package org.yamcs.http.audit;

import com.google.protobuf.Descriptors;
import com.google.protobuf.ListValue;
import com.google.protobuf.Message;
import com.google.protobuf.NullValue;
import com.google.protobuf.Struct;
import com.google.protobuf.Value;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Random;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import org.yamcs.InitException;
import org.yamcs.api.AnnotationsProto;
import org.yamcs.api.FieldBehavior;
import org.yamcs.http.HttpRequestHandler;
import org.yamcs.logging.Log;
import org.yamcs.security.User;
import org.yamcs.utils.TimeEncoding;
import org.yamcs.utils.TimeInterval;
import org.yamcs.utils.parser.ParseException;
import org.yamcs.yarch.DataType;
import org.yamcs.yarch.SqlBuilder;
import org.yamcs.yarch.Stream;
import org.yamcs.yarch.Tuple;
import org.yamcs.yarch.TupleDefinition;
import org.yamcs.yarch.YarchDatabase;
import org.yamcs.yarch.YarchDatabaseInstance;
import org.yamcs.yarch.streamsql.ResultListener;
import org.yamcs.yarch.streamsql.StreamSqlException;

/* loaded from: input_file:org/yamcs/http/audit/AuditLogDb.class */
public class AuditLogDb {
    private static final String TABLE_NAME = "audit_log";
    public static final String CNAME_RECTIME = "rectime";
    public static final String CNAME_SEQNUM = "seqNum";
    public static final String CNAME_USER = "user";
    public static final String CNAME_SERVICE = "service";
    public static final String CNAME_METHOD = "method";
    public static final String CNAME_SUMMARY = "summary";
    public static final String CNAME_REQUEST = "request";
    private Log log;
    private YarchDatabaseInstance ydb;
    private Stream tableStream;
    private static final Random RG = new Random();
    private static final TupleDefinition TDEF = new TupleDefinition();
    private static final DataType STRUCT_TYPE = DataType.protobuf(Struct.class.getName());
    private AtomicInteger seqNumSequence = new AtomicInteger();
    private ReadWriteLock rwlock = new ReentrantReadWriteLock();

    public AuditLogDb(String str) throws InitException {
        this.log = new Log(AuditLog.class, str);
        this.ydb = YarchDatabase.getInstance(str);
        try {
            if (this.ydb.getTable(TABLE_NAME) == null) {
                this.ydb.execute("create table audit_log(" + TDEF.getStringDefinition1() + ", primary key(rectime, seqNum))", new Object[0]);
            }
            if (this.ydb.getStream("audit_log_in") == null) {
                this.ydb.execute("create stream " + "audit_log_in" + TDEF.getStringDefinition(), new Object[0]);
            }
            this.ydb.execute("upsert into audit_log select * from " + "audit_log_in", new Object[0]);
            this.tableStream = this.ydb.getStream("audit_log_in");
        } catch (ParseException | StreamSqlException e) {
            throw new InitException(e);
        }
    }

    public void addRecord(Descriptors.MethodDescriptor methodDescriptor, Message message, User user, String str) {
        this.log.info("{}.{}: {}", methodDescriptor.getService().getName(), methodDescriptor.getName(), str);
        this.rwlock.writeLock().lock();
        try {
            Tuple tuple = new Tuple();
            tuple.addColumn("rectime", TimeEncoding.getWallclockTime());
            tuple.addColumn("seqNum", this.seqNumSequence.getAndIncrement());
            tuple.addColumn(CNAME_SERVICE, methodDescriptor.getService().getName());
            tuple.addColumn(CNAME_METHOD, methodDescriptor.getName());
            tuple.addColumn("user", user.getName());
            tuple.addColumn(CNAME_SUMMARY, str);
            tuple.addColumn(CNAME_REQUEST, STRUCT_TYPE, toStruct(message));
            this.tableStream.emitTuple(tuple);
            this.rwlock.writeLock().unlock();
        } catch (Throwable th) {
            this.rwlock.writeLock().unlock();
            throw th;
        }
    }

