package com.atlassian.jira.web.dispatcher;

import com.atlassian.jira.ComponentManager;
import com.atlassian.jira.action.ActionContextKit;
import com.atlassian.jira.bc.whitelist.DefaultWhitelistManager;
import com.atlassian.jira.component.ComponentAccessor;
import com.atlassian.jira.security.JiraAuthenticationContext;
import com.atlassian.jira.security.xsrf.XsrfFailureException;
import com.atlassian.jira.startup.JiraStartupChecklist;
import com.atlassian.jira.util.JiraUrlCodec;
import com.atlassian.jira.web.action.XsrfErrorAction;
import com.atlassian.jira.web.util.ChangeHistoryUtils;
import com.atlassian.sal.api.websudo.WebSudoSessionException;
import com.atlassian.seraph.util.RedirectUtils;
import java.beans.Introspector;
import java.io.CharArrayWriter;
import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Collections;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import webwork.action.ResultException;
import webwork.config.Configuration;
import webwork.dispatcher.ActionResult;
import webwork.dispatcher.GenericDispatcher;
import webwork.multipart.MultiPartRequest;
import webwork.multipart.MultiPartRequestWrapper;
import webwork.util.ServletValueStack;
import webwork.util.ValueStack;

/* loaded from: input_file:com/atlassian/jira/web/dispatcher/JiraWebworkActionDispatcher.class */
public class JiraWebworkActionDispatcher extends HttpServlet {
    public static final String STACK_HEAD = "webwork.valuestack.head";
    public static final String GD = "jira.webwork.generic.dispatcher";
    public static final String CLEANUP = "jira.webwork.cleanup";
    private static final String ACTION_EXTENSION = ".jspa";
    private String saveDir;
    private static final Logger log = Logger.getLogger(JiraWebworkActionDispatcher.class);
    private static final String NEW_LINE = System.getProperty("line.separator");

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        if (!JiraStartupChecklist.startupOK()) {
            String repeat = StringUtils.repeat("*", "JIRA startup failed, JIRA has been locked.".length());
            log.fatal(NEW_LINE + NEW_LINE + repeat + NEW_LINE + "JIRA startup failed, JIRA has been locked." + NEW_LINE + repeat + NEW_LINE);
            return;
        }
        Introspector.flushCaches();
        ValueStack.clearMethods();
        File file = (File) servletConfig.getServletContext().getAttribute("javax.servlet.context.tempdir");
        if (file != null) {
            this.saveDir = file.getAbsolutePath();
        } else {
            log.error("Servlet Context Temp Directory isn't set. No save directory set for file uploads.");
        }
        log.info("Setting Upload File Directory to '" + this.saveDir + "'");
        log.info("JiraWebworkActionDispatcher initialized");
    }

    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        HttpServletRequest wrapRequest = wrapRequest(httpServletRequest);
        boolean z = wrapRequest.getAttribute(CLEANUP) == null || wrapRequest.getAttribute(CLEANUP).equals(Boolean.TRUE);
        GenericDispatcher genericDispatcher = null;
        try {
            String actionName = getActionName(wrapRequest);
            genericDispatcher = prepareDispatcher(wrapRequest, httpServletResponse, actionName);
            ActionResult actionResult = null;
            try {
                try {
                    try {
                        genericDispatcher.executeAction();
                        actionResult = genericDispatcher.finish();
                    } catch (WebSudoSessionException e) {
                        actionResult = new ActionResult("login", "/secure/admin/WebSudoAuthenticate!default.jspa?webSudoDestination=" + JiraUrlCodec.encode(wrapRequest.getServletPath() + (wrapRequest.getPathInfo() == null ? "" : wrapRequest.getPathInfo()) + (wrapRequest.getQueryString() == null ? "" : "?" + wrapRequest.getQueryString())), Collections.EMPTY_LIST, (Exception) null);
                    }
                } catch (Throwable th) {
                    onActionThrowable(httpServletResponse, actionName, th);
                }
            } catch (XsrfFailureException e2) {
                wrapRequest.getRequestDispatcher(XsrfErrorAction.FORWARD_PATH).forward(wrapRequest, httpServletResponse);
            }
            if (actionResult != null && actionResult.getActionException() != null) {
                onActionException(actionResult);
            }
            if (actionResult != null && actionResult.getResult() != null && actionResult.getView() == null && !actionResult.getResult().equals("none")) {
                onNoViewDefined(httpServletResponse, actionName, actionResult);
            }
            if (actionResult != null && actionResult.getView() != null && actionResult.getActionException() == null) {
                dispatchView(wrapRequest, httpServletResponse, z, actionResult);
            }
            performFinallyCleanup(wrapRequest, z, genericDispatcher);
        } catch (Throwable th2) {
            performFinallyCleanup(wrapRequest, z, genericDispatcher);
            throw th2;
        }
    }

