package com.appiancorp.common.struts;

import com.appiancorp.common.LocaleUtils;
import com.appiancorp.common.config.ConfigObjectRepository;
import com.appiancorp.common.monitoring.ProductMetricsAggregatedDataCollector;
import com.appiancorp.security.auth.SecurityContextProviderServiceContextImpl;
import com.appiancorp.security.authz.ActionNameResolver;
import com.appiancorp.security.authz.AppianAuthorizationProvider;
import com.appiancorp.security.authz.AuthorizationException;
import com.appiancorp.security.authz.AuthorizationMethodInterceptor;
import com.appiancorp.security.authz.AuthorizationProvider;
import com.appiancorp.security.authz.NoOpMethodInvocation;
import com.appiancorp.services.ServiceContext;
import com.appiancorp.services.WebServiceContextFactory;
import com.appiancorp.suiteapi.common.exceptions.AppianException;
import com.appiancorp.suiteapi.common.exceptions.AppianRuntimeException;
import com.appiancorp.suiteapi.common.exceptions.ErrorCode;
import com.appiancorp.suiteapi.common.exceptions.ExceptionUtil;
import com.appiancorp.suiteapi.common.exceptions.LocaleFormatter;
import com.google.common.collect.Maps;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileUpload;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.io.FileCleaningTracker;
import org.apache.log4j.Logger;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import org.apache.struts.action.ActionMessages;
import org.apache.struts.tiles.ComponentContext;

@Deprecated
/* loaded from: input_file:com/appiancorp/common/struts/BaseAction.class */
public abstract class BaseAction extends Action {
    private static final String ERROR_CODE_MSG_KEY = "appianErrorCode.holder";
    private static final String ERROR_CODE_MSG_BUNDLE_KEY = "p-errors-i18n";
    public static final String FORWARD_ERROR = "error";
    public static final String FORWARD_NO_ACCESS = "no_access";
    public static final String FORWARD_SUCCESS = "success";
    private static final String REQUEST_MULTIPART_PARAMETERS = BaseAction.class.getName() + ".MULTIPART_PARAMETERS";
    private static MultipleTokenProcessor _token = MultipleTokenProcessor.getInstance();
    private static final Logger LOG = Logger.getLogger(BaseAction.class);
    private String _bundle;

    private static FileCleaningTracker getFileCleaningTracker() {
        return ((FileCleaningTrackerConfig) ConfigObjectRepository.getConfigObject(FileCleaningTrackerConfig.class)).getInstance();
    }

    public static Map decodeParameters(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        if (!FileUpload.isMultipartContent(httpServletRequest)) {
            return Maps.newHashMap(httpServletRequest.getParameterMap());
        }
        if (httpServletRequest.getAttribute(REQUEST_MULTIPART_PARAMETERS) != null) {
            return (Map) httpServletRequest.getAttribute(REQUEST_MULTIPART_PARAMETERS);
        }
        httpServletRequest.setAttribute(REQUEST_MULTIPART_PARAMETERS, hashMap);
        DiskFileItemFactory diskFileItemFactory = new DiskFileItemFactory();
        diskFileItemFactory.setSizeThreshold(10485760);
        diskFileItemFactory.setFileCleaningTracker(getFileCleaningTracker());
        FileUpload fileUpload = new FileUpload(diskFileItemFactory);
        List<FileItem> list = null;
        String characterEncoding = httpServletRequest.getCharacterEncoding();
        try {
            fileUpload.setHeaderEncoding(characterEncoding);
            list = fileUpload.parseRequest(httpServletRequest);
        } catch (FileUploadException e) {
        }
        HashMap hashMap2 = new HashMap();
        if (list != null) {
            for (FileItem fileItem : list) {
                if (fileItem.isFormField()) {
                    String fieldName = fileItem.getFieldName();
                    List list2 = (List) hashMap2.get(fieldName);
                    if (list2 == null) {
                        ArrayList arrayList = new ArrayList();
                        list2 = arrayList;
                        hashMap2.put(fieldName, arrayList);
                    }
                    try {
                        list2.add(fileItem.getString(characterEncoding));
                    } catch (UnsupportedEncodingException e2) {
                        LOG.error(e2);
                    }
                } else {
                    hashMap.put(fileItem.getFieldName(), fileItem);
                }
            }
            for (String str : hashMap2.keySet()) {
                hashMap.put(str, ((List) hashMap2.get(str)).toArray(new String[0]));
            }
        }
        return hashMap;
    }

    public void addError(HttpServletRequest httpServletRequest, AppianException appianException) {
        MessagingUtil.addError(httpServletRequest, appianException);
    }

