package org.kawanfw.sql.servlet;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.OutputStream;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.kawanfw.sql.api.server.firewall.SqlFirewallManager;
import org.kawanfw.sql.metadata.AceQLMetaData;
import org.kawanfw.sql.metadata.dto.JdbcDatabaseMetaDataDto;
import org.kawanfw.sql.metadata.dto.TableDto;
import org.kawanfw.sql.metadata.dto.TableNamesDto;
import org.kawanfw.sql.metadata.util.GsonWsUtil;
import org.kawanfw.sql.servlet.sql.json_return.JsonErrorReturn;
import org.kawanfw.sql.servlet.sql.json_return.JsonSecurityMessage;

/* loaded from: input_file:org/kawanfw/sql/servlet/MetadataQueryActionManager.class */
public class MetadataQueryActionManager {
    private HttpServletRequest request;
    private HttpServletResponse response;
    private Connection connection;
    private AceQLMetaData aceQLMetaData = null;
    List<SqlFirewallManager> sqlFirewallManagers;
    private OutputStream out;

    public MetadataQueryActionManager(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OutputStream outputStream, List<SqlFirewallManager> list, Connection connection) {
        this.request = null;
        this.response = null;
        this.connection = null;
        this.sqlFirewallManagers = new ArrayList();
        this.out = null;
        this.request = httpServletRequest;
        this.response = httpServletResponse;
        this.out = outputStream;
        this.sqlFirewallManagers = list;
        this.connection = connection;
    }

    public void execute() throws SQLException, IOException {
        try {
            executeInTryCatch(this.out);
        } catch (SecurityException e) {
            ServerSqlManager.writeLine(this.out, new JsonErrorReturn(this.response, 403, 3, e.getMessage()).build());
        } catch (SQLException e2) {
            ServerSqlManager.writeLine(this.out, new JsonErrorReturn(this.response, 400, 1, e2.getMessage()).build());
        } catch (Exception e3) {
            ServerSqlManager.writeLine(this.out, new JsonErrorReturn(this.response, 500, 4, e3.getMessage(), ExceptionUtils.getStackTrace(e3)).build());
        }
    }

    private void executeInTryCatch(OutputStream outputStream) throws SQLException, IOException, SecurityException, FileNotFoundException, IllegalArgumentException {
        this.aceQLMetaData = new AceQLMetaData(this.connection);
        String parameter = this.request.getParameter(HttpParameter.ACTION);
        String parameter2 = this.request.getParameter(HttpParameter.USERNAME);
        String parameter3 = this.request.getParameter(HttpParameter.DATABASE);
        boolean z = false;
        Iterator<SqlFirewallManager> it = this.sqlFirewallManagers.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            SqlFirewallManager next = it.next();
            z = next.allowMetadataQuery(parameter2, parameter3, this.connection);
            if (!z) {
                next.runIfStatementRefused(parameter2, parameter3, this.connection, this.request.getRemoteAddr(), true, "<void>", new ArrayList());
                break;
            }
        }
        if (!z) {
            HashMap hashMap = new HashMap();
            String parameter4 = this.request.getParameter(HttpParameter.PRETTY_PRINTING);
            System.err.println("prettyPrinting: " + parameter4);
            throw new SecurityException(JsonSecurityMessage.prepStatementNotAllowedBuild("<void>", "Metadata Query API calls are not allowed!", hashMap, new ArrayList(), Boolean.parseBoolean(parameter4)));
        }
        if (parameter.equals(HttpParameter.METADATA_QUERY_DB_SCHEMA_DOWNLOAD)) {
            new MetadataQuerySchemaDownloader(this.request, this.response, this.connection, this.aceQLMetaData).schemaDowload();
            return;
        }
        if (parameter.equals(HttpParameter.METADATA_QUERY_GET_DB_METADATA)) {
            String jSonString = GsonWsUtil.getJSonString(new JdbcDatabaseMetaDataDto(this.aceQLMetaData.getJdbcDatabaseMetaData()));
            this.response.setContentType("text/plain");
            ServerSqlManager.writeLine(outputStream, jSonString);
            return;
        }
        if (!parameter.equals(HttpParameter.METADATA_QUERY_GET_TABLE_DETAILS)) {
            if (!parameter.equals(HttpParameter.METADATA_QUERY_GET_TABLE_NAMES)) {
                throw new IllegalArgumentException("Unknown metadata_query action: " + parameter);
            }
            String parameter5 = this.request.getParameter(HttpParameter.TABLE_TYPE);
            new ArrayList();
            String jSonString2 = GsonWsUtil.getJSonString(new TableNamesDto((parameter5 == null || parameter5.isEmpty()) ? this.aceQLMetaData.getTableNames() : this.aceQLMetaData.getTableNames(parameter5)));
            this.response.setContentType("text/plain");
            ServerSqlManager.writeLine(outputStream, jSonString2);
            return;
        }
        String parameter6 = this.request.getParameter(HttpParameter.TABLE_NAME);
        this.response.setContentType("text/plain");
        HashSet hashSet = new HashSet();
        Iterator<String> it2 = this.aceQLMetaData.getTableNames().iterator();
        while (it2.hasNext()) {
            hashSet.add(it2.next().toLowerCase());
        }
        if (parameter6 == null || !hashSet.contains(parameter6.toLowerCase())) {
            ServerSqlManager.writeLine(outputStream, new JsonErrorReturn(this.response, 400, 2, JsonErrorReturn.INVALID_TABLE_NAME).build());
        } else {
            ServerSqlManager.writeLine(outputStream, GsonWsUtil.getJSonString(new TableDto(this.aceQLMetaData.getTable(parameter6))));
        }
    }
}
