntityMetaRequest entityMetaRequest) {
        return new EntityMetaDataResponse(this.dataService.getEntityMetaData(str), toAttributeSet(entityMetaRequest != null ? entityMetaRequest.getAttributes() : null), toExpandMap(entityMetaRequest != null ? entityMetaRequest.getExpand() : null), this.molgenisPermissionService, this.dataService, this.languageService);
    }

    @RequestMapping(value = {"/{entityName}/meta/{attributeName}"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @ResponseBody
    public AttributeMetaDataResponse retrieveEntityAttributeMeta(@PathVariable("entityName") String str, @PathVariable("attributeName") String str2, @RequestParam(value = "attributes", required = false) String[] strArr, @RequestParam(value = "expand", required = false) String[] strArr2) {
        return getAttributeMetaDataPostInternal(str, str2, toAttributeSet(strArr), toExpandMap(strArr2));
    }

    @RequestMapping(value = {"/{entityName}/meta/{attributeName}"}, method = {RequestMethod.POST}, params = {"_method=GET"}, produces = {"application/json"})
    @ResponseBody
    public AttributeMetaDataResponse retrieveEntityAttributeMetaPost(@PathVariable("entityName") String str, @PathVariable("attributeName") String str2, @Valid @RequestBody EntityMetaRequest entityMetaRequest) {
        return getAttributeMetaDataPostInternal(str, str2, toAttributeSet(entityMetaRequest != null ? entityMetaRequest.getAttributes() : null), toExpandMap(entityMetaRequest != null ? entityMetaRequest.getExpand() : null));
    }

    @RequestMapping(value = {"/{entityName}/{id:.+}"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @ResponseBody
    public Map<String, Object> retrieveEntity(@PathVariable("entityName") String str, @PathVariable("id") Object obj, @RequestParam(value = "attributes", required = false) String[] strArr, @RequestParam(value = "expand", required = false) String[] strArr2) {
        Set<String> attributeSet = toAttributeSet(strArr);
        Map<String, Set<String>> expandMap = toExpandMap(strArr2);
        EntityMetaData entityMetaData = this.dataService.getEntityMetaData(str);
        Entity findOne = this.dataService.findOne(str, obj);
        if (findOne == null) {
            throw new UnknownEntityException(str + " " + obj + " not found");
        }
        return getEntityAsMap(findOne, entityMetaData, attributeSet, expandMap);
    }

    @RequestMapping(value = {"/{entityName}/{id:.+}"}, method = {RequestMethod.POST}, params = {"_method=GET"}, produces = {"application/json"})
    @ResponseBody
    public Map<String, Object> retrieveEntity(@PathVariable("entityName") String str, @PathVariable("id") Object obj, @Valid @RequestBody EntityMetaRequest entityMetaRequest) {
        Set<String> attributeSet = toAttributeSet(entityMetaRequest != null ? entityMetaRequest.getAttributes() : null);
        Map<String, Set<String>> expandMap = toExpandMap(entityMetaRequest != null ? entityMetaRequest.getExpand() : null);
        EntityMetaData entityMetaData = this.dataService.getEntityMetaData(str);
        Entity findOne = this.dataService.findOne(str, obj);
        if (findOne == null) {
            throw new UnknownEntityException(str + " " + obj + " not found");
        }
        return getEntityAsMap(findOne, entityMetaData, attributeSet, expandMap);
    }

    @RequestMapping(value = {"/{entityName}/{id}/{refAttributeName}"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @ResponseBody
    public Object retrieveEntityAttribute(@PathVariable("entityName") String str, @PathVariable("id") Object obj, @PathVariable("refAttributeName") String str2, @Valid EntityCollectionRequest entityCollectionRequest, @RequestParam(value = "attributes", required = false) String[] strArr, @RequestParam(value = "expand", required = false) String[] strArr2) {
        return retrieveEntityAttributeInternal(str, obj, str2, entityCollectionRequest, toAttributeSet(strArr), toExpandMap(strArr2));
    }

    @RequestMapping(value = {"/{entityName}/{id}/{refAttributeName}"}, method = {RequestMethod.POST}, params = {"_method=GET"}, produces = {"application/json"})
    @ResponseBody
    public Object retrieveEntityAttributePost(@PathVariable("entityName") String str, @PathVariable("id") Object obj, @PathVariable("refAttributeName") String str2, @Valid @RequestBody EntityCollectionRequest entityCollectionRequest) {
        return retrieveEntityAttributeInternal(str, obj, str2, entityCollectionRequest, toAttributeSet(entityCollectionRequest != null ? entityCollectionRequest.getAttributes() : null), toExpandMap(entityCollectionRequest != null ? entityCollectionRequest.getExpand() : null));
    }

