package org.apache.pinot.broker.api.resources;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiKeyAuthDefinition;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.Authorization;
import io.swagger.annotations.SecurityDefinition;
import io.swagger.annotations.SwaggerDefinition;
import java.util.Collection;
import javax.inject.Inject;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.container.AsyncResponse;
import javax.ws.rs.container.Suspended;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import org.apache.pinot.broker.broker.AccessControlFactory;
import org.apache.pinot.common.cursors.AbstractResponseStore;
import org.apache.pinot.common.metrics.BrokerMeter;
import org.apache.pinot.common.metrics.BrokerMetrics;
import org.apache.pinot.common.response.BrokerResponse;
import org.apache.pinot.common.response.CursorResponse;
import org.apache.pinot.core.auth.Authorize;
import org.apache.pinot.core.auth.ManualAuthorization;
import org.apache.pinot.core.auth.TargetType;
import org.apache.pinot.spi.auth.TableAuthorizationResult;
import org.apache.pinot.spi.env.PinotConfiguration;
import org.glassfish.grizzly.http.server.Request;
import org.glassfish.jersey.server.ManagedAsync;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Api(tags = {"ResponseStore"}, authorizations = {@Authorization("oauth")})
@SwaggerDefinition(securityDefinition = @SecurityDefinition(apiKeyAuthDefinitions = {@ApiKeyAuthDefinition(name = "Authorization", in = ApiKeyAuthDefinition.ApiKeyLocation.HEADER, key = "oauth", description = "The format of the key is  ```\"Basic <token>\" or \"Bearer <token>\"```")}))
@Path("/responseStore")
/* loaded from: input_file:org/apache/pinot/broker/api/resources/ResponseStoreResource.class */
public class ResponseStoreResource {
    private static final Logger LOGGER = LoggerFactory.getLogger(ResponseStoreResource.class);

    @Inject
    private PinotConfiguration _brokerConf;

    @Inject
    private BrokerMetrics _brokerMetrics;

    @Inject
    private AbstractResponseStore _responseStore;

    @Inject
    AccessControlFactory _accessControlFactory;

    @GET
    @Path("/")
    @ApiOperation(value = "Get metadata of all response stores.", notes = "Get metadata of all response stores")
    @Produces({"application/json"})
    @Authorize(targetType = TargetType.CLUSTER, action = "GetResponseStore")
    public Collection<CursorResponse> getResults(@Context HttpHeaders httpHeaders) {
        try {
            return this._responseStore.getAllStoredResponses();
        } catch (Exception e) {
            throw new WebApplicationException(e, Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build());
        }
    }

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "Query response"), @ApiResponse(code = 500, message = "Internal Server Error")})
    @Path("{requestId}")
    @ApiOperation("Response without ResultTable of a query")
    @Produces({"application/json"})
    @ManualAuthorization
    public BrokerResponse getSqlQueryMetadata(@PathParam("requestId") @ApiParam(value = "Request ID of the query", required = true) String str, @Context Request request) {
        try {
            checkRequestExistsAndAuthorized(str, request);
            return this._responseStore.readResponse(str);
        } catch (WebApplicationException e) {
            throw e;
        } catch (Exception e2) {
            LOGGER.error("Caught exception while processing GET request", e2);
            this._brokerMetrics.addMeteredGlobalValue(BrokerMeter.UNCAUGHT_GET_EXCEPTIONS, 1L);
            throw new WebApplicationException(e2, Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e2.getMessage()).build());
        }
    }

    @Path("{requestId}/results")
    @ManagedAsync
    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "Query response"), @ApiResponse(code = 500, message = "Internal Server Error")})
    @ApiOperation("Get result set from the query's response store")
    @Produces({"application/json"})
    @ManualAuthorization
    public void getSqlQueryResult(@PathParam("requestId") @ApiParam(value = "Request ID of the query", required = true) String str, @QueryParam("offset") @ApiParam(value = "Offset in the result set", required = true) int i, @QueryParam("numRows") @ApiParam("Number of rows to fetch") Integer num, @Context Request request, @Suspended AsyncResponse asyncResponse) {
        try {
            checkRequestExistsAndAuthorized(str, request);
            if (num == null) {
                num = Integer.valueOf(this._brokerConf.getProperty("pinot.broker.cursor.fetch.rows", 10000));
            }
            asyncResponse.resume(PinotClientRequest.getPinotQueryResponse(this._responseStore.handleCursorRequest(str, i, num.intValue())));
        } catch (WebApplicationException e) {
            asyncResponse.resume(e);
        } catch (Exception e2) {
            LOGGER.error("Caught exception while processing GET request", e2);
            this._brokerMetrics.addMeteredGlobalValue(BrokerMeter.UNCAUGHT_GET_EXCEPTIONS, 1L);
            asyncResponse.resume(new WebApplicationException(e2, Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e2.getMessage()).build()));
        }
    }

    @Path("/{requestId}")
    @DELETE
    @ApiOperation(value = "Delete the response store of a query", notes = "Delete the response store of a query")
    @Produces({"application/json"})
    @Authorize(targetType = TargetType.CLUSTER, action = "DeleteResponseStore")
    public String deleteResponse(@PathParam("requestId") @ApiParam(value = "Request ID of the query", required = true) String str, @Context HttpHeaders httpHeaders) {
        try {
            if (this._responseStore.deleteResponse(str)) {
                return "Query Results for " + str + " deleted.";
            }
            throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).entity(String.format("Query results for %s not found.", str)).build());
        } catch (Exception e) {
            throw new WebApplicationException(e, Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build());
        }
    }

    private void checkRequestExistsAndAuthorized(String str, Request request) throws Exception {
        if (!this._responseStore.exists(str)) {
            throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).entity(String.format("Query results for %s not found.", str)).build());
        }
        TableAuthorizationResult authorize = this._accessControlFactory.create().authorize(PinotClientRequest.makeHttpIdentity(request), this._responseStore.readResponse(str).getTablesQueried());
        if (!authorize.hasAccess()) {
            throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).entity(authorize.getFailureMessage()).build());
        }
    }
}
