package org.apache.archiva.webdav;

import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.attribute.FileAttribute;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.inject.Named;
import javax.servlet.http.HttpSession;
import org.apache.archiva.admin.model.RepositoryAdminException;
import org.apache.archiva.admin.model.beans.ManagedRepository;
import org.apache.archiva.admin.model.beans.RemoteRepository;
import org.apache.archiva.admin.model.managed.ManagedRepositoryAdmin;
import org.apache.archiva.admin.model.remote.RemoteRepositoryAdmin;
import org.apache.archiva.audit.Auditable;
import org.apache.archiva.common.filelock.FileLockManager;
import org.apache.archiva.common.plexusbridge.PlexusSisuBridge;
import org.apache.archiva.common.plexusbridge.PlexusSisuBridgeException;
import org.apache.archiva.common.utils.PathUtil;
import org.apache.archiva.common.utils.VersionUtil;
import org.apache.archiva.configuration.ArchivaConfiguration;
import org.apache.archiva.configuration.RepositoryGroupConfiguration;
import org.apache.archiva.indexer.merger.IndexMerger;
import org.apache.archiva.indexer.merger.IndexMergerException;
import org.apache.archiva.indexer.merger.IndexMergerRequest;
import org.apache.archiva.indexer.merger.MergedRemoteIndexesTask;
import org.apache.archiva.indexer.merger.MergedRemoteIndexesTaskRequest;
import org.apache.archiva.indexer.merger.TemporaryGroupIndex;
import org.apache.archiva.indexer.search.RepositorySearch;
import org.apache.archiva.maven2.metadata.MavenMetadataReader;
import org.apache.archiva.metadata.model.facets.AuditEvent;
import org.apache.archiva.metadata.repository.storage.RelocationException;
import org.apache.archiva.metadata.repository.storage.RepositoryStorage;
import org.apache.archiva.model.ArchivaRepositoryMetadata;
import org.apache.archiva.model.ArtifactReference;
import org.apache.archiva.policies.ProxyDownloadException;
import org.apache.archiva.proxy.model.RepositoryProxyConnectors;
import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.authentication.AuthenticationResult;
import org.apache.archiva.redback.authorization.AuthorizationException;
import org.apache.archiva.redback.authorization.UnauthorizedException;
import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator;
import org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.policy.MustChangePasswordException;
import org.apache.archiva.redback.system.SecuritySession;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.repository.ManagedRepositoryContent;
import org.apache.archiva.repository.RepositoryContentFactory;
import org.apache.archiva.repository.RepositoryException;
import org.apache.archiva.repository.RepositoryNotFoundException;
import org.apache.archiva.repository.content.maven2.RepositoryRequest;
import org.apache.archiva.repository.events.AuditListener;
import org.apache.archiva.repository.layout.LayoutException;
import org.apache.archiva.repository.metadata.MetadataTools;
import org.apache.archiva.repository.metadata.RepositoryMetadataException;
import org.apache.archiva.repository.metadata.RepositoryMetadataMerge;
import org.apache.archiva.repository.metadata.RepositoryMetadataWriter;
import org.apache.archiva.scheduler.repository.model.RepositoryArchivaTaskScheduler;
import org.apache.archiva.security.ServletAuthenticator;
import org.apache.archiva.webdav.util.MimeTypes;
import org.apache.archiva.webdav.util.TemporaryGroupIndexSessionCleaner;
import org.apache.archiva.webdav.util.WebdavMethodUtil;
import org.apache.archiva.xml.XMLException;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.SystemUtils;
import org.apache.jackrabbit.core.security.SecurityConstants;
import org.apache.jackrabbit.webdav.DavException;
import org.apache.jackrabbit.webdav.DavResource;
import org.apache.jackrabbit.webdav.DavResourceFactory;
import org.apache.jackrabbit.webdav.DavResourceLocator;
import org.apache.jackrabbit.webdav.DavServletRequest;
import org.apache.jackrabbit.webdav.DavServletResponse;
import org.apache.jackrabbit.webdav.DavSession;
import org.apache.jackrabbit.webdav.lock.LockManager;
import org.apache.jackrabbit.webdav.lock.SimpleLockManager;
import org.apache.maven.index.context.IndexingContext;
import org.codehaus.plexus.digest.ChecksumFile;
import org.codehaus.plexus.digest.Digester;
import org.codehaus.plexus.digest.DigesterException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.MarkerFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Service;

@Service("davResourceFactory#archiva")
/* loaded from: input_file:WEB-INF/lib/archiva-webdav-2.2.8.jar:org/apache/archiva/webdav/ArchivaDavResourceFactory.class */
public class ArchivaDavResourceFactory implements DavResourceFactory, Auditable {
    private static final String PROXIED_SUFFIX = " (proxied)";
    private static final String HTTP_PUT_METHOD = "PUT";

    @Inject
    private RepositoryContentFactory repositoryFactory;

    @Inject
    @Named("repositoryProxyConnectors#default")
    private RepositoryProxyConnectors connectors;

    @Inject
    private MetadataTools metadataTools;

    @Inject
    private MimeTypes mimeTypes;
    private ArchivaConfiguration archivaConfiguration;

    @Inject
    private ServletAuthenticator servletAuth;

    @Inject
    @Named("httpAuthenticator#basic")
    private HttpAuthenticator httpAuth;

    @Inject
    private RemoteRepositoryAdmin remoteRepositoryAdmin;

    @Inject
    private ManagedRepositoryAdmin managedRepositoryAdmin;

    @Inject
    private IndexMerger indexMerger;