    @Deprecated
    public void addError(HttpServletRequest httpServletRequest, String str) {
        MessagingUtil.addError(httpServletRequest, new ActionMessage(str), this._bundle);
    }

    public void addError(HttpServletRequest httpServletRequest, ActionMessage actionMessage) {
        MessagingUtil.addError(httpServletRequest, actionMessage, this._bundle);
    }

    public void addError(HttpServletRequest httpServletRequest, ActionMessage actionMessage, String str) {
        MessagingUtil.addError(httpServletRequest, actionMessage, str);
    }

    public void addError(HttpServletRequest httpServletRequest, String str, ActionMessage actionMessage) {
        MessagingUtil.addError(httpServletRequest, str, actionMessage, this._bundle);
    }

    public void addError(HttpServletRequest httpServletRequest, String str, ActionMessage actionMessage, String str2) {
        MessagingUtil.addError(httpServletRequest, str, actionMessage, str2);
    }

    private static ActionMessage generateActionErrorFromAppianErrorCode(HttpServletRequest httpServletRequest, ErrorCode errorCode, Object[] objArr) {
        return new ActionMessage(ERROR_CODE_MSG_KEY, errorCode.getMessage(new LocaleFormatter(LocaleUtils.getCurrentLocale(httpServletRequest)), objArr) + " (" + errorCode + ")");
    }

    public void addError(HttpServletRequest httpServletRequest, ErrorCode errorCode, Object... objArr) {
        MessagingUtil.addError(httpServletRequest, generateActionErrorFromAppianErrorCode(httpServletRequest, errorCode, objArr), ERROR_CODE_MSG_BUNDLE_KEY);
    }

    public void addError(HttpServletRequest httpServletRequest, String str, ErrorCode errorCode, Object... objArr) {
        MessagingUtil.addError(httpServletRequest, str, generateActionErrorFromAppianErrorCode(httpServletRequest, errorCode, objArr), ERROR_CODE_MSG_BUNDLE_KEY);
    }

    public void addMessage(HttpServletRequest httpServletRequest, ActionMessage actionMessage) {
        MessagingUtil.addMessage(httpServletRequest, actionMessage, this._bundle);
    }

    public void addMessage(HttpServletRequest httpServletRequest, ActionMessage actionMessage, String str) {
        MessagingUtil.addMessage(httpServletRequest, actionMessage, str);
    }

    public void addMessage(HttpServletRequest httpServletRequest, String str, ActionMessage actionMessage) {
        MessagingUtil.addMessage(httpServletRequest, str, actionMessage, this._bundle);
    }

    public void addMessage(HttpServletRequest httpServletRequest, String str, ActionMessage actionMessage, String str2) {
        MessagingUtil.addMessage(httpServletRequest, str, actionMessage, str2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void saveErrors(HttpServletRequest httpServletRequest, ActionMessages actionMessages) {
        MessagingUtil.saveErrors(httpServletRequest, actionMessages, this._bundle);
    }

    protected void saveErrors(HttpServletRequest httpServletRequest, ActionMessages actionMessages, String str) {
        MessagingUtil.saveErrors(httpServletRequest, actionMessages, str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void saveMessages(HttpServletRequest httpServletRequest, ActionMessages actionMessages) {
        MessagingUtil.saveMessages(httpServletRequest, actionMessages, this._bundle);
    }

    protected void saveMessages(HttpServletRequest httpServletRequest, ActionMessages actionMessages, String str) {
        MessagingUtil.saveMessages(httpServletRequest, actionMessages, str);
    }

