package org.nuxeo.elasticsearch.http.readonly;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.HashMap;
import java.util.Map;
import javax.validation.constraints.NotNull;
import org.json.JSONException;
import org.json.JSONObject;
import org.nuxeo.ecm.core.api.NuxeoPrincipal;
import org.nuxeo.ecm.core.security.SecurityService;

/* loaded from: input_file:org/nuxeo/elasticsearch/http/readonly/SearchRequestFilter.class */
public class SearchRequestFilter {
    private static final String MATCH_ALL = "{\"query\": {\"match_all\": {}}}";
    private static final String QUERY_STRING = "{\"query\":{\"query_string\":{\"query\":\"%s\",\"default_field\":\"%s\",\"default_operator\":\"%s\"}}}";
    private static final String BACKSLASH_MARKER = "_@@_";
    private String payload;
    private String rawQuery;
    private final String types;
    private final String indices;
    private final NuxeoPrincipal principal;
    private String url;
    private String filteredPayload;

    public SearchRequestFilter(NuxeoPrincipal nuxeoPrincipal, String str, String str2, String str3, String str4) {
        this.indices = str;
        this.types = str2;
        this.principal = nuxeoPrincipal;
        this.rawQuery = str3;
        this.payload = str4;
        if (str4 != null || nuxeoPrincipal.isAdministrator()) {
            return;
        }
        extractPayloadFromQuery();
    }

    public String toString() {
        if (this.payload == null || this.payload.isEmpty()) {
            return "Uri Search: " + getUrl() + " user: " + this.principal;
        }
        try {
            return "Body Search: " + getUrl() + " user: " + this.principal + " payload: " + getPayload();
        } catch (JSONException e) {
            return "Body Search: " + getUrl() + " user: " + this.principal + " invalid JSON payload: " + e.getMessage();
        }
    }

    @NotNull
    public String getUrl() {
        if (this.url == null) {
            this.url = "/" + this.indices + "/" + this.types + "/_search";
            if (this.rawQuery != null) {
                this.url += "?" + this.rawQuery;
            }
        }
        return this.url;
    }

    public String getPayload() throws JSONException {
        JSONObject jSONObject;
        if (this.principal.isAdministrator()) {
            return this.payload;
        }
        if (this.filteredPayload == null) {
            String[] principalsToCheck = SecurityService.getPrincipalsToCheck(this.principal);
            if (this.payload.contains("\\")) {
                this.payload = this.payload.replaceAll("\\\\", BACKSLASH_MARKER);
            }
            JSONObject jSONObject2 = new JSONObject(this.payload);
            if (jSONObject2.has("query")) {
                jSONObject = jSONObject2.getJSONObject("query");
                jSONObject2.remove("query");
            } else {
                jSONObject = new JSONObject("{\"match_all\":{}}");
            }
            jSONObject2.put("query", new JSONObject().put("filtered", new JSONObject().put("query", jSONObject).put("filter", new JSONObject().put("terms", new JSONObject().put("ecm:acl", principalsToCheck)))));
            this.filteredPayload = jSONObject2.toString();
            if (this.filteredPayload.contains(BACKSLASH_MARKER)) {
                this.filteredPayload = this.filteredPayload.replaceAll(BACKSLASH_MARKER, "\\\\");
            }
        }
        return this.filteredPayload;
    }

    private void extractPayloadFromQuery() {
        Map<String, String> queryMap = getQueryMap();
        String remove = queryMap.remove("q");
        if (remove == null) {
            this.payload = MATCH_ALL;
            return;
        }
        try {
            String decode = URLDecoder.decode(remove, "UTF-8");
            String remove2 = queryMap.remove("df");
            if (remove2 == null) {
                remove2 = "_all";
            }
            String remove3 = queryMap.remove("default_operator");
            if (remove3 == null) {
                remove3 = "OR";
            }
            this.payload = String.format(QUERY_STRING, decode, remove2, remove3);
            setRawQuery(queryMap);
        } catch (UnsupportedEncodingException e) {
            throw new IllegalArgumentException("Invalid URI Search query_string encoding: " + e.getMessage());
        }
    }

    private Map<String, String> getQueryMap() {
        String[] split = this.rawQuery.split("&");
        HashMap hashMap = new HashMap();
        for (String str : split) {
            String str2 = str.split("=")[0];
            if (str.contains("=")) {
                hashMap.put(str2, str.split("=")[1]);
            } else {
                hashMap.put(str2, "");
            }
        }
        return hashMap;
    }

    private void setRawQuery(Map<String, String> map) {
        StringBuilder sb = new StringBuilder();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            if (sb.length() > 0) {
                sb.append("&");
            }
            if (entry.getValue().isEmpty()) {
                sb.append(entry.getKey());
            } else {
                sb.append(String.format("%s=%s", entry.getKey(), entry.getValue()));
            }
        }
        this.rawQuery = sb.toString();
    }
}
