package com.atlassian.jira.web.servlet;

import com.atlassian.jira.component.ComponentAccessor;
import com.atlassian.jira.exception.AttachmentNotFoundException;
import com.atlassian.jira.exception.DataAccessException;
import com.atlassian.jira.exception.PermissionException;
import com.atlassian.jira.issue.attachment.Attachment;
import com.atlassian.jira.issue.attachment.NoAttachmentDataException;
import com.atlassian.jira.permission.ProjectPermissions;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.util.http.JiraHttpUtils;
import com.atlassian.jira.util.io.InputStreamConsumer;
import com.atlassian.jira.web.exception.WebExceptionChecker;
import com.atlassian.seraph.util.RedirectUtils;
import com.google.common.annotations.VisibleForTesting;
import io.atlassian.fugue.Unit;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Optional;
import javax.annotation.Nullable;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/jira/web/servlet/AbstractViewFileServlet.class */
public abstract class AbstractViewFileServlet extends HttpServlet {
    private static final Logger log = LoggerFactory.getLogger(ViewAttachmentServlet.class);
    private static final int BUFFER_SIZE = 4096;

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            try {
                streamFileData(httpServletRequest, httpServletResponse, attachmentQuery(httpServletRequest));
            } catch (InvalidAttachmentPathException e) {
                httpServletResponse.sendError(400, "Invalid attachment path");
            } catch (AttachmentNotFoundException e2) {
                send404(httpServletRequest, httpServletResponse);
            }
        } catch (Exception e3) {
            if (WebExceptionChecker.canBeSafelyIgnored(e3)) {
                return;
            }
            log.error("Error serving file for path " + httpServletRequest.getPathInfo() + ": " + e3.getMessage(), e3);
            throw new ServletException(e3);
        }
    }

    private void send404(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendError(404, String.format("Attachment %s was not found", httpServletRequest.getPathInfo()));
    }

    private void redirectForSecurityBreach(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (getLoggedInUser() == null) {
            httpServletResponse.sendRedirect(RedirectUtils.getLoginUrl(httpServletRequest));
            return;
        }
        RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher("/secure/views/securitybreach.jsp");
        JiraHttpUtils.setNoCacheHeaders(httpServletResponse);
        requestDispatcher.forward(httpServletRequest, httpServletResponse);
    }

    private void streamFileData(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException, ServletException {
        Optional empty;
        try {
            if (supportsRangeRequests()) {
                RangeRequest parseRangeHeader = parseRangeHeader(httpServletRequest);
                empty = parseRangeHeader == null ? Optional.empty() : Optional.of(parseRangeHeader.calculateRangeResponse(getContentLength(str)));
            } else {
                empty = Optional.empty();
            }
            try {
                Optional optional = empty;
                getInputStream(str, inputStream -> {
                    setResponseHeaders(httpServletRequest, optional, httpServletResponse);
                    ServletOutputStream outputStream = httpServletResponse.getOutputStream();
                    Throwable th = null;
                    try {
                        if (optional.isPresent()) {
                            copyRange(inputStream, outputStream, (RangeResponse) optional.get());
                        } else {
                            copyAll(inputStream, outputStream);
                        }
                        return Unit.Unit();
                    } finally {
                        if (outputStream != null) {
                            if (0 != 0) {
                                try {
                                    outputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                outputStream.close();
                            }
                        }
                    }
                });
            } catch (IOException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Error serving content to client", e);
                }
            } catch (PermissionException e2) {
                redirectForSecurityBreach(httpServletRequest, httpServletResponse);
            } catch (AttachmentNotFoundException | FileNotFoundException | NoAttachmentDataException e3) {
                log.error("Error finding " + httpServletRequest.getPathInfo() + " : " + e3.getMessage());
                send404(httpServletRequest, httpServletResponse);
            }
        } catch (BadRequestException e4) {
            send400(httpServletResponse, e4);
        } catch (RangeNotSatisfiableException e5) {
            send416(httpServletResponse, e5);
        }
    }

    private void send400(HttpServletResponse httpServletResponse, BadRequestException badRequestException) throws IOException {
        httpServletResponse.sendError(400, badRequestException.getMessage());
    }

    private void send416(HttpServletResponse httpServletResponse, RangeNotSatisfiableException rangeNotSatisfiableException) throws IOException {
        httpServletResponse.setHeader("Accept-Ranges", "bytes");
        httpServletResponse.setHeader("Content-Range", "bytes */" + rangeNotSatisfiableException.getActualContentLength());
        httpServletResponse.sendError(416, rangeNotSatisfiableException.getMessage());
    }

    protected abstract int getContentLength(String str);

    protected abstract boolean supportsRangeRequests();

    @VisibleForTesting
    protected void copyRange(InputStream inputStream, OutputStream outputStream, RangeResponse rangeResponse) throws IOException {
        int read;
        int startIndex = rangeResponse.getStartIndex();
        inputStream.skip(startIndex);
        if (rangeResponse.getEndIndex() == null) {
            IOUtils.copy(inputStream, outputStream);
            return;
        }
        int intValue = rangeResponse.getEndIndex().intValue();
        byte[] bArr = new byte[BUFFER_SIZE];
        while (startIndex <= intValue && (read = inputStream.read(bArr, 0, Math.min(BUFFER_SIZE, (intValue - startIndex) + 1))) != -1) {
            outputStream.write(bArr, 0, read);
            startIndex += read;
        }
    }

    private void copyAll(InputStream inputStream, OutputStream outputStream) throws IOException {
        IOUtils.copy(inputStream, outputStream);
    }

    @Nullable
    private RangeRequest parseRangeHeader(HttpServletRequest httpServletRequest) throws BadRequestException {
        String header = httpServletRequest.getHeader("Range");
        if (header == null) {
            return null;
        }
        return RangeRequest.parse(header);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final String attachmentQuery(HttpServletRequest httpServletRequest) {
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo == null || pathInfo.length() == 1 || pathInfo.indexOf(47, 1) == -1) {
            throw new InvalidAttachmentPathException();
        }
        return pathInfo;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Attachment getAttachment(String str) {
        int indexOf = str.indexOf(47, 1);
        String substring = str.substring(1, indexOf);
        try {
            Long l = new Long(substring);
            if (str.indexOf(47, indexOf + 1) != -1) {
                throw new AttachmentNotFoundException(substring);
            }
            return ComponentAccessor.getAttachmentManager().getAttachment(l);
        } catch (NumberFormatException e) {
            throw new AttachmentNotFoundException(substring);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean loggedInUserHasPermissionToViewAttachment(Attachment attachment) throws DataAccessException {
        return ComponentAccessor.getPermissionManager().hasPermission(ProjectPermissions.BROWSE_PROJECTS, attachment.getIssueObject(), getLoggedInUser());
    }

    protected abstract void getInputStream(String str, InputStreamConsumer<Unit> inputStreamConsumer) throws IOException, PermissionException;

    protected abstract void setResponseHeaders(HttpServletRequest httpServletRequest, Optional<RangeResponse> optional, HttpServletResponse httpServletResponse) throws InvalidAttachmentPathException, DataAccessException, IOException;

    /* JADX INFO: Access modifiers changed from: protected */
    public final ApplicationUser getLoggedInUser() {
        return ComponentAccessor.getJiraAuthenticationContext().getLoggedInUser();
    }
}
