package io.unitycatalog.server.service;

import com.linecorp.armeria.common.HttpResponse;
import com.linecorp.armeria.common.HttpStatus;
import com.linecorp.armeria.server.annotation.Delete;
import com.linecorp.armeria.server.annotation.ExceptionHandler;
import com.linecorp.armeria.server.annotation.Get;
import com.linecorp.armeria.server.annotation.Param;
import com.linecorp.armeria.server.annotation.Patch;
import com.linecorp.armeria.server.annotation.Post;
import io.unitycatalog.server.auth.UnityCatalogAuthorizer;
import io.unitycatalog.server.auth.annotation.AuthorizeExpression;
import io.unitycatalog.server.auth.annotation.AuthorizeKey;
import io.unitycatalog.server.auth.decorator.UnityAccessEvaluator;
import io.unitycatalog.server.exception.GlobalExceptionHandler;
import io.unitycatalog.server.model.CatalogInfo;
import io.unitycatalog.server.model.CreateCatalog;
import io.unitycatalog.server.model.ListCatalogsResponse;
import io.unitycatalog.server.model.SecurableType;
import io.unitycatalog.server.model.UpdateCatalog;
import io.unitycatalog.server.persist.CatalogRepository;
import io.unitycatalog.server.persist.MetastoreRepository;
import io.unitycatalog.server.persist.model.Privileges;
import io.unitycatalog.server.utils.IdentityUtils;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.UUID;

@ExceptionHandler(GlobalExceptionHandler.class)
/* loaded from: input_file:io/unitycatalog/server/service/CatalogService.class */
public class CatalogService {
    private static final CatalogRepository CATALOG_REPOSITORY = CatalogRepository.getInstance();
    private final UnityCatalogAuthorizer authorizer;
    private final UnityAccessEvaluator evaluator;

    public CatalogService(UnityCatalogAuthorizer unityCatalogAuthorizer) {
        this.authorizer = unityCatalogAuthorizer;
        this.evaluator = new UnityAccessEvaluator(unityCatalogAuthorizer);
    }

    @Post("")
    @AuthorizeKey(SecurableType.METASTORE)
    @AuthorizeExpression("#authorizeAny(#principal, #metastore, OWNER, CREATE_CATALOG)")
    public HttpResponse createCatalog(CreateCatalog createCatalog) {
        CatalogInfo addCatalog = CATALOG_REPOSITORY.addCatalog(createCatalog);
        initializeAuthorizations(addCatalog);
        return HttpResponse.ofJson(addCatalog);
    }

    @AuthorizeExpression("#defer")
    @Get("")
    public HttpResponse listCatalogs(@Param("max_results") Optional<Integer> optional, @Param("page_token") Optional<String> optional2) {
        ListCatalogsResponse listCatalogs = CATALOG_REPOSITORY.listCatalogs(optional, optional2);
        filterCatalogs("#authorize(#principal, #metastore, OWNER) ||\n#authorizeAny(#principal, #catalog, OWNER, USE_CATALOG)\n", listCatalogs.getCatalogs());
        return HttpResponse.ofJson(listCatalogs);
    }

    @AuthorizeKey(SecurableType.METASTORE)
    @AuthorizeExpression("#authorize(#principal, #metastore, OWNER) ||\n#authorizeAny(#principal, #catalog, OWNER, USE_CATALOG)\n")
    @Get("/{name}")
    public HttpResponse getCatalog(@AuthorizeKey(SecurableType.CATALOG) @Param("name") String str) {
        return HttpResponse.ofJson(CATALOG_REPOSITORY.getCatalog(str));
    }

    @Patch("/{name}")
    @AuthorizeKey(SecurableType.METASTORE)
    @AuthorizeExpression("#authorize(#principal, #catalog, OWNER)\n")
    public HttpResponse updateCatalog(@AuthorizeKey(SecurableType.CATALOG) @Param("name") String str, UpdateCatalog updateCatalog) {
        return HttpResponse.ofJson(CATALOG_REPOSITORY.updateCatalog(str, updateCatalog));
    }

    @Delete("/{name}")
    @AuthorizeKey(SecurableType.METASTORE)
    @AuthorizeExpression("#authorize(#principal, #metastore, OWNER) ||\n#authorizeAny(#principal, #catalog, OWNER, USE_CATALOG)\n")
    public HttpResponse deleteCatalog(@AuthorizeKey(SecurableType.CATALOG) @Param("name") String str, @Param("force") Optional<Boolean> optional) {
        CatalogInfo catalog = CATALOG_REPOSITORY.getCatalog(str);
        CATALOG_REPOSITORY.deleteCatalog(str, optional.orElse(false).booleanValue());
        removeAuthorizations(catalog);
        return HttpResponse.of(HttpStatus.OK);
    }

    public void filterCatalogs(String str, List<CatalogInfo> list) {
        this.evaluator.filter(IdentityUtils.findPrincipalId(), str, list, catalogInfo -> {
            return Map.of(SecurableType.METASTORE, MetastoreRepository.getInstance().getMetastoreId(), SecurableType.CATALOG, UUID.fromString(catalogInfo.getId()));
        });
    }

    private void initializeAuthorizations(CatalogInfo catalogInfo) {
        this.authorizer.grantAuthorization(IdentityUtils.findPrincipalId(), UUID.fromString(catalogInfo.getId()), Privileges.OWNER);
    }

    private void removeAuthorizations(CatalogInfo catalogInfo) {
        this.authorizer.clearAuthorizationsForResource(UUID.fromString(catalogInfo.getId()));
    }
}
