package com.atlassian.jira.rest.v1.renderers;

import com.atlassian.jira.config.ConstantsManager;
import com.atlassian.jira.config.FeatureManager;
import com.atlassian.jira.exception.DataAccessException;
import com.atlassian.jira.issue.Issue;
import com.atlassian.jira.issue.IssueFactory;
import com.atlassian.jira.issue.IssueManager;
import com.atlassian.jira.issue.MutableIssue;
import com.atlassian.jira.issue.RendererManager;
import com.atlassian.jira.issue.fields.renderer.IssueRenderContext;
import com.atlassian.jira.issue.security.IssueSecuritySchemeManager;
import com.atlassian.jira.permission.ProjectPermissions;
import com.atlassian.jira.project.Project;
import com.atlassian.jira.project.ProjectManager;
import com.atlassian.jira.rest.v1.util.CacheControl;
import com.atlassian.jira.security.JiraAuthenticationContext;
import com.atlassian.jira.security.PermissionManager;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.util.I18nHelper;
import com.atlassian.plugins.rest.api.security.annotation.CorsAllowed;
import com.atlassian.plugins.rest.api.security.annotation.UnrestrictedAccess;
import javax.inject.Inject;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Response;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
import org.apache.commons.lang3.StringUtils;

@Path("render")
@UnrestrictedAccess
@Consumes({"application/json", "application/x-www-form-urlencoded"})
@CorsAllowed
@Produces({"text/html"})
/* loaded from: input_file:com/atlassian/jira/rest/v1/renderers/RenderersResource.class */
public class RenderersResource {
    public static final String FLAG_CONTENT_RENDER_ANONYMOUS = "CONTENT_RENDER_ANONYMOUS";
    private static final String NBSP = "&nbsp;";
    private final RendererManager rendererManager;
    private final IssueManager issueManager;
    private final ProjectManager projectManager;
    private final IssueFactory issueFactory;
    private final ConstantsManager constantsManager;
    private final JiraAuthenticationContext jiraAuthenticationContext;
    private final PermissionManager permissionManager;
    private final FeatureManager featureManager;
    private final IssueSecuritySchemeManager issueSecuritySchemeManager;
    private I18nHelper.BeanFactory i18nFactory;

    @XmlRootElement
    /* loaded from: input_file:com/atlassian/jira/rest/v1/renderers/RenderersResource$ContentToRender.class */
    public static class ContentToRender {

        @XmlElement
        private String rendererType;

        @XmlElement
        private String unrenderedMarkup;

        @XmlElement
        private String issueKey;

        @XmlElement
        private String projectId;

        @XmlElement
        private String issueType;

        @XmlElement
        private boolean forWysiwyg;

        @XmlElement
        private String formToken;

        public ContentToRender() {
        }

        public ContentToRender(String str, String str2, String str3, String str4, String str5, boolean z, String str6) {
            this.rendererType = str;
            this.unrenderedMarkup = str2;
            this.issueKey = str3;
            this.projectId = str4;
            this.issueType = str5;
            this.forWysiwyg = z;
            this.formToken = str6;
        }
    }

    @Inject
    public RenderersResource(RendererManager rendererManager, IssueManager issueManager, ProjectManager projectManager, IssueFactory issueFactory, ConstantsManager constantsManager, JiraAuthenticationContext jiraAuthenticationContext, PermissionManager permissionManager, FeatureManager featureManager, IssueSecuritySchemeManager issueSecuritySchemeManager, I18nHelper.BeanFactory beanFactory) {
        this.rendererManager = rendererManager;
        this.issueManager = issueManager;
        this.projectManager = projectManager;
        this.issueFactory = issueFactory;
        this.constantsManager = constantsManager;
        this.jiraAuthenticationContext = jiraAuthenticationContext;
        this.permissionManager = permissionManager;
        this.featureManager = featureManager;
        this.issueSecuritySchemeManager = issueSecuritySchemeManager;
        this.i18nFactory = beanFactory;
    }

