package com.foilen.infra.resource.mariadb;

import com.foilen.infra.plugin.v1.core.context.CommonServicesContext;
import com.foilen.infra.plugin.v1.core.eventhandler.ActionHandler;
import com.foilen.infra.plugin.v1.core.eventhandler.ChangesEventHandler;
import com.foilen.infra.plugin.v1.core.eventhandler.changes.ChangesInTransactionContext;
import com.foilen.infra.plugin.v1.core.eventhandler.utils.ChangesEventHandlerResourceStream;
import com.foilen.infra.plugin.v1.core.eventhandler.utils.ChangesEventHandlerUtils;
import com.foilen.infra.plugin.v1.core.exception.IllegalUpdateException;
import com.foilen.infra.plugin.v1.core.exception.ProblemException;
import com.foilen.infra.plugin.v1.core.service.IPResourceService;
import com.foilen.infra.plugin.v1.core.visual.helper.CommonResourceLink;
import com.foilen.infra.plugin.v1.model.base.IPApplicationDefinition;
import com.foilen.infra.plugin.v1.model.base.IPApplicationDefinitionAssetsBundle;
import com.foilen.infra.plugin.v1.model.base.IPApplicationDefinitionVolume;
import com.foilen.infra.resource.application.Application;
import com.foilen.infra.resource.machine.Machine;
import com.foilen.infra.resource.mariadb.mysqlmanager.MysqlManagerConfig;
import com.foilen.infra.resource.mariadb.mysqlmanager.MysqlManagerConfigAdmin;
import com.foilen.infra.resource.mariadb.mysqlmanager.MysqlManagerConfigDatabaseGrants;
import com.foilen.infra.resource.mariadb.mysqlmanager.MysqlManagerConfigPermission;
import com.foilen.infra.resource.mariadb.mysqlmanager.MysqlManagerConfigUser;
import com.foilen.infra.resource.unixuser.UnixUser;
import com.foilen.infra.resource.utils.ActionsHandlerUtils;
import com.foilen.smalltools.tools.AbstractBasics;
import com.foilen.smalltools.tools.JsonTools;
import com.foilen.smalltools.tools.SecureRandomTools;
import com.foilen.smalltools.tools.StringTools;
import com.google.common.base.Strings;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.function.Consumer;

/* loaded from: input_file:com/foilen/infra/resource/mariadb/MariaDBChangesEventHandler.class */
public class MariaDBChangesEventHandler extends AbstractBasics implements ChangesEventHandler {
    private static final List<String> blacklistedDatabases = Collections.unmodifiableList(Arrays.asList("information_schema", "mysql", "performance_schema", "sys"));
    private static final List<String> blacklistedUsers = Collections.unmodifiableList(Arrays.asList("root"));

    public List<ActionHandler> computeActionsToExecute(CommonServicesContext commonServicesContext, ChangesInTransactionContext changesInTransactionContext) {
        ArrayList arrayList = new ArrayList();
        ChangesEventHandlerResourceStream changesEventHandlerResourceStream = new ChangesEventHandlerResourceStream(MariaDBDatabase.class);
        changesEventHandlerResourceStream.resourcesAddOfType(changesInTransactionContext.getLastAddedResources());
        changesEventHandlerResourceStream.resourcesAddNextOfType(changesInTransactionContext.getLastUpdatedResources());
        changesEventHandlerResourceStream.getResourcesStream().forEach(mariaDBDatabase -> {
            arrayList.add((commonServicesContext2, changesContext) -> {
                if (blacklistedDatabases.contains(mariaDBDatabase.getName().toLowerCase())) {
                    throw new IllegalUpdateException("That database name " + mariaDBDatabase.getName() + "is blacklisted");
                }
            });
        });
        ChangesEventHandlerResourceStream changesEventHandlerResourceStream2 = new ChangesEventHandlerResourceStream(MariaDBUser.class);
        changesEventHandlerResourceStream2.resourcesAddOfType(changesInTransactionContext.getLastAddedResources());
        changesEventHandlerResourceStream2.resourcesAddNextOfType(changesInTransactionContext.getLastUpdatedResources());
