package org.jenkinsci.plugins.scriptler;

import hudson.Extension;
import hudson.Util;
import hudson.model.Failure;
import hudson.model.ManagementLink;
import hudson.model.RootAction;
import hudson.security.Permission;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import jenkins.model.Jenkins;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang.StringUtils;
import org.jenkinsci.plugins.scriptler.config.Parameter;
import org.jenkinsci.plugins.scriptler.config.Script;
import org.jenkinsci.plugins.scriptler.config.ScriptlerConfiguration;
import org.jenkinsci.plugins.scriptler.git.GitScriptlerRepository;
import org.jenkinsci.plugins.scriptler.share.CatalogInfo;
import org.jenkinsci.plugins.scriptler.share.ScriptInfo;
import org.jenkinsci.plugins.scriptler.share.ScriptInfoCatalog;
import org.jenkinsci.plugins.scriptler.util.ScriptHelper;
import org.jenkinsci.plugins.scriptler.util.UIHelper;
import org.kohsuke.stapler.ForwardToView;
import org.kohsuke.stapler.HttpRedirect;
import org.kohsuke.stapler.HttpResponse;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.StaplerResponse;
import org.kohsuke.stapler.interceptor.RequirePOST;

@Extension
/* loaded from: input_file:org/jenkinsci/plugins/scriptler/ScriptlerManagement.class */
public class ScriptlerManagement extends ManagementLink implements RootAction {
    private static final Logger LOGGER = Logger.getLogger(ScriptlerManagement.class.getName());
    private static final String MASTER = "(master)";
    private static final String ALL = "(all)";
    private static final String ALL_SLAVES = "(all slaves)";

    public Permission getScriptlerRunScripts() {
        return ScriptlerPluginImpl.RUN_SCRIPTS;
    }

    public Permission getScriptlerConfigure() {
        return ScriptlerPluginImpl.CONFIGURE;
    }

    public boolean hasAtLeastOneScriptlerPermission() {
        return Jenkins.getInstance().hasPermission(ScriptlerPluginImpl.RUN_SCRIPTS) || Jenkins.getInstance().hasPermission(ScriptlerPluginImpl.CONFIGURE);
    }

    public void checkAtLeastOneScriptlerPermission() {
        if (Jenkins.getInstance().hasPermission(ScriptlerPluginImpl.RUN_SCRIPTS)) {
            return;
        }
        Jenkins.getInstance().checkPermission(ScriptlerPluginImpl.CONFIGURE);
    }

    public String getIconFileName() {
        if (hasAtLeastOneScriptlerPermission()) {
            return "notepad.gif";
        }
        return null;
    }

    public String getUrlName() {
        return "scriptler";
    }

    public boolean disableRemoteCatalog() {
        return getConfiguration().isDisbableRemoteCatalog();
    }

    public String getDisplayName() {
        return Messages.display_name();
    }

    public String getDescription() {
        return Messages.description();
    }

    public ScriptlerManagement getScriptler() {
        return this;
    }

    public ScriptlerConfiguration getConfiguration() {
        return ScriptlerConfiguration.getConfiguration();
    }

    public String getPluginResourcePath() {
        return Jenkins.getInstance().getRootUrl() + "plugin/" + Jenkins.getInstance().getPluginManager().getPlugin(ScriptlerPluginImpl.class).getShortName() + "/";
    }

    @RequirePOST
    public HttpResponse doScriptlerSettings(StaplerRequest staplerRequest, StaplerResponse staplerResponse, @QueryParameter("disableRemoteCatalog") boolean z) throws IOException {
        checkPermission(ScriptlerPluginImpl.CONFIGURE);
        ScriptlerConfiguration configuration = getConfiguration();
        configuration.setDisbableRemoteCatalog(z);
        configuration.save();
        return new HttpRedirect("settings");
    }

