package com.xpn.xwiki.web;

import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import com.xpn.xwiki.doc.XWikiAttachment;
import com.xpn.xwiki.doc.XWikiDocument;
import com.xpn.xwiki.util.Util;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.IllegalCharsetNameException;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.fileupload.FileUploadBase;
import org.apache.commons.io.IOUtils;
import org.apache.commons.io.input.BoundedInputStream;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.apache.xmlgraphics.util.MimeConstants;
import org.xwiki.configuration.ConfigurationSource;

/* loaded from: input_file:WEB-INF/lib/xwiki-platform-oldcore-5.4.5.jar:com/xpn/xwiki/web/DownloadAction.class */
public class DownloadAction extends XWikiAction {
    public static final String ACTION_NAME = "download";
    public static final String ATTACHMENT = "attachment";
    public static final String WHITELIST_PROPERTY = "attachment.download.whitelist";
    public static final String BLACKLIST_PROPERTY = "attachment.download.blacklist";
    private static final String SEPARATOR = "/";
    private static final String RANGE_HEADER_NAME = "Range";
    public static final List<String> MIMETYPE_WHITELIST = Arrays.asList("audio/basic", "audio/L24", "audio/mp4", "audio/mpeg", "audio/ogg", "audio/vorbis", "audio/vnd.rn-realaudio", "audio/vnd.wave", "audio/webm", "image/gif", "image/jpeg", "image/pjpeg", "image/png", "image/svg+xml", "image/tiff", "text/csv", "text/plain", "text/xml", MimeConstants.MIME_RTF_ALT2, "video/mpeg", "video/ogg", "video/quicktime", "video/webm", "video/x-matroska", "video/x-ms-wmv", "video/x-flv");
    private static final Pattern RANGE_HEADER_PATTERN = Pattern.compile("bytes=([0-9]+)?-([0-9]+)?");

    @Override // com.xpn.xwiki.web.XWikiAction
    public String render(XWikiContext xWikiContext) throws XWikiException {
        XWikiRequest request = xWikiContext.getRequest();
        XWikiResponse response = xWikiContext.getResponse();
        XWikiDocument doc = xWikiContext.getDoc();
        String decodeURI = Util.decodeURI(getFileName(request.getRequestURI(), ACTION_NAME), xWikiContext);
        XWikiAttachment xWikiAttachment = null;
        String parameter = request.getParameter("id");
        if (StringUtils.isNumeric(parameter)) {
            int parseInt = Integer.parseInt(parameter);
            if (doc.getAttachmentList().size() > parseInt) {
                xWikiAttachment = doc.getAttachmentList().get(parseInt);
            }
        } else {
            xWikiAttachment = doc.getAttachment(decodeURI);
        }
        if (xWikiAttachment == null) {
            throw new XWikiException(11, XWikiException.ERROR_XWIKI_APP_ATTACHMENT_NOT_FOUND, "Attachment {0} not found", null, new Object[]{decodeURI});
        }
        XWikiAttachment downloadAttachment = xWikiContext.getWiki().getPluginManager().downloadAttachment(xWikiAttachment, xWikiContext);
        try {
            downloadAttachment.getContentSize(xWikiContext);
            long dateHeader = request.getDateHeader("If-Modified-Since");
            long time = downloadAttachment.getDate().getTime();
            if (dateHeader != -1 && dateHeader >= time) {
                response.setStatus(304);
                return null;
            }
            if (request.getHeader("Range") != null) {
                try {
                    if (sendPartialContent(downloadAttachment, request, response, xWikiContext)) {
                        return null;
                    }
                } catch (IOException e) {
                }
            }
            sendContent(downloadAttachment, request, response, decodeURI, xWikiContext);
            return null;
        } catch (XWikiException e2) {
            throw new XWikiException(11, XWikiException.ERROR_XWIKI_APP_ATTACHMENT_NOT_FOUND, "Attachment content {0} not found", null, new Object[]{decodeURI});
        }
    }

    private static boolean sendPartialContent(XWikiAttachment xWikiAttachment, XWikiRequest xWikiRequest, XWikiResponse xWikiResponse, XWikiContext xWikiContext) throws XWikiException, IOException {
        Matcher matcher = RANGE_HEADER_PATTERN.matcher(xWikiRequest.getHeader("Range"));
        if (!matcher.matches()) {
            return false;
        }
        String group = matcher.group(1);
        String group2 = matcher.group(2);
        Long createLong = NumberUtils.createLong(group);
        Long createLong2 = NumberUtils.createLong(group2);
        if (createLong == null && createLong2 != null && createLong2.longValue() > 0) {
            createLong = Long.valueOf(Math.max(xWikiAttachment.getContentSize(xWikiContext) - createLong2.longValue(), 0L));
            createLong2 = Long.valueOf(xWikiAttachment.getContentSize(xWikiContext) - 1);
        }
        if (!isValidRange(createLong, createLong2)) {
            return false;
        }
        if (createLong2 == null) {
            createLong2 = Long.valueOf(xWikiAttachment.getContentSize(xWikiContext) - 1);
        }
        writeByteRange(xWikiAttachment, createLong, Long.valueOf(Math.min(createLong2.longValue(), xWikiAttachment.getContentSize(xWikiContext) - 1)), xWikiRequest, xWikiResponse, xWikiContext);
        return true;
    }