    @Inject
    private RepositorySearch repositorySearch;
    private ChecksumFile checksum;
    private Digester digestSha1;
    private Digester digestMd5;

    @Inject
    @Named("archivaTaskScheduler#repository")
    private RepositoryArchivaTaskScheduler scheduler;

    @Inject
    @Named("fileLockManager#default")
    private FileLockManager fileLockManager;
    private ApplicationContext applicationContext;
    private Logger log = LoggerFactory.getLogger((Class<?>) ArchivaDavResourceFactory.class);

    @Inject
    private List<AuditListener> auditListeners = new ArrayList();
    private final LockManager lockManager = new SimpleLockManager();
    private RepositoryRequest repositoryRequest = new RepositoryRequest();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/archiva-webdav-2.2.8.jar:org/apache/archiva/webdav/ArchivaDavResourceFactory$LogicalResource.class */
    public static class LogicalResource {
        private String path;

        public LogicalResource(String str) {
            this.path = str;
        }

        public String getPath() {
            return this.path;
        }

        public void setPath(String str) {
            this.path = str;
        }
    }

    @Inject
    public ArchivaDavResourceFactory(ApplicationContext applicationContext, PlexusSisuBridge plexusSisuBridge, ArchivaConfiguration archivaConfiguration) throws PlexusSisuBridgeException {
        this.archivaConfiguration = archivaConfiguration;
        this.applicationContext = applicationContext;
        this.checksum = (ChecksumFile) plexusSisuBridge.lookup(ChecksumFile.class);
        this.digestMd5 = (Digester) plexusSisuBridge.lookup(Digester.class, "md5");
        this.digestSha1 = (Digester) plexusSisuBridge.lookup(Digester.class, SecurityConstants.DEFAULT_DIGEST);
    }

    @PostConstruct
    public void initialize() {
    }

    @Override // org.apache.jackrabbit.webdav.DavResourceFactory
    public DavResource createResource(DavResourceLocator davResourceLocator, DavServletRequest davServletRequest, DavServletResponse davServletResponse) throws DavException {
        DavResource processRepository;
        ArchivaDavResourceLocator checkLocatorIsInstanceOfRepositoryLocator = checkLocatorIsInstanceOfRepositoryLocator(davResourceLocator);
        RepositoryGroupConfiguration repositoryGroupConfiguration = this.archivaConfiguration.getConfiguration().getRepositoryGroupsAsMap().get(checkLocatorIsInstanceOfRepositoryLocator.getRepositoryId());
        String activePrincipal = getActivePrincipal(davServletRequest);
        ArrayList arrayList = new ArrayList();
        boolean isReadMethod = WebdavMethodUtil.isReadMethod(davServletRequest.getMethod());
        if (repositoryGroupConfiguration == null) {
            try {
                RemoteRepository remoteRepository = this.remoteRepositoryAdmin.getRemoteRepository(checkLocatorIsInstanceOfRepositoryLocator.getRepositoryId());
                if (remoteRepository != null) {
                    String logicalResource = getLogicalResource(checkLocatorIsInstanceOfRepositoryLocator, null, false);
                    IndexingContext createIndexContext = this.remoteRepositoryAdmin.createIndexContext(remoteRepository);
                    ArchivaDavResource archivaDavResource = new ArchivaDavResource((StringUtils.equals(logicalResource, "/") ? new File(createIndexContext.getIndexDirectoryFile().getParent()) : new File(createIndexContext.getIndexDirectoryFile().getParent(), logicalResource)).getAbsolutePath(), davResourceLocator.getResourcePath(), null, davServletRequest.getRemoteAddr(), activePrincipal, davServletRequest.getDavSession(), checkLocatorIsInstanceOfRepositoryLocator, this, this.mimeTypes, this.auditListeners, this.scheduler, this.fileLockManager);
                    setHeaders(davServletResponse, davResourceLocator, archivaDavResource, false);
                    return archivaDavResource;
                }
            } catch (RepositoryAdminException e) {
                this.log.debug("RepositoryException remote repository with d'{}' not found, msg: {}", checkLocatorIsInstanceOfRepositoryLocator.getRepositoryId(), e.getMessage());
            }
            try {
                ManagedRepositoryContent managedRepositoryContent = this.repositoryFactory.getManagedRepositoryContent(checkLocatorIsInstanceOfRepositoryLocator.getRepositoryId());
                this.log.debug("Managed repository '{}' accessed by '{}'", managedRepositoryContent.getId(), activePrincipal);
                try {
                    processRepository = processRepository(davServletRequest, checkLocatorIsInstanceOfRepositoryLocator, activePrincipal, managedRepositoryContent, this.managedRepositoryAdmin.getManagedRepository(checkLocatorIsInstanceOfRepositoryLocator.getRepositoryId()));
                    arrayList.add(new File(managedRepositoryContent.getRepoRoot(), getLogicalResource(checkLocatorIsInstanceOfRepositoryLocator, null, false)).getAbsolutePath());
                } catch (RepositoryAdminException e2) {
                    throw new DavException(500, e2);
                }
            } catch (RepositoryNotFoundException e3) {
                throw new DavException(404, "Invalid repository: " + checkLocatorIsInstanceOfRepositoryLocator.getRepositoryId());
            } catch (RepositoryException e4) {
                throw new DavException(500, e4);
            }
        } else {
            if (!isReadMethod) {
                throw new DavException(405, "Write method not allowed for repository groups.");
            }
            this.log.debug("Repository group '{}' accessed by '{}", repositoryGroupConfiguration.getId(), activePrincipal);
            if (getLogicalResource(checkLocatorIsInstanceOfRepositoryLocator, null, true).endsWith("/")) {
                try {
                    DavResource resourceFromGroup = getResourceFromGroup(davServletRequest, repositoryGroupConfiguration.getRepositories(), checkLocatorIsInstanceOfRepositoryLocator, repositoryGroupConfiguration);
                    setHeaders(davServletResponse, davResourceLocator, resourceFromGroup, true);
                    return resourceFromGroup;
                } catch (RepositoryAdminException e5) {
                    throw new DavException(500, e5);
                }
            }
            processRepository = processRepositoryGroup(davServletRequest, checkLocatorIsInstanceOfRepositoryLocator, new ArrayList(repositoryGroupConfiguration.getRepositories()), activePrincipal, arrayList, repositoryGroupConfiguration);
        }
        String requestURI = davServletRequest.getRequestURI();
        if ((this.repositoryRequest.isMetadata(requestURI) || this.repositoryRequest.isMetadataSupportFile(requestURI)) && repositoryGroupConfiguration != null && isProjectReference(requestURI)) {
            String str = StringUtils.substringBeforeLast(((ArchivaDavResource) processRepository).getLocalResource().getAbsolutePath().replace('\\', '/'), "/") + "/maven-metadata-" + repositoryGroupConfiguration.getId() + ".xml";
            if (this.repositoryRequest.isSupportFile(requestURI)) {
                File file = new File(str + "." + StringUtils.substringAfterLast(requestURI, "."));
                if (file.exists()) {
                    processRepository = new ArchivaDavResource(file.getAbsolutePath(), new LogicalResource(getLogicalResource(checkLocatorIsInstanceOfRepositoryLocator, null, false)).getPath(), null, davServletRequest.getRemoteAddr(), activePrincipal, davServletRequest.getDavSession(), checkLocatorIsInstanceOfRepositoryLocator, this, this.mimeTypes, this.auditListeners, this.scheduler, this.fileLockManager);
                }
            } else if (arrayList != null && arrayList.size() > 1) {
                ArchivaRepositoryMetadata archivaRepositoryMetadata = new ArchivaRepositoryMetadata();
                Iterator<String> it = arrayList.iterator();
                while (it.hasNext()) {
                    try {
                        archivaRepositoryMetadata = RepositoryMetadataMerge.merge(archivaRepositoryMetadata, MavenMetadataReader.read(new File(it.next())));
                    } catch (RepositoryMetadataException e6) {
                        throw new DavException(500, "Error occurred while merging metadata file.");
                    } catch (XMLException e7) {
                        throw new DavException(500, "Error occurred while reading metadata file.");
                    }
                }
                try {
                    processRepository = new ArchivaDavResource(writeMergedMetadataToFile(archivaRepositoryMetadata, str).getAbsolutePath(), new LogicalResource(getLogicalResource(checkLocatorIsInstanceOfRepositoryLocator, null, false)).getPath(), null, davServletRequest.getRemoteAddr(), activePrincipal, davServletRequest.getDavSession(), checkLocatorIsInstanceOfRepositoryLocator, this, this.mimeTypes, this.auditListeners, this.scheduler, this.fileLockManager);
                } catch (IOException e8) {
                    throw new DavException(500, "Error occurred while generating checksum files.");
                } catch (RepositoryMetadataException e9) {
                    throw new DavException(500, "Error occurred while writing metadata file.");
                } catch (DigesterException e10) {
                    throw new DavException(500, "Error occurred while generating checksum files." + e10.getMessage());
                }
            }
        }
        setHeaders(davServletResponse, davResourceLocator, processRepository, false);
        if (processRepository.isCollection() && !davServletRequest.getRequestURI().endsWith("/")) {
            throw new BrowserRedirectException(processRepository.getHref());
        }
        processRepository.addLockManager(this.lockManager);
        return processRepository;
    }