    public void listRecords(final int i, String str, AuditRecordFilter auditRecordFilter, final AuditRecordListener auditRecordListener) {
        this.rwlock.readLock().lock();
        try {
            try {
                SqlBuilder sqlBuilder = new SqlBuilder(TABLE_NAME);
                sqlBuilder.select(HttpRequestHandler.ANY_PATH);
                TimeInterval timeInterval = auditRecordFilter.getTimeInterval();
                if (timeInterval.hasEnd()) {
                    sqlBuilder.where("rectime < ?", Long.valueOf(timeInterval.getEnd()));
                }
                if (timeInterval.hasStart()) {
                    sqlBuilder.where("rectime > ?", Long.valueOf(timeInterval.getStart()));
                }
                if (!auditRecordFilter.getServices().isEmpty()) {
                    sqlBuilder.whereColIn(CNAME_SERVICE, auditRecordFilter.getServices());
                }
                if (auditRecordFilter.getSearch() != null) {
                    sqlBuilder.where("summary like ?", "%" + auditRecordFilter.getSearch() + "%");
                }
                sqlBuilder.descend(true);
                sqlBuilder.limit(i + 1);
                this.ydb.execute(this.ydb.createStatement(sqlBuilder.toString(), sqlBuilder.getQueryArguments().toArray()), new ResultListener() { // from class: org.yamcs.http.audit.AuditLogDb.1
                    int count = 0;

                    @Override // org.yamcs.yarch.streamsql.ResultListener
                    public void next(Tuple tuple) {
                        if (this.count < i) {
                            auditRecordListener.next(new AuditRecord(tuple));
                        }
                        this.count++;
                    }

                    @Override // org.yamcs.yarch.streamsql.ResultListener
                    public void completeExceptionally(Throwable th) {
                        auditRecordListener.completeExceptionally(th);
                    }

                    @Override // org.yamcs.yarch.streamsql.ResultListener
                    public void complete() {
                        if (this.count == i) {
                            auditRecordListener.complete(AuditLogDb.getRandomToken());
                        } else {
                            auditRecordListener.complete(null);
                        }
                    }
                });
                this.rwlock.readLock().unlock();
            } catch (ParseException | StreamSqlException e) {
                throw new RuntimeException(e);
            }
        } catch (Throwable th) {
            this.rwlock.readLock().unlock();
            throw th;
        }
    }

    private static Struct toStruct(Message message) {
        Struct.Builder newBuilder = Struct.newBuilder();
        for (Map.Entry entry : message.getAllFields().entrySet()) {
            Descriptors.FieldDescriptor fieldDescriptor = (Descriptors.FieldDescriptor) entry.getKey();
            if (((List) fieldDescriptor.getOptions().getExtension(AnnotationsProto.fieldBehavior)).contains(FieldBehavior.SECRET)) {
                newBuilder.putFields(fieldDescriptor.getName(), toValue("***"));
            } else {
                newBuilder.putFields(fieldDescriptor.getName(), toValue(entry.getValue()));
            }
        }
        return newBuilder.build();
    }

    private static ListValue toListValue(List<?> list) {
        ListValue.Builder newBuilder = ListValue.newBuilder();
        Iterator<?> it = list.iterator();
        while (it.hasNext()) {
            newBuilder.addValues(toValue(it.next()));
        }
        return newBuilder.build();
    }

    private static Value toValue(Object obj) {
        return obj == null ? Value.newBuilder().setNullValue(NullValue.NULL_VALUE).build() : obj instanceof Boolean ? Value.newBuilder().setBoolValue(((Boolean) obj).booleanValue()).build() : obj instanceof Float ? Value.newBuilder().setNumberValue(((Float) obj).floatValue()).build() : obj instanceof Double ? Value.newBuilder().setNumberValue(((Double) obj).doubleValue()).build() : obj instanceof Byte ? Value.newBuilder().setNumberValue(((Byte) obj).byteValue()).build() : obj instanceof Short ? Value.newBuilder().setNumberValue(((Short) obj).shortValue()).build() : obj instanceof Integer ? Value.newBuilder().setNumberValue(((Integer) obj).intValue()).build() : obj instanceof List ? Value.newBuilder().setListValue(toListValue((List) obj)).build() : obj instanceof Message ? Value.newBuilder().setStructValue(toStruct((Message) obj)).build() : Value.newBuilder().setStringValue(obj.toString()).build();
    }

    private static String getRandomToken() {
        byte[] bArr = new byte[16];
        RG.nextBytes(bArr);
        return Base64.getUrlEncoder().withoutPadding().encodeToString(bArr);
    }

    static {
        TDEF.addColumn("rectime", DataType.TIMESTAMP);
        TDEF.addColumn("seqNum", DataType.INT);
        TDEF.addColumn("user", DataType.STRING);
        TDEF.addColumn(CNAME_SERVICE, DataType.STRING);
        TDEF.addColumn(CNAME_METHOD, DataType.STRING);
        TDEF.addColumn(CNAME_SUMMARY, DataType.STRING);
        TDEF.addColumn(CNAME_REQUEST, STRUCT_TYPE);
    }
}
