package org.molgenis.data.importer;

import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.file.Paths;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.TreeMap;
import java.util.UUID;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.io.FilenameUtils;
import org.molgenis.auth.Authority;
import org.molgenis.auth.GroupAuthority;
import org.molgenis.auth.MolgenisGroup;
import org.molgenis.data.DataService;
import org.molgenis.data.DatabaseAction;
import org.molgenis.data.FileRepositoryCollectionFactory;
import org.molgenis.data.MolgenisDataAccessException;
import org.molgenis.data.MolgenisDataException;
import org.molgenis.data.Package;
import org.molgenis.data.meta.MetaValidationUtils;
import org.molgenis.data.rest.Href;
import org.molgenis.data.rest.v2.RestControllerV2;
import org.molgenis.data.support.FileRepositoryCollection;
import org.molgenis.data.support.GenericImporterExtensions;
import org.molgenis.data.support.QueryImpl;
import org.molgenis.data.system.ImportRun;
import org.molgenis.file.FileStore;
import org.molgenis.security.core.Permission;
import org.molgenis.security.core.utils.SecurityUtils;
import org.molgenis.security.permission.Permissions;
import org.molgenis.security.user.UserAccountService;
import org.molgenis.ui.wizard.AbstractWizardController;
import org.molgenis.ui.wizard.Wizard;
import org.molgenis.util.FileExtensionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.context.request.WebRequest;
import org.springframework.web.multipart.MultipartFile;

@RequestMapping({ImportWizardController.URI})
@Controller
/* loaded from: input_file:WEB-INF/lib/molgenis-data-import-1.19.0-SNAPSHOT.jar:org/molgenis/data/importer/ImportWizardController.class */
public class ImportWizardController extends AbstractWizardController {
    public static final String ID = "importwizard";
    public static final String URI = "/plugin/importwizard";
    private final UploadWizardPage uploadWizardPage;
    private final OptionsWizardPage optionsWizardPage;
    private final ValidationResultWizardPage validationResultWizardPage;
    private final ImportResultsWizardPage importResultsWizardPage;
    private final PackageWizardPage packageWizardPage;
    private final GrantedAuthoritiesMapper grantedAuthoritiesMapper;
    private final UserAccountService userAccountService;
    private ImportServiceFactory importServiceFactory;
    private FileStore fileStore;
    private FileRepositoryCollectionFactory fileRepositoryCollectionFactory;
    private ImportRunService importRunService;
    private ExecutorService asyncImportJobs;
    private DataService dataService;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) ImportWizardController.class);

    @Autowired
    public ImportWizardController(UploadWizardPage uploadWizardPage, OptionsWizardPage optionsWizardPage, PackageWizardPage packageWizardPage, ValidationResultWizardPage validationResultWizardPage, ImportResultsWizardPage importResultsWizardPage, DataService dataService, GrantedAuthoritiesMapper grantedAuthoritiesMapper, UserAccountService userAccountService, ImportServiceFactory importServiceFactory, FileStore fileStore, FileRepositoryCollectionFactory fileRepositoryCollectionFactory, ImportRunService importRunService) {
        super(URI, "importWizard");
        if (uploadWizardPage == null) {
            throw new IllegalArgumentException("UploadWizardPage is null");
        }
        if (optionsWizardPage == null) {
            throw new IllegalArgumentException("OptionsWizardPage is null");
        }
        if (validationResultWizardPage == null) {
            throw new IllegalArgumentException("ValidationResultWizardPage is null");
        }
        if (importResultsWizardPage == null) {
            throw new IllegalArgumentException("ImportResultsWizardPage is null");
        }
        this.uploadWizardPage = uploadWizardPage;
        this.optionsWizardPage = optionsWizardPage;
        this.validationResultWizardPage = validationResultWizardPage;
        this.importResultsWizardPage = importResultsWizardPage;
        this.packageWizardPage = packageWizardPage;
        this.userAccountService = userAccountService;
        this.dataService = dataService;
        this.grantedAuthoritiesMapper = grantedAuthoritiesMapper;
        this.importServiceFactory = importServiceFactory;
        this.fileStore = fileStore;
        this.fileRepositoryCollectionFactory = fileRepositoryCollectionFactory;
        this.importRunService = importRunService;
        this.dataService = dataService;
        this.asyncImportJobs = Executors.newSingleThreadExecutor();
    }