    private static void writeByteRange(XWikiAttachment xWikiAttachment, Long l, Long l2, XWikiRequest xWikiRequest, XWikiResponse xWikiResponse, XWikiContext xWikiContext) throws XWikiException, IOException {
        if (l.longValue() < 0 || l.longValue() >= xWikiAttachment.getContentSize(xWikiContext)) {
            xWikiResponse.setStatus(416);
            return;
        }
        BoundedInputStream boundedInputStream = new BoundedInputStream(xWikiAttachment.getContentInputStream(xWikiContext), l2.longValue() + 1);
        boundedInputStream.skip(l.longValue());
        setCommonHeaders(xWikiAttachment, xWikiRequest, xWikiResponse, xWikiContext);
        xWikiResponse.setStatus(206);
        if ((l2.longValue() - l.longValue()) + 1 < 2147483647L) {
            xWikiResponse.setContentLength((int) ((l2.longValue() - l.longValue()) + 1));
        }
        xWikiResponse.setHeader("Content-Range", "bytes " + l + "-" + l2 + "/" + xWikiAttachment.getContentSize(xWikiContext));
        IOUtils.copyLarge((InputStream) boundedInputStream, (OutputStream) xWikiResponse.getOutputStream());
    }

    private static void sendContent(XWikiAttachment xWikiAttachment, XWikiRequest xWikiRequest, XWikiResponse xWikiResponse, String str, XWikiContext xWikiContext) throws XWikiException {
        InputStream inputStream = null;
        try {
            try {
                setCommonHeaders(xWikiAttachment, xWikiRequest, xWikiResponse, xWikiContext);
                xWikiResponse.setContentLength(xWikiAttachment.getContentSize(xWikiContext));
                inputStream = xWikiAttachment.getContentInputStream(xWikiContext);
                IOUtils.copy(inputStream, (OutputStream) xWikiResponse.getOutputStream());
                if (inputStream != null) {
                    IOUtils.closeQuietly(inputStream);
                }
            } catch (IOException e) {
                throw new XWikiException(11, XWikiException.ERROR_XWIKI_APP_SEND_RESPONSE_EXCEPTION, "Exception while sending response", e);
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                IOUtils.closeQuietly(inputStream);
            }
            throw th;
        }
    }

    private static String getFileName(String str, String str2) {
        String substring = str.substring(str.indexOf("/" + str2));
        int i = 0;
        for (int i2 = 0; i2 < 3; i2++) {
            i = substring.indexOf("/", i + 1);
        }
        return substring.indexOf("/", i + 1) > 0 ? substring.substring(i + 1, substring.indexOf("/", i + 1)) : substring.substring(i + 1);
    }

    private static void setCommonHeaders(XWikiAttachment xWikiAttachment, XWikiRequest xWikiRequest, XWikiResponse xWikiResponse, XWikiContext xWikiContext) {
        boolean z;
        String mimeType = xWikiAttachment.getMimeType(xWikiContext);
        xWikiResponse.setContentType(mimeType);
        try {
            xWikiResponse.setCharacterEncoding("");
        } catch (IllegalCharsetNameException e) {
            xWikiResponse.setCharacterEncoding("UTF-8");
        }
        String replaceAll = Util.encodeURI(xWikiAttachment.getFilename(), xWikiContext).replaceAll("\\+", "%20");
        try {
            z = xWikiContext.getWiki().getRightService().hasAccessLevel("programming", xWikiAttachment.getAuthor(), "XWiki.XWikiPreferences", xWikiContext);
        } catch (Exception e2) {
            z = false;
        }
        xWikiResponse.addHeader(FileUploadBase.CONTENT_DISPOSITION, ((!(z || isAuthorized(mimeType)) || "1".equals(xWikiRequest.getParameter("force-download"))) ? "attachment" : "inline") + "; filename*=utf-8''" + replaceAll);
        xWikiResponse.setDateHeader("Last-Modified", xWikiAttachment.getDate().getTime());
        xWikiResponse.setHeader("Accept-Ranges", "bytes");
    }

    private static boolean isValidRange(Long l, Long l2) {
        if (l == null && l2 == null) {
            return false;
        }
        return l == null || l2 == null || l2.longValue() >= l.longValue();
    }

    private static boolean isAuthorized(String str) {
        ConfigurationSource configurationSource = (ConfigurationSource) Utils.getComponent(ConfigurationSource.class, "xwikiproperties");
        return (!configurationSource.containsKey(BLACKLIST_PROPERTY) || configurationSource.containsKey(WHITELIST_PROPERTY)) ? ((List) configurationSource.getProperty(WHITELIST_PROPERTY, (String) MIMETYPE_WHITELIST)).contains(str) : !((List) configurationSource.getProperty(BLACKLIST_PROPERTY, (String) Collections.emptyList())).contains(str);
    }
}
