package org.linagora.linShare.view.tapestry.rest.impl;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.List;
import org.apache.commons.fileupload.FileUploadBase;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.methods.multipart.FilePart;
import org.apache.jackrabbit.webdav.DavConstants;
import org.apache.jackrabbit.webdav.DavMethods;
import org.apache.jackrabbit.webdav.version.DeltaVConstants;
import org.apache.tapestry5.services.ApplicationStateManager;
import org.apache.tapestry5.services.Request;
import org.apache.tapestry5.services.Response;
import org.apache.tapestry5.upload.services.UploadedFile;
import org.apache.xalan.templates.Constants;
import org.linagora.linShare.core.Facade.DocumentFacade;
import org.linagora.linShare.core.Facade.SearchDocumentFacade;
import org.linagora.linShare.core.domain.constants.DocumentType;
import org.linagora.linShare.core.domain.vo.DocumentVo;
import org.linagora.linShare.core.domain.vo.SearchDocumentCriterion;
import org.linagora.linShare.core.domain.vo.UserVo;
import org.linagora.linShare.core.exception.BusinessErrorCode;
import org.linagora.linShare.core.exception.BusinessException;
import org.linagora.linShare.view.tapestry.rest.DocumentRestService;
import org.linagora.linShare.view.tapestry.services.MyMultipartDecoder;
import org.linagora.linShare.view.tapestry.services.impl.MailContainerBuilder;
import org.linagora.linShare.view.tapestry.services.impl.PropertiesSymbolProvider;
import org.linagora.linShare.view.tapestry.utils.XSSFilter;
import org.linagora.restmarshaller.Marshaller;
import org.owasp.validator.html.Policy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import us.antera.t5restfulws.RestfulWebMethod;

/* loaded from: input_file:WEB-INF/classes/org/linagora/linShare/view/tapestry/rest/impl/DocumentRestServiceImpl.class */
public class DocumentRestServiceImpl implements DocumentRestService {
    private final ApplicationStateManager applicationStateManager;
    private final SearchDocumentFacade searchDocumentFacade;
    private final DocumentFacade documentFacade;
    private final MyMultipartDecoder myMultipartDecoder;
    private final PropertiesSymbolProvider propertiesSymbolProvider;
    private final Marshaller xstreamMarshaller;
    private final MailContainerBuilder mailContainerBuilder;
    private final Policy antiSamyPolicy;
    private static final Logger logger = LoggerFactory.getLogger(DocumentRestServiceImpl.class);
    private static final int VIRUS_DETECTED_HTTP_STATUS = 451;

    public DocumentRestServiceImpl(ApplicationStateManager applicationStateManager, SearchDocumentFacade searchDocumentFacade, DocumentFacade documentFacade, MyMultipartDecoder myMultipartDecoder, PropertiesSymbolProvider propertiesSymbolProvider, Marshaller marshaller, MailContainerBuilder mailContainerBuilder, Policy policy) {
        this.applicationStateManager = applicationStateManager;
        this.searchDocumentFacade = searchDocumentFacade;
        this.documentFacade = documentFacade;
        this.xstreamMarshaller = marshaller;
        this.myMultipartDecoder = myMultipartDecoder;
        this.propertiesSymbolProvider = propertiesSymbolProvider;
        this.mailContainerBuilder = mailContainerBuilder;
        this.antiSamyPolicy = policy;
    }

    @Override // org.linagora.linShare.view.tapestry.rest.DocumentRestService
    @RestfulWebMethod
    public void getdocumentlist(Request request, Response response) throws IOException {
        UserVo userVo = (UserVo) this.applicationStateManager.getIfExists(UserVo.class);
        if (userVo == null) {
            response.sendError(401, "You are not authorized to use this service");
            return;
        }
        logger.debug("Showing " + userVo.getMail() + " document list");
        List<DocumentVo> retrieveDocument = this.searchDocumentFacade.retrieveDocument(userVo);
        if (retrieveDocument == null) {
            response.sendError(404, "No such document");
            return;
        }
        String xml = this.xstreamMarshaller.toXml(retrieveDocument);
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(response.getOutputStream("text/xml"), "UTF-8");
        response.setStatus(200);
        outputStreamWriter.append((CharSequence) xml);
        outputStreamWriter.flush();
        outputStreamWriter.close();
    }

