package org.sakaiproject.lessonbuildertool.service;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URI;
import java.util.Collection;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.httpclient.cookie.CookieSpec;
import org.azeckoski.reflectutils.transcoders.JSONTranscoder;
import org.sakaiproject.authz.api.SecurityAdvisor;
import org.sakaiproject.authz.api.SecurityService;
import org.sakaiproject.content.api.ContentHostingService;
import org.sakaiproject.content.api.ContentResource;
import org.sakaiproject.entity.api.EntityAccessOverloadException;
import org.sakaiproject.entity.api.EntityCopyrightException;
import org.sakaiproject.entity.api.EntityNotDefinedException;
import org.sakaiproject.entity.api.EntityPermissionException;
import org.sakaiproject.entity.api.HttpAccess;
import org.sakaiproject.entity.api.Reference;
import org.sakaiproject.event.api.EventTrackingService;
import org.sakaiproject.exception.IdUnusedException;
import org.sakaiproject.exception.PermissionException;
import org.sakaiproject.exception.ServerOverloadException;
import org.sakaiproject.exception.TypeException;
import org.sakaiproject.lessonbuildertool.LessonBuilderAccessAPI;
import org.sakaiproject.lessonbuildertool.SimplePage;
import org.sakaiproject.lessonbuildertool.SimplePageItem;
import org.sakaiproject.lessonbuildertool.model.SimplePageToolDao;
import org.sakaiproject.lessonbuildertool.tool.beans.SimplePageBean;
import org.sakaiproject.memory.api.Cache;
import org.sakaiproject.memory.api.MemoryService;
import org.sakaiproject.site.api.SiteService;
import org.sakaiproject.tool.api.SessionManager;
import org.sakaiproject.tool.api.ToolManager;
import org.sakaiproject.util.Validator;
import org.sakaiproject.util.Web;
import uk.org.ponder.messageutil.MessageLocator;

/* loaded from: input_file:WEB-INF/classes/org/sakaiproject/lessonbuildertool/service/LessonBuilderAccessService.class */
public class LessonBuilderAccessService {
    public MessageLocator messageLocator;
    private ToolManager toolManager;
    private SiteService siteService;
    protected static final long MAX_URL_LENGTH = 8192;
    protected static final int STREAM_BUFFER_SIZE = 102400;
    protected static final int DEFAULT_EXPIRATION = 600;
    static MemoryService memoryService = null;
    private static Cache accessCache = null;
    LessonBuilderAccessAPI lessonBuilderAccessAPI = null;
    SimplePageToolDao simplePageToolDao = null;
    SecurityService securityService = null;
    ContentHostingService contentHostingService = null;
    EventTrackingService eventTrackingService = null;
    SessionManager sessionManager = null;
    LessonEntity forumEntity = null;
    LessonEntity quizEntity = null;
    LessonEntity assignmentEntity = null;
    LessonEntity bltiEntity = null;
    private GradebookIfc gradebookIfc = null;

    public void setLessonBuilderAccessAPI(LessonBuilderAccessAPI lessonBuilderAccessAPI) {
        this.lessonBuilderAccessAPI = lessonBuilderAccessAPI;
    }

    public void setSimplePageToolDao(SimplePageToolDao simplePageToolDao) {
        this.simplePageToolDao = simplePageToolDao;
    }

    public void setSecurityService(SecurityService securityService) {
        this.securityService = securityService;
    }

    public void setContentHostingService(ContentHostingService contentHostingService) {
        this.contentHostingService = contentHostingService;
    }

    public void setEventTrackingService(EventTrackingService eventTrackingService) {
        this.eventTrackingService = eventTrackingService;
    }

    public void setSessionManager(SessionManager sessionManager) {
        this.sessionManager = sessionManager;
    }

    public void setMessageLocator(MessageLocator messageLocator) {
        this.messageLocator = messageLocator;
    }

    public void setToolManager(ToolManager toolManager) {
        this.toolManager = toolManager;
    }

    public void setSiteService(SiteService siteService) {
        this.siteService = siteService;
    }

    public void setForumEntity(Object obj) {
        this.forumEntity = (LessonEntity) obj;
    }

    public void setQuizEntity(Object obj) {
        this.quizEntity = (LessonEntity) obj;
    }

    public void setAssignmentEntity(Object obj) {
        this.assignmentEntity = (LessonEntity) obj;
    }

