package com.liferay.commerce.media.internal.servlet;

import com.liferay.asset.kernel.model.AssetCategory;
import com.liferay.asset.kernel.service.AssetCategoryLocalService;
import com.liferay.commerce.media.CommerceMediaProvider;
import com.liferay.commerce.product.model.CPAttachmentFileEntry;
import com.liferay.commerce.product.model.CPDefinition;
import com.liferay.commerce.product.model.CPInstance;
import com.liferay.commerce.product.model.CommerceCatalog;
import com.liferay.commerce.product.permission.CommerceProductViewPermission;
import com.liferay.commerce.product.service.CPAttachmentFileEntryLocalService;
import com.liferay.commerce.product.service.CPDefinitionLocalService;
import com.liferay.commerce.product.service.CPInstanceLocalService;
import com.liferay.commerce.product.type.virtual.model.CPDefinitionVirtualSetting;
import com.liferay.commerce.product.type.virtual.order.model.CommerceVirtualOrderItem;
import com.liferay.commerce.product.type.virtual.order.model.CommerceVirtualOrderItemFileEntry;
import com.liferay.commerce.product.type.virtual.order.service.CommerceVirtualOrderItemFileEntryLocalService;
import com.liferay.commerce.product.type.virtual.order.service.CommerceVirtualOrderItemService;
import com.liferay.commerce.product.type.virtual.service.CPDefinitionVirtualSettingLocalService;
import com.liferay.document.library.kernel.service.DLAppLocalService;
import com.liferay.petra.function.transform.TransformUtil;
import com.liferay.petra.string.StringBundler;
import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.json.JSONUtil;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.repository.model.FileEntry;
import com.liferay.portal.kernel.security.auth.PrincipalException;
import com.liferay.portal.kernel.security.auth.PrincipalThreadLocal;
import com.liferay.portal.kernel.security.permission.PermissionCheckerFactoryUtil;
import com.liferay.portal.kernel.security.permission.PermissionThreadLocal;
import com.liferay.portal.kernel.security.permission.resource.ModelResourcePermission;
import com.liferay.portal.kernel.service.CompanyLocalService;
import com.liferay.portal.kernel.service.UserLocalService;
import com.liferay.portal.kernel.servlet.PortalSessionThreadLocal;
import com.liferay.portal.kernel.servlet.ServletResponseUtil;
import com.liferay.portal.kernel.util.ArrayUtil;
import com.liferay.portal.kernel.util.File;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.HttpComponentsUtil;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.Portal;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portlet.asset.service.permission.AssetCategoryPermission;
import java.io.IOException;
import javax.servlet.Servlet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

@Component(property = {"osgi.http.whiteboard.context.path=/commerce-media", "osgi.http.whiteboard.servlet.name=com.liferay.commerce.media.servlet.CommerceMediaServlet", "osgi.http.whiteboard.servlet.pattern=/commerce-media/*"}, service = {Servlet.class})
/* loaded from: input_file:com/liferay/commerce/media/internal/servlet/CommerceMediaServlet.class */
public class CommerceMediaServlet extends HttpServlet {
    private static final Log _log = LogFactoryUtil.getLog(CommerceMediaServlet.class);

    @Reference
    private AssetCategoryLocalService _assetCategoryLocalService;

    @Reference(target = "(model.class.name=com.liferay.commerce.product.model.CommerceCatalog)")
    private ModelResourcePermission<CommerceCatalog> _commerceCatalogModelResourcePermission;

    @Reference
    private CommerceMediaProvider _commerceMediaProvider;

    @Reference
    private CommerceProductViewPermission _commerceProductViewPermission;

    @Reference
    private CommerceVirtualOrderItemFileEntryLocalService _commerceVirtualOrderItemFileEntryLocalService;

    @Reference(target = "(model.class.name=com.liferay.commerce.product.type.virtual.order.model.CommerceVirtualOrderItemFileEntry)")
    private ModelResourcePermission<CommerceVirtualOrderItemFileEntry> _commerceVirtualOrderItemFileEntryModelResourcePermission;

    @Reference
    private CommerceVirtualOrderItemService _commerceVirtualOrderItemService;

    @Reference
    private CompanyLocalService _companyLocalService;

    @Reference
    private CPAttachmentFileEntryLocalService _cpAttachmentFileEntryLocalService;

    @Reference
    private CPDefinitionLocalService _cpDefinitionLocalService;

    @Reference
    private CPDefinitionVirtualSettingLocalService _cpDefinitionVirtualSettingLocalService;