    @RequestMapping(value = {"/{entityName}"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @ResponseBody
    public EntityCollectionResponse retrieveEntityCollection(@PathVariable("entityName") String str, @Valid EntityCollectionRequest entityCollectionRequest, @RequestParam(value = "attributes", required = false) String[] strArr, @RequestParam(value = "expand", required = false) String[] strArr2) {
        return retrieveEntityCollectionInternal(str, entityCollectionRequest, toAttributeSet(strArr), toExpandMap(strArr2));
    }

    @RequestMapping(value = {"/{entityName}"}, method = {RequestMethod.POST}, params = {"_method=GET"}, produces = {"application/json"})
    @ResponseBody
    public EntityCollectionResponse retrieveEntityCollectionPost(@PathVariable("entityName") String str, @Valid @RequestBody EntityCollectionRequest entityCollectionRequest) {
        return retrieveEntityCollectionInternal(str, entityCollectionRequest != null ? entityCollectionRequest : new EntityCollectionRequest(), toAttributeSet(entityCollectionRequest != null ? entityCollectionRequest.getAttributes() : null), toExpandMap(entityCollectionRequest != null ? entityCollectionRequest.getExpand() : null));
    }

    @RequestMapping(value = {"/csv/{entityName}"}, method = {RequestMethod.GET}, produces = {"text/csv"})
    @ResponseBody
    public EntityCollection retrieveEntityCollection(@PathVariable("entityName") String str, @RequestParam(value = "attributes", required = false) String[] strArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Set<String> attributeSet = toAttributeSet(strArr);
        try {
            try {
                EntityMetaData entityMetaData = this.dataService.getEntityMetaData(str);
                Query parseQueryString = new QueryStringParser(entityMetaData, this.molgenisRSQL).parseQueryString(httpServletRequest.getParameterMap());
                String[] strArr2 = (String[]) httpServletRequest.getParameterMap().get("sortColumn");
                if (strArr2 != null && strArr2.length == 1 && StringUtils.isNotEmpty(strArr2[0])) {
                    String str2 = strArr2[0];
                    String[] strArr3 = (String[]) httpServletRequest.getParameterMap().get("sortOrder");
                    Sort.Direction direction = Sort.Direction.ASC;
                    if (strArr3 != null && strArr3.length == 1 && StringUtils.isNotEmpty(strArr3[0])) {
                        String str3 = strArr3[0];
                        if (str3.equals(Expression.ASC)) {
                            direction = Sort.Direction.ASC;
                        } else {
                            if (!str3.equals(Expression.DESC)) {
                                throw new RuntimeException("unknown sort order");
                            }
                            direction = Sort.Direction.DESC;
                        }
                    }
                    parseQueryString.sort().on(str2, direction);
                }
                if (parseQueryString.getPageSize() == 0) {
                    parseQueryString.pageSize(100);
                }
                if (parseQueryString.getPageSize() > 10000) {
                    httpServletResponse.sendError(400, "Num exceeded the maximum of 10000 rows");
                    return null;
                }
                Iterable<Entity> findAll = this.dataService.findAll(str, parseQueryString);
                Iterable transform = Iterables.transform(entityMetaData.getAtomicAttributes(), attributeMetaData -> {
                    return attributeMetaData.getName().toLowerCase();
                });
                if (attributeSet != null) {
                    Sets.SetView difference = Sets.difference(attributeSet, Sets.newHashSet(transform));
                    if (!difference.isEmpty()) {
                        httpServletResponse.sendError(400, "Unknown attributes " + difference);
                        return null;
                    }
                }
                Iterable transform2 = Iterables.transform(entityMetaData.getAtomicAttributes(), (v0) -> {
                    return v0.getName();
                });
                if (attributeSet != null) {
                    transform2 = Iterables.filter(transform2, str4 -> {
                        return attributeSet.contains(str4.toLowerCase());
                    });
                }
                return new DefaultEntityCollection(findAll, transform2);
            } catch (MolgenisDataAccessException e) {
                httpServletResponse.sendError(401);
                return null;
            }
        } catch (RSQLParserException | IllegalArgumentException | UnsupportedOperationException | UnknownAttributeException | UnknownEntityException | ConversionFailedException e2) {
            httpServletResponse.sendError(400, e2.getMessage());
            return null;
        }
    }

