package us.cuatoi.s34jserver.core.handler.bucket;

import com.google.common.collect.Iterables;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.util.Iterator;
import org.apache.commons.lang3.StringUtils;
import us.cuatoi.s34jserver.core.ErrorCode;
import us.cuatoi.s34jserver.core.ObjectMetadata;
import us.cuatoi.s34jserver.core.Request;
import us.cuatoi.s34jserver.core.Response;
import us.cuatoi.s34jserver.core.S3Constants;
import us.cuatoi.s34jserver.core.S3Exception;
import us.cuatoi.s34jserver.core.StorageContext;
import us.cuatoi.s34jserver.core.handler.BaseHandler;
import us.cuatoi.s34jserver.core.helper.DTOHelper;
import us.cuatoi.s34jserver.core.helper.PathHelper;

/* loaded from: input_file:us/cuatoi/s34jserver/core/handler/bucket/BucketHandler.class */
public class BucketHandler extends BaseHandler {
    public static final String STATEMENT = "Statement";
    protected final Path bucketDir;
    protected final String bucketName;
    protected final Path bucketMetadataDir;
    protected final Path bucketPolicyFile;
    protected final Path bucketUploadDir;

    /* loaded from: input_file:us/cuatoi/s34jserver/core/handler/bucket/BucketHandler$Builder.class */
    public static class Builder extends BaseHandler.Builder {
        @Override // us.cuatoi.s34jserver.core.handler.BaseHandler.Builder
        public boolean canHandle(Request request) {
            return ((StringUtils.isNotBlank(request.getBucketName()) && StringUtils.isBlank(request.getObjectName())) && !StringUtils.equalsIgnoreCase(request.getMethod(), "get")) && !StringUtils.containsAny(request.getQueryString(), new CharSequence[]{"location", "uploads", "policy", "delete"});
        }

        @Override // us.cuatoi.s34jserver.core.handler.BaseHandler.Builder
        public BaseHandler create(StorageContext storageContext, Request request) {
            return new BucketHandler(storageContext, request);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public BucketHandler(StorageContext storageContext, Request request) {
        super(storageContext, request);
        this.bucketName = request.getBucketName();
        this.bucketDir = this.baseDir.resolve(this.bucketName);
        this.bucketMetadataDir = this.baseMetadataDir.resolve(this.bucketName);
        this.bucketPolicyFile = this.bucketMetadataDir.resolve(S3Constants.POLICY_JSON);
        this.bucketUploadDir = this.baseUploadDir.resolve(this.bucketName);
    }

    @Override // us.cuatoi.s34jserver.core.handler.BaseHandler
    public boolean needVerification() throws Exception {
        if (!Files.exists(this.bucketPolicyFile, new LinkOption[0])) {
            this.logger.trace("Skipped policy check. File not found: " + this.bucketPolicyFile);
            return true;
        }
        JsonObject jsonObject = (JsonObject) DTOHelper.fromJson(this.bucketPolicyFile, JsonObject.class);
        if (jsonObject == null || !jsonObject.isJsonObject()) {
            this.logger.trace("Policy file is blank. " + this.bucketPolicyFile);
            return true;
        }
        if (!jsonObject.has(STATEMENT) || !jsonObject.get(STATEMENT).isJsonArray()) {
            this.logger.trace("No statement in policy file. " + this.bucketPolicyFile);
            return true;
        }
        String str = null;
        Iterator it = jsonObject.getAsJsonArray(STATEMENT).iterator();
        while (it.hasNext()) {
            JsonElement jsonElement = (JsonElement) it.next();
            if (jsonElement.isJsonObject()) {
                JsonObject asJsonObject = jsonElement.getAsJsonObject();
                if (resourceMatch(asJsonObject) && actionMatch(asJsonObject)) {
                    if (asJsonObject.has("Condition") && asJsonObject.get("Condition").isJsonArray()) {
                        this.logger.warn("Condition is not supported: " + asJsonObject.get("Condition").getAsJsonArray());
                    }
                    if (principalMatch(asJsonObject)) {
                        str = asJsonObject.get("Effect").getAsString();
                        if (StringUtils.equalsIgnoreCase(str, "deny")) {
                            throw new S3Exception(ErrorCode.ACCESS_DENIED);
                        }
                    } else {
                        continue;
                    }
                }
            }
        }
        return StringUtils.isBlank(str);
    }

    private boolean principalMatch(JsonObject jsonObject) {
        JsonElement jsonElement = jsonObject.get("Principal");
        if (jsonElement.isJsonPrimitive() && StringUtils.equalsIgnoreCase(jsonElement.getAsString(), "*")) {
            return true;
        }
        JsonObject asJsonObject = jsonElement.getAsJsonObject();
        if (asJsonObject.has("AWS")) {
            JsonElement jsonElement2 = asJsonObject.get("AWS");
            if ((jsonElement2.isJsonPrimitive() && StringUtils.equalsIgnoreCase(jsonElement2.getAsString(), "*")) || Iterables.any(jsonElement2.getAsJsonArray(), jsonElement3 -> {
                boolean z = jsonElement3 != null && jsonElement3.isJsonPrimitive() && StringUtils.equalsIgnoreCase(jsonElement3.getAsString(), "*");
                if (!z) {
                    this.logger.warn("Unknown AWS principal:" + jsonElement3);
                }
                return z;
            })) {
                return true;
            }
        }
        if (!asJsonObject.has("CanonicalUser")) {
            return false;
        }
        this.logger.warn("CanonicalUser is not supported for now." + asJsonObject.get("CanonicalUser"));
        return false;
    }

