package org.exist.http;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.StringReader;
import java.io.StringWriter;
import java.net.URI;
import java.util.Date;
import java.util.Iterator;
import java.util.Properties;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerConfigurationException;
import org.apache.http.protocol.HTTP;
import org.apache.jempbox.xmp.ResourceEvent;
import org.apache.log4j.Logger;
import org.apache.naming.resources.ResourceAttributes;
import org.apache.solr.common.params.CommonParams;
import org.apache.solr.core.CoreDescriptor;
import org.apache.xalan.templates.Constants;
import org.apache.xml.serializer.Method;
import org.exist.EXistException;
import org.exist.Namespaces;
import org.exist.collections.Collection;
import org.exist.collections.IndexInfo;
import org.exist.collections.triggers.TriggerException;
import org.exist.dom.BinaryDocument;
import org.exist.dom.DocumentImpl;
import org.exist.dom.DocumentMetadata;
import org.exist.dom.DocumentSet;
import org.exist.http.servlets.HttpRequestWrapper;
import org.exist.http.servlets.HttpResponseWrapper;
import org.exist.security.Permission;
import org.exist.security.PermissionDeniedException;
import org.exist.security.xacml.AccessContext;
import org.exist.source.DBSource;
import org.exist.source.StringSource;
import org.exist.storage.BrokerPool;
import org.exist.storage.DBBroker;
import org.exist.storage.XQueryPool;
import org.exist.storage.serializers.EXistOutputKeys;
import org.exist.storage.serializers.Serializer;
import org.exist.storage.txn.TransactionException;
import org.exist.storage.txn.TransactionManager;
import org.exist.storage.txn.Txn;
import org.exist.util.LockException;
import org.exist.util.MimeTable;
import org.exist.util.MimeType;
import org.exist.util.serializer.SAXSerializer;
import org.exist.util.serializer.SerializerPool;
import org.exist.xmldb.XmldbURI;
import org.exist.xquery.CompiledXQuery;
import org.exist.xquery.XPathException;
import org.exist.xquery.XQuery;
import org.exist.xquery.XQueryContext;
import org.exist.xquery.value.AnyURIValue;
import org.exist.xquery.value.DateTimeValue;
import org.exist.xquery.value.Sequence;
import org.exist.xupdate.Modification;
import org.exist.xupdate.XUpdateProcessor;
import org.mortbay.jetty.HttpStatus;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xml.sax.SAXParseException;
import org.xml.sax.helpers.AttributesImpl;

/* loaded from: input_file:WEB-INF/lib/exist-1.2.4.jar:org/exist/http/RESTServer.class */
public class RESTServer {
    protected static final Logger LOG;
    protected static final Properties defaultProperties;
    protected static final Properties defaultOutputKeysProperties;
    private static final String QUERY_ERROR_HEAD = "<html><head><title>Query Error</title><style type=\"text/css\">.errmsg {  border: 1px solid black;  padding: 15px;  margin-left: 20px;  margin-right: 20px;}h1 { color: #C0C0C0; }.path {  padding-bottom: 10px;}.high {   color: #666699;   font-weight: bold;}</style></head><body><h1>XQuery Error</h1>";
    private String formEncoding;
    private String containerEncoding;
    private boolean useDynamicContentType;
    private SessionManager sessionManager;
    static Class class$org$exist$http$RESTServer;
    static Class class$org$exist$util$serializer$SAXSerializer;

    public RESTServer(BrokerPool brokerPool, String str, String str2, boolean z) {
        this.formEncoding = str;
        this.containerEncoding = str2;
        this.useDynamicContentType = z;
        this.sessionManager = new SessionManager(brokerPool);
    }

