package com.atlassian.jira.web.servlet;

import com.atlassian.crowd.embedded.api.User;
import com.atlassian.jira.ComponentManager;
import com.atlassian.jira.component.ComponentAccessor;
import com.atlassian.jira.config.properties.ApplicationProperties;
import com.atlassian.jira.exception.DataAccessException;
import com.atlassian.jira.exception.PermissionException;
import com.atlassian.jira.issue.Issue;
import com.atlassian.jira.issue.MutableIssue;
import com.atlassian.jira.issue.attachment.Attachment;
import com.atlassian.jira.issue.attachment.AttachmentZipFileCreator;
import com.atlassian.jira.issue.attachment.AttachmentZipKit;
import com.atlassian.jira.plugin.PluginFactoryAndLoaderRegistrar;
import com.atlassian.jira.plugin.webfragment.conditions.IsBrowserCondition;
import com.atlassian.jira.security.JiraAuthenticationContext;
import com.atlassian.jira.util.AttachmentUtils;
import com.atlassian.jira.util.IOUtil;
import com.atlassian.jira.util.http.JiraHttpUtils;
import com.atlassian.jira.util.mime.MimeManager;
import com.atlassian.jira.web.exception.WebExceptionChecker;
import com.atlassian.seraph.util.RedirectUtils;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/atlassian/jira/web/servlet/AttachmentZipServlet.class */
public class AttachmentZipServlet extends HttpServlet {
    private static final String SECURE_VIEWS_SECURITYBREACH_JSP = "/secure/views/securitybreach.jsp";
    private static final String APPLICATION_OCTET_STREAM = "application/octet-stream";
    private static final String CONTENT_DISPOSITION_ATTACHMENT = "attachment";
    private static final Logger log = Logger.getLogger(AttachmentZipServlet.class);
    private static final Pattern ISSUE_ID_ONLY = Pattern.compile(".+/([0-9]+)\\.zip");
    private static final Pattern ISSUE_ID_AND_ZIP = Pattern.compile(".+/unzip/([0-9]+)/([0-9]+)(\\[|%5B)([0-9]+)(\\]|%5D)/.*");

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (!checkSupportEnabled()) {
            httpServletResponse.sendError(404, "Attachments as ZIP support is disabled");
            return;
        }
        String requestURI = httpServletRequest.getRequestURI();
        try {
            Issue issue = getIssue(requestURI);
            if (issue == null) {
                httpServletResponse.sendError(404, "Could not find issue");
            } else if (requestURI.contains("unzip")) {
                unzipSpecifiedAttachment(httpServletRequest, httpServletResponse, issue, requestURI);
            } else {
                zipAllAttachments(httpServletRequest, httpServletResponse, issue);
            }
        } catch (PermissionException e) {
            redirectForSecurityBreach(httpServletRequest, httpServletResponse);
        }
    }

    private void zipAllAttachments(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Issue issue) throws IOException, ServletException {
        String key = issue.getKey();
        try {
            File createAttachmentsZipFile = createAttachmentsZipFile(issue);
            try {
                try {
                    setResponseHeaders(httpServletRequest, httpServletResponse, createAttachmentsZipFile, key);
                    writeZipResponse(httpServletResponse, createAttachmentsZipFile);
                    deleteFile(createAttachmentsZipFile);
                } catch (Exception e) {
                    if (WebExceptionChecker.canBeSafelyIgnored(e)) {
                        deleteFile(createAttachmentsZipFile);
                    } else {
                        if (httpServletResponse.isCommitted()) {
                            throw new ServletException("Could not serve zip file of attachments for issue " + key, e);
                        }
                        httpServletResponse.sendError(404, "Could not serve zip file of attachments for issue " + key + " : " + e.getMessage());
                        deleteFile(createAttachmentsZipFile);
                    }
                }
            } catch (Throwable th) {
                deleteFile(createAttachmentsZipFile);
                throw th;
            }
        } catch (IOException e2) {
            log.error("Can not create temporary zip file : " + httpServletRequest.getPathInfo() + ": " + e2.getMessage(), e2);
            httpServletResponse.sendError(404, "Could not create zip file for issue : " + key);
        }
    }

    private void unzipSpecifiedAttachment(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Issue issue, String str) throws IOException {
        String key = issue.getKey();
        Matcher matcher = ISSUE_ID_AND_ZIP.matcher(str);
        if (!matcher.find() || matcher.groupCount() != 5) {
            httpServletResponse.sendError(404, "Could not create zip file for issue : " + key);
            return;
        }
        long parseLong = Long.parseLong(matcher.group(2));
        int parseInt = Integer.parseInt(matcher.group(4));
        AttachmentZipKit attachmentZipKit = new AttachmentZipKit();
        File fileFor = getFileFor(issue, parseLong);
        if (attachmentZipKit.isZip(fileFor)) {
            streamSpecificZipEntry(httpServletRequest, httpServletResponse, parseInt, attachmentZipKit, fileFor);
        } else {
            httpServletResponse.sendError(404, "The attachment is not a zip file: " + key + " : " + parseLong);
        }
    }

