package io.camunda.tasklist.webapp.api.rest.v1.controllers;

import io.camunda.tasklist.property.TasklistProperties;
import io.camunda.tasklist.queries.TaskByCandidateUserOrGroup;
import io.camunda.tasklist.util.LazySupplier;
import io.camunda.tasklist.webapp.api.rest.v1.entities.SaveVariablesRequest;
import io.camunda.tasklist.webapp.api.rest.v1.entities.TaskAssignRequest;
import io.camunda.tasklist.webapp.api.rest.v1.entities.TaskCompleteRequest;
import io.camunda.tasklist.webapp.api.rest.v1.entities.TaskResponse;
import io.camunda.tasklist.webapp.api.rest.v1.entities.TaskSearchRequest;
import io.camunda.tasklist.webapp.api.rest.v1.entities.TaskSearchResponse;
import io.camunda.tasklist.webapp.api.rest.v1.entities.VariableSearchResponse;
import io.camunda.tasklist.webapp.api.rest.v1.entities.VariablesSearchRequest;
import io.camunda.tasklist.webapp.dto.TaskDTO;
import io.camunda.tasklist.webapp.dto.TaskQueryDTO;
import io.camunda.tasklist.webapp.dto.VariableInputDTO;
import io.camunda.tasklist.webapp.mapper.TaskMapper;
import io.camunda.tasklist.webapp.rest.exception.Error;
import io.camunda.tasklist.webapp.rest.exception.ForbiddenActionException;
import io.camunda.tasklist.webapp.rest.exception.InvalidRequestException;
import io.camunda.tasklist.webapp.security.TasklistAuthenticationUtil;
import io.camunda.tasklist.webapp.security.TasklistURIs;
import io.camunda.tasklist.webapp.security.UserReader;
import io.camunda.tasklist.webapp.security.identity.IdentityAuthorizationService;
import io.camunda.tasklist.webapp.security.permission.TasklistPermissionServices;
import io.camunda.tasklist.webapp.service.TaskService;
import io.camunda.tasklist.webapp.service.VariableService;
import io.camunda.webapps.schema.entities.tasklist.TaskEntity;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.collections4.CollectionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping(value = {TasklistURIs.TASKS_URL_V1}, produces = {"application/json"})
@Tag(name = "Task", description = "API to query and manage tasks.")
@RestController
/* loaded from: input_file:io/camunda/tasklist/webapp/api/rest/v1/controllers/TaskController.class */
public class TaskController extends ApiErrorController {
    private static final Logger LOGGER = LoggerFactory.getLogger(TaskController.class);
    private static final String ZEEBE_USER_TASK_OPERATIONS_NOT_SUPPORTED = "This operation is not supported using Tasklist V1 API. Please use the latest API. For more information, refer to the documentation: %s";
    private static final String USER_DOES_NOT_HAVE_ACCESS_TO_THIS_TASK_ERROR = "User does not have permission to perform on this task.";

    @Autowired
    private TaskService taskService;

    @Autowired
    private VariableService variableService;

    @Autowired
    private TaskMapper taskMapper;

    @Autowired
    private UserReader userReader;

    @Autowired
    private IdentityAuthorizationService identityAuthorizationService;

    @Autowired
    private TasklistProperties tasklistProperties;

    @Autowired
    private TasklistPermissionServices permissionServices;