    private GenericDispatcher prepareDispatcher(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        GenericDispatcher genericDispatcher = new GenericDispatcher(str, false);
        genericDispatcher.prepareContext();
        ActionContextKit.setContext(httpServletRequest, httpServletResponse, getServletContext(), str);
        genericDispatcher.prepareValueStack();
        return genericDispatcher;
    }

    private void onActionException(ActionResult actionResult) throws ServletException {
        if (log.isDebugEnabled()) {
            log.debug("Could not execute action", actionResult.getActionException());
        }
        throw new ServletException(actionResult.getActionException());
    }

    private void onActionThrowable(HttpServletResponse httpServletResponse, String str, Throwable th) {
        if (log.isDebugEnabled()) {
            log.debug("Could not execute action : ", th);
        }
        sendErrorImpl(httpServletResponse, 404, "Could not execute action [" + str + "]:" + th.getMessage() + getHTMLErrorMessage(th));
    }

    private void onNoViewDefined(HttpServletResponse httpServletResponse, String str, ActionResult actionResult) {
        sendErrorImpl(httpServletResponse, 404, "No view for result [" + actionResult.getResult() + "] exists for action [" + str + ChangeHistoryUtils.LINE_ENDING);
    }

    private void sendErrorImpl(HttpServletResponse httpServletResponse, int i, String str) {
        try {
            if (!httpServletResponse.isCommitted()) {
                httpServletResponse.sendError(i, str);
            }
        } catch (IOException e) {
            log.error("Error occurred while sending error response : " + i + " - " + str + " because of" + e.getMessage());
        }
    }

    private void dispatchView(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z, ActionResult actionResult) throws ServletException {
        if (permissionViolationCheckHandled(actionResult, httpServletRequest, httpServletResponse, z)) {
            return;
        }
        String obj = actionResult.getView().toString();
        if (log.isDebugEnabled()) {
            log.debug("Result:" + obj);
        }
        RequestDispatcher requestDispatcher = null;
        try {
            requestDispatcher = httpServletRequest.getRequestDispatcher(obj);
        } catch (Throwable th) {
            log.error("Error while dispatching request for view '" + obj + "'.", th);
        }
        try {
            if (requestDispatcher == null) {
                throw new ServletException("No presentation file with name '" + obj + "' found!");
            }
            try {
                if (httpServletRequest.getAttribute("javax.servlet.include.servlet_path") == null) {
                    httpServletRequest.setAttribute("webwork.view_uri", obj);
                    httpServletRequest.setAttribute("webwork.request_uri", httpServletRequest.getRequestURI());
                    requestDispatcher.forward(httpServletRequest, httpServletResponse);
                } else {
                    requestDispatcher.include(httpServletRequest, httpServletResponse);
                }
            } catch (IOException e) {
                throw new ServletException(e);
            }
        } finally {
            cleanUpStack(httpServletRequest, z);
        }
    }

    private void cleanUpStack(HttpServletRequest httpServletRequest, boolean z) {
        if (z) {
            httpServletRequest.setAttribute(STACK_HEAD, ServletValueStack.getStack(httpServletRequest).popValue());
        }
    }

