package org.apache.geode.rest.internal.web.controllers;

import com.fasterxml.jackson.core.JsonLocation;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.geode.cache.query.FunctionDomainException;
import org.apache.geode.cache.query.NameResolutionException;
import org.apache.geode.cache.query.Query;
import org.apache.geode.cache.query.QueryExecutionLowMemoryException;
import org.apache.geode.cache.query.QueryExecutionTimeoutException;
import org.apache.geode.cache.query.QueryInvalidException;
import org.apache.geode.cache.query.QueryInvocationTargetException;
import org.apache.geode.cache.query.TypeMismatchException;
import org.apache.geode.cache.query.internal.DefaultQuery;
import org.apache.geode.logging.internal.log4j.api.LogService;
import org.apache.geode.rest.internal.web.exception.GemfireRestException;
import org.apache.geode.rest.internal.web.exception.ResourceNotFoundException;
import org.apache.geode.rest.internal.web.util.JSONUtils;
import org.apache.geode.rest.internal.web.util.ValidationUtils;
import org.apache.logging.log4j.Logger;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.util.MultiValueMap;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;

@Api(value = "queries", description = "Rest api for geode query execution", produces = "application/json", tags = {"queries"})
@RequestMapping({"/v1/queries"})
@Controller("queryController")
/* loaded from: input_file:WEB-INF/classes/org/apache/geode/rest/internal/web/controllers/QueryAccessController.class */
public class QueryAccessController extends AbstractBaseController {
    private static final Logger logger = LogService.getLogger();
    static final String PARAMETERIZED_QUERIES_REGION = "__ParameterizedQueries__";
    private final ConcurrentHashMap<String, DefaultQuery> compiledQueries = new ConcurrentHashMap<>();
    static final String REST_API_VERSION = "/v1";

    @Override // org.apache.geode.rest.internal.web.controllers.AbstractBaseController
    protected String getRestApiVersion() {
        return REST_API_VERSION;
    }

    @RequestMapping(method = {RequestMethod.GET}, produces = {MediaType.APPLICATION_JSON_UTF8_VALUE})
    @ApiResponses({@ApiResponse(code = 200, message = "OK."), @ApiResponse(code = 401, message = "Invalid Username or Password."), @ApiResponse(code = 403, message = "Insufficient privileges for operation."), @ApiResponse(code = JsonLocation.MAX_CONTENT_SNIPPET, message = "if GemFire throws an error or exception")})
    @ApiOperation(value = "list all parametrized queries", notes = "List all parametrized queries by id/name")
    @ResponseStatus(HttpStatus.OK)
    @PreAuthorize("@securityService.authorize('DATA', 'READ')")
    @ResponseBody
    public ResponseEntity<?> list() {
        logger.debug("Listing all parametrized Queries in GemFire...");
        String formulateJsonForListQueriesCall = JSONUtils.formulateJsonForListQueriesCall(getQueryStore(PARAMETERIZED_QUERIES_REGION));
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setLocation(toUri("queries"));
        return new ResponseEntity<>(formulateJsonForListQueriesCall, (MultiValueMap<String, String>) httpHeaders, HttpStatus.OK);
    }

