package nl.ppmoost.ventureplan2.servlets;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.URL;
import java.net.URLDecoder;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.JSONObject;
import net.sf.json.JSONSerializer;
import nl.buildersenperformers.docmerge.DocMerge;
import nl.buildersenperformers.docmerge.DocMergeException;
import nl.buildersenperformers.docmerge.SheetMerge;
import nl.innovationinvestments.cheyenne.daemon.utils.CheyenneServerContent;
import nl.innovationinvestments.cheyenne.daemon.utils.DocStore;
import nl.innovationinvestments.pdfconversie.ConvertWordToPdf;
import nl.knowledgeplaza.util.ConfigurationProperties;
import nl.knowledgeplaza.util.FileUtil;
import nl.knowledgeplaza.util.Log4jUtil;
import nl.ppmoost.ventureplan2.VPTask;
import org.apache.commons.collections4.map.HashedMap;
import org.apache.commons.httpclient.methods.multipart.FilePart;
import org.apache.commons.httpclient.methods.multipart.Part;
import org.apache.commons.httpclient.methods.multipart.StringPart;
import org.apache.log4j.Logger;

/* loaded from: input_file:nl/ppmoost/ventureplan2/servlets/TaskServlet.class */
public class TaskServlet extends HttpServlet {
    private static final long serialVersionUID = 2;
    public static final String SOURCECODE_VERSION = "$Revision: 1.3 $";
    private static Logger log4j = Log4jUtil.createLogger();
    private String sid = null;
    private Map<String, File> iTemplateCache;

    public TaskServlet() {
        this.iTemplateCache = null;
        this.iTemplateCache = new HashMap();
    }

    private String validateNextUrl(String str, HttpServletRequest httpServletRequest) throws ServletException {
        if (str == null || str.trim().isEmpty()) {
            log4j.warn("Received empty or null next_url parameter");
            throw new ServletException("Missing next_url parameter");
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("Validating next_url: " + str);
        }
        try {
            String decode = URLDecoder.decode(str, "UTF-8");
            if (log4j.isDebugEnabled()) {
                log4j.debug("Decoded URL: " + decode);
            }
            if (decode.contains("/../") || decode.contains("/./") || decode.endsWith("/..") || decode.endsWith("/.") || decode.startsWith("../") || decode.startsWith("./") || decode.contains("..\\") || decode.contains(".\\")) {
                log4j.warn("Directory traversal attempt detected in next_url: " + decode);
                throw new ServletException("Invalid next_url: contains directory traversal");
            }
            if (decode.toLowerCase().startsWith("http")) {
                log4j.warn("Absolute URL niet toegestaan in next_url: " + decode);
                throw new ServletException("Invalid next_url: absolute URLs are not allowed");
            }
            String contextPath = httpServletRequest.getContextPath();
            if (decode.startsWith("/") && !contextPath.isEmpty() && !decode.startsWith(contextPath + "/") && !decode.equals(contextPath)) {
                log4j.warn("URL verwijst naar andere context. URL: " + decode + ", huidige context: " + contextPath);
                throw new ServletException("Invalid next_url: must stay within current application context");
            }
            String lowerCase = decode.toLowerCase();
            if (lowerCase.contains("/web-inf/") || lowerCase.startsWith("web-inf/") || lowerCase.contains("/meta-inf/") || lowerCase.startsWith("meta-inf/")) {
                log4j.warn("Poging tot toegang tot beschermde webapp directory: " + decode);
                throw new ServletException("Invalid next_url: access to protected directories not allowed");
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("Validated URL successfully. Final path: " + decode);
            }
            return decode;
        } catch (Exception e) {
            log4j.warn("Invalid URL encoding in next_url: " + str, e);
            throw new ServletException("Invalid URL encoding");
        }
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (httpServletRequest.getParameter("task_id") == null) {
            throw new ServletException("No task_id set");
        }
        int parseInt = Integer.parseInt(httpServletRequest.getParameter("task_id"));
        String validateNextUrl = validateNextUrl(httpServletRequest.getParameter("next_url"), httpServletRequest);
        execute(parseInt, httpServletRequest, httpServletRequest.getSession().getId());