    public void doGet(DBBroker dBBroker, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws BadRequestException, PermissionDeniedException, NotFoundException, IOException {
        if (httpServletRequest.getCharacterEncoding() == null) {
            httpServletRequest.setCharacterEncoding(this.formEncoding);
        }
        String parameter = httpServletRequest.getParameter("_release");
        if (parameter != null) {
            int parseInt = Integer.parseInt(parameter);
            this.sessionManager.release(parseInt);
            if (LOG.isDebugEnabled()) {
                LOG.debug(new StringBuffer().append("Released session ").append(parseInt).toString());
            }
            httpServletResponse.setStatus(200);
            return;
        }
        int i = 10;
        int i2 = 1;
        boolean z = true;
        boolean z2 = false;
        boolean z3 = false;
        Properties properties = new Properties(defaultOutputKeysProperties);
        String parameter2 = httpServletRequest.getParameter("_xpath");
        if (parameter2 == null) {
            parameter2 = httpServletRequest.getParameter("_query");
        }
        String parameter3 = httpServletRequest.getParameter("_howmany");
        if (parameter3 != null) {
            try {
                i = Integer.parseInt(parameter3);
            } catch (NumberFormatException e) {
                throw new BadRequestException("Parameter _howmany should be an int");
            }
        }
        String parameter4 = httpServletRequest.getParameter("_start");
        if (parameter4 != null) {
            try {
                i2 = Integer.parseInt(parameter4);
            } catch (NumberFormatException e2) {
                throw new BadRequestException("Parameter _start should be an int");
            }
        }
        String parameter5 = httpServletRequest.getParameter("_wrap");
        if (parameter5 != null) {
            z = parameter5.equals("yes");
        }
        String parameter6 = httpServletRequest.getParameter("_cache");
        if (parameter6 != null) {
            z3 = parameter6.equals("yes");
        }
        String parameter7 = httpServletRequest.getParameter("_indent");
        if (parameter7 != null) {
            properties.setProperty("indent", parameter7);
        }
        String parameter8 = httpServletRequest.getParameter("_source");
        if (parameter8 != null) {
            z2 = parameter8.equals("yes");
        }
        String parameter9 = httpServletRequest.getParameter("_session");
        if (parameter9 != null) {
            properties.setProperty(Serializer.PROPERTY_SESSION_ID, parameter9);
        }
        String parameter10 = httpServletRequest.getParameter("_xsl");
        String str2 = parameter10;
        if (parameter10 == null) {
            properties.setProperty(EXistOutputKeys.PROCESS_XSL_PI, "yes");
        } else if (str2.equals("no")) {
            properties.setProperty(EXistOutputKeys.PROCESS_XSL_PI, "no");
            properties.remove("stylesheet");
            str2 = null;
        } else {
            properties.setProperty("stylesheet", str2);
        }
        LOG.debug(new StringBuffer().append("stylesheet = ").append(str2).toString());
        LOG.debug(new StringBuffer().append("query = ").append(parameter2).toString());
        String parameter11 = httpServletRequest.getParameter("_encoding");
        String str3 = parameter11;
        if (parameter11 != null) {
            properties.setProperty("encoding", str3);
        } else {
            str3 = "UTF-8";
        }
        String property = properties.getProperty("media-type");
        if (parameter2 != null) {
            try {
                String search = search(dBBroker, parameter2, str, i, i2, properties, z, z3, httpServletRequest, httpServletResponse);
                str3 = properties.getProperty("encoding");
                property = properties.getProperty("media-type");
                if (!httpServletResponse.isCommitted()) {
                    writeResponse(httpServletResponse, search, property, str3);
                }
                return;
            } catch (XPathException e3) {
                httpServletResponse.setStatus(400);
                if (MimeType.XML_TYPE.getName().equals(property)) {
                    writeResponse(httpServletResponse, formatXPathException(parameter2, str, e3), property, str3);
                    return;
                } else {
                    writeResponse(httpServletResponse, formatXPathExceptionHtml(parameter2, str, e3), MimeType.HTML_TYPE.getName(), str3);
                    return;
                }
            }
        }
        DocumentImpl documentImpl = null;
        XmldbURI create = XmldbURI.create(str);
        try {
            String name = MimeType.XQUERY_TYPE.getName();
            documentImpl = dBBroker.getXMLResource(create, 0);
            if (null != documentImpl && (!name.equals(documentImpl.getMetadata().getMimeType()) || documentImpl.getResourceType() != 1)) {
                writeResourceAs(documentImpl, dBBroker, str2, str3, null, properties, httpServletResponse);
                if (documentImpl != null) {
                    documentImpl.getUpdateLock().release(0);
                    return;
                }
                return;
            }
            if (documentImpl == null) {
                Collection collection = dBBroker.getCollection(create);
                if (collection != null) {
                    if (!collection.getPermissions().validate(dBBroker.getUser(), 4)) {
                        throw new PermissionDeniedException("Not allowed to read collection");
                    }
                    writeResponse(httpServletResponse, printCollection(dBBroker, collection), MimeType.XML_TYPE.getName(), str3);
                    if (documentImpl != null) {
                        documentImpl.getUpdateLock().release(0);
                        return;
                    }
                    return;
                }
                if (z2) {
                    throw new NotFoundException(new StringBuffer().append("Document ").append(str).append(" not found").toString());
                }
            }
            XmldbURI xmldbURI = create;
            while (null == documentImpl) {
                xmldbURI = xmldbURI.removeLastSegment();
                if (xmldbURI != XmldbURI.EMPTY_URI) {
                    documentImpl = dBBroker.getXMLResource(xmldbURI, 0);
                    if (null != documentImpl && documentImpl.getResourceType() == 1 && name.equals(documentImpl.getMetadata().getMimeType())) {
                        break;
                    } else if (null != documentImpl) {
                        throw new NotFoundException(new StringBuffer().append("Document ").append(str).append(" not found").toString());
                    }
                } else {
                    break;
                }
            }
            if (null == documentImpl) {
                throw new NotFoundException(new StringBuffer().append("Document ").append(str).append(" not found").toString());
            }
            String xmldbURI2 = create.trimFromBeginning(xmldbURI).toString();
            Descriptor descriptorSingleton = Descriptor.getDescriptorSingleton();
            if (!z2) {
                try {
                    String executeXQuery = executeXQuery(dBBroker, documentImpl, httpServletRequest, httpServletResponse, properties, xmldbURI.toString(), xmldbURI2);
                    str3 = properties.getProperty("encoding");
                    property = properties.getProperty("media-type");
                    if (!httpServletResponse.isCommitted()) {
                        writeResponse(httpServletResponse, executeXQuery, property, str3);
                    }
                } catch (XPathException e4) {
                    if (LOG.isDebugEnabled()) {
                        LOG.debug(e4.getMessage(), e4);
                    }
                    httpServletResponse.setStatus(400);
                    if (MimeType.XML_TYPE.getName().equals(property)) {
                        writeResponse(httpServletResponse, formatXPathException(parameter2, str, e4), property, str3);
                    } else {
                        writeResponse(httpServletResponse, formatXPathExceptionHtml(parameter2, str, e4), MimeType.HTML_TYPE.getName(), str3);
                    }
                }
            } else {
                if (null == descriptorSingleton || !descriptorSingleton.allowSourceXQuery(str)) {
                    httpServletResponse.sendError(403, new StringBuffer().append("Permission to view XQuery source for: ").append(str).append(" denied. Must be explicitly defined in descriptor.xml").toString());
                    if (documentImpl != null) {
                        documentImpl.getUpdateLock().release(0);
                        return;
                    }
                    return;
                }
                writeResourceAs(documentImpl, dBBroker, str2, str3, MimeType.TEXT_TYPE.getName(), properties, httpServletResponse);
            }
        } finally {
            if (documentImpl != null) {
                documentImpl.getUpdateLock().release(0);
            }
        }
    }

