package com.cloudera.nav.analytics;

import com.cloudera.api.model.ApiRole;
import com.cloudera.nav.cm.CmApiClient;
import com.cloudera.nav.server.NavOptions;
import com.cloudera.nav.ssl.TrustManagerProvider;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.datatype.joda.JodaModule;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.base.Throwables;
import java.io.DataInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.ByteArrayEntity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/nav/analytics/AuditAnalyticsProxy.class */
public class AuditAnalyticsProxy implements QueryHandler {
    public static final String HDFS_AUDIT_EVENTS = "HDFS_AUDIT_EVENTS";
    public static final String HDFS_ACTIVITY = "NAV_HDFS_ACTIVITY";
    public static final String HDFS_ACTIVITY_HIST = "NAV_HDFS_ACTIVITY_HIST";

    @VisibleForTesting
    public static final String AUDIT_ROLE_TYPE = "NAVIGATOR";

    @VisibleForTesting
    public static final String AUDIT_SERVER_PORT_CONFIG_NAME = "navigator_server_port";
    public static final String ENABLE_SSL = "ssl_enabled";

    @VisibleForTesting
    static final String AUDIT_ANALYTICS_API = "analytics";
    private static final Logger LOG = LoggerFactory.getLogger(AuditAnalyticsProxy.class);
    private final HttpClientFactory httpClientFactory;
    private final ObjectMapper mapper;
    private final NavOptions options;
    private final TrustManagerProvider trustManagerProvider;
    private String analyticsUrl;
    private String statusUrl;
    private Boolean isAuditServerSSLEnabled;
    private int auditServerPort;

    public AuditAnalyticsProxy(NavOptions navOptions, HttpClientFactory httpClientFactory, ObjectMapper objectMapper, TrustManagerProvider trustManagerProvider) {
        Preconditions.checkArgument(httpClientFactory != null);
        this.options = navOptions;
        this.trustManagerProvider = trustManagerProvider;
        this.httpClientFactory = httpClientFactory;
        this.mapper = objectMapper;
        try {
            resetRequestUrls();
        } catch (Exception e) {
            LOG.info("Could not connect to CM. Audit analytics disabled until connection is restored", e);
        }
    }

    private synchronized void resetRequestUrls() {
        if (StringUtils.isEmpty(this.analyticsUrl)) {
            try {
                CmApiClient cmApiClient = getCmApiClient();
                ApiRole mgmtRoleByType = cmApiClient.getMgmtRoleByType(AUDIT_ROLE_TYPE);
                resetAuditServerPort(cmApiClient, mgmtRoleByType);
                this.isAuditServerSSLEnabled = Boolean.valueOf(Boolean.parseBoolean(cmApiClient.getRoleConfig(mgmtRoleByType, ENABLE_SSL)));
                this.analyticsUrl = String.format("%s/query/%s", getAuditServerBaseUrl(getAuditServerHostName(cmApiClient, mgmtRoleByType)), AUDIT_ANALYTICS_API);
                this.statusUrl = this.analyticsUrl + "/status";
            } catch (IOException e) {
                throw Throwables.propagate(e);
            }
        }
    }

    private String getAuditServerBaseUrl(String str) {
        return (this.isAuditServerSSLEnabled.booleanValue() ? "https://" : "http://") + str + ":" + this.auditServerPort;
    }

    private String getAuditServerHostName(CmApiClient cmApiClient, ApiRole apiRole) {
        String hostname = cmApiClient.getHostById(apiRole.getHostRef().getHostId()).getHostname();
        Preconditions.checkArgument(StringUtils.isNotEmpty(hostname), "Could not find audit server host name");
        return hostname;
    }

    private void resetAuditServerPort(CmApiClient cmApiClient, ApiRole apiRole) {
        String roleConfig = cmApiClient.getRoleConfig(apiRole, AUDIT_SERVER_PORT_CONFIG_NAME);
        Preconditions.checkArgument(StringUtils.isNotEmpty(roleConfig), "Could not find audit server port");
        this.auditServerPort = Integer.parseInt(roleConfig);
    }

    @VisibleForTesting
    public CmApiClient getCmApiClient() throws IOException {
        return new CmApiClient(this.options.getCmUrl(), this.options.getCmUser(), this.options.getCmPassword(), this.options.getRoleName(), this.trustManagerProvider);
    }

    public boolean canHandle(AnalyticsQuery analyticsQuery) {
        String source = analyticsQuery.getSource();
        return StringUtils.equalsIgnoreCase(source, HDFS_AUDIT_EVENTS) || StringUtils.equalsIgnoreCase(source, HDFS_ACTIVITY) || StringUtils.equalsIgnoreCase(source, HDFS_ACTIVITY_HIST);
    }

    public Collection<DataTable> executeQuery(AnalyticsQuery analyticsQuery) {
        this.mapper.registerModule(new JodaModule());
        try {
            return sendAnalyticsRequest(analyticsQuery, this.mapper);
        } catch (Throwable th) {
            throw Throwables.propagate(th);
        }
    }

    public Collection<String> getPermittedRoles() {
        return Collections.singleton("AUTH_READ_AUDITS");
    }

    public String getAnalyticsUrl() {
        if (StringUtils.isEmpty(this.analyticsUrl)) {
            resetRequestUrls();
        }
        return this.analyticsUrl;
    }

    private Collection<DataTable> sendAnalyticsRequest(AnalyticsQuery analyticsQuery, ObjectMapper objectMapper) throws Exception {
        HttpPost httpPost = new HttpPost(getAnalyticsUrl());
        httpPost.setEntity(new ByteArrayEntity(objectMapper.writeValueAsBytes(analyticsQuery)));
        try {
            List asList = Arrays.asList((Object[]) objectMapper.readValue(request(httpPost, this.analyticsUrl), DataTable[].class));
            httpPost.releaseConnection();
            return asList;
        } catch (Throwable th) {
            httpPost.releaseConnection();
            throw th;
        }
    }

    private InputStream request(HttpUriRequest httpUriRequest, String str) throws Exception {
        HttpResponse execute = this.httpClientFactory.newHttpClientForAuditServer(this.trustManagerProvider, this.auditServerPort, this.isAuditServerSSLEnabled.booleanValue()).execute(httpUriRequest);
        if (execute.getStatusLine().getStatusCode() != Response.Status.OK.getStatusCode()) {
            throw new IOException(String.format("Error querying %s: %s.", str, execute.getStatusLine()));
        }
        return execute.getEntity().getContent();
    }

    public boolean isEnabled() throws Exception {
        HttpGet httpGet = new HttpGet(getStatusUrl());
        try {
            return readBoolean(request(httpGet, this.statusUrl));
        } finally {
            httpGet.releaseConnection();
        }
    }

    private boolean readBoolean(InputStream inputStream) throws IOException {
        DataInputStream dataInputStream = new DataInputStream(inputStream);
        Throwable th = null;
        try {
            try {
                boolean readBoolean = dataInputStream.readBoolean();
                if (dataInputStream != null) {
                    if (0 != 0) {
                        try {
                            dataInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        dataInputStream.close();
                    }
                }
                return readBoolean;
            } finally {
            }
        } catch (Throwable th3) {
            if (dataInputStream != null) {
                if (th != null) {
                    try {
                        dataInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    dataInputStream.close();
                }
            }
            throw th3;
        }
    }

    private String getStatusUrl() {
        if (StringUtils.isEmpty(this.statusUrl)) {
            resetRequestUrls();
        }
        return this.statusUrl;
    }
}
