package org.pentaho.cdf;

import java.io.IOException;
import java.io.OutputStream;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Locale;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.Consumes;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.StreamingOutput;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.JSONException;
import org.json.JSONObject;
import org.owasp.encoder.Encode;
import org.pentaho.cdf.context.ContextEngine;
import org.pentaho.cdf.embed.EmbeddedHeadersCallbackGenerator;
import org.pentaho.cdf.embed.EmbeddedHeadersGenerator;
import org.pentaho.cdf.environment.CdfEngine;
import org.pentaho.cdf.export.Export;
import org.pentaho.cdf.export.ExportCSV;
import org.pentaho.cdf.export.ExportExcel;
import org.pentaho.cdf.export.IExport;
import org.pentaho.cdf.util.Parameter;
import org.pentaho.cdf.xactions.ActionEngine;
import org.pentaho.platform.api.engine.IPentahoSession;
import org.pentaho.platform.api.engine.IPluginResourceLoader;
import org.pentaho.platform.engine.core.system.PentahoRequestContextHolder;
import org.pentaho.platform.engine.core.system.PentahoSessionHolder;
import org.pentaho.platform.engine.core.system.PentahoSystem;
import org.pentaho.platform.util.web.MimeHelper;
import pt.webdetails.cpf.Util;
import pt.webdetails.cpf.repository.api.IReadAccess;
import pt.webdetails.cpf.utils.CharsetHelper;
import pt.webdetails.cpf.utils.PluginIOUtils;

@Path("/pentaho-cdf/api")
/* loaded from: input_file:org/pentaho/cdf/CdfApi.class */
public class CdfApi {
    private static final Log logger = LogFactory.getLog(CdfApi.class);
    private static final String HTTP = "http";
    private static final String HTTPS = "https";
    private static final int DEFAULT_HTTP_PORT = 80;
    private static final int DEFAULT_HTTPS_PORT = 443;

    @GET
    @Produces({"text/plain"})
    @Path("/ping")
    public Response doGetPing() {
        return Response.ok("{\"ping\":\"ok\"}").build();
    }

    @POST
    @Produces({"text/plain"})
    @Path("/ping")
    public Response doPostPing() {
        return Response.ok("{\"ping\":\"ok\"}").build();
    }

    @GET
    @Path("/getResource")
    @Consumes({"application/xml", "application/json", "application/x-www-form-urlencoded"})
    public Response getResource(@QueryParam("resource") String str, @QueryParam("path") String str2) {
        try {
            if (!StringUtils.isEmpty(str) && StringUtils.isEmpty(str2)) {
                str2 = str;
            }
            if (StringUtils.isEmpty(str2)) {
                logger.warn("invalid call: empty path and resource parameters");
                return Response.status(Response.Status.BAD_REQUEST).build();
            }
            final String substring = str2.endsWith("/content") ? str2.substring(0, str2.indexOf("/content")) : str2;
            String mimeTypeFromFileName = MimeHelper.getMimeTypeFromFileName(substring);
            if (Arrays.asList(StringUtils.split(((IPluginResourceLoader) PentahoSystem.get(IPluginResourceLoader.class, (IPentahoSession) null)).getPluginSetting(getClass(), "settings/resources/downloadable-formats"), ',')).indexOf(substring.replaceAll(".*\\.(.*)", "$1")) < 0) {
                throw new SecurityException("Not allowed");
            }
            final IReadAccess pluginSystemReader = CdfEngine.getPluginSystemReader((String) null);
            if (pluginSystemReader.fileExists(substring)) {
                return Response.ok(new StreamingOutput() { // from class: org.pentaho.cdf.CdfApi.1
                    public void write(OutputStream outputStream) throws IOException {
                        PluginIOUtils.writeOutAndFlush(outputStream, pluginSystemReader.getFileInputStream(substring));
                    }
                }, mimeTypeFromFileName).build();
            }
            logger.warn("resource does not exist: " + substring);
            return Response.status(Response.Status.NOT_FOUND).build();
        } catch (Exception e) {
            logger.error(e);
            return Response.status(Response.Status.FORBIDDEN).build();
        }
    }

