package _ss_com.streamsets.datacollector.restapi;

import _ss_com.streamsets.datacollector.bundles.BundleType;
import _ss_com.streamsets.datacollector.bundles.SupportBundle;
import _ss_com.streamsets.datacollector.bundles.SupportBundleManager;
import _ss_com.streamsets.datacollector.cli.sch.SchAdmin;
import _ss_com.streamsets.datacollector.main.RuntimeInfo;
import _ss_com.streamsets.datacollector.main.UserGroupManager;
import _ss_com.streamsets.datacollector.restapi.bean.BeanHelper;
import _ss_com.streamsets.datacollector.restapi.bean.DPMInfoJson;
import _ss_com.streamsets.datacollector.restapi.bean.MultiStatusResponseJson;
import _ss_com.streamsets.datacollector.restapi.bean.SupportBundleContentDefinitionJson;
import _ss_com.streamsets.datacollector.restapi.bean.UserJson;
import _ss_com.streamsets.datacollector.store.PipelineStoreException;
import _ss_com.streamsets.datacollector.util.AuthzRole;
import _ss_com.streamsets.datacollector.util.Configuration;
import _ss_com.streamsets.lib.security.http.AbstractLogoutServlet;
import _ss_com.streamsets.lib.security.http.SSOConstants;
import _ss_com.streamsets.lib.security.http.SSOPrincipal;
import _ss_com.streamsets.pipeline.lib.util.ThreadUtil;
import _ss_javax.servlet.jsp.tagext.TagAttributeInfo;
import _ss_org.apache.commons.lang3.StringUtils;
import com.streamsets.pipeline.api.impl.Utils;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.Authorization;
import java.io.IOException;
import java.lang.management.ManagementFactory;
import java.lang.management.ThreadInfo;
import java.lang.management.ThreadMXBean;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import javax.annotation.security.DenyAll;
import javax.annotation.security.RolesAllowed;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.eclipse.jetty.http.HttpStatus;
import org.glassfish.jersey.client.filter.CsrfProtectionFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Api("system")
@Path("/v1/system")
@DenyAll
@RequiresCredentialsDeployed
/* loaded from: input_file:_ss_com/streamsets/datacollector/restapi/AdminResource.class */
public class AdminResource {
    private static final Logger LOG = LoggerFactory.getLogger(AdminResource.class);
    private static final String APP_TOKEN_FILE = "application-token.txt";
    private static final String APP_TOKEN_FILE_PROP_VAL = "@application-token.txt@";
    private final RuntimeInfo runtimeInfo;
    private final Configuration config;
    private final UserGroupManager userGroupManager;
    private final SupportBundleManager supportBundleManager;

    @Inject
    public AdminResource(RuntimeInfo runtimeInfo, Configuration configuration, UserGroupManager userGroupManager, SupportBundleManager supportBundleManager) {
        this.runtimeInfo = runtimeInfo;
        this.config = configuration;
        this.userGroupManager = userGroupManager;
        this.supportBundleManager = supportBundleManager;
    }

    @Path("/shutdown")
    @ApiOperation(value = "Shutdown SDC", authorizations = {@Authorization("basic")})
    @POST
    @Produces({MediaType.APPLICATION_JSON})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE})
    public Response shutdown() throws PipelineStoreException {
        Thread thread = new Thread("Shutdown Request") { // from class: _ss_com.streamsets.datacollector.restapi.AdminResource.1
            @Override // java.lang.Thread, java.lang.Runnable
            public void run() {
                ThreadUtil.sleep(500L);
                AdminResource.this.runtimeInfo.shutdown(0);
            }
        };
        thread.setDaemon(true);
        thread.start();
        return Response.ok().build();
    }

    @Path("/restart")
    @ApiOperation(value = "Restart SDC", authorizations = {@Authorization("basic")})
    @POST
    @Produces({MediaType.APPLICATION_JSON})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE})
    public Response restart() throws PipelineStoreException {
        Thread thread = new Thread("Shutdown Request") { // from class: _ss_com.streamsets.datacollector.restapi.AdminResource.2
            @Override // java.lang.Thread, java.lang.Runnable
            public void run() {
                ThreadUtil.sleep(500L);
                AdminResource.this.runtimeInfo.shutdown(88);
            }
        };
        thread.setDaemon(true);
        thread.start();
        return Response.ok().build();
    }

    @Path("/enableDPM")
    @ApiOperation(value = "Enables DPM by getting application token from DPM", authorizations = {@Authorization("basic")})
    @POST
    @Produces({MediaType.APPLICATION_JSON})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE})
    public Response enableDPM(DPMInfoJson dPMInfoJson) throws IOException {
        Utils.checkNotNull(dPMInfoJson, "DPMInfo");
        SchAdmin.enableDPM(dPMInfoJson, new SchAdmin.Context(this.runtimeInfo, this.config));
        return Response.ok().build();
    }