    private void writeResourceAs(DocumentImpl documentImpl, DBBroker dBBroker, String str, String str2, String str3, Properties properties, HttpServletResponse httpServletResponse) throws BadRequestException, PermissionDeniedException, IOException {
        if (!documentImpl.getPermissions().validate(dBBroker.getUser(), 4)) {
            throw new PermissionDeniedException("Not allowed to read resource");
        }
        if (documentImpl.getResourceType() == 1) {
            if (str3 != null) {
                httpServletResponse.setContentType(str3);
            } else {
                httpServletResponse.setContentType(documentImpl.getMetadata().getMimeType());
            }
            ServletOutputStream outputStream = httpServletResponse.getOutputStream();
            dBBroker.readBinaryResource((BinaryDocument) documentImpl, outputStream);
            outputStream.flush();
            return;
        }
        Serializer serializer = dBBroker.getSerializer();
        serializer.reset();
        if (str != null) {
            try {
                serializer.setStylesheet(documentImpl, str);
            } catch (TransformerConfigurationException e) {
                LOG.warn(e);
                throw new BadRequestException(e.getMessageAndLocation());
            } catch (SAXException e2) {
                LOG.warn(e2);
                throw new BadRequestException(new StringBuffer().append("Error while serializing XML: ").append(e2.getMessage()).toString());
            }
        }
        serializer.setProperties(properties);
        serializer.prepareStylesheets(documentImpl);
        if (str3 != null) {
            httpServletResponse.setContentType(new StringBuffer().append(str3).append(HTTP.CHARSET_PARAM).append(str2).toString());
        } else if (serializer.isStylesheetApplied() || serializer.hasXSLPi(documentImpl) != null) {
            str3 = serializer.getStylesheetProperty("media-type");
            if (!this.useDynamicContentType || str3 == null) {
                str3 = MimeType.HTML_TYPE.getName();
            }
            LOG.debug(new StringBuffer().append("media-type: ").append(str3).toString());
            httpServletResponse.setContentType(new StringBuffer().append(str3).append(HTTP.CHARSET_PARAM).append(str2).toString());
        } else {
            str3 = documentImpl.getMetadata().getMimeType();
            httpServletResponse.setContentType(new StringBuffer().append(str3).append(HTTP.CHARSET_PARAM).append(str2).toString());
        }
        if (str3.equals(MimeType.HTML_TYPE.getName())) {
            serializer.setProperty("method", Method.XHTML);
            serializer.setProperty("media-type", "text/html");
            serializer.setProperty("ident", "yes");
            serializer.setProperty("omit-xml-declaration", "no");
        }
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(httpServletResponse.getOutputStream(), str2);
        serializer.serialize(documentImpl, outputStreamWriter);
        outputStreamWriter.flush();
        outputStreamWriter.close();
    }

    public void doHead(DBBroker dBBroker, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws BadRequestException, PermissionDeniedException, NotFoundException, IOException {
        DocumentImpl documentImpl = null;
        XmldbURI create = XmldbURI.create(str);
        try {
            DocumentImpl xMLResource = dBBroker.getXMLResource(create, 0);
            if (xMLResource == null) {
                throw new NotFoundException(new StringBuffer().append("Resource ").append(create).append(" not found").toString());
            }
            if (!xMLResource.getPermissions().validate(dBBroker.getUser(), 4)) {
                throw new PermissionDeniedException(new StringBuffer().append("Permission to read resource ").append(str).append(" denied").toString());
            }
            DocumentMetadata metadata = xMLResource.getMetadata();
            httpServletResponse.setContentType(metadata.getMimeType());
            httpServletResponse.setContentLength(xMLResource.getContentLength());
            httpServletResponse.addDateHeader("Last-Modified", metadata.getLastModified());
            httpServletResponse.addDateHeader(HttpStatus.Created, metadata.getCreated());
            if (xMLResource != null) {
                xMLResource.getUpdateLock().release(0);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                documentImpl.getUpdateLock().release(0);
            }
            throw th;
        }
    }

