package com.ibm.bscape.rest.servlet;

import com.ibm.bscape.exception.DataAccessException;
import com.ibm.bscape.exception.InvalidUploadFileSizeException;
import com.ibm.bscape.objects.Space;
import com.ibm.bscape.objects.util.JSONPropertyConstants;
import com.ibm.bscape.repository.db.DocOwnershipsAccessBean;
import com.ibm.bscape.repository.db.RequestBean;
import com.ibm.bscape.repository.db.SpaceAccessBean;
import com.ibm.bscape.repository.db.util.DBConnectionFactory;
import com.ibm.bscape.resource.BScapeMessageKeys;
import com.ibm.bscape.resource.Messages;
import com.ibm.bscape.rest.handler.AttachmentRestHandler;
import com.ibm.bscape.rest.handler.ConfigureRestHandler;
import com.ibm.bscape.rest.handler.DocumentACLRestHandler;
import com.ibm.bscape.rest.handler.DocumentHistoryRestHandler;
import com.ibm.bscape.rest.handler.DocumentOwnerRestHandler;
import com.ibm.bscape.rest.handler.DocumentRestHandler;
import com.ibm.bscape.rest.handler.EmailRestHandler;
import com.ibm.bscape.rest.handler.ExportedZipRestHandler;
import com.ibm.bscape.rest.handler.FolderRestHandler;
import com.ibm.bscape.rest.handler.KeepOnLiveRestHandler;
import com.ibm.bscape.rest.handler.MemberRestHandler;
import com.ibm.bscape.rest.handler.NodeRestHandler;
import com.ibm.bscape.rest.handler.RequestRestHandler;
import com.ibm.bscape.rest.handler.RestHandler;
import com.ibm.bscape.rest.handler.SpaceMemberRestHandler;
import com.ibm.bscape.rest.handler.SpaceRestHandler;
import com.ibm.bscape.rest.handler.SpaceRestHandler1;
import com.ibm.bscape.rest.handler.SpacesRestHandler;
import com.ibm.bscape.rest.handler.TeamRestHandler;
import com.ibm.bscape.rest.util.FileUploadUtil;
import com.ibm.bscape.rest.util.RestConstants;
import com.ibm.bscape.rest.util.RestHandlerHelper;
import com.ibm.bscape.rest.util.URIMatcher;
import com.ibm.bscape.scheduler.SchedulerConstants;
import com.ibm.bscape.security.SecurityHelper;
import com.ibm.bscape.security.registry.MemberHelperFactory;
import com.ibm.json.java.JSONArray;
import com.ibm.json.java.JSONObject;
import com.ibm.ws.ffdc.FFDCFilter;
import java.io.BufferedReader;
import java.io.File;
import java.io.IOException;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.servlet.ServletFileUpload;

/* loaded from: input_file:lib/BusinessLeaderRuntime.jar:com/ibm/bscape/rest/servlet/BScapeRestServlet.class */
public class BScapeRestServlet extends HttpServlet {
    public static final String COPYRIGHT = "(C) Copyright IBM Corporation 2006, 2009.";
    static final long serialVersionUID = -2004733611942661590L;
    private static final String CLASSNAME = BScapeRestServlet.class.getName();
    protected static Logger logger = Logger.getLogger(CLASSNAME, null);

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void destroy() {
        BScapeServerApp.shutdown();
        super.destroy();
    }

