# Copyright (C) 2005-2025 Splunk Inc. All Rights Reserved.

import json
import sys

from splunk.clilib.bundle_paths import make_splunkhome_path

sys.path.append(make_splunkhome_path(['etc', 'apps', 'SA-ITOA', 'lib']))
sys.path.append(make_splunkhome_path(['etc', 'apps', 'SA-ITOA', 'lib', 'SA_ITOA_app_common']))

from SA_ITOA_app_common.splunklib import results

from itsi.itsi_utils import ITOAInterfaceUtils

from ITOA.rest_interface_provider_base import ItoaInterfaceProviderBase
from ITOA.controller_utils import ITOAError
from ITOA.setup_logging import logger
from ITOA.event_management.notable_event_seed_group import NotableEventSeedGroup


class AceInterfaceProvider(ItoaInterfaceProviderBase):

    def __init__(self, session_key, current_user, rest_method):
        self.session_key = session_key
        self.current_user = current_user
        self.rest_method = rest_method.upper()

    def handle_save_seed_groups_from_search_id(self, sid):
        """
        Will save seed groups to the kvstore based on a search id of a search that has already been executed

        @type: basestring
        @param sid: the search id of the search which has the seed group information
        """
        offset = 0
        group_ids = []
        # ACE returns a maximum of 200 events, so this loop will break when no more results are found
        while True:
            params = {
                "output_mode": "json",
                "count": 50,
                "offset": offset
            }
            try:
                service = ITOAInterfaceUtils.service_connection(self.session_key, app_name="SA-ITOA")
                search_job = service.jobs[sid]
                reader = results.JSONResultsReader(search_job.results(**params))
                content = [result for result in reader if isinstance(result, dict)]
            except Exception as e:
                logger.exception(e)
                logger.info('Could not find search with sid: {}, seed group save failed'.format(sid))
                raise ITOAError(status='400', message='Could not find search with sid: {}, seed group save failed.'.format(sid))
            try:
                data_list = content
                # if there are no results returned, then we are done reading results
                if len(data_list) == 0:
                    break
                data_list = [json.loads(data['_raw']) for data in data_list]
                seed_group = NotableEventSeedGroup(self.session_key)
                for data in data_list:
                    seed_group.convert_search_data_to_group_data(data)
                # if this is the first iteration, begin by deleting existing seed groups in KV store
                if offset == 0:
                    if data_list:
                        data = data_list[0]
                        policy_id = data.get("policy_id")
                        if policy_id:
                            filter_data = {"policy_id": policy_id}
                            logger.info("Deleting seed groups from KV store of policy %s", policy_id)
                            seed_group.delete_bulk(None, filter_data=filter_data)
                        else:
                            seed_group.delete_bulk(None)
                group_ids += seed_group.create_bulk(data_list)
                logger.info("Saving seed groups to KV store, current offset: %s", offset)
            except Exception as e:
                message = str(e)
                logger.error('saving seed groups failed with: %s', message)
                logger.exception(e)
                raise ITOAError(status='500', message=message)

            # increment results reader offset by our count
            offset += params.get("count")

        # response will be an array of group ids
        return group_ids