    public void doPost(DBBroker dBBroker, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws BadRequestException, PermissionDeniedException, IOException {
        String message;
        DocumentImpl documentImpl;
        if (httpServletRequest.getCharacterEncoding() == null) {
            httpServletRequest.setCharacterEncoding(this.formEncoding);
        }
        Properties properties = new Properties(defaultOutputKeysProperties);
        XmldbURI create = XmldbURI.create(str);
        DocumentImpl documentImpl2 = null;
        String property = properties.getProperty("encoding");
        String property2 = properties.getProperty("media-type");
        try {
            String name = MimeType.XQUERY_TYPE.getName();
            documentImpl2 = dBBroker.getXMLResource(create, 0);
            XmldbURI xmldbURI = create;
            while (true) {
                if (null != documentImpl2) {
                    break;
                }
                xmldbURI = xmldbURI.removeLastSegment();
                if (xmldbURI == XmldbURI.EMPTY_URI) {
                    break;
                }
                documentImpl2 = dBBroker.getXMLResource(xmldbURI, 0);
                if (null != documentImpl2 && documentImpl2.getResourceType() == 1 && name.equals(documentImpl2.getMetadata().getMimeType())) {
                    break;
                }
                if (null != documentImpl2) {
                    documentImpl2.getUpdateLock().release(0);
                    documentImpl2 = null;
                    break;
                }
            }
            if (documentImpl2 != null && documentImpl2.getResourceType() == 1 && name.equals(documentImpl2.getMetadata().getMimeType())) {
                try {
                    String executeXQuery = executeXQuery(dBBroker, documentImpl2, httpServletRequest, httpServletResponse, properties, xmldbURI.toString(), create.trimFromBeginning(xmldbURI).toString().toString());
                    property = properties.getProperty("encoding");
                    property2 = properties.getProperty("media-type");
                    writeResponse(httpServletResponse, executeXQuery, property2, property);
                } catch (XPathException e) {
                    httpServletResponse.setStatus(400);
                    if (MimeType.XML_TYPE.getName().equals(property2)) {
                        writeResponse(httpServletResponse, formatXPathException(null, str, e), property2, property);
                    } else {
                        writeResponse(httpServletResponse, formatXPathExceptionHtml(null, str, e), MimeType.HTML_TYPE.getName(), property);
                    }
                }
                if (documentImpl != null) {
                    return;
                } else {
                    return;
                }
            }
            if (documentImpl2 != null) {
                documentImpl2.getUpdateLock().release(0);
            }
            int i = 10;
            int i2 = 1;
            boolean z = true;
            String name2 = MimeType.XML_TYPE.getName();
            String str2 = null;
            TransactionManager transactionManager = dBBroker.getBrokerPool().getTransactionManager();
            Txn beginTransaction = transactionManager.beginTransaction();
            try {
                String requestContent = getRequestContent(httpServletRequest);
                InputSource inputSource = new InputSource(new StringReader(requestContent));
                DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
                newInstance.setNamespaceAware(true);
                try {
                    Element documentElement = newInstance.newDocumentBuilder().parse(inputSource).getDocumentElement();
                    String namespaceURI = documentElement.getNamespaceURI();
                    if (namespaceURI != null && namespaceURI.equals(Namespaces.EXIST_NS)) {
                        if (documentElement.getLocalName().equals("query")) {
                            String attribute = documentElement.getAttribute("start");
                            if (attribute != null) {
                                try {
                                    i2 = Integer.parseInt(attribute);
                                } catch (NumberFormatException e2) {
                                }
                            }
                            String attribute2 = documentElement.getAttribute("max");
                            if (attribute2 != null) {
                                try {
                                    i = Integer.parseInt(attribute2);
                                } catch (NumberFormatException e3) {
                                }
                            }
                            String attribute3 = documentElement.getAttribute("enclose");
                            if (attribute3 != null && attribute3.equals("no")) {
                                z = false;
                            }
                            String attribute4 = documentElement.getAttribute("mime");
                            name2 = MimeType.XML_TYPE.getName();
                            if (attribute4 != null && !attribute4.equals("")) {
                                name2 = attribute4;
                            }
                            String attribute5 = documentElement.getAttribute(CommonParams.CACHE);
                            r25 = attribute5 != null ? attribute5.equals("yes") : false;
                            String attribute6 = documentElement.getAttribute("session");
                            if (attribute6 != null && attribute6.length() > 0) {
                                properties.setProperty(Serializer.PROPERTY_SESSION_ID, attribute6);
                            }
                            NodeList childNodes = documentElement.getChildNodes();
                            for (int i3 = 0; i3 < childNodes.getLength(); i3++) {
                                Node item = childNodes.item(i3);
                                if (item.getNodeType() == 1 && item.getNamespaceURI().equals(Namespaces.EXIST_NS)) {
                                    if (item.getLocalName().equals("text")) {
                                        StringBuffer stringBuffer = new StringBuffer();
                                        for (Node firstChild = item.getFirstChild(); firstChild != null; firstChild = firstChild.getNextSibling()) {
                                            if (firstChild.getNodeType() == 3 || firstChild.getNodeType() == 4) {
                                                stringBuffer.append(firstChild.getNodeValue());
                                            }
                                        }
                                        str2 = stringBuffer.toString();
                                    } else if (item.getLocalName().equals(CoreDescriptor.CORE_PROPERTIES)) {
                                        for (Node firstChild2 = item.getFirstChild(); firstChild2 != null; firstChild2 = firstChild2.getNextSibling()) {
                                            if (firstChild2.getNodeType() == 1 && firstChild2.getNamespaceURI().equals(Namespaces.EXIST_NS) && firstChild2.getLocalName().equals("property")) {
                                                Element element = (Element) firstChild2;
                                                String attribute7 = element.getAttribute("name");
                                                String attribute8 = element.getAttribute("value");
                                                LOG.debug(new StringBuffer().append(attribute7).append(" = ").append(attribute8).toString());
                                                if (attribute7 != null && attribute8 != null) {
                                                    properties.setProperty(attribute7, attribute8);
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        if (str2 == null) {
                            transactionManager.abort(beginTransaction);
                            throw new BadRequestException("No query specified");
                        }
                        try {
                            message = search(dBBroker, str2, str, i, i2, properties, z, r25, httpServletRequest, httpServletResponse);
                        } catch (Exception e4) {
                            httpServletResponse.setStatus(202);
                            message = e4.getMessage();
                        }
                        writeResponse(httpServletResponse, message, name2, properties.getProperty("encoding"));
                    } else {
                        if (namespaceURI == null || !namespaceURI.equals(XUpdateProcessor.XUPDATE_NS)) {
                            transactionManager.abort(beginTransaction);
                            throw new BadRequestException(new StringBuffer().append("Unknown XML root element: ").append(documentElement.getNodeName()).toString());
                        }
                        LOG.debug(new StringBuffer().append("Got xupdate request: ").append(requestContent).toString());
                        DocumentSet documentSet = new DocumentSet();
                        Collection collection = dBBroker.getCollection(create);
                        if (collection != null) {
                            collection.allDocs(dBBroker, documentSet, true, true);
                        } else {
                            DocumentImpl documentImpl3 = (DocumentImpl) dBBroker.getXMLResource(create);
                            if (documentImpl3 == null) {
                                dBBroker.getAllXMLResources(documentSet);
                            } else {
                                if (!documentImpl3.getPermissions().validate(dBBroker.getUser(), 4)) {
                                    transactionManager.abort(beginTransaction);
                                    throw new PermissionDeniedException("Not allowed to read collection");
                                }
                                documentSet.add(documentImpl3);
                            }
                        }
                        long j = 0;
                        for (Modification modification : new XUpdateProcessor(dBBroker, documentSet, AccessContext.REST).parse(new InputSource(new StringReader(requestContent)))) {
                            j += modification.process(beginTransaction);
                            dBBroker.flush();
                        }
                        transactionManager.commit(beginTransaction);
                        writeResponse(httpServletResponse, new StringBuffer().append("<?xml version='1.0'?>\n<exist:modifications xmlns:exist='http://exist.sourceforge.net/NS/exist' count='").append(j).append("'>").append(j).append("modifications processed.</exist:modifications>").toString(), MimeType.XML_TYPE.getName(), "UTF-8");
                    }
                } catch (ParserConfigurationException e5) {
                    LOG.warn(e5);
                    transactionManager.abort(beginTransaction);
                    throw new BadRequestException(e5.getMessage());
                }
            } catch (IOException e6) {
                transactionManager.abort(beginTransaction);
                throw new BadRequestException(new StringBuffer().append("IO exception while parsing request: ").append(e6.getMessage()).toString());
            } catch (ParserConfigurationException e7) {
                transactionManager.abort(beginTransaction);
                throw new BadRequestException(new StringBuffer().append("Parser exception while parsing request: ").append(e7.getMessage()).toString());
            } catch (EXistException e8) {
                transactionManager.abort(beginTransaction);
                throw new BadRequestException(e8.getMessage());
            } catch (LockException e9) {
                transactionManager.abort(beginTransaction);
                throw new PermissionDeniedException(e9.getMessage());
            } catch (XPathException e10) {
                transactionManager.abort(beginTransaction);
                throw new BadRequestException(new StringBuffer().append("Query exception while parsing request: ").append(e10.getMessage()).toString());
            } catch (SAXException e11) {
                transactionManager.abort(beginTransaction);
                SAXException sAXException = e11;
                if (e11.getException() != null) {
                    sAXException = e11.getException();
                }
                LOG.debug(new StringBuffer().append("SAX exception while parsing request: ").append(sAXException.getMessage()).toString(), sAXException);
                throw new BadRequestException(new StringBuffer().append("SAX exception while parsing request: ").append(sAXException.getMessage()).toString());
            }
        } finally {
            if (documentImpl2 != null) {
                documentImpl2.getUpdateLock().release(0);
            }
        }
    }

