package com.zimbra.cs.service;

import com.zimbra.common.account.Key;
import com.zimbra.common.mime.ContentDisposition;
import com.zimbra.common.service.ServiceException;
import com.zimbra.common.util.ByteUtil;
import com.zimbra.common.util.HttpUtil;
import com.zimbra.common.util.L10nUtil;
import com.zimbra.common.util.Log;
import com.zimbra.common.util.LogFactory;
import com.zimbra.common.util.ZimbraLog;
import com.zimbra.cs.account.Account;
import com.zimbra.cs.account.AuthToken;
import com.zimbra.cs.account.Provisioning;
import com.zimbra.cs.dav.DavProtocol;
import com.zimbra.cs.filter.FilterUtil;
import com.zimbra.cs.html.BrowserDefang;
import com.zimbra.cs.html.DefangFactory;
import com.zimbra.cs.index.LuceneFields;
import com.zimbra.cs.mailbox.CalendarItem;
import com.zimbra.cs.mailbox.MailItem;
import com.zimbra.cs.mailbox.MailServiceException;
import com.zimbra.cs.mailbox.Mailbox;
import com.zimbra.cs.mailbox.MailboxManager;
import com.zimbra.cs.mailbox.Message;
import com.zimbra.cs.mailbox.OperationContext;
import com.zimbra.cs.mailbox.calendar.CalendarMailSender;
import com.zimbra.cs.mailbox.calendar.Invite;
import com.zimbra.cs.mailbox.util.TagUtil;
import com.zimbra.cs.mime.Mime;
import com.zimbra.cs.service.FileUploadServlet;
import com.zimbra.cs.service.util.ItemId;
import com.zimbra.cs.servlet.ZimbraServlet;
import com.zimbra.cs.util.AccountUtil;
import com.zimbra.cs.util.BuildInfoGenerated;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import javax.mail.MessagingException;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimePart;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/zimbra/cs/service/ContentServlet.class */
public class ContentServlet extends ZimbraServlet {
    private static final long serialVersionUID = 6466028729668217319L;
    public static final String SERVLET_PATH = "/service/content";
    public static final String PREFIX_GET = "/get";
    protected static final String PREFIX_PROXY = "/proxy";
    public static final String PARAM_MSGID = "id";
    protected static final String PARAM_UPLOAD_ID = "aid";
    protected static final String PARAM_PART = "part";
    protected static final String PARAM_FORMAT = "fmt";
    protected static final String PARAM_DUMPSTER = "dumpster";
    protected static final String PARAM_SYNC = "sync";
    protected static final String PARAM_EXPUNGE = "expunge";
    protected static final String PARAM_LOCALE_ID = "loc";
    protected static final String FORMAT_RAW = "raw";
    protected static final String FORMAT_DEFANGED_HTML = "htmldf";
    protected static final String FORMAT_DEFANGED_HTML_NOT_IMAGES = "htmldfi";
    protected static final String CONVERSION_PATH = "/extension/convertd";
    protected static final String ATTR_MIMEPART = "mimepart";
    protected static final String ATTR_MSGDIGEST = "msgdigest";
    protected static final String ATTR_CONTENTURL = "contenturl";
    protected static final String MSGPAGE_BLOCK = "errorpage.attachment.blocked";
    private String mBlockPage = null;
    private static Log mLog = LogFactory.getLog(ContentServlet.class);

