package thredds.server.notebook;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.file.AccessDeniedException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.Arrays;
import java.util.Collection;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;
import org.eclipse.jetty.util.security.Constraint;
import org.json.JSONArray;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BindException;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import thredds.client.catalog.Catalog;
import thredds.client.catalog.Dataset;
import thredds.core.AllowedServices;
import thredds.core.CatalogManager;
import thredds.core.StandardService;
import thredds.core.TdsRequestedDataset;
import thredds.server.config.TdsContext;
import thredds.server.exception.ServiceNotAllowed;
import thredds.util.Constants;

@RequestMapping({"/notebook"})
@Controller
/* loaded from: input_file:WEB-INF/classes/thredds/server/notebook/NotebookController.class */
public class NotebookController {
    private final String DS_REPLACE_TEXT = "{{datasetName}}";
    private final String CAT_REPLACE_TEXT = "{{catUrl}}";

    @Autowired
    TdsContext tdsContext;

    @Autowired
    CatalogManager catalogManager;

    @Autowired
    AllowedServices allowedServices;

    @Autowired
    JupyterNotebookServiceCache jupyterNotebooks;

    @RequestMapping(value = {Constraint.ANY_AUTH}, params = {"filename"}, method = {RequestMethod.GET})
    public void getNotebook(@RequestParam("filename") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @Valid NotebookParamsBean notebookParamsBean, BindingResult bindingResult) throws ServiceNotAllowed, IOException, BindException, URISyntaxException {
        if (!this.allowedServices.isAllowed(StandardService.jupyterNotebook) || str.isEmpty() || !validateRequestedFile(str)) {
            throw new ServiceNotAllowed(StandardService.jupyterNotebook.toString());
        }
        if (bindingResult.hasErrors()) {
            throw new BindException(bindingResult);
        }
        File notebookFile = getNotebookFile(str);
        if (notebookFile == null) {
            throw new FileNotFoundException(str);
        }
        String str2 = notebookParamsBean.catalog;
        Dataset dataset = getDataset(str2, httpServletRequest);
        String str3 = new String(Files.readAllBytes(Paths.get(notebookFile.getAbsolutePath(), new String[0])));
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        String replace = str3.replace("{{datasetName}}", dataset.getName()).replace("{{catUrl}}", stringBuffer.substring(0, stringBuffer.indexOf(getBase())) + StandardService.catalogRemote.getBase() + str2);
        httpServletResponse.setHeader("Content-Disposition", Constants.setContentDispositionValue(notebookFile.getName()));
        httpServletResponse.setHeader("Content-Length", Integer.toString(replace.length()));
        httpServletResponse.setContentType("application/x-ipynb+json");
        httpServletResponse.getOutputStream().write(replace.getBytes());
        httpServletResponse.flushBuffer();
        httpServletResponse.getOutputStream().close();
        httpServletResponse.setStatus(200);
    }

    @RequestMapping(value = {Constraint.ANY_AUTH}, method = {RequestMethod.GET})
    public void getNotebooksForDataset(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @Valid NotebookParamsBean notebookParamsBean, BindingResult bindingResult) throws IllegalArgumentException, ServiceNotAllowed, IOException, URISyntaxException, BindException {
        if (!this.allowedServices.isAllowed(StandardService.jupyterNotebook)) {
            throw new ServiceNotAllowed(StandardService.jupyterNotebook.toString());
        }
        if (bindingResult.hasErrors()) {
            throw new BindException(bindingResult);
        }
        String str = notebookParamsBean.catalog;
        Dataset dataset = getDataset(str, httpServletRequest);
        if (dataset == null) {
            throw new FileNotFoundException("Dataset with ID '" + new TdsRequestedDataset(httpServletRequest, getBase()).getPath() + "' not found in catalog '" + str + "'.");
        }
        JSONArray notebookParams = getNotebookParams(dataset);
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.getWriter().write(notebookParams.toString());
        httpServletResponse.getWriter().flush();
        httpServletResponse.getWriter().close();
        httpServletResponse.setStatus(200);
    }

    protected String getBase() {
        return StandardService.jupyterNotebook.getBase();
    }

    private boolean validateRequestedFile(String str) {
        return Arrays.asList(".py", ".ipynb").stream().anyMatch(str2 -> {
            return str.endsWith(str2);
        }) && !str.contains("../");
    }

    private Dataset getDataset(String str, HttpServletRequest httpServletRequest) throws URISyntaxException, IOException, IllegalArgumentException {
        if (str == null) {
            throw new IllegalArgumentException("Argument 'catalog' cannot be null.");
        }
        return getCatalog(str, httpServletRequest).findDatasetByID(new TdsRequestedDataset(httpServletRequest, getBase()).getPath());
    }

    private Catalog getCatalog(String str, HttpServletRequest httpServletRequest) throws URISyntaxException, IOException {
        String base = StandardService.catalogRemote.getBase();
        String replace = httpServletRequest.getRequestURL().toString().replace(getBase(), base);
        String substring = replace.substring(0, replace.indexOf(base) + base.length());
        try {
            Catalog catalog = this.catalogManager.getCatalog(str, new URI(substring));
            if (catalog == null) {
                throw new FileNotFoundException(substring + str);
            }
            return catalog;
        } catch (URISyntaxException e) {
            throw new URISyntaxException("Bad URI syntax [" + substring + "]: " + e.getMessage(), e.getReason());
        }
    }

    private JSONArray getNotebookParams(Dataset dataset) {
        return new JSONArray((Collection<?>) this.jupyterNotebooks.getMappedNotebooks(dataset).stream().map(notebookMetadata -> {
            return notebookMetadata.getParams();
        }).collect(Collectors.toList()));
    }

    private File getNotebookFile(String str) throws IOException {
        if (str.isEmpty()) {
            return null;
        }
        File file = new File(this.tdsContext.getThreddsDirectory(), "notebooks");
        if (!file.exists() || !file.isDirectory()) {
            return null;
        }
        File file2 = new File(file, str);
        if (!file2.getCanonicalPath().startsWith(file.getCanonicalPath())) {
            throw new AccessDeniedException(str);
        }
        if (file2.exists()) {
            return file2;
        }
        return null;
    }
}
