package ca.carleton.gcrc.dbWeb;

import ca.carleton.gcrc.auth.common.AuthenticationUtils;
import ca.carleton.gcrc.auth.common.User;
import ca.carleton.gcrc.dbSec.DbSecurity;
import ca.carleton.gcrc.dbSec.DbTableAccess;
import ca.carleton.gcrc.dbSec.Expression;
import ca.carleton.gcrc.dbSec.FieldSelector;
import ca.carleton.gcrc.dbSec.FieldSelectorCentroid;
import ca.carleton.gcrc.dbSec.FieldSelectorColumn;
import ca.carleton.gcrc.dbSec.FieldSelectorFunction;
import ca.carleton.gcrc.dbSec.FieldSelectorScoreSubString;
import ca.carleton.gcrc.dbSec.OrderSpecifier;
import ca.carleton.gcrc.dbSec.RecordSelector;
import ca.carleton.gcrc.dbSec.RecordSelectorComparison;
import ca.carleton.gcrc.dbSec.RecordSelectorSearchString;
import ca.carleton.gcrc.dbSec.TableSchema;
import ca.carleton.gcrc.jdbc.JdbcConnections;
import ca.carleton.gcrc.json.JSONSupport;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.sql.Connection;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.cometd.Bayeux;
import org.eclipse.jetty.util.URIUtil;
import org.json.JSONArray;
import org.json.JSONObject;
import org.json.JSONTokener;
import org.postgresql.jdbc2.EscapedFunctions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/nunaliit2-dbWeb-2.2.4.jar:ca/carleton/gcrc/dbWeb/DbWebServlet.class */
public class DbWebServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static Pattern patternEq = Pattern.compile("eq\\((.*)\\)(.*)");
    private static Pattern patternNe = Pattern.compile("ne\\((.*)\\)(.*)");
    private static Pattern patternGe = Pattern.compile("ge\\((.*)\\)(.*)");
    private static Pattern patternLe = Pattern.compile("le\\((.*)\\)(.*)");
    private static Pattern patternGt = Pattern.compile("gt\\((.*)\\)(.*)");
    private static Pattern patternLt = Pattern.compile("lt\\((.*)\\)(.*)");
    private static Pattern patternNull = Pattern.compile("null\\((.*)\\)");
    private static Pattern patternNotNull = Pattern.compile("notNull\\((.*)\\)");
    private static Pattern patternScore = Pattern.compile("score\\((.*)\\)(.*)");
    private static Pattern patternCentroid = Pattern.compile("centroid\\(([xy]),(.*)\\)");
    private static Pattern patternSum = Pattern.compile("sum\\((.*)\\)");
    private static Pattern patternMin = Pattern.compile("min\\((.*)\\)");
    private static Pattern patternMax = Pattern.compile("max\\((.*)\\)");
    private static Pattern patternSearchString = Pattern.compile("search\\((.*)\\)(.*)");
    private static Pattern patternOrderBy = Pattern.compile("([ad]),(.*)");
    protected final Logger logger = LoggerFactory.getLogger(getClass());
    private JdbcConnections connections = null;
    Connection connection = null;
    private DbSecurity dbSecurity = null;

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        try {
            this.connections = JdbcConnections.connectionsFromServletContext(servletConfig.getServletContext());
            this.connection = this.connections.getDb();
            this.dbSecurity = new DbSecurity(this.connection);
        } catch (Exception e) {
            throw new ServletException("Error while connecting to database", e);
        }
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void destroy() {
        this.connections.closeAllConnections();
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String[] split = httpServletRequest.getRequestURI().split(URIUtil.SLASH);
        String str = split[split.length - 1];
        this.logger.info(getClass().getName() + " " + str);
        try {
            if ("getSchema".equalsIgnoreCase(str)) {
                performGetSchema(httpServletRequest, httpServletResponse);
            } else if ("getCapabilities".equalsIgnoreCase(str)) {
                performGetCapabilities(httpServletRequest, httpServletResponse);
            } else if ("query".equalsIgnoreCase(str)) {
                performQuery(httpServletRequest, httpServletResponse);
            } else if ("queries".equalsIgnoreCase(str)) {
                performMultiQuery(httpServletRequest, httpServletResponse);
            } else if (EscapedFunctions.INSERT.equalsIgnoreCase(str)) {
                performInsert(httpServletRequest, httpServletResponse);
            } else if ("update".equalsIgnoreCase(str)) {
                performUpdate(httpServletRequest, httpServletResponse);
            } else {
                if (!"delete".equalsIgnoreCase(str)) {
                    throw new Exception("Unknown request: " + str);
                }
                performDelete(httpServletRequest, httpServletResponse);
            }
        } catch (Exception e) {
            this.logger.info("Error encountered while performing: " + str, (Throwable) e);
            sendErrorResponse(httpServletResponse, e);
        }
    }

