package org.joget.api.lib;

import java.io.File;
import java.io.FileInputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;
import java.util.zip.ZipEntry;
import java.util.zip.ZipOutputStream;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.tagext.TagAttributeInfo;
import org.apache.commons.fileupload.FileUploadBase;
import org.apache.commons.lang3.BooleanUtils;
import org.joget.api.annotations.Operation;
import org.joget.api.annotations.Param;
import org.joget.api.annotations.Response;
import org.joget.api.annotations.Responses;
import org.joget.api.model.ApiDefinition;
import org.joget.api.model.ApiPluginAbstract;
import org.joget.api.model.ApiResponse;
import org.joget.api.model.JSONOrderedObject;
import org.joget.api.service.ApiService;
import org.joget.apps.app.dao.FormDefinitionDao;
import org.joget.apps.app.model.AppDefinition;
import org.joget.apps.app.model.FormDefinition;
import org.joget.apps.app.service.AppPluginUtil;
import org.joget.apps.app.service.AppService;
import org.joget.apps.app.service.AppUtil;
import org.joget.apps.form.lib.FileUpload;
import org.joget.apps.form.lib.Grid;
import org.joget.apps.form.model.AbstractSubForm;
import org.joget.apps.form.model.Element;
import org.joget.apps.form.model.FileDownloadSecurity;
import org.joget.apps.form.model.Form;
import org.joget.apps.form.model.FormContainer;
import org.joget.apps.form.model.FormData;
import org.joget.apps.form.model.FormRow;
import org.joget.apps.form.model.FormRowSet;
import org.joget.apps.form.model.GridInnerDataRetriever;
import org.joget.apps.form.service.FileUtil;
import org.joget.apps.form.service.FormService;
import org.joget.apps.form.service.FormUtil;
import org.joget.commons.util.LogUtil;
import org.joget.workflow.model.WorkflowAssignment;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:org/joget/api/lib/AppFormAPI.class */
public class AppFormAPI extends ApiPluginAbstract {
    public String getName() {
        return "AppFormAPI";
    }

    public String getVersion() {
        return "7.0-SNAPSHOT";
    }

    public String getDescription() {
        return AppPluginUtil.getMessage(getName() + ".desc", getClassName(), getResourceBundlePath());
    }

    public String getLabel() {
        return AppPluginUtil.getMessage(getName() + ".label", getClassName(), getResourceBundlePath());
    }

    public String getClassName() {
        return getClass().getName();
    }

    public String getPropertyOptions() {
        return AppUtil.readPluginResource(getClass().getName(), "/properties/api/" + getName() + ".json", (Object[]) null, true, getResourceBundlePath());
    }

    @Override // org.joget.api.model.ApiPlugin
    public String getIcon() {
        return "<i class=\"fas fa-file-alt\"></i>";
    }

    @Override // org.joget.api.model.ApiPlugin
    public String getTag() {
        return "form/{formDefId}";
    }

    @Operation(path = "/", summary = "@@FormAPI.addFormData.summary@@", description = "@@FormAPI.addFormData.desc@@")
    @Responses({@Response(responseCode = HttpServletResponse.SC_OK, description = "@@FormAPI.resp.200@@", definition = "FormDataResponse"), @Response(responseCode = HttpServletResponse.SC_METHOD_NOT_ALLOWED, description = "@@FormAPI.resp.405@@")})
    public ApiResponse addFormData(@Param(value = "body", description = "@@FormAPI.addFormData.body.desc@@", definition = "{formDefId}-FormData") JSONObject jSONObject) {
        try {
            Form form = getForm();
            FormData formData = new FormData();
            if (BooleanUtils.TRUE.equalsIgnoreCase(getPropertyString("ignorePermission"))) {
                formData.addFormResult("_PREVIEW_MODE", BooleanUtils.TRUE);
            }
            if (jSONObject.has(TagAttributeInfo.ID) && !jSONObject.getString(TagAttributeInfo.ID).isEmpty()) {
                formData.setPrimaryKeyValue(jSONObject.getString(TagAttributeInfo.ID));
                FormUtil.executeLoadBinders(form, formData);
                if (!formData.getLoadBinderData(form).isEmpty()) {
                    return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405.InvalidID", getClassName(), getResourceBundlePath()));
                }
            }
            APIFormUtil.jsonToFormData(form, formData, jSONObject, getPropertyString("ignorePermission"));
            FormData submitForm = ((AppService) AppUtil.getApplicationContext().getBean("appService")).submitForm(form, formData, false);
            JSONObject jSONObject2 = new JSONObject();
            if (submitForm.getFormErrors().isEmpty()) {
                jSONObject2.put(TagAttributeInfo.ID, form.getPrimaryKeyValue(submitForm));
                jSONObject2.put("errors", (Map) new HashMap());
            } else {
                jSONObject2.put(TagAttributeInfo.ID, "");
                jSONObject2.put("errors", submitForm.getFormErrors());
            }
            return new ApiResponse(HttpServletResponse.SC_OK, jSONObject2);
        } catch (JSONException e) {
            LogUtil.error(getClassName(), e, "");
            return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405", getClassName(), getResourceBundlePath()));
        } catch (Exception e2) {
            LogUtil.error(getClassName(), e2, "");
            return new ApiResponse(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, AppPluginUtil.getMessage("FormAPI.resp.500", getClassName(), getResourceBundlePath()));
        }
    }

