/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License, Version 1.0 only
 * (the "License").  You may not use this file except in compliance
 * with the License.
 *
 * You can obtain a copy of the license at
 * docs/licenses/cddl.txt
 * or http://www.opensource.org/licenses/cddl1.php.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at
 * docs/licenses/cddl.txt.  If applicable,
 * add the following below this CDDL HEADER, with the fields enclosed
 * by brackets "[]" replaced with your own identifying information:
 *      Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 *
 *
 *      Portions Copyright 2010-2024 Ping Identity Corporation
 */
package com.unboundid.directory.sdk.broker.api;

import com.unboundid.directory.sdk.broker.internal.BrokerExtension;
import com.unboundid.directory.sdk.broker.config.PolicyDecisionLoggerConfig;
import com.unboundid.directory.sdk.common.internal.ExampleUsageProvider;
import com.unboundid.directory.sdk.common.internal.Reconfigurable;
import com.unboundid.directory.sdk.common.internal.UnboundIDExtension;
import com.unboundid.directory.sdk.broker.types.PolicyMessageType;
import com.unboundid.directory.sdk.common.types.ServerContext;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.util.Extensible;
import com.unboundid.util.ThreadSafety;
import com.unboundid.util.ThreadSafetyLevel;
import com.unboundid.util.args.ArgumentException;
import com.unboundid.util.args.ArgumentParser;

import java.util.Collections;
import java.util.List;
import java.util.Map;

/**
 * This class defines an API that must be implemented by extensions which
 * record information about PingAuthorize policy enforcement point
 * (PEP) and policy decision point (PDP) activity
 * <BR><BR>
 * Each policy decision logger may be configured to indicate whether to
 * include the PDP response or exclude log messages based on their Policy
 * Message Type.  This is handled automatically by the server, so individual
 * policy decision logger implementations do not need to attempt to perform that
 * filtering on their own.  However, they may perform additional processing
 * if desired to further narrow the set of messages that should be logged.
 * <BR>
 * <H2>Configuring Policy Decision Loggers</H2>
 * To configure a policy decision created using this API, use a command
 * like:
 * <PRE>
 *      dsconfig create-log-publisher \
 *           --publisher-name "<I>{logger-name}</I>" \
 *           --type third-party-policy-decision \
 *           --set enabled:true \
 *           --set "extension-class:<I>{class-name}</I>" \
 *           --set "extension-argument:<I>{name=value}</I>"
 * </PRE>
 * where "<I>{logger-name}</I>" is the name
 * to use for the policy decision logger
 * instance, "<I>{class-name}</I>" is the fully-qualified name of the Java class
 * that extends {@code com.unboundid.directory.sdk.common.api
 * .PolicyDecisionLogger},
 * and "<I>{name=value}</I>" represents name-value pairs for any arguments to
 * provide to the logger.  If multiple arguments should be provided to the
 * logger, then the "<CODE>--set extension-argument:<I>{name=value}</I></CODE>"
 * option should be provided multiple times.
 *
 */
@Extensible()
@BrokerExtension()
@ThreadSafety(level= ThreadSafetyLevel.INTERFACE_THREADSAFE)
public abstract class PolicyDecisionLogger implements UnboundIDExtension,
        Reconfigurable<PolicyDecisionLoggerConfig>, ExampleUsageProvider {

    /**
     * Creates a new instance of this policy decision logger.
     * All policy decision logger implementations must include a default
     * constructor, but any initialization should generally be done in
     * the {@code initializePolicyDecisionLogger} method.
     */
    public PolicyDecisionLogger()
    {
        // No implementation is required.
    }

    /**
     * {@inheritDoc}
     */
    public abstract String getExtensionName();

    /**
     * {@inheritDoc}
     */
    public abstract String[] getExtensionDescription();

    /**
     * {@inheritDoc}
     */
    public void defineConfigArguments(final ArgumentParser parser)
            throws ArgumentException
    {
        // No arguments will be allowed by default.
    }

    /**
     * Initializes this policy decision logger.
     *
     * @param  serverContext  A handle to the server context for the server in
     *                        which this extension is running.
     * @param  config         The general configuration for
     *                        this policy decision logger.
     * @param  parser         The argument parser which
     *                        has been initialized from the configuration
     *                        for this policy decision logger.
     *
     * @throws LDAPException  If a problem occurs while initializing
     * this policy decision logger.
     */
    public void initializePolicyDecisionLogger(
            final ServerContext serverContext,
                                      final PolicyDecisionLoggerConfig config,
                                      final ArgumentParser parser)
            throws LDAPException
    {
        // No initialization will be performed by default.
    }

    /**
     * {@inheritDoc}
     */
    public boolean isConfigurationAcceptable(
            final PolicyDecisionLoggerConfig config,
            final ArgumentParser parser,
            final List<String> unacceptableReasons)
    {
        // No extended validation will be performed by default.
        return true;
    }



    /**
     * {@inheritDoc}
     */
    public ResultCode applyConfiguration(
            final PolicyDecisionLoggerConfig config,
            final ArgumentParser parser,
            final List<String> adminActionsRequired,
            final List<String> messages)
    {
        // By default, no configuration changes will be applied.
        // If there are any arguments,
        // then add an admin action message indicating that the extension
        // needs to be restarted for any changes to take effect.
        if (! parser.getNamedArguments().isEmpty())
        {
            adminActionsRequired.add(
                    "No configuration change has actually been applied." +
                    " The new configuration will not take effect" +
                    " until this policy decision logger is disabled" +
                    " and re-enabled or until the server is restarted.");
        }
        return ResultCode.SUCCESS;
    }

    /**
     * Performs any cleanup which may be necessary when this
     * policy decision logger is to be taken out of service.
     */
    public void finalizePolicyDecisionLogger()
    {
        // No implementation is required.
    }

    /**
     * Logs a message.
     *
     * @param messageType The {@link PolicyMessageType}.
     *                    This is an indication of what stage in the decision
     *                    processing lifecycle is being logged.
     *                    <p>
     *                    This can be either {@link PolicyMessageType#ADVICE}
     *                    or {@link PolicyMessageType#DECISION}
     *                    </p>
     * @param logContext   A set of key/value pairs summarizing and providing
     *                    context for the policy decision or advice.
     * @param message     This is {@code null} when include-pdp-response
     *                    is disabled and for message types that do not record
     *                    a policy decision response
     *                    (like {@link PolicyMessageType#ADVICE}).
     */
    public abstract void log(
            final PolicyMessageType messageType,
            final Map<String, String> logContext,
            final String message);



    /**
     * {@inheritDoc}
     */
    public Map<List<String>,String> getExamplesArgumentSets()
    {
        return Collections.emptyMap();
    }
}