package com.atlassian.stash.internal.web;

import com.atlassian.bitbucket.AuthorisationException;
import com.atlassian.bitbucket.EntityMovedException;
import com.atlassian.bitbucket.FeatureDisabledException;
import com.atlassian.bitbucket.IntegrityException;
import com.atlassian.bitbucket.NoSuchEntityException;
import com.atlassian.bitbucket.auth.AuthenticationContext;
import com.atlassian.bitbucket.i18n.I18nService;
import com.atlassian.bitbucket.project.NoSuchProjectException;
import com.atlassian.bitbucket.repository.NoSuchRepositoryException;
import com.atlassian.bitbucket.throttle.ResourceBusyException;
import com.atlassian.bitbucket.util.RedirectUtils;
import com.atlassian.bitbucket.validation.ArgumentValidationException;
import com.google.common.annotations.VisibleForTesting;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.Optional;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.DispatcherServlet;
import org.springframework.web.servlet.HandlerExceptionResolver;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.ViewResolver;

@Component(DispatcherServlet.HANDLER_EXCEPTION_RESOLVER_BEAN_NAME)
/* loaded from: input_file:WEB-INF/classes/com/atlassian/stash/internal/web/HandlerExceptionResolverImpl.class */
public class HandlerExceptionResolverImpl implements AccessDeniedHandler, HandlerExceptionResolver {
    static final String VIEW_PREFIX = "bitbucket.internal.page.errors.errors.";
    private static final Logger log = LoggerFactory.getLogger((Class<?>) HandlerExceptionResolverImpl.class);
    private final AuthenticationContext authenticationContext;
    private final I18nService i18nService;
    private final ViewResolver viewResolver;

    @Autowired
    public HandlerExceptionResolverImpl(AuthenticationContext authenticationContext, I18nService i18nService, ViewResolver viewResolver) {
        this.authenticationContext = authenticationContext;
        this.i18nService = i18nService;
        this.viewResolver = viewResolver;
    }

    @Override // org.springframework.security.web.access.AccessDeniedHandler
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException accessDeniedException) throws ServletException {
        ModelAndView resolveException = resolveException(httpServletRequest, httpServletResponse, accessDeniedException);
        try {
            this.viewResolver.resolveViewName(resolveException.getViewName(), Locale.US).render(resolveException.getModel(), httpServletRequest, httpServletResponse);
        } catch (Exception e) {
            throw new ServletException(e);
        }
    }

    @Override // org.springframework.web.servlet.HandlerExceptionResolver
    public ModelAndView resolveException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) {
        if (!this.authenticationContext.isAuthenticated()) {
            if (isAccessDenied(exc)) {
                return null;
            }
            if (exc instanceof NoSuchEntityException) {
                throw new AccessDeniedException(exc.getMessage());
            }
        }
        return resolveException(httpServletRequest, httpServletResponse, exc);
    }

    @VisibleForTesting
    ModelAndView resolveException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Exception exc) {
        String templateForException = templateForException(exc);
        HashMap hashMap = new HashMap();
        hashMap.put("error", exc);
        setStatusForException(exc, httpServletRequest, httpServletResponse);
        setTemplateContext(exc, hashMap);
        return new ModelAndView(templateForException, hashMap);
    }

    private void setTemplateContext(Exception exc, Map<String, Object> map) {
        if (exc instanceof NoSuchRepositoryException) {
            map.put("project", ((NoSuchRepositoryException) exc).getProject());
        } else if (exc instanceof AuthorisationException) {
            map.put("errorHeadingOverride", this.i18nService.getMessage("bitbucket.web.authorisationdenied.heading", new Object[0]));
        }
    }

    private void setStatusForException(Exception exc, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int i = -1;
        if (isAccessDenied(exc)) {
            i = 401;
        } else if ((exc instanceof ArgumentValidationException) || (exc instanceof FeatureDisabledException)) {
            i = 400;
        } else if (exc instanceof IntegrityException) {
            i = 409;
        } else if (exc instanceof NoSuchEntityException) {
            i = 404;
        } else if (exc instanceof ResourceBusyException) {
            i = 503;
        } else if (exc instanceof EntityMovedException) {
            Optional<String> redirectUrl = RedirectUtils.getRedirectUrl(httpServletRequest, (EntityMovedException) exc);
            if (redirectUrl.isPresent()) {
                i = 307;
                httpServletResponse.setHeader("Location", redirectUrl.get());
            }
        }
        if (i == -1) {
            i = 500;
            log.error(exc.getMessage(), (Throwable) exc);
        }
        httpServletResponse.setStatus(i);
    }

    private String templateForException(Exception exc) {
        return VIEW_PREFIX + (isAccessDenied(exc) ? "error401" : exc instanceof NoSuchRepositoryException ? "repo404" : exc instanceof NoSuchProjectException ? "project404" : exc instanceof NoSuchEntityException ? "error404" : exc instanceof ResourceBusyException ? "error503" : "error500");
    }

    private static boolean isAccessDenied(Exception exc) {
        return (exc instanceof AccessDeniedException) || (exc instanceof AuthorisationException) || (exc instanceof com.atlassian.sal.api.permission.AuthorisationException);
    }
}