    private InputSource createInputSource(String str, URI uri) throws IOException {
        if (str == null) {
            return new InputSource(uri.toASCIIString());
        }
        InputSource inputSource = new InputSource(new InputStreamReader(uri.toURL().openStream(), str));
        inputSource.setSystemId(uri.toASCIIString());
        return inputSource;
    }

    public void doPut(DBBroker dBBroker, File file, XmldbURI xmldbURI, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws BadRequestException, PermissionDeniedException, IOException {
        MimeType contentTypeFor;
        if (file == null) {
            throw new BadRequestException("No request content found for PUT");
        }
        TransactionManager transactionManager = dBBroker.getBrokerPool().getTransactionManager();
        Txn beginTransaction = transactionManager.beginTransaction();
        try {
            XmldbURI lastSegment = xmldbURI.lastSegment();
            XmldbURI removeLastSegment = xmldbURI.removeLastSegment();
            if (lastSegment == null || removeLastSegment == null) {
                transactionManager.abort(beginTransaction);
                throw new BadRequestException(new StringBuffer().append("Bad path: ").append(xmldbURI).toString());
            }
            Collection collection = dBBroker.getCollection(removeLastSegment);
            if (collection == null) {
                LOG.debug(new StringBuffer().append("creating collection ").append(removeLastSegment).toString());
                collection = dBBroker.getOrCreateCollection(beginTransaction, removeLastSegment);
                dBBroker.saveCollection(beginTransaction, collection);
            }
            String contentType = httpServletRequest.getContentType();
            String str = null;
            if (contentType != null) {
                int indexOf = contentType.indexOf(59);
                if (indexOf > 0) {
                    contentType = contentType.substring(0, indexOf).trim();
                    int indexOf2 = contentType.indexOf(61, indexOf);
                    if (indexOf2 > 0) {
                        String trim = contentType.substring(indexOf + 1, indexOf2).trim();
                        if (trim.compareToIgnoreCase("charset=") == 0) {
                            str = trim.substring(indexOf2 + 1).trim();
                        }
                    }
                }
                contentTypeFor = MimeTable.getInstance().getContentType(contentType);
            } else {
                contentTypeFor = MimeTable.getInstance().getContentTypeFor(lastSegment);
                if (contentTypeFor != null) {
                    contentType = contentTypeFor.getName();
                }
            }
            if (contentTypeFor == null) {
                contentTypeFor = MimeType.BINARY_TYPE;
            }
            if (contentTypeFor.isXMLType()) {
                URI uri = file.toURI();
                IndexInfo validateXMLResource = collection.validateXMLResource(beginTransaction, dBBroker, lastSegment, createInputSource(str, uri));
                validateXMLResource.getDocument().getMetadata().setMimeType(contentType);
                collection.store(beginTransaction, dBBroker, validateXMLResource, createInputSource(str, uri), false);
                httpServletResponse.setStatus(201);
            } else {
                FileInputStream fileInputStream = new FileInputStream(file);
                collection.addBinaryResource(beginTransaction, dBBroker, lastSegment, fileInputStream, contentType, (int) file.length());
                fileInputStream.close();
                httpServletResponse.setStatus(201);
            }
            transactionManager.commit(beginTransaction);
        } catch (EXistException e) {
            transactionManager.abort(beginTransaction);
            throw new BadRequestException(new StringBuffer().append("Internal error: ").append(e.getMessage()).toString());
        } catch (TriggerException e2) {
            transactionManager.abort(beginTransaction);
            throw new PermissionDeniedException(e2.getMessage());
        } catch (LockException e3) {
            transactionManager.abort(beginTransaction);
            throw new PermissionDeniedException(e3.getMessage());
        } catch (SAXParseException e4) {
            transactionManager.abort(beginTransaction);
            throw new BadRequestException(new StringBuffer().append("Parsing exception at ").append(e4.getLineNumber()).append("/").append(e4.getColumnNumber()).append(": ").append(e4.toString()).toString());
        } catch (SAXException e5) {
            transactionManager.abort(beginTransaction);
            Exception exception = e5.getException();
            if (exception == null) {
                exception = e5;
            }
            throw new BadRequestException(new StringBuffer().append("Parsing exception: ").append(exception.getMessage()).toString());
        }
    }