    public ImportWizardController(UploadWizardPage uploadWizardPage, OptionsWizardPage optionsWizardPage, PackageWizardPage packageWizardPage, ValidationResultWizardPage validationResultWizardPage, ImportResultsWizardPage importResultsWizardPage, DataService dataService, GrantedAuthoritiesMapper grantedAuthoritiesMapper, UserAccountService userAccountService, ImportServiceFactory importServiceFactory, FileStore fileStore, FileRepositoryCollectionFactory fileRepositoryCollectionFactory, ImportRunService importRunService, ExecutorService executorService) {
        super(URI, "importWizard");
        if (uploadWizardPage == null) {
            throw new IllegalArgumentException("UploadWizardPage is null");
        }
        if (optionsWizardPage == null) {
            throw new IllegalArgumentException("OptionsWizardPage is null");
        }
        if (validationResultWizardPage == null) {
            throw new IllegalArgumentException("ValidationResultWizardPage is null");
        }
        if (importResultsWizardPage == null) {
            throw new IllegalArgumentException("ImportResultsWizardPage is null");
        }
        this.uploadWizardPage = uploadWizardPage;
        this.optionsWizardPage = optionsWizardPage;
        this.validationResultWizardPage = validationResultWizardPage;
        this.importResultsWizardPage = importResultsWizardPage;
        this.packageWizardPage = packageWizardPage;
        this.userAccountService = userAccountService;
        this.dataService = dataService;
        this.grantedAuthoritiesMapper = grantedAuthoritiesMapper;
        this.importServiceFactory = importServiceFactory;
        this.fileStore = fileStore;
        this.fileRepositoryCollectionFactory = fileRepositoryCollectionFactory;
        this.importRunService = importRunService;
        this.dataService = dataService;
        this.asyncImportJobs = executorService;
    }

    @Override // org.molgenis.ui.wizard.AbstractWizardController
    protected Wizard createWizard() {
        ImportWizard importWizard = new ImportWizard();
        importWizard.addPage(this.uploadWizardPage);
        importWizard.addPage(this.optionsWizardPage);
        importWizard.addPage(this.packageWizardPage);
        importWizard.addPage(this.validationResultWizardPage);
        importWizard.addPage(this.importResultsWizardPage);
        return importWizard;
    }

    @RequestMapping(value = {"/entityclass/group/{groupId}"}, method = {RequestMethod.GET})
    @ResponseBody
    public Permissions getGroupEntityClassPermissions(@PathVariable String str, WebRequest webRequest) {
        boolean z = false;
        Iterator<MolgenisGroup> it = this.userAccountService.getCurrentUserGroups().iterator();
        while (it.hasNext()) {
            if (it.next().getId().equals(str)) {
                z = true;
            }
        }
        if (!z && !this.userAccountService.getCurrentUser().isSuperuser().booleanValue()) {
            throw new RuntimeException("Current user does not belong to the requested group.");
        }
        List<String> asList = Arrays.asList(webRequest.getParameter("entityIds").split(","));
        MolgenisGroup molgenisGroup = (MolgenisGroup) this.dataService.findOne("molgenisGroup", str, MolgenisGroup.class);
        if (molgenisGroup == null) {
            throw new RuntimeException("unknown group id [" + str + "]");
        }
        Permissions createPermissions = createPermissions(getGroupPermissions(molgenisGroup), asList);
        createPermissions.setGroupId(str);
        return createPermissions;
    }

    @RequestMapping(value = {"/add/entityclass/group"}, method = {RequestMethod.POST})
    @ResponseStatus(HttpStatus.OK)
    public void addGroupEntityClassPermissions(@RequestParam String str, WebRequest webRequest) {
        this.dataService.getEntityNames().forEach(str2 -> {
            GroupAuthority groupAuthority = getGroupAuthority(str, str2);
            String parameter = webRequest.getParameter("radio-" + str2);
            if (parameter == null || !(SecurityUtils.currentUserHasRole(SecurityUtils.AUTHORITY_ENTITY_WRITEMETA_PREFIX + str2.toUpperCase()) || this.userAccountService.getCurrentUser().isSuperuser().booleanValue())) {
                if (parameter != null) {
                    throw new MolgenisDataAccessException("Current user is not allowed to change the permissions for this entity: " + str2);
                }
                return;
            }
            if (!parameter.equalsIgnoreCase(Permission.READ.toString()) && !parameter.equalsIgnoreCase(Permission.COUNT.toString()) && !parameter.equalsIgnoreCase(Permission.WRITE.toString()) && !parameter.equalsIgnoreCase(Permission.WRITEMETA.toString())) {
                if (!parameter.equalsIgnoreCase(Permission.NONE.toString())) {
                    throw new RuntimeException("Unknown value: " + parameter + " for permission on entity: " + str2);
                }
                if (groupAuthority.getId() != null) {
                    this.dataService.delete("GroupAuthority", groupAuthority.getId());
                    return;
                }
                return;
            }
            groupAuthority.setMolgenisGroup((MolgenisGroup) this.dataService.findOne("molgenisGroup", str, MolgenisGroup.class));
            groupAuthority.setRole(SecurityUtils.AUTHORITY_ENTITY_PREFIX + parameter.toUpperCase() + "_" + str2.toUpperCase());
            if (groupAuthority.getId() != null) {
                this.dataService.update("GroupAuthority", groupAuthority);
            } else {
                groupAuthority.setId(UUID.randomUUID().toString());
                this.dataService.add("GroupAuthority", groupAuthority);
            }
        });
    }