    @POST
    public Response getRenderedContent(ContentToRender contentToRender) {
        String previewHtml = getPreviewHtml(contentToRender);
        if (previewHtml != null) {
            return Response.ok(previewHtml).cacheControl(CacheControl.NO_CACHE).build();
        }
        I18nHelper beanFactory = this.i18nFactory.getInstance(this.jiraAuthenticationContext.getLoggedInUser());
        return Response.status(Response.Status.NOT_FOUND).cacheControl(CacheControl.NO_CACHE).entity(String.format("<h1>%s</h1><p><span class=\"error\">%s</span></p>", beanFactory.getText("rest.error.issue.render.resource.not.permitted"), beanFactory.getText("rest.error.issue.render.resource.not.permitted.hint"))).build();
    }

    public String getPreviewHtml(ContentToRender contentToRender) {
        String str = contentToRender.issueKey;
        String str2 = contentToRender.issueType;
        String str3 = contentToRender.projectId;
        if (!StringUtils.isEmpty(str)) {
            if (userHasAccessToIssue(contentToRender)) {
                return doGetPreviewHtml(contentToRender, this.issueManager.getIssueObject(str).getIssueRenderContext());
            }
            return null;
        }
        if (StringUtils.isEmpty(str3) || StringUtils.isEmpty(str2)) {
            return doGetPreviewHtml(contentToRender, new IssueRenderContext((Issue) null));
        }
        if (userHasAccessToProject(contentToRender)) {
            return doGetPreviewHtml(contentToRender, generateRenderContext(str3, str2));
        }
        return null;
    }

    private boolean userHasAccessToProject(ContentToRender contentToRender) {
        ApplicationUser loggedInUser = this.jiraAuthenticationContext.getLoggedInUser();
        Project projectObjByKey = this.projectManager.getProjectObjByKey(contentToRender.projectId);
        return projectObjByKey != null && (this.featureManager.getDarkFeatures().isFeatureEnabled(FLAG_CONTENT_RENDER_ANONYMOUS) || this.permissionManager.hasPermission(ProjectPermissions.BROWSE_PROJECTS, projectObjByKey, loggedInUser, true));
    }

    private boolean userHasAccessToIssue(ContentToRender contentToRender) {
        MutableIssue mutableIssue;
        ApplicationUser loggedInUser = this.jiraAuthenticationContext.getLoggedInUser();
        try {
            mutableIssue = this.issueManager.getIssueObject(contentToRender.issueKey);
        } catch (DataAccessException e) {
            mutableIssue = null;
        }
        return mutableIssue != null && (this.featureManager.getDarkFeatures().isFeatureEnabled(FLAG_CONTENT_RENDER_ANONYMOUS) || (this.permissionManager.hasPermission(ProjectPermissions.BROWSE_PROJECTS, mutableIssue, loggedInUser) && this.issueSecuritySchemeManager.hasSecurityLevelAccess(mutableIssue, loggedInUser)));
    }

    private IssueRenderContext generateRenderContext(String str, String str2) {
        try {
            Project projectObj = this.projectManager.getProjectObj(Long.valueOf(str));
            if (projectObj == null) {
                return null;
            }
            MutableIssue issue = this.issueFactory.getIssue();
            issue.setProjectObject(projectObj);
            if (this.constantsManager.getIssueType(str2) != null) {
                issue.setIssueTypeId(str2);
            }
            IssueRenderContext issueRenderContext = new IssueRenderContext(issue);
            issueRenderContext.addParam("jira.issue", issue);
            return issueRenderContext;
        } catch (NumberFormatException e) {
            return null;
        }
    }

    private String doGetPreviewHtml(ContentToRender contentToRender, IssueRenderContext issueRenderContext) {
        if (contentToRender.forWysiwyg) {
            issueRenderContext.addParam("atlassian-renderer-for-wysiwyg", Boolean.TRUE);
            issueRenderContext.addParam("atlassian-renderer-form-token", contentToRender.formToken);
        }
        String renderedContent = this.rendererManager.getRenderedContent(contentToRender.rendererType, contentToRender.unrenderedMarkup, issueRenderContext);
        return StringUtils.isBlank(renderedContent) ? NBSP : renderedContent;
    }
}