    private void getCommand(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthToken authToken) throws ServletException, IOException {
        Invite[] invites;
        try {
            ItemId itemId = new ItemId(httpServletRequest.getParameter("id"), (String) null);
            String parameter = httpServletRequest.getParameter("part");
            String parameter2 = httpServletRequest.getParameter("fmt");
            String parameter3 = httpServletRequest.getParameter("dumpster");
            boolean z = (parameter3 == null || parameter3.equals(BuildInfoGenerated.RELNUM) || parameter3.equalsIgnoreCase("false")) ? false : true;
            try {
                if (!itemId.isLocal()) {
                    proxyServletRequest(httpServletRequest, httpServletResponse, itemId.getAccountId());
                    return;
                }
                String accountId = authToken.getAccountId();
                String accountId2 = itemId.getAccountId() != null ? itemId.getAccountId() : accountId;
                AccountUtil.addAccountToLogContext(Provisioning.getInstance(), accountId2, "name", "id", authToken);
                if (!accountId2.equalsIgnoreCase(accountId)) {
                    ZimbraLog.addToContext("aid", accountId);
                }
                Mailbox mailboxByAccountId = MailboxManager.getInstance().getMailboxByAccountId(accountId2);
                if (mailboxByAccountId == null) {
                    httpServletResponse.sendError(400, L10nUtil.getMessage(L10nUtil.MsgKey.errMailboxNotFound, httpServletRequest, new Object[0]));
                    return;
                }
                ZimbraLog.addMboxToContext(mailboxByAccountId.getId());
                MailItem itemById = mailboxByAccountId.getItemById(new OperationContext(authToken), itemId.getId(), MailItem.Type.UNKNOWN, z);
                if (itemById == null) {
                    httpServletResponse.sendError(400, L10nUtil.getMessage(L10nUtil.MsgKey.errMessageNotFound, httpServletRequest, new Object[0]));
                    return;
                }
                try {
                } catch (MessagingException e) {
                    httpServletResponse.sendError(500, e.getMessage());
                }
                if (parameter != null) {
                    MimePart mimePart = null;
                    if (itemById instanceof Message) {
                        mimePart = getMimePart((Message) itemById, parameter);
                    } else {
                        CalendarItem calendarItem = (CalendarItem) itemById;
                        if (itemId.hasSubpart()) {
                            MimeMessage subpartMessage = calendarItem.getSubpartMessage(itemId.getSubpartId());
                            if (subpartMessage != null) {
                                mimePart = Mime.getMimePart(subpartMessage, parameter);
                            }
                        } else {
                            mimePart = getMimePart(calendarItem, parameter);
                        }
                    }
                    if (mimePart == null) {
                        httpServletResponse.sendError(400, L10nUtil.getMessage(L10nUtil.MsgKey.errPartNotFound, httpServletRequest, new Object[0]));
                        return;
                    }
                    String contentType = mimePart.getContentType();
                    if (contentType == null) {
                        contentType = DavProtocol.DEFAULT_CONTENT_TYPE;
                    }
                    if (contentType.toLowerCase().startsWith("text/html") && (FORMAT_DEFANGED_HTML.equals(parameter2) || FORMAT_DEFANGED_HTML_NOT_IMAGES.equals(parameter2))) {
                        sendbackDefangedHtml(mimePart, contentType, httpServletResponse, parameter2);
                    } else if (isTrue("zimbraAttachmentsViewInHtmlOnly", mailboxByAccountId.getAccountId())) {
                        httpServletRequest.setAttribute(ATTR_MIMEPART, mimePart);
                        httpServletRequest.setAttribute("msgdigest", itemById.getDigest());
                        httpServletRequest.setAttribute("contenturl", httpServletRequest.getRequestURL().toString());
                        getServletContext().getRequestDispatcher(CONVERSION_PATH).forward(httpServletRequest, httpServletResponse);
                    } else {
                        sendbackOriginalDoc(mimePart, contentType, httpServletRequest, httpServletResponse);
                    }
                    return;
                }
                boolean equals = "1".equals(httpServletRequest.getParameter("sync"));
                StringBuffer stringBuffer = new StringBuffer();
                if (equals) {
                    httpServletResponse.addHeader("X-Zimbra-Tags", TagUtil.getTagIdString(itemById));
                    httpServletResponse.addHeader("X-Zimbra-Tag-Names", TagUtil.encodeTags(itemById.getTags()));
                    httpServletResponse.addHeader("X-Zimbra-Flags", itemById.getFlagString());
                    httpServletResponse.addHeader("X-Zimbra-Received", Long.toString(itemById.getDate()));
                    httpServletResponse.addHeader("X-Zimbra-Modified", Long.toString(itemById.getChangeDate()));
                    stringBuffer.append("X-Zimbra-Tags: ").append(TagUtil.getTagIdString(itemById)).append("\n");
                    stringBuffer.append("X-Zimbra-Tag-Names: ").append(TagUtil.encodeTags(itemById.getTags()));
                    stringBuffer.append("X-Zimbra-Flags: ").append(itemById.getFlagString()).append("\n");
                    stringBuffer.append("X-Zimbra-Received: ").append(itemById.getDate()).append("\n");
                    stringBuffer.append("X-Zimbra-Modified: ").append(itemById.getChangeDate()).append("\n");
                }
                if (itemById instanceof Message) {
                    Message message = (Message) itemById;
                    if (equals) {
                        httpServletResponse.addHeader("X-Zimbra-Conv", Integer.toString(message.getConversationId()));
                        stringBuffer.append("X-Zimbra-Conv: ").append(message.getConversationId()).append("\n");
                        httpServletResponse.getOutputStream().write(stringBuffer.toString().getBytes());
                    }
                    httpServletResponse.setContentType("text/plain");
                    ByteUtil.copy(message.getContentStream(), true, httpServletResponse.getOutputStream(), false);
                } else if (itemById instanceof CalendarItem) {
                    CalendarItem calendarItem2 = (CalendarItem) itemById;
                    if (equals) {
                        httpServletResponse.getOutputStream().write(stringBuffer.toString().getBytes());
                    }
                    httpServletResponse.setContentType("text/plain");
                    if (itemId.hasSubpart()) {
                        int subpartId = itemId.getSubpartId();
                        MimeMessage subpartMessage2 = calendarItem2.getSubpartMessage(subpartId);
                        if (subpartMessage2 == null && (invites = calendarItem2.getInvites(subpartId)) != null && invites.length > 0) {
                            subpartMessage2 = CalendarMailSender.createCalendarMessage(invites[0]);
                        }
                        if (subpartMessage2 != null) {
                            subpartMessage2.writeTo(httpServletResponse.getOutputStream());
                        }
                    } else {
                        InputStream rawMessage = calendarItem2.getRawMessage();
                        if (rawMessage != null) {
                            ByteUtil.copy(rawMessage, true, httpServletResponse.getOutputStream(), false);
                        }
                    }
                }
            } catch (MailServiceException.NoSuchItemException e2) {
                httpServletResponse.sendError(404, L10nUtil.getMessage(L10nUtil.MsgKey.errNoSuchItem, httpServletRequest, new Object[0]));
            } catch (ServiceException e3) {
                returnError(httpServletResponse, e3);
            } finally {
                ZimbraLog.clearContext();
            }
        } catch (ServiceException e4) {
            httpServletResponse.sendError(400, L10nUtil.getMessage(L10nUtil.MsgKey.errInvalidId, httpServletRequest, new Object[0]));
        }
    }

