package com.seeyon.ctp.common.service;

import com.seeyon.ctp.common.AppContext;
import com.seeyon.ctp.common.SystemEnvironment;
import com.seeyon.ctp.common.aspect.AspectAnnotationAware;
import com.seeyon.ctp.common.authenticate.domain.User;
import com.seeyon.ctp.common.exceptions.BusinessException;
import com.seeyon.ctp.common.web.util.WebUtil;
import com.seeyon.ctp.organization.bo.V3xOrgAccount;
import com.seeyon.ctp.organization.bo.V3xOrgMember;
import com.seeyon.ctp.organization.manager.OrgManager;
import com.seeyon.ctp.thread.trace.RuntimeTaskData;
import com.seeyon.ctp.util.FlipInfo;
import com.seeyon.ctp.util.Strings;
import com.seeyon.ctp.util.ZipUtil;
import com.seeyon.ctp.util.json.JsonErrorObject;
import com.seeyon.ctp.util.json.mapper.JSONMapper;
import com.seeyon.ctp.util.json.mapper.MapperException;
import com.seeyon.ctp.util.json.model.JSONArray;
import com.seeyon.ctp.util.json.model.JSONValue;
import com.seeyon.ctp.util.json.parser.JSONParser;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringReader;
import java.io.StringWriter;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.log4j.Logger;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.multiaction.MultiActionController;

/* loaded from: input_file:com/seeyon/ctp/common/service/AjaxController.class */
public class AjaxController extends MultiActionController {
    private static final Log logAjax = LogFactory.getLog("ajax");
    private static final Logger LOGGER = Logger.getLogger(AjaxController.class);
    private static final Set<String> EXCLUDE_METHODS = new HashSet();
    private static final String LEGAL_REGEX = "^[a-z0-9A-Z]+$";
    private AjaxAccessInterceptor ajaxAccessInterceptor;
    public static final String responseEncoding = "UTF-8";
    private OrgManager orgManager;
    private final Map<String, String> managerJsCache = new ConcurrentHashMap();
    private Set<String> memberIds = null;

    static {
        EXCLUDE_METHODS.add("addAdvice");
        EXCLUDE_METHODS.add("addAdvisor");
        EXCLUDE_METHODS.add("equals");
        EXCLUDE_METHODS.add("getAdvisors");
        EXCLUDE_METHODS.add("getProxiedInterfaces");
        EXCLUDE_METHODS.add("getTargetSource");
        EXCLUDE_METHODS.add("getTargetClass");
        EXCLUDE_METHODS.add("hashCode");
        EXCLUDE_METHODS.add("indexOf");
        EXCLUDE_METHODS.add("isExposeProxy");
        EXCLUDE_METHODS.add("isFrozen");
        EXCLUDE_METHODS.add("isInterfaceProxied");
        EXCLUDE_METHODS.add("isProxyTargetClass");
        EXCLUDE_METHODS.add("isPreFiltered");
        EXCLUDE_METHODS.add("removeAdvice");
        EXCLUDE_METHODS.add("removeAdvisor");
        EXCLUDE_METHODS.add("replaceAdvisor");
        EXCLUDE_METHODS.add("setPreFiltered");
        EXCLUDE_METHODS.add("setExposeProxy");
        EXCLUDE_METHODS.add("setTargetSource");
        EXCLUDE_METHODS.add("toProxyConfigString");
        EXCLUDE_METHODS.add("toString");
    }

    public ModelAndView index(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        httpServletResponse.setContentType("text/plain; charset=UTF-8");
        String str = "e" + SystemEnvironment.getServerStartTime() + httpServletRequest.getParameter("managerName").hashCode();
        if (WebUtil.checkEtag(httpServletRequest, httpServletResponse, str)) {
            return null;
        }
        httpServletResponse.setStatus(200);
        WebUtil.writeETag(httpServletRequest, httpServletResponse, str);
        String generateServiceJavascript = generateServiceJavascript(httpServletRequest, httpServletResponse);
        if (generateServiceJavascript == null) {
            return null;
        }
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        byte[] bytes = generateServiceJavascript.getBytes(responseEncoding);
        httpServletResponse.setIntHeader("Content-Length", bytes.length);
        outputStream.write(bytes);
        outputStream.flush();
        outputStream.close();
        return null;
    }