    public void setBltiEntity(Object obj) {
        this.bltiEntity = (LessonEntity) obj;
    }

    public void setMemoryService(MemoryService memoryService2) {
        memoryService = memoryService2;
    }

    public void setGradebookIfc(GradebookIfc gradebookIfc) {
        this.gradebookIfc = gradebookIfc;
    }

    public void init() {
        this.lessonBuilderAccessAPI.setHttpAccess(getHttpAccess());
        accessCache = memoryService.newCache("org.sakaiproject.lessonbuildertool.service.LessonBuilderAccessService.cache");
    }

    public void destroy() {
        accessCache.destroy();
        accessCache = null;
    }

    public HttpAccess getHttpAccess() {
        return new HttpAccess() { // from class: org.sakaiproject.lessonbuildertool.service.LessonBuilderAccessService.1
            public void handleAccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Reference reference, Collection collection) throws EntityPermissionException, EntityNotDefinedException, EntityAccessOverloadException, EntityCopyrightException {
                InputStream streamContent;
                int indexOf;
                String id = reference.getId();
                if (id == null) {
                    id = "";
                }
                if (!id.startsWith("/item")) {
                    throw new EntityNotDefinedException(reference.getReference());
                }
                String substring = id.substring("/item/".length());
                int indexOf2 = substring.indexOf(CookieSpec.PATH_DELIM);
                if (indexOf2 < 0) {
                    throw new EntityNotDefinedException(reference.getReference());
                }
                String substring2 = substring.substring(indexOf2);
                String substring3 = substring.substring(0, indexOf2);
                try {
                    try {
                        SecurityAdvisor securityAdvisor = new SecurityAdvisor() { // from class: org.sakaiproject.lessonbuildertool.service.LessonBuilderAccessService.1.1
                            public SecurityAdvisor.SecurityAdvice isAllowed(String str, String str2, String str3) {
                                return ("content.read".equals(str2) || "content.hidden".equals(str2)) ? SecurityAdvisor.SecurityAdvice.ALLOWED : SecurityAdvisor.SecurityAdvice.PASS;
                            }
                        };
                        LessonBuilderAccessService.this.securityService.pushAdvisor(securityAdvisor);
                        boolean z = true;
                        try {
                            SimplePageItem findItem = LessonBuilderAccessService.this.simplePageToolDao.findItem(Long.valueOf(Long.parseLong(substring3)).longValue());
                            SimplePage page = LessonBuilderAccessService.this.simplePageToolDao.getPage(findItem.getPageId());
                            String owner = page.getOwner();
                            if (!LessonBuilderAccessService.this.canReadPage(page.getSiteId())) {
                                throw new EntityPermissionException(LessonBuilderAccessService.this.sessionManager.getCurrentSessionUserId(), "content.read", reference.getReference());
                            }
                            boolean z2 = false;
                            String replace = findItem.getSakaiId().replace("//", CookieSpec.PATH_DELIM);
                            if (LessonBuilderAccessService.this.simplePageToolDao.isPageVisited(findItem.getPageId(), LessonBuilderAccessService.this.sessionManager.getCurrentSessionUserId(), owner)) {
                                if (substring2.equals(replace)) {
                                    z2 = true;
                                } else {
                                    int lastIndexOf = replace.lastIndexOf(CookieSpec.PATH_DELIM);
                                    if (lastIndexOf > 0 && substring2.startsWith(replace.substring(0, lastIndexOf + 1))) {
                                        z2 = true;
                                    }
                                }
                            }
                            if (z2) {
                                String str = substring3 + ":" + LessonBuilderAccessService.this.sessionManager.getCurrentSessionUserId();
                                if (owner == null || !substring2.startsWith("/user/" + owner)) {
                                    if (1 != 0 && securityAdvisor != null) {
                                        LessonBuilderAccessService.this.securityService.popAdvisor();
                                        z = false;
                                    }
                                    if (!LessonBuilderAccessService.this.allowGetResource(substring2)) {
                                        throw new EntityPermissionException(LessonBuilderAccessService.this.sessionManager.getCurrentSessionUserId(), "content.read", reference.getReference());
                                    }
                                    if (securityAdvisor != null) {
                                        LessonBuilderAccessService.this.securityService.pushAdvisor(securityAdvisor);
                                        z = true;
                                    }
                                }
                                if (findItem != null && findItem.isPrerequisite() && !JSONTranscoder.BOOLEAN_TRUE.equals((String) LessonBuilderAccessService.accessCache.get(str))) {
                                    SimplePageBean simplePageBean = new SimplePageBean();
                                    simplePageBean.setMessageLocator(LessonBuilderAccessService.this.messageLocator);
                                    simplePageBean.setToolManager(LessonBuilderAccessService.this.toolManager);
                                    simplePageBean.setSecurityService(LessonBuilderAccessService.this.securityService);
                                    simplePageBean.setSessionManager(LessonBuilderAccessService.this.sessionManager);
                                    simplePageBean.setSiteService(LessonBuilderAccessService.this.siteService);
                                    simplePageBean.setContentHostingService(LessonBuilderAccessService.this.contentHostingService);
                                    simplePageBean.setSimplePageToolDao(LessonBuilderAccessService.this.simplePageToolDao);
                                    simplePageBean.setForumEntity(LessonBuilderAccessService.this.forumEntity);
                                    simplePageBean.setQuizEntity(LessonBuilderAccessService.this.quizEntity);
                                    simplePageBean.setAssignmentEntity(LessonBuilderAccessService.this.assignmentEntity);
                                    simplePageBean.setBltiEntity(LessonBuilderAccessService.this.bltiEntity);
                                    simplePageBean.setGradebookIfc(LessonBuilderAccessService.this.gradebookIfc);
                                    simplePageBean.setMemoryService(LessonBuilderAccessService.memoryService);
                                    simplePageBean.setCurrentSiteId(page.getSiteId());
                                    simplePageBean.setCurrentPage(page);
                                    simplePageBean.setCurrentPageId(page.getPageId());
                                    if (!simplePageBean.isItemAvailable(findItem, findItem.getPageId())) {
                                        throw new EntityPermissionException((String) null, (String) null, (String) null);
                                    }
                                    LessonBuilderAccessService.accessCache.put(str, JSONTranscoder.BOOLEAN_TRUE, LessonBuilderAccessService.DEFAULT_EXPIRATION);
                                }
                            } else {
                                if (1 != 0 && securityAdvisor != null) {
                                    LessonBuilderAccessService.this.securityService.popAdvisor();
                                }
                                z = false;
                                if (!LessonBuilderAccessService.this.contentHostingService.allowGetResource(substring2)) {