    @RequestMapping(value = {"/{entityName}"}, method = {RequestMethod.POST}, headers = {"Content-Type=application/x-www-form-urlencoded"})
    public void createFromFormPost(@PathVariable("entityName") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Map<String, Object> hashMap = new HashMap<>();
        for (String str2 : httpServletRequest.getParameterMap().keySet()) {
            String[] parameterValues = httpServletRequest.getParameterValues(str2);
            String join = parameterValues != null ? StringUtils.join((Object[]) parameterValues, ',') : null;
            if (StringUtils.isNotBlank(join)) {
                hashMap.put(str2, join);
            }
        }
        createInternal(str, hashMap, httpServletResponse);
    }

    @RequestMapping(value = {"/{entityName}"}, method = {RequestMethod.POST}, headers = {"Content-Type=multipart/form-data"})
    public void createFromFormPostMultiPart(@PathVariable("entityName") String str, MultipartHttpServletRequest multipartHttpServletRequest, HttpServletResponse httpServletResponse) {
        Map<String, Object> hashMap = new HashMap<>();
        for (String str2 : multipartHttpServletRequest.getParameterMap().keySet()) {
            String[] parameterValues = multipartHttpServletRequest.getParameterValues(str2);
            String join = parameterValues != null ? StringUtils.join((Object[]) parameterValues, ',') : null;
            if (StringUtils.isNotBlank(join)) {
                hashMap.put(str2, join);
            }
        }
        for (Map.Entry<String, MultipartFile> entry : multipartHttpServletRequest.getMultiFileMap().entrySet()) {
            String key = entry.getKey();
            List list = (List) entry.getValue();
            if (list != null && list.size() > 1) {
                throw new IllegalArgumentException("Multiple file input not supported");
            }
            hashMap.put(key, (list == null || list.isEmpty()) ? null : list.get(0));
        }
        createInternal(str, hashMap, httpServletResponse);
    }

    @RequestMapping(value = {"/{entityName}"}, method = {RequestMethod.POST})
    public void create(@PathVariable("entityName") String str, @RequestBody Map<String, Object> map, HttpServletResponse httpServletResponse) {
        if (map == null) {
            throw new UnknownEntityException("Missing entity in body");
        }
        createInternal(str, map, httpServletResponse);
    }

    @RequestMapping(value = {"/{entityName}/{id}"}, method = {RequestMethod.PUT})
    @ResponseStatus(HttpStatus.OK)
    public void update(@PathVariable("entityName") String str, @PathVariable("id") Object obj, @RequestBody Map<String, Object> map) {
        updateInternal(str, obj, map);
    }

    @RequestMapping(value = {"/{entityName}/{id}"}, method = {RequestMethod.POST}, params = {"_method=PUT"})
    @ResponseStatus(HttpStatus.OK)
    public void updatePost(@PathVariable("entityName") String str, @PathVariable("id") Object obj, @RequestBody Map<String, Object> map) {
        updateInternal(str, obj, map);
    }

    @RequestMapping(value = {"/{entityName}/{id}/{attributeName}"}, method = {RequestMethod.PUT})
    @ResponseStatus(HttpStatus.OK)
    public void updateAttributePUT(@PathVariable("entityName") String str, @PathVariable("attributeName") String str2, @PathVariable("id") Object obj, @RequestBody Object obj2) {
        updateAttribute(str, str2, obj, obj2);
    }

    @RequestMapping(value = {"/{entityName}/{id}/{attributeName}"}, method = {RequestMethod.POST}, params = {"_method=PUT"})
    @ResponseStatus(HttpStatus.OK)
    public synchronized void updateAttribute(@PathVariable("entityName") String str, @PathVariable("attributeName") String str2, @PathVariable("id") Object obj, @RequestBody Object obj2) {
        Entity findOne = this.dataService.findOne(str, obj);
        if (findOne == null) {
            throw new UnknownEntityException("Entity of type " + str + " with id " + obj + " not found");
        }
        AttributeMetaData attribute = this.dataService.getEntityMetaData(str).getAttribute(str2);
        if (attribute == null) {
            throw new UnknownAttributeException("Attribute '" + str2 + "' of entity '" + str + "' does not exist");
        }
        if (attribute.isReadonly()) {
            throw new MolgenisDataAccessException("Attribute '" + str2 + "' of entity '" + str + "' is readonly");
        }
        findOne.set(str2, this.restService.toEntityValue(attribute, obj2));
        this.dataService.update(str, findOne);
    }