    @RequestMapping(method = {RequestMethod.POST})
    @ApiResponses({@ApiResponse(code = 201, message = "Successfully created."), @ApiResponse(code = 401, message = "Invalid Username or Password."), @ApiResponse(code = 403, message = "Insufficient privileges for operation."), @ApiResponse(code = 409, message = "QueryId already assigned to other query."), @ApiResponse(code = JsonLocation.MAX_CONTENT_SNIPPET, message = "GemFire throws an error or exception.")})
    @ApiOperation(value = "create a parametrized Query", notes = "Prepare the specified parametrized query and assign the corresponding ID for lookup")
    @PreAuthorize("@securityService.authorize('DATA', 'READ')")
    public ResponseEntity<?> create(@RequestParam("id") String str, @RequestParam(value = "q", required = false) String str2, @RequestBody(required = false) String str3) {
        String validateQuery = validateQuery(str2, str3);
        logger.debug("Creating a named, parametrized Query ({}) with ID ({})...", validateQuery, str);
        String str4 = (String) createNamedQuery(PARAMETERIZED_QUERIES_REGION, str, validateQuery);
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setLocation(toUri("queries", str));
        if (str4 == null) {
            return new ResponseEntity<>((MultiValueMap<String, String>) httpHeaders, HttpStatus.CREATED);
        }
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        return new ResponseEntity<>(JSONUtils.formulateJsonForExistingQuery(str, str4), (MultiValueMap<String, String>) httpHeaders, HttpStatus.CONFLICT);
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/adhoc"}, produces = {MediaType.APPLICATION_JSON_UTF8_VALUE})
    @ApiResponses({@ApiResponse(code = 200, message = "OK."), @ApiResponse(code = 401, message = "Invalid Username or Password."), @ApiResponse(code = 403, message = "Insufficient privileges for operation."), @ApiResponse(code = JsonLocation.MAX_CONTENT_SNIPPET, message = "GemFire throws an error or exception")})
    @ApiOperation(value = "run an adhoc query", notes = "Run an unnamed (unidentified), ad-hoc query passed as a URL parameter")
    @ResponseStatus(HttpStatus.OK)
    @PreAuthorize("@securityService.authorize('DATA', 'READ')")
    @ResponseBody
    public ResponseEntity<String> runAdhocQuery(@RequestParam("q") String str) {
        logger.debug("Running an adhoc Query ({})...", str);
        Query newQuery = getQueryService().newQuery(decode(str));
        try {
            return processQueryResponse(newQuery, null, newQuery.execute());
        } catch (IllegalArgumentException e) {
            throw new GemfireRestException(" The number of bound parameters does not match the number of placeholders!", e);
        } catch (TypeMismatchException e2) {
            throw new GemfireRestException("Bind parameter is not of the expected type!", e2);
        } catch (NameResolutionException e3) {
            throw new GemfireRestException("Name in the query cannot be resolved!", e3);
        } catch (FunctionDomainException e4) {
            throw new GemfireRestException("A function was applied to a parameter that is improper for that function!", e4);
        } catch (QueryExecutionLowMemoryException e5) {
            throw new GemfireRestException("Query execution gets canceled due to low memory conditions and the resource manager critical heap percentage has been set!", e5);
        } catch (IllegalStateException e6) {
            throw new GemfireRestException("Query is not permitted on this type of region!", e6);
        } catch (QueryExecutionTimeoutException e7) {
            throw new GemfireRestException("Query execution time is exceeded max query execution time (gemfire.Cache.MAX_QUERY_EXECUTION_TIME) configured! ", e7);
        } catch (QueryInvocationTargetException e8) {
            throw new GemfireRestException("Data referenced in from clause is not available for querying!", e8);
        } catch (Exception e9) {
            throw new GemfireRestException(e9.getMessage(), e9);
        }
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/{query}"}, produces = {"application/json"})
    @ApiResponses({@ApiResponse(code = 200, message = "Query successfully executed."), @ApiResponse(code = 401, message = "Invalid Username or Password."), @ApiResponse(code = 403, message = "Insufficient privileges for operation."), @ApiResponse(code = 400, message = "Query bind params specified as JSON document in the request body is invalid"), @ApiResponse(code = JsonLocation.MAX_CONTENT_SNIPPET, message = "GemFire throws an error or exception")})
    @ApiOperation(value = "run parametrized query", notes = "run the specified named query passing in scalar values for query parameters in the GemFire cluster")
    @ResponseStatus(HttpStatus.OK)
    @PreAuthorize("@securityService.authorize('DATA', 'READ')")
    @ResponseBody
    public ResponseEntity<String> runNamedQuery(@PathVariable("query") String str, @RequestBody String str2) {
        logger.debug("Running named Query with ID ({})...", str);
        String decode = decode(str);
        if (str2 == null) {
            throw new GemfireRestException(" Bind params either not specified or not processed properly by the server!");
        }
        Object[] jsonToObjectArray = jsonToObjectArray(str2);
        DefaultQuery defaultQuery = (Query) this.compiledQueries.get(decode);
        if (defaultQuery == null) {
            String str3 = (String) getQueryStore(PARAMETERIZED_QUERIES_REGION).get(decode);
            ValidationUtils.returnValueThrowOnNull(str3, new ResourceNotFoundException(String.format("No Query with ID (%1$s) was found!", decode)));
            try {
                defaultQuery = getQueryService().newQuery(str3);
                this.compiledQueries.putIfAbsent(decode, defaultQuery);
            } catch (QueryInvalidException e) {
                throw new GemfireRestException("Syntax of the OQL queryString is invalid!", e);
            }
        }
        try {
            return processQueryResponse(defaultQuery, jsonToObjectArray, defaultQuery.execute(jsonToObjectArray));
        } catch (QueryExecutionLowMemoryException e2) {
            throw new GemfireRestException("Query gets canceled due to low memory conditions and the resource manager critical heap percentage has been set!", e2);
        } catch (QueryExecutionTimeoutException e3) {
            throw new GemfireRestException("Query execution time is exceeded  max query execution time (gemfire.Cache.MAX_QUERY_EXECUTION_TIME) configured!", e3);
        } catch (TypeMismatchException e4) {
            throw new GemfireRestException("Bind parameter is not of the expected type!", e4);
        } catch (Exception e5) {
            throw new GemfireRestException("Error encountered while executing named query!", e5);
        } catch (QueryInvocationTargetException e6) {
            throw new GemfireRestException("Data referenced in from clause is not available for querying!", e6);
        } catch (NameResolutionException e7) {
            throw new GemfireRestException("Name in the query cannot be resolved!", e7);
        } catch (FunctionDomainException e8) {
            throw new GemfireRestException("A function was applied to a parameter that is improper for that function!", e8);
        } catch (IllegalArgumentException e9) {
            throw new GemfireRestException(" The number of bound parameters does not match the number of placeholders!", e9);
        } catch (IllegalStateException e10) {
            throw new GemfireRestException("Query is not permitted on this type of region!", e10);
        }
    }