    private void retrieveUpload(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthToken authToken) throws IOException {
        String parameter = httpServletRequest.getParameter("aid");
        if (parameter == null) {
            httpServletResponse.sendError(400, L10nUtil.getMessage(L10nUtil.MsgKey.errMissingUploadId, httpServletRequest, new Object[0]));
            return;
        }
        try {
            if (!FileUploadServlet.isLocalUpload(parameter)) {
                proxyServletRequest(httpServletRequest, httpServletResponse, Provisioning.getInstance().get(Key.ServerBy.id, FileUploadServlet.getUploadServerId(parameter)), (AuthToken) null);
                return;
            }
            FileUploadServlet.Upload fetchUpload = FileUploadServlet.fetchUpload(authToken.getAccountId(), parameter, authToken);
            if (fetchUpload == null) {
                httpServletResponse.sendError(400, L10nUtil.getMessage(L10nUtil.MsgKey.errNoSuchUpload, httpServletRequest, new Object[0]));
                return;
            }
            String name = fetchUpload.getName();
            httpServletResponse.addHeader(FilterUtil.HEADER_CONTENT_DISPOSITION, new ContentDisposition(LuceneFields.L_ATTACHMENTS).setParameter("filename", name == null ? "unknown" : name).toString());
            sendbackOriginalDoc(fetchUpload.getInputStream(), fetchUpload.getContentType(), httpServletResponse);
            if ("true".equalsIgnoreCase(httpServletRequest.getParameter(PARAM_EXPUNGE)) || "1".equals(httpServletRequest.getParameter(PARAM_EXPUNGE))) {
                FileUploadServlet.deleteUpload(fetchUpload);
            }
        } catch (ServiceException e) {
            returnError(httpServletResponse, e);
        }
    }

