package io.hops.hopsworks.common.featurestore.online;

import io.hops.hopsworks.common.dao.project.team.ProjectTeamFacade;
import io.hops.hopsworks.common.dao.user.security.secrets.SecretsFacade;
import io.hops.hopsworks.common.featurestore.FeaturestoreConstants;
import io.hops.hopsworks.common.featurestore.OptionDTO;
import io.hops.hopsworks.common.featurestore.storageconnectors.FeaturestoreConnectorFacade;
import io.hops.hopsworks.common.featurestore.storageconnectors.StorageConnectorUtil;
import io.hops.hopsworks.common.security.secrets.SecretsController;
import io.hops.hopsworks.common.util.Settings;
import io.hops.hopsworks.exceptions.FeaturestoreException;
import io.hops.hopsworks.exceptions.UserException;
import io.hops.hopsworks.persistence.entity.dataset.DatasetAccessPermission;
import io.hops.hopsworks.persistence.entity.featurestore.Featurestore;
import io.hops.hopsworks.persistence.entity.featurestore.storageconnector.FeaturestoreConnector;
import io.hops.hopsworks.persistence.entity.featurestore.storageconnector.FeaturestoreConnectorType;
import io.hops.hopsworks.persistence.entity.featurestore.storageconnector.jdbc.FeaturestoreJdbcConnector;
import io.hops.hopsworks.persistence.entity.project.Project;
import io.hops.hopsworks.persistence.entity.project.team.ProjectRoleTypes;
import io.hops.hopsworks.persistence.entity.project.team.ProjectTeam;
import io.hops.hopsworks.persistence.entity.user.Users;
import io.hops.hopsworks.persistence.entity.user.security.secrets.SecretId;
import io.hops.hopsworks.persistence.entity.user.security.secrets.VisibilityType;
import io.hops.hopsworks.restutils.RESTCodes;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import javax.ejb.TransactionAttribute;
import javax.ejb.TransactionAttributeType;
import org.apache.commons.lang3.RandomStringUtils;

@TransactionAttribute(TransactionAttributeType.NOT_SUPPORTED)
@Stateless
/* loaded from: input_file:io/hops/hopsworks/common/featurestore/online/OnlineFeaturestoreController.class */
public class OnlineFeaturestoreController {
    private static final Logger LOGGER = Logger.getLogger(OnlineFeaturestoreController.class.getName());
    public static final String ONLINEFS_USERNAME = "onlinefs";

    @EJB
    private SecretsFacade secretsFacade;

    @EJB
    private Settings settings;

    @EJB
    private SecretsController secretsController;

    @EJB
    private OnlineFeaturestoreFacade onlineFeaturestoreFacade;

    @EJB
    private ProjectTeamFacade projectTeamFacade;

    @EJB
    private FeaturestoreConnectorFacade featurestoreConnectorFacade;

    @EJB
    private StorageConnectorUtil storageConnectorUtil;

    public void setupOnlineFeaturestore(Users users, Featurestore featurestore) throws FeaturestoreException {
        if (!this.settings.isOnlineFeaturestore().booleanValue()) {
            throw new FeaturestoreException(RESTCodes.FeaturestoreErrorCode.FEATURESTORE_ONLINE_NOT_ENABLED, Level.FINE, "Online feature store service is not enabled for this Hopsworks instance");
        }
        String onlineFeaturestoreDbName = getOnlineFeaturestoreDbName(featurestore.getProject());
        this.onlineFeaturestoreFacade.createOnlineFeaturestoreDatabase(onlineFeaturestoreDbName);
        this.onlineFeaturestoreFacade.createOnlineFeaturestoreKafkaOffsetTable(onlineFeaturestoreDbName);
        createDatabaseUser(users, featurestore, ProjectRoleTypes.DATA_OWNER.getRole());
    }

    public void createDatabaseUser(Users users, Featurestore featurestore, String str) throws FeaturestoreException {
        if (checkIfDatabaseExists(getOnlineFeaturestoreDbName(featurestore.getProject())).booleanValue()) {
            String onlineDbUsername = onlineDbUsername(featurestore.getProject(), users);
            this.onlineFeaturestoreFacade.createOnlineFeaturestoreUser(onlineDbUsername, createOnlineFeaturestoreUserSecret(onlineDbUsername, users, featurestore.getProject()));
            updateUserOnlineFeatureStoreDB(users, featurestore, str);
        }
    }