                                    throw new EntityPermissionException(LessonBuilderAccessService.this.sessionManager.getCurrentSessionUserId(), "content.read", reference.getReference());
                                }
                            }
                            String url = LessonBuilderAccessService.this.contentHostingService.getUrl(substring2);
                            int indexOf3 = url.indexOf("//");
                            if (indexOf3 > 0 && (indexOf = url.indexOf(CookieSpec.PATH_DELIM, indexOf3 + 2)) > 0 && !url.substring(indexOf).startsWith("/access/content")) {
                                httpServletResponse.sendRedirect(url);
                                if (!z || securityAdvisor == null) {
                                    return;
                                }
                                LessonBuilderAccessService.this.securityService.popAdvisor();
                                return;
                            }
                            try {
                                ContentResource resource = LessonBuilderAccessService.this.contentHostingService.getResource(substring2);
                                try {
                                    long contentLength = resource.getContentLength();
                                    String contentType = resource.getContentType();
                                    if (!contentType.equalsIgnoreCase("text/url")) {
                                        String encodeFileName = Web.encodeFileName(httpServletRequest, Validator.getFileName(reference.getId()));
                                        String str2 = Validator.letBrowserInline(contentType) ? "inline; filename=\"" + encodeFileName + "\"" : "attachment; filename=\"" + encodeFileName + "\"";
                                        String property = resource.getProperties().getProperty("encoding");
                                        if (property != null && property.length() > 0) {
                                            contentType = contentType + "; charset=" + property;
                                        }
                                        InputStream inputStream = null;
                                        OutputStream outputStream = null;
                                        try {
                                            try {
                                                streamContent = resource.streamContent();
                                            } finally {
                                                if (0 != 0) {
                                                    inputStream.close();
                                                }
                                                if (0 != 0) {
                                                    try {
                                                        outputStream.close();
                                                    } catch (Exception e) {
                                                    }
                                                }
                                            }
                                        } catch (Exception e2) {
                                        } catch (ServerOverloadException e3) {
                                            throw e3;
                                        }
                                        if (streamContent == null) {
                                            throw new IdUnusedException(reference.getReference());
                                        }
                                        httpServletResponse.setContentType(contentType);
                                        httpServletResponse.addHeader("Content-Disposition", str2);
                                        if (contentLength <= 2147483647L) {
                                            httpServletResponse.setContentLength((int) contentLength);
                                        } else {
                                            httpServletResponse.addHeader("Content-Length", Long.toString(contentLength));
                                        }
                                        if (contentLength < 102400) {
                                            httpServletResponse.setBufferSize((int) contentLength);
                                        } else {
                                            httpServletResponse.setBufferSize(LessonBuilderAccessService.STREAM_BUFFER_SIZE);
                                        }
                                        OutputStream outputStream2 = httpServletResponse.getOutputStream();
                                        LessonBuilderAccessService.this.copyRange(streamContent, outputStream2, 0L, contentLength - 1);
                                        if (streamContent != null) {
                                            streamContent.close();
                                        }
                                        if (outputStream2 != null) {
                                            try {
                                                outputStream2.close();
                                            } catch (Exception e4) {
                                            }
                                        }
                                        LessonBuilderAccessService.this.eventTrackingService.post(LessonBuilderAccessService.this.eventTrackingService.newEvent("content.read", resource.getReference((String) null), false));
                                    } else {
                                        if (contentLength >= LessonBuilderAccessService.MAX_URL_LENGTH) {
                                            throw new EntityNotDefinedException(reference.getReference());
                                        }
                                        byte[] content = resource.getContent();
                                        if (content == null || content.length == 0) {
                                            throw new IdUnusedException(reference.getReference());
                                        }
                                        URI uri = new URI(new String(content, "UTF-8"));
                                        LessonBuilderAccessService.this.eventTrackingService.post(LessonBuilderAccessService.this.eventTrackingService.newEvent("content.read", resource.getReference((String) null), false));
                                        httpServletResponse.sendRedirect(uri.toASCIIString());
                                    }
                                    if (!z || securityAdvisor == null) {
                                        return;
                                    }
                                    LessonBuilderAccessService.this.securityService.popAdvisor();
                                } catch (Exception e5) {
                                    throw new EntityNotDefinedException(reference.getReference());
                                }
                            } catch (IdUnusedException e6) {
                                throw new EntityNotDefinedException(e6.getId());
                            } catch (TypeException e7) {
                                throw new EntityNotDefinedException(substring2);
                            } catch (PermissionException e8) {
                                throw new EntityPermissionException(e8.getUser(), e8.getLock(), e8.getResource());
                            }
                        } catch (Exception e9) {
                            throw new EntityNotDefinedException(reference.getReference());
                        }
                    } catch (Throwable th) {
                        if (0 != 0 && 0 != 0) {
                            LessonBuilderAccessService.this.securityService.popAdvisor();
                        }
                        throw th;
                    }
                } catch (Exception e10) {
                    throw new EntityNotDefinedException(reference.getReference());
                }
            }
        };
    }

