package org.akaza.openclinica.controller.openrosa;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Locale;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.akaza.openclinica.bean.core.Status;
import org.akaza.openclinica.bean.managestudy.StudySubjectBean;
import org.akaza.openclinica.bean.rule.FileProperties;
import org.akaza.openclinica.control.submit.UploadFileServlet;
import org.akaza.openclinica.dao.core.CoreResources;
import org.akaza.openclinica.dao.hibernate.StudyDao;
import org.akaza.openclinica.dao.hibernate.StudyParameterValueDao;
import org.akaza.openclinica.domain.datamap.Study;
import org.akaza.openclinica.domain.datamap.StudyParameterValue;
import org.akaza.openclinica.exception.OpenClinicaSystemException;
import org.akaza.openclinica.i18n.core.LocaleResolver;
import org.akaza.openclinica.service.pmanage.ParticipantPortalRegistrar;
import org.akaza.openclinica.web.pform.PFormCache;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.exception.ExceptionUtils;
import org.apache.poi.util.TempFile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BindingResult;
import org.springframework.validation.DataBinder;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

@RequestMapping({"/openrosa"})
@Controller
/* loaded from: input_file:WEB-INF/classes/org/akaza/openclinica/controller/openrosa/OpenRosaSubmissionController.class */
public class OpenRosaSubmissionController {

    @Autowired
    ServletContext context;

    @Autowired
    private OpenRosaSubmissionService openRosaSubmissionService;

    @Autowired
    private StudyDao studyDao;

    @Autowired
    private StudyParameterValueDao studyParameterValueDao;

    @Autowired
    PformSubmissionNotificationService notifier;
    protected final Logger logger = LoggerFactory.getLogger(getClass().getName());
    public static final String FORM_CONTEXT = "ecid";

    @RequestMapping(value = {"/{studyOID}/submission"}, method = {RequestMethod.POST})
    public ResponseEntity<String> doSubmission(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @PathVariable("studyOID") String str, @RequestParam("ecid") String str2) {
        this.logger.info("Processing xform submission.");
        HashMap<String, String> hashMap = null;
        Locale locale = LocaleResolver.getLocale(httpServletRequest);
        BindingResult bindingResult = new DataBinder(null).getBindingResult();
        Study findByOcOID = this.studyDao.findByOcOID(str);
        String str3 = null;
        HashMap hashMap2 = new HashMap();
        ArrayList<HashMap> arrayList = new ArrayList<>();
        try {
        } catch (Exception e) {
            this.logger.error("Exception while processing xform submission.");
            this.logger.error(e.getMessage());
            this.logger.error(ExceptionUtils.getStackTrace(e));
            if (!bindingResult.hasErrors()) {
                this.logger.info("Submission caused internal error.  Sending error response.");
                return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
            }
        }
        if (!mayProceed(str)) {
            this.logger.info("Submissions to the study not allowed.  Aborting submission.");
            return new ResponseEntity<>(HttpStatus.NOT_ACCEPTABLE);
        }
        if (ServletFileUpload.isMultipartContent(httpServletRequest)) {
            String attachedFilePath = getAttachedFilePath(str);
            FileProperties fileProperties = new FileProperties();
            ServletFileUpload servletFileUpload = new ServletFileUpload(new DiskFileItemFactory());
            servletFileUpload.setFileSizeMax(fileProperties.getFileSizeMax().longValue());
            for (FileItem fileItem : servletFileUpload.parseRequest(httpServletRequest)) {
                if (fileItem.getContentType() != null && !fileItem.getFieldName().equals("xml_submission_file")) {
                    if (!new File(attachedFilePath).exists()) {
                        new File(attachedFilePath).mkdirs();
                    }
                    hashMap2.put(fileItem.getFieldName(), processUploadedFile(fileItem, attachedFilePath).getPath());
                } else if (fileItem.getFieldName().equals("xml_submission_file")) {
                    str3 = fileItem.getString("UTF-8");
                }
            }
            arrayList.add(hashMap2);
        } else {
            str3 = IOUtils.toString((InputStream) httpServletRequest.getInputStream(), "UTF-8");
        }
        hashMap = PFormCache.getInstance(this.context).getSubjectContext(str2);
        this.openRosaSubmissionService.processRequest(findByOcOID, hashMap, str3, bindingResult, locale, arrayList);
        if (bindingResult.hasErrors()) {
            this.logger.info("Submission contained errors. Sending error response");
            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
        }
        this.notifier.notify(str, hashMap);
        this.logger.info("Completed xform submission. Sending successful response");
        return new ResponseEntity<>("<OpenRosaResponse xmlns=\"http://openrosa.org/http/response\"><message>success</message></OpenRosaResponse>", HttpStatus.CREATED);
    }