    @Override // javax.servlet.http.HttpServlet
    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Map<String, Object> createRequestData;
        Map handleGET;
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "doGet");
        }
        long currentTimeMillis = System.currentTimeMillis();
        String userName = SecurityHelper.getUserName(httpServletRequest, BScapeServerApp.securityCheck);
        RestHandler restHander = getRestHander(httpServletRequest, httpServletResponse);
        if (restHander == null || (createRequestData = createRequestData(httpServletRequest, httpServletResponse, restHander)) == null) {
            return;
        }
        try {
            handleGET = restHander.handleGET(createRequestData);
        } catch (DataAccessException e) {
            if (logger.isLoggable(Level.FINEST)) {
                logger.logp(Level.FINEST, CLASSNAME, "doGet", "DataAccessException " + e.getMessage());
            }
            RestHandlerHelper.sendDbErrorJSON(httpServletRequest, httpServletResponse, e, httpServletRequest.getLocale());
        } catch (SQLException e2) {
            if (logger.isLoggable(Level.FINEST)) {
                logger.logp(Level.FINEST, CLASSNAME, "doGet", "SQLException " + e2.getMessage() + "SQL Error code = " + e2.getErrorCode() + "SQL State = " + e2.getSQLState());
            }
            e2.printStackTrace();
            RestHandlerHelper.sendDbErrorJSON(httpServletRequest, httpServletResponse, e2, httpServletRequest.getLocale());
        } catch (Exception e3) {
            if (logger.isLoggable(Level.FINEST)) {
                logger.logp(Level.FINEST, CLASSNAME, "doGet", "Exception " + e3.getMessage());
            }
            e3.printStackTrace();
            RestHandlerHelper.sendErrorJSON(httpServletRequest, httpServletResponse, httpServletRequest.getLocale());
        }
        if (handleGET == null) {
            if (logger.isLoggable(Level.FINEST)) {
                logger.logp(Level.FINEST, CLASSNAME, "doGet", "JSONObject returned by the concrete hanlder was null.");
            }
            RestHandlerHelper.sendErrorJSON(httpServletRequest, httpServletResponse, httpServletRequest.getLocale());
            return;
        }
        JSONObject jSONObject = (JSONObject) handleGET.get(RestConstants.RESPONSE_JSON);
        if (jSONObject == null) {
            if (logger.isLoggable(Level.FINEST)) {
                logger.logp(Level.FINEST, CLASSNAME, "doGet", "JSONObject returned by the concrete hanlder was null.");
            }
            RestHandlerHelper.sendErrorJSON(httpServletRequest, httpServletResponse, httpServletRequest.getLocale());
            return;
        }
        if ((handleGET.size() == 0 || jSONObject.size() == 0) && (RestHandlerHelper.isMultiPartDownload(httpServletRequest, restHander) || RestHandlerHelper.directlyDump(createRequestData))) {
            long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
            String pathInfo = httpServletRequest.getPathInfo();
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "doGet", String.valueOf(userName) + " --- GET: pathInfo:" + pathInfo + "    handler: " + restHander.getClass().getName() + " spent " + currentTimeMillis2);
            }
            if (logger.isLoggable(Level.FINER)) {
                logger.exiting(CLASSNAME, "doGet");
                return;
            }
            return;
        }
        RestHandlerHelper.writeJSONOutput(httpServletRequest, jSONObject, httpServletResponse, httpServletRequest.getLocale());
        long currentTimeMillis3 = System.currentTimeMillis() - currentTimeMillis;
        String pathInfo2 = httpServletRequest.getPathInfo();
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "doGet", String.valueOf(userName) + " --- GET: pathInfo:" + pathInfo2 + "    handler: " + restHander.getClass().getName() + " spent " + currentTimeMillis3);
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASSNAME, "doGet");
        }
    }

    @Override // javax.servlet.http.HttpServlet
    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "doPost");
        }
        long currentTimeMillis = System.currentTimeMillis();
        String userName = SecurityHelper.getUserName(httpServletRequest, BScapeServerApp.securityCheck);
        String header = httpServletRequest.getHeader("X-Method-Override");
        if (logger.isLoggable(Level.FINEST)) {
            logger.logp(Level.FINEST, CLASSNAME, "doPost", "X-Method-Override=" + header);
        }
        if (header == null) {
            header = httpServletRequest.getHeader("X-HTTP-Method-Override");
            if (logger.isLoggable(Level.FINEST)) {
                logger.logp(Level.FINEST, CLASSNAME, "doPost", "X-HTTP-Method-Override=" + header);
            }
        }
        if (header != null) {
            if (header.equalsIgnoreCase("PUT")) {
                doPut(httpServletRequest, httpServletResponse);
                return;
            } else if (header.equals("DELETE")) {
                doDelete(httpServletRequest, httpServletResponse);
                return;
            } else {
                if (header.equals("GET")) {
                    doGet(httpServletRequest, httpServletResponse);
                    return;
                }
                return;
            }
        }
        RestHandler restHander = getRestHander(httpServletRequest, httpServletResponse);
        if (restHander == null) {
            return;
        }
        Map<String, Object> createRequestData = createRequestData(httpServletRequest, httpServletResponse, restHander);
        if (createRequestData != null || (restHander instanceof SpaceRestHandler1)) {
            Map handlePOST = restHander.handlePOST(createRequestData);
            String queryString = httpServletRequest.getQueryString();
            if (queryString != null && queryString.indexOf("actionType=uploadICD") >= 0 && handlePOST != null && queryString.indexOf("fromDojo=true") > 0) {
                RestHandlerHelper.writeResponseForUpLoadFF(httpServletResponse, ((JSONObject) handlePOST.get(RestConstants.RESPONSE_JSON)).serialize());
                return;
            }
            if (handlePOST == null) {
                RestHandlerHelper.sendErrorJSON(httpServletRequest, httpServletResponse, httpServletRequest.getLocale());
                return;
            }
            JSONObject jSONObject = (JSONObject) handlePOST.get(RestConstants.RESPONSE_JSON);
            if (jSONObject == null) {
                RestHandlerHelper.sendErrorJSON(httpServletRequest, httpServletResponse, httpServletRequest.getLocale());
                return;
            }
            if ((handlePOST.size() == 0 || jSONObject.size() == 0) && RestHandlerHelper.isMultiPartDownload(httpServletRequest, restHander)) {
                return;
            }
            RestHandlerHelper.writeJSONOutput(httpServletRequest, jSONObject, httpServletResponse, httpServletRequest.getLocale());
            long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
            String pathInfo = httpServletRequest.getPathInfo();
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "doPost", String.valueOf(userName) + " --- POST: pathInfo:" + pathInfo + "    handler: " + restHander.getClass().getName() + " spent " + currentTimeMillis2);
            }
            if (logger.isLoggable(Level.FINER)) {
                logger.exiting(CLASSNAME, "doPost");
            }
        }
    }

