package org.apache.james.webadmin.routes;

import com.fasterxml.jackson.databind.Module;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import javax.inject.Inject;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import org.apache.james.core.Domain;
import org.apache.james.dlp.api.DLPConfigurationItem;
import org.apache.james.dlp.api.DLPConfigurationStore;
import org.apache.james.dlp.api.DLPRules;
import org.apache.james.domainlist.api.DomainList;
import org.apache.james.domainlist.api.DomainListException;
import org.apache.james.webadmin.Routes;
import org.apache.james.webadmin.dto.DLPConfigurationDTO;
import org.apache.james.webadmin.dto.DLPConfigurationItemDTO;
import org.apache.james.webadmin.utils.ErrorResponder;
import org.apache.james.webadmin.utils.JsonExtractor;
import org.apache.james.webadmin.utils.JsonTransformer;
import spark.HaltException;
import spark.Request;
import spark.Service;

@Api(tags = {"DLPRules"})
@Path(DLPConfigurationRoutes.BASE_PATH)
@ApiModel(description = "DLP (stands for Data Leak Prevention) is supported by James. A DLP matcher will, on incoming emails, execute regular expressions on email sender, recipients or content, in order to report suspicious emails toan administrator. WebAdmin can be used to manage these DLP rules on a per sender-domain basis.")
@Produces({"application/json"})
/* loaded from: input_file:org/apache/james/webadmin/routes/DLPConfigurationRoutes.class */
public class DLPConfigurationRoutes implements Routes {
    public static final String BASE_PATH = "/dlp/rules";
    private static final String DOMAIN_NAME = ":senderDomain";
    private static final String SPECIFIC_DLP_RULE_DOMAIN = "/dlp/rules/:senderDomain";
    private static final String RULE_ID_NAME = ":ruleId";
    private static final String RULE_SPECIFIC_PATH = "/dlp/rules/:senderDomain/rules/:ruleId";
    private final JsonTransformer jsonTransformer;
    private final DLPConfigurationStore dlpConfigurationStore;
    private final JsonExtractor<DLPConfigurationDTO> jsonExtractor = new JsonExtractor<>(DLPConfigurationDTO.class, new Module[0]);
    private final DomainList domainList;

    @Inject
    public DLPConfigurationRoutes(DLPConfigurationStore dLPConfigurationStore, DomainList domainList, JsonTransformer jsonTransformer) {
        this.dlpConfigurationStore = dLPConfigurationStore;
        this.domainList = domainList;
        this.jsonTransformer = jsonTransformer;
    }

    public String getBasePath() {
        return BASE_PATH;
    }

    public void define(Service service) {
        defineStore(service);
        defineList(service);
        defineClear(service);
        defineFetch(service);
    }

    @ApiResponses({@ApiResponse(code = 204, message = "OK. DLP configuration is stored."), @ApiResponse(code = 400, message = "Invalid senderDomain or payload in request", response = ErrorResponder.ErrorDetail.class), @ApiResponse(code = 404, message = "The domain does not exist.", response = ErrorResponder.ErrorDetail.class), @ApiResponse(code = 500, message = "Internal server error - Something went bad on the server side.", response = ErrorResponder.ErrorDetail.class)})
    @Path("/{senderDomain}")
    @ApiImplicitParams({@ApiImplicitParam(required = true, dataType = "string", name = "senderDomain", paramType = "path"), @ApiImplicitParam(required = true, dataType = "org.apache.james.webadmin.dto.DLPConfigurationDTO", paramType = "body")})
    @ApiOperation("Store a DLP configuration for given senderDomain")
    @PUT
    public void defineStore(Service service) {
        service.put(SPECIFIC_DLP_RULE_DOMAIN, (request, response) -> {
            this.dlpConfigurationStore.store(parseDomain(request), constructRules((DLPConfigurationDTO) this.jsonExtractor.parse(request.body())));
            response.status(204);
            return "";
        });
    }

    private DLPRules constructRules(DLPConfigurationDTO dLPConfigurationDTO) {
        try {
            return dLPConfigurationDTO.toDLPConfiguration();
        } catch (DLPRules.DuplicateRulesIdsException e) {
            throw ErrorResponder.builder().statusCode(400).type(ErrorResponder.ErrorType.INVALID_ARGUMENT).message("'id' duplicates are not allowed in DLP rules").haltError();
        }
    }