    public ModelAndView ajaxAction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        httpServletResponse.setContentType("application/json; charset=UTF-8");
        String parameter = httpServletRequest.getParameter("responseCompress");
        httpServletResponse.setStatus(200);
        httpServletRequest.getRequestURI();
        String invokeService = invokeService(httpServletRequest, httpServletResponse);
        if (Strings.isNotBlank(httpServletRequest.getParameter("ClientRequestPath"))) {
            invokeService = ZipUtil.compressResponse(invokeService, parameter, responseEncoding, LOGGER);
        }
        httpServletResponse.getWriter().write(invokeService);
        return null;
    }

    private String generateServiceJavascript(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("managerName");
        if (parameter == null || parameter.trim().length() == 0) {
            return "";
        }
        if (parameter.toLowerCase().endsWith(RuntimeTaskData.DAO_TASK)) {
            this.logger.error("不允许AJAX访问Dao：" + parameter);
            notfound(httpServletResponse);
            return "您所访问的AJAX非法";
        }
        String str = this.managerJsCache.get(parameter);
        if (str != null) {
            return str;
        }
        String generateSomeAjaxStub = generateSomeAjaxStub(httpServletRequest.getContextPath(), httpServletRequest.getServletPath(), parameter);
        this.managerJsCache.put(parameter, generateSomeAjaxStub);
        return generateSomeAjaxStub;
    }

    public static String generateSomeAjaxStub(String str, String str2, String str3) {
        StringBuilder sb = new StringBuilder();
        sb.append(getAjaxStubHeader(str, str2));
        String[] split = str3.split(",");
        if (split != null && split.length > 0) {
            for (String str4 : split) {
                sb.append(generateAjaxStub(str4));
                sb.append("\n");
            }
        }
        return sb.toString();
    }

    public static String getAjaxStubHeader(String str, String str2) {
        return "var ajaxUrl = \"" + str + str2 + "?method=ajaxAction&managerName=\";";
    }

    public static String generateAjaxStub(String str) {
        String[] strArr;
        StringBuilder sb = new StringBuilder();
        if (!str.matches(LEGAL_REGEX)) {
            return "";
        }
        sb.append("var ").append(str).append("=RJS.extend({\n");
        sb.append("jsonGateway:ajaxUrl+\"").append(str).append("\"");
        try {
            Object service = getService(str);
            Method[] methods = service.getClass().getMethods();
            TreeSet treeSet = new TreeSet();
            for (Method method : methods) {
                if (method.getDeclaringClass().equals(service.getClass()) && !EXCLUDE_METHODS.contains(method.getName())) {
                    treeSet.add(method.getName());
                }
            }
            strArr = new String[treeSet.size()];
            treeSet.toArray(strArr);
            sb.append(",");
        } catch (Exception unused) {
            LOGGER.debug("Service not found: " + str + ", 相关插件未启用或其它未知原因！");
        }
        if (strArr.length == 0) {
            return "";
        }
        for (int i = 0; i < strArr.length; i++) {
            String str2 = strArr[i];
            sb.append("").append(str2).append(":function(){");
            sb.append("return this.c(arguments,\"" + str2 + "\");");
            sb.append("}");
            if (i != strArr.length - 1) {
                sb.append(",");
            }
        }
        sb.append("});");
        return sb.toString();
    }

    private static Object getService(String str) throws Exception {
        Object bean = AppContext.getBean(str);
        if ((bean instanceof DataSource) || (bean instanceof Session) || (bean instanceof SessionFactory)) {
            bean = null;
        }
        if (bean == null) {
            throw new Exception("can not find the service: " + str);
        }
        return bean;
    }