    @Reference
    private CPInstanceLocalService _cpInstanceLocalService;

    @Reference
    private DLAppLocalService _dlAppLocalService;

    @Reference
    private File _file;

    @Reference
    private Portal _portal;

    @Reference
    private UserLocalService _userLocalService;

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (PortalSessionThreadLocal.getHttpSession() == null) {
            PortalSessionThreadLocal.setHttpSession(httpServletRequest.getSession());
        }
        try {
            User user = this._portal.getUser(httpServletRequest);
            if (user == null) {
                user = this._userLocalService.getGuestUser(this._portal.getCompanyId(httpServletRequest));
            }
            PermissionThreadLocal.setPermissionChecker(PermissionCheckerFactoryUtil.create(user));
            PrincipalThreadLocal.setName(user.getUserId());
            _sendMediaBytes(httpServletRequest, httpServletResponse, ParamUtil.getBoolean(httpServletRequest, "download") ? "attachment" : "inline");
        } catch (Exception e) {
            _log.error(e);
            httpServletResponse.sendError(404);
        }
    }

    private FileEntry _getFileEntry(HttpServletRequest httpServletRequest) throws PortalException {
        String[] split = StringUtil.split(HttpComponentsUtil.fixPath(httpServletRequest.getPathInfo()), '/');
        if (split.length < 2) {
            return null;
        }
        String str = split[3];
        if (str.contains("?")) {
            str = StringUtil.split(str, "?")[0];
        }
        return _getFileEntry(this._cpAttachmentFileEntryLocalService.getCPAttachmentFileEntry(GetterUtil.getLongStrict(str)).getFileEntryId());
    }

    private FileEntry _getFileEntry(long j) {
        try {
            return this._dlAppLocalService.getFileEntry(j);
        } catch (PortalException e) {
            if (!_log.isDebugEnabled()) {
                return null;
            }
            _log.debug(e);
            return null;
        }
    }

    private long _getGroupId(long j, long j2) throws PortalException {
        CPAttachmentFileEntry cPAttachmentFileEntry = this._cpAttachmentFileEntryLocalService.getCPAttachmentFileEntry(j2);
        String className = cPAttachmentFileEntry.getClassName();
        if (className.equals(AssetCategory.class.getName())) {
            AssetCategory fetchCategory = this._assetCategoryLocalService.fetchCategory(cPAttachmentFileEntry.getClassPK());
            try {
                if (AssetCategoryPermission.contains(PermissionThreadLocal.getPermissionChecker(), fetchCategory, "VIEW")) {
                    return this._companyLocalService.getCompany(fetchCategory.getCompanyId()).getGroupId();
                }
                return 0L;
            } catch (PortalException e) {
                _log.error(e);
                return 0L;
            }
        }
        if (!className.equals(CPDefinition.class.getName())) {
            return 0L;
        }
        CPDefinition cPDefinition = this._cpDefinitionLocalService.getCPDefinition(cPAttachmentFileEntry.getClassPK());
        if (j == Long.MIN_VALUE) {
            this._commerceCatalogModelResourcePermission.check(PermissionThreadLocal.getPermissionChecker(), cPDefinition.getCommerceCatalog(), "VIEW");
        } else {
            this._commerceProductViewPermission.check(PermissionThreadLocal.getPermissionChecker(), j, cPDefinition.getCPDefinitionId());
        }
        return cPDefinition.getGroupId();
    }

    private void _sendDefaultMediaBytes(long j, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        try {
            FileEntry defaultImageFileEntry = this._commerceMediaProvider.getDefaultImageFileEntry(this._portal.getCompanyId(httpServletRequest), j);
            ServletResponseUtil.sendFile(httpServletRequest, httpServletResponse, defaultImageFileEntry.getFileName(), this._file.getBytes(defaultImageFileEntry.getContentStream()), defaultImageFileEntry.getMimeType(), str);
        } catch (Exception e) {
            _log.error(e);
            httpServletResponse.sendError(404);
        }
    }

    private void _sendError(HttpServletResponse httpServletResponse, int i, String str) {
        try {
            httpServletResponse.getWriter().write(JSONUtil.put("error", JSONUtil.put("code", Integer.valueOf(i)).put("message", str)).toString());
            httpServletResponse.setContentType("application/json");
            httpServletResponse.setStatus(i);
        } catch (IOException e) {
            _log.error(e);
            httpServletResponse.setStatus(500);
        }
    }