    private DavResource processRepositoryGroup(DavServletRequest davServletRequest, ArchivaDavResourceLocator archivaDavResourceLocator, List<String> list, String str, List<String> list2, RepositoryGroupConfiguration repositoryGroupConfiguration) throws DavException {
        DavResource davResource = null;
        ArrayList<DavException> arrayList = new ArrayList();
        String removeEnd = StringUtils.removeEnd(davServletRequest.getPathInfo(), "/");
        if (StringUtils.endsWith(StringUtils.substringBeforeLast(removeEnd, "/"), repositoryGroupConfiguration.getMergedIndexPath())) {
            String substringAfterLast = StringUtils.substringAfterLast(removeEnd, "/");
            davResource = new ArchivaDavResource(new File(buildMergedIndexDirectory(list, str, davServletRequest, repositoryGroupConfiguration), substringAfterLast).getAbsolutePath(), substringAfterLast, null, davServletRequest.getRemoteAddr(), str, davServletRequest.getDavSession(), archivaDavResourceLocator, this, this.mimeTypes, this.auditListeners, this.scheduler, this.fileLockManager);
        } else {
            for (String str2 : list) {
                try {
                    ManagedRepositoryContent managedRepositoryContent = this.repositoryFactory.getManagedRepositoryContent(str2);
                    try {
                        DavResource processRepository = processRepository(davServletRequest, archivaDavResourceLocator, str, managedRepositoryContent, this.managedRepositoryAdmin.getManagedRepository(str2));
                        if (davResource == null) {
                            davResource = processRepository;
                        }
                        String logicalResource = getLogicalResource(archivaDavResourceLocator, null, false);
                        if (logicalResource.endsWith("/")) {
                            logicalResource = logicalResource.substring(1);
                        }
                        list2.add(new File(managedRepositoryContent.getRepoRoot(), logicalResource).getAbsolutePath());
                    } catch (RepositoryAdminException e) {
                        arrayList.add(new DavException(500, e));
                    } catch (DavException e2) {
                        arrayList.add(e2);
                    }
                } catch (RepositoryNotFoundException e3) {
                    throw new DavException(500, e3);
                } catch (RepositoryException e4) {
                    throw new DavException(500, e4);
                }
            }
        }
        if (davResource != null) {
            return davResource;
        }
        if (arrayList.isEmpty()) {
            throw new DavException(404);
        }
        for (DavException davException : arrayList) {
            if (401 == davException.getErrorCode()) {
                throw davException;
            }
        }
        throw new DavException(404);
    }

