package org.thingsboard.server.controller;

import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.ArraySchema;
import io.swagger.v3.oas.annotations.media.Schema;
import java.beans.ConstructorProperties;
import java.util.Collections;
import java.util.EnumSet;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.io.ByteArrayResource;
import org.springframework.http.CacheControl;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.thingsboard.server.common.data.ResourceSubType;
import org.thingsboard.server.common.data.ResourceType;
import org.thingsboard.server.common.data.TbResource;
import org.thingsboard.server.common.data.TbResourceDeleteResult;
import org.thingsboard.server.common.data.TbResourceInfo;
import org.thingsboard.server.common.data.TbResourceInfoFilter;
import org.thingsboard.server.common.data.exception.ThingsboardException;
import org.thingsboard.server.common.data.id.TbResourceId;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.lwm2m.LwM2mObject;
import org.thingsboard.server.common.data.page.PageData;
import org.thingsboard.server.common.data.page.PageLink;
import org.thingsboard.server.common.data.security.Authority;
import org.thingsboard.server.common.data.util.ThrowingSupplier;
import org.thingsboard.server.config.annotations.ApiOperation;
import org.thingsboard.server.queue.util.TbCoreComponent;
import org.thingsboard.server.service.install.InstallScripts;
import org.thingsboard.server.service.resource.TbResourceService;
import org.thingsboard.server.service.security.model.SecurityUser;
import org.thingsboard.server.service.security.permission.Operation;
import org.thingsboard.server.service.security.permission.Resource;

@RequestMapping({"/api"})
@TbCoreComponent
@RestController
/* loaded from: input_file:org/thingsboard/server/controller/TbResourceController.class */
public class TbResourceController extends BaseController {
    private static final Logger log = LoggerFactory.getLogger(TbResourceController.class);
    private static final String DOWNLOAD_RESOURCE_IF_NOT_CHANGED = "Download Resource based on the provided Resource Id or return 304 status code if resource was not changed.";
    private final TbResourceService tbResourceService;
    public static final String RESOURCE_ID = "resourceId";

    @GetMapping({"/resource/{resourceId}/download"})
    @ApiOperation(value = "Download Resource (downloadResource)", notes = "Download Resource based on the provided Resource Id.\n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    public ResponseEntity<ByteArrayResource> downloadResource(@PathVariable("resourceId") @Parameter(description = "A string value representing the resource id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str) throws ThingsboardException {
        checkParameter(RESOURCE_ID, str);
        TbResource checkResourceId = checkResourceId(new TbResourceId(toUUID(str)), Operation.READ);
        ByteArrayResource byteArrayResource = new ByteArrayResource(checkResourceId.getData());
        return ResponseEntity.ok().header("Content-Disposition", new String[]{"attachment;filename=" + checkResourceId.getFileName()}).header("x-filename", new String[]{checkResourceId.getFileName()}).contentLength(byteArrayResource.contentLength()).contentType(MediaType.APPLICATION_OCTET_STREAM).body(byteArrayResource);
    }

    @GetMapping({"/resource/{resourceType}/{scope}/{key}"})
    @ApiOperation(value = "Download resource (downloadResource)", notes = "Download resource with a given type and key for the given scope\n\nAvailable for any authorized user. ")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public ResponseEntity<ByteArrayResource> downloadResourceIfChanged(@PathVariable("resourceType") @Parameter(description = "Type of the resource", schema = @Schema(allowableValues = {"lwm2m_model", "jks", "pkcs_12", "js_module", "dashboard"})) String str, @PathVariable @Parameter(description = "Scope of the resource", schema = @Schema(allowableValues = {"system", "tenant"})) String str2, @PathVariable @Parameter(description = "Key of the resource, e.g. 'extension.js'") String str3, @RequestHeader(name = "If-None-Match", required = false) String str4) throws ThingsboardException {
        ResourceType valueOf = ResourceType.valueOf(str.toUpperCase());
        return downloadResourceIfChanged(() -> {
            return checkResourceInfo(str2, valueOf, str3, Operation.READ);
        }, str4);
    }

