package com.inet.adhoc.server;

import com.inet.adhoc.base.AHBaseUtils;
import com.inet.adhoc.base.i18n.ErrorCodes;
import com.inet.adhoc.base.i18n.Msg;
import com.inet.adhoc.base.model.AHCommand;
import com.inet.adhoc.base.xml.XMLSerializableString;
import com.inet.adhoc.io.ErrorResponse;
import com.inet.adhoc.io.IPathResolver;
import com.inet.adhoc.io.IRequest;
import com.inet.adhoc.io.IRequestHandler;
import com.inet.adhoc.io.IRequestHandlerFactory;
import com.inet.adhoc.io.Request;
import com.inet.adhoc.io.ResponseException;
import com.inet.adhoc.server.cache.impl.permissions.WebPermissions;
import com.inet.adhoc.server.database.DatabaseEntry;
import com.inet.adhoc.server.visualdb.VLCommandClient;
import com.inet.http.PluginServlet;
import com.inet.permissions.AccessDeniedException;
import com.inet.permissions.SystemPermissionChecker;
import com.inet.report.BaseUtils;
import com.inet.report.util.DesignerCCBridge;
import com.inet.shared.servlet.ServletUtils;
import com.inet.usersandgroups.api.user.UserManager;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Locale;
import javax.annotation.Nonnull;
import javax.annotation.SuppressFBWarnings;
import javax.management.ServiceNotFoundException;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.xml.transform.stream.StreamResult;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:com/inet/adhoc/server/AdHocServlet.class */
public class AdHocServlet extends HttpServlet implements PluginServlet {
    private IRequestHandlerFactory J;
    private b K;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.inet.adhoc.server.AdHocServlet$1, reason: invalid class name */
    /* loaded from: input_file:com/inet/adhoc/server/AdHocServlet$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] L = new int[AHCommand.values().length];

        static {
            try {
                L[AHCommand.VLRequest.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/inet/adhoc/server/AdHocServlet$a.class */
    public enum a {
        forbidden(403, ErrorCodes.forbidden),
        adhocInactive(503, ErrorCodes.adhocInactive),
        internalError(500, ErrorCodes.internalError);

        private final int P;
        private final ErrorCodes Q;

        a(int i, ErrorCodes errorCodes) {
            this.P = i;
            this.Q = errorCodes;
        }

        public int f() {
            return this.P;
        }

        public ErrorCodes g() {
            return this.Q;
        }
    }

    /* loaded from: input_file:com/inet/adhoc/server/AdHocServlet$b.class */
    private static class b implements IPathResolver {
        private final ServletContext S;

        public b(ServletContext servletContext) {
            this.S = servletContext;
        }

        public String getRealPath(String str) {
            return this.S.getRealPath(str);
        }
    }

    @Nonnull
    public String getPathSpec() {
        return "/api/adhoc";
    }

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        IRequestHandlerFactory staticInstance = this.J == null ? IRequestHandlerFactory.getStaticInstance() : this.J;
        b bVar = new b(getServletContext());
        if (staticInstance == null) {
            this.K = bVar;
        } else {
            this.J = staticInstance;
            this.J.updatePathResovler(bVar);
        }
    }

    public void setFactory(IRequestHandlerFactory iRequestHandlerFactory) {
        this.J = iRequestHandlerFactory;
        if (this.K != null) {
            this.J.updatePathResovler(this.K);
        }
    }