        httpServletResponse.setContentType("text/xml");
        httpServletRequest.getRequestDispatcher(validateNextUrl).include(httpServletRequest, httpServletResponse);
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    public void execute(int i, HttpServletRequest httpServletRequest, String str) {
        VPTask task = VPTask.getTask(i);
        if (task == null) {
            return;
        }
        boolean z = true;
        File file = null;
        try {
            file = File.createTempFile(task.getFilename(), ".tmp", null);
            file.deleteOnExit();
        } catch (IOException e) {
            log4j.error("error creating temp file", e);
            z = false;
            task.setStatus(8);
        }
        boolean z2 = task.getFilename().endsWith(".docx") || task.getFilename().endsWith(".xlsx");
        if (task.getTask_type().equals("docmerge") && z) {
            if (z2 && task.getDataUrl() == null) {
                log4j.debug("File " + task.getFilename() + " has no data url, do doccopy instead");
                task.setTask_type("doccopy");
            } else if (!z2) {
                log4j.debug("File " + task.getFilename() + " is no docx file, do doccopy instead");
                task.setTask_type("doccopy");
            }
        }
        if (task.getTask_type().equals("doccopy") && z) {
            try {
                String str2 = ConfigurationProperties.get().get("DOCSTORE_BASE");
                this.sid = str;
                String str3 = str2 + task.getUrl().replace("%sid%", this.sid);
                if (log4j.isDebugEnabled()) {
                    log4j.debug("Do doccopy for url " + str3);
                }
                FileUtil.copyURLToFile(new URL(str3), file);
                z = true;
            } catch (IOException e2) {
                log4j.error("error copying file", e2);
                z = false;
                task.setStatus(8);
            }
        } else if (task.getTask_type().equals("docmerge") && z) {
            JSONObject json = JSONSerializer.toJSON(task.getDataUrl());
            JSONObject jSONObject = null;
            if (json instanceof JSONObject) {
                jSONObject = json;
            } else {
                z = false;
                task.setStatus(8);
            }
            if (task.getFilename().endsWith(".docx") && z) {
                try {
                    String filename = task.getFilename();
                    String str4 = ConfigurationProperties.get().get("DOCSTORE_BASE");
                    String str5 = ConfigurationProperties.get().get("LOCAL_BASE");
                    this.sid = str;
                    String str6 = str4 + task.getUrl().replace("%sid%", this.sid);
                    String str7 = str5 + jSONObject.getString("Word").replace("%sid%", this.sid);
                    if (log4j.isDebugEnabled()) {
                        log4j.debug("Do docmerge for url " + str6);
                        log4j.debug("--data url " + str7);
                    }
                    File createTempFile = File.createTempFile(filename, ".doctmp", null);
                    if (this.iTemplateCache.containsKey(task.getUrl())) {
                        log4j.debug("-- get from cache!!!");
                        createTempFile = this.iTemplateCache.get(task.getUrl());
                    } else {
                        FileUtil.copyURLToFile(new URL(str6), createTempFile);
                        this.iTemplateCache.put(task.getUrl(), createTempFile);
                    }
                    File createTempFile2 = File.createTempFile(filename, ".xmltmp", null);
                    createTempFile.deleteOnExit();
                    if (log4j.isDebugEnabled()) {
                        log4j.debug("Temp docx file: " + createTempFile.getAbsolutePath());
                        log4j.debug("Temp xml file: " + createTempFile2.getAbsolutePath());
                    }
                    FileUtil.copyURLToFile(new URL(str7), createTempFile2);
                    new DocMerge().merge(createTempFile, createTempFile2, file.getAbsolutePath());
                    if (jSONObject.containsKey("RenderAs") && jSONObject.getString("RenderAs").equals("pdf")) {
                        String str8 = FileUtil.stripExtention(filename) + ".pdf";
                        File createTempFile3 = File.createTempFile(str8, ".pdftmp", null);
