package com.xpn.xwiki.store.hibernate.query;

import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import com.xpn.xwiki.internal.store.hibernate.query.HqlQueryUtils;
import com.xpn.xwiki.store.XWikiHibernateBaseStore;
import com.xpn.xwiki.store.XWikiHibernateStore;
import com.xpn.xwiki.store.hibernate.HibernateSessionFactory;
import com.xpn.xwiki.util.Util;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
import org.apache.commons.lang3.StringUtils;
import org.hibernate.SQLQuery;
import org.hibernate.Session;
import org.hibernate.engine.NamedQueryDefinition;
import org.hibernate.engine.NamedSQLQueryDefinition;
import org.xwiki.component.annotation.Component;
import org.xwiki.component.manager.ComponentLookupException;
import org.xwiki.component.manager.ComponentManager;
import org.xwiki.component.phase.Initializable;
import org.xwiki.component.phase.InitializationException;
import org.xwiki.context.Execution;
import org.xwiki.job.event.status.JobProgressManager;
import org.xwiki.query.Query;
import org.xwiki.query.QueryException;
import org.xwiki.query.QueryExecutor;
import org.xwiki.query.QueryFilter;
import org.xwiki.query.QueryParameter;
import org.xwiki.query.SecureQuery;
import org.xwiki.query.WrappingQuery;
import org.xwiki.security.authorization.ContextualAuthorizationManager;
import org.xwiki.security.authorization.Right;

@Singleton
@Component
@Named(Query.HQL)
/* loaded from: input_file:WEB-INF/lib/xwiki-platform-legacy-oldcore-9.11.4.jar:com/xpn/xwiki/store/hibernate/query/HqlQueryExecutor.class */
public class HqlQueryExecutor implements QueryExecutor, Initializable {
    private static final String MAPPING_PATH = "queries.hbm.xml";
    private static final String ESCAPE_LIKE_PARAMETERS_FILTER = "escapeLikeParameters";

    @Inject
    private HibernateSessionFactory sessionFactory;

    @Inject
    private Execution execution;

    @Inject
    private ContextualAuthorizationManager authorization;

    @Inject
    private JobProgressManager progress;

    @Inject
    @Named("context")
    private Provider<ComponentManager> componentManagerProvider;
    private volatile Set<String> allowedNamedQueries;

    @Override // org.xwiki.component.phase.Initializable
    public void initialize() throws InitializationException {
        this.sessionFactory.getConfiguration().addInputStream(Util.getResourceAsStream(MAPPING_PATH));
    }

    private Set<String> getAllowedNamedQueries() {
        if (this.allowedNamedQueries == null) {
            synchronized (this) {
                if (this.allowedNamedQueries == null) {
                    this.allowedNamedQueries = new HashSet();
                    for (Map.Entry<String, NamedQueryDefinition> entry : this.sessionFactory.getConfiguration().getNamedQueries().entrySet()) {
                        if (HqlQueryUtils.isSafe(entry.getValue().getQuery())) {
                            this.allowedNamedQueries.add(entry.getKey());
                        }
                    }
                }
            }
        }
        return this.allowedNamedQueries;
    }

    protected static boolean isSafeSelect(String str) {
        return HqlQueryUtils.isShortFormStatement(str) || HqlQueryUtils.isSafe(str);
    }

    protected void checkAllowed(Query query) throws QueryException {
        if ((query instanceof SecureQuery) && ((SecureQuery) query).isCurrentAuthorChecked() && !this.authorization.hasAccess(Right.PROGRAM)) {
            if (query.isNamed() && !getAllowedNamedQueries().contains(query.getStatement())) {
                throw new QueryException("Named queries requires programming right", query, null);
            }
            if (!isSafeSelect(query.getStatement())) {
                throw new QueryException("The query requires programming right", query, null);
            }
        }
    }

    @Override // org.xwiki.query.QueryExecutor
    public <T> List<T> execute(final Query query) throws QueryException {
        checkAllowed(query);
        String wikiId = getContext().getWikiId();
        try {
            try {
                this.progress.startStep(query, "query.hql.progress.execute", "Execute HQL query [{}]", query);
                if (query.getWiki() != null) {
                    getContext().setWikiId(query.getWiki());
                }
                List<T> list = (List) getStore().executeRead(getContext(), new XWikiHibernateBaseStore.HibernateCallback<List<T>>() { // from class: com.xpn.xwiki.store.hibernate.query.HqlQueryExecutor.1
                    @Override // com.xpn.xwiki.store.XWikiHibernateBaseStore.HibernateCallback
                    public List<T> doInHibernate(Session session) {
                        List list2 = HqlQueryExecutor.this.createHibernateQuery(session, query).list();
                        if (query.getFilters() != null && !query.getFilters().isEmpty()) {
                            Iterator<QueryFilter> it = query.getFilters().iterator();
                            while (it.hasNext()) {
                                list2 = it.next().filterResults(list2);
                            }
                        }
                        return list2;
                    }
                });
                getContext().setWikiId(wikiId);
                this.progress.endStep(query);
                return list;
            } catch (XWikiException e) {
                throw new QueryException("Exception while executing query", query, e);
            }
        } catch (Throwable th) {
            getContext().setWikiId(wikiId);
            this.progress.endStep(query);
            throw th;
        }
    }