    private boolean permissionViolationCheckHandled(ActionResult actionResult, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) {
        if (isUserLoggedIn()) {
            return false;
        }
        String result = actionResult.getResult();
        if (!"permissionviolation".equals(result) && !"securitybreach".equals(result)) {
            return false;
        }
        String loginUrl = RedirectUtils.getLoginUrl(httpServletRequest);
        try {
            try {
                httpServletResponse.sendRedirect(loginUrl);
                cleanUpStack(httpServletRequest, z);
                return true;
            } catch (IOException e) {
                log.error("Unable to redirect permission violation to " + loginUrl);
                cleanUpStack(httpServletRequest, z);
                return true;
            }
        } catch (Throwable th) {
            cleanUpStack(httpServletRequest, z);
            throw th;
        }
    }

    private void performFinallyCleanup(HttpServletRequest httpServletRequest, boolean z, GenericDispatcher genericDispatcher) {
        if (!z) {
            httpServletRequest.setAttribute(GD, genericDispatcher);
        } else if (genericDispatcher != null) {
            genericDispatcher.finalizeContext();
        }
    }

    private String getActionName(HttpServletRequest httpServletRequest) {
        String str = (String) httpServletRequest.getAttribute("javax.servlet.include.servlet_path");
        if (str == null) {
            str = httpServletRequest.getServletPath();
        }
        int lastIndexOf = str.lastIndexOf(DefaultWhitelistManager.REGEX_PREFIX);
        int lastIndexOf2 = str.lastIndexOf(ACTION_EXTENSION);
        return str.substring(lastIndexOf == -1 ? 0 : lastIndexOf + 1, lastIndexOf2 == -1 ? str.length() : lastIndexOf2);
    }

    private HttpServletRequest wrapRequest(HttpServletRequest httpServletRequest) {
        if (httpServletRequest instanceof MultiPartRequestWrapper) {
            return httpServletRequest;
        }
        if (needsMultipartWrapper(httpServletRequest, Boolean.valueOf(multipartDisableGetString()).booleanValue())) {
            try {
                httpServletRequest = new MultiPartRequestWrapper(httpServletRequest, this.saveDir, getMaxSize());
            } catch (IOException e) {
                httpServletRequest.setAttribute("webwork.action.ResultException", new ResultException("error", e.getLocalizedMessage()));
            }
        }
        return httpServletRequest;
    }

    private String multipartDisableGetString() {
        return ComponentAccessor.getApplicationProperties().getDefaultString("jira.disable.multipart.get.http.request");
    }

    private boolean needsMultipartWrapper(HttpServletRequest httpServletRequest, boolean z) {
        return MultiPartRequest.isMultiPart(httpServletRequest) && ("POST".equals(httpServletRequest.getMethod()) || ("GET".equals(httpServletRequest.getMethod()) && !z));
    }

    protected String getHTMLErrorMessage(Throwable th) {
        return "<p><small><small><pre>" + getStackTrace(th) + "</pre></small></small></p>";
    }

    private static String getStackTrace(Throwable th) {
        CharArrayWriter charArrayWriter = new CharArrayWriter(400);
        th.printStackTrace(new PrintWriter(charArrayWriter));
        return charArrayWriter.toString();
    }

    private Integer getMaxSize() {
        Integer num;
        try {
            String string = Configuration.getString("webwork.multipart.maxSize");
            if (string != null) {
                try {
                    num = new Integer(string);
                } catch (NumberFormatException e) {
                    num = Integer.MAX_VALUE;
                    log.warn("Property 'webwork.multipart.maxSize' with value '" + string + "' is not a number. Defaulting to Integer.MAX_VALUE");
                }
            } else {
                num = Integer.MAX_VALUE;
                log.warn("Property 'webwork.multipart.maxSize' is not set. Defaulting to Integer.MAX_VALUE");
            }
        } catch (IllegalArgumentException e2) {
            num = Integer.MAX_VALUE;
            log.warn("Failed getting string from Configuration for 'webwork.multipart.maxSize' property. Defaulting to Integer.MAX_VALUE", e2);
        }
        return num;
    }

    public boolean isUserLoggedIn() {
        return ((JiraAuthenticationContext) ComponentManager.getComponent(JiraAuthenticationContext.class)).getLoggedInUser() != null;
    }
}