    @Operation(path = "/saveOrUpdate", summary = "@@FormAPI.addOrUpdateFormData.summary@@", description = "@@FormAPI.addOrUpdateFormData.desc@@")
    @Responses({@Response(responseCode = HttpServletResponse.SC_OK, description = "@@FormAPI.resp.200@@", definition = "FormDataResponse"), @Response(responseCode = HttpServletResponse.SC_METHOD_NOT_ALLOWED, description = "@@FormAPI.resp.405@@")})
    public ApiResponse saveOrUpdateFormData(@Param(value = "body", description = "@@FormAPI.addFormData.body.desc@@", definition = "{formDefId}-FormData") JSONObject jSONObject) {
        Element findElement;
        String elementPropertyValue;
        try {
            Form form = getForm();
            FormData formData = new FormData();
            if (BooleanUtils.TRUE.equalsIgnoreCase(getPropertyString("ignorePermission"))) {
                formData.addFormResult("_PREVIEW_MODE", BooleanUtils.TRUE);
            }
            if (jSONObject.has(TagAttributeInfo.ID) && !jSONObject.getString(TagAttributeInfo.ID).isEmpty()) {
                formData.setPrimaryKeyValue(jSONObject.getString(TagAttributeInfo.ID));
                FormUtil.executeLoadBinders(form, formData);
                if (!formData.getLoadBinderData(form).isEmpty() && (findElement = FormUtil.findElement(TagAttributeInfo.ID, form, formData)) != null && (elementPropertyValue = FormUtil.getElementPropertyValue(findElement, formData)) != null && !elementPropertyValue.trim().isEmpty() && !"".equals(formData.getRequestParameter("_FORM_META_ORIGINAL_ID"))) {
                    findElement.setProperty("readonly", BooleanUtils.TRUE);
                }
            }
            APIFormUtil.jsonToFormData(form, formData, jSONObject, getPropertyString("ignorePermission"));
            FormData submitForm = ((AppService) AppUtil.getApplicationContext().getBean("appService")).submitForm(form, formData, false);
            JSONObject jSONObject2 = new JSONObject();
            if (submitForm.getFormErrors().isEmpty()) {
                jSONObject2.put(TagAttributeInfo.ID, form.getPrimaryKeyValue(submitForm));
                jSONObject2.put("errors", (Map) new HashMap());
            } else {
                jSONObject2.put(TagAttributeInfo.ID, "");
                jSONObject2.put("errors", submitForm.getFormErrors());
            }
            return new ApiResponse(HttpServletResponse.SC_OK, jSONObject2);
        } catch (JSONException e) {
            LogUtil.error(getClassName(), e, "");
            return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405", getClassName(), getResourceBundlePath()));
        } catch (Exception e2) {
            LogUtil.error(getClassName(), e2, "");
            return new ApiResponse(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, AppPluginUtil.getMessage("FormAPI.resp.500", getClassName(), getResourceBundlePath()));
        }
    }

    @Operation(path = "/addWithFiles", summary = "@@FormAPI.addFormDataWithFiles.summary@@", description = "@@FormAPI.addFormData.desc@@", bodyContentType = FileUploadBase.MULTIPART_FORM_DATA)
    @Responses({@Response(responseCode = HttpServletResponse.SC_OK, description = "@@FormAPI.resp.200@@", definition = "FormDataResponse"), @Response(responseCode = HttpServletResponse.SC_METHOD_NOT_ALLOWED, description = "@@FormAPI.resp.405@@")})
    public ApiResponse addFormDataWithFiles(@Param(value = "body", description = "@@FormAPI.addFormData.body.desc@@", definition = "{formDefId}-FormDataWithFiles") Map map) {
        try {
            FormService formService = (FormService) AppUtil.getApplicationContext().getBean("formService");
            Form form = getForm();
            FormData retrieveFormDataFromRequestMap = formService.retrieveFormDataFromRequestMap(new FormData(), map);
            handleGridData(form, retrieveFormDataFromRequestMap);
            if (BooleanUtils.TRUE.equalsIgnoreCase(getPropertyString("ignorePermission"))) {
                retrieveFormDataFromRequestMap.addFormResult("_PREVIEW_MODE", BooleanUtils.TRUE);
            }
            String requestParameter = retrieveFormDataFromRequestMap.getRequestParameter(TagAttributeInfo.ID);
            if (requestParameter != null && !requestParameter.isEmpty()) {
                retrieveFormDataFromRequestMap.setPrimaryKeyValue(requestParameter);
                FormUtil.executeLoadBinders(form, retrieveFormDataFromRequestMap);
                if (!retrieveFormDataFromRequestMap.getLoadBinderData(form).isEmpty()) {
                    return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405.InvalidID", getClassName(), getResourceBundlePath()));
                }
            }
            FormData submitForm = ((AppService) AppUtil.getApplicationContext().getBean("appService")).submitForm(form, retrieveFormDataFromRequestMap, false);
            JSONObject jSONObject = new JSONObject();
            if (submitForm.getFormErrors().isEmpty()) {
                jSONObject.put(TagAttributeInfo.ID, form.getPrimaryKeyValue(submitForm));
                jSONObject.put("errors", (Map) new HashMap());
            } else {
                jSONObject.put(TagAttributeInfo.ID, "");
                jSONObject.put("errors", submitForm.getFormErrors());
            }
            return new ApiResponse(HttpServletResponse.SC_OK, jSONObject);
        } catch (JSONException e) {
            LogUtil.error(getClassName(), e, "");
            return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405", getClassName(), getResourceBundlePath()));
        } catch (Exception e2) {
            LogUtil.error(getClassName(), e2, "");
            return new ApiResponse(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, AppPluginUtil.getMessage("FormAPI.resp.500", getClassName(), getResourceBundlePath()));
        }
    }