    private List<Authority> getGroupPermissions(MolgenisGroup molgenisGroup) {
        return (List) this.dataService.findAll("GroupAuthority", new QueryImpl().eq("molgenisGroup", molgenisGroup), GroupAuthority.class).collect(Collectors.toList());
    }

    private Permissions createPermissions(List<? extends Authority> list, List<String> list2) {
        Permissions permissions = new Permissions();
        if (list2 != null) {
            TreeMap treeMap = new TreeMap();
            for (String str : list2) {
                treeMap.put(str, str);
            }
            permissions.setEntityIds(treeMap);
        }
        for (Authority authority : list) {
            if (authority.getRole().startsWith(SecurityUtils.AUTHORITY_ENTITY_PREFIX)) {
                org.molgenis.security.permission.Permission permission = new org.molgenis.security.permission.Permission();
                String authorityType = getAuthorityType(authority.getRole());
                String authorityEntityId = getAuthorityEntityId(authority.getRole());
                permission.setType(authorityType);
                if (authority instanceof GroupAuthority) {
                    permission.setGroup(((GroupAuthority) authority).getMolgenisGroup().getName());
                    permissions.addGroupPermission(authorityEntityId, permission);
                }
            }
            SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(authority.getRole());
            Collection<? extends GrantedAuthority> mapAuthorities = this.grantedAuthoritiesMapper.mapAuthorities(Collections.singletonList(simpleGrantedAuthority));
            mapAuthorities.remove(simpleGrantedAuthority);
            for (GrantedAuthority grantedAuthority : mapAuthorities) {
                if (grantedAuthority.getAuthority().startsWith(SecurityUtils.AUTHORITY_ENTITY_PREFIX)) {
                    String authorityEntityId2 = getAuthorityEntityId(grantedAuthority.getAuthority());
                    org.molgenis.security.permission.Permission permission2 = new org.molgenis.security.permission.Permission();
                    permission2.setType(getAuthorityType(grantedAuthority.getAuthority()));
                    permissions.addHierarchyPermission(authorityEntityId2, permission2);
                }
            }
        }
        permissions.sort();
        return permissions;
    }

    private GroupAuthority getGroupAuthority(String str, String str2) {
        GroupAuthority groupAuthority = new GroupAuthority();
        for (GroupAuthority groupAuthority2 : this.dataService.findAll("GroupAuthority", new QueryImpl().eq("molgenisGroup", str), GroupAuthority.class)) {
            String str3 = "";
            if (groupAuthority2.getRole().startsWith(SecurityUtils.AUTHORITY_ENTITY_COUNT_PREFIX) || groupAuthority2.getRole().startsWith(SecurityUtils.AUTHORITY_ENTITY_WRITE_PREFIX)) {
                str3 = groupAuthority2.getRole().substring(SecurityUtils.AUTHORITY_ENTITY_COUNT_PREFIX.length());
            } else if (groupAuthority2.getRole().startsWith(SecurityUtils.AUTHORITY_ENTITY_READ_PREFIX)) {
                str3 = groupAuthority2.getRole().substring(SecurityUtils.AUTHORITY_ENTITY_READ_PREFIX.length());
            } else if (groupAuthority2.getRole().startsWith(SecurityUtils.AUTHORITY_ENTITY_WRITEMETA_PREFIX)) {
                str3 = groupAuthority2.getRole().substring(SecurityUtils.AUTHORITY_ENTITY_WRITEMETA_PREFIX.length());
            }
            if (str3.equals(str2.toUpperCase())) {
                groupAuthority = groupAuthority2;
            }
        }
        return groupAuthority;
    }

    private String getAuthorityEntityId(String str) {
        String substring = str.substring(SecurityUtils.AUTHORITY_ENTITY_PREFIX.length());
        return substring.substring(substring.indexOf(95) + 1).toLowerCase();
    }

