package com.floragunn.signals.truststore.service.persistence;

import com.floragunn.codova.documents.DocNode;
import com.floragunn.codova.documents.DocumentParseException;
import com.floragunn.codova.documents.Format;
import com.floragunn.codova.validation.ConfigValidationException;
import com.floragunn.searchguard.support.PrivilegedConfigClient;
import com.floragunn.searchsupport.client.SearchScroller;
import com.floragunn.signals.settings.SignalsSettings;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Function;
import org.elasticsearch.action.DocWriteResponse;
import org.elasticsearch.action.delete.DeleteRequest;
import org.elasticsearch.action.delete.DeleteResponse;
import org.elasticsearch.action.get.GetRequest;
import org.elasticsearch.action.get.GetResponse;
import org.elasticsearch.action.index.IndexRequest;
import org.elasticsearch.action.search.SearchRequest;
import org.elasticsearch.action.search.SearchResponse;
import org.elasticsearch.action.support.IndicesOptions;
import org.elasticsearch.action.support.WriteRequest;
import org.elasticsearch.core.TimeValue;
import org.elasticsearch.index.query.QueryBuilders;
import org.elasticsearch.rest.RestStatus;
import org.elasticsearch.search.SearchHit;
import org.elasticsearch.search.builder.SearchSourceBuilder;
import org.elasticsearch.xcontent.XContentType;

/* loaded from: input_file:com/floragunn/signals/truststore/service/persistence/TruststoreRepository.class */
public class TruststoreRepository {
    private final PrivilegedConfigClient client;
    private final SignalsSettings signalsSettings;

    public TruststoreRepository(SignalsSettings signalsSettings, PrivilegedConfigClient privilegedConfigClient) {
        this.signalsSettings = (SignalsSettings) Objects.requireNonNull(signalsSettings, "Signals settings is required");
        this.client = (PrivilegedConfigClient) Objects.requireNonNull(privilegedConfigClient, "Node client is required");
    }

    public DocWriteResponse createOrReplace(String str, TruststoreData truststoreData) {
        Objects.requireNonNull(str, "Truststore id is required");
        Objects.requireNonNull(truststoreData, "Truststore data are required");
        return (DocWriteResponse) this.client.index(new IndexRequest(SignalsSettings.SignalsStaticSettings.IndexNames.TRUSTSTORES).setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).id(str).source(truststoreData.toJsonString(), XContentType.JSON)).actionGet();
    }

    public List<TruststoreData> findAll() {
        SearchSourceBuilder searchSource = SearchSourceBuilder.searchSource();
        searchSource.sort("store_time");
        TimeValue timeValue = new TimeValue(1000L);
        SearchRequest source = new SearchRequest(new String[]{SignalsSettings.SignalsStaticSettings.IndexNames.TRUSTSTORES}).source(searchSource);
        SearchScroller searchScroller = new SearchScroller(this.client);
        ArrayList arrayList = new ArrayList();
        Function function = searchHit -> {
            try {
                return searchHitToTruststoreData(searchHit);
            } catch (ConfigValidationException e) {
                throw new RuntimeException("Cannot parse trust store content stored in an index.", e);
            }
        };
        Objects.requireNonNull(arrayList);
        searchScroller.scroll(source, timeValue, function, (v1) -> {
            r4.addAll(v1);
        });
        return arrayList;
    }

    public Optional<TruststoreData> findOneById(String str) {
        Objects.requireNonNull(str, "Trust store id is required");
        try {
            return getResponseToTruststoreData((GetResponse) this.client.get(new GetRequest(SignalsSettings.SignalsStaticSettings.IndexNames.TRUSTSTORES).id(str)).actionGet());
        } catch (ConfigValidationException e) {
            throw new RuntimeException("Cannot parse trust store '" + str + "' content stored in an index.", e);
        }
    }

    private Optional<TruststoreData> getResponseToTruststoreData(GetResponse getResponse) throws ConfigValidationException {
        return getResponse.isExists() ? Optional.of(jsonToTruststoreData(getResponse.getId(), getResponse.getSourceAsString())) : Optional.empty();
    }

    private TruststoreData searchHitToTruststoreData(SearchHit searchHit) throws ConfigValidationException {
        return jsonToTruststoreData(searchHit.getId(), searchHit.getSourceAsString());
    }

    private TruststoreData jsonToTruststoreData(String str, String str2) throws ConfigValidationException {
        return new TruststoreData(str, parseJsonAsDocNode(str2));
    }

    private static DocNode parseJsonAsDocNode(String str) throws DocumentParseException {
        return DocNode.parse(Format.JSON).from(str);
    }

    public Boolean deleteById(String str) {
        Objects.requireNonNull(str, "Truststore id is required");
        return Boolean.valueOf(RestStatus.OK.equals(((DeleteResponse) this.client.delete(new DeleteRequest(SignalsSettings.SignalsStaticSettings.IndexNames.TRUSTSTORES).id(str).setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE)).actionGet()).status()));
    }

    public boolean isTruststoreUsedByAnyWatch(String str) {
        SearchResponse searchResponse = (SearchResponse) this.client.search(new SearchRequest(new String[]{this.signalsSettings.getStaticSettings().getIndexNames().getWatches()}).source(SearchSourceBuilder.searchSource().query(QueryBuilders.boolQuery().must(QueryBuilders.boolQuery().should(QueryBuilders.termQuery("actions.tls.truststore_id.keyword", str)).should(QueryBuilders.termQuery("checks.tls.truststore_id.keyword", str)).should(QueryBuilders.queryStringQuery(str).field("actions.attachments.*.tls.truststore_id.keyword"))))).indicesOptions(IndicesOptions.LENIENT_EXPAND_OPEN)).actionGet();
        try {
            return searchResponse.getHits().getTotalHits().value() > 0;
        } finally {
            searchResponse.decRef();
        }
    }
}