    @GetMapping(value = {"/resource/lwm2m/{resourceId}/download"}, produces = {"application/xml"})
    @ApiOperation(value = "Download LWM2M Resource (downloadLwm2mResourceIfChanged)", notes = "Download Resource based on the provided Resource Id or return 304 status code if resource was not changed.\n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    public ResponseEntity<ByteArrayResource> downloadLwm2mResourceIfChanged(@PathVariable("resourceId") @Parameter(description = "A string value representing the resource id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str, @RequestHeader(name = "If-None-Match", required = false) String str2) throws ThingsboardException {
        return downloadResourceIfChanged(str, str2);
    }

    @RequestMapping(value = {"/resource/pkcs12/{resourceId}/download"}, method = {RequestMethod.GET}, produces = {"application/x-pkcs12"})
    @ApiOperation(value = "Download PKCS_12 Resource (downloadPkcs12ResourceIfChanged)", notes = "Download Resource based on the provided Resource Id or return 304 status code if resource was not changed.\n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    public ResponseEntity<ByteArrayResource> downloadPkcs12ResourceIfChanged(@PathVariable("resourceId") @Parameter(description = "A string value representing the resource id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str, @RequestHeader(name = "If-None-Match", required = false) String str2) throws ThingsboardException {
        return downloadResourceIfChanged(str, str2);
    }

    @GetMapping(value = {"/resource/jks/{resourceId}/download"}, produces = {"application/x-java-keystore"})
    @ApiOperation(value = "Download JKS Resource (downloadJksResourceIfChanged)", notes = "Download Resource based on the provided Resource Id or return 304 status code if resource was not changed.\n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    public ResponseEntity<ByteArrayResource> downloadJksResourceIfChanged(@PathVariable("resourceId") @Parameter(description = "A string value representing the resource id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str, @RequestHeader(name = "If-None-Match", required = false) String str2) throws ThingsboardException {
        return downloadResourceIfChanged(str, str2);
    }

    @GetMapping(value = {"/resource/js/{resourceId}/download"}, produces = {"application/javascript"})
    @ApiOperation(value = "Download JS Resource (downloadJsResourceIfChanged)", notes = "Download Resource based on the provided Resource Id or return 304 status code if resource was not changed.\n\nAvailable for any authorized user. ")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
    public ResponseEntity<ByteArrayResource> downloadJsResourceIfChanged(@PathVariable("resourceId") @Parameter(description = "A string value representing the resource id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str, @RequestHeader(name = "If-None-Match", required = false) String str2) throws ThingsboardException {
        return downloadResourceIfChanged(str, str2);
    }

    @GetMapping({"/resource/info/{resourceId}"})
    @ApiOperation(value = "Get Resource Info (getResourceInfoById)", notes = "Fetch the Resource Info object based on the provided Resource Id. Resource Info is a lightweight object that includes main information about the Resource excluding the heavyweight data. \n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    public TbResourceInfo getResourceInfoById(@PathVariable("resourceId") @Parameter(description = "A string value representing the resource id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str) throws ThingsboardException {
        checkParameter(RESOURCE_ID, str);
        return checkResourceInfoId(new TbResourceId(toUUID(str)), Operation.READ);
    }

    @GetMapping({"/resource/{resourceType}/{scope}/{key}/info"})
    @ApiOperation(value = "Get resource info (getResourceInfo)", notes = "Get info for the resource with the given type, scope and key. Resource Info is a lightweight object that includes main information about the Resource excluding the heavyweight data. \n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    public TbResourceInfo getResourceInfo(@PathVariable("resourceType") @Parameter(description = "Type of the resource", schema = @Schema(allowableValues = {"lwm2m_model", "jks", "pkcs_12", "js_module", "dashboard"})) String str, @PathVariable @Parameter(description = "Scope of the resource", schema = @Schema(allowableValues = {"system", "tenant"})) String str2, @PathVariable @Parameter(description = "Key of the resource, e.g. 'extension.js'") String str3) throws ThingsboardException {
        return checkResourceInfo(str2, ResourceType.valueOf(str.toUpperCase()), str3, Operation.READ);
    }

