package de.cismet.projecttracker.server;

import com.fasterxml.jackson.core.JsonFactory;
import com.fasterxml.jackson.core.JsonGenerationException;
import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.core.Version;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializerProvider;
import com.fasterxml.jackson.databind.module.SimpleModule;
import com.fasterxml.jackson.databind.ser.PropertyFilter;
import com.fasterxml.jackson.databind.ser.std.StdSerializer;
import com.google.gwt.thirdparty.guava.common.net.HttpHeaders;
import com.mchange.v2.sql.SqlUtils;
import de.cismet.projecttracker.client.dto.ActivityDTO;
import de.cismet.projecttracker.client.dto.BasicDTO;
import de.cismet.projecttracker.client.exceptions.DataRetrievalException;
import de.cismet.projecttracker.client.exceptions.InvalidInputValuesException;
import de.cismet.projecttracker.client.exceptions.LoginFailedException;
import de.cismet.projecttracker.client.exceptions.NoSessionException;
import de.cismet.projecttracker.client.exceptions.PermissionDenyException;
import de.cismet.projecttracker.report.db.entities.Activity;
import de.cismet.projecttracker.report.db.entities.Project;
import de.cismet.projecttracker.report.db.entities.Staff;
import de.cismet.projecttracker.report.db.entities.StaffExtern;
import de.cismet.projecttracker.report.db.entities.WorkCategory;
import de.cismet.projecttracker.report.db.entities.WorkPackage;
import de.cismet.projecttracker.report.helper.CalendarHelper;
import de.cismet.projecttracker.report.query.DBManager;
import de.cismet.projecttracker.utilities.DTOManager;
import java.io.IOException;
import java.io.PrintWriter;
import java.lang.reflect.Method;
import java.security.MessageDigest;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Iterator;
import java.util.List;
import java.util.StringTokenizer;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.hibernate.Criteria;
import org.hibernate.Session;
import org.hibernate.criterion.Order;
import org.hibernate.criterion.Restrictions;
import org.hibernate.hql.classic.ParserHelper;

/* loaded from: input_file:WEB-INF/classes/de/cismet/projecttracker/server/Search.class */
public class Search extends BasicServlet {
    private static final Logger logger = Logger.getLogger(Search.class);

    /* loaded from: input_file:WEB-INF/classes/de/cismet/projecttracker/server/Search$DTOSerializer.class */
    public class DTOSerializer extends StdSerializer<BasicDTO> {
        private final List<String> fieldList;

        public DTOSerializer(String str) {
            super(BasicDTO.class);
            this.fieldList = new ArrayList();
            if (str != null) {
                for (String str2 : str.split(",")) {
                    this.fieldList.add(str2);
                }
            }
        }

        @Override // com.fasterxml.jackson.databind.ser.std.StdSerializer, com.fasterxml.jackson.databind.JsonSerializer
        public void serialize(BasicDTO basicDTO, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException, JsonGenerationException {
            serialize(basicDTO, jsonGenerator, serializerProvider, "");
        }

        public void serialize(BasicDTO basicDTO, JsonGenerator jsonGenerator, SerializerProvider serializerProvider, String str) throws IOException, JsonGenerationException {
            jsonGenerator.writeStartObject();
            for (Method method : basicDTO.getClass().getMethods()) {
                String name = method.getName();
                if (name.startsWith("get") && !name.equals("getClass") && name.length() > 3 && method.getParameterTypes().length == 0) {
                    Class<?> returnType = method.getReturnType();
                    Object obj = null;
                    try {
                        obj = method.invoke(basicDTO, (Object[]) null);
                    } catch (Exception e) {
                    }
                    if (returnType.isPrimitive()) {
                        if (isFieldValid(obj, str, name)) {
                            jsonGenerator.writeObjectField(getAttributeName(name), obj);
                        }
                    } else if (String.class.isAssignableFrom(returnType)) {
                        if (isFieldValid(obj, str, name)) {
                            jsonGenerator.writeObjectField(getAttributeName(name), (String) obj);
                        }
                    } else if (BasicDTO.class.isAssignableFrom(returnType)) {
                        if (isSubObjectValid(obj, str, name)) {
                            jsonGenerator.writeFieldName(getAttributeName(name));
                            serialize((BasicDTO) obj, jsonGenerator, serializerProvider, (str.equals("") ? "" : str + ParserHelper.PATH_SEPARATORS) + getAttributeName(name));
                        }
                    } else if (returnType.isArray() && (obj instanceof BasicDTO) && isSubObjectValid(obj, str, name)) {
                        jsonGenerator.writeFieldName(getAttributeName(name));
                        jsonGenerator.writeStartArray();
                        serialize((BasicDTO) obj, jsonGenerator, serializerProvider, (str.equals("") ? "" : str + ParserHelper.PATH_SEPARATORS) + getAttributeName(name));
                        jsonGenerator.writeEndArray();
                    }
                }
            }
            jsonGenerator.writeEndObject();
        }