        changesEventHandlerResourceStream2.getResourcesStream().forEach(mariaDBUser -> {
            arrayList.add((commonServicesContext2, changesContext) -> {
                if (blacklistedUsers.contains(mariaDBUser.getName().toLowerCase())) {
                    throw new IllegalUpdateException("That database user name " + mariaDBUser.getName() + "is blacklisted");
                }
            });
        });
        changesEventHandlerResourceStream2.sortedAndDistinct();
        changesEventHandlerResourceStream.resourcesAdd(changesEventHandlerResourceStream2.streamFromResourceAndLinkTypesAndToResourceClass(commonServicesContext, new String[]{"CAN_ADMIN", "CAN_READ", "CAN_WRITE"}, MariaDBDatabase.class));
        changesEventHandlerResourceStream.resourcesAddNextOfType(changesInTransactionContext.getLastUpdatedResources());
        changesEventHandlerResourceStream.linksAddTo(changesInTransactionContext.getLastAddedLinks(), new String[]{"CAN_ADMIN", "CAN_READ", "CAN_WRITE"});
        changesEventHandlerResourceStream.linksAddTo(changesInTransactionContext.getLastDeletedLinks(), new String[]{"CAN_ADMIN", "CAN_READ", "CAN_WRITE"});
        changesEventHandlerResourceStream.sortedAndDistinct();
        changesEventHandlerResourceStream.getResourcesStream().forEach(mariaDBDatabase2 -> {
            arrayList.add((commonServicesContext2, changesContext) -> {
                HashMap hashMap = new HashMap();
                Consumer consumer = mariaDBUser2 -> {
                    String str = (String) hashMap.put(mariaDBUser2.getName(), mariaDBUser2.getUid());
                    if (str != null && !str.equals(mariaDBUser2.getUid())) {
                        throw new IllegalUpdateException("That database user name " + mariaDBUser2.getName() + " is already used on that database");
                    }
                };
                commonServicesContext.getResourceService().linkFindAllByFromResourceClassAndLinkTypeAndToResource(MariaDBUser.class, "CAN_ADMIN", mariaDBDatabase2).forEach(consumer);
                commonServicesContext.getResourceService().linkFindAllByFromResourceClassAndLinkTypeAndToResource(MariaDBUser.class, "CAN_READ", mariaDBDatabase2).forEach(consumer);
                commonServicesContext.getResourceService().linkFindAllByFromResourceClassAndLinkTypeAndToResource(MariaDBUser.class, "CAN_WRITE", mariaDBDatabase2).forEach(consumer);
            });
        });
        ChangesEventHandlerResourceStream streamFromResourceAndLinkTypeAndToResourceClass = changesEventHandlerResourceStream.streamFromResourceAndLinkTypeAndToResourceClass(commonServicesContext, "INSTALLED_ON", MariaDBServer.class);
        streamFromResourceAndLinkTypeAndToResourceClass.resourcesAddOfType(changesInTransactionContext.getLastAddedResources());
        streamFromResourceAndLinkTypeAndToResourceClass.resourcesAddOfType(changesInTransactionContext.getLastRefreshedResources());
        streamFromResourceAndLinkTypeAndToResourceClass.resourcesAddNextOfType(changesInTransactionContext.getLastUpdatedResources());
        streamFromResourceAndLinkTypeAndToResourceClass.linksAddFromAndTo(changesInTransactionContext.getLastAddedLinks());
        streamFromResourceAndLinkTypeAndToResourceClass.linksAddFromAndTo(changesInTransactionContext.getLastDeletedLinks());
        ChangesEventHandlerUtils.getNextResourcesOfTypeStream(changesInTransactionContext.getLastUpdatedResources(), MariaDBServer.class).forEach(updatedResource -> {
            MariaDBServer previous = updatedResource.getPrevious();
            MariaDBServer next = updatedResource.getNext();
            this.logger.info("Mariadb server. Previous name {} and new name {}", previous.getName(), next.getName());
