package com.atlassian.jconnect.rest.resources;

import com.atlassian.crowd.embedded.api.User;
import com.atlassian.jconnect.jira.IssueActivityService;
import com.atlassian.jconnect.jira.IssueHelper;
import com.atlassian.jconnect.jira.JMCProjectService;
import com.atlassian.jconnect.jira.UserHelper;
import com.atlassian.jconnect.rest.entities.CommentEntity;
import com.atlassian.jconnect.rest.entities.IssueEntity;
import com.atlassian.jconnect.rest.entities.IssueWithCommentsEntity;
import com.atlassian.jconnect.rest.entities.IssuesWithCommentsEntity;
import com.atlassian.jconnect.rest.entities.UploadData;
import com.atlassian.jconnect.util.Either;
import com.atlassian.jira.exception.CreateException;
import com.atlassian.jira.issue.CustomFieldManager;
import com.atlassian.jira.issue.Issue;
import com.atlassian.jira.issue.MutableIssue;
import com.atlassian.jira.issue.fields.CustomField;
import com.atlassian.jira.project.Project;
import com.atlassian.jira.util.ErrorCollection;
import com.atlassian.jira.util.IOUtil;
import com.atlassian.jira.util.json.JSONException;
import com.atlassian.jira.util.json.JSONObject;
import com.atlassian.jira.web.util.AttachmentException;
import com.atlassian.plugins.rest.common.security.AnonymousAllowed;
import com.google.common.base.Preconditions;
import com.opensymphony.workflow.InvalidInputException;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.commons.fileupload.FileItemIterator;
import org.apache.commons.fileupload.FileItemStream;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
import org.apache.commons.httpclient.methods.MultipartPostMethod;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.ofbiz.core.entity.GenericEntityException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/issue")
/* loaded from: input_file:com/atlassian/jconnect/rest/resources/IssueResource.class */
public class IssueResource {
    private static final Logger log = LoggerFactory.getLogger(IssueResource.class);
    private final IssueHelper issueHelper;
    private final UserHelper userHelper;
    private final IssueActivityService issueUpdateService;
    private final CustomFieldManager customFieldManager;
    private final JMCProjectService connectProjectService;
    private static final String CF_NAME_UUID = "uuid";

    public IssueResource(IssueHelper issueHelper, UserHelper userHelper, IssueActivityService issueActivityService, CustomFieldManager customFieldManager, JMCProjectService jMCProjectService) {
        this.issueHelper = issueHelper;
        this.userHelper = userHelper;
        this.issueUpdateService = issueActivityService;
        this.customFieldManager = customFieldManager;
        this.connectProjectService = jMCProjectService;
    }

    @Path("create")
    @Consumes({MultipartPostMethod.MULTIPART_FORM_CONTENT_TYPE})
    @POST
    @AnonymousAllowed
    @Produces({"application/json"})
    public Response createIssue(@QueryParam("project") String str, @QueryParam("apikey") String str2, @Context HttpServletRequest httpServletRequest) {
        try {
            Either<Project, Response.ResponseBuilder> lookupProjectByNameOrKey = lookupProjectByNameOrKey(str, str2);
            if (lookupProjectByNameOrKey.getRight() != null) {
                return lookupProjectByNameOrKey.getRight().build();
            }
            Map<String, UploadData> parseUploadData = parseUploadData(httpServletRequest);
            IssueEntity parseIssueEntity = parseIssueEntity(parseUploadData.get("issue"));
            User orCreateJMCSystemUser = this.userHelper.getOrCreateJMCSystemUser();
            CustomField customFieldObjectByName = this.customFieldManager.getCustomFieldObjectByName(CF_NAME_UUID);
            UploadData uploadData = parseUploadData.get("customfields");
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            if (uploadData != null) {
                extractCustomFields(uploadData, arrayList, arrayList2);
            }
            Issue createIssue = this.issueHelper.createIssue(parseIssueEntity, customFieldObjectByName, lookupProjectByNameOrKey.getLeft(), orCreateJMCSystemUser, arrayList, arrayList2);
            addAnyAttachments(parseUploadData, orCreateJMCSystemUser, createIssue);
            return Response.ok(new IssueWithCommentsEntity(createIssue.getKey(), createIssue.getStatusObject().getName(), createIssue.getSummary(), createIssue.getDescription(), createIssue.getCreated(), createIssue.getUpdated(), Collections.emptyList(), false)).build();
        } catch (GenericEntityException e) {
            return handleException(e);
        } catch (JSONException e2) {
            return handleException(e2);
        } catch (AttachmentException e3) {
            return handleException(e3);
        } catch (IOException e4) {
            return handleException(e4);
        } catch (CreateException e5) {
            return e5.getCause() instanceof InvalidInputException ? Response.status(Response.Status.UNAUTHORIZED).entity(e5.getMessage()).build() : handleException(e5);
        } catch (FileUploadException e6) {
            return handleException(e6);
        }
    }

    private Response handleException(Exception exc) {
        log.error(exc.getMessage(), exc);
        return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(exc.getMessage()).build();
    }