    @Override // javax.servlet.GenericServlet
    public void init() throws ServletException {
        try {
            if (((URIMatcher) getServletContext().getAttribute(getMatcherName())) == null) {
                URIMatcher uRIMatcher = new URIMatcher();
                uRIMatcher.put("space", new SpaceRestHandler());
                uRIMatcher.put("space/*", new SpaceRestHandler());
                uRIMatcher.put(JSONPropertyConstants.SPACES, new SpacesRestHandler());
                uRIMatcher.put("spacec", new SpaceRestHandler1());
                uRIMatcher.put("spaces/*/owner", new SpacesRestHandler());
                uRIMatcher.put("space/*/members", new SpaceMemberRestHandler());
                uRIMatcher.put("space/*/member", new TeamRestHandler());
                uRIMatcher.put("space/*/member/*", new TeamRestHandler());
                uRIMatcher.put("registry", new TeamRestHandler());
                uRIMatcher.put("member/*", new MemberRestHandler());
                uRIMatcher.put("member/currentuser", new MemberRestHandler());
                uRIMatcher.put("member/currentuser/photo", new MemberRestHandler());
                uRIMatcher.put("member/*/photo", new MemberRestHandler());
                uRIMatcher.put("space/*/folder/*", new FolderRestHandler());
                uRIMatcher.put("space/*/folders", new FolderRestHandler());
                uRIMatcher.put("documents", new DocumentRestHandler());
                uRIMatcher.put("documents/latestVersion", new DocumentRestHandler());
                uRIMatcher.put("documents/dependencies", new DocumentRestHandler());
                uRIMatcher.put("document", new DocumentRestHandler());
                uRIMatcher.put("document/*", new DocumentRestHandler());
                uRIMatcher.put("document/*/checkpoint", new DocumentHistoryRestHandler());
                uRIMatcher.put("document/*/histories", new DocumentHistoryRestHandler());
                uRIMatcher.put("document/*/owners", new DocumentOwnerRestHandler());
                uRIMatcher.put("document/*/access", new DocumentACLRestHandler());
                uRIMatcher.put("document/*/node/*", new NodeRestHandler());
                uRIMatcher.put("document/*/nodes", new NodeRestHandler());
                uRIMatcher.put("document/*/links", new DocumentRestHandler());
                uRIMatcher.put("document/*/node/*/links", new NodeRestHandler());
                uRIMatcher.put("document/*/formImage", new DocumentRestHandler());
                uRIMatcher.put("permissionRequests", new RequestRestHandler());
                uRIMatcher.put("permissionRequest", new RequestRestHandler());
                uRIMatcher.put("permissionRequest/*", new RequestRestHandler());
                uRIMatcher.put(JSONPropertyConstants.ATTACHMENTS, new AttachmentRestHandler());
                uRIMatcher.put("attachment/*", new AttachmentRestHandler());
                uRIMatcher.put("exportedzip/*", new ExportedZipRestHandler());
                uRIMatcher.put("keeponlive/*", new KeepOnLiveRestHandler());
                uRIMatcher.put("configuration/*", new ConfigureRestHandler());
                uRIMatcher.put("pingTurbo/*", new ConfigureRestHandler());
                uRIMatcher.put("email", new EmailRestHandler());
                getServletContext().setAttribute("/app/matcher", uRIMatcher);
            }
            BScapeServerApp.init(getServletContext().getRealPath(File.separator), getServletContext());
            super.init();
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.bscape.rest.servlet.BScapeRestServlet.init", "567", this);
        }
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doPut(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Map<String, Object> createRequestData;
        Map handlePUT;
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "doPut");
        }
        long currentTimeMillis = System.currentTimeMillis();
        String userName = SecurityHelper.getUserName(httpServletRequest, BScapeServerApp.securityCheck);
        RestHandler restHander = getRestHander(httpServletRequest, httpServletResponse);
        if (restHander == null || (createRequestData = createRequestData(httpServletRequest, httpServletResponse, restHander)) == null) {
            return;
        }
        try {
            handlePUT = restHander.handlePUT(createRequestData);
        } catch (DataAccessException e) {
            if (logger.isLoggable(Level.FINEST)) {
                logger.logp(Level.FINEST, CLASSNAME, "doPut", "DataAccessException " + e.getMessage());
            }
            RestHandlerHelper.sendDbErrorJSON(httpServletRequest, httpServletResponse, e, httpServletRequest.getLocale());
        } catch (SQLException e2) {
            if (logger.isLoggable(Level.FINEST)) {
                logger.logp(Level.FINEST, CLASSNAME, "doPut", "SQLException " + e2.getMessage() + "SQL Error code = " + e2.getErrorCode() + "SQL State = " + e2.getSQLState());
            }
            RestHandlerHelper.sendDbErrorJSON(httpServletRequest, httpServletResponse, e2, httpServletRequest.getLocale());
        }
        if (handlePUT == null) {
            RestHandlerHelper.sendErrorJSON(httpServletRequest, httpServletResponse, httpServletRequest.getLocale());
            return;
        }
        JSONObject jSONObject = (JSONObject) handlePUT.get(RestConstants.RESPONSE_JSON);
        if (jSONObject == null) {
            RestHandlerHelper.sendErrorJSON(httpServletRequest, httpServletResponse, httpServletRequest.getLocale());
            return;
        }
        RestHandlerHelper.writeJSONOutput(httpServletRequest, jSONObject, httpServletResponse, httpServletRequest.getLocale());
        long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
        String pathInfo = httpServletRequest.getPathInfo();
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "doPut", String.valueOf(userName) + " --- PUT: pathInfo:" + pathInfo + "    handler: " + restHander.getClass().getName() + " spent " + currentTimeMillis2);
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASSNAME, "doPut");
        }
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doDelete(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Map<String, Object> createRequestData;
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "doDelete");
        }
        long currentTimeMillis = System.currentTimeMillis();
        String userName = SecurityHelper.getUserName(httpServletRequest, BScapeServerApp.securityCheck);
        RestHandler restHander = getRestHander(httpServletRequest, httpServletResponse);
        if (restHander == null || (createRequestData = createRequestData(httpServletRequest, httpServletResponse, restHander)) == null) {
            return;
        }
        RestHandlerHelper.writeJSONOutput(httpServletRequest, (JSONObject) restHander.handleDELETE(createRequestData).get(RestConstants.RESPONSE_JSON), httpServletResponse, httpServletRequest.getLocale());
        long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
        String pathInfo = httpServletRequest.getPathInfo();
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "doDelete", String.valueOf(userName) + " --- DELETE: pathInfo:" + pathInfo + "    handler: " + restHander.getClass().getName() + " spent " + currentTimeMillis2);
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASSNAME, "doDelete");
        }
    }

