package com.amazon.opendistroforelasticsearch.security.dlic.rest.api;

import com.amazon.opendistroforelasticsearch.security.DefaultObjectMapper;
import com.amazon.opendistroforelasticsearch.security.auditlog.AuditLog;
import com.amazon.opendistroforelasticsearch.security.configuration.AdminDNs;
import com.amazon.opendistroforelasticsearch.security.configuration.ConfigurationRepository;
import com.amazon.opendistroforelasticsearch.security.dlic.rest.api.AbstractApiAction;
import com.amazon.opendistroforelasticsearch.security.dlic.rest.validation.AbstractConfigurationValidator;
import com.amazon.opendistroforelasticsearch.security.dlic.rest.validation.WhitelistValidator;
import com.amazon.opendistroforelasticsearch.security.privileges.PrivilegesEvaluator;
import com.amazon.opendistroforelasticsearch.security.securityconf.impl.CType;
import com.amazon.opendistroforelasticsearch.security.securityconf.impl.SecurityDynamicConfiguration;
import com.amazon.opendistroforelasticsearch.security.ssl.transport.PrincipalExtractor;
import com.fasterxml.jackson.databind.JsonNode;
import com.google.common.collect.ImmutableList;
import java.io.IOException;
import java.nio.file.Path;
import java.util.List;
import org.elasticsearch.action.index.IndexResponse;
import org.elasticsearch.client.Client;
import org.elasticsearch.cluster.service.ClusterService;
import org.elasticsearch.common.bytes.BytesReference;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.rest.RestChannel;
import org.elasticsearch.rest.RestController;
import org.elasticsearch.rest.RestHandler;
import org.elasticsearch.rest.RestRequest;
import org.elasticsearch.threadpool.ThreadPool;

/* loaded from: input_file:com/amazon/opendistroforelasticsearch/security/dlic/rest/api/WhitelistApiAction.class */
public class WhitelistApiAction extends PatchableResourceApiAction {
    private static final List<RestHandler.Route> routes = ImmutableList.of(new RestHandler.Route(RestRequest.Method.GET, "/_opendistro/_security/api/whitelist"), new RestHandler.Route(RestRequest.Method.PUT, "/_opendistro/_security/api/whitelist"), new RestHandler.Route(RestRequest.Method.PATCH, "/_opendistro/_security/api/whitelist"));
    private static final String name = "config";

    @Inject
    public WhitelistApiAction(Settings settings, Path path, RestController restController, Client client, AdminDNs adminDNs, ConfigurationRepository configurationRepository, ClusterService clusterService, PrincipalExtractor principalExtractor, PrivilegesEvaluator privilegesEvaluator, ThreadPool threadPool, AuditLog auditLog) {
        super(settings, path, restController, client, adminDNs, configurationRepository, clusterService, principalExtractor, privilegesEvaluator, threadPool, auditLog);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.amazon.opendistroforelasticsearch.security.dlic.rest.api.PatchableResourceApiAction, com.amazon.opendistroforelasticsearch.security.dlic.rest.api.AbstractApiAction
    public void handleApiRequest(RestChannel restChannel, RestRequest restRequest, Client client) throws IOException {
        if (isSuperAdmin()) {
            super.handleApiRequest(restChannel, restRequest, client);
        } else {
            forbidden(restChannel, "API allowed only for super admin.");
        }
    }

    @Override // com.amazon.opendistroforelasticsearch.security.dlic.rest.api.AbstractApiAction
    protected void handleGet(RestChannel restChannel, RestRequest restRequest, Client client, JsonNode jsonNode) throws IOException {
        SecurityDynamicConfiguration<?> load = load(getConfigName(), true);
        filter(load);
        successResponse(restChannel, load);
    }

    @Override // com.amazon.opendistroforelasticsearch.security.dlic.rest.api.AbstractApiAction
    protected void handleDelete(RestChannel restChannel, RestRequest restRequest, Client client, JsonNode jsonNode) throws IOException {
        notImplemented(restChannel, RestRequest.Method.DELETE);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.amazon.opendistroforelasticsearch.security.dlic.rest.api.AbstractApiAction
    public void handlePut(final RestChannel restChannel, RestRequest restRequest, Client client, JsonNode jsonNode) throws IOException {
        SecurityDynamicConfiguration<?> load = load(getConfigName(), false);
        if (load.getSeqNo() < 0) {
            forbidden(restChannel, "Security index need to be updated to support '" + getConfigName().toLCString() + "'. Use OpenDistroSecurityAdmin to populate.");
            return;
        }
        final boolean exists = load.exists(name);
        load.putCObject(name, DefaultObjectMapper.readTree(jsonNode, load.getImplementingClass()));
        saveAnUpdateConfigs(client, restRequest, getConfigName(), load, new AbstractApiAction.OnSucessActionListener<IndexResponse>(restChannel) { // from class: com.amazon.opendistroforelasticsearch.security.dlic.rest.api.WhitelistApiAction.1
            public void onResponse(IndexResponse indexResponse) {
                if (exists) {
                    WhitelistApiAction.this.successResponse(restChannel, "'config' updated.");
                } else {
                    WhitelistApiAction.this.createdResponse(restChannel, "'config' created.");
                }
            }
        });
    }

    public List<RestHandler.Route> routes() {
        return routes;
    }

    @Override // com.amazon.opendistroforelasticsearch.security.dlic.rest.api.AbstractApiAction
    protected Endpoint getEndpoint() {
        return Endpoint.WHITELIST;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.amazon.opendistroforelasticsearch.security.dlic.rest.api.AbstractApiAction
    public AbstractConfigurationValidator getValidator(RestRequest restRequest, BytesReference bytesReference, Object... objArr) {
        return new WhitelistValidator(restRequest, bytesReference, this.settings, objArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.amazon.opendistroforelasticsearch.security.dlic.rest.api.AbstractApiAction
    public String getResourceName() {
        return name;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.amazon.opendistroforelasticsearch.security.dlic.rest.api.AbstractApiAction
    public CType getConfigName() {
        return CType.WHITELIST;
    }
}