            if (!StringTools.safeEquals(previous.getName(), next.getName())) {
                throw new IllegalUpdateException("Cannot change the MariaDB Server name");
            }
        });
        ChangesEventHandlerResourceStream changesEventHandlerResourceStream3 = new ChangesEventHandlerResourceStream(UnixUser.class);
        changesEventHandlerResourceStream3.resourcesAddNextOfType(changesInTransactionContext.getLastUpdatedResources());
        changesEventHandlerResourceStream3.getResourcesStream().forEach(unixUser -> {
            streamFromResourceAndLinkTypeAndToResourceClass.resourcesAdd(commonServicesContext.getResourceService().linkFindAllByFromResourceClassAndLinkTypeAndToResource(MariaDBServer.class, "RUN_AS", unixUser));
        });
        streamFromResourceAndLinkTypeAndToResourceClass.getResourcesStream().map(mariaDBServer -> {
            return mariaDBServer.getName();
        }).sorted().distinct().forEach(str -> {
            arrayList.add((commonServicesContext2, changesContext) -> {
                this.logger.info("Processing mariadb server {}", str);
                IPResourceService resourceService = commonServicesContext.getResourceService();
                Optional resourceFindByPk = resourceService.resourceFindByPk(new MariaDBServer(str));
                if (!resourceFindByPk.isPresent()) {
                    this.logger.info("{} is not present. Skipping", str);
                    return;
                }
                MariaDBServer mariaDBServer2 = (MariaDBServer) resourceFindByPk.get();
                if (Strings.isNullOrEmpty(mariaDBServer2.getRootPassword())) {
                    mariaDBServer2.setRootPassword(SecureRandomTools.randomHexString(25));
                    changesContext.resourceUpdate(mariaDBServer2);
                }
                List linkFindAllByFromResourceAndLinkTypeAndToResourceClass = resourceService.linkFindAllByFromResourceAndLinkTypeAndToResourceClass(mariaDBServer2, "RUN_AS", UnixUser.class);
                List linkFindAllByFromResourceAndLinkTypeAndToResourceClass2 = resourceService.linkFindAllByFromResourceAndLinkTypeAndToResourceClass(mariaDBServer2, "INSTALLED_ON", Machine.class);
                ArrayList arrayList2 = new ArrayList();
                this.logger.debug("[{}] Running as {} on {}", str, linkFindAllByFromResourceAndLinkTypeAndToResourceClass, linkFindAllByFromResourceAndLinkTypeAndToResourceClass2);
                MysqlManagerConfig mysqlManagerConfig = new MysqlManagerConfig();
                mysqlManagerConfig.setAdmin(new MysqlManagerConfigAdmin("root", mariaDBServer2.getRootPassword()));
                mysqlManagerConfig.getUsersToIgnore().add(new MysqlManagerConfigUser("root", "localhost"));
                mysqlManagerConfig.getUsersToIgnore().add(new MysqlManagerConfigUser("root", "%"));
                mysqlManagerConfig.getUsersToIgnore().add(new MysqlManagerConfigUser("mariadb.sys", "localhost"));
                HashMap hashMap = new HashMap();
                HashMap hashMap2 = new HashMap();
                Consumer consumer = mariaDBDatabase3 -> {
                    String str = (String) hashMap2.put(mariaDBDatabase3.getName(), mariaDBDatabase3.getUid());
                    if (str != null && !str.equals(mariaDBDatabase3.getUid())) {
                        throw new IllegalUpdateException("That database name " + mariaDBDatabase3.getName() + " is already used on that server");
                    }
                };
                commonServicesContext.getResourceService().linkFindAllByFromResourceClassAndLinkTypeAndToResource(MariaDBDatabase.class, "INSTALLED_ON", mariaDBServer2).forEach(mariaDBDatabase4 -> {
                    String name = mariaDBDatabase4.getName();
                    this.logger.debug("[{}] Has database {}", str, name);