    private String getLogicalResource(ArchivaDavResourceLocator archivaDavResourceLocator, ManagedRepository managedRepository, boolean z) {
        String layout = managedRepository == null ? new ManagedRepository().getLayout() : managedRepository.getLayout();
        String filePath = ((RepositoryStorage) this.applicationContext.getBean("repositoryStorage#" + layout, RepositoryStorage.class)).getFilePath(z ? archivaDavResourceLocator.getOrigResourcePath() : archivaDavResourceLocator.getResourcePath(), managedRepository);
        Logger logger = this.log;
        Object[] objArr = new Object[4];
        objArr[0] = filePath;
        objArr[1] = archivaDavResourceLocator.getResourcePath();
        objArr[2] = managedRepository == null ? "null" : managedRepository.getId();
        objArr[3] = layout;
        logger.debug("found path {} for resourcePath: '{}' with managedRepo '{}' and layout '{}'", objArr);
        return filePath;
    }

    private String evaluatePathWithVersion(ArchivaDavResourceLocator archivaDavResourceLocator, ManagedRepositoryContent managedRepositoryContent, String str) throws DavException {
        try {
            return ((RepositoryStorage) this.applicationContext.getBean("repositoryStorage#" + (managedRepositoryContent.getRepository() == null ? new ManagedRepository().getLayout() : managedRepositoryContent.getRepository().getLayout()), RepositoryStorage.class)).getFilePathWithVersion(archivaDavResourceLocator.getResourcePath(), managedRepositoryContent);
        } catch (RelocationException e) {
            String path = e.getPath();
            this.log.debug("Relocation to {}", path);
            throw new BrowserRedirectException(addHrefPrefix(str, path), e.getRelocationType());
        } catch (XMLException e2) {
            this.log.error(e2.getMessage(), (Throwable) e2);
            throw new DavException(500, e2);
        }
    }

    private DavResource processRepository(DavServletRequest davServletRequest, ArchivaDavResourceLocator archivaDavResourceLocator, String str, ManagedRepositoryContent managedRepositoryContent, ManagedRepository managedRepository) throws DavException {
        ArchivaDavResource archivaDavResource = null;
        if (isAuthorized(davServletRequest, managedRepositoryContent.getId())) {
            String evaluatePathWithVersion = WebdavMethodUtil.isReadMethod(davServletRequest.getMethod()) ? evaluatePathWithVersion(archivaDavResourceLocator, managedRepositoryContent, davServletRequest.getContextPath()) : getLogicalResource(archivaDavResourceLocator, managedRepository, false);
            if (evaluatePathWithVersion.startsWith("/")) {
                evaluatePathWithVersion = evaluatePathWithVersion.substring(1);
            }
            LogicalResource logicalResource = new LogicalResource(evaluatePathWithVersion);
            File file = new File(managedRepositoryContent.getRepoRoot(), evaluatePathWithVersion);
            archivaDavResource = new ArchivaDavResource(file.getAbsolutePath(), evaluatePathWithVersion, managedRepositoryContent.getRepository(), davServletRequest.getRemoteAddr(), str, davServletRequest.getDavSession(), archivaDavResourceLocator, this, this.mimeTypes, this.auditListeners, this.scheduler, this.fileLockManager);
            if (WebdavMethodUtil.isReadMethod(davServletRequest.getMethod())) {
                if (archivaDavResourceLocator.getHref(false).endsWith("/") && !file.isDirectory()) {
                    throw new DavException(404, "Resource does not exist");
                }
                if (!archivaDavResource.isCollection()) {
                    boolean exists = file.exists();
                    boolean fetchContentFromProxies = fetchContentFromProxies(managedRepositoryContent, davServletRequest, logicalResource);
                    try {
                        file = new File(managedRepositoryContent.getRepoRoot(), this.repositoryRequest.toNativePath(logicalResource.getPath(), managedRepositoryContent));
                        archivaDavResource = new ArchivaDavResource(file.getAbsolutePath(), logicalResource.getPath(), managedRepositoryContent.getRepository(), davServletRequest.getRemoteAddr(), str, davServletRequest.getDavSession(), archivaDavResourceLocator, this, this.mimeTypes, this.auditListeners, this.scheduler, this.fileLockManager);
                    } catch (LayoutException e) {
                        if (!file.exists()) {
                            throw new DavException(404, e);
                        }
                    }
                    if (fetchContentFromProxies) {
                        String str2 = (exists ? AuditEvent.MODIFY_FILE : AuditEvent.CREATE_FILE) + PROXIED_SUFFIX;
                        this.log.debug("Proxied artifact '{}' in repository '{}' (current user '{}')", file.getName(), managedRepositoryContent.getId(), str);
                        triggerAuditEvent(davServletRequest.getRemoteAddr(), archivaDavResourceLocator.getRepositoryId(), logicalResource.getPath(), str2, str);
                    }
                    if (!file.exists()) {
                        throw new DavException(404, "Resource does not exist");
                    }
                }
            }
            if (davServletRequest.getMethod().equals("PUT")) {
                String path = logicalResource.getPath();
                if (managedRepositoryContent.getRepository().isReleases() && !this.repositoryRequest.isMetadata(path) && !this.repositoryRequest.isSupportFile(path)) {
                    try {
                        ArtifactReference artifactReference = managedRepositoryContent.toArtifactReference(path);
                        if (!VersionUtil.isSnapshot(artifactReference.getVersion()) && managedRepositoryContent.hasContent(artifactReference) && managedRepositoryContent.getRepository().isBlockRedeployments()) {
                            this.log.warn("Overwriting released artifacts in repository '{}' is not allowed.", managedRepositoryContent.getId());
                            throw new DavException(409, "Overwriting released artifacts is not allowed.");
                        }
                    } catch (LayoutException e2) {
                        this.log.warn("Artifact path '{}' is invalid.", path);
                    }
                }
                File file2 = new File(managedRepositoryContent.getRepoRoot());
                File parentFile = new File(file2, logicalResource.getPath()).getParentFile();
                if (!parentFile.exists()) {
                    parentFile.mkdirs();
                    String relative = PathUtil.getRelative(file2.getAbsolutePath(), parentFile);
                    this.log.debug("Creating destination directory '{}' (current user '{}')", parentFile.getName(), str);
                    triggerAuditEvent(davServletRequest.getRemoteAddr(), managedRepositoryContent.getId(), relative, AuditEvent.CREATE_DIR, str);
                }
            }
        }
        return archivaDavResource;
    }