    private void _sendMediaBytes(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        String[] split = StringUtil.split(HttpComponentsUtil.fixPath(httpServletRequest.getPathInfo()), '/');
        if ("/virtual-order-item/".contains(split[0])) {
            long longStrict = GetterUtil.getLongStrict(split[1]);
            long longStrict2 = GetterUtil.getLongStrict(split[3]);
            try {
                CommerceVirtualOrderItem fetchCommerceVirtualOrderItem = this._commerceVirtualOrderItemService.fetchCommerceVirtualOrderItem(longStrict);
                if (fetchCommerceVirtualOrderItem == null) {
                    _sendError(httpServletResponse, 404, "The commerce virtual order item " + longStrict + " does not exist");
                    return;
                }
                if (!ArrayUtil.contains(TransformUtil.transformToLongArray(fetchCommerceVirtualOrderItem.getCommerceVirtualOrderItemFileEntries(), commerceVirtualOrderItemFileEntry -> {
                    return Long.valueOf(commerceVirtualOrderItemFileEntry.getFileEntryId());
                }), longStrict2)) {
                    _sendError(httpServletResponse, 404, "The commerce virtual order item file entry " + longStrict2 + " does not exist");
                    _sendError(httpServletResponse, 404, StringBundler.concat(new Object[]{"The commerce virtual order item ", Long.valueOf(longStrict), " does not have commerce virtual order item file ", "entry ", Long.valueOf(longStrict2)}));
                    return;
                }
                FileEntry _getFileEntry = _getFileEntry(longStrict2);
                if (_getFileEntry == null) {
                    _sendError(httpServletResponse, 404, "The file entry " + longStrict2 + " does not exist");
                    return;
                }
                CommerceVirtualOrderItemFileEntry fetchCommerceVirtualOrderItemFileEntry = this._commerceVirtualOrderItemFileEntryLocalService.fetchCommerceVirtualOrderItemFileEntry(longStrict, longStrict2);
                if (fetchCommerceVirtualOrderItemFileEntry == null) {
                    _sendError(httpServletResponse, 404, "The file entry " + longStrict2 + " does not exist");
                    return;
                } else if (!this._commerceVirtualOrderItemFileEntryModelResourcePermission.contains(PermissionThreadLocal.getPermissionChecker(), fetchCommerceVirtualOrderItemFileEntry, "DOWNLOAD_COMMERCE_VIRTUAL_ORDER_ITEM")) {
                    _sendError(httpServletResponse, 401, "You do not have permission to access the requested resource");
                    return;
                } else {
                    ServletResponseUtil.sendFile(httpServletRequest, httpServletResponse, _getFileEntry.getFileName(), this._file.getBytes(_getFileEntry.getContentStream()), _getFileEntry.getMimeType(), "attachment");
                    this._commerceVirtualOrderItemFileEntryLocalService.incrementUsages(fetchCommerceVirtualOrderItemFileEntry.getCommerceVirtualOrderItemFileEntryId());
                    return;
                }
            } catch (PortalException e) {
                if (_log.isDebugEnabled()) {
                    _log.debug(e);
                }
                if (e instanceof PrincipalException) {
                    _sendError(httpServletResponse, 401, "You do not have permission to access the requested resource");
                    return;
                } else {
                    _sendError(httpServletResponse, 500, "An unexpected error occurred");
                    return;
                }
            }
        }
        if (split.length >= 6) {
            if ("/virtual-product/".contains(split[2])) {
                _sendVirtualSettingsMediaBytes(httpServletRequest, httpServletResponse, CPDefinition.class.getName(), false, split);
                return;
            }
            if ("/virtual-product-sample/".contains(split[2])) {
                _sendVirtualSettingsMediaBytes(httpServletRequest, httpServletResponse, CPDefinition.class.getName(), true, split);
                return;
            } else if ("/virtual-sku/".contains(split[2])) {
                _sendVirtualSettingsMediaBytes(httpServletRequest, httpServletResponse, CPInstance.class.getName(), false, split);
                return;
            } else if ("/virtual-sku-sample/".contains(split[2])) {
                _sendVirtualSettingsMediaBytes(httpServletRequest, httpServletResponse, CPInstance.class.getName(), true, split);
                return;
            }
        }
        if (split.length < 2) {
            long j = ParamUtil.getLong(httpServletRequest, "groupId");
            if (j == 0) {
                httpServletResponse.sendError(404);
                return;
            } else {
                _sendDefaultMediaBytes(j, httpServletRequest, httpServletResponse, str);
                return;
            }
        }
        try {
            String str2 = split[3];
            if (str2.contains("?")) {
                str2 = StringUtil.split(str2, "?")[0];
            }
            long _getGroupId = _getGroupId(GetterUtil.getLongStrict(split[1]), GetterUtil.getLongStrict(str2));
            if (_getGroupId == 0) {
                httpServletResponse.sendError(404);
                return;
            }
            FileEntry _getFileEntry2 = _getFileEntry(httpServletRequest);
            if (_getFileEntry2 == null) {
                _sendDefaultMediaBytes(_getGroupId, httpServletRequest, httpServletResponse, str);
            } else {
                ServletResponseUtil.sendFile(httpServletRequest, httpServletResponse, _getFileEntry2.getFileName(), this._file.getBytes(_getFileEntry2.getContentStream()), _getFileEntry2.getMimeType(), str);
            }
        } catch (PortalException e2) {
            _log.error(e2);
            httpServletResponse.sendError(404);
        }
    }