    @PostMapping({"search"})
    @Operation(summary = "Search tasks", description = "Returns the list of tasks that satisfy search request params.<br><ul><li>If an empty body is provided, all tasks are returned.</li><li>Only one of `[searchAfter, searchAfterOrEqual, searchBefore, searchBeforeOrEqual]` search options must be present in request.</li></ul>", responses = {@ApiResponse(description = "On success returned.", responseCode = "200", useReturnTypeSchema = true), @ApiResponse(description = "An error is returned when more than one search parameters among `[searchAfter, searchAfterOrEqual, searchBefore, searchBeforeOrEqual]` are present in request", responseCode = "400", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))})})
    public ResponseEntity<List<TaskSearchResponse>> searchTasks(@RequestBody(required = false) TaskSearchRequest taskSearchRequest) {
        TaskQueryDTO taskQuery = this.taskMapper.toTaskQuery((TaskSearchRequest) Objects.requireNonNullElse(taskSearchRequest, new TaskSearchRequest()));
        if (this.tasklistProperties.getIdentity() != null && this.tasklistProperties.getIdentity().isUserAccessRestrictionsEnabled()) {
            List<String> userGroups = this.identityAuthorizationService.getUserGroups();
            if (!userGroups.contains("")) {
                String userId = this.userReader.getCurrentUser().getUserId();
                TaskByCandidateUserOrGroup taskByCandidateUserOrGroup = new TaskByCandidateUserOrGroup();
                taskByCandidateUserOrGroup.setUserGroups((String[]) userGroups.toArray(i -> {
                    return new String[i];
                }));
                taskByCandidateUserOrGroup.setUserName(userId);
                taskQuery.setTaskByCandidateUserOrGroup(taskByCandidateUserOrGroup);
            }
        }
        Map.of(TaskMapper.TASK_DESCRIPTION, false);
        HashMap hashMap = new HashMap();
        hashMap.put(TaskMapper.TASK_DESCRIPTION, false);
        hashMap.putAll((Map) Optional.ofNullable(taskSearchRequest).map((v0) -> {
            return v0.getIncludeVariables();
        }).map(includeVariableArr -> {
            return (Map) Arrays.stream(includeVariableArr).collect(Collectors.toMap((v0) -> {
                return v0.getName();
            }, (v0) -> {
                return v0.isAlwaysReturnFullValue();
            }));
        }).orElse(Collections.emptyMap()));
        Stream<TaskDTO> stream = this.taskService.getTasks(taskQuery, hashMap.keySet(), hashMap.entrySet().stream().anyMatch((v0) -> {
            return v0.getValue();
        })).stream();
        TaskMapper taskMapper = this.taskMapper;
        Objects.requireNonNull(taskMapper);
        List list = (List) stream.map(taskMapper::toTaskSearchResponse).collect(Collectors.toList());
        list.stream().map((v0) -> {
            return v0.getVariables();
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).flatMap((v0) -> {
            return Arrays.stream(v0);
        }).forEach(variableSearchResponse -> {
            unsetBigVariableValuesIfNeeded(variableSearchResponse, hashMap);
        });
        return ResponseEntity.ok(list);
    }

    private void unsetBigVariableValuesIfNeeded(VariableSearchResponse variableSearchResponse, Map<String, Boolean> map) {
        boolean booleanValue = ((Boolean) Optional.ofNullable(map.get(variableSearchResponse.getName())).orElse(false)).booleanValue();
        if (variableSearchResponse.getIsValueTruncated() && !booleanValue) {
            variableSearchResponse.resetValue();
        }
        VariableSearchResponse.DraftSearchVariableValue draft = variableSearchResponse.getDraft();
        if (draft == null || !draft.getIsValueTruncated() || booleanValue) {
            return;
        }
        draft.resetValue();
    }

    @GetMapping({"{taskId}"})
    @Operation(summary = "Get a task", description = "Get one task by id. Returns task or error when task does not exist.", responses = {@ApiResponse(description = "On success returned.", responseCode = "200", useReturnTypeSchema = true), @ApiResponse(description = "An error is returned when the task with the `taskId` is not found.", responseCode = "404", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))}), @ApiResponse(description = "User has no permission to access the task (Self-managed only).", responseCode = "403", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))})})
    public ResponseEntity<TaskResponse> getTaskById(@PathVariable @Parameter(description = "The ID of the task.", required = true) String str) {
        LazySupplier<TaskDTO> taskSupplier = getTaskSupplier(str);
        if (!isUserRestrictionEnabled() || hasAccessToTask(taskSupplier)) {
            return ResponseEntity.ok(this.taskMapper.toTaskResponse((TaskDTO) taskSupplier.get()));
        }
        throw new ForbiddenActionException(USER_DOES_NOT_HAVE_ACCESS_TO_THIS_TASK_ERROR);
    }

    private void checkTaskImplementation(LazySupplier<TaskDTO> lazySupplier) {
        if (((TaskDTO) lazySupplier.get()).getImplementation() == TaskEntity.TaskImplementation.JOB_WORKER || !TasklistAuthenticationUtil.isApiUser()) {
            return;
        }
        TaskDTO taskDTO = (TaskDTO) lazySupplier.get();
        LOGGER.warn("V1 API is used for task with id={} implementation={}", taskDTO.getId(), taskDTO.getImplementation());
        throw new InvalidRequestException(String.format(ZEEBE_USER_TASK_OPERATIONS_NOT_SUPPORTED, this.tasklistProperties.getDocumentation().getApiMigrationDocsUrl()));
    }

    private boolean hasAccessToTask(LazySupplier<TaskDTO> lazySupplier) {
        String userId = this.userReader.getCurrentUser().getUserId();
        List<String> userGroups = this.identityAuthorizationService.getUserGroups();
        TaskDTO taskDTO = (TaskDTO) lazySupplier.get();
        boolean z = taskDTO.getCandidateUsers() == null && taskDTO.getCandidateGroups() == null;
        return (taskDTO.getCandidateUsers() != null && Arrays.asList(taskDTO.getCandidateUsers()).contains(userId)) || (taskDTO.getAssignee() != null && taskDTO.getAssignee().equals(userId)) || (taskDTO.getCandidateGroups() != null && !Collections.disjoint(Arrays.asList(taskDTO.getCandidateGroups()), userGroups)) || z || userGroups.contains("");
    }

