package com.datacloudsec.scan.handler;

import com.datacloudsec.exception.UEException;
import com.datacloudsec.response.XmlResponse;
import com.datacloudsec.scan.cache.Task;
import com.datacloudsec.scan.common.Config;
import com.datacloudsec.scan.dao.EngineMapper;
import com.datacloudsec.scan.dao.ReportMapper;
import com.datacloudsec.scan.entity.User;
import com.datacloudsec.scan.service.IConfig;
import com.datacloudsec.scan.service.IUser;
import com.datacloudsec.scan.service.IWeb;
import com.datacloudsec.scan.service.IWebTemp;
import com.datacloudsec.scan.service.impl.ConfigService;
import com.datacloudsec.scan.service.impl.UserService;
import com.datacloudsec.scan.service.impl.WebService;
import com.datacloudsec.scan.service.impl.WebTempService;
import com.datacloudsec.scan.tasks.InitSystemTask;
import com.datacloudsec.utils.InstanceUtil;
import com.datacloudsec.utils.JsonUtil;
import com.datacloudsec.utils.ObjectUtil;
import com.datacloudsec.utils.SecretUtil;
import com.datacloudsec.utils.XmlUtils;
import com.google.common.collect.ImmutableMap;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.dom4j.Document;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;

/* loaded from: input_file:com/datacloudsec/scan/handler/SuyanWebscan.class */
public class SuyanWebscan extends HttpServlet {
    private static final long serialVersionUID = -1596174938854213611L;
    private static final Logger LOG = Logger.getLogger(SuyanWebscan.class);
    public static Map<String, Object> userToken = new HashMap();
    private IUser userService = (IUser) InstanceUtil.newServiceInstance(UserService.class);
    private IWeb webService = (IWeb) InstanceUtil.newServiceInstance(WebService.class);
    private ReportMapper reportMapper = (ReportMapper) InstanceUtil.newDaoInstance(ReportMapper.class);
    private IConfig configService = (IConfig) InstanceUtil.newServiceInstance(ConfigService.class);
    private IWebTemp webTempService = (IWebTemp) InstanceUtil.newServiceInstance(WebTempService.class);
    private EngineMapper engineMapper = (EngineMapper) InstanceUtil.newDaoInstance(EngineMapper.class);

    private Map<String, Object> getParams(HttpServletRequest httpServletRequest) throws Exception {
        String parameter = httpServletRequest.getParameter("xml");
        if (StringUtils.isNotBlank(parameter)) {
            return XmlUtils.xml2Map(parameter);
        }
        String iOUtils = IOUtils.toString(httpServletRequest.getInputStream(), "UTF8");
        if (StringUtils.isNotBlank(iOUtils)) {
            return XmlUtils.xml2Map(iOUtils);
        }
        return null;
    }

    private void results(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i, String str) {
        XmlResponse xmlResponse = new XmlResponse(true, false);
        HashMap hashMap = new HashMap();
        hashMap.put("response_code", Integer.valueOf(i));
        hashMap.put("response_msg", str);
        xmlResponse.putObj("root", hashMap);
        xmlResponse.shipToResponse(httpServletRequest, httpServletResponse);
    }