    @Override // org.linagora.linShare.view.tapestry.rest.DocumentRestService
    @RestfulWebMethod
    public void getdocument(Request request, Response response, String str) throws IOException {
        UserVo userVo = (UserVo) this.applicationStateManager.getIfExists(UserVo.class);
        if (userVo == null) {
            response.sendError(401, "You are not authorized to use this service");
            return;
        }
        DocumentVo document = this.documentFacade.getDocument(userVo.getLogin(), str);
        if (document == null) {
            logger.info("Did not found  document " + str + " for user " + userVo.getMail());
            response.sendError(404, "document not found");
            return;
        }
        try {
            InputStream retrieveFileStream = this.documentFacade.retrieveFileStream(document, userVo);
            response.setStatus(200);
            OutputStream outputStream = response.getOutputStream(FilePart.DEFAULT_CONTENT_TYPE);
            response.setContentLength(document.getSize().intValue());
            response.setHeader(FileUploadBase.CONTENT_DISPOSITION, "attachment; filename=" + document.getFileName());
            response.setHeader("Content-Transfer-Encoding", "none");
            response.setHeader("Pragma", "no-cache");
            response.setHeader("Cache-Control", "must-revalidate, post-check=0, pre-check=0, public");
            response.setIntHeader("Expires", 0);
            writeToOutputStream(retrieveFileStream, outputStream);
            outputStream.flush();
            outputStream.close();
        } catch (BusinessException e) {
            logger.error("Could not retrieve document " + str + " for user " + userVo.getMail() + " : " + e.getMessage());
            response.setHeader("BusinessError", e.getErrorCode().getCode() + "");
            response.sendError(404, "document not found");
        }
    }

    @Override // org.linagora.linShare.view.tapestry.rest.DocumentRestService
    @RestfulWebMethod
    public void removedocument(Request request, Response response, String str) throws IOException {
        UserVo userVo = (UserVo) this.applicationStateManager.getIfExists(UserVo.class);
        if (userVo == null) {
            response.sendError(401, "You are not authorized to use this service");
            return;
        }
        DocumentVo document = this.documentFacade.getDocument(userVo.getLogin(), str);
        if (document == null) {
            logger.info("Did not found  document " + str + " for user " + userVo.getMail());
            response.sendError(404, "document not found");
            return;
        }
        try {
            this.documentFacade.removeDocument(userVo, document, this.mailContainerBuilder.buildMailContainer(userVo, null));
            response.setStatus(200);
        } catch (BusinessException e) {
            logger.error("Could not remove document " + str + " for user " + userVo.getMail() + " : " + e.getMessage());
            response.setHeader("BusinessError", e.getErrorCode().getCode() + "");
            response.sendError(HttpStatus.SC_EXPECTATION_FAILED, "could not remove the document");
        }
    }