    private void performGetSchema(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        User userFromRequest = AuthenticationUtils.getUserFromRequest(httpServletRequest);
        sendJsonResponse(httpServletResponse, DbTableAccess.getAccess(this.dbSecurity, getTableNameFromRequest(httpServletRequest), new DbUserAdaptor(userFromRequest)).getSchema());
    }

    private void performGetCapabilities(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        List<TableSchema> availableTablesFromGroups = this.dbSecurity.getAvailableTablesFromGroups(new DbUserAdaptor(AuthenticationUtils.getUserFromRequest(httpServletRequest)));
        JSONArray jSONArray = new JSONArray();
        Iterator<TableSchema> it = availableTablesFromGroups.iterator();
        while (it.hasNext()) {
            jSONArray.put(it.next().toJSON());
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("capabilities", jSONArray);
        sendJsonResponse(httpServletResponse, jSONObject);
    }

    private void performQuery(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        User userFromRequest = AuthenticationUtils.getUserFromRequest(httpServletRequest);
        JSONArray query = DbTableAccess.getAccess(this.dbSecurity, getTableNameFromRequest(httpServletRequest), new DbUserAdaptor(userFromRequest)).query(getRecordSelectorsFromRequest(httpServletRequest), getFieldSelectorsFromRequest(httpServletRequest), getGroupByFromRequest(httpServletRequest), getOrderByList(httpServletRequest), getLimitFromRequest(httpServletRequest), getOffsetFromRequest(httpServletRequest));
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("queried", query);
        sendJsonResponse(httpServletResponse, jSONObject);
    }

    private void performMultiQuery(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        User userFromRequest = AuthenticationUtils.getUserFromRequest(httpServletRequest);
        String[] parameterValues = httpServletRequest.getParameterValues("queries");
        if (1 != parameterValues.length) {
            throw new Exception("Parameter 'queries' must be specified exactly oncce");
        }
        List<Query> parseQueriesJson = parseQueriesJson(parameterValues[0]);
        JSONObject jSONObject = new JSONObject();
        HashMap hashMap = new HashMap();
        for (Query query : parseQueriesJson) {
            String tableName = query.getTableName();
            List<RecordSelector> whereExpressions = query.getWhereExpressions();
            List<FieldSelector> fieldSelectors = query.getFieldSelectors();
            List<FieldSelector> groupByColumnNames = query.getGroupByColumnNames();
            List<OrderSpecifier> orderBySpecifiers = query.getOrderBySpecifiers();
            Integer limit = query.getLimit();
            Integer offset = query.getOffset();
            DbTableAccess dbTableAccess = (DbTableAccess) hashMap.get(tableName);
            if (null == dbTableAccess) {
                dbTableAccess = DbTableAccess.getAccess(this.dbSecurity, tableName, new DbUserAdaptor(userFromRequest));
                hashMap.put(tableName, dbTableAccess);
            }
            try {
                jSONObject.put(query.getQueryKey(), dbTableAccess.query(whereExpressions, fieldSelectors, groupByColumnNames, orderBySpecifiers, limit, offset));
            } catch (Exception e) {
                jSONObject.put(query.getQueryKey(), errorToJson(e));
            }
        }
        sendJsonResponse(httpServletResponse, jSONObject);
    }

    protected List<Query> parseQueriesJson(String str) throws Exception {
        Object nextValue = new JSONTokener(str).nextValue();
        if (!(nextValue instanceof JSONObject)) {
            throw new Exception("Unexpected object type for queries: " + nextValue.getClass().getSimpleName());
        }
        JSONObject jSONObject = (JSONObject) nextValue;
        Vector vector = new Vector();
        Iterator keys = jSONObject.keys();
        while (keys.hasNext()) {
            Object next = keys.next();
            if (false == (next instanceof String)) {
                throw new Exception("Invalid encoding of queries (non-string key)");
            }
            String str2 = (String) next;
            JSONObject jSONObject2 = jSONObject.getJSONObject(str2);
            if (null == jSONObject2) {
                throw new Exception("Invalid encoding of queries (null query)");
            }
            vector.add(parseQueryJson(str2, jSONObject2));
        }
        return vector;
    }