    @RequestMapping(value = {"/{entityName}/{id}"}, method = {RequestMethod.POST}, params = {"_method=PUT"}, headers = {"Content-Type=multipart/form-data"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void updateFromFormPostMultiPart(@PathVariable("entityName") String str, @PathVariable("id") Object obj, MultipartHttpServletRequest multipartHttpServletRequest) {
        Object convert = this.dataService.getRepository(str).getEntityMetaData().getIdAttribute().getDataType().convert(obj);
        HashMap hashMap = new HashMap();
        for (String str2 : multipartHttpServletRequest.getParameterMap().keySet()) {
            String[] parameterValues = multipartHttpServletRequest.getParameterValues(str2);
            hashMap.put(str2, parameterValues != null ? StringUtils.join((Object[]) parameterValues, ',') : null);
        }
        for (Map.Entry<String, MultipartFile> entry : multipartHttpServletRequest.getMultiFileMap().entrySet()) {
            String key = entry.getKey();
            List list = (List) entry.getValue();
            if (list != null && list.size() > 1) {
                throw new IllegalArgumentException("Multiple file input not supported");
            }
            hashMap.put(key, (list == null || list.isEmpty()) ? null : list.get(0));
        }
        updateInternal(str, convert, hashMap);
    }

    @RequestMapping(value = {"/{entityName}/{id}"}, method = {RequestMethod.POST}, params = {"_method=PUT"}, headers = {"Content-Type=application/x-www-form-urlencoded"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void updateFromFormPost(@PathVariable("entityName") String str, @PathVariable("id") Object obj, HttpServletRequest httpServletRequest) {
        Object convert = this.dataService.getRepository(str).getEntityMetaData().getIdAttribute().getDataType().convert(obj);
        HashMap hashMap = new HashMap();
        for (String str2 : httpServletRequest.getParameterMap().keySet()) {
            String[] parameterValues = httpServletRequest.getParameterValues(str2);
            hashMap.put(str2, parameterValues != null ? StringUtils.join((Object[]) parameterValues, ',') : null);
        }
        updateInternal(str, convert, hashMap);
    }

    @RequestMapping(value = {"/{entityName}/{id}"}, method = {RequestMethod.DELETE})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void delete(@PathVariable("entityName") String str, @PathVariable Object obj) {
        this.dataService.delete(str, this.dataService.getRepository(str).getEntityMetaData().getIdAttribute().getDataType().convert(obj));
    }

    @RequestMapping(value = {"/{entityName}/{id}"}, method = {RequestMethod.POST}, params = {"_method=DELETE"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void deletePost(@PathVariable("entityName") String str, @PathVariable Object obj) {
        delete(str, obj);
    }

    @RequestMapping(value = {"/{entityName}"}, method = {RequestMethod.DELETE})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void deleteAll(@PathVariable("entityName") String str) {
        this.dataService.deleteAll(str);
    }

    @RequestMapping(value = {"/{entityName}"}, method = {RequestMethod.POST}, params = {"_method=DELETE"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void deleteAllPost(@PathVariable("entityName") String str) {
        this.dataService.deleteAll(str);
    }

    @RequestMapping(value = {"/{entityName}/meta"}, method = {RequestMethod.DELETE})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void deleteMeta(@PathVariable("entityName") String str) {
        deleteMetaInternal(str);
    }

    @RequestMapping(value = {"/{entityName}/meta"}, method = {RequestMethod.POST}, params = {"_method=DELETE"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void deleteMetaPost(@PathVariable("entityName") String str) {
        deleteMetaInternal(str);
    }

    private void deleteMetaInternal(String str) {
        this.dataService.getMeta().deleteEntityMeta(str);
    }

    @RequestMapping(value = {DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL}, method = {RequestMethod.POST}, produces = {"application/json"})
    @RunAsSystem
    @ResponseBody
    public LoginResponse login(@Valid @RequestBody LoginRequest loginRequest, HttpServletRequest httpServletRequest) {
        if (loginRequest == null) {
            throw new HttpMessageNotReadableException("Missing login");
        }
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword());
        usernamePasswordAuthenticationToken.setDetails(new WebAuthenticationDetails(httpServletRequest));
        Authentication authenticate = this.authenticationManager.authenticate(usernamePasswordAuthenticationToken);
        if (!authenticate.isAuthenticated()) {
            throw new BadCredentialsException("Unknown username or password");
        }
        MolgenisUser molgenisUser = (MolgenisUser) this.dataService.findOne(MolgenisUser.ENTITY_NAME, new QueryImpl().eq("username", authenticate.getName()), MolgenisUser.class);
        SecurityContextHolder.getContext().setAuthentication(authenticate);
        return new LoginResponse(this.tokenService.generateAndStoreToken(authenticate.getName(), "Rest api login"), molgenisUser.getUsername(), molgenisUser.getFirstName(), molgenisUser.getLastName());
    }