    @PatchMapping({"{taskId}/assign"})
    @Operation(summary = "Assign a task", description = "Assign a task with `taskId` to `assignee` or the active user. Returns the task.", requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody(description = "When using REST API with JWT authentication token following request body parameters may be used."), responses = {@ApiResponse(description = "On success returned.", responseCode = "200", useReturnTypeSchema = true), @ApiResponse(description = "An error is returned when the task is not active (not in the CREATED state).<br>An error is returned when task was already assigned, except the case when JWT authentication token used and `allowOverrideAssignment = true`.", responseCode = "400", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))}), @ApiResponse(description = "An error is returned when user doesn't have the permission to assign another user to this task.", responseCode = "403", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))}), @ApiResponse(description = "An error is returned when the task with the `taskId` is not found.", responseCode = "404", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))})})
    public ResponseEntity<TaskResponse> assignTask(@PathVariable @Parameter(description = "The ID of the task.", required = true) String str, @RequestBody(required = false) TaskAssignRequest taskAssignRequest) {
        checkTaskImplementation(getTaskSupplier(str));
        TaskAssignRequest taskAssignRequest2 = (TaskAssignRequest) Objects.requireNonNullElse(taskAssignRequest, new TaskAssignRequest());
        return ResponseEntity.ok(this.taskMapper.toTaskResponse(this.taskService.assignTask(str, taskAssignRequest2.getAssignee(), Boolean.valueOf(taskAssignRequest2.isAllowOverrideAssignment()))));
    }

    @PatchMapping({"{taskId}/unassign"})
    @Operation(summary = "Unassign a task", description = "Unassign a task with `taskId`. Returns the task.", responses = {@ApiResponse(description = "On success returned.", responseCode = "200", useReturnTypeSchema = true), @ApiResponse(description = "An error is returned when the task is not active (not in the CREATED state).<br>An error is returned if the task was not claimed (assigned) before.", responseCode = "400", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))}), @ApiResponse(description = "An error is returned when the task with the `taskId` is not found.", responseCode = "404", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))})})
    public ResponseEntity<TaskResponse> unassignTask(@PathVariable @Parameter(description = "The ID of the task.", required = true) String str) {
        checkTaskImplementation(getTaskSupplier(str));
        return ResponseEntity.ok(this.taskMapper.toTaskResponse(this.taskService.unassignTask(str)));
    }

    @PatchMapping({"{taskId}/complete"})
    @Operation(summary = "Complete a task", description = "Complete a task with `taskId` and optional `variables`. Returns the task.", responses = {@ApiResponse(description = "On success returned.", responseCode = "200", useReturnTypeSchema = true), @ApiResponse(description = "An error is returned when the task is not active (not in the CREATED state).<br>An error is returned if the task was not claimed (assigned) before.<br>An error is returned if the task is not assigned to the current user.", responseCode = "400", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))}), @ApiResponse(description = "User has no permission to access the task (Self-managed only).", responseCode = "403", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))}), @ApiResponse(description = "An error is returned when the task with the `taskId` is not found.", responseCode = "404", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))})})
    public ResponseEntity<TaskResponse> completeTask(@PathVariable @Parameter(description = "The ID of the task.", required = true) String str, @RequestBody(required = false) TaskCompleteRequest taskCompleteRequest) {
        List<VariableInputDTO> variables = ((TaskCompleteRequest) Objects.requireNonNullElse(taskCompleteRequest, new TaskCompleteRequest())).getVariables();
        LazySupplier<TaskDTO> taskSupplier = getTaskSupplier(str);
        checkTaskImplementation(taskSupplier);
        if (isUserRestrictionEnabled() && !hasAccessToTask(taskSupplier)) {
            throw new ForbiddenActionException(USER_DOES_NOT_HAVE_ACCESS_TO_THIS_TASK_ERROR);
        }
        return ResponseEntity.ok(this.taskMapper.toTaskResponse(this.taskService.completeTask(str, variables, true)));
    }

    private boolean isUserRestrictionEnabled() {
        if (this.tasklistProperties.getIdentity() != null) {
            return this.tasklistProperties.getIdentity().isUserAccessRestrictionsEnabled();
        }
        return false;
    }