    @RequirePOST
    public HttpResponse doDownloadScript(StaplerRequest staplerRequest, StaplerResponse staplerResponse, @QueryParameter("id") String str, @QueryParameter("catalog") String str2) throws IOException, ServletException {
        checkPermission(ScriptlerPluginImpl.CONFIGURE);
        if (getConfiguration().isDisbableRemoteCatalog()) {
            return new HttpRedirect("index");
        }
        Iterator it = ScriptInfoCatalog.all().iterator();
        while (it.hasNext()) {
            ScriptInfoCatalog scriptInfoCatalog = (ScriptInfoCatalog) it.next();
            if (str2.equals(scriptInfoCatalog.getInfo().name)) {
                ScriptInfo entryById = scriptInfoCatalog.getEntryById(str);
                String scriptSource = scriptInfoCatalog.getScriptSource(entryById);
                ArrayList arrayList = new ArrayList();
                Iterator<String> it2 = entryById.getParameters().iterator();
                while (it2.hasNext()) {
                    arrayList.add(new Parameter(it2.next(), null));
                }
                return new HttpRedirect("editScript?id=" + saveScriptAndForward(str, entryById.getName(), entryById.getComment(), scriptSource, false, false, str2, str, (Parameter[]) arrayList.toArray(new Parameter[arrayList.size()])));
            }
        }
        ForwardToView forwardToView = new ForwardToView(this, "catalog.jelly");
        forwardToView.with("message", Messages.download_failed(str, str2));
        forwardToView.with("catName", str2);
        return forwardToView;
    }

    @RequirePOST
    public HttpResponse doScriptAdd(StaplerRequest staplerRequest, StaplerResponse staplerResponse, @QueryParameter("id") String str, @QueryParameter("name") String str2, @QueryParameter("comment") String str3, @QueryParameter("script") String str4, @QueryParameter("nonAdministerUsing") boolean z, @QueryParameter("onlyMaster") boolean z2, String str5, String str6) throws IOException, ServletException {
        checkPermission(ScriptlerPluginImpl.CONFIGURE);
        saveScriptAndForward(str, str2, str3, str4, z, z2, str5, str6, UIHelper.extractParameters(staplerRequest.getSubmittedForm()));
        return new HttpRedirect("index");
    }

    private String saveScriptAndForward(String str, String str2, String str3, String str4, boolean z, boolean z2, String str5, String str6, Parameter[] parameterArr) throws IOException {
        String str7 = str4 == null ? "TODO" : str4;
        if (StringUtils.isEmpty(str)) {
            throw new IllegalArgumentException("'id' must not be empty!");
        }
        String str8 = str2 == null ? str : str2;
        String fixFileName = fixFileName(str5, str);
        File file = new File(getScriptDirectory(), fixFileName);
        if (!Util.isDescendant(getScriptDirectory(), new File(getScriptDirectory(), fixFileName))) {
            LOGGER.log(Level.WARNING, "Folder traversal detected, file path received: {0}, after fixing: {1}", new Object[]{str, fixFileName});
            throw new IOException("Invalid file path received: " + str);
        }
        FileWriter fileWriter = new FileWriter(file);
        try {
            fileWriter.write(str7);
            fileWriter.close();
            commitFileToGitRepo(fixFileName);
            ScriptHelper.putScriptInApprovalQueueIfRequired(str7);
            Script script = !StringUtils.isEmpty(str6) ? new Script(fixFileName, str8, str3, true, str5, str6, new SimpleDateFormat("dd MMM yyyy HH:mm:ss a").format(new Date()), parameterArr) : new Script(fixFileName, str8, str3, z, parameterArr, z2);
            ScriptlerConfiguration configuration = getConfiguration();
            configuration.addOrReplace(script);
            configuration.save();
            return fixFileName;
        } catch (Throwable th) {
            fileWriter.close();
            throw th;
        }
    }

    private void commitFileToGitRepo(String str) throws IOException {
        try {
            getGitRepo().addSingleFileToRepo(str);
        } catch (Exception e) {
            throw new IOException("failed to update git repo", e);
        }
    }

    private GitScriptlerRepository getGitRepo() {
        return (GitScriptlerRepository) Jenkins.getInstance().getExtensionList(GitScriptlerRepository.class).get(GitScriptlerRepository.class);
    }

    @RequirePOST
    public HttpResponse doHardResetGit() throws IOException {
        checkPermission(ScriptlerPluginImpl.CONFIGURE);
        getGitRepo().hardReset();
        return new HttpRedirect("../scriptler.git");
    }