    @RequestMapping({"/logout"})
    @ResponseStatus(HttpStatus.OK)
    public void logout(HttpServletRequest httpServletRequest) {
        String token = TokenExtractor.getToken(httpServletRequest);
        if (token == null) {
            throw new HttpMessageNotReadableException("Missing token in header");
        }
        this.tokenService.removeToken(token);
        SecurityContextHolder.getContext().setAuthentication(null);
        if (httpServletRequest.getSession(false) != null) {
            httpServletRequest.getSession().invalidate();
        }
    }

    @ExceptionHandler({HttpMessageNotReadableException.class})
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    @ResponseBody
    public ErrorMessageResponse handleHttpMessageNotReadableException(HttpMessageNotReadableException httpMessageNotReadableException) {
        LOG.error("", (Throwable) httpMessageNotReadableException);
        return new ErrorMessageResponse(new ErrorMessageResponse.ErrorMessage(httpMessageNotReadableException.getMessage()));
    }

    @ExceptionHandler({UnknownTokenException.class})
    @ResponseStatus(HttpStatus.NOT_FOUND)
    @ResponseBody
    public ErrorMessageResponse handleUnknownTokenException(UnknownTokenException unknownTokenException) {
        LOG.debug("", (Throwable) unknownTokenException);
        return new ErrorMessageResponse(new ErrorMessageResponse.ErrorMessage(unknownTokenException.getMessage()));
    }

    @ExceptionHandler({UnknownEntityException.class})
    @ResponseStatus(HttpStatus.NOT_FOUND)
    @ResponseBody
    public ErrorMessageResponse handleUnknownEntityException(UnknownEntityException unknownEntityException) {
        LOG.debug("", (Throwable) unknownEntityException);
        return new ErrorMessageResponse(new ErrorMessageResponse.ErrorMessage(unknownEntityException.getMessage()));
    }

    @ExceptionHandler({UnknownAttributeException.class})
    @ResponseStatus(HttpStatus.NOT_FOUND)
    @ResponseBody
    public ErrorMessageResponse handleUnknownAttributeException(UnknownAttributeException unknownAttributeException) {
        LOG.debug("", (Throwable) unknownAttributeException);
        return new ErrorMessageResponse(new ErrorMessageResponse.ErrorMessage(unknownAttributeException.getMessage()));
    }

    @ExceptionHandler({MolgenisValidationException.class})
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    @ResponseBody
    public ErrorMessageResponse handleMolgenisValidationException(MolgenisValidationException molgenisValidationException) {
        LOG.info("", (Throwable) molgenisValidationException);
        ArrayList newArrayList = Lists.newArrayList();
        Iterator<ConstraintViolation> it = molgenisValidationException.getViolations().iterator();
        while (it.hasNext()) {
            newArrayList.add(new ErrorMessageResponse.ErrorMessage(it.next().getMessage()));
        }
        return new ErrorMessageResponse(newArrayList);
    }

    @ExceptionHandler({ConversionException.class})
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    @ResponseBody
    public ErrorMessageResponse handleConversionException(ConversionException conversionException) {
        LOG.info("", (Throwable) conversionException);
        return new ErrorMessageResponse(new ErrorMessageResponse.ErrorMessage(conversionException.getMessage()));
    }

    @ExceptionHandler({MolgenisDataException.class})
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    @ResponseBody
    public ErrorMessageResponse handleMolgenisDataException(MolgenisDataException molgenisDataException) {
        LOG.error("", (Throwable) molgenisDataException);
        return new ErrorMessageResponse(new ErrorMessageResponse.ErrorMessage(molgenisDataException.getMessage()));
    }

    @ExceptionHandler({AuthenticationException.class})
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    @ResponseBody
    public ErrorMessageResponse handleAuthenticationException(AuthenticationException authenticationException) {
        LOG.info("", (Throwable) authenticationException);
        return new ErrorMessageResponse(new ErrorMessageResponse.ErrorMessage(authenticationException.getMessage()));
    }

    @ExceptionHandler({MolgenisDataAccessException.class})
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    @ResponseBody
    public ErrorMessageResponse handleMolgenisDataAccessException(MolgenisDataAccessException molgenisDataAccessException) {
        LOG.info("", (Throwable) molgenisDataAccessException);
        return new ErrorMessageResponse(new ErrorMessageResponse.ErrorMessage(molgenisDataAccessException.getMessage()));
    }