    public void doDelete(DBBroker dBBroker, XmldbURI xmldbURI, HttpServletResponse httpServletResponse) throws PermissionDeniedException, NotFoundException, IOException {
        TransactionManager transactionManager = dBBroker.getBrokerPool().getTransactionManager();
        Txn beginTransaction = transactionManager.beginTransaction();
        try {
            Collection collection = dBBroker.getCollection(xmldbURI);
            if (collection != null) {
                LOG.debug(new StringBuffer().append("removing collection ").append(xmldbURI).toString());
                dBBroker.removeCollection(beginTransaction, collection);
                httpServletResponse.setStatus(200);
            } else {
                DocumentImpl documentImpl = (DocumentImpl) dBBroker.getXMLResource(xmldbURI);
                if (documentImpl == null) {
                    transactionManager.abort(beginTransaction);
                    throw new NotFoundException(new StringBuffer().append("No document or collection found for path: ").append(xmldbURI).toString());
                }
                LOG.debug(new StringBuffer().append("removing document ").append(xmldbURI).toString());
                if (documentImpl.getResourceType() == 1) {
                    documentImpl.getCollection().removeBinaryResource(beginTransaction, dBBroker, xmldbURI.lastSegment());
                } else {
                    documentImpl.getCollection().removeXMLResource(beginTransaction, dBBroker, xmldbURI.lastSegment());
                }
                httpServletResponse.setStatus(200);
            }
            transactionManager.commit(beginTransaction);
        } catch (TriggerException e) {
            transactionManager.abort(beginTransaction);
            throw new PermissionDeniedException(new StringBuffer().append("Trigger failed: ").append(e.getMessage()).toString());
        } catch (TransactionException e2) {
            transactionManager.abort(beginTransaction);
            LOG.warn(new StringBuffer().append("Transaction aborted: ").append(e2.getMessage()).toString(), e2);
        } catch (LockException e3) {
            transactionManager.abort(beginTransaction);
            throw new PermissionDeniedException(new StringBuffer().append("Could not acquire lock: ").append(e3.getMessage()).toString());
        }
    }

    private String getRequestContent(HttpServletRequest httpServletRequest) throws IOException {
        String characterEncoding = httpServletRequest.getCharacterEncoding();
        if (characterEncoding == null) {
            characterEncoding = "UTF-8";
        }
        InputStreamReader inputStreamReader = new InputStreamReader(httpServletRequest.getInputStream(), characterEncoding);
        StringWriter stringWriter = new StringWriter();
        char[] cArr = new char[4096];
        while (true) {
            int read = inputStreamReader.read(cArr);
            if (read <= -1) {
                return stringWriter.toString();
            }
            stringWriter.write(cArr, 0, read);
        }
    }

    protected String search(DBBroker dBBroker, String str, String str2, int i, int i2, Properties properties, boolean z, boolean z2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws BadRequestException, PermissionDeniedException, XPathException {
        String property = properties.getProperty(Serializer.PROPERTY_SESSION_ID);
        if (property != null) {
            try {
                int parseInt = Integer.parseInt(property);
                if (parseInt > -1) {
                    Sequence sequence = this.sessionManager.get(str, parseInt);
                    if (sequence != null) {
                        LOG.debug("Returning cached query result");
                        return printResults(dBBroker, sequence, i, i2, properties, z);
                    }
                    LOG.debug("Cached query result not found. Probably timed out. Repeating query.");
                }
            } catch (NumberFormatException e) {
                throw new BadRequestException(new StringBuffer().append("Invalid session id passed in query request: ").append(property).toString());
            }
        }
        XmldbURI create = XmldbURI.create(str2);
        try {
            StringSource stringSource = new StringSource(str);
            XQuery xQueryService = dBBroker.getXQueryService();
            XQueryPool xQueryPool = xQueryService.getXQueryPool();
            CompiledXQuery borrowCompiledXQuery = xQueryPool.borrowCompiledXQuery(dBBroker, stringSource);
            XQueryContext newContext = borrowCompiledXQuery == null ? xQueryService.newContext(AccessContext.REST) : borrowCompiledXQuery.getContext();
            newContext.setStaticallyKnownDocuments(new XmldbURI[]{create});
            newContext.setBaseURI(new AnyURIValue(create.toString()));
            declareVariables(newContext, httpServletRequest, httpServletResponse);
            if (borrowCompiledXQuery == null) {
                borrowCompiledXQuery = xQueryService.compile(newContext, stringSource);
            }
            newContext.checkOptions(properties);
            try {
                long currentTimeMillis = System.currentTimeMillis();
                Sequence execute = xQueryService.execute(borrowCompiledXQuery, null);
                long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
                if (LOG.isDebugEnabled()) {
                    LOG.debug(new StringBuffer().append("Found ").append(execute.getItemCount()).append(" in ").append(currentTimeMillis2).append("ms.").toString());
                }
                if (z2) {
                    int add = this.sessionManager.add(str, execute);
                    properties.setProperty(Serializer.PROPERTY_SESSION_ID, Integer.toString(add));
                    if (!httpServletResponse.isCommitted()) {
                        httpServletResponse.setIntHeader("X-Session-Id", add);
                    }
                }
                String printResults = printResults(dBBroker, execute, i, i2, properties, z);
                xQueryPool.returnCompiledXQuery(stringSource, borrowCompiledXQuery);
                return printResults;
            } catch (Throwable th) {
                xQueryPool.returnCompiledXQuery(stringSource, borrowCompiledXQuery);
                throw th;
            }
        } catch (IOException e2) {
            throw new BadRequestException(e2.getMessage(), e2);
        }
    }

    private HttpRequestWrapper declareVariables(XQueryContext xQueryContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws XPathException {
        HttpRequestWrapper httpRequestWrapper = new HttpRequestWrapper(httpServletRequest, this.formEncoding, this.containerEncoding);
        Object httpResponseWrapper = new HttpResponseWrapper(httpServletResponse);
        xQueryContext.declareVariable("request:request", httpRequestWrapper);
        xQueryContext.declareVariable("response:response", httpResponseWrapper);
        xQueryContext.declareVariable("session:session", httpRequestWrapper.getSession());
        return httpRequestWrapper;
    }

