package com.inet.helpdesk.plugins.attachments.server;

import com.inet.helpdesk.config.AppDataLocation;
import com.inet.helpdesk.core.data.TempDirectory;
import com.inet.helpdesk.core.error.HelpDeskErrorCodes;
import com.inet.helpdesk.core.error.HelpDeskServerException;
import com.inet.helpdesk.plugins.attachments.server.model.AttachmentFileRow;
import com.inet.helpdesk.plugins.attachments.shared.AttachmentFilePathBuilder;
import com.inet.helpdesk.plugins.attachments.shared.AttachmentOwnerType;
import com.inet.helpdesk.plugins.attachments.shared.model.AttachmentKey;
import com.inet.http.PluginServlet;
import com.inet.http.utils.MimeTypes;
import com.inet.lib.util.StringFunctions;
import com.inet.permissions.AccessDeniedException;
import com.inet.persistence.PersistenceEntry;
import com.inet.shared.servlet.ServletUtils;
import com.inet.usersandgroups.api.user.UserManager;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.sql.SQLException;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;

/* loaded from: input_file:com/inet/helpdesk/plugins/attachments/server/AttachmentServlet.class */
public class AttachmentServlet extends HttpServlet implements PluginServlet {
    public static final String CONTEXT = "/Attachments";
    private AttachmentDAO attachmentDAO;

    public String getPathSpec() {
        return CONTEXT;
    }

    public void setAttachmentDAO(AttachmentDAO attachmentDAO) {
        this.attachmentDAO = attachmentDAO;
    }

    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        ZipEntry nextEntry;
        if (UserManager.getInstance().getCurrentUserAccountID() == null) {
            throw new AccessDeniedException();
        }
        try {
            AttachmentKey convertRestfulPathToKey = AttachmentFilePathBuilder.convertRestfulPathToKey(httpServletRequest.getPathInfo());
            convertRestfulPathToKey.getType().checkPermission(UserManager.getInstance().getCurrentUserAccount(), convertRestfulPathToKey);
            try {
                AttachmentFileRow attachmentFile = this.attachmentDAO.getAttachmentFile(convertRestfulPathToKey);
                if (attachmentFile == null) {
                    AttachmentsServerPlugin.LOGGER.warn("Attachment not found for path " + httpServletRequest.getPathInfo());
                    ServletUtils.sendFileNotExist(httpServletRequest, httpServletResponse);
                    return;
                }
                PersistenceEntry attachmentFile2 = AppDataLocation.getAttachmentFile(attachmentFile.getFilePath());
                if (!attachmentFile2.exists()) {
                    AttachmentsServerPlugin.LOGGER.warn("Attachment not found for path " + httpServletRequest.getPathInfo());
                    ServletUtils.sendFileNotExist(httpServletRequest, httpServletResponse);
                    return;
                }
                String parameter = httpServletRequest.getParameter("zipentry");
                if (StringFunctions.isEmpty(parameter) || !"application/zip".equals(MimeTypes.getMimeType(convertRestfulPathToKey.getFileName()))) {
                    String fileName = convertRestfulPathToKey.getFileName();
                    if (httpServletRequest.getParameter("download") != null) {
                        ServletUtils.setContentDisposition(httpServletResponse, fileName, false);
                    }
                    String mimeType = MimeTypes.getMimeType(fileName);
                    try {
                        InputStream inputStream = attachmentFile2.getInputStream();
                        try {
                            ServletUtils.sendStaticContent(mimeType, attachmentFile2.lastModified(), (int) attachmentFile.getFileLength(), inputStream, httpServletRequest, httpServletResponse);
                            if (inputStream != null) {
                                inputStream.close();
                            }
                            return;
                        } finally {
                        }
                    } catch (FileNotFoundException e) {
                        AttachmentsServerPlugin.LOGGER.warn("Attachment not found for path " + httpServletRequest.getPathInfo());
                        ServletUtils.sendFileNotExist(httpServletRequest, httpServletResponse);
                        return;
                    }
                }
                ZipInputStream zipInputStream = new ZipInputStream(attachmentFile2.getInputStream(), Charset.forName("CP437"));
                do {
                    try {
                        nextEntry = zipInputStream.getNextEntry();
                        if (nextEntry == null) {
                            zipInputStream.close();
                            AttachmentsServerPlugin.LOGGER.warn("Attachment not found for path " + httpServletRequest.getPathInfo() + " and entry " + parameter);
                            ServletUtils.sendFileNotExist(httpServletRequest, httpServletResponse);
                            return;
                        }
                    } catch (Throwable th) {
                        try {
                            zipInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                        throw th;
                    }
                } while (!parameter.equals(nextEntry.getName()));
                String name = nextEntry.getName();
                int lastIndexOf = name.lastIndexOf(47);
                if (lastIndexOf >= 0) {
                    name = name.substring(lastIndexOf + 1);
                }
                if (httpServletRequest.getParameter("download") != null) {
                    ServletUtils.setContentDisposition(httpServletResponse, name, false);
                }
                ServletUtils.sendStaticContent(MimeTypes.getMimeType(name), nextEntry.getTime(), (int) nextEntry.getSize(), zipInputStream, httpServletRequest, httpServletResponse);
                zipInputStream.close();
            } catch (SQLException e2) {
                AttachmentsServerPlugin.LOGGER.error(new HelpDeskServerException(e2, HelpDeskErrorCodes.ATTACHMENT_DATABASE_ERROR));
                throw new IOException(e2);
            }
        } catch (IllegalArgumentException e3) {
            if (sendTempAttachmentFile(httpServletRequest, httpServletResponse)) {
                return;
            }
            AttachmentsServerPlugin.LOGGER.warn(e3);
            ServletUtils.sendFileNotExist(httpServletRequest, httpServletResponse);
        }
    }

    private boolean sendTempAttachmentFile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String pathInfo = httpServletRequest.getPathInfo();
        String str = "/" + AttachmentOwnerType.TicketAttachment.getAttachmentSubContext();
        if (pathInfo.startsWith(str)) {
            pathInfo = pathInfo.substring(str.length());
        }
        if (!pathInfo.startsWith("/Attachments_Temp")) {
            return false;
        }
        String substring = pathInfo.substring("/Attachments_Temp".length());
        if (substring.startsWith(File.separator) || substring.startsWith("/")) {
            substring = substring.substring(1);
        }
        File file = TempDirectory.ATTACHMENTS_TEMP.resolve(substring).toFile();
        if (!file.getCanonicalFile().toPath().startsWith(TempDirectory.ATTACHMENTS_TEMP.toFile().getCanonicalFile().toPath()) || !file.exists()) {
            return false;
        }
        ServletUtils.sendStaticContent(file, httpServletRequest, httpServletResponse);
        return true;
    }
}