    @Operation(path = "/", type = Operation.MethodType.PUT, summary = "@@FormAPI.updateFormData.summary@@", description = "@@FormAPI.updateFormData.desc@@")
    @Responses({@Response(responseCode = HttpServletResponse.SC_OK, description = "@@FormAPI.resp.200@@", definition = "FormDataResponse"), @Response(responseCode = HttpServletResponse.SC_NOT_FOUND, description = "@@FormAPI.resp.404@@"), @Response(responseCode = HttpServletResponse.SC_METHOD_NOT_ALLOWED, description = "@@FormAPI.resp.405@@")})
    public ApiResponse updateFormData(@Param(value = "body", description = "@@FormAPI.updateFormData.body.desc@@", definition = "{formDefId}-FormData") JSONObject jSONObject) {
        String elementPropertyValue;
        try {
            AppService appService = (AppService) AppUtil.getApplicationContext().getBean("appService");
            Form form = getForm();
            FormData formData = new FormData();
            if (BooleanUtils.TRUE.equalsIgnoreCase(getPropertyString("ignorePermission"))) {
                formData.addFormResult("_PREVIEW_MODE", BooleanUtils.TRUE);
            }
            if (!jSONObject.has(TagAttributeInfo.ID)) {
                return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405", getClassName(), getResourceBundlePath()));
            }
            formData.setPrimaryKeyValue(jSONObject.getString(TagAttributeInfo.ID));
            formData.addRequestParameterValues("_FORM_META_ORIGINAL_ID", new String[]{jSONObject.getString(TagAttributeInfo.ID)});
            FormUtil.executeLoadBinders(form, formData);
            FormRowSet loadBinderData = formData.getLoadBinderData(form);
            if (loadBinderData == null || loadBinderData.isEmpty()) {
                return new ApiResponse(HttpServletResponse.SC_NOT_FOUND, AppPluginUtil.getMessage("FormAPI.resp.404", getClassName(), getResourceBundlePath()));
            }
            Element findElement = FormUtil.findElement(TagAttributeInfo.ID, form, formData);
            if (findElement != null && (elementPropertyValue = FormUtil.getElementPropertyValue(findElement, formData)) != null && !elementPropertyValue.trim().isEmpty() && !"".equals(formData.getRequestParameter("_FORM_META_ORIGINAL_ID"))) {
                findElement.setProperty("readonly", BooleanUtils.TRUE);
            }
            APIFormUtil.jsonToFormData(form, formData, jSONObject, getPropertyString("ignorePermission"));
            FormData submitForm = appService.submitForm(form, formData, false);
            JSONObject jSONObject2 = new JSONObject();
            if (submitForm.getFormErrors().isEmpty()) {
                jSONObject2.put(TagAttributeInfo.ID, form.getPrimaryKeyValue(submitForm));
                jSONObject2.put("errors", (Map) new HashMap());
            } else {
                jSONObject2.put(TagAttributeInfo.ID, submitForm.getPrimaryKeyValue());
                jSONObject2.put("errors", submitForm.getFormErrors());
            }
            return new ApiResponse(HttpServletResponse.SC_OK, jSONObject2);
        } catch (JSONException e) {
            LogUtil.error(getClassName(), e, "");
            return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405", getClassName(), getResourceBundlePath()));
        } catch (Exception e2) {
            LogUtil.error(getClassName(), e2, "");
            return new ApiResponse(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, AppPluginUtil.getMessage("FormAPI.resp.500", getClassName(), getResourceBundlePath()));
        }
    }