    private String executeXQuery(DBBroker dBBroker, DocumentImpl documentImpl, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Properties properties, String str, String str2) throws XPathException, BadRequestException {
        XQueryContext context;
        DBSource dBSource = new DBSource(dBBroker, (BinaryDocument) documentImpl, true);
        XQuery xQueryService = dBBroker.getXQueryService();
        XQueryPool xQueryPool = xQueryService.getXQueryPool();
        CompiledXQuery borrowCompiledXQuery = xQueryPool.borrowCompiledXQuery(dBBroker, dBSource);
        if (borrowCompiledXQuery == null) {
            httpServletResponse.setHeader("X-XQuery-Cached", "false");
            context = xQueryService.newContext(AccessContext.REST);
        } else {
            httpServletResponse.setHeader("X-XQuery-Cached", "true");
            context = borrowCompiledXQuery.getContext();
        }
        context.setModuleLoadPath(XmldbURI.EMBEDDED_SERVER_URI.append(documentImpl.getCollection().getURI()).toString());
        context.setStaticallyKnownDocuments(new XmldbURI[]{documentImpl.getCollection().getURI()});
        HttpRequestWrapper declareVariables = declareVariables(context, httpServletRequest, httpServletResponse);
        declareVariables.setServletPath(str);
        declareVariables.setPathInfo(str2);
        if (borrowCompiledXQuery == null) {
            try {
                borrowCompiledXQuery = xQueryService.compile(context, dBSource);
            } catch (IOException e) {
                throw new BadRequestException(new StringBuffer().append("Failed to read query from ").append(documentImpl.getURI()).toString(), e);
            }
        }
        context.checkOptions(properties);
        try {
            String printResults = printResults(dBBroker, xQueryService.execute(borrowCompiledXQuery, null), -1, 1, properties, false);
            xQueryPool.returnCompiledXQuery(dBSource, borrowCompiledXQuery);
            return printResults;
        } catch (Throwable th) {
            xQueryPool.returnCompiledXQuery(dBSource, borrowCompiledXQuery);
            throw th;
        }
    }

    private String formatXPathExceptionHtml(String str, String str2, XPathException xPathException) {
        StringWriter stringWriter = new StringWriter();
        stringWriter.write(QUERY_ERROR_HEAD);
        stringWriter.write("<p class=\"path\"><span class=\"high\">Path</span>: ");
        stringWriter.write("<a href=\"");
        stringWriter.write(str2);
        stringWriter.write("\">");
        stringWriter.write(str2);
        stringWriter.write("</a></p>");
        stringWriter.write("<p class=\"errmsg\">");
        stringWriter.write(xPathException.getMessage());
        stringWriter.write("</p>");
        if (str != null) {
            stringWriter.write("<p><span class=\"high\">Query</span>:</p><pre>");
            stringWriter.write(str);
            stringWriter.write("</pre>");
        }
        stringWriter.write("</body></html>");
        return stringWriter.toString();
    }

    private String formatXPathException(String str, String str2, XPathException xPathException) {
        StringWriter stringWriter = new StringWriter();
        stringWriter.write("<?xml version=\"1.0\" ?>");
        stringWriter.write("<exception><path>");
        stringWriter.write(str2);
        stringWriter.write("</path>");
        stringWriter.write("<message>");
        stringWriter.write(xPathException.getMessage());
        stringWriter.write("</message>");
        if (str != null) {
            stringWriter.write("<query>");
            stringWriter.write(str);
            stringWriter.write("</query>");
        }
        stringWriter.write("</exception>");
        return stringWriter.toString();
    }

    protected String printCollection(DBBroker dBBroker, Collection collection) {
        Class cls;
        SAXSerializer sAXSerializer = null;
        StringWriter stringWriter = new StringWriter();
        try {
            try {
                SerializerPool serializerPool = SerializerPool.getInstance();
                if (class$org$exist$util$serializer$SAXSerializer == null) {
                    cls = class$("org.exist.util.serializer.SAXSerializer");
                    class$org$exist$util$serializer$SAXSerializer = cls;
                } else {
                    cls = class$org$exist$util$serializer$SAXSerializer;
                }
                sAXSerializer = (SAXSerializer) serializerPool.borrowObject(cls);
                sAXSerializer.setOutput(stringWriter, defaultProperties);
                AttributesImpl attributesImpl = new AttributesImpl();
                sAXSerializer.startDocument();
                sAXSerializer.startPrefixMapping("exist", Namespaces.EXIST_NS);
                sAXSerializer.startElement(Namespaces.EXIST_NS, Constants.EXSLT_ELEMNAME_FUNCRESULT_STRING, "exist:result", attributesImpl);
                attributesImpl.addAttribute("", "name", "name", "CDATA", collection.getURI().toString());
                try {
                    attributesImpl.addAttribute("", ResourceEvent.ACTION_CREATED, ResourceEvent.ACTION_CREATED, "CDATA", new DateTimeValue(new Date(collection.getCreationTime())).getStringValue());
                } catch (XPathException e) {
                    attributesImpl.addAttribute("", ResourceEvent.ACTION_CREATED, ResourceEvent.ACTION_CREATED, "CDATA", String.valueOf(collection.getCreationTime()));
                }
                printPermissions(attributesImpl, collection.getPermissions());
                sAXSerializer.startElement(Namespaces.EXIST_NS, "collection", "exist:collection", attributesImpl);
                Iterator collectionIterator = collection.collectionIterator();
                while (collectionIterator.hasNext()) {
                    XmldbURI xmldbURI = (XmldbURI) collectionIterator.next();
                    Collection collection2 = dBBroker.getCollection(collection.getURI().append(xmldbURI));
                    if (collection2 != null && collection2.getPermissions().validate(dBBroker.getUser(), 4)) {
                        attributesImpl.clear();
                        attributesImpl.addAttribute("", "name", "name", "CDATA", xmldbURI.toString());
                        try {
                            attributesImpl.addAttribute("", ResourceEvent.ACTION_CREATED, ResourceEvent.ACTION_CREATED, "CDATA", new DateTimeValue(new Date(collection2.getCreationTime())).getStringValue());
                        } catch (XPathException e2) {
                            attributesImpl.addAttribute("", ResourceEvent.ACTION_CREATED, ResourceEvent.ACTION_CREATED, "CDATA", String.valueOf(collection2.getCreationTime()));
                        }
                        printPermissions(attributesImpl, collection2.getPermissions());
                        sAXSerializer.startElement(Namespaces.EXIST_NS, "collection", "exist:collection", attributesImpl);
                        sAXSerializer.endElement(Namespaces.EXIST_NS, "collection", "exist:collection");
                    }
                }
                Iterator it = collection.iterator(dBBroker);
                while (it.hasNext()) {
                    DocumentImpl documentImpl = (DocumentImpl) it.next();
                    if (documentImpl.getPermissions().validate(dBBroker.getUser(), 4)) {
                        XmldbURI fileURI = documentImpl.getFileURI();
                        DocumentMetadata metadata = documentImpl.getMetadata();
                        attributesImpl.clear();
                        attributesImpl.addAttribute("", "name", "name", "CDATA", fileURI.toString());
                        try {
                            attributesImpl.addAttribute("", ResourceEvent.ACTION_CREATED, ResourceEvent.ACTION_CREATED, "CDATA", new DateTimeValue(new Date(metadata.getCreated())).getStringValue());
                        } catch (XPathException e3) {
                            attributesImpl.addAttribute("", ResourceEvent.ACTION_CREATED, ResourceEvent.ACTION_CREATED, "CDATA", String.valueOf(metadata.getCreated()));
                        }
                        try {
                            attributesImpl.addAttribute("", "last-mofified", ResourceAttributes.ALTERNATE_LAST_MODIFIED, "CDATA", new DateTimeValue(new Date(metadata.getLastModified())).getStringValue());
                        } catch (XPathException e4) {
                            attributesImpl.addAttribute("", ResourceAttributes.ALTERNATE_LAST_MODIFIED, ResourceAttributes.ALTERNATE_LAST_MODIFIED, "CDATA", String.valueOf(metadata.getLastModified()));
                        }
                        printPermissions(attributesImpl, documentImpl.getPermissions());
                        sAXSerializer.startElement(Namespaces.EXIST_NS, "resource", "exist:resource", attributesImpl);
                        sAXSerializer.endElement(Namespaces.EXIST_NS, "resource", "exist:resource");
                    }
                }
                sAXSerializer.endElement(Namespaces.EXIST_NS, "collection", "exist:collection");
                sAXSerializer.endElement(Namespaces.EXIST_NS, Constants.EXSLT_ELEMNAME_FUNCRESULT_STRING, "exist:result");
                sAXSerializer.endDocument();
                SerializerPool.getInstance().returnObject(sAXSerializer);
            } catch (SAXException e5) {
                LOG.warn(new StringBuffer().append("Error while serializing collection contents: ").append(e5.getMessage()).toString(), e5);
                SerializerPool.getInstance().returnObject(sAXSerializer);
            }
            return stringWriter.toString();
        } catch (Throwable th) {
            SerializerPool.getInstance().returnObject(sAXSerializer);
            throw th;
        }
    }