    protected org.hibernate.Query createHibernateQuery(Session session, Query query) {
        org.hibernate.Query createNamedHibernateQuery;
        if (query.isNamed()) {
            createNamedHibernateQuery = createNamedHibernateQuery(session, query);
        } else {
            Query filterQuery = filterQuery(new WrappingQuery(query) { // from class: com.xpn.xwiki.store.hibernate.query.HqlQueryExecutor.2
                @Override // org.xwiki.query.WrappingQuery, org.xwiki.query.Query
                public String getStatement() {
                    return HqlQueryExecutor.this.completeShortFormStatement(getWrappedQuery().getStatement());
                }
            }, Query.HQL);
            createNamedHibernateQuery = session.createQuery(filterQuery.getStatement());
            populateParameters(createNamedHibernateQuery, filterQuery);
        }
        return createNamedHibernateQuery;
    }

    private Query filterQuery(Query query, String str) {
        Query query2 = query;
        addEscapeLikeParametersFilter(query);
        if (query.getFilters() != null && !query.getFilters().isEmpty()) {
            for (QueryFilter queryFilter : query.getFilters()) {
                final String filterStatement = queryFilter.filterStatement(query2.getStatement(), str);
                if (!filterStatement.equals(query2.getStatement())) {
                    query2 = new WrappingQuery(query2) { // from class: com.xpn.xwiki.store.hibernate.query.HqlQueryExecutor.3
                        @Override // org.xwiki.query.WrappingQuery, org.xwiki.query.Query
                        public String getStatement() {
                            return filterStatement;
                        }
                    };
                }
                query2 = queryFilter.filterQuery(query2);
            }
        }
        return query2;
    }

    private void addEscapeLikeParametersFilter(Query query) {
        if (hasQueryParametersType(query)) {
            try {
                QueryFilter queryFilter = (QueryFilter) this.componentManagerProvider.get().getInstance(QueryFilter.class, ESCAPE_LIKE_PARAMETERS_FILTER);
                boolean z = false;
                Iterator<QueryFilter> it = query.getFilters().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    } else if (queryFilter.getClass().getName().equals(it.next().getClass().getName())) {
                        z = true;
                        break;
                    }
                }
                if (z) {
                    return;
                }
                query.addFilter(queryFilter);
            } catch (ComponentLookupException e) {
                throw new RuntimeException(String.format("Failed to locate [%s] Query Filter", ESCAPE_LIKE_PARAMETERS_FILTER), e);
            }
        }
    }

    private boolean hasQueryParametersType(Query query) {
        boolean z = false;
        Iterator<Object> it = query.getNamedParameters().values().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (it.next() instanceof QueryParameter) {
                z = true;
                break;
            }
        }
        if (!z) {
            Iterator<Object> it2 = query.getPositionalParameters().values().iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                if (it2.next() instanceof QueryParameter) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }

    protected String completeShortFormStatement(String str) {
        String trim = str.toLowerCase().trim();
        return (trim.isEmpty() || trim.startsWith(",") || trim.startsWith("where ") || trim.startsWith("order by ")) ? "select doc.fullName from XWikiDocument doc " + str.trim() : str;
    }

    private org.hibernate.Query createNamedHibernateQuery(Session session, Query query) {
        org.hibernate.Query namedQuery = session.getNamedQuery(query.getStatement());
        Query query2 = query;
        if (query2.getFilters() != null && !query2.getFilters().isEmpty()) {
            boolean z = namedQuery instanceof SQLQuery;
            String str = z ? "sql" : Query.HQL;
            final String queryString = namedQuery.getQueryString();
            query2 = filterQuery(new WrappingQuery(query2) { // from class: com.xpn.xwiki.store.hibernate.query.HqlQueryExecutor.4
                @Override // org.xwiki.query.WrappingQuery, org.xwiki.query.Query
                public String getStatement() {
                    return queryString;
                }
            }, str);
            if (z) {
                namedQuery = session.createSQLQuery(query2.getStatement());
                NamedSQLQueryDefinition namedSQLQueryDefinition = (NamedSQLQueryDefinition) this.sessionFactory.getConfiguration().getNamedSQLQueries().get(query.getStatement());
                if (!StringUtils.isEmpty(namedSQLQueryDefinition.getResultSetRef())) {
                    ((SQLQuery) namedQuery).setResultSetMapping(namedSQLQueryDefinition.getResultSetRef());
                }
            } else {
                namedQuery = session.createQuery(query2.getStatement());
            }
        }
        populateParameters(namedQuery, query2);
        return namedQuery;
    }

    protected void populateParameters(org.hibernate.Query query, Query query2) {
        if (query2.getOffset() > 0) {
            query.setFirstResult(query2.getOffset());
        }
        if (query2.getLimit() > 0) {
            query.setMaxResults(query2.getLimit());
        }
        for (Map.Entry<String, Object> entry : query2.getNamedParameters().entrySet()) {
            setNamedParameter(query, entry.getKey(), entry.getValue());
        }
        if (query2.getPositionalParameters().size() > 0) {
            if (((Integer) Collections.min(query2.getPositionalParameters().keySet())).intValue() == 0) {
                for (Map.Entry<Integer, Object> entry2 : query2.getPositionalParameters().entrySet()) {
                    query.setParameter(entry2.getKey().intValue(), entry2.getValue());
                }
                return;
            }
            for (Map.Entry<Integer, Object> entry3 : query2.getPositionalParameters().entrySet()) {
                setNamedParameter(query, String.valueOf(entry3.getKey()), entry3.getValue());
            }
        }
    }

    protected void setNamedParameter(org.hibernate.Query query, String str, Object obj) {
        if (obj instanceof Collection) {
            query.setParameterList(str, (Collection) obj);
        } else if (obj.getClass().isArray()) {
            query.setParameterList(str, (Object[]) obj);
        } else {
            query.setParameter(str, obj);
        }
    }

    protected XWikiHibernateStore getStore() {
        return getContext().getWiki().getHibernateStore();
    }

    protected XWikiContext getContext() {
        return (XWikiContext) this.execution.getContext().getProperty("xwikicontext");
    }
}