    @Operation(path = "/updateWithFiles", type = Operation.MethodType.POST, summary = "@@FormAPI.updateFormDataWithFiles.summary@@", description = "@@FormAPI.updateFormData.desc@@", bodyContentType = FileUploadBase.MULTIPART_FORM_DATA)
    @Responses({@Response(responseCode = HttpServletResponse.SC_OK, description = "@@FormAPI.resp.200@@", definition = "FormDataResponse"), @Response(responseCode = HttpServletResponse.SC_NOT_FOUND, description = "@@FormAPI.resp.404@@"), @Response(responseCode = HttpServletResponse.SC_METHOD_NOT_ALLOWED, description = "@@FormAPI.resp.405@@")})
    public ApiResponse updateFormDataWithFiles(@Param(value = "body", description = "@@FormAPI.updateFormData.body.desc@@", definition = "{formDefId}-FormDataWithFiles") Map map, @Param(value = "appendFile", required = false, description = "@@FormAPI.getFormData.appendFile.desc@@") String str) {
        String elementPropertyValue;
        FormRowSet load;
        try {
            AppService appService = (AppService) AppUtil.getApplicationContext().getBean("appService");
            FormService formService = (FormService) AppUtil.getApplicationContext().getBean("formService");
            Form form = getForm();
            FormData retrieveFormDataFromRequestMap = formService.retrieveFormDataFromRequestMap(new FormData(), map);
            if (str != null && str.equalsIgnoreCase(BooleanUtils.TRUE) && (load = form.getLoadBinder().load(form, retrieveFormDataFromRequestMap.getRequestParameter(TagAttributeInfo.ID), retrieveFormDataFromRequestMap)) != null && !load.isEmpty()) {
                FormRow formRow = (FormRow) load.get(0);
                for (Object obj : formRow.keySet()) {
                    if ((FormUtil.findElement(obj.toString(), form, retrieveFormDataFromRequestMap) instanceof FileUpload) && retrieveFormDataFromRequestMap.getRequestParameterValues(obj.toString()) != null) {
                        ArrayList arrayList = new ArrayList(Arrays.asList(retrieveFormDataFromRequestMap.getRequestParameterValues(obj.toString())));
                        if (formRow.getProperty(obj.toString()).contains(";")) {
                            String[] split = formRow.getProperty(obj.toString()).split(";");
                            for (int i = 0; i <= split.length - 1; i++) {
                                arrayList.add(split[i]);
                            }
                        } else {
                            arrayList.add(formRow.getProperty(obj.toString()));
                        }
                        retrieveFormDataFromRequestMap.addRequestParameterValues(obj.toString(), (String[]) arrayList.toArray(new String[0]));
                    }
                }
            }
            handleGridData(form, retrieveFormDataFromRequestMap);
            if (BooleanUtils.TRUE.equalsIgnoreCase(getPropertyString("ignorePermission"))) {
                retrieveFormDataFromRequestMap.addFormResult("_PREVIEW_MODE", BooleanUtils.TRUE);
            }
            String requestParameter = retrieveFormDataFromRequestMap.getRequestParameter(TagAttributeInfo.ID);
            if (requestParameter == null || requestParameter.isEmpty()) {
                return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405", getClassName(), getResourceBundlePath()));
            }
            retrieveFormDataFromRequestMap.setPrimaryKeyValue(requestParameter);
            retrieveFormDataFromRequestMap.addRequestParameterValues("_FORM_META_ORIGINAL_ID", new String[]{requestParameter});
            FormUtil.executeLoadBinders(form, retrieveFormDataFromRequestMap);
            FormRowSet loadBinderData = retrieveFormDataFromRequestMap.getLoadBinderData(form);
            if (loadBinderData == null || loadBinderData.isEmpty()) {
                return new ApiResponse(HttpServletResponse.SC_NOT_FOUND, AppPluginUtil.getMessage("FormAPI.resp.404", getClassName(), getResourceBundlePath()));
            }
            Element findElement = FormUtil.findElement(TagAttributeInfo.ID, form, retrieveFormDataFromRequestMap);
            if (findElement != null && (elementPropertyValue = FormUtil.getElementPropertyValue(findElement, retrieveFormDataFromRequestMap)) != null && !elementPropertyValue.trim().isEmpty() && !"".equals(retrieveFormDataFromRequestMap.getRequestParameter("_FORM_META_ORIGINAL_ID"))) {
                findElement.setProperty("readonly", BooleanUtils.TRUE);
            }
            FormData submitForm = appService.submitForm(form, retrieveFormDataFromRequestMap, false);
            JSONObject jSONObject = new JSONObject();
            if (submitForm.getFormErrors().isEmpty()) {
                jSONObject.put(TagAttributeInfo.ID, form.getPrimaryKeyValue(submitForm));
                jSONObject.put("errors", (Map) new HashMap());
            } else {
                jSONObject.put(TagAttributeInfo.ID, submitForm.getPrimaryKeyValue());
                jSONObject.put("errors", submitForm.getFormErrors());
            }
            return new ApiResponse(HttpServletResponse.SC_OK, jSONObject);
        } catch (JSONException e) {
            LogUtil.error(getClassName(), e, "");
            return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405", getClassName(), getResourceBundlePath()));
        } catch (Exception e2) {
            LogUtil.error(getClassName(), e2, "");
            return new ApiResponse(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, AppPluginUtil.getMessage("FormAPI.resp.500", getClassName(), getResourceBundlePath()));
        }
    }

    @Operation(path = "/{recordId}", type = Operation.MethodType.GET, summary = "@@FormAPI.getFormData.summary@@", description = "@@FormAPI.getFormData.desc@@")
    @Responses({@Response(responseCode = HttpServletResponse.SC_OK, description = "@@FormAPI.resp.200@@"), @Response(responseCode = HttpServletResponse.SC_METHOD_NOT_ALLOWED, description = "@@FormAPI.resp.405@@")})
    public ApiResponse getFormData(@Param(value = "recordId", description = "@@FormAPI.getFormData.recordId.desc@@") String str, @Param(value = "includeSubformData", required = false, description = "@@FormAPI.getFormData.includeSubformData.desc@@") Boolean bool, @Param(value = "includeReferenceElements", required = false, description = "@@FormAPI.getFormData.includeReferenceElements.desc@@") Boolean bool2, @Param(value = "flattenData", required = false, description = "@@FormAPI.getFormData.flattenData.desc@@") Boolean bool3) {
        try {
            AppDefinition currentAppDefinition = AppUtil.getCurrentAppDefinition();
            Map<String, Object> loadFormData = FormUtil.loadFormData(currentAppDefinition.getId(), currentAppDefinition.getVersion().toString(), getPropertyString("formDefId"), str, bool == null ? false : bool.booleanValue(), bool2 == null ? false : bool.booleanValue(), bool3 == null ? false : bool3.booleanValue(), (WorkflowAssignment) null);
            if (!BooleanUtils.TRUE.equalsIgnoreCase(getPropertyString("ignorePermission"))) {
                FormData formData = new FormData();
                formData.setPrimaryKeyValue(str);
                checkElementPermission(getForm(), loadFormData, formData, new HashSet(), bool, bool3);
            }
            return new ApiResponse(HttpServletResponse.SC_OK, new JSONObject(loadFormData));
        } catch (Exception e) {
            LogUtil.error(getClassName(), e, str);
            return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405", getClassName(), getResourceBundlePath()));
        }
    }