    protected Query parseQueryJson(String str, JSONObject jSONObject) throws Exception {
        String string = jSONObject.getString("table");
        if (null == string) {
            throw new Exception("Invalid query : missing 'table' parameter");
        }
        Query query = new Query(str, string);
        if (JSONSupport.containsKey(jSONObject, "where")) {
            JSONArray jSONArray = jSONObject.getJSONArray("where");
            Vector vector = new Vector();
            for (int i = 0; i < jSONArray.length(); i++) {
                String string2 = jSONArray.getString(i);
                if (null == string2) {
                    throw new Exception("Invalid query : null where expression");
                }
                vector.add(parseRecordSelector(string2));
            }
            query.setWhereExpressions(vector);
        }
        if (JSONSupport.containsKey(jSONObject, "select")) {
            JSONArray jSONArray2 = jSONObject.getJSONArray("select");
            Vector vector2 = new Vector();
            for (int i2 = 0; i2 < jSONArray2.length(); i2++) {
                String string3 = jSONArray2.getString(i2);
                if (null == string3) {
                    throw new Exception("Invalid query : field selector must be a string");
                }
                vector2.add(parseFieldSelectorString(string3));
            }
            query.setFieldSelectors(vector2);
        }
        if (JSONSupport.containsKey(jSONObject, "groupBy")) {
            JSONArray jSONArray3 = jSONObject.getJSONArray("groupBy");
            Vector vector3 = new Vector();
            for (int i3 = 0; i3 < jSONArray3.length(); i3++) {
                String string4 = jSONArray3.getString(i3);
                if (null == string4) {
                    throw new Exception("Invalid query : groupBy specifier must be a string");
                }
                vector3.add(parseFieldSelectorString(string4));
            }
            query.setGroupByColumnNames(vector3);
        }
        if (JSONSupport.containsKey(jSONObject, "orderBy")) {
            JSONArray jSONArray4 = jSONObject.getJSONArray("orderBy");
            Vector vector4 = new Vector();
            for (int i4 = 0; i4 < jSONArray4.length(); i4++) {
                String string5 = jSONArray4.getString(i4);
                if (null == string5) {
                    throw new Exception("Invalid query : orderBy specifier must be a string");
                }
                vector4.add(parseOrderSpecifier(string5));
            }
            query.setOrderBySpecifiers(vector4);
        }
        if (JSONSupport.containsKey(jSONObject, "limit")) {
            query.setLimit(new Integer(jSONObject.getInt("limit")));
        }
        if (JSONSupport.containsKey(jSONObject, "offset")) {
            query.setOffset(new Integer(jSONObject.getInt("offset")));
        }
        return query;
    }

    private void performInsert(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        User userFromRequest = AuthenticationUtils.getUserFromRequest(httpServletRequest);
        JSONObject insert = DbTableAccess.getAccess(this.dbSecurity, getTableNameFromRequest(httpServletRequest), new DbUserAdaptor(userFromRequest)).insert(getSetParametersMap(httpServletRequest));
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("inserted", insert);
        sendJsonResponse(httpServletResponse, jSONObject);
    }

    private void performUpdate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        User userFromRequest = AuthenticationUtils.getUserFromRequest(httpServletRequest);
        JSONArray update = DbTableAccess.getAccess(this.dbSecurity, getTableNameFromRequest(httpServletRequest), new DbUserAdaptor(userFromRequest)).update(getRecordSelectorsFromRequest(httpServletRequest), getSetParametersMap(httpServletRequest));
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("updated", update);
        sendJsonResponse(httpServletResponse, jSONObject);
    }

    private void performDelete(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        User userFromRequest = AuthenticationUtils.getUserFromRequest(httpServletRequest);
        DbTableAccess.getAccess(this.dbSecurity, getTableNameFromRequest(httpServletRequest), new DbUserAdaptor(userFromRequest)).delete(getRecordSelectorsFromRequest(httpServletRequest));
        sendJsonResponse(httpServletResponse, new JSONObject());
    }

    private String getTableNameFromRequest(HttpServletRequest httpServletRequest) throws Exception {
        String[] parameterValues = httpServletRequest.getParameterValues("table");
        if (null == parameterValues || 0 == parameterValues.length) {
            throw new Exception("Parameter 'table' not specified");
        }
        if (parameterValues.length > 1) {
            throw new Exception("Parameter 'table' specified multiple times");
        }
        return parameterValues[0];
    }