    private boolean isTrue(String str, String str2) throws ServletException {
        Provisioning provisioning = Provisioning.getInstance();
        try {
            Account account = provisioning.get(Key.AccountBy.id, str2);
            if (!provisioning.getConfig().getBooleanAttr(str, false)) {
                if (!account.getBooleanAttr(str, false)) {
                    return false;
                }
            }
            return true;
        } catch (ServiceException e) {
            throw new ServletException(e);
        }
    }

    public static MimePart getMimePart(CalendarItem calendarItem, String str) throws IOException, MessagingException, ServiceException {
        return Mime.getMimePart(calendarItem.getMimeMessage(), str);
    }

    public static MimePart getMimePart(Message message, String str) throws IOException, MessagingException, ServiceException {
        return Mime.getMimePart(message.getMimeMessage(), str);
    }

    public static void sendbackOriginalDoc(MimePart mimePart, String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, MessagingException {
        String filename = Mime.getFilename(mimePart);
        if (filename == null) {
            filename = "unknown";
        }
        httpServletResponse.addHeader(FilterUtil.HEADER_CONTENT_DISPOSITION, HttpUtil.createContentDisposition(httpServletRequest, LuceneFields.L_ATTACHMENTS, filename));
        String description = mimePart.getDescription();
        if (description != null) {
            httpServletResponse.addHeader("Content-Description", description);
        }
        sendbackOriginalDoc(mimePart.getInputStream(), str, httpServletResponse);
    }

    public static void sendbackOriginalDoc(InputStream inputStream, String str, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setContentType(str);
        ByteUtil.copy(inputStream, true, httpServletResponse.getOutputStream(), false);
    }

    static void sendbackDefangedHtml(MimePart mimePart, String str, HttpServletResponse httpServletResponse, String str2) throws IOException, MessagingException {
        httpServletResponse.setContentType(str);
        InputStream inputStream = null;
        try {
            BrowserDefang defanger = DefangFactory.getDefanger(str);
            InputStream inputStream2 = mimePart.getInputStream();
            inputStream = inputStream2;
            ByteUtil.copy(new ByteArrayInputStream(defanger.defang(inputStream2, FORMAT_DEFANGED_HTML.equals(str2)).getBytes("utf-8")), false, httpServletResponse.getOutputStream(), false);
            ByteUtil.closeStream(inputStream);
        } catch (Throwable th) {
            ByteUtil.closeStream(inputStream);
            throw th;
        }
    }

    private void sendbackBlockMessage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        RequestDispatcher requestDispatcher = getServletContext().getRequestDispatcher(this.mBlockPage);
        if (requestDispatcher != null) {
            requestDispatcher.forward(httpServletRequest, httpServletResponse);
        } else {
            httpServletResponse.sendError(403, L10nUtil.getMessage(L10nUtil.MsgKey.errAttachmentDownloadDisabled, httpServletRequest, new Object[0]));
        }
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        ZimbraLog.clearContext();
        addRemoteIpToLoggingContext(httpServletRequest);
        mLog.debug("request url: %s, path info: ", new Object[]{httpServletRequest.getRequestURL(), httpServletRequest.getPathInfo()});
        AuthToken authTokenFromCookie = getAuthTokenFromCookie(httpServletRequest, httpServletResponse);
        if (authTokenFromCookie == null) {
            return;
        }
        if (isTrue("zimbraAttachmentsBlocked", authTokenFromCookie.getAccountId())) {
            sendbackBlockMessage(httpServletRequest, httpServletResponse);
            return;
        }
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo != null && pathInfo.equals(PREFIX_GET)) {
            getCommand(httpServletRequest, httpServletResponse, authTokenFromCookie);
        } else if (pathInfo == null || !pathInfo.equals(PREFIX_PROXY)) {
            httpServletResponse.sendError(400, L10nUtil.getMessage(L10nUtil.MsgKey.errInvalidRequest, httpServletRequest, new Object[0]));
        } else {
            retrieveUpload(httpServletRequest, httpServletResponse, authTokenFromCookie);
        }
    }

    @Override // com.zimbra.cs.servlet.ZimbraServlet
    public void init() throws ServletException {
        mLog.info("Servlet " + getServletName() + " starting up");
        super.init();
        this.mBlockPage = getInitParameter(MSGPAGE_BLOCK);
    }

    public void destroy() {
        mLog.info("Servlet " + getServletName() + " shutting down");
        super.destroy();
    }
}