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "OK. DLP configuration is returned", response = DLPConfigurationDTO.class), @ApiResponse(code = 400, message = "Invalid senderDomain in request", response = ErrorResponder.ErrorDetail.class), @ApiResponse(code = 404, message = "The domain does not exist.", response = ErrorResponder.ErrorDetail.class), @ApiResponse(code = 500, message = "Internal server error - Something went bad on the server side.", response = ErrorResponder.ErrorDetail.class)})
    @Path("/{senderDomain}")
    @ApiImplicitParams({@ApiImplicitParam(required = true, dataType = "string", name = "senderDomain", paramType = "path")})
    @ApiOperation("Return a DLP configuration for a given senderDomain")
    public void defineList(Service service) {
        service.get(SPECIFIC_DLP_RULE_DOMAIN, (request, response) -> {
            DLPConfigurationDTO dto = DLPConfigurationDTO.toDTO(this.dlpConfigurationStore.list(parseDomain(request)));
            response.status(200);
            response.header("Content-Type", "application/json");
            return dto;
        }, this.jsonTransformer);
    }

    @ApiResponses({@ApiResponse(code = 204, message = "OK. DLP configuration is cleared"), @ApiResponse(code = 400, message = "Invalid senderDomain in request", response = ErrorResponder.ErrorDetail.class), @ApiResponse(code = 404, message = "The domain does not exist.", response = ErrorResponder.ErrorDetail.class), @ApiResponse(code = 500, message = "Internal server error - Something went bad on the server side.", response = ErrorResponder.ErrorDetail.class)})
    @Path("/{senderDomain}")
    @ApiImplicitParams({@ApiImplicitParam(required = true, dataType = "string", name = "senderDomain", paramType = "path")})
    @DELETE
    @ApiOperation("Clear a DLP configuration for a given senderDomain")
    public void defineClear(Service service) {
        service.delete(SPECIFIC_DLP_RULE_DOMAIN, (request, response) -> {
            this.dlpConfigurationStore.clear(parseDomain(request));
            response.status(204);
            return "";
        }, this.jsonTransformer);
    }

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "OK. DLP rule is returned", response = DLPConfigurationItemDTO.class), @ApiResponse(code = 400, message = "Invalid senderDomain in request", response = ErrorResponder.ErrorDetail.class), @ApiResponse(code = 404, message = "The domain and/or the rule does not exist.", response = ErrorResponder.ErrorDetail.class), @ApiResponse(code = 500, message = "Internal server error - Something went bad on the server side.", response = ErrorResponder.ErrorDetail.class)})
    @Path("/{senderDomain}/rules/{ruleId}")
    @ApiImplicitParams({@ApiImplicitParam(required = true, dataType = "string", name = "senderDomain", paramType = "path"), @ApiImplicitParam(required = true, dataType = "string", name = "ruleId", paramType = "path")})
    @ApiOperation("Return a DLP rule for a given senderDomain and a ruleId")
    public void defineFetch(Service service) {
        service.get(RULE_SPECIFIC_PATH, (request, response) -> {
            Domain parseDomain = parseDomain(request);
            DLPConfigurationItem.Id of = DLPConfigurationItem.Id.of(request.params(RULE_ID_NAME));
            DLPConfigurationItemDTO dto = DLPConfigurationItemDTO.toDTO((DLPConfigurationItem) this.dlpConfigurationStore.fetch(parseDomain, of).orElseThrow(() -> {
                return notFound("There is no rule '" + of.asString() + "' for '" + parseDomain.asString() + "' managed by this James server");
            }));
            response.status(200);
            response.header("Content-Type", "application/json");
            return dto;
        }, this.jsonTransformer);
    }

    private Domain parseDomain(Request request) {
        String params = request.params(DOMAIN_NAME);
        try {
            Domain of = Domain.of(params);
            validateDomainInList(of);
            return of;
        } catch (IllegalArgumentException e) {
            throw invalidDomain(String.format("Invalid request for domain: %s", params), e);
        } catch (DomainListException e2) {
            throw serverError(String.format("Cannot recognize domain: %s in domain list", params), e2);
        }
    }

    private void validateDomainInList(Domain domain) throws DomainListException {
        if (!this.domainList.containsDomain(domain)) {
            throw notFound(String.format("'%s' is not managed by this James server", domain.name()));
        }
    }

    private HaltException invalidDomain(String str, Exception exc) {
        return ErrorResponder.builder().statusCode(400).type(ErrorResponder.ErrorType.INVALID_ARGUMENT).message(str).cause(exc).haltError();
    }

    private HaltException serverError(String str, Exception exc) {
        return ErrorResponder.builder().statusCode(500).type(ErrorResponder.ErrorType.SERVER_ERROR).message(str).cause(exc).haltError();
    }

    private HaltException notFound(String str) {
        return ErrorResponder.builder().statusCode(404).type(ErrorResponder.ErrorType.INVALID_ARGUMENT).message(str).haltError();
    }
}
