package ca.nrc.cadc.caom2.repo;

import ca.nrc.cadc.auth.AuthenticationUtil;
import ca.nrc.cadc.caom2.access.AccessUtil;
import ca.nrc.cadc.caom2.access.ArtifactAccess;
import ca.nrc.cadc.caom2.persistence.ReadAccessDAO;
import ca.nrc.cadc.caom2.repo.CaomRepoConfig;
import ca.nrc.cadc.caom2.repo.action.RepoAction;
import ca.nrc.cadc.caom2.xml.ArtifactAccessWriter;
import ca.nrc.cadc.dali.ParamExtractor;
import ca.nrc.cadc.net.ResourceNotFoundException;
import ca.nrc.cadc.rest.SyncOutput;
import ca.nrc.cadc.uws.Job;
import ca.nrc.cadc.uws.server.JobRunner;
import ca.nrc.cadc.uws.server.JobUpdater;
import ca.nrc.cadc.uws.util.JobLogInfo;
import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URI;
import java.net.URL;
import java.security.AccessControlException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;

/* loaded from: input_file:ca/nrc/cadc/caom2/repo/AccessQueryRunner.class */
public class AccessQueryRunner implements JobRunner {
    private static final Logger log = Logger.getLogger(AccessQueryRunner.class);
    private JobLogInfo logInfo;
    private JobUpdater jobUpdater;
    private Job job;
    private SyncOutput syncOutput;
    private Map<String, List<String>> params;

    public void setJobUpdater(JobUpdater jobUpdater) {
        this.jobUpdater = jobUpdater;
    }

    public void setJob(Job job) {
        this.job = job;
        ArrayList arrayList = new ArrayList();
        arrayList.add("ID");
        this.params = new ParamExtractor(arrayList).getParameters(job.getParameterList());
    }

    public void setSyncOutput(SyncOutput syncOutput) {
        this.syncOutput = syncOutput;
    }

    public void run() {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            this.logInfo = new JobLogInfo(this.job);
            this.logInfo.setSubject(AuthenticationUtil.getCurrentSubject());
            log.info(this.logInfo.start());
            doit();
            this.logInfo.setElapsedTime(Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
            log.info(this.logInfo.end());
        } catch (Throwable th) {
            this.logInfo.setElapsedTime(Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
            log.info(this.logInfo.end());
            throw th;
        }
    }

    private String getParamValue(String str) {
        List<String> list = this.params.get(str);
        if (list == null) {
            return null;
        }
        Iterator<String> it = list.iterator();
        if (!it.hasNext()) {
            return null;
        }
        String next = it.next();
        if (it.hasNext()) {
            throw new IllegalArgumentException("badArgument");
        }
        return next;
    }