    public final ActionForward execute(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            ProductMetricsAggregatedDataCollector.recordData("struts." + getClass().getName());
        } catch (Exception e) {
        }
        try {
            initBundle();
            if (ComponentContext.getContext(httpServletRequest) == null) {
                ComponentContext.setContext(new ComponentContext(), httpServletRequest);
            }
            if (canAccess(actionMapping, httpServletRequest)) {
                return executeImpl(actionMapping, actionForm, httpServletRequest, httpServletResponse);
            }
            LOG.warn("Current user has no access to this action " + actionMapping.getPath());
            ActionForward findForward = actionMapping.findForward(FORWARD_NO_ACCESS);
            if (findForward == null) {
                findForward = actionMapping.findForward("error");
            }
            return findForward;
        } catch (Throwable th) {
            LOG.error("Error executing action: " + th.getMessage(), th);
            return actionMapping.findForward("error");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initBundle() {
        if (this._bundle != null) {
            return;
        }
        BundleConfig bundleConfig = (BundleConfig) ConfigObjectRepository.getConfigObject(BundleConfig.class);
        Class<?> cls = getClass();
        while (true) {
            Class<?> cls2 = cls;
            if (cls2 == null) {
                return;
            }
            this._bundle = bundleConfig.getBundle(cls2);
            if (this._bundle != null) {
                return;
            } else {
                cls = cls2.getSuperclass();
            }
        }
    }

    abstract ActionForward executeImpl(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse);

    public static String getValueFromRequest(HttpServletRequest httpServletRequest, String str) {
        return getValueFromRequest(httpServletRequest, str, null);
    }

    public static String getValueFromRequest(HttpServletRequest httpServletRequest, String str, String str2) {
        Object attribute = httpServletRequest.getAttribute(str);
        if (attribute != null) {
            return attribute.toString();
        }
        String parameter = httpServletRequest.getParameter(str);
        if (parameter != null && !"".equals(parameter)) {
            return parameter;
        }
        Object obj = decodeParameters(httpServletRequest).get(str);
        if (obj != null && (obj instanceof Object[])) {
            Object[] objArr = (Object[]) obj;
            if (objArr.length > 0) {
                return objArr[0].toString();
            }
        }
        Object attribute2 = httpServletRequest.getAttribute(str);
        return attribute2 != null ? attribute2.toString() : str2;
    }

    protected boolean canAccess(ActionMapping actionMapping, HttpServletRequest httpServletRequest) {
        if (requiresAuthorization(httpServletRequest)) {
            return authorize(httpServletRequest);
        }
        return true;
    }

    protected boolean requiresAuthorization(HttpServletRequest httpServletRequest) {
        return false;
    }

    protected String getAuthorizationActionName(HttpServletRequest httpServletRequest) {
        return getClass().getName();
    }

    protected ServiceContext getServiceContext(HttpServletRequest httpServletRequest) {
        return WebServiceContextFactory.getServiceContext(httpServletRequest);
    }

    protected AuthorizationProvider getAuthorizationProvider() {
        return new AppianAuthorizationProvider();
    }

    private final boolean authorize(final HttpServletRequest httpServletRequest) {
        AuthorizationProvider authorizationProvider = getAuthorizationProvider();
        ServiceContext serviceContext = getServiceContext(httpServletRequest);
        try {
            new AuthorizationMethodInterceptor(authorizationProvider, new SecurityContextProviderServiceContextImpl(serviceContext), "struts", new ActionNameResolver() { // from class: com.appiancorp.common.struts.BaseAction.1
                public String getActionName(MethodInvocation methodInvocation) {
                    return BaseAction.this.getAuthorizationActionName(httpServletRequest);
                }
            }).invoke(new NoOpMethodInvocation());
            return true;
        } catch (RuntimeException e) {
            throw e;
        } catch (AppianRuntimeException e2) {
            if (!ExceptionUtil.isDelegateInstanceOf(e2, AuthorizationException.class)) {
                throw e2;
            }
            if (LOG.isDebugEnabled()) {
                LOG.debug("The user " + serviceContext + " is not authorized to access this struts action.", e2);
            }
            addError(httpServletRequest, ErrorCode.AUTHZ_INSUFFICIENT_PRIVILEGES_FOR_THIS_UI, new Object[0]);
            return false;
        } catch (Throwable th) {
            throw new RuntimeException(th);
        }
    }

    protected String generateToken(HttpServletRequest httpServletRequest) {
        throw new AbstractMethodError("do not call generate token.");
    }

    protected boolean isTokenValid(HttpServletRequest httpServletRequest) {
        return _token.isTokenValid(httpServletRequest, false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isTokenValid(HttpServletRequest httpServletRequest, boolean z) {
        return _token.isTokenValid(httpServletRequest, z);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void resetToken(HttpServletRequest httpServletRequest) {
        _token.invalidateToken(httpServletRequest);
    }

    protected void saveToken(HttpServletRequest httpServletRequest) {
        _token.generateToken(httpServletRequest);
    }
}