                        createTempFile3.deleteOnExit();
                        FileInputStream fileInputStream = new FileInputStream(file);
                        FileOutputStream fileOutputStream = new FileOutputStream(createTempFile3);
                        try {
                            try {
                                ConvertWordToPdf.convert(fileInputStream, fileOutputStream);
                                fileOutputStream.close();
                                fileInputStream.close();
                                file = createTempFile3;
                                task.setFilename(str8);
                            } catch (Throwable th) {
                                fileOutputStream.close();
                                fileInputStream.close();
                                throw th;
                            }
                        } catch (Exception e3) {
                            throw new IOException(e3);
                        }
                    }
                    z = true;
                } catch (IOException | DocMergeException e4) {
                    log4j.error("error merging file", e4);
                    z = false;
                    task.setStatus(8);
                }
            } else if (z) {
                try {
                    String filename2 = task.getFilename();
                    String str9 = ConfigurationProperties.get().get("DOCSTORE_BASE");
                    String str10 = ConfigurationProperties.get().get("LOCAL_BASE");
                    this.sid = str;
                    String str11 = str9 + task.getUrl().replace("%sid%", this.sid);
                    if (log4j.isDebugEnabled()) {
                        log4j.debug("Do docmerge for url " + str11);
                    }
                    JSONObject jSONObject2 = jSONObject.getJSONObject("Excel");
                    HashedMap hashedMap = new HashedMap();
                    for (int i2 = 0; i2 < jSONObject2.names().size(); i2++) {
                        String string = jSONObject2.names().getString(i2);
                        String str12 = str10 + jSONObject2.getString(string).replace("%sid%", this.sid);
                        if (log4j.isDebugEnabled()) {
                            log4j.debug("---data url for sheet " + string + " :" + str12);
                        }
                        File createTempFile4 = File.createTempFile(filename2, ".csvtmp", null);
                        FileUtil.copyURLToFile(new URL(str12), createTempFile4);
                        hashedMap.put(string, createTempFile4);
                    }
                    File createTempFile5 = File.createTempFile(filename2, ".doctmp", null);
                    if (log4j.isDebugEnabled()) {
                        log4j.debug("Temp docx file: " + createTempFile5.getAbsolutePath());
                        for (Map.Entry entry : hashedMap.entrySet()) {
                            log4j.debug("Temp sheet " + ((String) entry.getKey()) + " file: " + ((File) entry.getValue()).getAbsolutePath());
                        }
                    }
                    FileUtil.copyURLToFile(new URL(str11), createTempFile5);
                    new SheetMerge().merge(createTempFile5, hashedMap, file);
                    z = true;
                } catch (IOException | DocMergeException e5) {
                    log4j.error("error merging file", e5);
                    z = false;
                    task.setStatus(8);
                }
            }
        } else {
            CheyenneServerContent cheyenneServerContent = new CheyenneServerContent(httpServletRequest, task.getUrl(), "text/xml", file);
            this.sid = cheyenneServerContent.iSessionID;
            z = cheyenneServerContent.isOk();
        }
        if (file == null || !z) {
            task.setStatus(9);
            return;
        }
        try {
            new DocStore(this.sid).Store(file, file.getName(), new Part[]{new StringPart("URL", task.getUrl()), new StringPart("sid", this.sid), new StringPart("P_DOC_ID", Integer.toString(task.getDoc_id())), new FilePart(file.getName(), task.getFilename(), file)}, task.getDocstore_path() + "?cusername=" + task.getUserName());
            task.setStatus(1);
        } catch (IOException e6) {
            log4j.error("Error uploading generated document", e6);
            task.setStatus(8);
        }
    }
}