    public boolean allowGetResource(String str) {
        return unlockCheck("content.read", str);
    }

    public String getReference(String str) {
        return "/content" + str;
    }

    protected boolean unlockCheck(String str, String str2) {
        boolean isSuperUser = this.securityService.isSuperUser();
        if (!isSuperUser) {
            String str3 = null;
            if (str2 != null) {
                str3 = getReference(str2);
            }
            isSuperUser = str3 != null && this.securityService.unlock(str, str3);
        }
        return isSuperUser;
    }

    protected IOException copyRange(InputStream inputStream, OutputStream outputStream, long j, long j2) {
        try {
            inputStream.skip(j);
            IOException iOException = null;
            long j3 = (j2 - j) + 1;
            byte[] bArr = new byte[STREAM_BUFFER_SIZE];
            int length = bArr.length;
            while (j3 > 0 && length >= bArr.length) {
                try {
                    length = inputStream.read(bArr);
                    if (j3 >= length) {
                        outputStream.write(bArr, 0, length);
                        j3 -= length;
                    } else {
                        outputStream.write(bArr, 0, (int) j3);
                        j3 = 0;
                    }
                } catch (IOException e) {
                    iOException = e;
                    length = -1;
                }
                if (length < bArr.length) {
                    break;
                }
            }
            return iOException;
        } catch (IOException e2) {
            return e2;
        }
    }

    public boolean canReadPage(String str) {
        return this.securityService.unlock("lessonbuilder.read", "/site/" + str);
    }
}