    @Override // org.apache.jackrabbit.webdav.DavResourceFactory
    public DavResource createResource(DavResourceLocator davResourceLocator, DavSession davSession) throws DavException {
        ArchivaDavResourceLocator checkLocatorIsInstanceOfRepositoryLocator = checkLocatorIsInstanceOfRepositoryLocator(davResourceLocator);
        try {
            ManagedRepositoryContent managedRepositoryContent = this.repositoryFactory.getManagedRepositoryContent(checkLocatorIsInstanceOfRepositoryLocator.getRepositoryId());
            try {
                String logicalResource = getLogicalResource(checkLocatorIsInstanceOfRepositoryLocator, this.managedRepositoryAdmin.getManagedRepository(checkLocatorIsInstanceOfRepositoryLocator.getRepositoryId()), false);
                if (logicalResource.startsWith("/")) {
                    logicalResource = logicalResource.substring(1);
                }
                ArchivaDavResource archivaDavResource = new ArchivaDavResource(new File(managedRepositoryContent.getRepoRoot(), logicalResource).getAbsolutePath(), logicalResource, managedRepositoryContent.getRepository(), davSession, checkLocatorIsInstanceOfRepositoryLocator, this, this.mimeTypes, this.auditListeners, this.scheduler, this.fileLockManager);
                archivaDavResource.addLockManager(this.lockManager);
                return archivaDavResource;
            } catch (RepositoryAdminException e) {
                throw new DavException(500, e);
            }
        } catch (RepositoryNotFoundException e2) {
            throw new DavException(404, "Invalid repository: " + checkLocatorIsInstanceOfRepositoryLocator.getRepositoryId());
        } catch (RepositoryException e3) {
            throw new DavException(500, e3);
        }
    }

    private boolean fetchContentFromProxies(ManagedRepositoryContent managedRepositoryContent, DavServletRequest davServletRequest, LogicalResource logicalResource) throws DavException {
        String path = logicalResource.getPath();
        if (this.repositoryRequest.isSupportFile(path)) {
            return this.connectors.fetchFromProxies(managedRepositoryContent, path) != null;
        }
        if (this.repositoryRequest.isDefault(path) && this.repositoryRequest.isMetadata(path)) {
            return this.connectors.fetchMetadataFromProxies(managedRepositoryContent, path).isModified();
        }
        if (this.repositoryRequest.isArchetypeCatalog(path)) {
            return this.connectors.fetchFromProxies(managedRepositoryContent, path) != null;
        }
        try {
            ArtifactReference artifactReference = this.repositoryRequest.toArtifactReference(path);
            if (artifactReference == null) {
                return false;
            }
            ((RepositoryStorage) this.applicationContext.getBean("repositoryStorage#" + managedRepositoryContent.getRepository().getLayout(), RepositoryStorage.class)).applyServerSideRelocation(managedRepositoryContent, artifactReference);
            File fetchFromProxies = this.connectors.fetchFromProxies(managedRepositoryContent, artifactReference);
            logicalResource.setPath(managedRepositoryContent.toPath(artifactReference));
            this.log.debug("Proxied artifact '{}:{}:{}'", artifactReference.getGroupId(), artifactReference.getArtifactId(), artifactReference.getVersion());
            return fetchFromProxies != null;
        } catch (ProxyDownloadException e) {
            this.log.error(e.getMessage(), (Throwable) e);
            throw new DavException(500, "Unable to fetch artifact resource.");
        } catch (LayoutException e2) {
            return false;
        }
    }

    private void triggerAuditEvent(String str, String str2, String str3, String str4, String str5) {
        AuditEvent auditEvent = new AuditEvent(str2, str5, str3, str4);
        auditEvent.setRemoteIP(str);
        Iterator<AuditListener> it = this.auditListeners.iterator();
        while (it.hasNext()) {
            it.next().auditEvent(auditEvent);
        }
    }

    @Override // org.apache.archiva.audit.Auditable
    public void addAuditListener(AuditListener auditListener) {
        this.auditListeners.add(auditListener);
    }