    @PostMapping({"{taskId}/variables"})
    @Operation(summary = "Save draft variables", description = "This operation performs several actions: <br/><ol><li>Validates the task and draft variables.</li><li>Deletes existing draft variables for the task.</li><li>Checks for new draft variables. If a new variable's `name` matches an existing one but the `value` differs, it is saved. In case of duplicate draft variable names, the last variable's value is kept.</li></ol><b>NOTE:</b><ul><li>Invoking this method successively will overwrite all existing draft variables. Only draft variables submitted in the most recent request body will be persisted. Therefore, ensure you include all necessary variables in each request to maintain the intended variable set.</li><li>The UI does not currently display the values for draft variables that are created via this endpoint.</li></ul>", responses = {@ApiResponse(responseCode = "204", description = "On success returned.", content = {@Content(mediaType = "*/*")}), @ApiResponse(responseCode = "400", description = "An error is returned when the task is not active (not in the `CREATED` state).<br/>An error is returned if the task was not claimed (assigned) before, except the case when JWT authentication token used.<br/>An error is returned if the task is not assigned to the current user, except the case when JWT authentication token used.", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))}), @ApiResponse(responseCode = "404", description = "An error is returned when the task with the `taskId` is not found.", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))}), @ApiResponse(responseCode = "500", description = "An error is returned if an unexpected error occurs while persisting draft task variables.", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))})})
    public ResponseEntity<Void> saveDraftTaskVariables(@PathVariable @Parameter(description = "The ID of the task.", required = true) String str, @RequestBody SaveVariablesRequest saveVariablesRequest) {
        LazySupplier<TaskDTO> taskSupplier = getTaskSupplier(str);
        if (!this.permissionServices.hasPermissionToUpdateUserTask(TaskDTO.toTaskEntity((TaskDTO) taskSupplier.get())) || (isUserRestrictionEnabled() && !hasAccessToTask(taskSupplier))) {
            throw new ForbiddenActionException(USER_DOES_NOT_HAVE_ACCESS_TO_THIS_TASK_ERROR);
        }
        this.variableService.persistDraftTaskVariables(str, saveVariablesRequest.getVariables());
        return ResponseEntity.noContent().build();
    }

    @PostMapping({"{taskId}/variables/search"})
    @Operation(summary = "Search task variables", description = "This method returns a list of task variables for the specified `taskId` and `variableName`.<br>If the request body is not provided or if the `variableNames` parameter in the request is empty, all variables associated with the task will be returned.", responses = {@ApiResponse(description = "On success returned.", responseCode = "200", useReturnTypeSchema = true), @ApiResponse(description = "An error is returned when the task with the `taskId` is not found.", responseCode = "404", content = {@Content(mediaType = "application/problem+json", schema = @Schema(implementation = Error.class))})})
    public ResponseEntity<List<VariableSearchResponse>> searchTaskVariables(@PathVariable @Parameter(description = "The ID of the task.", required = true) String str, @RequestBody(required = false) VariablesSearchRequest variablesSearchRequest) {
        Map emptyMap;
        if (variablesSearchRequest == null) {
            emptyMap = Collections.emptyMap();
        } else {
            if (CollectionUtils.isNotEmpty(variablesSearchRequest.getVariableNames()) && CollectionUtils.isNotEmpty(variablesSearchRequest.getIncludeVariables())) {
                throw new InvalidRequestException("Only one of [variableNames, includeVariables] must be present in request.");
            }
            emptyMap = CollectionUtils.isNotEmpty(variablesSearchRequest.getVariableNames()) ? (Map) variablesSearchRequest.getVariableNames().stream().collect(Collectors.toMap(Function.identity(), str2 -> {
                return false;
            })) : CollectionUtils.isNotEmpty(variablesSearchRequest.getIncludeVariables()) ? (Map) variablesSearchRequest.getIncludeVariables().stream().collect(Collectors.toMap((v0) -> {
                return v0.getName();
            }, (v0) -> {
                return v0.isAlwaysReturnFullValue();
            })) : Collections.emptyMap();
        }
        List<VariableSearchResponse> variableSearchResponses = this.variableService.getVariableSearchResponses(str, emptyMap.keySet());
        Map map = emptyMap;
        variableSearchResponses.forEach(variableSearchResponse -> {
            unsetBigVariableValuesIfNeeded(variableSearchResponse, map);
        });
        return ResponseEntity.ok(variableSearchResponses);
    }

    private LazySupplier<TaskDTO> getTaskSupplier(String str) {
        return LazySupplier.of(() -> {
            return this.taskService.getTask(str);
        });
    }
}