    @POST
    @Path("/getResource")
    public Response postResource(@QueryParam("resource") String str, @QueryParam("path") String str2) {
        return getResource(str, str2);
    }

    @GET
    @Path("/getContext")
    @Consumes({"application/xml", "application/json", "application/x-www-form-urlencoded"})
    public String getContext(@QueryParam("path") @DefaultValue("") String str, @QueryParam("action") @DefaultValue("") String str2, @QueryParam("view") @DefaultValue("") String str3, @Context HttpServletRequest httpServletRequest) {
        return ContextEngine.getInstance().getContext(str, Parameter.asHashMap(httpServletRequest), httpServletRequest.getSession().getMaxInactiveInterval());
    }

    @GET
    @Path("/clearCache")
    public Response clearCache() {
        ContextEngine.clearCache();
        return Response.ok("Cache Cleared").build();
    }

    @POST
    @Path("/export")
    @Consumes({"application/xml", "application/json", "application/x-www-form-urlencoded"})
    public void doPostExport(@FormParam("solution") String str, @FormParam("path") String str2, @FormParam("action") String str3, @FormParam("contentType") @DefaultValue("text/html") String str4, @FormParam("exportType") @DefaultValue("excel") String str5, @Context HttpServletRequest httpServletRequest, @Context HttpServletResponse httpServletResponse) throws IOException {
        export(str, str2, str3, str4, str5, httpServletRequest, httpServletResponse);
    }

    @GET
    @Path("/export")
    @Consumes({"application/xml", "application/json", "application/x-www-form-urlencoded"})
    public Response export(@QueryParam("solution") String str, @QueryParam("path") String str2, @QueryParam("action") String str3, @QueryParam("contentType") @DefaultValue("text/html") String str4, @QueryParam("exportType") @DefaultValue("excel") String str5, @Context HttpServletRequest httpServletRequest, @Context HttpServletResponse httpServletResponse) throws IOException {
        Export exportExcel;
        httpServletResponse.setStatus(200);
        if (ActionEngine.getInstance().executeAction(determineCorrectPath(str, str3, str2), str4, httpServletRequest, httpServletResponse, PentahoSessionHolder.getSession(), Parameter.asHashMap(httpServletRequest))) {
            if (IExport.EXPORT_TYPE_CSV.equalsIgnoreCase(str5)) {
                exportExcel = new ExportCSV(httpServletResponse.getOutputStream());
                httpServletResponse.setHeader("Content-Type", "text/csv");
            } else {
                exportExcel = new ExportExcel(httpServletResponse.getOutputStream());
                httpServletResponse.setHeader("Content-Type", "application/msexcel");
            }
            httpServletResponse.setHeader("Cache-Control", "max-age=0, no-store");
            httpServletResponse.setHeader("content-disposition", "attachment; filename=export" + exportExcel.getExtension());
            exportExcel.exportFile(new JSONObject(httpServletResponse.getOutputStream()));
        }
        return Response.status(httpServletResponse.getStatus()).build();
    }

    @GET
    @Path("/callAction")
    public Response callAction(@QueryParam("solution") String str, @QueryParam("path") String str2, @QueryParam("action") String str3, @QueryParam("contentType") @DefaultValue("text/html") String str4, @Context HttpServletRequest httpServletRequest, @Context HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setStatus(200);
        ActionEngine.getInstance().executeAction(determineCorrectPath(str, str3, str2), str4, httpServletRequest, httpServletResponse, PentahoSessionHolder.getSession(), Parameter.asHashMap(httpServletRequest));
        return Response.status(httpServletResponse.getStatus()).build();
    }