    private void _sendVirtualSettingsMediaBytes(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, boolean z, String[] strArr) throws IOException {
        CPDefinition fetchCPDefinition;
        FileEntry _getFileEntry;
        long longStrict = GetterUtil.getLongStrict(strArr[1]);
        long longStrict2 = GetterUtil.getLongStrict(strArr[3]);
        long longStrict3 = GetterUtil.getLongStrict(strArr[5]);
        try {
            if (str.equals(CPInstance.class.getName())) {
                CPInstance fetchCPInstance = this._cpInstanceLocalService.fetchCPInstance(longStrict2);
                if (fetchCPInstance == null) {
                    _sendError(httpServletResponse, 404, "The commerce product instance " + longStrict2 + " does not exist");
                    return;
                }
                fetchCPDefinition = fetchCPInstance.getCPDefinition();
            } else {
                fetchCPDefinition = this._cpDefinitionLocalService.fetchCPDefinition(longStrict2);
                if (fetchCPDefinition == null) {
                    _sendError(httpServletResponse, 404, "The commerce product definition " + longStrict2 + " does not exist");
                    return;
                }
            }
            if (longStrict == Long.MIN_VALUE) {
                this._commerceCatalogModelResourcePermission.check(PermissionThreadLocal.getPermissionChecker(), fetchCPDefinition.getCommerceCatalog(), "VIEW");
            } else {
                if (!z) {
                    _sendError(httpServletResponse, 401, "You do not have permission to access the requested resource");
                    return;
                }
                this._commerceProductViewPermission.check(PermissionThreadLocal.getPermissionChecker(), longStrict, fetchCPDefinition.getCPDefinitionId());
            }
            CPDefinitionVirtualSetting fetchCPDefinitionVirtualSetting = this._cpDefinitionVirtualSettingLocalService.fetchCPDefinitionVirtualSetting(str, longStrict2);
            if (fetchCPDefinitionVirtualSetting == null) {
                _sendError(httpServletResponse, 404, "The commerce product definition " + longStrict2 + " is not virtual");
                return;
            }
            if (z) {
                _getFileEntry = fetchCPDefinitionVirtualSetting.getSampleFileEntry();
                if (_getFileEntry == null || _getFileEntry.getFileEntryId() != longStrict3) {
                    _sendError(httpServletResponse, 404, "The file entry " + longStrict3 + " does not exist");
                    return;
                }
            } else {
                if (!ArrayUtil.contains(TransformUtil.transformToLongArray(fetchCPDefinitionVirtualSetting.getCPDVirtualSettingFileEntries(), cPDVirtualSettingFileEntry -> {
                    return Long.valueOf(cPDVirtualSettingFileEntry.getCPDefinitionVirtualSettingFileEntryId());
                }), longStrict3)) {
                    _sendError(httpServletResponse, 404, "The file entry " + longStrict3 + " does not exist");
                    return;
                }
                _getFileEntry = _getFileEntry(longStrict3);
            }
            ServletResponseUtil.sendFile(httpServletRequest, httpServletResponse, _getFileEntry.getFileName(), this._file.getBytes(_getFileEntry.getContentStream()), _getFileEntry.getMimeType(), "attachment");
        } catch (PortalException e) {
            if (_log.isDebugEnabled()) {
                _log.debug(e);
            }
            if (e instanceof PrincipalException) {
                _sendError(httpServletResponse, 401, "You do not have permission to access the requested resource");
            } else {
                _sendError(httpServletResponse, 500, "An unexpected error occurred");
            }
        }
    }
}