    @Override // org.linagora.linShare.view.tapestry.rest.DocumentRestService
    @RestfulWebMethod
    public void uploadfile(Request request, Response response) throws IOException {
        String contentType;
        UserVo userVo = (UserVo) this.applicationStateManager.getIfExists(UserVo.class);
        if (userVo == null) {
            response.sendError(401, "You are not authorized to use this service");
            return;
        }
        if (!DavMethods.METHOD_POST.equals(request.getMethod())) {
            logger.error("Method not allowed");
            response.sendError(405, "Method not allowed");
            response.setHeader("Allow", DavMethods.METHOD_POST);
            return;
        }
        logger.debug("request.getParameterNames() : " + request.getParameterNames());
        if (request.getParameterNames().size() < 1) {
            logger.error("Not enough parameters");
            response.sendError(400, "Not enough parameters");
            return;
        }
        if (!request.getParameterNames().contains("file")) {
            logger.error("Missing parameter file");
            response.sendError(400, "Missing parameter file");
            return;
        }
        if (userVo.isGuest() && !userVo.isUpload()) {
            logger.error("You are not authorized to use this service");
            response.sendError(403, "You are not authorized to use this service");
            return;
        }
        UploadedFile fileUpload = this.myMultipartDecoder.getFileUpload("file");
        if (fileUpload == null) {
            logger.error("No file uploaded by user " + userVo.getMail());
            response.sendError(400, "The file is not provided");
            return;
        }
        String str = null;
        if (request.getParameterNames().contains(Constants.ELEMNAME_COMMENT_STRING)) {
            str = request.getParameter(Constants.ELEMNAME_COMMENT_STRING);
            logger.debug("comment : " + str);
        }
        long j = -1;
        try {
            j = this.documentFacade.getUserMaxFileSize(userVo).longValue();
        } catch (BusinessException e) {
            response.sendError(420, "Couldn't load parameters");
        }
        long j2 = 0;
        try {
            j2 = this.documentFacade.getUserAvailableQuota(userVo).longValue();
        } catch (BusinessException e2) {
            response.sendError(420, "Couldn't load user available quota");
        }
        if (j > 0 && fileUpload.getSize() > j) {
            response.sendError(420, "The file is larger than the maximum allowed");
            return;
        }
        if (fileUpload.getSize() > j2) {
            response.sendError(420, "The file is larger than the remaining user space");
            return;
        }
        try {
            contentType = this.documentFacade.getMimeType(fileUpload.getStream(), fileUpload.getFilePath());
            if (null == contentType) {
                contentType = fileUpload.getContentType();
            }
        } catch (BusinessException e3) {
            contentType = fileUpload.getContentType();
        }
        try {
            XSSFilter xSSFilter = new XSSFilter(this.antiSamyPolicy, null);
            String str2 = null;
            if (request.getParameterNames().contains("filename")) {
                str2 = request.getParameter("filename");
            }
            if (str2 == null) {
                str2 = fileUpload.getFileName();
            }
            String clean = xSSFilter.clean(str2);
            logger.debug("fileName : " + clean);
            DocumentVo insertFile = this.documentFacade.insertFile(fileUpload.getStream(), fileUpload.getSize(), clean, contentType, userVo);
            if (str != null) {
                this.documentFacade.updateFileProperties(insertFile.getIdentifier(), clean, xSSFilter.clean(str));
            }
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(response.getOutputStream("text/xml"), "UTF-8");
            response.setStatus(201);
            response.setHeader(DeltaVConstants.HEADER_LOCATION, this.propertiesSymbolProvider.valueForSymbol("linshare.info.url.base") + "documentrestservice/getdocument/" + insertFile.getIdentifier());
            outputStreamWriter.append((CharSequence) this.xstreamMarshaller.toXml(insertFile));
            outputStreamWriter.flush();
            outputStreamWriter.close();
        } catch (BusinessException e4) {
            logger.error("Could not insert file for user  " + userVo.getMail() + " : " + e4.getCause());
            if (e4.getErrorCode().getCode() == BusinessErrorCode.FILE_CONTAINS_VIRUS.getCode()) {
                response.setHeader("BusinessError", e4.getErrorCode().getCode() + "");
                response.sendError(VIRUS_DETECTED_HTTP_STATUS, "Error " + e4);
            } else {
                response.setHeader("BusinessError", e4.getErrorCode().getCode() + "");
                response.sendError(420, "Error " + e4);
            }
        }
    }

    @Override // org.linagora.linShare.view.tapestry.rest.DocumentRestService
    @RestfulWebMethod
    public void finddocument(Request request, Response response) throws IOException {
        UserVo userVo = (UserVo) this.applicationStateManager.getIfExists(UserVo.class);
        if (userVo == null) {
            response.sendError(401, "You are not authorized to use this service");
            return;
        }
        if (!DavMethods.METHOD_POST.equals(request.getMethod())) {
            response.sendError(405, "Method not allowed");
            response.setHeader("Allow", DavMethods.METHOD_POST);
            return;
        }
        if (request.getParameterNames().size() < 1) {
            response.sendError(400, "Not enough parameters");
            return;
        }
        String parameter = request.getParameter("name");
        String parameter2 = request.getParameter("type");
        Boolean valueOf = Boolean.valueOf("true".equalsIgnoreCase(request.getParameter(DavConstants.XML_SHARED)));
        String parameter3 = request.getParameter("sizeMin");
        Long l = null;
        if (parameter3 != null) {
            try {
                l = Long.valueOf(Long.parseLong(parameter3));
            } catch (Exception e) {
            }
        }
        String parameter4 = request.getParameter("sizeMax");
        Long l2 = null;
        if (parameter4 != null) {
            try {
                l2 = Long.valueOf(Long.parseLong(parameter4));
            } catch (Exception e2) {
            }
        }
        DocumentType documentType = DocumentType.BOTH;
        String parameter5 = request.getParameter("documentType");
        if (parameter5 != null) {
            if ("SHARED".equalsIgnoreCase(parameter5)) {
                documentType = DocumentType.SHARED;
            }
            if ("OWNED".equalsIgnoreCase(parameter5)) {
                documentType = DocumentType.OWNED;
            }
        }
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("dd/mm/yyyy");
        String parameter6 = request.getParameter("dateBegin");
        GregorianCalendar gregorianCalendar = null;
        if (parameter6 != null) {
            try {
                Date parse = simpleDateFormat.parse(parameter6);
                gregorianCalendar = new GregorianCalendar();
                gregorianCalendar.setTime(parse);
            } catch (Exception e3) {
            }
        }
        String parameter7 = request.getParameter("dateEnd");
        GregorianCalendar gregorianCalendar2 = null;
        if (parameter7 != null) {
            try {
                Date parse2 = simpleDateFormat.parse(parameter7);
                gregorianCalendar2 = new GregorianCalendar();
                gregorianCalendar2.setTime(parse2);
            } catch (Exception e4) {
            }
        }
        List<DocumentVo> retrieveDocumentContainsCriterion = this.searchDocumentFacade.retrieveDocumentContainsCriterion(new SearchDocumentCriterion(userVo, parameter, l, l2, parameter2, valueOf, gregorianCalendar, gregorianCalendar2, null, null, documentType));
        if (retrieveDocumentContainsCriterion == null) {
            response.sendError(404, "No such document");
            return;
        }
        String xml = this.xstreamMarshaller.toXml(retrieveDocumentContainsCriterion);
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(response.getOutputStream("text/xml"), "UTF-8");
        response.setStatus(200);
        outputStreamWriter.append((CharSequence) xml);
        outputStreamWriter.flush();
        outputStreamWriter.close();
    }