    @GET
    @Path("/getJSONSolution")
    @Consumes({"application/xml", "application/json"})
    @Produces({"application/json"})
    public Response getJSONSolution(@QueryParam("solution") String str, @QueryParam("path") @DefaultValue("/") String str2, @QueryParam("action") String str3, @QueryParam("depth") @DefaultValue("-1") int i, @QueryParam("showHiddenFiles") @DefaultValue("false") boolean z, @QueryParam("mode") @DefaultValue("*") String str4) throws InvalidCdfOperationException {
        try {
            String writeJSONSolution = writeJSONSolution(determineCorrectPath(str, str3, str2), i, z, str4);
            HashMap hashMap = new HashMap();
            hashMap.put("charset", CharsetHelper.getEncoding());
            return Response.ok(writeJSONSolution, new MediaType(MediaType.APPLICATION_JSON_TYPE.getType(), MediaType.APPLICATION_JSON_TYPE.getSubtype(), hashMap)).build();
        } catch (JSONException e) {
            logger.error("Error retrieving json solution", e);
            throw new InvalidCdfOperationException(e.getMessage());
        }
    }

    @GET
    @Path("/viewAction")
    public Response doGetViewAction(@QueryParam("solution") String str, @QueryParam("path") String str2, @QueryParam("action") String str3, @QueryParam("contentType") @DefaultValue("text/html") String str4, @Context HttpServletRequest httpServletRequest, @Context HttpServletResponse httpServletResponse) throws IOException {
        return doPostViewAction(str, str2, str3, str4, null, null, null, null, httpServletRequest, httpServletResponse);
    }

    @POST
    @Path("/viewAction")
    public Response doPostViewAction(@QueryParam("solution") String str, @QueryParam("path") String str2, @QueryParam("action") String str3, @QueryParam("contentType") @DefaultValue("text/html") String str4, @FormParam("queryType") String str5, @FormParam("query") String str6, @FormParam("catalog") String str7, @FormParam("jndi") String str8, @Context HttpServletRequest httpServletRequest, @Context HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setStatus(200);
        String determineCorrectPath = determineCorrectPath(str, str3, str2);
        HashMap<String, String> hashMap = new HashMap<>();
        if (!StringUtils.isEmpty(str5) && !hashMap.containsKey(Parameter.QUERY_TYPE)) {
            hashMap.put(Parameter.QUERY_TYPE, str5);
        }
        if (!StringUtils.isEmpty(str6) && !hashMap.containsKey(Parameter.QUERY)) {
            hashMap.put(Parameter.QUERY, str6);
        }
        if (!StringUtils.isEmpty(str7) && !hashMap.containsKey(Parameter.CATALOG)) {
            hashMap.put(Parameter.CATALOG, str7);
        }
        if (!StringUtils.isEmpty(str8) && !hashMap.containsKey(Parameter.JNDI)) {
            hashMap.put(Parameter.JNDI, str8);
        }
        if (ActionEngine.getInstance().executeAction(determineCorrectPath, str4, httpServletRequest, httpServletResponse, PentahoSessionHolder.getSession(), hashMap)) {
            httpServletResponse.getOutputStream().flush();
        }
        return Response.status(httpServletResponse.getStatus()).build();
    }

    private String determineCorrectPath(String str, String str2, String str3) {
        return (StringUtils.isEmpty(str) && StringUtils.isEmpty(str2)) ? !StringUtils.isEmpty(str3) ? str3 : "" : Util.joinPath(new String[]{str, str3, str2});
    }

    @GET
    @Produces({"text/javascript"})
    @Path("/cdf-embed.js")
    public Response getCdfEmbeddedContext(@Context HttpServletRequest httpServletRequest, @Context HttpServletResponse httpServletResponse) throws Exception {
        return buildCdfEmbedContext(httpServletRequest.getProtocol(), httpServletRequest.getServerName(), httpServletRequest.getServerPort(), httpServletRequest.getSession().getMaxInactiveInterval(), httpServletRequest.getParameter("locale"), httpServletRequest);
    }