    @RequirePOST
    public HttpResponse doRemoveScript(StaplerRequest staplerRequest, StaplerResponse staplerResponse, @QueryParameter("id") String str) throws IOException {
        checkPermission(ScriptlerPluginImpl.CONFIGURE);
        File file = new File(getScriptDirectory(), str);
        if (!file.delete() && file.exists()) {
            throw new Failure("not able to delete " + file.getAbsolutePath());
        }
        try {
            ((GitScriptlerRepository) Jenkins.getInstance().getExtensionList(GitScriptlerRepository.class).get(GitScriptlerRepository.class)).rmSingleFileToRepo(str);
            ScriptlerConfiguration configuration = getConfiguration();
            configuration.removeScript(str);
            configuration.save();
            return new HttpRedirect("index");
        } catch (Exception e) {
            throw new IOException("failed to update git repo", e);
        }
    }

    @RequirePOST
    public HttpResponse doUploadScript(StaplerRequest staplerRequest) throws IOException, ServletException {
        checkPermission(ScriptlerPluginImpl.CONFIGURE);
        try {
            FileItem fileItem = staplerRequest.getFileItem("file");
            boolean z = staplerRequest.getSubmittedForm().getBoolean("nonAdministerUsing");
            String fileName = Util.getFileName(fileItem.getName());
            if (StringUtils.isEmpty(fileName)) {
                return new HttpRedirect(".");
            }
            saveScript(fileItem, z, fileName);
            return new HttpRedirect("index");
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            throw new ServletException(e2);
        }
    }

    void saveScript(FileItem fileItem, boolean z, String str) throws Exception, IOException {
        String fixFileName = fixFileName(null, str);
        if (new File(fixFileName).isAbsolute()) {
            LOGGER.log(Level.WARNING, "Folder traversal detected, file path received: {0}, after fixing: {1}. Seems to be an attempt to use absolute path instead of relative one", new Object[]{str, fixFileName});
            throw new IOException("Invalid file path received: " + str);
        }
        File scriptDirectory = getScriptDirectory();
        File file = new File(scriptDirectory, fixFileName);
        if (!Util.isDescendant(scriptDirectory, new File(scriptDirectory, fixFileName))) {
            LOGGER.log(Level.WARNING, "Folder traversal detected, file path received: {0}, after fixing: {1}. Seems to be an attempt to use folder escape.", new Object[]{str, fixFileName});
            throw new IOException("Invalid file path received: " + str);
        }
        fileItem.write(file);
        commitFileToGitRepo(fixFileName);
        Script script = ScriptHelper.getScript(fixFileName, false);
        if (script == null) {
            script = new Script(fixFileName, fixFileName, true, z, false);
        }
        ScriptHelper.putScriptInApprovalQueueIfRequired(FileUtils.readFileToString(file, "UTF-8"));
        getConfiguration().addOrReplace(script);
    }

    public void doRunScript(StaplerRequest staplerRequest, StaplerResponse staplerResponse, @QueryParameter("id") String str) throws IOException, ServletException {
        checkPermission(ScriptlerPluginImpl.RUN_SCRIPTS);
        Script script = ScriptHelper.getScript(str, true);
        if (script == null) {
            throw new IOException(Messages.scriptNotFound(str));
        }
        if (script.script == null) {
            staplerRequest.setAttribute("scriptNotFound", true);
        } else {
            boolean hasPermission = Jenkins.getInstance().hasPermission(Jenkins.RUN_SCRIPTS);
            if (!ScriptHelper.isApproved(script.script, false)) {
                staplerRequest.setAttribute("notApprovedYet", true);
            }
            staplerRequest.setAttribute("canByPassScriptApproval", Boolean.valueOf(hasPermission));
        }
        staplerRequest.setAttribute("script", script);
        staplerRequest.setAttribute("currentNode", MASTER);
        staplerRequest.getView(this, "runScript.jelly").forward(staplerRequest, staplerResponse);
    }