    protected Object readRequestPayload(HttpServletRequest httpServletRequest) throws IOException {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "readRequestPayload");
        }
        StringBuilder sb = new StringBuilder();
        BufferedReader reader = httpServletRequest.getReader();
        String readLine = reader.readLine();
        while (true) {
            String str = readLine;
            if (str == null) {
                break;
            }
            sb.append(str);
            readLine = reader.readLine();
        }
        reader.close();
        String sb2 = sb.toString();
        Object parseJSONRequest = RestHandlerHelper.isXMLContentType(httpServletRequest) ? sb2 : parseJSONRequest(sb2);
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASSNAME, "readRequestPayload");
        }
        return parseJSONRequest;
    }

    private Object parseJSONRequest(String str) throws IOException {
        Cloneable jSONObject;
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "parseJSONRequest");
        }
        if (str == null || str.equals("")) {
            jSONObject = new JSONObject();
            if (logger.isLoggable(Level.FINEST)) {
                logger.logp(Level.FINEST, CLASSNAME, "createJSONInput(HttpServletRequest request)", "Created a new empty JSONObject");
            }
        } else {
            try {
                if (logger.isLoggable(Level.FINEST)) {
                    logger.logp(Level.FINEST, CLASSNAME, "createJSONInput(HttpServletRequest request)", "Parsing the input as JSONObject");
                }
                jSONObject = JSONObject.parse(str);
                if (logger.isLoggable(Level.FINEST)) {
                    logger.logp(Level.FINEST, CLASSNAME, "createJSONInput(HttpServletRequest request)", "No exception trying to parse the input as JSONObject");
                }
            } catch (IOException unused) {
                if (logger.isLoggable(Level.FINEST)) {
                    logger.logp(Level.FINEST, CLASSNAME, "createJSONInput(HttpServletRequest request)", "Parsing the input as JSONArray");
                    logger.logp(Level.FINEST, CLASSNAME, "createJSONInput(HttpServletRequest request)", "Incoming JSON = " + str);
                }
                jSONObject = JSONArray.parse(str);
                if (logger.isLoggable(Level.FINEST)) {
                    logger.logp(Level.FINEST, CLASSNAME, "createJSONInput(HttpServletRequest request)", "No exception trying to parse the input as JSONArray");
                }
            }
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASSNAME, "parseJSONRequest");
        }
        return jSONObject;
    }

    protected Map handleRequest(HttpServletRequest httpServletRequest) throws Exception {
        Map hashMap;
        if (ServletFileUpload.isMultipartContent(httpServletRequest)) {
            logger.logp(Level.INFO, CLASSNAME, "handleRequest", "multipart request");
            hashMap = FileUploadUtil.processFileUploadRequest(httpServletRequest);
        } else if (RestHandlerHelper.checkQueryStringValue(httpServletRequest.getQueryString(), RestConstants.IS_FORM, RestConstants.BOOLEAN_VALUE_TRUE)) {
            logger.logp(Level.INFO, CLASSNAME, "handleRequest", "Not multipart, Form request");
            hashMap = getMapData(httpServletRequest);
        } else {
            hashMap = new HashMap();
        }
        return hashMap;
    }

    private Map getMapData(HttpServletRequest httpServletRequest) {
        Map parameterMap = httpServletRequest.getParameterMap();
        HashMap hashMap = new HashMap();
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            Object nextElement = parameterNames.nextElement();
            if (((String[]) parameterMap.get(nextElement)).length > 1) {
                hashMap.put(nextElement, (String[]) parameterMap.get(nextElement));
            } else {
                hashMap.put(nextElement, ((String[]) parameterMap.get(nextElement))[0]);
            }
        }
        return hashMap;
    }