    public Response buildCdfEmbedContext(@QueryParam("protocol") String str, @QueryParam("name") String str2, @QueryParam("port") int i, @QueryParam("inactiveInterval") int i2, @QueryParam("locale") String str3, @Context HttpServletRequest httpServletRequest) throws Exception {
        return buildCdfEmbedContextSecure(str, str2, i, i2, str3, httpServletRequest.isSecure(), httpServletRequest);
    }

    public Response buildCdfEmbedContextSecure(@QueryParam("protocol") String str, @QueryParam("name") String str2, @QueryParam("port") int i, @QueryParam("inactiveInterval") int i2, @QueryParam("locale") String str3, @QueryParam("secure") boolean z, @Context HttpServletRequest httpServletRequest) throws Exception {
        EmbeddedHeadersGenerator embeddedHeadersGenerator = new EmbeddedHeadersGenerator(buildFullServerUrl(str, str2, i, z), getConfiguration("", Parameter.asHashMap(httpServletRequest), i2));
        if (!StringUtils.isEmpty(str3)) {
            embeddedHeadersGenerator.setLocale(new Locale(str3));
        }
        try {
            return Response.ok(embeddedHeadersGenerator.generate(), "text/javascript").build();
        } catch (IOException e) {
            logger.error("getCdfEmbeddedContext: " + e.getMessage(), e);
            throw e;
        }
    }

    @GET
    @Produces({"text/javascript"})
    @Path("/cdf-embed-callback.js")
    public Response getCdfEmbeddedCallbackContext(@Context HttpServletRequest httpServletRequest) throws Exception {
        return buildCdfEmbedCallbackContextSecure(httpServletRequest.getProtocol(), httpServletRequest.getServerName(), httpServletRequest.getServerPort(), httpServletRequest.getSession().getMaxInactiveInterval(), httpServletRequest.getParameter("locale"), httpServletRequest.isSecure(), httpServletRequest.getParameter("callbackFunctionName"), httpServletRequest);
    }

    public Response buildCdfEmbedCallbackContextSecure(@QueryParam("protocol") String str, @QueryParam("name") String str2, @QueryParam("port") int i, @QueryParam("inactiveInterval") int i2, @QueryParam("locale") String str3, @QueryParam("secure") boolean z, @QueryParam("callbackFunctionName") String str4, @Context HttpServletRequest httpServletRequest) throws Exception {
        EmbeddedHeadersCallbackGenerator embeddedHeadersCallbackGenerator = new EmbeddedHeadersCallbackGenerator(buildFullServerUrl(str, str2, i, z), getConfiguration("", Parameter.asHashMap(httpServletRequest), i2));
        if (!StringUtils.isEmpty(str3)) {
            embeddedHeadersCallbackGenerator.setLocale(new Locale(str3));
        }
        if (!StringUtils.isEmpty(str4)) {
            embeddedHeadersCallbackGenerator.setCallbackFunctionName(str4);
        }
        try {
            return Response.ok(embeddedHeadersCallbackGenerator.generate(), "text/javascript").build();
        } catch (IOException e) {
            logger.error("buildCdfEmbedCallbackContextSecure: " + e.getMessage(), e);
            throw e;
        }
    }

    protected String getConfiguration(String str, HashMap<String, String> hashMap, int i) throws JSONException {
        return ContextEngine.getInstance().getConfig(str, hashMap, i);
    }

    protected String buildFullServerUrl(String str, String str2, int i, boolean z) {
        return (z ? HTTPS : HTTP) + "://" + Encode.forJavaScriptBlock(Encode.forHtmlUnquotedAttribute(str2)) + (((z || i != DEFAULT_HTTP_PORT) && !(z && i == DEFAULT_HTTPS_PORT)) ? ":" + i : "") + PentahoRequestContextHolder.getRequestContext().getContextPath();
    }

    protected String writeJSONSolution(String str, int i, boolean z, String str2) throws JSONException {
        return NavigateComponent.getJSONSolution(str, i, z, str2).toString(2);
    }
}