    @Path("/disableDPM")
    @ApiOperation(value = "Disables DPM", authorizations = {@Authorization("basic")})
    @POST
    @Produces({MediaType.APPLICATION_JSON})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE})
    public Response disableDPM(@Context HttpServletRequest httpServletRequest) throws IOException {
        if (!this.runtimeInfo.isDPMEnabled()) {
            throw new RuntimeException("disableDPM is supported only when DPM is enabled");
        }
        SSOPrincipal sSOPrincipal = (SSOPrincipal) httpServletRequest.getUserPrincipal();
        SchAdmin.disableDPM(sSOPrincipal.getTokenStr(), sSOPrincipal.getOrganizationId(), new SchAdmin.Context(this.runtimeInfo, this.config));
        return Response.ok().build();
    }

    /* JADX WARN: Finally extract failed */
    @Path("/createDPMUsers")
    @ApiOperation(value = "Create Users & Groups in DPM", authorizations = {@Authorization("basic")})
    @POST
    @Produces({MediaType.APPLICATION_JSON})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE})
    public Response createDPMUsers(DPMInfoJson dPMInfoJson) throws IOException {
        Utils.checkNotNull(dPMInfoJson, "DPMInfo");
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        String baseURL = dPMInfoJson.getBaseURL();
        if (baseURL.endsWith("/")) {
            baseURL = baseURL.substring(0, baseURL.length() - 1);
        }
        Response response = null;
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("userName", dPMInfoJson.getUserID());
            hashMap.put("password", dPMInfoJson.getUserPassword());
            response = ClientBuilder.newClient().target(baseURL + "/security/public-rest/v1/authentication/login").register2(new CsrfProtectionFilter("CSRF")).request().post(Entity.json(hashMap));
            if (response.getStatus() != Response.Status.OK.getStatusCode()) {
                throw new RuntimeException(Utils.format("DPM Login failed, status code '{}': {}", new Object[]{Integer.valueOf(response.getStatus()), response.readEntity(String.class)}));
            }
            if (response != null) {
                response.close();
            }
            String headerString = response.getHeaderString(SSOConstants.X_USER_AUTH_TOKEN);
            for (Map<String, Object> map : dPMInfoJson.getDpmGroupList()) {
                try {
                    response = ClientBuilder.newClient().target(baseURL + "/security/rest/v1/organization/" + dPMInfoJson.getOrganization() + "/groups").register2(new CsrfProtectionFilter("CSRF")).request().header(SSOConstants.X_USER_AUTH_TOKEN, headerString).put(Entity.json(map));
                    if (response.getStatus() != Response.Status.CREATED.getStatusCode()) {
                        arrayList2.add(Utils.format("DPM Create Group '{}' failed, status code '{}': {}", new Object[]{map.get(TagAttributeInfo.ID), Integer.valueOf(response.getStatus()), response.readEntity(String.class)}));
                    } else {
                        arrayList.add(Utils.format("Created DPM Group '{}' successfully", new Object[]{map.get(TagAttributeInfo.ID)}));
                    }
                    if (response != null) {
                        response.close();
                    }
                } catch (Throwable th) {
                    throw th;
                }
            }
            for (Map<String, Object> map2 : dPMInfoJson.getDpmUserList()) {
                try {
                    response = ClientBuilder.newClient().target(baseURL + "/security/rest/v1/organization/" + dPMInfoJson.getOrganization() + "/users").register2(new CsrfProtectionFilter("CSRF")).request().header(SSOConstants.X_USER_AUTH_TOKEN, headerString).put(Entity.json(map2));
                    if (response.getStatus() != Response.Status.CREATED.getStatusCode()) {
                        arrayList2.add(Utils.format("DPM Create User '{}' failed, status code '{}': {}", new Object[]{map2.get(TagAttributeInfo.ID), Integer.valueOf(response.getStatus()), response.readEntity(String.class)}));
                    } else {
                        arrayList.add(Utils.format("Created DPM User '{}' successfully", new Object[]{map2.get(TagAttributeInfo.ID)}));
                    }
                    if (response != null) {
                        response.close();
                    }
                } catch (Throwable th2) {
                    if (response != null) {
                        response.close();
                    }
                    throw th2;
                }
            }
            try {
                response = ClientBuilder.newClient().target(baseURL + AbstractLogoutServlet.URL_PATH).register2(new CsrfProtectionFilter("CSRF")).request().header(SSOConstants.X_USER_AUTH_TOKEN, headerString).cookie("SS-SSO-LOGIN", headerString).get();
                if (response != null) {
                    response.close();
                }
                return Response.status(HttpStatus.MULTI_STATUS_207).type(MediaType.APPLICATION_JSON).entity(new MultiStatusResponseJson(arrayList, arrayList2)).build();
            } catch (Throwable th3) {
                if (response != null) {
                    response.close();
                }
                throw th3;
            }
        } finally {
            if (response != null) {
                response.close();
            }
        }
    }