    @ExceptionHandler({RuntimeException.class})
    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
    @ResponseBody
    public ErrorMessageResponse handleRuntimeException(RuntimeException runtimeException) {
        LOG.error("", (Throwable) runtimeException);
        return new ErrorMessageResponse(new ErrorMessageResponse.ErrorMessage(runtimeException.getMessage()));
    }

    @ExceptionHandler({MolgenisReferencedEntityException.class})
    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
    @ResponseBody
    public ErrorMessageResponse handleMolgenisReferencingEntityException(MolgenisReferencedEntityException molgenisReferencedEntityException) {
        LOG.error("", (Throwable) molgenisReferencedEntityException);
        return new ErrorMessageResponse(new ErrorMessageResponse.ErrorMessage(molgenisReferencedEntityException.getMessage()));
    }

    private void updateInternal(String str, Object obj, Map<String, Object> map) {
        EntityMetaData entityMetaData = this.dataService.getEntityMetaData(str);
        if (entityMetaData.getIdAttribute() == null) {
            throw new IllegalArgumentException(str + " does not have an id attribute");
        }
        Entity findOne = this.dataService.findOne(str, obj);
        if (findOne == null) {
            throw new UnknownEntityException("Entity of type " + str + " with id " + obj + " not found");
        }
        Entity entity = this.restService.toEntity(entityMetaData, map);
        entity.set(entityMetaData.getIdAttribute().getName(), findOne.getIdValue());
        this.dataService.update(str, entity);
    }

    private void createInternal(String str, Map<String, Object> map, HttpServletResponse httpServletResponse) {
        Entity entity = this.restService.toEntity(this.dataService.getEntityMetaData(str), map);
        this.dataService.add(str, entity);
        Object idValue = entity.getIdValue();
        if (idValue != null) {
            httpServletResponse.addHeader("Location", Href.concatEntityHref(BASE_URI, str, idValue));
        }
        httpServletResponse.setStatus(201);
    }

    private AttributeMetaDataResponse getAttributeMetaDataPostInternal(String str, String str2, Set<String> set, Map<String, Set<String>> map) {
        AttributeMetaData attribute = this.dataService.getEntityMetaData(str).getAttribute(str2);
        if (attribute != null) {
            return new AttributeMetaDataResponse(str, attribute, set, map, this.molgenisPermissionService, this.dataService, this.languageService);
        }
        throw new UnknownAttributeException(str2);
    }

    private Object retrieveEntityAttributeInternal(String str, Object obj, String str2, EntityCollectionRequest entityCollectionRequest, Set<String> set, Map<String, Set<String>> map) {
        EntityMetaData entityMetaData = this.dataService.getEntityMetaData(str);
        AttributeMetaData attribute = entityMetaData.getAttribute(str2);
        if (attribute == null) {
            throw new UnknownAttributeException(str + " does not have an attribute named " + str2);
        }
        Entity findOne = this.dataService.findOne(str, obj);
        if (findOne == null) {
            throw new UnknownEntityException(str + " " + obj + " not found");
        }
        String concatAttributeHref = Href.concatAttributeHref(BASE_URI, entityMetaData.getName(), findOne.getIdValue(), str2);
        switch (attribute.getDataType().getEnumType()) {
            case COMPOUND:
                LinkedHashMap linkedHashMap = new LinkedHashMap();
                linkedHashMap.put(MyDasParser.ATT_href, concatAttributeHref);
                Iterator it = ((Iterable) findOne.get(str2)).iterator();
                while (it.hasNext()) {
                    String name = ((AttributeMetaData) it.next()).getName();
                    linkedHashMap.put(name, findOne.get(name));
                }
                return linkedHashMap;
            case CATEGORICAL_MREF:
            case MREF:
                ArrayList arrayList = new ArrayList();
                Iterator<Entity> it2 = findOne.getEntities(attribute.getName()).iterator();
                while (it2.hasNext()) {
                    arrayList.add(it2.next());
                }
                int size = arrayList.size();
                int start = entityCollectionRequest.getStart() + entityCollectionRequest.getNum();
                List subList = arrayList.subList(entityCollectionRequest.getStart(), start > size ? size : start);
                ArrayList arrayList2 = new ArrayList();
                Iterator it3 = subList.iterator();
                while (it3.hasNext()) {
                    arrayList2.add(getEntityAsMap((Entity) it3.next(), attribute.getRefEntity(), set, map));
                }
                return new EntityCollectionResponse(new EntityPager(entityCollectionRequest.getStart(), entityCollectionRequest.getNum(), Long.valueOf(size), subList), arrayList2, concatAttributeHref, null, this.molgenisPermissionService, this.dataService, this.languageService);
            case CATEGORICAL:
            case XREF:
                Map<String, Object> entityAsMap = getEntityAsMap((Entity) findOne.get(str2), attribute.getRefEntity(), set, map);
                entityAsMap.put(MyDasParser.ATT_href, concatAttributeHref);
                return entityAsMap;
            default:
                LinkedHashMap linkedHashMap2 = new LinkedHashMap();
                linkedHashMap2.put(MyDasParser.ATT_href, concatAttributeHref);
                linkedHashMap2.put(str2, findOne.get(str2));
                return linkedHashMap2;
        }
    }