        private boolean isFieldValid(Object obj, String str, String str2) {
            if (obj != null) {
                if (!this.fieldList.isEmpty()) {
                    if (this.fieldList.contains((str.equals("") ? "" : str + ParserHelper.PATH_SEPARATORS) + getAttributeName(str2))) {
                    }
                }
                return true;
            }
            return false;
        }

        private boolean isSubObjectValid(Object obj, String str, String str2) {
            if (obj != null) {
                if (!this.fieldList.isEmpty()) {
                    if (isValueThatStartsWithContained((str.equals("") ? "" : str + ParserHelper.PATH_SEPARATORS) + getAttributeName(str2))) {
                    }
                }
                return true;
            }
            return false;
        }

        private boolean isValueThatStartsWithContained(String str) {
            Iterator<String> it = this.fieldList.iterator();
            while (it.hasNext()) {
                if (it.next().startsWith(str)) {
                    return true;
                }
            }
            return false;
        }

        private String getAttributeName(String str) {
            return str.substring(3, 4).toLowerCase() + str.substring(4);
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // com.fasterxml.jackson.databind.ser.std.StdSerializer
        public PropertyFilter findPropertyFilter(SerializerProvider serializerProvider, Object obj, Object obj2) throws JsonMappingException {
            return super.findPropertyFilter(serializerProvider, obj, obj2);
        }

        protected boolean isIntraObjectCacheEnabled() {
            return false;
        }
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        processRequest(httpServletRequest, httpServletResponse);
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        processRequest(httpServletRequest, httpServletResponse);
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public String getServletInfo() {
        return "Short description";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.servlet.http.HttpServlet
    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, "*");
        httpServletResponse.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, DELETE, PUT, OPTIONS");
        httpServletResponse.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "Content-Type, Authorization");
        super.service(httpServletRequest, httpServletResponse);
    }