    @Operation(path = "/{recordId}", type = Operation.MethodType.DELETE, summary = "@@FormAPI.deleteFormData.summary@@", description = "@@FormAPI.deleteFormData.desc@@")
    @Responses({@Response(responseCode = HttpServletResponse.SC_OK, description = "@@FormAPI.resp.200@@"), @Response(responseCode = HttpServletResponse.SC_NOT_FOUND, description = "@@FormAPI.resp.404@@")})
    public ApiResponse deleteFormData(@Param(value = "recordId", description = "@@FormAPI.deleteFormData.id.desc@@") String str) {
        try {
            Form form = getForm();
            FormData formData = new FormData();
            formData.setPrimaryKeyValue(str);
            formData.addFormResult("FORM_RESULT_LOAD_ALL_DATA", "FORM_RESULT_LOAD_ALL_DATA");
            FormUtil.recursiveExecuteFormDeleteBinders(form, FormUtil.executeLoadBinders(form, formData), true, true, true, true);
            return new ApiResponse(HttpServletResponse.SC_OK, AppPluginUtil.getMessage("FormAPI.resp.200", getClassName(), getResourceBundlePath()));
        } catch (Exception e) {
            LogUtil.error(getClassName(), e, str);
            return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405", getClassName(), getResourceBundlePath()));
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:84:0x0183, code lost:
    
        r13 = r0.isDownloadAllowed(r11.getParameterMap());
     */
    /* JADX WARN: Finally extract failed */
    @org.joget.api.annotations.Operation(path = "/{recordId}/download/{fileName}", type = org.joget.api.annotations.Operation.MethodType.GET, summary = "@@FormAPI.downloadFile.summary@@", description = "@@FormAPI.downloadFile.desc@@")
    @org.joget.api.annotations.Responses({@org.joget.api.annotations.Response(responseCode = javax.servlet.http.HttpServletResponse.SC_OK, description = "@@FormAPI.resp.200@@", contentType = "*", definition = "{\"type\" : \"file\"}"), @org.joget.api.annotations.Response(responseCode = javax.servlet.http.HttpServletResponse.SC_NOT_FOUND, description = "@@FormAPI.resp.404@@")})
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.joget.api.model.ApiResponse downloadFile(@org.joget.api.annotations.Param(value = "recordId", description = "@@FormAPI.getFormData.recordId.desc@@") java.lang.String r8, @org.joget.api.annotations.Param(value = "fileName", description = "@@FormAPI.downloadFile.fileName.desc@@") java.lang.String r9, @org.joget.api.annotations.Param(value = "attachment", required = false, description = "@@FormAPI.downloadFile.attachment.desc@@") java.lang.Boolean r10, javax.servlet.http.HttpServletRequest r11, javax.servlet.http.HttpServletResponse r12) {
        /*
            Method dump skipped, instructions count: 856
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.joget.api.lib.AppFormAPI.downloadFile(java.lang.String, java.lang.String, java.lang.Boolean, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse):org.joget.api.model.ApiResponse");
    }

