package sk.eset.era.g3webserver.servlets.files;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import sk.eset.era.commons.common.constants.ActionTypes;
import sk.eset.era.commons.common.model.exceptions.AddressBlockedException;
import sk.eset.era.commons.common.model.exceptions.SessionNotValidException;
import sk.eset.era.g2webconsole.common.model.exceptions.EraRequestHandlingException;
import sk.eset.era.g2webconsole.server.modules.FileUploadOrDownload;
import sk.eset.era.g2webconsole.server.modules.ModuleFactory;
import sk.eset.era.g2webconsole.server.modules.authorization.AuthorizationAttackDetector;
import sk.eset.era.g2webconsole.server.modules.authorization.ServerSideSessionData;
import sk.eset.era.g2webconsole.server.modules.authorization.ServerSideSessionManager;
import sk.eset.era.g2webconsole.server.modules.context.EraServletContext;
import sk.eset.era.g2webconsole.server.modules.file.DirectFileUploader;
import sk.eset.era.g2webconsole.server.modules.logger.IsLogItem;

/* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/servlets/files/FileHandlingServlet.class */
public class FileHandlingServlet extends HttpServlet {
    private static final String SESSION_ID_PARAM = "sessionID";

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.servlet.http.HttpServlet
    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (httpServletRequest.getParameter(ActionTypes.DIRECT_FILE_UPLOAD) != null) {
            handleDirectFileUpload(httpServletRequest, httpServletResponse);
            return;
        }
        if (httpServletRequest.getParameter(ActionTypes.REMOVE_FILE_PARAM) != null) {
            handleFileRemove(httpServletRequest, httpServletResponse);
        } else if (FileUploadOrDownload.is(httpServletRequest)) {
            FileUploadOrDownload.handle(this, httpServletRequest, httpServletResponse);
        } else {
            super.service(httpServletRequest, httpServletResponse);
        }
    }

    private void handleDirectFileUpload(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String remoteAddress = getRemoteAddress(httpServletRequest);
        ModuleFactory moduleFactory = EraServletContext.getModuleFactory(this);
        try {
            DirectFileUploadMultiPartData directFileUploadMultiPartData = new DirectFileUploadMultiPartData(getSessionManager(), moduleFactory, httpServletRequest);
            ServerSideSessionData validateSession = validateSession(directFileUploadMultiPartData.getParameters().get("sessionID"), httpServletRequest);
            try {
                try {
                    new DirectFileUploader(validateSession, Long.parseLong(directFileUploadMultiPartData.getParameters().get(ActionTypes.DIRECT_UPLOAD_FILE_ID))).upload(directFileUploadMultiPartData);
                    try {
                        FileUploadOrDownload.respond(httpServletResponse, "OK");
                    } catch (IOException e) {
                        logError(ActionTypes.UPLOAD_PARAM, moduleFactory, validateSession, remoteAddress, e.getLocalizedMessage());
                        FileUploadOrDownload.sendUnauthorizedError(httpServletResponse);
                    }
                } catch (EraRequestHandlingException e2) {
                    FileUploadOrDownload.sendError(httpServletResponse, 401, e2);
                }
            } catch (NumberFormatException e3) {
                logError(ActionTypes.UPLOAD_PARAM, moduleFactory, null, remoteAddress, e3.getLocalizedMessage());
                FileUploadOrDownload.sendUnauthorizedError(httpServletResponse);
            }
        } catch (AddressBlockedException e4) {
            logError(ActionTypes.UPLOAD_PARAM, moduleFactory, null, remoteAddress, "address blocked");
            FileUploadOrDownload.sendBlockedError(httpServletResponse);
        } catch (SessionNotValidException e5) {
            logError(ActionTypes.UPLOAD_PARAM, moduleFactory, null, remoteAddress, "session not valid");
            FileUploadOrDownload.sendUnauthorizedError(httpServletResponse);
        } catch (EraRequestHandlingException e6) {
            FileUploadOrDownload.sendError(httpServletResponse, 401, e6);
        }
    }

    private void handleFileRemove(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String remoteAddress = getRemoteAddress(httpServletRequest);
        ModuleFactory moduleFactory = EraServletContext.getModuleFactory(this);
        try {
            DirectFileUploadMultiPartData directFileUploadMultiPartData = new DirectFileUploadMultiPartData(getSessionManager(), moduleFactory, httpServletRequest);
            ServerSideSessionData validateSession = validateSession(directFileUploadMultiPartData.getParameters().get("sessionID"), httpServletRequest);
            try {
                validateSession.getObjectContainer().removeObject(Long.valueOf(Long.parseLong(directFileUploadMultiPartData.getParameters().get(ActionTypes.REMOVE_FILE_ID))));
                try {
                    FileUploadOrDownload.respond(httpServletResponse, "OK");
                } catch (IOException e) {
                    logError(ActionTypes.REMOVE_FILE_PARAM, moduleFactory, validateSession, remoteAddress, e.getLocalizedMessage());
                    FileUploadOrDownload.sendUnauthorizedError(httpServletResponse);
                }
            } catch (NumberFormatException e2) {
                logError(ActionTypes.REMOVE_FILE_PARAM, moduleFactory, null, remoteAddress, e2.getLocalizedMessage());
                FileUploadOrDownload.sendUnauthorizedError(httpServletResponse);
            }
        } catch (AddressBlockedException e3) {
            logError(ActionTypes.REMOVE_FILE_PARAM, moduleFactory, null, remoteAddress, "address blocked");
            FileUploadOrDownload.sendBlockedError(httpServletResponse);
        } catch (SessionNotValidException e4) {
            logError(ActionTypes.REMOVE_FILE_PARAM, moduleFactory, null, remoteAddress, "session not valid");
            FileUploadOrDownload.sendUnauthorizedError(httpServletResponse);
        } catch (EraRequestHandlingException e5) {
            FileUploadOrDownload.sendError(httpServletResponse, 401, e5);
        }
    }

    private void logError(String str, ModuleFactory moduleFactory, ServerSideSessionData serverSideSessionData, String str2, Object... objArr) {
        moduleFactory.log(IsLogItem.Type.INFO, serverSideSessionData == null ? "Unknown User" : serverSideSessionData.getUserSessionData().clientUserSessionData.getUserLogName(), str, str2, objArr);
    }

    private String getRemoteAddress(HttpServletRequest httpServletRequest) {
        AuthorizationAttackDetector.RemoteAddress remoteAddress = getSessionManager().getRemoteAddress(httpServletRequest);
        if (remoteAddress != null) {
            return remoteAddress.getRemoteAddress();
        }
        return null;
    }

    private ServerSideSessionData validateSession(String str, HttpServletRequest httpServletRequest) throws SessionNotValidException, AddressBlockedException {
        return getSessionManager().validateSession(str, httpServletRequest);
    }

    private ServerSideSessionManager getSessionManager() {
        return EraServletContext.getSessionManager(this);
    }
}