    private String invokeService(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String substring;
        AppContext.initSystemEnvironmentContext(httpServletRequest, httpServletResponse);
        String parameter = httpServletRequest.getParameter("managerName");
        String parameter2 = httpServletRequest.getParameter("managerMethod");
        String uncompressRequest = ZipUtil.uncompressRequest(httpServletRequest.getParameter("arguments"), httpServletRequest.getParameter("requestCompress"), responseEncoding, LOGGER);
        if (parameter == null || parameter.trim().length() == 0 || !parameter.matches(LEGAL_REGEX) || parameter2 == null || parameter2.trim().length() == 0 || !parameter2.matches(LEGAL_REGEX)) {
            return "";
        }
        if (parameter.toLowerCase().endsWith(RuntimeTaskData.DAO_TASK)) {
            this.logger.error("不允许AJAX访问Dao：" + parameter);
            notfound(httpServletResponse);
            return "您所访问的AJAX非法";
        }
        if (this.ajaxAccessInterceptor != null && !this.ajaxAccessInterceptor.accept(parameter, parameter2)) {
            logAjax.error(String.valueOf(parameter) + "," + parameter2 + "," + AppContext.currentUserLoginName() + ",非法的Ajax请求");
            notfound(httpServletResponse);
            return "非法的Ajax请求";
        }
        String parameter3 = httpServletRequest.getParameter("ctpJSONPCallback");
        String str = null;
        try {
            User.validateResource(String.valueOf(parameter) + "." + parameter2, false);
            Object invokeMethod = invokeMethod(getService(parameter), parameter2, uncompressRequest, parameter);
            if (invokeMethod instanceof FlipInfo) {
                FlipInfo flipInfo = (FlipInfo) invokeMethod;
                invokeMethod = new HashMap();
                Map map = (Map) invokeMethod;
                map.put("total", Integer.valueOf(flipInfo.getTotal()));
                map.put("data", flipInfo.getData());
                map.put("page", Integer.valueOf(flipInfo.getPage()));
                map.put("pages", flipInfo.getPages());
                map.put("total", Integer.valueOf(flipInfo.getTotal()));
                map.put("size", Integer.valueOf(flipInfo.getSize()));
            }
            str = parameter3 == null ? JSONMapper.toJSON(invokeMethod).render(false) : (String) invokeMethod;
        } catch (Throwable th) {
            Throwable th2 = th;
            if (th instanceof InvocationTargetException) {
                th2 = ((InvocationTargetException) th).getTargetException();
            }
            boolean z = false;
            String str2 = null;
            Throwable th3 = null;
            if (th2 instanceof BusinessException) {
                BusinessException businessException = (BusinessException) th2;
                Throwable rawCause = businessException.getRawCause();
                if (rawCause == null) {
                    businessException = businessException.getRawBusinessException();
                    str2 = businessException.getMessage();
                    z = true;
                } else {
                    th3 = rawCause;
                }
                substring = businessException.getCode();
            } else {
                th3 = th2;
                String valueOf = String.valueOf(System.currentTimeMillis());
                substring = valueOf.substring(valueOf.length() - 10);
            }
            if (th3 != null) {
                str2 = th3.getMessage();
                StringWriter stringWriter = new StringWriter();
                th3.printStackTrace(new PrintWriter(stringWriter));
                stringWriter.toString();
            }
            JsonErrorObject jsonErrorObject = new JsonErrorObject();
            jsonErrorObject.setMessage(str2);
            jsonErrorObject.setCode(substring);
            try {
                JSONValue json = JSONMapper.toJSON(jsonErrorObject);
                str = parameter3 == null ? json.render(false) : String.format("%1$s(%2$s)", parameter3, json.render(false));
            } catch (Exception unused) {
            }
            if (parameter3 == null) {
                httpServletResponse.setStatus(500);
            } else {
                httpServletResponse.setStatus(200);
            }
            if (!z) {
                LOGGER.error("出现AJAX异常，ID：" + substring, th2);
            }
        }
        return str;
    }