    protected void processRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String parameter = httpServletRequest.getParameter("username");
        String parameter2 = httpServletRequest.getParameter(SqlUtils.DRIVER_MANAGER_PASSWORD_PROPERTY);
        String parameter3 = httpServletRequest.getParameter("workpackage");
        String parameter4 = httpServletRequest.getParameter("project");
        String parameter5 = httpServletRequest.getParameter(SqlUtils.DRIVER_MANAGER_USER_PROPERTY);
        String parameter6 = httpServletRequest.getParameter("description");
        String parameter7 = httpServletRequest.getParameter("datefilter");
        String parameter8 = httpServletRequest.getParameter("details");
        String parameter9 = httpServletRequest.getParameter("fields");
        DBManager dBManager = new DBManager(ConfigurationManager.getInstance().getConfBaseDir());
        httpServletResponse.setCharacterEncoding("UTF-8");
        PrintWriter writer = httpServletResponse.getWriter();
        try {
            try {
                Object checklogin = checklogin(parameter, parameter2, httpServletRequest.getSession(), dBManager);
                if (checklogin != null) {
                    Session session = dBManager.getSession();
                    Staff staff = null;
                    WorkPackage workPackage = null;
                    Project project = null;
                    if (parameter5 != null) {
                        staff = (Staff) session.createCriteria(Staff.class).add(Restrictions.eq("username", parameter5)).uniqueResult();
                        if (staff == null) {
                            httpServletResponse.setStatus(400);
                            writer.print("user is not valid");
                            dBManager.closeSession();
                            writer.close();
                            return;
                        }
                    }
                    if (parameter4 != null) {
                        project = (Project) session.createCriteria(Project.class).add(Restrictions.eq("name", parameter4)).uniqueResult();
                        if (project == null) {
                            httpServletResponse.setStatus(400);
                            writer.print("workpackage is not valid");
                            logger.warn("Project is not valid " + parameter4);
                            dBManager.closeSession();
                            writer.close();
                            return;
                        }
                    }
                    if (parameter3 != null) {
                        workPackage = project != null ? (WorkPackage) session.createCriteria(WorkPackage.class).add(Restrictions.eq("name", parameter3)).add(Restrictions.eq("project", project)).uniqueResult() : (WorkPackage) session.createCriteria(WorkPackage.class).add(Restrictions.eq("name", parameter3)).uniqueResult();
                        if (workPackage == null) {
                            httpServletResponse.setStatus(400);
                            logger.warn("Workpackage is not valid: " + parameter3);
                            writer.print("workpackage is not valid");
                            dBManager.closeSession();
                            writer.close();
                            return;
                        }
                    }
                    if (workPackage == null) {
                        httpServletResponse.setStatus(400);
                        writer.print("no valid workpackage");
                        dBManager.closeSession();
                        writer.close();
                        return;
                    }
                    if (!isProjectValidForUser(checklogin, workPackage)) {
                        httpServletResponse.setStatus(400);
                        writer.print("Permission denied");
                        dBManager.closeSession();
                        writer.close();
                        return;
                    }
                    List<Activity> activitiesByCriteria = getActivitiesByCriteria(staff, workPackage, parameter6, dBManager);
                    ArrayList arrayList = new ArrayList();
                    double d = 0.0d;
                    DTOManager dTOManager = new DTOManager();
                    if (parameter7 == null) {
                        Iterator<Activity> it = activitiesByCriteria.iterator();
                        while (it.hasNext()) {
                            arrayList.add((ActivityDTO) dTOManager.clone(it.next()));
                        }
                    } else {
                        if (!isDateFilterValid(parameter7)) {
                            httpServletResponse.setStatus(400);
                            writer.print("date filter is not valid.");
                            dBManager.closeSession();
                            writer.close();
                            return;
                        }
                        GregorianCalendar parseDate = parseDate(parameter7, true);
                        GregorianCalendar parseDate2 = parseDate(parameter7, false);
                        for (Activity activity : activitiesByCriteria) {
                            GregorianCalendar gregorianCalendar = new GregorianCalendar();
                            gregorianCalendar.setTime(activity.getDay());
                            if (CalendarHelper.isDateLessOrEqual(parseDate, gregorianCalendar) && CalendarHelper.isDateLessOrEqual(gregorianCalendar, parseDate2)) {
                                arrayList.add((ActivityDTO) dTOManager.clone(activity));
                            }
                        }
                    }
                    Iterator it2 = arrayList.iterator();
                    while (it2.hasNext()) {
                        d += ((ActivityDTO) it2.next()).getWorkinghours();
                    }
                    if (parameter8 == null || !parameter8.equals("true")) {
                        writer.print(d);
                    } else {
                        new JsonFactory();
                        ObjectMapper objectMapper = new ObjectMapper();
                        SimpleModule simpleModule = new SimpleModule("NOIOC", new Version(1, 0, 0, null, null, null));
                        simpleModule.addSerializer(new DTOSerializer(parameter9));
                        objectMapper.registerModule(simpleModule);
                        writer.print(objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(arrayList));
                    }
                } else {
                    httpServletResponse.setStatus(400);
                    writer.print("The username/password is not correct.");
                }
                dBManager.closeSession();
                writer.close();
            } catch (Exception e) {
                logger.error("login error", e);
                e.printStackTrace();
                httpServletResponse.setStatus(400);
                writer.print(e.getMessage());
                dBManager.closeSession();
                writer.close();
            }
        } catch (Throwable th) {
            dBManager.closeSession();
            writer.close();
            throw th;
        }
    }