    private boolean actionMatch(JsonObject jsonObject) {
        if (jsonObject.has("Action") && jsonObject.get("Action").isJsonArray()) {
            return Iterables.any(jsonObject.get("Action").getAsJsonArray(), jsonElement -> {
                return StringUtils.equalsIgnoreCase(jsonElement.getAsString(), getName());
            });
        }
        return true;
    }

    private boolean resourceMatch(JsonObject jsonObject) {
        if (jsonObject.has("Resource") && jsonObject.get("Resource").isJsonArray()) {
            return Iterables.any(jsonObject.get("Resource").getAsJsonArray(), jsonElement -> {
                String replace = jsonElement.getAsString().replace("arn:aws:s3:::", "").replace("?", "[a-z0-9\\.\\-]").replace("*", "[a-z0-9\\.\\-\\/]*");
                if (!StringUtils.contains(replace, "/") && StringUtils.isNotBlank(this.request.getObjectName())) {
                    replace = replace + "/[a-z0-9\\.\\-\\/]*";
                }
                return this.request.getUri().matches("/" + replace);
            });
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // us.cuatoi.s34jserver.core.handler.BaseHandler
    public String getName() {
        String lowerCase = StringUtils.lowerCase(this.request.getMethod());
        boolean z = -1;
        switch (lowerCase.hashCode()) {
            case -1335458389:
                if (lowerCase.equals("delete")) {
                    z = 2;
                    break;
                }
                break;
            case 111375:
                if (lowerCase.equals("put")) {
                    z = true;
                    break;
                }
                break;
            case 3198432:
                if (lowerCase.equals("head")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return "s3:ListBucket";
            case true:
                return "s3:CreateBucket";
            case true:
                return "s3:DeleteBucket";
            default:
                return super.getName();
        }
    }

    @Override // us.cuatoi.s34jserver.core.handler.BaseHandler
    public Response handle() throws Exception {
        String lowerCase = StringUtils.lowerCase(this.request.getMethod());
        boolean z = -1;
        switch (lowerCase.hashCode()) {
            case -1335458389:
                if (lowerCase.equals("delete")) {
                    z = 2;
                    break;
                }
                break;
            case 111375:
                if (lowerCase.equals("put")) {
                    z = true;
                    break;
                }
                break;
            case 3198432:
                if (lowerCase.equals("head")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return handleHead();
            case true:
                return handlePut();
            case true:
                return handleDelete();
            default:
                throw new S3Exception(ErrorCode.NOT_IMPLEMENTED);
        }
    }

    private Response handleDelete() throws IOException {
        verifyBucketExists();
        PathHelper.deleteDir(this.bucketUploadDir);
        PathHelper.deleteDir(this.bucketMetadataDir);
        PathHelper.deleteDir(this.bucketDir);
        return new Response();
    }

    private Response handlePut() throws IOException {
        if (Files.exists(this.bucketDir, new LinkOption[0])) {
            throw new S3Exception(ErrorCode.BUCKET_ALREADY_EXISTS);
        }
        Files.createDirectories(this.bucketDir, new FileAttribute[0]);
        this.logger.info("Created " + this.bucketDir);
        Files.createDirectories(this.bucketMetadataDir, new FileAttribute[0]);
        this.logger.info("Created " + this.bucketMetadataDir);
        Files.createDirectories(this.bucketUploadDir, new FileAttribute[0]);
        this.logger.info("Created " + this.bucketUploadDir);
        return new Response();
    }

    private Response handleHead() {
        verifyBucketExists();
        return new Response().setStatus(200);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void verifyBucketExists() {
        if (!Files.exists(this.bucketDir, new LinkOption[0])) {
            throw new S3Exception(ErrorCode.RESOURCE_NOT_FOUND);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getObjectETag(Path path) throws IOException {
        String md5HashFile;
        Path resolve = this.bucketMetadataDir.resolve(this.bucketDir.relativize(path)).resolve(S3Constants.METADATA_JSON);
        if (Files.exists(resolve, new LinkOption[0])) {
            md5HashFile = ((ObjectMetadata) DTOHelper.fromJson(resolve, ObjectMetadata.class)).geteTag();
        } else {
            md5HashFile = PathHelper.md5HashFile(path);
            ObjectMetadata objectMetadata = new ObjectMetadata().seteTag(md5HashFile);
            Files.createDirectories(resolve.getParent(), new FileAttribute[0]);
            Files.write(resolve, DTOHelper.toPrettyJson(objectMetadata).getBytes(StandardCharsets.UTF_8), new OpenOption[0]);
        }
        return md5HashFile;
    }
}
