package org.apereo.portal.rest;

import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.stream.XMLStreamException;
import javax.xml.transform.stax.StAXSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apereo.portal.EntityIdentifier;
import org.apereo.portal.io.xml.IPortalDataHandlerService;
import org.apereo.portal.io.xml.PortalDataKey;
import org.apereo.portal.security.IPersonManager;
import org.apereo.portal.services.AuthorizationServiceFacade;
import org.apereo.portal.xml.StaxUtils;
import org.apereo.portal.xml.XmlUtilities;
import org.apereo.portal.xml.stream.BufferedXMLEventReader;
import org.json.JSONException;
import org.json.XML;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.multipart.MultipartFile;

@Controller
/* loaded from: input_file:org/apereo/portal/rest/ImportExportController.class */
public class ImportExportController {
    final Log log = LogFactory.getLog(getClass());
    private IPersonManager personManager;
    private IPortalDataHandlerService portalDataHandlerService;
    private XmlUtilities xmlUtilities;

    @Autowired
    public void setXmlUtilities(XmlUtilities xmlUtilities) {
        this.xmlUtilities = xmlUtilities;
    }

    @Autowired
    public void setPersonManager(IPersonManager iPersonManager) {
        this.personManager = iPersonManager;
    }

    @Autowired
    public void setPortalDataHandlerService(IPortalDataHandlerService iPortalDataHandlerService) {
        this.portalDataHandlerService = iPortalDataHandlerService;
    }

    @RequestMapping(value = {"/import"}, method = {RequestMethod.POST})
    public void importEntity(@RequestParam("file") MultipartFile multipartFile, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, XMLStreamException {
        BufferedXMLEventReader createSourceXmlEventReader = createSourceXmlEventReader(multipartFile);
        PortalDataKey portalDataKey = getPortalDataKey(createSourceXmlEventReader);
        EntityIdentifier entityIdentifier = this.personManager.getPerson(httpServletRequest).getEntityIdentifier();
        if (!AuthorizationServiceFacade.instance().newPrincipal(entityIdentifier.getKey(), entityIdentifier.getType()).hasPermission("UP_SYSTEM", "IMPORT_ENTITY", portalDataKey.getName().getLocalPart())) {
            httpServletResponse.setStatus(401);
        } else {
            this.portalDataHandlerService.importData(new StAXSource(createSourceXmlEventReader));
            httpServletResponse.setStatus(200);
        }
    }

    protected BufferedXMLEventReader createSourceXmlEventReader(MultipartFile multipartFile) throws IOException {
        InputStream inputStream = multipartFile.getInputStream();
        try {
            return new BufferedXMLEventReader(this.xmlUtilities.getXmlInputFactory().createXMLEventReader(multipartFile.getOriginalFilename(), inputStream), -1);
        } catch (XMLStreamException e) {
            throw new RuntimeException("Failed to create XML Event Reader for data Source", e);
        }
    }

    protected PortalDataKey getPortalDataKey(BufferedXMLEventReader bufferedXMLEventReader) {
        PortalDataKey portalDataKey = new PortalDataKey(StaxUtils.getRootElement(bufferedXMLEventReader));
        bufferedXMLEventReader.reset();
        return portalDataKey;
    }

    @RequestMapping(value = {"/entity/{entityType}/{entityId}"}, method = {RequestMethod.DELETE})
    public void deleteEntity(@PathVariable("entityType") String str, @PathVariable("entityId") String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        EntityIdentifier entityIdentifier = this.personManager.getPerson(httpServletRequest).getEntityIdentifier();
        if (!AuthorizationServiceFacade.instance().newPrincipal(entityIdentifier.getKey(), entityIdentifier.getType()).hasPermission("UP_SYSTEM", "DELETE_ENTITY", str)) {
            httpServletResponse.setStatus(401);
        } else {
            this.portalDataHandlerService.deleteData(str, str2);
            httpServletResponse.setStatus(204);
        }
    }

    @RequestMapping(value = {"/entity/{entityType}/{entityId}"}, method = {RequestMethod.GET})
    public void exportEntity(@PathVariable("entityId") String str, @PathVariable("entityType") String str2, @RequestParam(value = "download", required = false) boolean z, @RequestParam(value = "format", defaultValue = "XML", required = false) String str3, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, JSONException {
        EntityIdentifier entityIdentifier = this.personManager.getPerson(httpServletRequest).getEntityIdentifier();
        if (!AuthorizationServiceFacade.instance().newPrincipal(entityIdentifier.getKey(), entityIdentifier.getType()).hasPermission("UP_SYSTEM", "EXPORT_ENTITY", str2)) {
            httpServletResponse.setStatus(401);
            return;
        }
        StringWriter stringWriter = new StringWriter();
        String exportData = this.portalDataHandlerService.exportData(str2, str, new StreamResult(stringWriter));
        PrintWriter writer = httpServletResponse.getWriter();
        if (z) {
            httpServletResponse.setHeader("Content-Disposition", "attachment; filename=\"" + exportData + "." + str2 + "." + str3.toLowerCase() + "\"");
        }
        if ("XML".equalsIgnoreCase(str3)) {
            writer.print(stringWriter.getBuffer());
        } else if ("JSON".equalsIgnoreCase(str3)) {
            writer.print(XML.toJSONObject(stringWriter.getBuffer().toString()));
        } else {
            httpServletResponse.setStatus(400);
        }
    }
}