    @SuppressFBWarnings(value = {"XXE_DOCUMENT"}, justification = "DTD is disabled to prevent XXE")
    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        ErrorResponse errorResponse;
        if (UserManager.getInstance().getCurrentUserAccountID() == null) {
            throw new AccessDeniedException();
        }
        try {
            HttpSession session = httpServletRequest.getSession(true);
            if (!SystemPermissionChecker.checkSharedAccess(WebPermissions.INTERFACE_ADHOC) && !SystemPermissionChecker.checkAccess(WebPermissions.PERMISSION_REMOTEDATASOURCES)) {
                a(httpServletRequest.getLocale(), httpServletResponse, a.forbidden);
                return;
            }
            IRequestHandler a2 = a(session, httpServletRequest.getLocale());
            if ("GET".equalsIgnoreCase(httpServletRequest.getMethod())) {
                if (this.J == null || !this.J.isServiceEnabled()) {
                    throw new ServiceNotFoundException();
                }
                httpServletResponse.setContentType("text/html");
                httpServletResponse.setStatus(404);
                ServletUtils.sendFileNotExist(httpServletRequest, httpServletResponse);
                return;
            }
            if (!"POST".equalsIgnoreCase(httpServletRequest.getMethod())) {
                httpServletResponse.setStatus(405);
                return;
            }
            Element documentElement = AHBaseUtils.getDocumentBuilderFactory().newDocumentBuilder().parse((InputStream) httpServletRequest.getInputStream()).getDocumentElement();
            Request request = new Request();
            request.readXMLElement(documentElement);
            if (!a(request)) {
                a(httpServletRequest.getLocale(), httpServletResponse, a.forbidden);
                return;
            }
            if (!request.isRemoteDesignerRequest() || DesignerCCBridge.isPlusVersion()) {
                try {
                    errorResponse = a2.handleRequest(request, false);
                } catch (ResponseException e) {
                    errorResponse = e.getResponse();
                } catch (Throwable th) {
                    BaseUtils.error(th);
                    errorResponse = new ErrorResponse(request, th);
                }
            } else {
                errorResponse = new ErrorResponse(request, (Throwable) null, ErrorCodes.plusVersionRequired, httpServletRequest.getLocale(), new Object[0]);
                errorResponse.setType(1);
            }
            Document createBlankDocument = AHBaseUtils.createBlankDocument();
            createBlankDocument.appendChild(errorResponse.getXMLElement(createBlankDocument, a2.getUserLocale()));
            httpServletResponse.setStatus(200);
            httpServletResponse.setContentType("text/xml");
            ServletOutputStream outputStream = httpServletResponse.getOutputStream();
            AHBaseUtils.transform(createBlankDocument, new StreamResult((OutputStream) outputStream));
            outputStream.close();
        } catch (ServiceNotFoundException e2) {
            a(httpServletRequest.getLocale(), httpServletResponse, a.adhocInactive);
        } catch (Exception e3) {
            if (BaseUtils.isError()) {
                BaseUtils.error(e3);
            }
            a(httpServletRequest.getLocale(), httpServletResponse, a.internalError);
        }
    }

    private boolean a(IRequest iRequest) throws ServiceNotFoundException {
        switch (AnonymousClass1.L[iRequest.getCommand().ordinal()]) {
            case DatabaseEntry.TYPE_SYSTEM_TABLE /* 1 */:
                HashMap properties = iRequest.getProperties();
                if (properties != null && properties.containsKey(VLCommandClient.KEY_VL_COMMAND)) {
                    try {
                        if (!VLCommandClient.a.valueOf(((XMLSerializableString) properties.get(VLCommandClient.KEY_VL_COMMAND)).getValue()).av()) {
                            return SystemPermissionChecker.checkAccess(WebPermissions.PERMISSION_REMOTEDATASOURCES);
                        }
                    } catch (IllegalArgumentException e) {
                        BaseUtils.debug(e);
                    }
                }
                return SystemPermissionChecker.checkAccess(WebPermissions.PERMISSION_REMOTEDATASOURCES);
            default:
                if (this.J == null || !this.J.isServiceEnabled()) {
                    throw new ServiceNotFoundException();
                }
                return SystemPermissionChecker.checkSharedAccess(WebPermissions.INTERFACE_ADHOC);
        }
    }

    @SuppressFBWarnings(value = {"XSS_SERVLET"}, justification = "No user input")
    private void a(Locale locale, HttpServletResponse httpServletResponse, a aVar) throws IOException {
        httpServletResponse.setStatus(aVar.f());
        PrintWriter writer = httpServletResponse.getWriter();
        writer.write("<html><head><title>i-net Clear Reports Ad Hoc Reporting</title></head><body><h1>" + aVar.f() + " - " + Msg.getMsg(locale, "http.code" + aVar.f()) + "</h1><p>" + Msg.getMsg(locale, aVar.g().getI18nKey()) + "</p></body></html>");
        writer.flush();
        writer.close();
    }

    @SuppressFBWarnings(value = {"TRUST_BOUNDARY_VIOLATION"}, justification = "data are save")
    private IRequestHandler a(HttpSession httpSession, Locale locale) throws ServiceNotFoundException {
        IRequestHandler iRequestHandler = (IRequestHandler) httpSession.getAttribute("adhoc.renderdata");
        if (iRequestHandler == null) {
            iRequestHandler = this.J.createRequestHandler(locale);
            httpSession.setAttribute("adhoc.renderdata", iRequestHandler);
        }
        return iRequestHandler;
    }
}