    @Override // org.linagora.linShare.view.tapestry.rest.DocumentRestService
    @RestfulWebMethod
    public void getdocumentproperties(Request request, Response response, String str) throws IOException {
        UserVo userVo = (UserVo) this.applicationStateManager.getIfExists(UserVo.class);
        if (userVo == null) {
            response.sendError(401, "You are not authorized to use this service");
            return;
        }
        List<DocumentVo> retrieveDocumentContainsCriterion = this.searchDocumentFacade.retrieveDocumentContainsCriterion(new SearchDocumentCriterion(userVo, null, null, null, null, null, null, null, null, null, null));
        if (retrieveDocumentContainsCriterion == null) {
            response.sendError(404, "No such document");
            return;
        }
        for (DocumentVo documentVo : retrieveDocumentContainsCriterion) {
            if (documentVo.getIdentifier().equals(str)) {
                String xml = this.xstreamMarshaller.toXml(documentVo);
                OutputStreamWriter outputStreamWriter = new OutputStreamWriter(response.getOutputStream("text/xml"), "UTF-8");
                response.setStatus(200);
                outputStreamWriter.append((CharSequence) xml);
                outputStreamWriter.flush();
                outputStreamWriter.close();
                return;
            }
        }
    }

    protected void writeToOutputStream(InputStream inputStream, OutputStream outputStream) throws IOException {
        byte[] bArr = new byte[65536];
        while (true) {
            int read = inputStream.read(bArr);
            if (read <= 0) {
                return;
            } else {
                outputStream.write(bArr, 0, read);
            }
        }
    }

    @Override // org.linagora.linShare.view.tapestry.rest.DocumentRestService
    @RestfulWebMethod
    public void getFreeSpace(Request request, Response response) throws IOException {
        UserVo userVo = (UserVo) this.applicationStateManager.getIfExists(UserVo.class);
        if (userVo == null) {
            response.sendError(401, "You are not authorized to use this service");
            return;
        }
        if (userVo.isGuest() && !userVo.isUpload()) {
            response.sendError(403, "You are not authorized to use this service");
            return;
        }
        Long l = 0L;
        try {
            l = this.documentFacade.getUserAvailableQuota(userVo);
        } catch (BusinessException e) {
            response.sendError(420, "Couldn't load free space");
        }
        String xml = this.xstreamMarshaller.toXml(l);
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(response.getOutputStream("text/xml"), "UTF-8");
        response.setStatus(200);
        outputStreamWriter.append((CharSequence) xml);
        outputStreamWriter.flush();
        outputStreamWriter.close();
    }

    @Override // org.linagora.linShare.view.tapestry.rest.DocumentRestService
    @RestfulWebMethod
    public void getMaxFileSize(Request request, Response response) throws IOException {
        UserVo userVo = (UserVo) this.applicationStateManager.getIfExists(UserVo.class);
        if (userVo == null) {
            response.sendError(401, "You are not authorized to use this service");
            return;
        }
        Long l = null;
        try {
            l = this.documentFacade.getUserMaxFileSize(userVo);
        } catch (BusinessException e) {
            response.sendError(420, "Couldn't load parameters");
        }
        String xml = this.xstreamMarshaller.toXml(l);
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(response.getOutputStream("text/xml"), "UTF-8");
        response.setStatus(200);
        outputStreamWriter.append((CharSequence) xml);
        outputStreamWriter.flush();
        outputStreamWriter.close();
    }
}