    protected boolean spaceEntitlementCheck(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map map, RestHandler restHandler) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "spaceEntitlementCheck", "spaceId=" + str + "  userDN=" + str2);
        }
        boolean z = false;
        boolean isSiteAdmin = SecurityHelper.isSiteAdmin(httpServletRequest);
        String str3 = (String) map.get("userCN");
        if (str != null) {
            try {
                Space checkSpaceId = new SpaceAccessBean().checkSpaceId(str);
                if (checkSpaceId == null) {
                    if (logger.isLoggable(Level.FINEST)) {
                        logger.logp(Level.FINEST, CLASSNAME, "spaceEntitlementCheck", "spaceId " + str + " does not exist in database, let it pass and pretent space not passed in");
                    }
                    z = true;
                    map.put("org_dn", MemberHelperFactory.getInstance().getOwningOrgDN(httpServletRequest));
                    restHandler.setSpaceId(null);
                    map.remove("spaceId");
                } else {
                    String orgDN = checkSpaceId.getOrgDN();
                    map.put(RestConstants.SPACE_OBJECT, checkSpaceId);
                    if (isSiteAdmin || SecurityHelper.checkValidUser(str2, str, httpServletRequest.getSession())) {
                        z = true;
                        map.put("org_dn", orgDN);
                    } else if (RestHandlerHelper.failIfNotPassSpaceCheck(httpServletRequest)) {
                        if (logger.isLoggable(Level.SEVERE)) {
                            logger.logp(Level.SEVERE, CLASSNAME, "spaceEntitlementCheck", "User " + str3 + " (" + str2 + ") has no access to space " + str + " --- " + checkSpaceId.getName());
                        }
                        RestHandlerHelper.sendTeamMErrorJSON(httpServletRequest, httpServletResponse, new Object[]{str3, checkSpaceId.getName()}, httpServletRequest.getLocale());
                    } else {
                        if (logger.isLoggable(Level.FINEST)) {
                            logger.logp(Level.FINEST, CLASSNAME, "spaceEntitlementCheck", "User " + str2 + " has no access to space " + str + " --- " + checkSpaceId.getName() + ", but failIfNotPassSpaceCheck is set to false.");
                        }
                        z = true;
                        map.put("org_dn", orgDN);
                        restHandler.setSpaceId(null);
                        map.remove("spaceId");
                    }
                }
            } catch (SQLException e) {
                if (logger.isLoggable(Level.SEVERE)) {
                    logger.logp(Level.SEVERE, CLASSNAME, "spaceEntitlementCheck", "SQLException: " + e.getMessage());
                }
                RestHandlerHelper.sendDbErrorJSON(httpServletRequest, httpServletResponse, e, httpServletRequest.getLocale());
            }
        } else {
            z = true;
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASSNAME, "spaceEntitlementCheck", "spaceId=" + str + "  userDN=" + str2 + " ---  return: " + z);
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public Map<String, Object> createRequestData(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, RestHandler restHandler) throws IOException {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "createRequestData");
        }
        cleanupCache(httpServletRequest);
        try {
            restHandler.setParameterMap(handleRequest(httpServletRequest));
            HashMap hashMap = new HashMap();
            hashMap.put("queryString", RestHandlerHelper.safeDecode(httpServletRequest.getQueryString()));
            if (BScapeServerApp.isRunInWAS()) {
                hashMap.put("requestUri", RestHandlerHelper.safeDecode(httpServletRequest.getRequestURI()));
            } else {
                String safeDecode = RestHandlerHelper.safeDecode(httpServletRequest.getRequestURI());
                int indexOf = safeDecode.indexOf("/BusinessLeader");
                if (indexOf > 0) {
                    safeDecode = safeDecode.substring(indexOf);
                }
                hashMap.put("requestUri", safeDecode);
            }
            hashMap.put(RestConstants.SCHEME, String.valueOf(httpServletRequest.getScheme()));
            hashMap.put(RestConstants.SERVER_NAME, String.valueOf(httpServletRequest.getServerName()));