    private void doit() {
        String paramValue;
        ReadAccessDAO.RawArtifactAccess artifactAccess;
        this.logInfo.setSuccess(false);
        try {
            try {
                checkPermission();
                paramValue = getParamValue("ID");
                try {
                    URI uri = new URI(paramValue);
                    artifactAccess = getDAO(uri).getArtifactAccess(uri);
                } catch (Exception e) {
                    throw new IllegalArgumentException("missing/invalid ID: " + paramValue, e);
                }
            } catch (IOException e2) {
                log.debug("failed to send error to caller", e2);
                return;
            } catch (Throwable th) {
                try {
                    this.logInfo.setMessage(th.toString());
                    log.error("FAIL", th);
                    sendError(500, th.toString());
                    return;
                } catch (Throwable th2) {
                    log.debug("failed to send error to caller", th2);
                    return;
                }
            }
        } catch (IOException e3) {
            log.error("FAIL", e3);
            sendError(500, "failed to access content");
        } catch (IllegalArgumentException e4) {
            this.logInfo.setSuccess(true);
            this.logInfo.setMessage(e4.getMessage());
            sendError(400, e4.getMessage());
        } catch (UnsupportedOperationException e5) {
            log.error("oops", e5);
            this.logInfo.setSuccess(true);
            String message = e5.getMessage();
            if (message == null) {
                message = "not implemented";
            }
            this.logInfo.setMessage(message);
            sendError(400, message);
        } catch (AccessControlException e6) {
            this.logInfo.setSuccess(true);
            this.logInfo.setMessage(e6.getMessage());
            sendError(401, e6.getMessage());
        } catch (ResourceNotFoundException e7) {
            this.logInfo.setSuccess(true);
            this.logInfo.setMessage(e7.getMessage());
            sendError(404, e7.getMessage());
        }
        if (artifactAccess == null) {
            throw new ResourceNotFoundException("not found: " + paramValue);
        }
        ArtifactAccess artifactAccess2 = AccessUtil.getArtifactAccess(artifactAccess.artifact, artifactAccess.metaRelease, artifactAccess.metaReadAccessGroups, artifactAccess.dataRelease, artifactAccess.dataReadAccessGroups);
        ArtifactAccessWriter artifactAccessWriter = new ArtifactAccessWriter();
        this.syncOutput.setHeader("Content-Type", "text/xml");
        this.syncOutput.setCode(200);
        artifactAccessWriter.write(artifactAccess2, this.syncOutput.getOutputStream());
        this.logInfo.setSuccess(true);
    }

    private void sendError(int i, String str) throws IOException {
        this.syncOutput.setResponseCode(i);
        this.syncOutput.setHeader("Content-Type", RepoAction.ERROR_MIMETYPE);
        PrintWriter printWriter = new PrintWriter(this.syncOutput.getOutputStream());
        printWriter.println(str);
        printWriter.close();
    }

    private ReadAccessDAO getDAO(URI uri) throws ResourceNotFoundException {
        String str = this.job.getRequestPath().split("/")[1];
        log.debug("job.requestpath: " + this.job.getRequestPath() + " srv: " + str);
        File file = new File(System.getProperty("user.home") + "/config/" + str + ".properties");
        try {
            CaomRepoConfig caomRepoConfig = new CaomRepoConfig(file);
            Iterator<CaomRepoConfig.Item> it = caomRepoConfig.iterator();
            while (it.hasNext()) {
                CaomRepoConfig.Item next = it.next();
                if (archiveMatch(uri, next.getArtifactPattern()) || archiveMatch(uri, next.getAltPattern())) {
                    ReadAccessDAO readAccessDAO = new ReadAccessDAO();
                    readAccessDAO.setConfig(caomRepoConfig.getDAOConfig(next.getCollection()));
                    return readAccessDAO;
                }
            }
            throw new ResourceNotFoundException("not found: " + uri);
        } catch (IOException e) {
            throw new RuntimeException("CONFIG: failed to read config from " + file.getAbsolutePath());
        }
    }

    private boolean archiveMatch(URI uri, String str) {
        return str != null && uri.toASCIIString().contains(str);
    }

    private void checkPermission() {
        String str = AccessQueryRunner.class.getSimpleName() + ".properties";
        try {
            URL resource = AccessQueryRunner.class.getClassLoader().getResource(str);
            if (resource == null) {
                throw new RuntimeException("not found: " + str);
            }
            Properties properties = new Properties();
            properties.load(resource.openStream());
            X500Principal x500Principal = new X500Principal(properties.getProperty(AccessQueryRunner.class.getName() + ".allowed"));
            log.debug("allowed: " + x500Principal);
            Iterator it = AuthenticationUtil.getCurrentSubject().getPrincipals(X500Principal.class).iterator();
            while (it.hasNext()) {
                if (AuthenticationUtil.equals(x500Principal, (X500Principal) it.next())) {
                    return;
                }
            }
            throw new AccessControlException("permission denied");
        } catch (Exception e) {
            throw new RuntimeException("failed to read " + str + " from " + ((Object) null), e);
        }
    }
}
