package er.attachment;

import com.webobjects.appserver.WOApplication;
import com.webobjects.appserver.WOContext;
import com.webobjects.appserver.WODynamicURL;
import com.webobjects.appserver.WORequest;
import com.webobjects.appserver.WORequestHandler;
import com.webobjects.appserver.WOResponse;
import com.webobjects.eocontrol.EOEditingContext;
import com.webobjects.eocontrol.EOKeyGlobalID;
import com.webobjects.foundation.NSLog;
import er.attachment.model.ERAttachment;
import er.attachment.model._ERAttachment;
import er.attachment.processors.ERAttachmentProcessor;
import er.extensions.eof.ERXEC;
import er.extensions.eof.ERXEOGlobalIDUtilities;
import er.extensions.foundation.ERXStringUtilities;
import java.io.BufferedInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.NoSuchElementException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:er/attachment/ERAttachmentRequestHandler.class */
public class ERAttachmentRequestHandler extends WORequestHandler {
    public static final String REQUEST_HANDLER_KEY = "attachments";
    private Delegate _delegate;

    /* loaded from: input_file:er/attachment/ERAttachmentRequestHandler$Delegate.class */
    public interface Delegate {
        boolean attachmentVisible(ERAttachment eRAttachment, WORequest wORequest, WOContext wOContext);
    }

    public void setDelegate(Delegate delegate) {
        this._delegate = delegate;
    }

    public WOResponse handleRequest(WORequest wORequest) {
        String str;
        Integer num;
        boolean z;
        EOEditingContext newEditingContext;
        ERAttachment fetchAttachmentFor;
        WOApplication application = WOApplication.application();
        application.awake();
        try {
            WOContext createContextForRequest = application.createContextForRequest(wORequest);
            WOResponse createResponseInContext = application.createResponseInContext(createContextForRequest);
            String sessionIdKey = application.sessionIdKey();
            String str2 = (String) wORequest.formValueForKey(sessionIdKey);
            if (str2 == null) {
                str2 = wORequest.cookieValueForKey(sessionIdKey);
            }
            createContextForRequest._setRequestSessionID(str2);
            if (createContextForRequest._requestSessionID() != null) {
                application.restoreSessionWithID(str2, createContextForRequest);
            }
            try {
                WODynamicURL _uriDecomposed = wORequest._uriDecomposed();
                String requestHandlerPath = _uriDecomposed.requestHandlerPath();
                Matcher matcher = Pattern.compile("^id/(\\d+)/").matcher(requestHandlerPath);
                if (matcher.find()) {
                    num = Integer.valueOf(matcher.group(1));
                    str = matcher.replaceFirst("/");
                } else {
                    str = "/" + requestHandlerPath;
                    num = null;
                }
                try {
                    String queryString = _uriDecomposed.queryString();
                    z = queryString != null && queryString.contains("attachment=true");
                    newEditingContext = ERXEC.newEditingContext();
                    newEditingContext.lock();
                    try {
                        fetchAttachmentFor = fetchAttachmentFor(newEditingContext, num, str);
                    } catch (Throwable th) {
                        newEditingContext.unlock();
                        throw th;
                    }
                } catch (FileNotFoundException e) {
                    NSLog.out.appendln(e);
                    createResponseInContext.setContent(e.getMessage());
                    createResponseInContext.setStatus(404);
                } catch (IOException e2) {
                    NSLog.out.appendln(e2);
                    createResponseInContext.setContent(e2.getMessage());
                    createResponseInContext.setStatus(500);
                } catch (SecurityException e3) {
                    NSLog.out.appendln(e3);
                    createResponseInContext.setContent(e3.getMessage());
                    createResponseInContext.setStatus(403);
                } catch (NoSuchElementException e4) {
                    NSLog.out.appendln(e4);
                    createResponseInContext.setContent(e4.getMessage());
                    createResponseInContext.setStatus(404);
                }
                if (this._delegate != null && !this._delegate.attachmentVisible(fetchAttachmentFor, wORequest, createContextForRequest)) {
                    throw new SecurityException("You are not allowed to view the requested attachment.");
                }
                String mimeType = fetchAttachmentFor.mimeType();
                long longValue = fetchAttachmentFor.size().longValue();
                String originalFileName = fetchAttachmentFor.originalFileName();
                ERAttachmentProcessor processorForType = ERAttachmentProcessor.processorForType(fetchAttachmentFor);
                if (!z) {
                    z = processorForType.proxyAsAttachment(fetchAttachmentFor);
                }
                BufferedInputStream bufferedInputStream = new BufferedInputStream(processorForType.attachmentInputStream(fetchAttachmentFor), 16384);
                newEditingContext.unlock();
                createResponseInContext.setHeader(mimeType, "Content-Type");
                createResponseInContext.setHeader(String.valueOf(longValue), "Content-Length");
                if (z) {
                    createResponseInContext.setHeader("attachment; filename=\"" + originalFileName + "\"", "Content-Disposition");
                } else {
                    createResponseInContext.setHeader("inline; filename=\"" + originalFileName + "\"", "Content-Disposition");
                }
                createResponseInContext.setStatus(200);
                createResponseInContext.setContentStream(bufferedInputStream, 16384, longValue);
                return createResponseInContext;
            } finally {
                if (createContextForRequest._requestSessionID() != null) {
                    WOApplication.application().saveSessionForContext(createContextForRequest);
                }
            }
        } finally {
            application.sleep();
        }
    }

    public static ERAttachment fetchAttachmentFor(EOEditingContext eOEditingContext, Integer num, String str) {
        ERAttachment eRAttachment;
        if (num != null) {
            eRAttachment = (ERAttachment) ERXEOGlobalIDUtilities.fetchObjectWithGlobalID(eOEditingContext, EOKeyGlobalID.globalIDWithEntityName(_ERAttachment.ENTITY_NAME, new Object[]{num}));
            if (!requestedWebPathIsForAttachment(str, eRAttachment)) {
                throw new SecurityException("You are not allowed to view the requested attachment.");
            }
        } else {
            try {
                eRAttachment = ERAttachment.fetchRequiredAttachmentWithWebPath(eOEditingContext, new URI(str).getPath());
            } catch (URISyntaxException e) {
                eRAttachment = null;
                e.printStackTrace();
            }
            if (eRAttachment == null) {
                throw new SecurityException("You are not allowed to view the requested attachment.");
            }
        }
        return eRAttachment;
    }

    public static boolean requestedWebPathIsForAttachment(String str, ERAttachment eRAttachment) {
        return ERXStringUtilities.urlDecode(str).equals(ERXStringUtilities.urlDecode(eRAttachment.webPath()));
    }
}