            hashMap.put(RestConstants.SERVER_PORT, String.valueOf(httpServletRequest.getServerPort()));
            hashMap.put("context root", httpServletRequest.getContextPath());
            hashMap.put(RestConstants.USER_AGENT, httpServletRequest.getHeader(RestConstants.USER_AGENT));
            if (!ServletFileUpload.isMultipartContent(httpServletRequest)) {
                try {
                    hashMap.put("payload", readRequestPayload(httpServletRequest));
                } catch (Exception e) {
                    e.printStackTrace();
                    if (logger.isLoggable(Level.SEVERE)) {
                        logger.logp(Level.SEVERE, CLASSNAME, "createRequestData", "Exception: " + e.getMessage());
                    }
                    RestHandlerHelper.setInvalidPayloadJSONStatus(httpServletRequest, httpServletResponse, httpServletRequest.getLocale());
                    return null;
                }
            }
            String str = (String) hashMap.get("queryString");
            String locale = httpServletRequest.getLocale().toString();
            hashMap.put(RestConstants.REQUEST_LOCALE_JAVA, locale);
            hashMap.put("locale", locale);
            try {
                String str2 = (String) httpServletRequest.getSession().getAttribute("userdn");
                if (str2 == null) {
                    str2 = MemberHelperFactory.getInstance().getUserDN(httpServletRequest);
                }
                String str3 = (String) httpServletRequest.getSession().getAttribute("userCN");
                if (str3 == null) {
                    str3 = MemberHelperFactory.getInstance().getUserName(httpServletRequest);
                }
                String str4 = (String) httpServletRequest.getSession().getAttribute(RestConstants.USER_PRINCIPLENAME);
                String str5 = (String) httpServletRequest.getSession().getAttribute("email");
                if (str5 != null) {
                    hashMap.put("email", str5);
                }
                hashMap.put("userdn", str2);
                hashMap.put("userCN", str3);
                hashMap.put(RestConstants.USER_PRINCIPLENAME, str4);
                String spaceID = RestHandlerHelper.getSpaceID(hashMap);
                restHandler.setSpaceId(spaceID);
                hashMap.put("spaceId", spaceID);
                boolean isSiteAdmin = SecurityHelper.isSiteAdmin(httpServletRequest);
                if (logger.isLoggable(Level.FINEST)) {
                    logger.logp(Level.FINEST, CLASSNAME, "createRequestData", "isSiteAdmin=" + isSiteAdmin);
                }
                restHandler.setSiteAdmin(isSiteAdmin);
                if (isSiteAdmin) {
                    hashMap.put(RestConstants.SITE_ADMIN, RestConstants.BOOLEAN_VALUE_TRUE);
                } else {
                    hashMap.put(RestConstants.SITE_ADMIN, RestConstants.BOOLEAN_VALUE_FALSE);
                }
                if (str == null || str.indexOf("homeSpace=true") == -1) {
                    if (!spaceEntitlementCheck(spaceID, str2, httpServletRequest, httpServletResponse, hashMap, restHandler) && !(restHandler instanceof SpaceRestHandler1)) {
                        return null;
                    }
                } else if (!isSiteAdmin) {
                    String[] split = str.split(SchedulerConstants.QUERYSTRING_DELIM);
                    String str6 = null;
                    for (int i = 0; i < split.length; i++) {
                        if (split[i].indexOf(RestConstants.RESOURCE_ID) != -1) {
                            str6 = split[i].substring(11);
                        }
                    }
                    if (!homeSpaceEntitlementCheck(spaceID, str2, str6, httpServletRequest, httpServletResponse)) {
                        return null;
                    }
                }
                if (!isSiteAdmin && BScapeServerApp.securityCheck) {
                    JSONArray jSONArray = (JSONArray) httpServletRequest.getSession().getAttribute(RestConstants.ALL_ORGS_FOR_USER);
                    if (jSONArray == null || jSONArray.size() == 0) {
                        jSONArray = SecurityHelper.getAllOrgDNsByUserDN(str2, httpServletRequest.getSession());
                        if (jSONArray != null) {
                            httpServletRequest.getSession().setAttribute(RestConstants.ALL_ORGS_FOR_USER, jSONArray);
                        }
                    }