    @RequestMapping(method = {RequestMethod.PUT}, value = {"/{query}"})
    @ApiResponses({@ApiResponse(code = 200, message = "Updated successfully."), @ApiResponse(code = 401, message = "Invalid Username or Password."), @ApiResponse(code = 403, message = "Insufficient privileges for operation."), @ApiResponse(code = 404, message = "queryId does not exist."), @ApiResponse(code = JsonLocation.MAX_CONTENT_SNIPPET, message = "GemFire throws an error or exception.")})
    @ApiOperation(value = "update parametrized query", notes = "Update named, parametrized query by ID")
    @PreAuthorize("@securityService.authorize('DATA', 'READ')")
    public ResponseEntity<?> update(@PathVariable("query") String str, @RequestParam(value = "q", required = false) String str2, @RequestBody(required = false) String str3) {
        String validateQuery = validateQuery(str2, str3);
        logger.debug("Updating a named, parametrized Query ({}) with ID ({})...", validateQuery, str);
        checkForQueryIdExist(PARAMETERIZED_QUERIES_REGION, str);
        updateNamedQuery(PARAMETERIZED_QUERIES_REGION, str, validateQuery);
        this.compiledQueries.remove(str);
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @RequestMapping(method = {RequestMethod.DELETE}, value = {"/{query}"})
    @ApiResponses({@ApiResponse(code = 200, message = "Deleted successfully."), @ApiResponse(code = 401, message = "Invalid Username or Password."), @ApiResponse(code = 403, message = "Insufficient privileges for operation."), @ApiResponse(code = 404, message = "queryId does not exist."), @ApiResponse(code = JsonLocation.MAX_CONTENT_SNIPPET, message = "GemFire throws an error or exception")})
    @ApiOperation(value = "delete parametrized query", notes = "delete named, parametrized query by ID")
    @PreAuthorize("@securityService.authorize('DATA', 'WRITE')")
    public ResponseEntity<?> delete(@PathVariable("query") String str) {
        logger.debug("Deleting a named, parametrized Query with ID ({}).", str);
        deleteNamedQuery(PARAMETERIZED_QUERIES_REGION, str);
        this.compiledQueries.remove(str);
        return new ResponseEntity<>(HttpStatus.OK);
    }
}
