package org.opencms.ugc;

import org.apache.commons.logging.Log;
import org.opencms.file.CmsObject;
import org.opencms.file.CmsResource;
import org.opencms.i18n.CmsEncoder;
import org.opencms.json.JSONException;
import org.opencms.main.CmsException;
import org.opencms.main.CmsLog;
import org.opencms.ugc.CmsUgcValueTransformerConfiguration;
import org.opencms.util.CmsParameterEscaper;
import org.opencms.xml.CmsXmlException;
import org.opencms.xml.CmsXmlUtils;
import org.opencms.xml.content.CmsXmlContentFactory;
import org.owasp.validator.html.PolicyException;
import org.owasp.validator.html.ScanException;

/* loaded from: input_file:org/opencms/ugc/CmsUgcValueTranformHandler.class */
public class CmsUgcValueTranformHandler {
    private static final Log LOG = CmsLog.getLog(CmsUgcValueTranformHandler.class);
    public static final CmsUgcValueTranformHandler DEFAULT = new CmsUgcValueTranformHandler();
    private static String PARAM_UGC_VALUES_TRANSFORMER = "ugc.values.transformer";
    private static String JSON_KEY_POLICY = "policy";
    private CmsObject m_cms;
    private CmsUgcValueTransformerConfiguration m_config;
    private CmsParameterEscaper m_escaper;

    public CmsUgcValueTranformHandler(CmsObject cmsObject, CmsResource cmsResource) throws CmsXmlException, CmsException, IllegalArgumentException, JSONException {
        this.m_cms = cmsObject;
        this.m_config = new CmsUgcValueTransformerConfiguration(CmsXmlContentFactory.unmarshal(this.m_cms, this.m_cms.readFile(cmsResource)).getHandler().getParameter(PARAM_UGC_VALUES_TRANSFORMER));
    }

    private CmsUgcValueTranformHandler() {
        this.m_config = CmsUgcValueTransformerConfiguration.DEFAULT;
    }

    public String transformValue(String str, String str2) {
        CmsUgcValueTransformerConfiguration.CmsUgcSingleValueTransformer transformer = this.m_config.getTransformer(CmsXmlUtils.removeAllXpathIndices(str));
        switch (transformer.getType()) {
            case none:
                return str2;
            case antisamy:
                try {
                    return getParameterEscaper().createAntiSamy(this.m_cms, null == transformer.getConfig() ? null : transformer.getConfig().optString(JSON_KEY_POLICY, null)).scan(str2).getCleanHTML();
                } catch (ScanException | PolicyException e) {
                    LOG.error("Failed to clean HTML value \"" + str2 + "\" in path \"" + str + "\" via AntiSamy. Defaulting to 'escape'.", e);
                    break;
                }
            case escape:
                break;
            default:
                LOG.error("Unsupported Security mapping type " + String.valueOf(transformer.getType()) + ". Defaulting to 'escape'.");
                break;
        }
        return CmsEncoder.escapeXml(str2);
    }

    private CmsParameterEscaper getParameterEscaper() {
        if (this.m_escaper == null) {
            this.m_escaper = new CmsParameterEscaper();
        }
        return this.m_escaper;
    }
}