    private String createOnlineFeaturestoreUserSecret(String str, Users users, Project project) throws FeaturestoreException {
        String randomAlphabetic = RandomStringUtils.randomAlphabetic(32);
        try {
            this.secretsController.delete(users, str);
            this.secretsController.add(users, str, randomAlphabetic, VisibilityType.PRIVATE, project.getId());
            return randomAlphabetic;
        } catch (UserException e) {
            throw new FeaturestoreException(RESTCodes.FeaturestoreErrorCode.FEATURESTORE_ONLINE_SECRETS_ERROR, Level.SEVERE, "Problem adding online featurestore password to hopsworks secretsmgr");
        }
    }

    public String onlineDbUsername(Project project, Users users) {
        return onlineDbUsername(project.getName(), users.getUsername());
    }

    public String getOnlineFeaturestoreDbName(Project project) {
        return project.getName().toLowerCase();
    }

    private String onlineDbUsername(String str, String str2) {
        String str3 = str + "_" + str2;
        if (str3.length() > 32) {
            str3 = str3.substring(0, 31);
        }
        return str3;
    }

    public void updateUserOnlineFeatureStoreDB(Users users, Featurestore featurestore, String str) throws FeaturestoreException {
        String onlineFeaturestoreDbName = getOnlineFeaturestoreDbName(featurestore.getProject());
        if (this.settings.isOnlineFeaturestore().booleanValue() && checkIfDatabaseExists(onlineFeaturestoreDbName).booleanValue()) {
            String onlineDbUsername = onlineDbUsername(featurestore.getProject(), users);
            this.onlineFeaturestoreFacade.revokeUserPrivileges(onlineFeaturestoreDbName, onlineDbUsername);
            if (str.equals(ProjectRoleTypes.DATA_OWNER.getRole())) {
                this.onlineFeaturestoreFacade.grantDataOwnerPrivileges(onlineFeaturestoreDbName, onlineDbUsername);
            } else {
                this.onlineFeaturestoreFacade.grantDataScientistPrivileges(onlineFeaturestoreDbName, onlineDbUsername);
            }
            try {
                createJdbcConnectorForOnlineFeaturestore(onlineDbUsername, featurestore, onlineFeaturestoreDbName);
            } catch (Exception e) {
            }
        }
    }

    public void createJdbcConnectorForOnlineFeaturestore(String str, Featurestore featurestore, String str2) throws FeaturestoreException {
        String str3 = str + FeaturestoreConstants.ONLINE_FEATURE_STORE_CONNECTOR_SUFFIX;
        if (this.featurestoreConnectorFacade.findByFeaturestoreName(featurestore, str3).isPresent()) {
            throw new FeaturestoreException(RESTCodes.FeaturestoreErrorCode.ILLEGAL_STORAGE_CONNECTOR_NAME, Level.FINE, "a storage connector with that name already exists");
        }
        FeaturestoreConnector featurestoreConnector = new FeaturestoreConnector();
        featurestoreConnector.setName(str3);
        featurestoreConnector.setDescription("JDBC connection to Hopsworks Project Online Feature Store NDB Database for user: " + str);
        featurestoreConnector.setFeaturestore(featurestore);
        featurestoreConnector.setConnectorType(FeaturestoreConnectorType.JDBC);
        FeaturestoreJdbcConnector featurestoreJdbcConnector = new FeaturestoreJdbcConnector();
        featurestoreJdbcConnector.setConnectionString(this.settings.getFeaturestoreJdbcUrl() + str2 + OnlineFeaturestoreFacade.MYSQL_PROPERTIES);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new OptionDTO(FeaturestoreConstants.ONLINE_FEATURE_STORE_JDBC_PASSWORD_ARG, FeaturestoreConstants.ONLINE_FEATURE_STORE_CONNECTOR_PASSWORD_TEMPLATE));
        arrayList.add(new OptionDTO(FeaturestoreConstants.ONLINE_FEATURE_STORE_JDBC_USER_ARG, str));
        arrayList.add(new OptionDTO(FeaturestoreConstants.ONLINE_FEATURE_STORE_JDBC_DRIVER_ARG, OnlineFeaturestoreFacade.MYSQL_DRIVER));
        arrayList.add(new OptionDTO("isolationLevel", "NONE"));
        arrayList.add(new OptionDTO("batchsize", "500"));
        featurestoreJdbcConnector.setArguments(this.storageConnectorUtil.fromOptions(arrayList));
        featurestoreConnector.setJdbcConnector(featurestoreJdbcConnector);
        this.featurestoreConnectorFacade.update(featurestoreConnector);
    }