    private EntityCollectionResponse retrieveEntityCollectionInternal(String str, EntityCollectionRequest entityCollectionRequest, Set<String> set, Map<String, Set<String>> map) {
        Sort sort;
        EntityMetaData entityMetaData = this.dataService.getEntityMetaData(str);
        Repository repository = this.dataService.getRepository(str);
        SortV1 sort2 = entityCollectionRequest.getSort();
        if (sort2 != null) {
            sort = new Sort();
            Iterator<SortV1.OrderV1> it = sort2.iterator();
            while (it.hasNext()) {
                SortV1.OrderV1 next = it.next();
                sort.on(next.getProperty(), next.getDirection() == SortV1.DirectionV1.ASC ? Sort.Direction.ASC : Sort.Direction.DESC);
            }
        } else {
            sort = null;
        }
        Query sort3 = new QueryImpl(entityCollectionRequest.getQ() == null ? Collections.emptyList() : entityCollectionRequest.getQ()).pageSize(entityCollectionRequest.getNum()).offset(entityCollectionRequest.getStart()).sort(sort);
        Iterable<Entity> findAll = this.dataService.findAll(str, sort3);
        EntityPager entityPager = new EntityPager(entityCollectionRequest.getStart(), entityCollectionRequest.getNum(), Long.valueOf(repository.count(sort3)), findAll);
        ArrayList arrayList = new ArrayList();
        Iterator<Entity> it2 = findAll.iterator();
        while (it2.hasNext()) {
            arrayList.add(getEntityAsMap(it2.next(), entityMetaData, set, map));
        }
        return new EntityCollectionResponse(entityPager, arrayList, "/api/v1/" + str, entityMetaData, this.molgenisPermissionService, this.dataService, this.languageService);
    }