    private boolean isDateFilterValid(String str) {
        return parseDate(str, true) != null;
    }

    private GregorianCalendar parseDate(String str, boolean z) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, ":");
        if (stringTokenizer.countTokens() != 2) {
            return null;
        }
        String nextToken = stringTokenizer.nextToken();
        String nextToken2 = stringTokenizer.nextToken();
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd");
        try {
            Date parse = simpleDateFormat.parse(nextToken);
            Date parse2 = simpleDateFormat.parse(nextToken2);
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            if (z) {
                gregorianCalendar.setTime(parse);
            } else {
                gregorianCalendar.setTime(parse2);
            }
            return gregorianCalendar;
        } catch (ParseException e) {
            return null;
        }
    }

    private boolean isProjectValidForUser(Object obj, WorkPackage workPackage) {
        if (obj instanceof Staff) {
            return true;
        }
        if (obj instanceof StaffExtern) {
            return ((StaffExtern) obj).getWorkpackages().contains(workPackage);
        }
        return false;
    }

    private List<Activity> getActivitiesByCriteria(Staff staff, Object obj, String str, DBManager dBManager) throws InvalidInputValuesException, DataRetrievalException, PermissionDenyException, NoSessionException {
        if (logger.isDebugEnabled()) {
            logger.debug("get activities: " + obj.getClass().getName());
        }
        try {
            Session session = dBManager.getSession();
            Criteria criteria = null;
            if (staff != null) {
                criteria = session.createCriteria(Activity.class).add(Restrictions.eq("staff", staff));
            }
            if (obj instanceof Project) {
                if (criteria != null) {
                    criteria.createCriteria("workPackage").add(Restrictions.eq("project", obj));
                } else {
                    criteria = session.createCriteria(Activity.class).add(Restrictions.eq("project", obj));
                }
            } else if (obj instanceof WorkPackage) {
                if (criteria != null) {
                    criteria.add(Restrictions.eq("workPackage", obj));
                } else {
                    criteria = session.createCriteria(Activity.class).add(Restrictions.eq("workPackage", obj));
                }
            } else {
                if (!(obj instanceof WorkCategory)) {
                    throw new DataRetrievalException("The criteria has a not supported type");
                }
                if (criteria != null) {
                    criteria.add(Restrictions.eq("workCategory", obj));
                } else {
                    criteria = session.createCriteria(Activity.class).add(Restrictions.eq("workCategory", obj));
                }
            }
            if (str != null) {
                criteria.add(Restrictions.ilike("description", "%" + str + "%"));
            }
            criteria.add(Restrictions.isNotNull("day")).addOrder(Order.asc("day"));
            List<Activity> list = criteria.list();
            if (logger.isDebugEnabled()) {
                logger.debug(list.size() + " activities found");
            }
            return list;
        } catch (Throwable th) {
            logger.error("Error:", th);
            throw new DataRetrievalException(th.getMessage(), th);
        }
    }

    public Object checklogin(String str, String str2, HttpSession httpSession, DBManager dBManager) throws LoginFailedException, DataRetrievalException {
        try {
            Session session = dBManager.getSession();
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            messageDigest.update(str2.getBytes());
            byte[] digest = messageDigest.digest();
            Staff staff = (Staff) session.createCriteria(Staff.class).add(Restrictions.and(Restrictions.eq("username", str), Restrictions.eq(SqlUtils.DRIVER_MANAGER_PASSWORD_PROPERTY, digest))).uniqueResult();
            return staff == null ? (StaffExtern) session.createCriteria(StaffExtern.class).add(Restrictions.and(Restrictions.eq("username", str), Restrictions.eq(SqlUtils.DRIVER_MANAGER_PASSWORD_PROPERTY, digest))).uniqueResult() : staff;
        } catch (Throwable th) {
            logger.error("Error:", th);
            throw new DataRetrievalException(th.getMessage(), th);
        }
    }
}