                    if (jSONArray.size() == 0) {
                        jSONArray.add(MemberHelperFactory.getInstance().getOwningOrgDN(httpServletRequest).toLowerCase());
                    }
                    hashMap.put(RestConstants.ALL_ORGS_FOR_USER, jSONArray);
                } else if (!BScapeServerApp.securityCheck) {
                    JSONArray jSONArray2 = new JSONArray();
                    jSONArray2.add(MemberHelperFactory.getInstance().getOwningOrgDN(httpServletRequest).toLowerCase());
                    hashMap.put(RestConstants.ALL_ORGS_FOR_USER, jSONArray2);
                }
                if (BScapeServerApp.securityCheck) {
                    addUserGroupsRequired(hashMap, httpServletRequest, restHandler);
                }
                if (logger.isLoggable(Level.FINER)) {
                    logger.exiting(CLASSNAME, "createRequestData", "request data: " + hashMap.toString());
                }
                return hashMap;
            } catch (Exception e2) {
                if (logger.isLoggable(Level.SEVERE)) {
                    logger.logp(Level.SEVERE, CLASSNAME, "createRequestData", "Exception: " + e2.getMessage());
                }
                RestHandlerHelper.sendErrorJSON(httpServletRequest, httpServletResponse, httpServletRequest.getLocale());
                return null;
            }
        } catch (InvalidUploadFileSizeException unused) {
            RestHandlerHelper.sendBadRequestErrorJSON(httpServletRequest, httpServletResponse, Messages.getMessage(BScapeMessageKeys.INVALID_UPLOAD_FILE_SIZE, httpServletRequest.getLocale()), httpServletRequest.getLocale(), RestHandlerHelper.checkQueryStringValue(httpServletRequest.getQueryString(), RestConstants.FROM_DOJO, RestConstants.BOOLEAN_VALUE_TRUE));
            return null;
        } catch (Exception e3) {
            if (logger.isLoggable(Level.SEVERE)) {
                logger.logp(Level.SEVERE, CLASSNAME, "createRequestData", "Exception: " + e3.getMessage());
            }
            e3.printStackTrace();
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RestHandler getRestHander(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "getRestHander");
        }
        String pathInfo = httpServletRequest.getPathInfo();
        URIMatcher uRIMatcher = (URIMatcher) getServletContext().getAttribute(getMatcherName());
        if (logger.isLoggable(Level.FINEST)) {
            logger.logp(Level.FINEST, CLASSNAME, "getRestHander", "pathinfo:" + pathInfo);
        }
        if (uRIMatcher == null) {
            if (logger.isLoggable(Level.SEVERE)) {
                logger.logp(Level.SEVERE, CLASSNAME, "getRestHander", "URIMatcher returned a null matcher for " + pathInfo);
            }
            RestHandlerHelper.sendErrorJSON(httpServletRequest, httpServletResponse, httpServletRequest.getLocale());
            return null;
        }
        URIMatcher.MatchResult match = uRIMatcher.match(pathInfo);
        if (match == null) {
            if (logger.isLoggable(Level.SEVERE)) {
                logger.logp(Level.SEVERE, CLASSNAME, "getRestHander", "MatchResult was null for " + pathInfo);
            }
            RestHandlerHelper.setURINotSupportedStatus(httpServletRequest, httpServletResponse, pathInfo, httpServletRequest.getLocale());
            return null;
        }
        if (logger.isLoggable(Level.FINEST)) {
            logger.logp(Level.FINEST, CLASSNAME, "getRestHander", "MatchResult ------------- =  " + match);
        }
        RestHandler restHandler = (RestHandler) match.getNewTargetInstance();
        if (restHandler == null) {
            if (logger.isLoggable(Level.SEVERE)) {
                logger.logp(Level.SEVERE, CLASSNAME, "getRestHander", "URIHandler was null for " + pathInfo);
            }
            RestHandlerHelper.setURINotSupportedStatus(httpServletRequest, httpServletResponse, pathInfo, httpServletRequest.getLocale());
            return null;
        }
        restHandler.setLocale(httpServletRequest.getLocale());
        restHandler.setRequest(httpServletRequest);
        restHandler.setResponse(httpServletResponse);
        if (logger.isLoggable(Level.FINEST)) {
            logger.logp(Level.FINEST, CLASSNAME, "getRestHander", "URIHandler h = " + restHandler);
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASSNAME, "getRestHander", "find handler: " + restHandler.getClass().getName());
        }
        return restHandler;
    }