    @RequirePOST
    public void doTriggerScript(StaplerRequest staplerRequest, StaplerResponse staplerResponse, @QueryParameter("id") String str, @QueryParameter("script") String str2, @QueryParameter("node") String str3) throws IOException, ServletException {
        String str4;
        checkPermission(ScriptlerPluginImpl.RUN_SCRIPTS);
        Parameter[] extractParameters = UIHelper.extractParameters(staplerRequest.getSubmittedForm());
        boolean hasPermission = Jenkins.getInstance().hasPermission(Jenkins.RUN_SCRIPTS);
        Script script = ScriptHelper.getScript(str, true);
        if (script == null) {
            staplerResponse.sendError(404, "No script found for id=" + str);
            return;
        }
        String str5 = script.script;
        Script copy = script.copy();
        if (str5 == null || !str5.equals(str2)) {
            copy.setScript(str2);
            ScriptHelper.putScriptInApprovalQueueIfRequired(str2);
        } else {
            copy.setScript(str5);
        }
        if (ScriptHelper.isApproved(str2)) {
            str4 = ScriptHelper.runScript(resolveSlaveNames(str3), str2, extractParameters);
        } else {
            LOGGER.log(Level.WARNING, "Script {0} was not approved yet, consider asking your administrator to approve it.", str);
            str4 = null;
            staplerRequest.setAttribute("notApprovedYet", true);
        }
        copy.setParameters(extractParameters);
        staplerRequest.setAttribute("script", copy);
        staplerRequest.setAttribute("currentNode", str3);
        staplerRequest.setAttribute("output", str4);
        staplerRequest.setAttribute("canByPassScriptApproval", Boolean.valueOf(hasPermission));
        staplerRequest.getView(this, "runScript.jelly").forward(staplerRequest, staplerResponse);
    }

    @RequirePOST
    public void doRun(StaplerRequest staplerRequest, StaplerResponse staplerResponse, @QueryParameter(fixEmpty = true) String str, @QueryParameter(fixEmpty = true) String str2, @QueryParameter(fixEmpty = true) String str3) throws IOException, ServletException {
        checkPermission(ScriptlerPluginImpl.RUN_SCRIPTS);
        String restOfPath = staplerRequest.getRestOfPath();
        if (restOfPath.startsWith("/")) {
            restOfPath = restOfPath.substring(1);
        }
        if (StringUtils.isEmpty(restOfPath)) {
            throw new RuntimeException("Please specify a script id. Use /scriptler/run/<yourScriptId>");
        }
        Script script = ScriptHelper.getScript(restOfPath, true);
        if (script == null) {
            throw new RuntimeException("Unknown script: " + restOfPath + ". Use /scriptler/run/<yourScriptId>");
        }
        if (str == null) {
            str = script.script;
        }
        if (!ScriptHelper.isApproved(str)) {
            LOGGER.log(Level.WARNING, "Script {0} was not approved yet, consider asking your administrator to approve it.", restOfPath);
            staplerResponse.sendError(403, "Script not approved yet, consider asking your administrator to approve it.");
            return;
        }
        Parameter[] prepareParameters = prepareParameters(staplerRequest, script);
        staplerResponse.setContentType(str3 == null ? "text/plain" : str3);
        String[] resolveSlaveNames = resolveSlaveNames(str2 == null ? MASTER : str2);
        if (resolveSlaveNames.length > 1) {
            staplerResponse.getOutputStream().print(ScriptHelper.runScript(resolveSlaveNames, str, prepareParameters));
        } else {
            staplerResponse.getOutputStream().print(ScriptHelper.runScript(resolveSlaveNames[0], str, prepareParameters));
        }
    }

    private Parameter[] prepareParameters(StaplerRequest staplerRequest, Script script) {
        HashMap hashMap = new HashMap();
        for (Parameter parameter : script.getParameters()) {
            hashMap.put(parameter.getName(), parameter);
        }
        for (Map.Entry entry : staplerRequest.getParameterMap().entrySet()) {
            if (hashMap.containsKey(entry.getKey())) {
                hashMap.put(entry.getKey(), new Parameter((String) entry.getKey(), ((String[]) entry.getValue())[0]));
            }
        }
        return (Parameter[]) hashMap.values().toArray(new Parameter[hashMap.size()]);
    }