    @Override // org.apache.archiva.audit.Auditable
    public void clearAuditListeners() {
        this.auditListeners.clear();
    }

    @Override // org.apache.archiva.audit.Auditable
    public void removeAuditListener(AuditListener auditListener) {
        this.auditListeners.remove(auditListener);
    }

    private void setHeaders(DavServletResponse davServletResponse, DavResourceLocator davResourceLocator, DavResource davResource, boolean z) {
        if (davResourceLocator.getResourcePath().endsWith("/maven-metadata.xml") || ((davResource instanceof ArchivaDavResource) && ((ArchivaDavResource) ArchivaDavResource.class.cast(davResource)).getLocalResource().isDirectory())) {
            davServletResponse.setHeader("Pragma", "no-cache");
            davServletResponse.setHeader("Cache-Control", "no-cache");
            davServletResponse.setDateHeader("Last-Modified", new Date().getTime());
        } else if (davResourceLocator.getResourcePath().endsWith("/maven-metadata.xml") || ((davResource instanceof ArchivaVirtualDavResource) && new File(((ArchivaVirtualDavResource) ArchivaVirtualDavResource.class.cast(davResource)).getLogicalResource()).isDirectory())) {
            davServletResponse.setHeader("Pragma", "no-cache");
            davServletResponse.setHeader("Cache-Control", "no-cache");
            davServletResponse.setDateHeader("Last-Modified", new Date().getTime());
        } else if (!z) {
            davServletResponse.setDateHeader("Last-Modified", davResource.getModificationTime());
        } else if (davResource instanceof ArchivaVirtualDavResource) {
            davServletResponse.setDateHeader("Last-Modified", new Date().getTime());
        }
    }

    private ArchivaDavResourceLocator checkLocatorIsInstanceOfRepositoryLocator(DavResourceLocator davResourceLocator) throws DavException {
        if (!(davResourceLocator instanceof ArchivaDavResourceLocator)) {
            throw new DavException(500, "Locator does not implement RepositoryLocator");
        }
        if (davResourceLocator.getResourcePath().startsWith(".")) {
            throw new DavException(404);
        }
        ArchivaDavResourceLocator archivaDavResourceLocator = (ArchivaDavResourceLocator) davResourceLocator;
        if (StringUtils.isEmpty(archivaDavResourceLocator.getRepositoryId())) {
            throw new DavException(204);
        }
        return archivaDavResourceLocator;
    }

    private String addHrefPrefix(String str, String str2) {
        String applicationUrl = this.archivaConfiguration.getConfiguration().getWebapp().getUi().getApplicationUrl();
        if (applicationUrl == null || applicationUrl.isEmpty()) {
            applicationUrl = str;
        }
        return applicationUrl + (StringUtils.startsWith(str2, "/") ? "" : StringUtils.endsWith(applicationUrl, "/") ? "" : "/") + str2;
    }

    protected boolean isAuthorized(DavServletRequest davServletRequest, String str) throws DavException {
        try {
            AuthenticationResult authenticationResult = this.httpAuth.getAuthenticationResult(davServletRequest, null);
            SecuritySession securitySession = this.httpAuth.getSecuritySession(davServletRequest.getSession(true));
            if (this.servletAuth.isAuthenticated(davServletRequest, authenticationResult)) {
                if (this.servletAuth.isAuthorized(davServletRequest, securitySession, str, WebdavMethodUtil.getMethodPermission(davServletRequest.getMethod()))) {
                    return true;
                }
            }
            return false;
        } catch (AuthenticationException e) {
            try {
                if (this.servletAuth.isAuthorized(UserManager.GUEST_USERNAME, ((ArchivaDavResourceLocator) davServletRequest.getRequestLocator()).getRepositoryId(), WebdavMethodUtil.getMethodPermission(davServletRequest.getMethod()))) {
                    return true;
                }
                throw new UnauthorizedDavException(str, "You are not authenticated");
            } catch (UnauthorizedException e2) {
                throw new UnauthorizedDavException(str, "You are not authenticated and authorized to access any repository.");
            }
        } catch (AuthorizationException e3) {
            throw new DavException(500, "Fatal Authorization Subsystem Error.");
        } catch (UnauthorizedException e4) {
            throw new UnauthorizedDavException(str, e4.getMessage());
        } catch (AccountLockedException e5) {
            throw new UnauthorizedDavException(str, "User account is locked.");
        } catch (MustChangePasswordException e6) {
            throw new UnauthorizedDavException(str, "You must change your password.");
        }
    }