    private String getAuthorityType(String str) {
        String substring = str.substring(SecurityUtils.AUTHORITY_ENTITY_PREFIX.length());
        return substring.substring(0, substring.indexOf(95)).toLowerCase();
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/importByUrl"})
    @ResponseBody
    public ResponseEntity<String> importFileByUrl(HttpServletRequest httpServletRequest, @RequestParam("url") String str, @RequestParam(value = "entityName", required = false) String str2, @RequestParam(value = "action", required = false) String str3, @RequestParam(value = "notify", required = false) Boolean bool) throws IOException, URISyntaxException {
        try {
            return createCreatedResponseEntity(importFile(httpServletRequest, fileLocationToStoredRenamedFile(str, str2), str3, bool));
        } catch (Exception e) {
            LOG.error(e.getMessage());
            return ResponseEntity.badRequest().contentType(MediaType.TEXT_PLAIN).body(e.getMessage());
        }
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/importFile"})
    public ResponseEntity<String> importFile(HttpServletRequest httpServletRequest, @RequestParam(value = "file", required = true) MultipartFile multipartFile, @RequestParam(value = "entityName", required = false) String str, @RequestParam(value = "action", required = false) String str2, @RequestParam(value = "notify", required = false) Boolean bool) throws IOException, URISyntaxException {
        try {
            return createCreatedResponseEntity(importFile(httpServletRequest, this.fileStore.store(multipartFile.getInputStream(), getFilename(multipartFile.getOriginalFilename(), str)), str2, bool));
        } catch (Exception e) {
            LOG.error(e.getMessage());
            return ResponseEntity.badRequest().contentType(MediaType.TEXT_PLAIN).body(e.getMessage());
        }
    }

    private ResponseEntity<String> createCreatedResponseEntity(ImportRun importRun) throws URISyntaxException {
        String concatEntityHref = Href.concatEntityHref(RestControllerV2.BASE_URI, importRun.getEntityMetaData().getName(), importRun.getIdValue());
        return ResponseEntity.created(new URI(concatEntityHref)).contentType(MediaType.TEXT_PLAIN).body(concatEntityHref);
    }

    private File fileLocationToStoredRenamedFile(String str, String str2) throws IOException {
        String path = Paths.get(str, new String[0]).getFileName().toString();
        return this.fileStore.store(new URL(str).openStream(), getFilename(path, str2));
    }

    private String getFilename(String str, String str2) {
        String str3;
        String findExtensionFromPossibilities = FileExtensionUtils.findExtensionFromPossibilities(str, GenericImporterExtensions.getAll());
        if (str2 == null) {
            str3 = str;
        } else {
            str3 = str2 + "." + findExtensionFromPossibilities;
            if (!findExtensionFromPossibilities.equals("vcf") && !findExtensionFromPossibilities.equals("vcf.gz") && !findExtensionFromPossibilities.equals("vcf.zip")) {
                LOG.warn("Specifing a filename for a non-VCF file has no effect on entity names.");
            }
        }
        return str3;
    }

    private ImportRun importFile(HttpServletRequest httpServletRequest, File file, String str, Boolean bool) {
        DatabaseAction databaseAction = getDatabaseAction(file, str);
        if (this.dataService.hasRepository(FilenameUtils.getBaseName(file.getName()))) {
            throw new MolgenisDataException("A repository with name " + FilenameUtils.getBaseName(file.getName()) + " already exists");
        }
        ImportService importService = this.importServiceFactory.getImportService(file.getName());
        FileRepositoryCollection createFileRepositoryCollection = this.fileRepositoryCollectionFactory.createFileRepositoryCollection(file);
        ImportRun addImportRun = this.importRunService.addImportRun(SecurityUtils.getCurrentUsername(), Boolean.TRUE.equals(bool));
        this.asyncImportJobs.execute(new ImportJob(importService, SecurityContextHolder.getContext(), createFileRepositoryCollection, databaseAction, addImportRun.getId(), this.importRunService, httpServletRequest.getSession(), Package.DEFAULT_PACKAGE_NAME));
        return addImportRun;
    }

    private DatabaseAction getDatabaseAction(File file, String str) {
        DatabaseAction databaseAction = DatabaseAction.ADD;
        if (str != null) {
            try {
                databaseAction = DatabaseAction.valueOf(str.toUpperCase());
            } catch (IllegalArgumentException e) {
                throw new IllegalArgumentException("Invalid action:[" + str.toUpperCase() + "] valid values: " + Arrays.toString(DatabaseAction.values()));
            }
        }
        String findExtensionFromPossibilities = FileExtensionUtils.findExtensionFromPossibilities(file.getName(), GenericImporterExtensions.getAll());
        if (findExtensionFromPossibilities.equals("vcf") || findExtensionFromPossibilities.equals("vcf.gz") || findExtensionFromPossibilities.equals("vcf.zip")) {
            MetaValidationUtils.validateName(file.getName().replace("." + findExtensionFromPossibilities, ""));
            if (!DatabaseAction.ADD.equals(databaseAction)) {
                throw new IllegalArgumentException("Update mode " + databaseAction + " is not supported, only ADD is supported for VCF");
            }
        }
        return databaseAction;
    }
}