    @Operation(path = "/{recordId}/{fieldId}/files", type = Operation.MethodType.GET, summary = "@@FormAPI.downloadFiles.summary@@", description = "@@FormAPI.downloadFiles.desc@@")
    @Responses({@Response(responseCode = HttpServletResponse.SC_OK, description = "@@FormAPI.resp.200@@", contentType = "application/zip", definition = "{\"type\" : \"file\"}"), @Response(responseCode = HttpServletResponse.SC_NOT_FOUND, description = "@@FormAPI.resp.404@@")})
    public ApiResponse downloadFiles(@Param(value = "recordId", description = "@@FormAPI.getFormData.recordId.desc@@") String str, @Param(value = "fieldId", description = "@@FormAPI.downloadFiles.fieldId.desc@@") String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            boolean z = false;
            AppDefinition currentAppDefinition = AppUtil.getCurrentAppDefinition();
            String str3 = null;
            Form form = getForm();
            FormData formData = new FormData();
            if (BooleanUtils.TRUE.equalsIgnoreCase(getPropertyString("ignorePermission"))) {
                z = true;
                str3 = ((AppService) AppUtil.getApplicationContext().getBean("appService")).getFormTableName(currentAppDefinition, getPropertyString("formDefId"));
            } else if (form != null) {
                try {
                    if (form.getLoadBinder() != null) {
                        str3 = form.getPropertyString("tableName");
                        FileDownloadSecurity findElement = FormUtil.findElement(str2, form, formData);
                        if (findElement instanceof FileDownloadSecurity) {
                            z = findElement.isDownloadAllowed(httpServletRequest.getParameterMap());
                        }
                    }
                } catch (Exception e) {
                }
            }
            if (!z) {
                httpServletResponse.setDateHeader("Expires", System.currentTimeMillis() + 0);
                httpServletResponse.setHeader("Cache-Control", "no-cache, no-store");
                return new ApiResponse(HttpServletResponse.SC_NOT_FOUND, true);
            }
            FormRowSet load = form.getLoadBinder().load(form, str, formData);
            FormRow formRow = null;
            if (load != null && !load.isEmpty()) {
                formRow = (FormRow) load.get(0);
            }
            if (formRow == null || !formRow.containsKey(str2) || formRow.getProperty(str2).isEmpty()) {
                httpServletResponse.setDateHeader("Expires", System.currentTimeMillis() + 0);
                httpServletResponse.setHeader("Cache-Control", "no-cache, no-store");
                return new ApiResponse(HttpServletResponse.SC_NOT_FOUND, true);
            }
            ServletOutputStream outputStream = httpServletResponse.getOutputStream();
            ZipOutputStream zipOutputStream = null;
            try {
                String[] split = formRow.getProperty(str2).split(";");
                ArrayList<File> arrayList = new ArrayList();
                for (String str4 : split) {
                    File file = FileUtil.getFile(str4, str3, str);
                    if (file.exists() && !file.isDirectory()) {
                        arrayList.add(file);
                    }
                }
                if (arrayList.isEmpty()) {
                    httpServletResponse.setDateHeader("Expires", System.currentTimeMillis() + 0);
                    httpServletResponse.setHeader("Cache-Control", "no-cache, no-store");
                    ApiResponse apiResponse = new ApiResponse(HttpServletResponse.SC_NOT_FOUND, true);
                    if (0 != 0) {
                        zipOutputStream.flush();
                        zipOutputStream.close();
                    }
                    outputStream.flush();
                    outputStream.close();
                    return apiResponse;
                }
                httpServletResponse.setContentType("application/zip");
                httpServletResponse.setHeader("Content-Disposition", "attachment; filename=" + str2 + ".zip");
                ZipOutputStream zipOutputStream2 = new ZipOutputStream(outputStream);
                for (File file2 : arrayList) {
                    if (file2.canRead()) {
                        FileInputStream fileInputStream = null;
                        try {
                            zipOutputStream2.putNextEntry(new ZipEntry(file2.getName()));
                            fileInputStream = new FileInputStream(file2);
                            byte[] bArr = new byte[4092];
                            while (true) {
                                int read = fileInputStream.read(bArr);
                                if (read == -1) {
                                    break;
                                }
                                zipOutputStream2.write(bArr, 0, read);
                            }
                            zipOutputStream2.closeEntry();
                            if (fileInputStream != null) {
                                fileInputStream.close();
                            }
                        } catch (Throwable th) {
                            if (fileInputStream != null) {
                                fileInputStream.close();
                            }
                            throw th;
                        }
                    }
                }
                ApiResponse apiResponse2 = new ApiResponse(HttpServletResponse.SC_OK, true);
                if (zipOutputStream2 != null) {
                    zipOutputStream2.flush();
                    zipOutputStream2.close();
                }
                outputStream.flush();
                outputStream.close();
                return apiResponse2;
            } catch (Throwable th2) {
                if (0 != 0) {
                    zipOutputStream.flush();
                    zipOutputStream.close();
                }
                outputStream.flush();
                outputStream.close();
                throw th2;
            }
        } catch (Exception e2) {
            LogUtil.error(getClassName(), e2, str);
            return new ApiResponse(HttpServletResponse.SC_METHOD_NOT_ALLOWED, AppPluginUtil.getMessage("FormAPI.resp.405", getClassName(), getResourceBundlePath()));
        }
    }

    protected Form getForm() {
        AppDefinition currentAppDefinition = AppUtil.getCurrentAppDefinition();
        FormService formService = (FormService) AppUtil.getApplicationContext().getBean("formService");
        Form form = null;
        FormDefinition loadById = ((FormDefinitionDao) AppUtil.getApplicationContext().getBean("formDefinitionDao")).loadById(getPropertyString("formDefId"), currentAppDefinition);
        if (loadById != null && loadById.getJson() != null) {
            form = (Form) formService.createElementFromJson(AppUtil.processHashVariable(loadById.getJson(), (WorkflowAssignment) null, "json", (Map) null));
        }
        return form;
    }