    private List<RecordSelector> getRecordSelectorsFromRequest(HttpServletRequest httpServletRequest) throws Exception {
        Vector vector = new Vector();
        String[] parameterValues = httpServletRequest.getParameterValues("where");
        if (null != parameterValues) {
            for (String str : parameterValues) {
                RecordSelector parseRecordSelector = parseRecordSelector(str);
                if (null != parseRecordSelector) {
                    vector.add(parseRecordSelector);
                }
            }
        }
        return vector;
    }

    private RecordSelector parseRecordSelector(String str) throws Exception {
        if (null == str || "" == str) {
            return null;
        }
        Matcher matcher = patternSearchString.matcher(str);
        if (matcher.matches()) {
            return new RecordSelectorSearchString(matcher.group(1).split(","), matcher.group(2));
        }
        Matcher matcher2 = patternEq.matcher(str);
        if (matcher2.matches()) {
            return new RecordSelectorComparison(matcher2.group(1), RecordSelectorComparison.Comparison.EQUAL, matcher2.group(2));
        }
        Matcher matcher3 = patternNe.matcher(str);
        if (matcher3.matches()) {
            return new RecordSelectorComparison(matcher3.group(1), RecordSelectorComparison.Comparison.NOT_EQUAL, matcher3.group(2));
        }
        Matcher matcher4 = patternGt.matcher(str);
        if (matcher4.matches()) {
            return new RecordSelectorComparison(matcher4.group(1), RecordSelectorComparison.Comparison.GREATER_THAN, matcher4.group(2));
        }
        Matcher matcher5 = patternGe.matcher(str);
        if (matcher5.matches()) {
            return new RecordSelectorComparison(matcher5.group(1), RecordSelectorComparison.Comparison.GREATER_THAN_OR_EQUAL, matcher5.group(2));
        }
        Matcher matcher6 = patternLt.matcher(str);
        if (matcher6.matches()) {
            return new RecordSelectorComparison(matcher6.group(1), RecordSelectorComparison.Comparison.LESS_THAN, matcher6.group(2));
        }
        Matcher matcher7 = patternLe.matcher(str);
        if (matcher7.matches()) {
            return new RecordSelectorComparison(matcher7.group(1), RecordSelectorComparison.Comparison.LESS_THAN_OR_EQUAL, matcher7.group(2));
        }
        Matcher matcher8 = patternNull.matcher(str);
        if (matcher8.matches()) {
            return new RecordSelectorComparison(matcher8.group(1), RecordSelectorComparison.Comparison.IS_NULL, (Expression) null);
        }
        Matcher matcher9 = patternNotNull.matcher(str);
        if (matcher9.matches()) {
            return new RecordSelectorComparison(matcher9.group(1), RecordSelectorComparison.Comparison.IS_NOT_NULL, (Expression) null);
        }
        throw new Exception("Invalid query : can not parse record selector: " + str);
    }

    private List<FieldSelector> getFieldSelectorsFromRequest(HttpServletRequest httpServletRequest) throws Exception {
        String[] parameterValues = httpServletRequest.getParameterValues("select");
        if (null == parameterValues || 0 == parameterValues.length) {
            return null;
        }
        Vector vector = new Vector();
        for (String str : parameterValues) {
            vector.add(parseFieldSelectorString(str));
        }
        return vector;
    }

    private FieldSelector parseFieldSelectorString(String str) throws Exception {
        FieldSelectorCentroid.Type type;
        Matcher matcher = patternSum.matcher(str);
        if (matcher.matches()) {
            return new FieldSelectorFunction(FieldSelectorFunction.Type.SUM, matcher.group(1));
        }
        Matcher matcher2 = patternMin.matcher(str);
        if (matcher2.matches()) {
            return new FieldSelectorFunction(FieldSelectorFunction.Type.MIN, matcher2.group(1));
        }
        Matcher matcher3 = patternMax.matcher(str);
        if (matcher3.matches()) {
            return new FieldSelectorFunction(FieldSelectorFunction.Type.MAX, matcher3.group(1));
        }
        Matcher matcher4 = patternScore.matcher(str);
        if (matcher4.matches()) {
            return new FieldSelectorScoreSubString(matcher4.group(1).split(","), matcher4.group(2));
        }
        Matcher matcher5 = patternCentroid.matcher(str);
        if (!matcher5.matches()) {
            return new FieldSelectorColumn(str);
        }
        String group = matcher5.group(1);
        String group2 = matcher5.group(2);
        if ("x".equals(group)) {
            type = FieldSelectorCentroid.Type.X;
        } else {
            if (!"y".equals(group)) {
                throw new Exception("Invalid FieldSelector centroid: " + str);
            }
            type = FieldSelectorCentroid.Type.Y;
        }
        return new FieldSelectorCentroid(group2, type);
    }