    private DavResource getResourceFromGroup(DavServletRequest davServletRequest, List<String> list, ArchivaDavResourceLocator archivaDavResourceLocator, RepositoryGroupConfiguration repositoryGroupConfiguration) throws DavException, RepositoryAdminException {
        if (repositoryGroupConfiguration.getRepositories() == null || repositoryGroupConfiguration.getRepositories().isEmpty()) {
            return new ArchivaDavResource(new File(System.getProperty("appserver.base"), "groups/" + repositoryGroupConfiguration.getId()).getPath(), "groups/" + repositoryGroupConfiguration.getId(), null, davServletRequest.getDavSession(), archivaDavResourceLocator, this, this.mimeTypes, this.auditListeners, this.scheduler, this.fileLockManager);
        }
        ArrayList arrayList = new ArrayList();
        String logicalResource = getLogicalResource(archivaDavResourceLocator, this.managedRepositoryAdmin.getManagedRepository(repositoryGroupConfiguration.getRepositories().get(0)), false);
        if (logicalResource.startsWith("/")) {
            logicalResource = logicalResource.substring(1);
        }
        LogicalResource logicalResource2 = new LogicalResource(logicalResource);
        String activePrincipal = getActivePrincipal(davServletRequest);
        boolean isAllowedToContinue = isAllowedToContinue(davServletRequest, list, activePrincipal);
        String removeEnd = StringUtils.removeEnd(davServletRequest.getPathInfo(), "/");
        if (!isAllowedToContinue) {
            throw new UnauthorizedDavException(archivaDavResourceLocator.getRepositoryId(), "User not authorized.");
        }
        if (StringUtils.endsWith(removeEnd, repositoryGroupConfiguration.getMergedIndexPath())) {
            arrayList.add(buildMergedIndexDirectory(list, activePrincipal, davServletRequest, repositoryGroupConfiguration));
        } else {
            if (StringUtils.equalsIgnoreCase(removeEnd, "/" + repositoryGroupConfiguration.getId())) {
                File file = new File(SystemUtils.getJavaIoTmpDir(), repositoryGroupConfiguration.getId() + "/" + repositoryGroupConfiguration.getMergedIndexPath());
                if (!file.exists()) {
                    synchronized (file.getAbsolutePath()) {
                        if (!file.exists()) {
                            file.mkdirs();
                        }
                    }
                }
                arrayList.add(file.getParentFile());
            }
            for (String str : list) {
                try {
                    ManagedRepositoryContent managedRepositoryContent = this.repositoryFactory.getManagedRepositoryContent(str);
                    File file2 = new File(managedRepositoryContent.getRepoRoot(), logicalResource2.getPath());
                    if (file2.exists()) {
                        String indexDirectory = managedRepositoryContent.getRepository().getIndexDirectory();
                        if (StringUtils.isNotEmpty(indexDirectory) && !new File(indexDirectory).isAbsolute()) {
                            indexDirectory = new File(managedRepositoryContent.getRepository().getLocation(), StringUtils.isEmpty(indexDirectory) ? ".indexer" : indexDirectory).getAbsolutePath();
                        }
                        if (StringUtils.isEmpty(indexDirectory)) {
                            indexDirectory = new File(managedRepositoryContent.getRepository().getLocation(), ".indexer").getAbsolutePath();
                        }
                        if (!StringUtils.equals(FilenameUtils.normalize(indexDirectory), FilenameUtils.normalize(file2.getAbsolutePath()))) {
                            if (this.httpAuth.getSecuritySession(davServletRequest.getSession(true)) != null) {
                                try {
                                    if (isAuthorized(davServletRequest, str)) {
                                        arrayList.add(file2);
                                        this.log.debug("Repository '{}' accessed by '{}'", str, activePrincipal);
                                    }
                                } catch (DavException e) {
                                    this.log.debug("Skipping repository '{}' for user '{}': {}", managedRepositoryContent, activePrincipal, e.getMessage());
                                }
                            } else {
                                try {
                                    if (this.servletAuth.isAuthorized(activePrincipal, str, WebdavMethodUtil.getMethodPermission(davServletRequest.getMethod()))) {
                                        arrayList.add(file2);
                                        this.log.debug("Repository '{}' accessed by '{}'", str, activePrincipal);
                                    }
                                } catch (UnauthorizedException e2) {
                                    this.log.debug("Skipping repository '{}' for user '{}': {}", managedRepositoryContent, activePrincipal, e2.getMessage());
                                }
                            }
                        }
                    }
                } catch (RepositoryNotFoundException e3) {
                    throw new DavException(500, "Invalid managed repository <" + str + ">: " + e3.getMessage());
                } catch (RepositoryException e4) {
                    throw new DavException(500, "Invalid managed repository <" + str + ">: " + e4.getMessage());
                }
            }
        }
        ArchivaVirtualDavResource archivaVirtualDavResource = new ArchivaVirtualDavResource(arrayList, logicalResource2.getPath(), this.mimeTypes, archivaDavResourceLocator, this);
        if (!archivaVirtualDavResource.isCollection() || davServletRequest.getRequestURI().endsWith("/")) {
            return archivaVirtualDavResource;
        }
        throw new BrowserRedirectException(archivaVirtualDavResource.getHref());
    }

    protected String getActivePrincipal(DavServletRequest davServletRequest) {
        User sessionUser = this.httpAuth.getSessionUser(davServletRequest.getSession());
        return sessionUser != null ? sessionUser.getUsername() : UserManager.GUEST_USERNAME;
    }

    private boolean isAllowedToContinue(DavServletRequest davServletRequest, List<String> list, String str) {
        if (list == null || list.isEmpty()) {
            return true;
        }
        boolean z = false;
        if (this.httpAuth.getSecuritySession(davServletRequest.getSession()) == null) {
            Iterator<String> it = list.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (this.servletAuth.isAuthorized(str, it.next(), WebdavMethodUtil.getMethodPermission(davServletRequest.getMethod()))) {
                    z = true;
                    break;
                }
            }
        } else {
            Iterator<String> it2 = list.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                if (isAuthorized(davServletRequest, it2.next())) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }

    private File writeMergedMetadataToFile(ArchivaRepositoryMetadata archivaRepositoryMetadata, String str) throws RepositoryMetadataException, DigesterException, IOException {
        File file = new File(str);
        if (file.exists()) {
            FileUtils.deleteQuietly(file);
        }
        file.getParentFile().mkdirs();
        RepositoryMetadataWriter.write(archivaRepositoryMetadata, file);
        createChecksumFile(str, this.digestSha1);
        createChecksumFile(str, this.digestMd5);
        return file;
    }

