package com.atlassian.jira.web.servlet;

import com.atlassian.crowd.embedded.api.User;
import com.atlassian.jira.exception.AttachmentNotFoundException;
import com.atlassian.jira.exception.DataAccessException;
import com.atlassian.jira.exception.NotFoundException;
import com.atlassian.jira.exception.PermissionException;
import com.atlassian.jira.util.http.JiraHttpUtils;
import com.atlassian.jira.web.exception.WebExceptionChecker;
import com.atlassian.seraph.auth.AuthenticationContextImpl;
import com.atlassian.seraph.util.RedirectUtils;
import java.io.Closeable;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.OutputStream;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/atlassian/jira/web/servlet/AbstractViewFileServlet.class */
public abstract class AbstractViewFileServlet extends HttpServlet {
    private static final Logger log = Logger.getLogger(ViewAttachmentServlet.class);

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            try {
                File fileName = getFileName(httpServletRequest, httpServletResponse);
                if (fileName == null) {
                    throw new NotFoundException("Attachment not found");
                }
                streamFileData(httpServletRequest, httpServletResponse, fileName);
            } catch (PermissionException e) {
                redirectForSecurityBreach(httpServletRequest, httpServletResponse);
            } catch (AttachmentNotFoundException e2) {
                send404(httpServletRequest, httpServletResponse);
            } catch (InvalidAttachmentPathException e3) {
                httpServletResponse.sendError(400, "Invalid attachment path");
            }
        } catch (Exception e4) {
            if (WebExceptionChecker.canBeSafelyIgnored(e4)) {
                return;
            }
            log.error("Error serving file for path " + httpServletRequest.getPathInfo() + ": " + e4.getMessage(), e4);
            throw new ServletException(e4);
        }
    }

    private void send404(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendError(404, String.format("Attachment %s was not found", httpServletRequest.getPathInfo()));
    }

    private void redirectForSecurityBreach(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (getUserName() == null) {
            httpServletResponse.sendRedirect(RedirectUtils.getLoginUrl(httpServletRequest));
            return;
        }
        RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher("/secure/views/securitybreach.jsp");
        JiraHttpUtils.setNoCacheHeaders(httpServletResponse);
        requestDispatcher.forward(httpServletRequest, httpServletResponse);
    }

    private void streamFileData(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, File file) throws IOException {
        FileInputStream fileInputStream = null;
        OutputStream outputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(file);
                outputStream = httpServletResponse.getOutputStream();
                setResponseHeaders(httpServletRequest, httpServletResponse);
                try {
                    IOUtils.copy(fileInputStream, outputStream);
                    outputStream.flush();
                } catch (IOException e) {
                    if (log.isDebugEnabled()) {
                        log.debug("Error serving content to client", e);
                    }
                }
                close(fileInputStream);
                close(outputStream);
            } catch (FileNotFoundException e2) {
                log.error("Error finding " + httpServletRequest.getPathInfo() + " : " + e2.getMessage());
                send404(httpServletRequest, httpServletResponse);
                close(fileInputStream);
                close(null);
            }
        } catch (Throwable th) {
            close(fileInputStream);
            close(outputStream);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final String attachmentPath(HttpServletRequest httpServletRequest) {
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo == null || pathInfo.length() == 1 || pathInfo.indexOf(47, 1) == -1) {
            throw new InvalidAttachmentPathException();
        }
        return pathInfo;
    }

    protected abstract File getFileName(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws InvalidAttachmentPathException, DataAccessException, IOException, PermissionException;

    protected abstract void setResponseHeaders(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws InvalidAttachmentPathException, DataAccessException, IOException;

    /* JADX INFO: Access modifiers changed from: protected */
    public final String getUserName() {
        User user = new AuthenticationContextImpl().getUser();
        if (user != null) {
            return user.getName();
        }
        return null;
    }

    private static void close(Closeable closeable) {
        if (closeable != null) {
            try {
                closeable.close();
            } catch (IOException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Error closing streams after serving content", e);
                }
            }
        }
    }
}