    @Path("/comment/{issueKey}")
    @Consumes({MultipartPostMethod.MULTIPART_FORM_CONTENT_TYPE})
    @POST
    @AnonymousAllowed
    @Produces({"application/json"})
    public Response addComment(@PathParam("issueKey") String str, @QueryParam("apikey") String str2, @Context HttpServletRequest httpServletRequest) {
        try {
            User orCreateJMCSystemUser = this.userHelper.getOrCreateJMCSystemUser();
            MutableIssue issue = this.issueHelper.getIssue((String) Preconditions.checkNotNull(str, "issueKey"));
            if (issue == null) {
                return Response.status(Response.Status.NOT_FOUND).entity(String.format("The specified issue %s does not exist", str)).build();
            }
            Either<Project, Response.ResponseBuilder> lookupProjectByNameOrKey = lookupProjectByNameOrKey(issue.getProjectObject().getKey(), str2);
            if (lookupProjectByNameOrKey.getRight() != null) {
                return lookupProjectByNameOrKey.getRight().build();
            }
            Map<String, UploadData> parseUploadData = parseUploadData(httpServletRequest);
            IssueEntity parseIssueEntity = parseIssueEntity(parseUploadData.get("issue"));
            Response.ResponseBuilder checkUUIDIsGood = checkUUIDIsGood(parseIssueEntity, issue);
            if (checkUUIDIsGood != null) {
                return checkUUIDIsGood.entity("You are unauthorized to comment on this issue.").build();
            }
            String description = (StringUtils.isBlank(parseIssueEntity.getDescription()) || StringUtils.isWhitespace(parseIssueEntity.getDescription())) ? "<no comment>" : parseIssueEntity.getDescription();
            Response.ResponseBuilder checkForCommentErrors = checkForCommentErrors(this.issueHelper.addComment(issue, description, orCreateJMCSystemUser), orCreateJMCSystemUser, issue);
            if (checkForCommentErrors != null) {
                return checkForCommentErrors.build();
            }
            addAnyAttachments(parseUploadData, orCreateJMCSystemUser, issue);
            try {
                this.issueHelper.updateIssue(issue, parseIssueEntity, orCreateJMCSystemUser);
            } catch (Throwable th) {
                log.warn("Could not update issue. Comment and attachments still added though.", th);
            }
            return Response.ok(new CommentEntity(orCreateJMCSystemUser.getName(), true, description, new Date(), issue.getKey())).build();
        } catch (JSONException e) {
            return handleException(e);
        } catch (IOException e2) {
            return handleException(e2);
        } catch (GenericEntityException e3) {
            return handleException(e3);
        } catch (FileUploadException e4) {
            return handleException(e4);
        } catch (AttachmentException e5) {
            return handleException(e5);
        }
    }

    @GET
    @Path("/updates")
    @AnonymousAllowed
    @Produces({"application/json"})
    public Response getIssuesAndCommentsFor(@QueryParam("project") String str, @QueryParam("uuid") String str2, @QueryParam("sinceMillis") long j, @QueryParam("apikey") String str3, @Context HttpServletRequest httpServletRequest) {
        Either<Project, Response.ResponseBuilder> lookupProjectByNameOrKey = lookupProjectByNameOrKey(str, str3);
        if (lookupProjectByNameOrKey.getRight() != null) {
            return lookupProjectByNameOrKey.getRight().build();
        }
        httpServletRequest.setAttribute("gzipMimeTypes", "application/json");
        IssuesWithCommentsEntity issuesWithCommentsIfUpdatesExists = this.issueUpdateService.getIssuesWithCommentsIfUpdatesExists(lookupProjectByNameOrKey.getLeft(), str2, j);
        return Response.ok(issuesWithCommentsIfUpdatesExists == null ? new IssuesWithCommentsEntity(new LinkedList(), System.currentTimeMillis()) : issuesWithCommentsIfUpdatesExists).lastModified(new Date()).build();
    }

    private Either<Project, Response.ResponseBuilder> lookupProjectByNameOrKey(String str, String str2) {
        if (str == null) {
            return Either.right(Response.status(Response.Status.BAD_REQUEST).entity("project request parameter must be specified."));
        }
        Project lookupProjectByKey = this.issueHelper.lookupProjectByKey(str);
        Project lookupProjectByName = lookupProjectByKey == null ? this.issueHelper.lookupProjectByName(str) : lookupProjectByKey;
        if (lookupProjectByName == null) {
            return Either.right(Response.status(Response.Status.FORBIDDEN).entity("Project: " + str + " does not exist in this JIRA instance.\nPlease add a project called " + str + " before continuing.\nAlternatively, configure the name of an existing project in your <JCOCustomDataSource> protocol."));
        }
        if (!this.connectProjectService.isJiraConnectProject(lookupProjectByName)) {
            return Either.right(Response.status(Response.Status.UNAUTHORIZED).entity("JIRA Mobile Connect is not enabled for project: " + lookupProjectByName.getKey() + ". Please enable JIRA Mobile Connect in the Project Settings in JIRA for this project."));
        }
        if (this.connectProjectService.isApiKeyEnabledFor(lookupProjectByName)) {
            String lookupApiKeyFor = this.connectProjectService.lookupApiKeyFor(lookupProjectByName);
            if (lookupApiKeyFor == null) {
                return Either.right(Response.status(Response.Status.FORBIDDEN).entity("Project is missing API Key."));
            }
            if (str2 == null) {
                return Either.right(Response.status(Response.Status.FORBIDDEN).entity("This request is missing the apikey parameter. Please upgrade the JIRA Mobile Connect SDK."));
            }
            if (!lookupApiKeyFor.equalsIgnoreCase(str2)) {
                return Either.right(Response.status(Response.Status.FORBIDDEN).entity("Invalid API Key. '" + str2 + "' Please ensure it is correctly configured."));
            }
        }
        return Either.left(lookupProjectByName);
    }