    @ApiOperation(value = "Get Resource (getResourceById)", notes = "Fetch the Resource object based on the provided Resource Id. Resource is a heavyweight object that includes main information about the Resource and also data. \n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.", hidden = true)
    @Deprecated
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    @GetMapping({"/resource/{resourceId}"})
    public TbResource getResourceById(@PathVariable("resourceId") @Parameter(description = "A string value representing the resource id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str) throws ThingsboardException {
        checkParameter(RESOURCE_ID, str);
        return checkResourceId(new TbResourceId(toUUID(str)), Operation.READ);
    }

    @PostMapping({"/resource"})
    @ApiOperation(value = "Create Or Update Resource (saveResource)", notes = "Create or update the Resource. When creating the Resource, platform generates Resource id as [time-based UUID](https://en.wikipedia.org/wiki/Universally_unique_identifier#Version_1_(date-time_and_MAC_address)). The newly created Resource id will be present in the response. Specify existing Resource id to update the Resource. Referencing non-existing Resource Id will cause 'Not Found' error. \n\nResource combination of the title with the key is unique in the scope of tenant. Remove 'id', 'tenantId' from the request body example (below) to create new Resource entity.\n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    public TbResourceInfo saveResource(@Parameter(description = "A JSON value representing the Resource.") @RequestBody TbResource tbResource) throws Exception {
        tbResource.setTenantId(getTenantId());
        checkEntity((TbResourceController) tbResource.getId(), (TbResourceId) tbResource, Resource.TB_RESOURCE);
        return this.tbResourceService.save(tbResource, getCurrentUser());
    }

    @GetMapping({"/resource"})
    @ApiOperation(value = "Get Resource Infos (getResources)", notes = "Returns a page of Resource Info objects owned by tenant or sysadmin. You can specify parameters to filter the results. The result is wrapped with PageData object that allows you to iterate over result set using pagination. See the 'Model' tab of the Response Class for more details. Resource Info is a lightweight object that includes main information about the Resource excluding the heavyweight data. \n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    public PageData<TbResourceInfo> getResources(@RequestParam @Parameter(description = "Maximum amount of entities in a one page", required = true) int i, @RequestParam @Parameter(description = "Sequence number of page starting from 0", required = true) int i2, @RequestParam(required = false) @Parameter(description = "A string value representing the resource type.", schema = @Schema(allowableValues = {"LWM2M_MODEL", "JKS", "PKCS_12", "JS_MODULE"})) String str, @RequestParam(required = false) @Parameter(description = "A string value representing the resource sub-type.", schema = @Schema(allowableValues = {"EXTENSION", "MODULE"})) String str2, @RequestParam(required = false) @Parameter(description = "The case insensitive 'substring' filter based on the resource title.") String str3, @RequestParam(required = false) @Parameter(description = "Property of entity to sort by", schema = @Schema(allowableValues = {"createdTime", "title", "resourceType", "tenantId"})) String str4, @RequestParam(required = false) @Parameter(description = "Sort order. ASC (ASCENDING) or DESC (DESCENDING)", schema = @Schema(allowableValues = {"ASC", "DESC"})) String str5) throws ThingsboardException {
        PageLink createPageLink = createPageLink(i, i2, str3, str4, str5);
        TbResourceInfoFilter.TbResourceInfoFilterBuilder builder = TbResourceInfoFilter.builder();
        builder.tenantId(getTenantId());
        HashSet hashSet = new HashSet();
        if (StringUtils.isNotEmpty(str)) {
            hashSet.add(ResourceType.valueOf(str));
            if (StringUtils.isNotEmpty(str2)) {
                builder.resourceSubTypes(Set.of(ResourceSubType.valueOf(str2)));
            }
        } else {
            Collections.addAll(hashSet, ResourceType.values());
            hashSet.remove(ResourceType.JS_MODULE);
            hashSet.remove(ResourceType.IMAGE);
            hashSet.remove(ResourceType.DASHBOARD);
        }
        builder.resourceTypes(hashSet);
        return Authority.SYS_ADMIN.equals(getCurrentUser().getAuthority()) ? (PageData) checkNotNull((TbResourceController) this.resourceService.findTenantResourcesByTenantId(builder.build(), createPageLink)) : (PageData) checkNotNull((TbResourceController) this.resourceService.findAllTenantResourcesByTenantId(builder.build(), createPageLink));
    }