                    mysqlManagerConfig.getDatabases().add(name);
                    consumer.accept(mariaDBDatabase4);
                    commonServicesContext.getResourceService().linkFindAllByFromResourceClassAndLinkTypeAndToResource(MariaDBUser.class, "CAN_ADMIN", mariaDBDatabase4).forEach(mariaDBUser2 -> {
                        this.logger.debug("[{}] Database {} has user {} as ADMIN", str, name, mariaDBUser2.getName());
                        List<String> grantsByUserAndDatabase = getGrantsByUserAndDatabase(hashMap, mariaDBUser2, name);
                        grantsByUserAndDatabase.add("ALTER");
                        grantsByUserAndDatabase.add("CREATE");
                        grantsByUserAndDatabase.add("CREATE ROUTINE");
                        grantsByUserAndDatabase.add("CREATE TEMPORARY TABLES");
                        grantsByUserAndDatabase.add("CREATE VIEW");
                        grantsByUserAndDatabase.add("DROP");
                        grantsByUserAndDatabase.add("EVENT");
                        grantsByUserAndDatabase.add("INDEX");
                        grantsByUserAndDatabase.add("LOCK TABLES");
                        grantsByUserAndDatabase.add("SHOW VIEW");
                        grantsByUserAndDatabase.add("TRIGGER");
                    });
                    commonServicesContext.getResourceService().linkFindAllByFromResourceClassAndLinkTypeAndToResource(MariaDBUser.class, "CAN_READ", mariaDBDatabase4).forEach(mariaDBUser3 -> {
                        this.logger.debug("[{}] Database {} has user {} as READ", str, name, mariaDBUser3.getName());
                        getGrantsByUserAndDatabase(hashMap, mariaDBUser3, name).add("SELECT");
                    });
                    commonServicesContext.getResourceService().linkFindAllByFromResourceClassAndLinkTypeAndToResource(MariaDBUser.class, "CAN_WRITE", mariaDBDatabase4).forEach(mariaDBUser4 -> {
                        this.logger.debug("[{}] Database {} has user {} as WRITE", str, name, mariaDBUser4.getName());
                        List<String> grantsByUserAndDatabase = getGrantsByUserAndDatabase(hashMap, mariaDBUser4, name);
                        grantsByUserAndDatabase.add("INSERT");
                        grantsByUserAndDatabase.add("UPDATE");
                        grantsByUserAndDatabase.add("DELETE");
                    });
                });
                hashMap.values().forEach(mysqlManagerConfigPermission -> {
                    mysqlManagerConfig.getUsersPermissions().add(mysqlManagerConfigPermission);
                });
                if (linkFindAllByFromResourceAndLinkTypeAndToResourceClass.size() > 1) {
                    throw new ProblemException("Cannot run as more than 1 unix user");
                }
                if (linkFindAllByFromResourceAndLinkTypeAndToResourceClass2.size() > 1) {
                    throw new ProblemException("Cannot be installed on multiple machines");
                }
                if (linkFindAllByFromResourceAndLinkTypeAndToResourceClass.size() == 1) {
                    UnixUser unixUser2 = (UnixUser) linkFindAllByFromResourceAndLinkTypeAndToResourceClass.get(0);
                    Application orCreateAnApplication = ActionsHandlerUtils.getOrCreateAnApplication(resourceService, str);
                    arrayList2.add(orCreateAnApplication);
                    orCreateAnApplication.setDescription(mariaDBServer2.getDescription());
                    IPApplicationDefinition iPApplicationDefinition = new IPApplicationDefinition();
                    orCreateAnApplication.setApplicationDefinition(iPApplicationDefinition);
                    iPApplicationDefinition.setFrom("foilen/fcloud-docker-mariadb:" + mariaDBServer2.getVersion());