    private void streamSpecificZipEntry(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i, AttachmentZipKit attachmentZipKit, File file) throws IOException {
        File file2 = null;
        try {
            AttachmentZipKit.ZipEntryInputStream extractFile = attachmentZipKit.extractFile(file, i);
            file2 = createTempFileFromZip(extractFile);
            sniffContentAndSetZipEntryResponseHeaders(httpServletRequest, httpServletResponse, file2, new File(extractFile.getZipEntry().getName()).getName());
            IOUtil.copy((InputStream) new FileInputStream(file2), (OutputStream) httpServletResponse.getOutputStream());
            IOUtil.shutdownStream((InputStream) null);
            if (file2 != null) {
                file2.delete();
            }
        } catch (Throwable th) {
            IOUtil.shutdownStream((InputStream) null);
            if (file2 != null) {
                file2.delete();
            }
            throw th;
        }
    }

    private File createTempFileFromZip(AttachmentZipKit.ZipEntryInputStream zipEntryInputStream) throws IOException {
        File createTempFile = File.createTempFile(PluginFactoryAndLoaderRegistrar.APPLICATION_KEY, ".tmp");
        FileOutputStream fileOutputStream = null;
        try {
            fileOutputStream = new FileOutputStream(createTempFile);
            IOUtil.copy(zipEntryInputStream, fileOutputStream);
            IOUtil.shutdownStream(fileOutputStream);
            return createTempFile;
        } catch (Throwable th) {
            IOUtil.shutdownStream(fileOutputStream);
            throw th;
        }
    }

    private void sniffContentAndSetZipEntryResponseHeaders(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, File file, String str) throws IOException {
        setFileDownloadHeaders(httpServletRequest, httpServletResponse, file, str, ((MimeManager) ComponentManager.getComponent(MimeManager.class)).getSanitisedMimeType(APPLICATION_OCTET_STREAM, str));
    }

    private File getFileFor(Issue issue, long j) {
        for (Attachment attachment : issue.getAttachments()) {
            if (attachment.getId().equals(Long.valueOf(j))) {
                return AttachmentUtils.getAttachmentFile(attachment);
            }
        }
        return null;
    }

    private void redirectForSecurityBreach(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (getLoggedInUser() == null) {
            httpServletResponse.sendRedirect(RedirectUtils.getLoginUrl(httpServletRequest));
            return;
        }
        RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(SECURE_VIEWS_SECURITYBREACH_JSP);
        JiraHttpUtils.setNoCacheHeaders(httpServletResponse);
        requestDispatcher.forward(httpServletRequest, httpServletResponse);
    }

    private Issue getIssue(String str) throws PermissionException {
        Matcher matcher = ISSUE_ID_ONLY.matcher(str);
        String str2 = null;
        if (matcher.find()) {
            str2 = matcher.group(1);
        } else {
            Matcher matcher2 = ISSUE_ID_AND_ZIP.matcher(str);
            if (matcher2.find() && matcher2.groupCount() == 5) {
                str2 = matcher2.group(1);
            }
        }
        return parseForIssue(str2);
    }

    private Issue parseForIssue(String str) throws PermissionException {
        if (str == null) {
            return null;
        }
        try {
            MutableIssue issueObject = ComponentAccessor.getIssueManager().getIssueObject(Long.valueOf(Long.parseLong(str)));
            if (issueObject == null || hasPermissionToViewAttachment(issueObject)) {
                return issueObject;
            }
            throw new PermissionException("The user does not have permission to see this issue");
        } catch (NumberFormatException e) {
            return null;
        }
    }

    private File createAttachmentsZipFile(Issue issue) throws IOException {
        return new AttachmentZipFileCreator(issue).toZipFile();
    }

    private boolean writeZipResponse(HttpServletResponse httpServletResponse, File file) throws IOException {
        boolean z = false;
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        FileInputStream fileInputStream = new FileInputStream(file);
        byte[] bArr = new byte[4096];
        while (true) {
            try {
                int read = fileInputStream.read(bArr);
                if (read == -1) {
                    return z;
                }
                outputStream.write(bArr, 0, read);
                z = true;
            } finally {
                IOUtil.shutdownStream(fileInputStream);
                IOUtil.shutdownStream((OutputStream) outputStream);
            }
        }
    }

    private void setResponseHeaders(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, File file, String str) throws IOException {
        setFileDownloadHeaders(httpServletRequest, httpServletResponse, file, str + ".zip", "application/zip");
    }

    private void setFileDownloadHeaders(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, File file, String str, String str2) throws IOException {
        httpServletResponse.setContentType(str2);
        httpServletResponse.setContentLength((int) file.length());
        ((MimeSniffingKit) ComponentManager.getComponent(MimeSniffingKit.class)).setAttachmentResponseHeaders(str, str2, httpServletRequest.getHeader(IsBrowserCondition.USER_AGENT_HEADER), file, httpServletResponse);
    }

    private boolean hasPermissionToViewAttachment(Issue issue) throws DataAccessException {
        return ComponentAccessor.getPermissionManager().hasPermission(10, issue, getLoggedInUser());
    }

    private void deleteFile(File file) {
        if (file != null) {
            file.delete();
        }
    }

    private boolean checkSupportEnabled() {
        ApplicationProperties applicationProperties = getApplicationProperties();
        return applicationProperties.getOption("jira.option.allowattachments") && applicationProperties.getOption("jira.attachment.allow.zip.support");
    }

    ApplicationProperties getApplicationProperties() {
        return ComponentAccessor.getApplicationProperties();
    }

    protected User getLoggedInUser() {
        return ((JiraAuthenticationContext) ComponentManager.getComponent(JiraAuthenticationContext.class)).getLoggedInUser();
    }
}