    @GetMapping({"/resource/tenant"})
    @ApiOperation(value = "Get All Resource Infos (getAllResources)", notes = "Returns a page of Resource Info objects owned by tenant. You can specify parameters to filter the results. The result is wrapped with PageData object that allows you to iterate over result set using pagination. See the 'Model' tab of the Response Class for more details. Resource Info is a lightweight object that includes main information about the Resource excluding the heavyweight data. \n\nAvailable for users with 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN')")
    public PageData<TbResourceInfo> getTenantResources(@RequestParam @Parameter(description = "Maximum amount of entities in a one page", required = true) int i, @RequestParam @Parameter(description = "Sequence number of page starting from 0", required = true) int i2, @RequestParam(required = false) @Parameter(description = "The case insensitive 'substring' filter based on the resource title.") String str, @RequestParam(required = false) @Parameter(description = "Property of entity to sort by", schema = @Schema(allowableValues = {"createdTime", "title", "resourceType", "tenantId"})) String str2, @RequestParam(required = false) @Parameter(description = "Sort order. ASC (ASCENDING) or DESC (DESCENDING)", schema = @Schema(allowableValues = {"ASC", "DESC"})) String str3) throws ThingsboardException {
        PageLink createPageLink = createPageLink(i, i2, str, str2, str3);
        return (PageData) checkNotNull((TbResourceController) this.resourceService.findTenantResourcesByTenantId(TbResourceInfoFilter.builder().tenantId(getTenantId()).resourceTypes(EnumSet.allOf(ResourceType.class)).build(), createPageLink));
    }

    @GetMapping({"/resource/lwm2m/page"})
    @ApiOperation(value = "Get LwM2M Objects (getLwm2mListObjectsPage)", notes = "Returns a page of LwM2M objects parsed from Resources with type 'LWM2M_MODEL' owned by tenant or sysadmin. You can specify parameters to filter the results. The result is wrapped with PageData object that allows you to iterate over result set using pagination. See the 'Model' tab of the Response Class for more details. LwM2M Object is a object that includes information about the LwM2M model which can be used in transport configuration for the LwM2M device profile. \n\nAvailable for users with 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN')")
    public List<LwM2mObject> getLwm2mListObjectsPage(@RequestParam @Parameter(description = "Maximum amount of entities in a one page", required = true) int i, @RequestParam @Parameter(description = "Sequence number of page starting from 0", required = true) int i2, @RequestParam(required = false) @Parameter(description = "The case insensitive 'substring' filter based on the resource title.") String str, @RequestParam(required = false) @Parameter(description = "Property of entity to sort by", schema = @Schema(allowableValues = {"id", "name"})) String str2, @RequestParam(required = false) @Parameter(description = "Sort order. ASC (ASCENDING) or DESC (DESCENDING)", schema = @Schema(allowableValues = {"ASC", "DESC"})) String str3) throws ThingsboardException {
        return (List) checkNotNull((TbResourceController) this.tbResourceService.findLwM2mObjectPage(getTenantId(), str2, str3, new PageLink(i, i2, str)));
    }

    @GetMapping({"/resource/lwm2m"})
    @ApiOperation(value = "Get LwM2M Objects (getLwm2mListObjects)", notes = "Returns a page of LwM2M objects parsed from Resources with type 'LWM2M_MODEL' owned by tenant or sysadmin. You can specify parameters to filter the results. LwM2M Object is a object that includes information about the LwM2M model which can be used in transport configuration for the LwM2M device profile. \n\nAvailable for users with 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN')")
    public List<LwM2mObject> getLwm2mListObjects(@RequestParam @Parameter(description = "Sort order. ASC (ASCENDING) or DESC (DESCENDING)", schema = @Schema(allowableValues = {"ASC", "DESC"}, requiredMode = Schema.RequiredMode.REQUIRED)) String str, @RequestParam @Parameter(description = "Property of entity to sort by", schema = @Schema(allowableValues = {"id", "name"}, requiredMode = Schema.RequiredMode.REQUIRED)) String str2, @RequestParam(required = false) @Parameter(description = "LwM2M Object ids.", array = @ArraySchema(schema = @Schema(type = "string")), required = true) String[] strArr) throws ThingsboardException {
        return (List) checkNotNull((TbResourceController) this.tbResourceService.findLwM2mObject(getTenantId(), str, str2, strArr));
    }