    private Study getParentStudy(String str) {
        Study findByOcOID = this.studyDao.findByOcOID(str);
        Study study = findByOcOID.getStudy();
        return (study == null || study.getStudyId() <= 0) ? findByOcOID : study;
    }

    private boolean mayProceed(String str) throws Exception {
        return mayProceed(str, null);
    }

    private boolean mayProceed(String str, StudySubjectBean studySubjectBean) throws Exception {
        boolean z = false;
        ParticipantPortalRegistrar participantPortalRegistrar = new ParticipantPortalRegistrar();
        Study parentStudy = getParentStudy(str);
        StudyParameterValue findByStudyIdParameter = this.studyParameterValueDao.findByStudyIdParameter(parentStudy.getStudyId(), "participantPortal");
        String str2 = participantPortalRegistrar.getRegistrationStatus(str).toString();
        String str3 = findByStudyIdParameter.getValue().toString();
        String str4 = parentStudy.getStatus().getName().toString();
        if (studySubjectBean == null) {
            this.logger.info("pManageStatus: " + str2 + "  participantStatus: " + str3 + "   studyStatus: " + str4);
            if (str3.equalsIgnoreCase("enabled") && str4.equalsIgnoreCase("available") && str2.equalsIgnoreCase("ACTIVE")) {
                z = true;
            }
        } else {
            this.logger.info("pManageStatus: " + str2 + "  participantStatus: " + str3 + "   studyStatus: " + str4 + "  studySubjectStatus: " + studySubjectBean.getStatus().getName());
            if (str3.equalsIgnoreCase("enabled") && str4.equalsIgnoreCase("available") && str2.equalsIgnoreCase("ACTIVE") && studySubjectBean.getStatus() == Status.AVAILABLE) {
                z = true;
            }
        }
        return z;
    }

    public static String getAttachedFilePath(String str) throws Exception {
        String field = CoreResources.getField("attached_file_location");
        if (field == null || field.length() <= 0) {
            field = CoreResources.getField("filePath") + "attached_files" + File.separator;
        }
        if (new File(field, str).getCanonicalPath().startsWith(field)) {
            return (field == null || field.length() <= 0) ? CoreResources.getField("filePath") + "attached_files" + File.separator + str + File.separator : field + str + File.separator;
        }
        throw new RuntimeException("Traversal attempt - file path not allowed " + str);
    }

    private File processUploadedFile(FileItem fileItem, String str) {
        String property = str == null ? System.getProperty(TempFile.JAVA_IO_TMPDIR) : str;
        String name = fileItem.getName();
        int lastIndexOf = name.lastIndexOf(92);
        if (lastIndexOf != -1) {
            name = name.substring(lastIndexOf + 1, name.length());
        }
        File file = new File(property + File.separator + name);
        try {
            UploadFileServlet uploadFileServlet = new UploadFileServlet();
            uploadFileServlet.getClass();
            File rename = new UploadFileServlet.OCFileRename().rename(file, fileItem.getInputStream());
            try {
                fileItem.write(rename);
                return rename;
            } catch (Exception e) {
                throw new OpenClinicaSystemException(e.getMessage());
            }
        } catch (IOException e2) {
            throw new OpenClinicaSystemException(e2.getMessage());
        }
    }
}