    private Map<String, Object> getEntityAsMap(Entity entity, EntityMetaData entityMetaData, Set<String> set, Map<String, Set<String>> map) {
        if (null == entity) {
            throw new IllegalArgumentException("entity is null");
        }
        if (null == entityMetaData) {
            throw new IllegalArgumentException("meta is null");
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put(MyDasParser.ATT_href, Href.concatEntityHref(BASE_URI, entityMetaData.getName(), entity.getIdValue()));
        for (AttributeMetaData attributeMetaData : entityMetaData.getAtomicAttributes()) {
            if (set == null || set.contains(attributeMetaData.getName().toLowerCase())) {
                if (!attributeMetaData.getName().equals(Field.TYPE_FIELD)) {
                    String name = attributeMetaData.getName();
                    MolgenisFieldTypes.FieldTypeEnum enumType = attributeMetaData.getDataType().getEnumType();
                    if (enumType == MolgenisFieldTypes.FieldTypeEnum.COMPOUND) {
                        if (map == null || !map.containsKey(name.toLowerCase())) {
                            linkedHashMap.put(name, Collections.singletonMap(MyDasParser.ATT_href, Href.concatAttributeHref(BASE_URI, entityMetaData.getName(), entity.getIdValue(), name)));
                        } else {
                            linkedHashMap.put(name, new AttributeMetaDataResponse(entityMetaData.getName(), attributeMetaData, map.get(name.toLowerCase()), null, this.molgenisPermissionService, this.dataService, this.languageService));
                        }
                    } else if (enumType == MolgenisFieldTypes.FieldTypeEnum.DATE) {
                        Date date = entity.getDate(name);
                        linkedHashMap.put(name, date != null ? new SimpleDateFormat("yyyy-MM-dd").format((java.util.Date) date) : null);
                    } else if (enumType == MolgenisFieldTypes.FieldTypeEnum.DATE_TIME) {
                        Date date2 = entity.getDate(name);
                        linkedHashMap.put(name, date2 != null ? new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ").format((java.util.Date) date2) : null);
                    } else if (enumType != MolgenisFieldTypes.FieldTypeEnum.XREF && enumType != MolgenisFieldTypes.FieldTypeEnum.CATEGORICAL && enumType != MolgenisFieldTypes.FieldTypeEnum.MREF && enumType != MolgenisFieldTypes.FieldTypeEnum.CATEGORICAL_MREF && enumType != MolgenisFieldTypes.FieldTypeEnum.FILE) {
                        linkedHashMap.put(name, entity.get(attributeMetaData.getName()));
                    } else if ((enumType == MolgenisFieldTypes.FieldTypeEnum.XREF || enumType == MolgenisFieldTypes.FieldTypeEnum.CATEGORICAL || enumType == MolgenisFieldTypes.FieldTypeEnum.FILE) && map != null && map.containsKey(name.toLowerCase())) {
                        Entity entity2 = entity.getEntity(attributeMetaData.getName());
                        if (entity2 != null) {
                            linkedHashMap.put(name, getEntityAsMap(entity2, this.dataService.getEntityMetaData(attributeMetaData.getRefEntity().getName()), map.get(name.toLowerCase()), null));
                        }
                    } else if ((enumType == MolgenisFieldTypes.FieldTypeEnum.MREF || enumType == MolgenisFieldTypes.FieldTypeEnum.CATEGORICAL_MREF) && map != null && map.containsKey(name.toLowerCase())) {
                        EntityMetaData entityMetaData2 = this.dataService.getEntityMetaData(attributeMetaData.getRefEntity().getName());
                        Iterable<Entity> entities = entity.getEntities(attributeMetaData.getName());
                        Set<String> set2 = map.get(name.toLowerCase());
                        ArrayList arrayList = new ArrayList();
                        Iterator<Entity> it = entities.iterator();
                        while (it.hasNext()) {
                            arrayList.add(getEntityAsMap(it.next(), entityMetaData2, set2, null));
                        }
                        linkedHashMap.put(name, new EntityCollectionResponse(new EntityPager(0, new EntityCollectionRequest().getNum(), Long.valueOf(arrayList.size()), entities), arrayList, Href.concatAttributeHref(BASE_URI, entityMetaData.getName(), entity.getIdValue(), name), null, this.molgenisPermissionService, this.dataService, this.languageService));
                    } else if ((enumType == MolgenisFieldTypes.FieldTypeEnum.XREF && entity.get(attributeMetaData.getName()) != null) || ((enumType == MolgenisFieldTypes.FieldTypeEnum.CATEGORICAL && entity.get(attributeMetaData.getName()) != null) || ((enumType == MolgenisFieldTypes.FieldTypeEnum.FILE && entity.get(attributeMetaData.getName()) != null) || enumType == MolgenisFieldTypes.FieldTypeEnum.MREF || enumType == MolgenisFieldTypes.FieldTypeEnum.CATEGORICAL_MREF))) {
                        LinkedHashMap linkedHashMap2 = new LinkedHashMap();
                        linkedHashMap2.put(MyDasParser.ATT_href, Href.concatAttributeHref(BASE_URI, entityMetaData.getName(), entity.getIdValue(), name));
                        linkedHashMap.put(name, linkedHashMap2);
                    }
                }
            }
        }
        return linkedHashMap;
    }

    private Set<String> toAttributeSet(String[] strArr) {
        if (strArr == null || strArr.length <= 0) {
            return null;
        }
        return Sets.newHashSet(Iterables.transform(Arrays.asList(strArr), new Function<String, String>() { // from class: org.molgenis.data.rest.RestController.1
            @Override // com.google.common.base.Function
            public String apply(String str) {
                return str.toLowerCase();
            }
        }));
    }

    private Map<String, Set<String>> toExpandMap(String[] strArr) {
        HashSet hashSet;
        if (strArr == null) {
            return null;
        }
        HashMap hashMap = new HashMap();
        for (String str : strArr) {
            Matcher matcher = PATTERN_EXPANDS.matcher(str);
            if (!matcher.matches()) {
                throw new MolgenisDataException("invalid expand value: " + str);
            }
            String group = matcher.group(1);
            String group2 = matcher.group(2);
            if (group2 == null || group2.isEmpty()) {
                hashSet = null;
            } else {
                hashSet = new HashSet();
                for (String str2 : group2.split(";")) {
                    hashSet.add(str2.toLowerCase());
                }
            }
            hashMap.put(group.toLowerCase(), hashSet);
        }
        return hashMap;
    }
}