    public void removeOnlineFeatureStore(Project project) throws FeaturestoreException {
        if (this.settings.isOnlineFeaturestore().booleanValue() && checkIfDatabaseExists(getOnlineFeaturestoreDbName(project)).booleanValue()) {
            for (ProjectTeam projectTeam : this.projectTeamFacade.findMembersByProject(project)) {
                String onlineDbUsername = onlineDbUsername(project, projectTeam.getUser());
                try {
                    this.secretsController.delete(projectTeam.getUser(), onlineDbUsername);
                    this.onlineFeaturestoreFacade.removeOnlineFeaturestoreUser(onlineDbUsername);
                } catch (UserException e) {
                    throw new FeaturestoreException(RESTCodes.FeaturestoreErrorCode.FEATURESTORE_ONLINE_SECRETS_ERROR, Level.SEVERE, "Problem removing user-secret to online featurestore");
                }
            }
            this.onlineFeaturestoreFacade.removeOnlineFeaturestoreDatabase(getOnlineFeaturestoreDbName(project));
        }
    }

    public void removeOnlineFeaturestoreUser(Featurestore featurestore, Users users) throws FeaturestoreException {
        if (checkIfDatabaseExists(getOnlineFeaturestoreDbName(featurestore.getProject())).booleanValue()) {
            String onlineDbUsername = onlineDbUsername(featurestore.getProject().getName(), users.getUsername());
            this.secretsFacade.deleteSecret(new SecretId(users.getUid(), onlineDbUsername));
            this.onlineFeaturestoreFacade.removeOnlineFeaturestoreUser(onlineDbUsername);
            this.featurestoreConnectorFacade.deleteByFeaturestoreName(featurestore, onlineDbUsername + FeaturestoreConstants.ONLINE_FEATURE_STORE_CONNECTOR_SUFFIX);
        }
    }

    public void shareOnlineFeatureStore(Project project, Featurestore featurestore, DatasetAccessPermission datasetAccessPermission) throws FeaturestoreException {
        String onlineFeaturestoreDbName = getOnlineFeaturestoreDbName(featurestore.getProject());
        if (checkIfDatabaseExists(onlineFeaturestoreDbName).booleanValue()) {
            for (ProjectTeam projectTeam : this.projectTeamFacade.findMembersByProject(project)) {
                shareOnlineFeatureStoreUser(project, projectTeam.getUser(), projectTeam.getTeamRole(), onlineFeaturestoreDbName, datasetAccessPermission);
            }
        }
    }

    public void shareOnlineFeatureStore(Project project, Users users, String str, Featurestore featurestore, DatasetAccessPermission datasetAccessPermission) throws FeaturestoreException {
        String onlineFeaturestoreDbName = getOnlineFeaturestoreDbName(featurestore.getProject());
        if (checkIfDatabaseExists(onlineFeaturestoreDbName).booleanValue()) {
            shareOnlineFeatureStoreUser(project, users, str, onlineFeaturestoreDbName, datasetAccessPermission);
        }
    }

    private void shareOnlineFeatureStoreUser(Project project, Users users, String str, String str2, DatasetAccessPermission datasetAccessPermission) throws FeaturestoreException {
        String onlineDbUsername = onlineDbUsername(project, users);
        this.onlineFeaturestoreFacade.revokeUserPrivileges(str2, onlineDbUsername);
        if (datasetAccessPermission == DatasetAccessPermission.READ_ONLY || (datasetAccessPermission == DatasetAccessPermission.EDITABLE_BY_OWNERS && str.equals(ProjectRoleTypes.DATA_SCIENTIST.getRole()))) {
            this.onlineFeaturestoreFacade.grantDataScientistPrivileges(str2, onlineDbUsername);
        } else {
            this.onlineFeaturestoreFacade.grantDataOwnerPrivileges(str2, onlineDbUsername);
        }
    }

    public void unshareOnlineFeatureStore(Project project, Featurestore featurestore) {
        String onlineFeaturestoreDbName = getOnlineFeaturestoreDbName(featurestore.getProject());
        if (checkIfDatabaseExists(onlineFeaturestoreDbName).booleanValue()) {
            Iterator<ProjectTeam> it = this.projectTeamFacade.findMembersByProject(project).iterator();
            while (it.hasNext()) {
                this.onlineFeaturestoreFacade.revokeUserPrivileges(onlineFeaturestoreDbName, onlineDbUsername(project, it.next().getUser()));
            }
        }
    }

    public Boolean checkIfDatabaseExists(String str) {
        return this.onlineFeaturestoreFacade.checkIfDatabaseExists(str);
    }
}