    @Override // org.joget.api.model.ApiPluginAbstract, org.joget.api.model.ApiPlugin
    public Map<String, ApiDefinition> getDefinitions() {
        HashMap hashMap = new HashMap();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put(TagAttributeInfo.ID, String.class);
        linkedHashMap.put("errors", Map.class);
        hashMap.put("FormDataResponse", new ApiDefinition((Map<String, Class>) linkedHashMap));
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("type", "object");
            JSONOrderedObject jSONOrderedObject = new JSONOrderedObject();
            jSONOrderedObject.put(TagAttributeInfo.ID, ApiService.getSchema(String.class, null, false));
            recursiveGenerateDefinition(new FormData(), jSONOrderedObject, getForm(), false);
            jSONOrderedObject.put("dateCreated", ApiService.getSchema(Date.class, null, false));
            jSONOrderedObject.put("dateModified", ApiService.getSchema(Date.class, null, false));
            jSONOrderedObject.put("createdBy", ApiService.getSchema(String.class, null, false));
            jSONOrderedObject.put("createdByName", ApiService.getSchema(String.class, null, false));
            jSONOrderedObject.put("modifiedBy", ApiService.getSchema(String.class, null, false));
            jSONOrderedObject.put("modifiedByName", ApiService.getSchema(String.class, null, false));
            jSONObject.put("properties", jSONOrderedObject);
        } catch (Exception e) {
            LogUtil.error(getClassName(), e, "");
        }
        hashMap.put(getPropertyString("formDefId") + "-FormData", new ApiDefinition(jSONObject));
        JSONObject jSONObject2 = new JSONObject();
        try {
            jSONObject2.put("type", "object");
            JSONOrderedObject jSONOrderedObject2 = new JSONOrderedObject();
            jSONOrderedObject2.put(TagAttributeInfo.ID, ApiService.getSchema(String.class, null, false));
            recursiveGenerateDefinition(new FormData(), jSONOrderedObject2, getForm(), true);
            jSONOrderedObject2.put("dateCreated", ApiService.getSchema(Date.class, null, false));
            jSONOrderedObject2.put("dateModified", ApiService.getSchema(Date.class, null, false));
            jSONOrderedObject2.put("createdBy", ApiService.getSchema(String.class, null, false));
            jSONOrderedObject2.put("createdByName", ApiService.getSchema(String.class, null, false));
            jSONOrderedObject2.put("modifiedBy", ApiService.getSchema(String.class, null, false));
            jSONOrderedObject2.put("modifiedByName", ApiService.getSchema(String.class, null, false));
            jSONObject2.put("properties", jSONOrderedObject2);
        } catch (Exception e2) {
            LogUtil.error(getClassName(), e2, "");
        }
        hashMap.put(getPropertyString("formDefId") + "-FormDataWithFiles", new ApiDefinition(jSONObject2));
        return hashMap;
    }

    protected void handleGridData(Element element, FormData formData) throws JSONException {
        if (BooleanUtils.TRUE.equalsIgnoreCase(getPropertyString("ignorePermission")) || !(!element.isAuthorize(formData).booleanValue() || FormUtil.isHidden(element, formData) || FormUtil.isReadonly(element, formData))) {
            if (!(element instanceof Grid) && !(element instanceof GridInnerDataRetriever)) {
                Collection children = element.getChildren(formData);
                if (children == null || children.isEmpty()) {
                    return;
                }
                Iterator it = children.iterator();
                while (it.hasNext()) {
                    handleGridData((Element) it.next(), formData);
                }
                return;
            }
            String propertyString = element.getPropertyString(TagAttributeInfo.ID);
            if (element.getCustomParameterName() != null) {
                propertyString = element.getCustomParameterName();
            }
            String requestParameter = formData.getRequestParameter(propertyString);
            if (requestParameter == null || requestParameter.isEmpty()) {
                return;
            }
            if (!requestParameter.startsWith("[") || !requestParameter.endsWith("]")) {
                requestParameter = "[" + requestParameter + "]";
            }
            APIFormUtil.setGridData(element, formData, new JSONArray(requestParameter));
        }
    }