    @DeleteMapping({"/resource/{resourceId}"})
    @ApiOperation(value = "Delete Resource (deleteResource)", notes = "Deletes the Resource. Referencing non-existing Resource Id will cause an error.\n\nAvailable for users with 'SYS_ADMIN' or 'TENANT_ADMIN' authority.")
    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
    public ResponseEntity<TbResourceDeleteResult> deleteResource(@PathVariable("resourceId") @Parameter(description = "A string value representing the resource id. For example, '784f394c-42b6-435a-983c-b7beff2784f9'") String str, @RequestParam(name = "force", required = false) boolean z) throws ThingsboardException {
        checkParameter(RESOURCE_ID, str);
        TbResourceDeleteResult delete = this.tbResourceService.delete(checkResourceId(new TbResourceId(toUUID(str)), Operation.DELETE), z, getCurrentUser());
        return (delete.isSuccess() ? ResponseEntity.ok() : ResponseEntity.badRequest()).body(delete);
    }

    private ResponseEntity<ByteArrayResource> downloadResourceIfChanged(String str, String str2) throws ThingsboardException {
        checkParameter(RESOURCE_ID, str);
        TbResourceId tbResourceId = new TbResourceId(toUUID(str));
        return downloadResourceIfChanged(() -> {
            return checkResourceInfoId(tbResourceId, Operation.READ);
        }, str2);
    }

    private ResponseEntity<ByteArrayResource> downloadResourceIfChanged(ThrowingSupplier<TbResourceInfo> throwingSupplier, String str) throws ThingsboardException {
        TbResourceInfo tbResourceInfo = (TbResourceInfo) throwingSupplier.get();
        if (str != null && StringUtils.remove(str, '\"').equals(tbResourceInfo.getEtag())) {
            return ResponseEntity.status(HttpStatus.NOT_MODIFIED).eTag(tbResourceInfo.getEtag()).build();
        }
        ByteArrayResource byteArrayResource = new ByteArrayResource(this.resourceService.getResourceData(tbResourceInfo.getTenantId(), tbResourceInfo.getId()));
        return ResponseEntity.ok().header("Content-Disposition", new String[]{"attachment;filename=" + tbResourceInfo.getFileName()}).header("x-filename", new String[]{tbResourceInfo.getFileName()}).contentLength(byteArrayResource.contentLength()).header("Content-Type", new String[]{tbResourceInfo.getResourceType().getMediaType()}).cacheControl(CacheControl.noCache()).eTag(tbResourceInfo.getEtag()).body(byteArrayResource);
    }

    private TbResourceInfo checkResourceInfo(String str, ResourceType resourceType, String str2, Operation operation) throws ThingsboardException {
        TenantId tenantId;
        if (str.equals(InstallScripts.TENANT_DIR)) {
            tenantId = getTenantId();
        } else {
            if (!str.equals(InstallScripts.SYSTEM_DIR)) {
                throw new IllegalArgumentException("Invalid scope");
            }
            tenantId = TenantId.SYS_TENANT_ID;
        }
        TbResourceInfo findResourceInfoByTenantIdAndKey = this.resourceService.findResourceInfoByTenantIdAndKey(tenantId, resourceType, str2);
        checkEntity(getCurrentUser(), (SecurityUser) checkNotNull((TbResourceController) findResourceInfoByTenantIdAndKey), operation);
        return findResourceInfoByTenantIdAndKey;
    }

    @ConstructorProperties({"tbResourceService"})
    public TbResourceController(TbResourceService tbResourceService) {
        this.tbResourceService = tbResourceService;
    }
}