    private void createChecksumFile(String str, Digester digester) throws DigesterException, IOException {
        File file = new File(str + digester.getFilenameExtension());
        if (!file.exists()) {
            FileUtils.deleteQuietly(file);
            this.checksum.createChecksum(new File(str), digester);
        } else {
            if (file.isFile()) {
                return;
            }
            this.log.error("Checksum file is not a file.");
        }
    }

    private boolean isProjectReference(String str) {
        try {
            this.metadataTools.toVersionedReference(str);
            return false;
        } catch (RepositoryMetadataException e) {
            return true;
        }
    }

    protected File buildMergedIndexDirectory(List<String> list, String str, DavServletRequest davServletRequest, RepositoryGroupConfiguration repositoryGroupConfiguration) throws DavException {
        try {
            HttpSession session = davServletRequest.getSession();
            Map map = (Map) session.getAttribute(TemporaryGroupIndexSessionCleaner.TEMPORARY_INDEX_SESSION_KEY);
            if (map == null) {
                map = new HashMap();
            }
            TemporaryGroupIndex temporaryGroupIndex = (TemporaryGroupIndex) map.get(repositoryGroupConfiguration.getId());
            if (temporaryGroupIndex != null && temporaryGroupIndex.getDirectory() != null && temporaryGroupIndex.getDirectory().exists()) {
                if (System.currentTimeMillis() - temporaryGroupIndex.getCreationTime() <= repositoryGroupConfiguration.getMergedIndexTtl() * 60 * 1000) {
                    this.log.debug(MarkerFactory.getMarker("group.merged.index"), "merged index for group '{}' found in cache", repositoryGroupConfiguration.getId());
                    return temporaryGroupIndex.getDirectory();
                }
                this.log.debug(MarkerFactory.getMarker("group.merged.index"), "tmp group index '{}' is too old so delete it", repositoryGroupConfiguration.getId());
                this.indexMerger.cleanTemporaryGroupIndex(temporaryGroupIndex);
            }
            HashSet hashSet = new HashSet();
            String methodPermission = WebdavMethodUtil.getMethodPermission(davServletRequest.getMethod());
            for (String str2 : list) {
                try {
                    if (this.servletAuth.isAuthorized(str, str2, methodPermission)) {
                        hashSet.add(str2);
                        hashSet.addAll(this.repositorySearch.getRemoteIndexingContextIds(str2));
                    }
                } catch (UnauthorizedException e) {
                    this.log.debug("Skipping repository '{}' for user '{}': {}", str2, str, e.getMessage());
                }
            }
            this.log.info("generate temporary merged index for repository group '{}' for repositories '{}'", repositoryGroupConfiguration.getId(), hashSet);
            File file = Files.createTempDirectory("temp", new FileAttribute[0]).toFile();
            file.deleteOnExit();
            IndexingContext indexingContext = new MergedRemoteIndexesTask(new MergedRemoteIndexesTaskRequest(new IndexMergerRequest(hashSet, true, repositoryGroupConfiguration.getId(), repositoryGroupConfiguration.getMergedIndexPath(), repositoryGroupConfiguration.getMergedIndexTtl()).mergedIndexDirectory(file).temporary(true), this.indexMerger)).execute().getIndexingContext();
            File indexDirectoryFile = indexingContext.getIndexDirectoryFile();
            map.put(repositoryGroupConfiguration.getId(), new TemporaryGroupIndex(indexDirectoryFile, indexingContext.getId(), repositoryGroupConfiguration.getId(), repositoryGroupConfiguration.getMergedIndexTtl()).setCreationTime(new Date().getTime()));
            session.setAttribute(TemporaryGroupIndexSessionCleaner.TEMPORARY_INDEX_SESSION_KEY, map);
            return indexDirectoryFile;
        } catch (IOException e2) {
            throw new DavException(500, e2);
        } catch (RepositoryAdminException e3) {
            throw new DavException(500, e3);
        } catch (IndexMergerException e4) {
            throw new DavException(500, e4);
        }
    }

    public void setServletAuth(ServletAuthenticator servletAuthenticator) {
        this.servletAuth = servletAuthenticator;
    }

    public void setHttpAuth(HttpAuthenticator httpAuthenticator) {
        this.httpAuth = httpAuthenticator;
    }

    public void setScheduler(RepositoryArchivaTaskScheduler repositoryArchivaTaskScheduler) {
        this.scheduler = repositoryArchivaTaskScheduler;
    }

    public void setArchivaConfiguration(ArchivaConfiguration archivaConfiguration) {
        this.archivaConfiguration = archivaConfiguration;
    }

    public void setRepositoryFactory(RepositoryContentFactory repositoryContentFactory) {
        this.repositoryFactory = repositoryContentFactory;
    }

    public void setRepositoryRequest(RepositoryRequest repositoryRequest) {
        this.repositoryRequest = repositoryRequest;
    }

    public void setConnectors(RepositoryProxyConnectors repositoryProxyConnectors) {
        this.connectors = repositoryProxyConnectors;
    }

    public RemoteRepositoryAdmin getRemoteRepositoryAdmin() {
        return this.remoteRepositoryAdmin;
    }

    public void setRemoteRepositoryAdmin(RemoteRepositoryAdmin remoteRepositoryAdmin) {
        this.remoteRepositoryAdmin = remoteRepositoryAdmin;
    }

    public ManagedRepositoryAdmin getManagedRepositoryAdmin() {
        return this.managedRepositoryAdmin;
    }

    public void setManagedRepositoryAdmin(ManagedRepositoryAdmin managedRepositoryAdmin) {
        this.managedRepositoryAdmin = managedRepositoryAdmin;
    }
}