    protected void checkElementPermission(Element element, Map<String, Object> map, FormData formData, Set<String> set, Boolean bool, Boolean bool2) {
        Collection children;
        if ((element instanceof Form) && (element.getParent() == null || (element.getParent() != null && bool2 != null && !bool2.booleanValue()))) {
            set.addAll(map.keySet());
            set.remove(TagAttributeInfo.ID);
            set.remove("dateCreated");
            set.remove("createdByName");
            set.remove("createdBy");
            set.remove("dateModified");
            set.remove("modifiedByName");
            set.remove("modifiedBy");
        }
        boolean booleanValue = element.isAuthorize(formData).booleanValue();
        String propertyString = element.getPropertyString(TagAttributeInfo.ID);
        if (booleanValue && !FormUtil.isHidden(element, formData)) {
            Collection dynamicFieldNames = element.getDynamicFieldNames();
            if (dynamicFieldNames != null && dynamicFieldNames.isEmpty()) {
                Iterator it = dynamicFieldNames.iterator();
                while (it.hasNext()) {
                    set.remove((String) it.next());
                }
            }
            if ((element instanceof Grid) || (element instanceof GridInnerDataRetriever)) {
                set.remove(propertyString);
                if (map.containsKey(propertyString) && (map.get(propertyString) instanceof Collection)) {
                    HashSet hashSet = new HashSet();
                    Object property = element.getProperty("options");
                    if (property != null && (property instanceof Collection)) {
                        Iterator it2 = ((FormRowSet) property).iterator();
                        while (it2.hasNext()) {
                            Object obj = ((Map) it2.next()).get("value");
                            if (obj != null) {
                                hashSet.add(obj.toString());
                            }
                        }
                    }
                    hashSet.add(TagAttributeInfo.ID);
                    hashSet.add("dateCreated");
                    hashSet.add("createdByName");
                    hashSet.add("createdBy");
                    hashSet.add("dateModified");
                    hashSet.add("modifiedByName");
                    hashSet.add("modifiedBy");
                    for (Map map2 : (Collection) map.get(propertyString)) {
                        HashSet hashSet2 = new HashSet();
                        for (String str : map2.keySet()) {
                            if (!hashSet.contains(str)) {
                                hashSet2.add(str);
                            }
                        }
                        Iterator it3 = hashSet2.iterator();
                        while (it3.hasNext()) {
                            map2.remove((String) it3.next());
                        }
                    }
                }
            } else if (!(element instanceof FormContainer)) {
                set.remove(propertyString);
            } else if ((element instanceof AbstractSubForm) && bool != null && bool.booleanValue()) {
                Map<String, Object> map3 = null;
                if ((bool2 == null || !bool2.booleanValue()) && map.containsKey(propertyString)) {
                    HashSet hashSet3 = new HashSet();
                    try {
                        map3 = (Map) map.get(propertyString);
                    } catch (Exception e) {
                        LogUtil.debug(AppFormAPI.class.getName(), propertyString + " can't cast to map");
                    }
                    if (map3 != null && (children = element.getChildren(formData)) != null && !children.isEmpty()) {
                        Iterator it4 = children.iterator();
                        while (it4.hasNext()) {
                            checkElementPermission((Element) it4.next(), map3, formData, hashSet3, bool, bool2);
                        }
                    }
                }
            } else {
                Collection children2 = element.getChildren(formData);
                if (children2 != null && !children2.isEmpty()) {
                    Iterator it5 = children2.iterator();
                    while (it5.hasNext()) {
                        checkElementPermission((Element) it5.next(), map, formData, set, bool, bool2);
                    }
                }
            }
        }
        if (element instanceof Form) {
            if (element.getParent() == null || !(element.getParent() == null || bool2 == null || bool2.booleanValue())) {
                Iterator<String> it6 = set.iterator();
                while (it6.hasNext()) {
                    map.remove(it6.next());
                }
            }
        }
    }

    protected void recursiveGenerateDefinition(FormData formData, JSONObject jSONObject, Element element, boolean z) throws JSONException {
        Collection dynamicFieldNames = element.getDynamicFieldNames();
        String propertyString = element.getPropertyString(TagAttributeInfo.ID);
        if (z && element.getCustomParameterName() != null) {
            propertyString = element.getCustomParameterName();
        }
        String propertyString2 = element.getPropertyString("label");
        if (dynamicFieldNames != null && dynamicFieldNames.isEmpty()) {
            Iterator it = dynamicFieldNames.iterator();
            while (it.hasNext()) {
                jSONObject.put((String) it.next(), ApiService.getSchema(String.class, null, false));
            }
        }
        if ((element instanceof Grid) || (element instanceof GridInnerDataRetriever)) {
            JSONObject jSONObject2 = new JSONObject();
            jSONObject2.put("type", "array");
            JSONObject jSONObject3 = new JSONObject();
            jSONObject2.put("items", jSONObject3);
            jSONObject3.put("type", "object");
            JSONOrderedObject jSONOrderedObject = new JSONOrderedObject();
            jSONOrderedObject.put(TagAttributeInfo.ID, ApiService.getSchema(String.class, null, false));
            Object property = element.getProperty("options");
            if (property != null && (property instanceof Collection)) {
                Iterator it2 = ((ArrayList) property).iterator();
                while (it2.hasNext()) {
                    jSONOrderedObject.put(((Map) it2.next()).get("value").toString(), ApiService.getSchema(String.class, null, false));
                }
            }
            jSONObject3.put("properties", jSONOrderedObject);
            if (z) {
                jSONObject2.put("description", propertyString2);
            }
            jSONObject.put(propertyString, jSONObject2);
            return;
        }
        if (!(element instanceof FormContainer)) {
            if (z && (element instanceof FileUpload)) {
                jSONObject.put(propertyString, ApiService.getSchema(File.class, null, false, propertyString2));
                return;
            } else {
                jSONObject.put(propertyString, ApiService.getSchema(String.class, null, false, propertyString2));
                return;
            }
        }
        if (!(element instanceof AbstractSubForm)) {
            Collection children = element.getChildren(formData);
            if (children == null || children.isEmpty()) {
                return;
            }
            Iterator it3 = children.iterator();
            while (it3.hasNext()) {
                recursiveGenerateDefinition(formData, jSONObject, (Element) it3.next(), z);
            }
            return;
        }
        JSONObject jSONObject4 = new JSONObject();
        jSONObject4.put("type", "object");
        JSONOrderedObject jSONOrderedObject2 = new JSONOrderedObject();
        Collection<Element> children2 = element.getChildren(formData);
        if (children2 != null && !children2.isEmpty()) {
            for (Element element2 : children2) {
                if (z) {
                    recursiveGenerateDefinition(formData, jSONObject, element2, z);
                } else {
                    recursiveGenerateDefinition(formData, jSONOrderedObject2, element2, z);
                }
            }
        }
        if (z) {
            return;
        }
        jSONObject4.put("properties", jSONOrderedObject2);
        jSONObject.put(propertyString, jSONObject4);
    }

    @Override // org.joget.api.model.ApiPluginAbstract, org.joget.api.model.ApiPlugin
    public String getResourceBundlePath() {
        return Activator.MESSAGE_PATH;
    }
}