    private String validateLic(HttpServletRequest httpServletRequest) {
        int valudate = InitSystemTask.licenseApp.valudate();
        if (valudate == 0) {
            return null;
        }
        String str = "许可授权不正确，请联系技术人员";
        if (valudate == 2) {
            str = "许可文件未找到";
        } else if (valudate == 3) {
            str = "许可文件格式错误";
        } else if (valudate == 6) {
            str = "许可授权时间错误";
        } else if (valudate == 7) {
            str = "许可产品码错误";
        } else if (valudate == 8) {
            str = "许可使用次数已用完";
        } else if (valudate == 10) {
            str = "许可非授权给当前机器";
        }
        LOG.error("许可验证未通过，code = " + valudate);
        return str;
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (validateLic(httpServletRequest) != null) {
            results(httpServletRequest, httpServletResponse, 20, "您未购买数据接口模块或者证书已到期，请确认！");
            return;
        }
        String replaceAll = httpServletRequest.getRequestURI().replaceAll("/+$", "");
        String substring = replaceAll.substring(replaceAll.lastIndexOf("/") + 1);
        if ("login".equals(substring)) {
            try {
                login(httpServletRequest, httpServletResponse);
                return;
            } catch (Exception e) {
                return;
            }
        }
        try {
            if (!auth(httpServletRequest, httpServletResponse)) {
                return;
            }
        } catch (Exception e2) {
            LOG.error("", e2);
        }
        Map<String, Object> map = null;
        try {
            map = getParams(httpServletRequest);
        } catch (Exception e3) {
            LOG.error("", e3);
        }
        if ("newTaskftp".equals(substring)) {
            try {
                results(httpServletRequest, httpServletResponse, 10, "任务创建成功，任务号：" + newTaskftp(httpServletRequest, httpServletResponse, map));
                return;
            } catch (Exception e4) {
                LOG.error("", e4);
                results(httpServletRequest, httpServletResponse, 26, e4 instanceof UEException ? e4.getMessage() : "创建任务失败");
                return;
            }
        }
        if ("stopTask".equals(substring)) {
            try {
                stopTask(httpServletRequest, httpServletResponse, map);
                results(httpServletRequest, httpServletResponse, 10, "停止成功");
                return;
            } catch (Exception e5) {
                LOG.error("", e5);
                results(httpServletRequest, httpServletResponse, 26, e5 instanceof UEException ? e5.getMessage() : "停止失败");
                return;
            }
        }
        if ("pauseTask".equals(substring)) {
            try {
                pauseTask(httpServletRequest, httpServletResponse, map);
                results(httpServletRequest, httpServletResponse, 10, "暂停成功");
                return;
            } catch (Exception e6) {
                LOG.error("", e6);
                results(httpServletRequest, httpServletResponse, 26, e6 instanceof UEException ? e6.getMessage() : "暂停失败");
                return;
            }
        }
        if ("resumeTask".equals(substring) || "createTask".equals(substring)) {
            try {
                resumeTask(httpServletRequest, httpServletResponse, map);
                results(httpServletRequest, httpServletResponse, 10, "扫描操作成功");
                return;
            } catch (Exception e7) {
                LOG.error("", e7);
                results(httpServletRequest, httpServletResponse, 26, e7 instanceof UEException ? e7.getMessage() : "扫描任务失败");
                return;
            }
        }
        if ("rescanTask".equals(substring)) {
            try {
                rescanTask(httpServletRequest, httpServletResponse, map);
                results(httpServletRequest, httpServletResponse, 10, "重新扫描操作成功");
                return;
            } catch (Exception e8) {
                LOG.error("", e8);
                results(httpServletRequest, httpServletResponse, 26, e8 instanceof UEException ? e8.getMessage() : "重新扫描失败");
                return;
            }
        }
        if ("deleteTask".equals(substring)) {
            try {
                deleteTask(httpServletRequest, httpServletResponse, map);
                results(httpServletRequest, httpServletResponse, 10, "删除成功");
                return;
            } catch (Exception e9) {
                LOG.error("", e9);
                results(httpServletRequest, httpServletResponse, 26, e9 instanceof UEException ? e9.getMessage() : "删除失败");
                return;
            }
        }
        if ("taskStatus".equals(substring)) {
            try {
                taskStatus(httpServletRequest, httpServletResponse, map);
                return;
            } catch (Exception e10) {
                LOG.error("", e10);
                results(httpServletRequest, httpServletResponse, 26, "获取任务状态失败");
                return;
            }
        }
        if ("getTaskreport".equals(substring)) {
            try {
                getTaskreport(httpServletRequest, httpServletResponse, map);
                return;
            } catch (Exception e11) {
                LOG.error("", e11);
                results(httpServletRequest, httpServletResponse, 26, "获取任务报告失败");
                return;
            }
        }
        if ("pluginTemplateList".equals(substring)) {
            try {
                pluginTemplateList(httpServletRequest, httpServletResponse);
                return;
            } catch (Exception e12) {
                LOG.error("", e12);
                results(httpServletRequest, httpServletResponse, 26, "查看插件模板信息失败");
                return;
            }
        }
        if (!"sysStatus".equals(substring)) {
            results(httpServletRequest, httpServletResponse, 23, "接口不存在（404）");
            return;
        }
        try {
            sysStatus(httpServletRequest, httpServletResponse, map);
        } catch (Exception e13) {
            LOG.error("", e13);
            results(httpServletRequest, httpServletResponse, 26, "获取系统CPU，内存信息失败");
        }
    }