    private String[] resolveSlaveNames(String str) {
        List<String> slaveNames;
        if (str.equalsIgnoreCase(ALL) || str.equalsIgnoreCase(ALL_SLAVES)) {
            slaveNames = getSlaveNames();
            if (str.equalsIgnoreCase(ALL) && !slaveNames.contains(MASTER)) {
                slaveNames.add(MASTER);
            }
            if (str.equalsIgnoreCase(ALL_SLAVES)) {
                slaveNames.remove(MASTER);
            }
        } else {
            slaveNames = Arrays.asList(str);
        }
        return (String[]) slaveNames.toArray(new String[slaveNames.size()]);
    }

    public void doShowScript(StaplerRequest staplerRequest, StaplerResponse staplerResponse, @QueryParameter("id") String str) throws IOException, ServletException {
        staplerRequest.setAttribute("script", ScriptHelper.getScript(str, true));
        staplerRequest.getView(this, "show.jelly").forward(staplerRequest, staplerResponse);
    }

    public void doEditScript(StaplerRequest staplerRequest, StaplerResponse staplerResponse, @QueryParameter("id") String str) throws IOException, ServletException {
        checkPermission(ScriptlerPluginImpl.CONFIGURE);
        Script script = ScriptHelper.getScript(str, true);
        if (script.script == null) {
            staplerRequest.setAttribute("scriptNotFound", true);
        } else {
            boolean hasPermission = Jenkins.getInstance().hasPermission(Jenkins.RUN_SCRIPTS);
            if (!ScriptHelper.isApproved(script.script, false)) {
                staplerRequest.setAttribute("notApprovedYet", true);
            }
            staplerRequest.setAttribute("canByPassScriptApproval", Boolean.valueOf(hasPermission));
        }
        staplerRequest.setAttribute("script", script);
        staplerRequest.getView(this, "edit.jelly").forward(staplerRequest, staplerResponse);
    }

    public List<String> getSlaveAlias(Script script) {
        if (script.onlyMaster) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(MASTER);
            return arrayList;
        }
        List<String> slaveNames = getSlaveNames();
        if (!slaveNames.contains(MASTER)) {
            slaveNames.add(0, MASTER);
        }
        if (slaveNames.size() > 0) {
            if (!slaveNames.contains(ALL)) {
                slaveNames.add(1, ALL);
            }
            if (!slaveNames.contains(ALL_SLAVES)) {
                slaveNames.add(2, ALL_SLAVES);
            }
        }
        return slaveNames;
    }

    private List<String> getSlaveNames() {
        List list = Jenkins.getInstance().getComputer().get_slaveNames();
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(list);
        return arrayList;
    }

    public List<ScriptInfoCatalog> getCatalogs() {
        return ScriptInfoCatalog.all();
    }

    public ScriptInfoCatalog<? extends ScriptInfo> getCatalogByName(String str) {
        if (!StringUtils.isNotBlank(str)) {
            return null;
        }
        for (ScriptInfoCatalog<? extends ScriptInfo> scriptInfoCatalog : getCatalogs()) {
            if (str.equals(scriptInfoCatalog.getInfo().name)) {
                return scriptInfoCatalog;
            }
        }
        return null;
    }

    public CatalogInfo getCatalogInfoByName(String str) {
        if (!StringUtils.isNotBlank(str)) {
            return null;
        }
        Iterator<ScriptInfoCatalog> it = getCatalogs().iterator();
        while (it.hasNext()) {
            CatalogInfo info = it.next().getInfo();
            if (str.equals(info.name)) {
                return info;
            }
        }
        return null;
    }

    public static File getScriptDirectory() {
        return new File(getScriptlerHomeDirectory(), "scripts");
    }

    public static File getScriptlerHomeDirectory() {
        return new File(Jenkins.getInstance().getRootDir(), "scriptler");
    }

    private void checkPermission(Permission permission) {
        Jenkins.getInstance().checkPermission(permission);
    }

    private String fixFileName(String str, String str2) {
        if (!str2.endsWith(".groovy")) {
            if (!StringUtils.isEmpty(str)) {
                str2 = str2 + "." + str;
            }
            str2 = str2 + ".groovy";
        }
        String trim = str2.replace(" ", "_").trim();
        LOGGER.fine("set file name to: " + trim);
        return trim;
    }
}