                    iPApplicationDefinition.addService("app", "/mariadb-start.sh");
                    IPApplicationDefinitionAssetsBundle addAssetsBundle = iPApplicationDefinition.addAssetsBundle();
                    iPApplicationDefinition.addContainerUserToChangeId("mysql", unixUser2.getId());
                    iPApplicationDefinition.addPortEndpoint(3306, "MYSQL_TCP");
                    iPApplicationDefinition.setRunAs(unixUser2.getId());
                    iPApplicationDefinition.addAssetResource("/etc/mysql/conf.d/zInfra.cnf", "/com/foilen/infra/resource/mariadb/config.cnf");
                    if (unixUser2.getHomeFolder() != null) {
                        String str = unixUser2.getHomeFolder() + "/mysql/" + str;
                        iPApplicationDefinition.addVolume(new IPApplicationDefinitionVolume(str + "/data", "/var/lib/mysql", unixUser2.getId(), unixUser2.getId(), "770"));
                        iPApplicationDefinition.addVolume(new IPApplicationDefinitionVolume(str + "/run", "/var/run/mysqld/", unixUser2.getId(), unixUser2.getId(), "770"));
                        iPApplicationDefinition.addVolume(new IPApplicationDefinitionVolume(str + "/config", "/volumes/config/", unixUser2.getId(), unixUser2.getId(), "770"));
                        String rootPassword = mariaDBServer2.getRootPassword();
                        addAssetsBundle.addAssetContent("/newPass", rootPassword);
                        addAssetsBundle.addAssetContent("/newPass.cnf", "[client]\npassword=" + rootPassword);
                    }
                    iPApplicationDefinition.addCopyWhenStartedContent("/manager-config.json", JsonTools.prettyPrint(mysqlManagerConfig));
                    iPApplicationDefinition.addExecuteWhenStartedCommand("/mariadb-update-manager.sh");
                    ActionsHandlerUtils.addOrUpdate(orCreateAnApplication, changesContext);
                    CommonResourceLink.syncToLinks(commonServicesContext, changesContext, orCreateAnApplication, "INSTALLED_ON", Machine.class, linkFindAllByFromResourceAndLinkTypeAndToResourceClass2);
                    CommonResourceLink.syncToLinks(commonServicesContext, changesContext, orCreateAnApplication, "RUN_AS", UnixUser.class, linkFindAllByFromResourceAndLinkTypeAndToResourceClass);
                }
                CommonResourceLink.syncToLinks(commonServicesContext, changesContext, mariaDBServer2, "MANAGES", Application.class, arrayList2);
            });
        });
        return arrayList;
    }

    private List<String> getGrantsByUserAndDatabase(Map<String, MysqlManagerConfigPermission> map, MariaDBUser mariaDBUser, String str) {
        List<String> grants;
        MysqlManagerConfigPermission mysqlManagerConfigPermission = map.get(mariaDBUser.getName());
        if (mysqlManagerConfigPermission == null) {
            mysqlManagerConfigPermission = new MysqlManagerConfigPermission(mariaDBUser.getName(), "%", mariaDBUser.getPassword());
            map.put(mariaDBUser.getName(), mysqlManagerConfigPermission);
        }
        Optional<MysqlManagerConfigDatabaseGrants> findAny = mysqlManagerConfigPermission.getDatabaseGrants().stream().filter(mysqlManagerConfigDatabaseGrants -> {
            return str.equals(mysqlManagerConfigDatabaseGrants.getDatabaseName());
        }).findAny();
        if (findAny.isPresent()) {
            grants = findAny.get().getGrants();
        } else {
            MysqlManagerConfigDatabaseGrants mysqlManagerConfigDatabaseGrants2 = new MysqlManagerConfigDatabaseGrants(str, new String[0]);
            grants = mysqlManagerConfigDatabaseGrants2.getGrants();
            mysqlManagerConfigPermission.getDatabaseGrants().add(mysqlManagerConfigDatabaseGrants2);
        }
        return grants;
    }
}
