package com.alibaba.csp.sentinel.dashboard.controller;

import com.alibaba.csp.sentinel.dashboard.auth.AuthAction;
import com.alibaba.csp.sentinel.dashboard.auth.AuthService;
import com.alibaba.csp.sentinel.dashboard.client.SentinelApiClient;
import com.alibaba.csp.sentinel.dashboard.datasource.entity.rule.AuthorityRuleEntity;
import com.alibaba.csp.sentinel.dashboard.discovery.MachineInfo;
import com.alibaba.csp.sentinel.dashboard.domain.Result;
import com.alibaba.csp.sentinel.dashboard.repository.rule.RuleRepository;
import com.alibaba.csp.sentinel.dashboard.rule.DynamicRuleProvider;
import com.alibaba.csp.sentinel.dashboard.rule.DynamicRulePublisher;
import com.alibaba.csp.sentinel.util.StringUtil;
import java.util.Date;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/authority"})
@RestController
/* loaded from: input_file:com/alibaba/csp/sentinel/dashboard/controller/AuthorityRuleController.class */
public class AuthorityRuleController {
    private final Logger logger = LoggerFactory.getLogger(AuthorityRuleController.class);

    @Autowired
    private SentinelApiClient sentinelApiClient;

    @Autowired
    private RuleRepository<AuthorityRuleEntity, Long> repository;

    @Autowired
    @Qualifier("authRuleNacosPublisher")
    private DynamicRulePublisher<List<AuthorityRuleEntity>> rulePublisher;

    @Autowired
    @Qualifier("authRuleNacosProvider")
    private DynamicRuleProvider<List<AuthorityRuleEntity>> ruleProvider;

    @AuthAction(AuthService.PrivilegeType.READ_RULE)
    @GetMapping({"/rules"})
    public Result<List<AuthorityRuleEntity>> apiQueryAllRulesForMachine(@RequestParam String str, @RequestParam String str2, @RequestParam Integer num) {
        if (StringUtil.isEmpty(str)) {
            return Result.ofFail(-1, "app cannot be null or empty");
        }
        if (StringUtil.isEmpty(str2)) {
            return Result.ofFail(-1, "ip cannot be null or empty");
        }
        if (num == null || num.intValue() <= 0) {
            return Result.ofFail(-1, "Invalid parameter: port");
        }
        try {
            return Result.ofSuccess(this.repository.saveAll(this.ruleProvider.getRules(str)));
        } catch (Throwable th) {
            this.logger.error("Error when querying authority rules", th);
            return Result.ofFail(-1, th.getMessage());
        }
    }

    private <R> Result<R> checkEntityInternal(AuthorityRuleEntity authorityRuleEntity) {
        if (authorityRuleEntity == null) {
            return Result.ofFail(-1, "bad rule body");
        }
        if (StringUtil.isBlank(authorityRuleEntity.getApp())) {
            return Result.ofFail(-1, "app can't be null or empty");
        }
        if (StringUtil.isBlank(authorityRuleEntity.getIp())) {
            return Result.ofFail(-1, "ip can't be null or empty");
        }
        if (authorityRuleEntity.getPort() == null || authorityRuleEntity.getPort().intValue() <= 0) {
            return Result.ofFail(-1, "port can't be null");
        }
        if (authorityRuleEntity.getRule() == null) {
            return Result.ofFail(-1, "rule can't be null");
        }
        if (StringUtil.isBlank(authorityRuleEntity.getResource())) {
            return Result.ofFail(-1, "resource name cannot be null or empty");
        }
        if (StringUtil.isBlank(authorityRuleEntity.getLimitApp())) {
            return Result.ofFail(-1, "limitApp should be valid");
        }
        if (authorityRuleEntity.getStrategy() == 0 || authorityRuleEntity.getStrategy() == 1) {
            return null;
        }
        return Result.ofFail(-1, "Unknown strategy (must be blacklist or whitelist)");
    }

    @PostMapping({"/rule"})
    @AuthAction(AuthService.PrivilegeType.WRITE_RULE)
    public Result<AuthorityRuleEntity> apiAddAuthorityRule(@RequestBody AuthorityRuleEntity authorityRuleEntity) {
        Result<AuthorityRuleEntity> checkEntityInternal = checkEntityInternal(authorityRuleEntity);
        if (checkEntityInternal != null) {
            return checkEntityInternal;
        }
        authorityRuleEntity.setId(null);
        Date date = new Date();
        authorityRuleEntity.setGmtCreate(date);
        authorityRuleEntity.setGmtModified(date);
        try {
            AuthorityRuleEntity save = this.repository.save(authorityRuleEntity);
            publishRules(save.getApp());
            if (!publishRules(save.getApp(), save.getIp(), save.getPort())) {
                this.logger.info("Publish authority rules failed after rule add");
            }
            return Result.ofSuccess(save);
        } catch (Throwable th) {
            this.logger.error("Failed to add authority rule", th);
            return Result.ofThrowable(-1, th);
        }
    }

    @AuthAction(AuthService.PrivilegeType.WRITE_RULE)
    @PutMapping({"/rule/{id}"})
    public Result<AuthorityRuleEntity> apiUpdateParamFlowRule(@PathVariable("id") Long l, @RequestBody AuthorityRuleEntity authorityRuleEntity) {
        if (l == null || l.longValue() <= 0) {
            return Result.ofFail(-1, "Invalid id");
        }
        Result<AuthorityRuleEntity> checkEntityInternal = checkEntityInternal(authorityRuleEntity);
        if (checkEntityInternal != null) {
            return checkEntityInternal;
        }
        authorityRuleEntity.setId(l);
        Date date = new Date();
        authorityRuleEntity.setGmtCreate(null);
        authorityRuleEntity.setGmtModified(date);
        try {
            AuthorityRuleEntity save = this.repository.save(authorityRuleEntity);
            publishRules(save.getApp());
            if (save == null) {
                return Result.ofFail(-1, "Failed to save authority rule");
            }
            if (!publishRules(save.getApp(), save.getIp(), save.getPort())) {
                this.logger.info("Publish authority rules failed after rule update");
            }
            return Result.ofSuccess(save);
        } catch (Throwable th) {
            this.logger.error("Failed to save authority rule", th);
            return Result.ofThrowable(-1, th);
        }
    }

    @DeleteMapping({"/rule/{id}"})
    @AuthAction(AuthService.PrivilegeType.DELETE_RULE)
    public Result<Long> apiDeleteRule(@PathVariable("id") Long l) {
        if (l == null) {
            return Result.ofFail(-1, "id cannot be null");
        }
        AuthorityRuleEntity findById = this.repository.findById(l);
        if (findById == null) {
            return Result.ofSuccess(null);
        }
        try {
            this.repository.delete(l);
            publishRules(findById.getApp());
            if (!publishRules(findById.getApp(), findById.getIp(), findById.getPort())) {
                this.logger.error("Publish authority rules failed after rule delete");
            }
            return Result.ofSuccess(l);
        } catch (Exception e) {
            return Result.ofFail(-1, e.getMessage());
        }
    }

    private boolean publishRules(String str, String str2, Integer num) {
        return this.sentinelApiClient.setAuthorityRuleOfMachine(str, str2, num.intValue(), this.repository.findAllByMachine(MachineInfo.of(str, str2, num)));
    }

    private void publishRules(String str) throws Exception {
        this.rulePublisher.publish(str, this.repository.findAllByApp(str));
    }
}
