package org.pentaho.platform.web.servlet;

import java.io.IOException;
import javax.servlet.Servlet;
import javax.servlet.ServletException;
import javax.servlet.annotation.MultipartConfig;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.Part;
import org.pentaho.platform.api.engine.IAuthorizationPolicy;
import org.pentaho.platform.api.engine.IPentahoSession;
import org.pentaho.platform.engine.core.system.PentahoSessionHolder;
import org.pentaho.platform.engine.core.system.PentahoSystem;
import org.pentaho.platform.web.servlet.messages.Messages;
import org.pentaho.reporting.libraries.base.util.StringUtils;

@MultipartConfig
/* loaded from: input_file:org/pentaho/platform/web/servlet/UploadFileServlet.class */
public class UploadFileServlet extends HttpServlet implements Servlet {
    private static final long serialVersionUID = 8305367618713715640L;

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            IPentahoSession session = PentahoSessionHolder.getSession();
            if (!hasManageDataAccessPermission(session)) {
                httpServletResponse.sendError(403, Messages.getInstance().getErrorString("UploadFileServlet.ERROR_0009_UNAUTHORIZED"));
                return;
            }
            httpServletResponse.setContentType("text/plain");
            Part part = httpServletRequest.getPart("uploadFormElement");
            if (part == null) {
                httpServletResponse.getWriter().write(Messages.getInstance().getErrorString("UploadFileServlet.ERROR_0001_NO_FILE_TO_UPLOAD"));
                return;
            }
            String parameter = httpServletRequest.getParameter("file_name");
            if (StringUtils.isEmpty(parameter)) {
                throw new ServletException(Messages.getInstance().getErrorString("UploadFileServlet.ERROR_0010_FILE_NAME_INVALID"));
            }
            boolean z = false;
            String parameter2 = httpServletRequest.getParameter("mark_temporary");
            if (parameter2 != null) {
                z = Boolean.parseBoolean(parameter2);
            }
            boolean z2 = false;
            String parameter3 = httpServletRequest.getParameter("unzip");
            if (parameter3 != null) {
                z2 = Boolean.parseBoolean(parameter3);
            }
            UploadFileUtils uploadFileUtils = new UploadFileUtils(session);
            uploadFileUtils.setShouldUnzip(z2);
            uploadFileUtils.setTemporary(z);
            uploadFileUtils.setFileName(parameter);
            uploadFileUtils.setWriter(httpServletResponse.getWriter());
            uploadFileUtils.setUploadedPart(part);
            uploadFileUtils.process();
        } catch (Exception e) {
            httpServletResponse.getWriter().write(Messages.getInstance().getErrorString("UploadFileServlet.ERROR_0005_UNKNOWN_ERROR", new Object[]{e.getLocalizedMessage()}));
        }
    }

    protected boolean hasManageDataAccessPermission(IPentahoSession iPentahoSession) {
        if (Boolean.parseBoolean(PentahoSystem.getSystemSetting("data-access-override", "false"))) {
            return true;
        }
        IAuthorizationPolicy iAuthorizationPolicy = (IAuthorizationPolicy) PentahoSystem.get(IAuthorizationPolicy.class);
        if (iAuthorizationPolicy != null) {
            return iAuthorizationPolicy.isAllowed("org.pentaho.platform.dataaccess.datasource.security.manage");
        }
        return false;
    }
}