    protected void addUserGroupsRequired(Map map, HttpServletRequest httpServletRequest, RestHandler restHandler) {
        if (restHandler instanceof SpacesRestHandler) {
            HashSet<String> collectLDAPHierarchy = SecurityHelper.collectLDAPHierarchy((String) map.get("userdn"), httpServletRequest.getSession());
            if (collectLDAPHierarchy.size() > 0) {
                JSONArray jSONArray = new JSONArray();
                Iterator<String> it = collectLDAPHierarchy.iterator();
                while (it.hasNext()) {
                    jSONArray.add(it.next());
                }
                map.put(RestConstants.USER_GROUPS, jSONArray);
            }
        }
    }

    protected void cleanupCache(HttpServletRequest httpServletRequest) {
        String userName = SecurityHelper.getUserName(httpServletRequest, BScapeServerApp.securityCheck);
        String str = (String) httpServletRequest.getSession().getAttribute(RestConstants.USER_PRINCIPLENAME);
        if (str == null || userName == null || str.equals(userName)) {
            return;
        }
        httpServletRequest.getSession().removeAttribute("userdn");
        httpServletRequest.getSession().removeAttribute("userCN");
        httpServletRequest.getSession().removeAttribute("email");
        httpServletRequest.getSession().removeAttribute(RestConstants.ALL_ORGS_FOR_USER);
        httpServletRequest.getSession().removeAttribute(RestConstants.USER_PRINCIPLENAME);
        Enumeration attributeNames = httpServletRequest.getSession().getAttributeNames();
        while (attributeNames.hasMoreElements()) {
            String str2 = (String) attributeNames.nextElement();
            if (str2.startsWith("GC_") || str2.startsWith("T_FORM_")) {
                httpServletRequest.getSession().removeAttribute(str2);
            }
        }
    }

    /* JADX WARN: Finally extract failed */
    protected boolean homeSpaceEntitlementCheck(String str, String str2, String str3, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (str == null) {
            return true;
        }
        Connection connection = null;
        boolean z = true;
        try {
            try {
                connection = DBConnectionFactory.getInstance().getConnection();
                if (str3 != null && !new DocOwnershipsAccessBean().isDocOwner(str2.toLowerCase(), str3)) {
                    z = false;
                }
                if (!new RequestBean().hasPendingAccess(str, str2.toLowerCase(), connection)) {
                    z = false;
                }
            } catch (SQLException e) {
                if (logger.isLoggable(Level.SEVERE)) {
                    logger.logp(Level.SEVERE, CLASSNAME, "homeSpaceEntitlementCheck", "SQLException: " + e.getMessage());
                }
                RestHandlerHelper.sendDbErrorJSON(httpServletRequest, httpServletResponse, e, httpServletRequest.getLocale());
                z = false;
            }
            if (connection != null) {
                DBConnectionFactory.getInstance().closeConnection(connection);
            }
            return z;
        } catch (Throwable th) {
            if (connection != null) {
                DBConnectionFactory.getInstance().closeConnection(connection);
            }
            throw th;
        }
    }

    protected String getMatcherName() {
        return "/app/matcher";
    }
}