    private Response.ResponseBuilder checkForCommentErrors(ErrorCollection errorCollection, User user, Issue issue) {
        if (!errorCollection.hasAnyErrors()) {
            log.debug(String.format("User %s commented on %s", user.getName(), issue.getKey()));
            return null;
        }
        log.warn(String.format("Errors encountered when %s commented on %s:", user.getName(), issue.getKey()));
        StringBuilder sb = new StringBuilder();
        Iterator it = errorCollection.getErrorMessages().iterator();
        while (it.hasNext()) {
            sb.append((String) it.next()).append('\n');
        }
        return Response.status(Response.Status.BAD_REQUEST).entity(sb.toString());
    }

    private Response.ResponseBuilder checkUUIDIsGood(IssueEntity issueEntity, Issue issue) {
        CustomField customFieldObjectByName = this.customFieldManager.getCustomFieldObjectByName(CF_NAME_UUID);
        if (customFieldObjectByName == null) {
            return handleMissingUUID();
        }
        Object customFieldValue = issue.getCustomFieldValue(customFieldObjectByName);
        if (customFieldValue != null && ((String) customFieldValue).equals(issueEntity.getUuid())) {
            return null;
        }
        return Response.status(Response.Status.UNAUTHORIZED);
    }

    private Response.ResponseBuilder handleMissingUUID() {
        return Response.status(Response.Status.FORBIDDEN).entity("Missing uuid.");
    }

    private void extractCustomFields(UploadData uploadData, List<CustomField> list, List<Object> list2) throws JSONException, IOException {
        JSONObject jSONObject = new JSONObject(IOUtil.toString(uploadData.getInputStream()));
        for (CustomField customField : this.customFieldManager.getCustomFieldObjects()) {
            String lowerCase = customField.getName().toLowerCase();
            if (jSONObject.has(lowerCase) || jSONObject.has(customField.getName())) {
                String string = jSONObject.has(lowerCase) ? jSONObject.getString(lowerCase) : jSONObject.getString(customField.getName());
                if (string != null) {
                    list.add(customField);
                    list2.add(customField.getCustomFieldType().getSingularObjectFromString(string));
                }
            }
        }
    }

    private void addAnyAttachments(Map<String, UploadData> map, User user, Issue issue) throws IOException, AttachmentException, GenericEntityException {
        Iterator<Map.Entry<String, UploadData>> it = map.entrySet().iterator();
        while (it.hasNext()) {
            addAttachment(user, issue, it.next().getValue());
        }
    }

    private void addAttachment(User user, Issue issue, UploadData uploadData) throws IOException, AttachmentException, GenericEntityException {
        if (isValidAttachment(uploadData)) {
            this.issueHelper.addAttachment(issue, uploadData, user);
        }
    }

    private Map<String, UploadData> parseUploadData(HttpServletRequest httpServletRequest) throws FileUploadException, IOException {
        FileItemIterator itemIterator = new ServletFileUpload().getItemIterator(httpServletRequest);
        HashMap hashMap = new HashMap();
        while (itemIterator.hasNext()) {
            try {
                FileItemStream next = itemIterator.next();
                hashMap.put(next.getFieldName(), new UploadData(new ByteArrayInputStream(IOUtils.toByteArray(next.openStream())), next.getFieldName(), next.getName(), next.getContentType()));
            } catch (FileItemStream.ItemSkippedException e) {
                log.warn("skipped upload content", e);
            }
        }
        return hashMap;
    }

    private IssueEntity parseIssueEntity(UploadData uploadData) throws JSONException, IOException {
        return IssueEntity.fromJSONObj(new JSONObject(IOUtils.toString(uploadData.getInputStream())));
    }

    private boolean isValidAttachment(UploadData uploadData) {
        return (uploadData == null || uploadData.getName() == null || isSystemAttachment(uploadData)) ? false : true;
    }

    private boolean isSystemAttachment(UploadData uploadData) {
        return uploadData.getName().equals("issue") || uploadData.getName().equals("customfields");
    }
}