    private OrderSpecifier parseOrderSpecifier(String str) throws Exception {
        OrderSpecifier.Type type;
        Matcher matcher = patternOrderBy.matcher(str);
        if (false == matcher.matches()) {
            throw new Exception("Can not parse OrderBy specifier: " + str);
        }
        String group = matcher.group(1);
        if ("a".equals(group)) {
            type = OrderSpecifier.Type.ASCENDING;
        } else {
            if (!"d".equals(group)) {
                throw new Exception("Invalid orderBy type: " + group);
            }
            type = OrderSpecifier.Type.DESCENDING;
        }
        return new OrderSpecifier(type, parseFieldSelectorString(matcher.group(2)));
    }

    private List<FieldSelector> getGroupByFromRequest(HttpServletRequest httpServletRequest) throws Exception {
        String[] parameterValues = httpServletRequest.getParameterValues("groupBy");
        if (null == parameterValues || 0 == parameterValues.length) {
            return null;
        }
        Vector vector = new Vector();
        for (String str : parameterValues) {
            vector.add(parseFieldSelectorString(str));
        }
        return vector;
    }

    private List<OrderSpecifier> getOrderByList(HttpServletRequest httpServletRequest) throws Exception {
        String[] parameterValues = httpServletRequest.getParameterValues("orderBy");
        if (null == parameterValues || 0 == parameterValues.length) {
            return null;
        }
        Vector vector = new Vector();
        for (String str : parameterValues) {
            vector.add(parseOrderSpecifier(str));
        }
        return vector;
    }

    private Integer getLimitFromRequest(HttpServletRequest httpServletRequest) throws Exception {
        String[] parameterValues = httpServletRequest.getParameterValues("limit");
        if (null == parameterValues || 0 == parameterValues.length) {
            return null;
        }
        if (parameterValues.length > 1) {
            throw new Exception("limit can only be specified once");
        }
        return new Integer(Integer.parseInt(parameterValues[0]));
    }

    private Integer getOffsetFromRequest(HttpServletRequest httpServletRequest) throws Exception {
        String[] parameterValues = httpServletRequest.getParameterValues("offset");
        if (null == parameterValues || 0 == parameterValues.length) {
            return null;
        }
        if (parameterValues.length > 1) {
            throw new Exception("Offset can only be specified once");
        }
        return new Integer(Integer.parseInt(parameterValues[0]));
    }

    private Map<String, String> getSetParametersMap(HttpServletRequest httpServletRequest) throws Exception {
        HashMap hashMap = new HashMap();
        String[] parameterValues = httpServletRequest.getParameterValues("set");
        if (null != parameterValues) {
            for (String str : parameterValues) {
                int indexOf = str.indexOf(44);
                if (indexOf < 0) {
                    throw new Exception("Malformed setter: " + str);
                }
                String substring = str.substring(0, indexOf);
                String substring2 = str.substring(indexOf + 1);
                if (hashMap.containsKey(substring)) {
                    throw new Exception("Setter specified multiple times: " + substring);
                }
                hashMap.put(substring, substring2);
            }
        }
        return hashMap;
    }

    private void sendJsonResponse(HttpServletResponse httpServletResponse, JSONObject jSONObject) throws Exception {
        httpServletResponse.setStatus(200);
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", new Date().getTime());
        httpServletResponse.setContentType("text/plain");
        httpServletResponse.setCharacterEncoding("utf-8");
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(httpServletResponse.getOutputStream(), "UTF-8");
        jSONObject.write(outputStreamWriter);
        outputStreamWriter.flush();
    }

    private void sendErrorResponse(HttpServletResponse httpServletResponse, Throwable th) throws ServletException {
        httpServletResponse.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", new Date().getTime());
        httpServletResponse.setContentType("text/plain");
        httpServletResponse.setCharacterEncoding("utf-8");
        try {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put(Bayeux.ERROR_FIELD, errorToJson(th));
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(httpServletResponse.getOutputStream(), "UTF-8");
            jSONObject.write(outputStreamWriter);
            outputStreamWriter.flush();
        } catch (Exception e) {
            throw new ServletException("Failure while serving error", e);
        }
    }

    private JSONObject errorToJson(Throwable th) throws Exception {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("message", th.getMessage());
        if (null != th.getCause()) {
            jSONObject.put("cause", errorToJson(th.getCause()));
        }
        return jSONObject;
    }
}