    @GET
    @Path("/threads")
    @ApiOperation(value = "Returns Thread Dump along with stack trace", response = Map.class, responseContainer = "List", authorizations = {@Authorization("basic")})
    @Produces({MediaType.APPLICATION_JSON})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE})
    public Response getThreadsDump() throws IOException {
        ThreadMXBean threadMXBean = ManagementFactory.getThreadMXBean();
        ThreadInfo[] dumpAllThreads = threadMXBean.dumpAllThreads(true, true);
        ArrayList arrayList = new ArrayList(dumpAllThreads.length);
        for (ThreadInfo threadInfo : dumpAllThreads) {
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            linkedHashMap.put("threadInfo", threadInfo);
            linkedHashMap.put("userTimeNanosecs", Long.valueOf(threadMXBean.getThreadUserTime(threadInfo.getThreadId())));
            linkedHashMap.put("cpuTimeNanosecs", Long.valueOf(threadMXBean.getThreadCpuTime(threadInfo.getThreadId())));
            arrayList.add(linkedHashMap);
        }
        return Response.ok(arrayList).build();
    }

    @GET
    @Path("/directories")
    @ApiOperation(value = "Returns SDC Directories", response = Map.class, authorizations = {@Authorization("basic")})
    @Produces({MediaType.APPLICATION_JSON})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE})
    public Response getSDCDirectories() throws IOException {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("runtimeDir", this.runtimeInfo.getRuntimeDir());
        linkedHashMap.put("configDir", this.runtimeInfo.getConfigDir());
        linkedHashMap.put("dataDir", this.runtimeInfo.getDataDir());
        linkedHashMap.put("logDir", this.runtimeInfo.getLogDir());
        linkedHashMap.put("resourcesDir", this.runtimeInfo.getResourcesDir());
        linkedHashMap.put("libsExtraDir", this.runtimeInfo.getLibsExtraDir());
        return Response.ok(linkedHashMap).build();
    }

    @GET
    @Path("/users")
    @ApiOperation(value = "Returns All Users Info", response = UserJson.class, responseContainer = "List", authorizations = {@Authorization("basic")})
    @Produces({MediaType.APPLICATION_JSON})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE, AuthzRole.CREATOR, AuthzRole.CREATOR_REMOTE})
    public Response getUsers() throws IOException {
        return Response.ok(this.userGroupManager.getUsers()).build();
    }

    @GET
    @Path("/groups")
    @ApiOperation(value = "Returns All Group names", response = UserJson.class, responseContainer = "List", authorizations = {@Authorization("basic")})
    @Produces({MediaType.APPLICATION_JSON})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE, AuthzRole.CREATOR, AuthzRole.CREATOR_REMOTE})
    public Response getGroups() throws IOException {
        return Response.ok(this.userGroupManager.getGroups()).build();
    }

    @GET
    @Path("/bundle/list")
    @ApiOperation(value = "Return list of available content generators for support bundles.", response = SupportBundleContentDefinitionJson.class, responseContainer = "List", authorizations = {@Authorization("basic")})
    @Produces({MediaType.APPLICATION_JSON})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE})
    public Response getSupportBundlesContentGenerators() throws IOException {
        return Response.ok(BeanHelper.wrapSupportBundleDefinitions(this.supportBundleManager.getContentDefinitions())).build();
    }

    @GET
    @Path("/bundle/generate")
    @Consumes({MediaType.APPLICATION_JSON})
    @ApiOperation(value = "Generates a new support bundle.", response = Object.class, authorizations = {@Authorization("basic")})
    @Produces({MediaType.APPLICATION_OCTET_STREAM})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE})
    public Response createSupportBundlesContentGenerators(@QueryParam("generators") @DefaultValue("") String str) throws IOException {
        SupportBundle generateNewBundle = this.supportBundleManager.generateNewBundle(getGeneratorList(str), BundleType.SUPPORT);
        return Response.ok().header("content-disposition", "attachment; filename=\"" + generateNewBundle.getBundleName() + "\"").entity(generateNewBundle.getInputStream()).build();
    }

    @GET
    @Path("/bundle/upload")
    @Consumes({MediaType.APPLICATION_JSON})
    @ApiOperation(value = "Generates new support bundle and uploads it to StreamSets.", response = Object.class, authorizations = {@Authorization("basic")})
    @Produces({MediaType.APPLICATION_JSON})
    @RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE})
    public Response uploadSupportBundlesContentGenerators(@QueryParam("generators") @DefaultValue("") String str) throws IOException {
        this.supportBundleManager.uploadNewBundle(getGeneratorList(str), BundleType.SUPPORT);
        return Response.ok().build();
    }

    private List<String> getGeneratorList(String str) {
        return StringUtils.isEmpty(str) ? Collections.emptyList() : Arrays.asList(str.split(","));
    }
}