    private void notfound(HttpServletResponse httpServletResponse) {
        try {
            httpServletResponse.sendError(404);
        } catch (IOException e) {
            this.logger.error(e.getLocalizedMessage(), e);
        }
    }

    private Object invokeMethod(Object obj, String str, String str2, String str3) throws Exception {
        if (str2 == null || "".equals(str2) || "undefined".equals(str2)) {
            str2 = "[]";
        }
        JSONValue nextValue = new JSONParser(new StringReader(str2)).nextValue();
        Object[] objArr = {nextValue};
        if (nextValue instanceof JSONArray) {
            objArr = ((JSONArray) nextValue).getValue().toArray();
        }
        int length = objArr.length;
        Method[] methods = obj.getClass().getMethods();
        ArrayList arrayList = new ArrayList();
        for (Method method : methods) {
            if (method.getName().equals(str) && method.getParameterTypes().length == length) {
                arrayList.add(method);
            }
        }
        Method method2 = null;
        Object[] objArr2 = (Object[]) null;
        Iterator it = arrayList.iterator();
        loop1: while (true) {
            if (!it.hasNext()) {
                break;
            }
            Method method3 = (Method) it.next();
            Class<?>[] parameterTypes = method3.getParameterTypes();
            objArr2 = new Object[parameterTypes.length];
            for (int i = 0; i < parameterTypes.length; i++) {
                try {
                    objArr2[i] = JSONMapper.toJava((JSONValue) objArr[i], parameterTypes[i]);
                } catch (MapperException e) {
                    LOGGER.warn("", e);
                }
            }
            method2 = method3;
            break loop1;
        }
        if (method2 == null) {
            throw new NoSuchMethodException("can not find the method [" + str + "], which has " + length + " arguments.");
        }
        try {
            User currentUser = AppContext.getCurrentUser();
            if (logAjax.isDebugEnabled()) {
                logAjax.debug(String.valueOf(str3) + "," + str + "," + hasMemberId(objArr2) + "," + currentUser.isAdministrator() + "," + currentUser.isAuditAdmin() + "," + currentUser.isSystemAdmin() + "," + currentUser.isGroupAdmin() + "," + AppContext.currentUserLoginName() + "," + str2);
            }
        } catch (Exception unused) {
        }
        Object invoke = method2.invoke(obj, objArr2);
        AspectAnnotationAware.execute(obj, str);
        return invoke;
    }

    private OrgManager getOrgManager() {
        if (this.orgManager == null) {
            this.orgManager = (OrgManager) AppContext.getBean("orgManager");
        }
        return this.orgManager;
    }

    private Set<String> getAllMembers() throws BusinessException {
        if (this.memberIds == null) {
            this.memberIds = Collections.newSetFromMap(new ConcurrentHashMap());
            Iterator it = getOrgManager().getAllAccounts().iterator();
            while (it.hasNext()) {
                Iterator it2 = getOrgManager().getAllMembers(((V3xOrgAccount) it.next()).getId()).iterator();
                while (it2.hasNext()) {
                    this.memberIds.add(new StringBuilder().append(((V3xOrgMember) it2.next()).getId()).toString());
                }
            }
        }
        return this.memberIds;
    }

    private boolean hasMemberId(Object[] objArr) {
        try {
            for (Object obj : objArr) {
                if (obj != null && getAllMembers().contains(obj)) {
                    return true;
                }
            }
            return false;
        } catch (Throwable th) {
            this.logger.error(th.getLocalizedMessage(), th);
            return false;
        }
    }

    public AjaxAccessInterceptor getAjaxAccessInterceptor() {
        return this.ajaxAccessInterceptor;
    }

    public void setAjaxAccessInterceptor(AjaxAccessInterceptor ajaxAccessInterceptor) {
        this.ajaxAccessInterceptor = ajaxAccessInterceptor;
    }
}