    protected void printPermissions(AttributesImpl attributesImpl, Permission permission) {
        attributesImpl.addAttribute("", "owner", "owner", "CDATA", permission.getOwner());
        attributesImpl.addAttribute("", "group", "group", "CDATA", permission.getOwnerGroup());
        attributesImpl.addAttribute("", "permissions", "permissions", "CDATA", permission.toString());
    }

    protected String printResults(DBBroker dBBroker, Sequence sequence, int i, int i2, Properties properties, boolean z) throws BadRequestException {
        Class cls;
        if (sequence.isEmpty()) {
            i = 0;
        } else {
            int itemCount = sequence.getItemCount();
            if (i2 < 1 || i2 > itemCount) {
                throw new BadRequestException("Start parameter out of range");
            }
            if (i + i2 > itemCount || i <= 0) {
                i = (itemCount - i2) + 1;
            }
        }
        Serializer serializer = dBBroker.getSerializer();
        serializer.reset();
        properties.setProperty(Serializer.GENERATE_DOC_EVENTS, "false");
        try {
            StringWriter stringWriter = new StringWriter();
            SerializerPool serializerPool = SerializerPool.getInstance();
            if (class$org$exist$util$serializer$SAXSerializer == null) {
                cls = class$("org.exist.util.serializer.SAXSerializer");
                class$org$exist$util$serializer$SAXSerializer = cls;
            } else {
                cls = class$org$exist$util$serializer$SAXSerializer;
            }
            SAXSerializer sAXSerializer = (SAXSerializer) serializerPool.borrowObject(cls);
            sAXSerializer.setOutput(stringWriter, properties);
            serializer.setProperties(properties);
            serializer.setSAXHandlers(sAXSerializer, sAXSerializer);
            serializer.toSAX(sequence, i2, i, z);
            SerializerPool.getInstance().returnObject(sAXSerializer);
            return stringWriter.toString();
        } catch (SAXException e) {
            LOG.warn(e);
            throw new BadRequestException(new StringBuffer().append("Error while serializing xml: ").append(e.toString()).toString(), e);
        } catch (Exception e2) {
            LOG.warn(e2.getMessage(), e2);
            throw new BadRequestException(new StringBuffer().append("Error while serializing xml: ").append(e2.toString()).toString(), e2);
        }
    }

    private void writeResponse(HttpServletResponse httpServletResponse, String str, String str2, String str3) throws IOException {
        if (str2 != null && !httpServletResponse.isCommitted()) {
            int indexOf = str2.indexOf(59);
            if (indexOf != -1) {
                str2 = str2.substring(0, indexOf);
            }
            httpServletResponse.setContentType(new StringBuffer().append(str2).append(HTTP.CHARSET_PARAM).append(str3).toString());
        }
        httpServletResponse.getOutputStream().write(str.getBytes(str3));
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$exist$http$RESTServer == null) {
            cls = class$("org.exist.http.RESTServer");
            class$org$exist$http$RESTServer = cls;
        } else {
            cls = class$org$exist$http$RESTServer;
        }
        LOG = Logger.getLogger(cls);
        defaultProperties = new Properties();
        defaultProperties.setProperty("indent", "yes");
        defaultProperties.setProperty("encoding", "UTF-8");
        defaultProperties.setProperty("media-type", MimeType.XML_TYPE.getName());
        defaultProperties.setProperty(EXistOutputKeys.EXPAND_XINCLUDES, "yes");
        defaultProperties.setProperty(EXistOutputKeys.HIGHLIGHT_MATCHES, "elements");
        defaultProperties.setProperty(EXistOutputKeys.PROCESS_XSL_PI, "yes");
        defaultOutputKeysProperties = new Properties();
        defaultOutputKeysProperties.setProperty("indent", "yes");
        defaultOutputKeysProperties.setProperty("encoding", "UTF-8");
        defaultOutputKeysProperties.setProperty("media-type", MimeType.XML_TYPE.getName());
    }
}