    private boolean auth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        Map<String, String> readCookieMap = readCookieMap(httpServletRequest);
        String str = StringUtils.isNotBlank(readCookieMap.get("sessionid")) ? readCookieMap.get("sessionid") : readCookieMap.get("JSESSIONID");
        Map map = (Map) userToken.get(str);
        if (MapUtils.isEmpty(map)) {
            results(httpServletRequest, httpServletResponse, 40, " 您未登陆，请先登录");
            return false;
        }
        String str2 = (String) map.get("username");
        if (str2 == null) {
            results(httpServletRequest, httpServletResponse, 40, " 您未登陆，请先登录");
            return false;
        }
        if (this.userService.getUserByName(str2) == null) {
            results(httpServletRequest, httpServletResponse, 40, " 您未登陆，请先登录");
            return false;
        }
        long longValue = ObjectUtil.getLong(map.get("time"), 0L).longValue();
        int maxInactiveInterval = httpServletRequest.getSession().getMaxInactiveInterval() / 60;
        if (((System.currentTimeMillis() - longValue) / 1000) / 60 <= maxInactiveInterval) {
            userToken.put(str, ImmutableMap.builder().put("username", str2).put("time", Long.valueOf(System.currentTimeMillis())).build());
            return true;
        }
        userToken.remove(str);
        results(httpServletRequest, httpServletResponse, 40, "登录超时（" + maxInactiveInterval + "分钟）");
        return false;
    }

    private void login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        try {
            Map<String, Object> params = getParams(httpServletRequest);
            if (MapUtils.isEmpty(params)) {
                results(httpServletRequest, httpServletResponse, 30, "构造xml格式有误或请求url有误，请确认！");
                return;
            }
            String string = ObjectUtil.getString(params.get("username"), "");
            String string2 = ObjectUtil.getString(params.get("password"), null);
            if (StringUtils.isBlank(string) || StringUtils.isBlank(string2)) {
                results(httpServletRequest, httpServletResponse, 22, "用户名或密码不能为空！");
                return;
            }
            User userByName = this.userService.getUserByName(string);
            if (userByName == null) {
                results(httpServletRequest, httpServletResponse, 27, "用户名或密码错误，请重试！");
                return;
            }
            if (!SecretUtil.digestSha1(string2, SecretUtil.SHA1).equalsIgnoreCase(userByName.getPassword())) {
                results(httpServletRequest, httpServletResponse, 27, "用户名或密码错误，请重试！");
                return;
            }
            if (SecretUtil.digestSha1(string2, SecretUtil.SHA1).equalsIgnoreCase("7c4a8d09ca3762af61e59520943dc26494f8941b")) {
                results(httpServletRequest, httpServletResponse, 29, "您正在使用的是产品的默认密码，为了安全起见，请修改密码！");
                return;
            }
            this.userService.loginInfo(httpServletRequest, userByName);
            Map<String, String> readCookieMap = readCookieMap(httpServletRequest);
            userToken.put(StringUtils.isNotBlank(readCookieMap.get("sessionid")) ? readCookieMap.get("sessionid") : readCookieMap.get("JSESSIONID"), ImmutableMap.builder().put("username", string).put("time", Long.valueOf(System.currentTimeMillis())).build());
            results(httpServletRequest, httpServletResponse, 10, "登录成功！");
        } catch (Exception e) {
            results(httpServletRequest, httpServletResponse, 30, "构造xml格式有误或请求url有误，请确认！");
        }
    }

    private static Map<String, String> readCookieMap(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                hashMap.put(cookie.getName(), cookie.getValue());
            }
        }
        return hashMap;
    }

    private Map<String, Object> defaultConf(String str) throws Exception {
        List<Map> list = (List) Task.getInstance().getConfig().get(str);
        HashMap hashMap = new HashMap();
        for (Map map : list) {
            if (map.containsKey("childs")) {
                for (Map map2 : (List) map.get("childs")) {
                    String string = ObjectUtil.getString(map2.get("value"), "");
                    if ("select".equals(ObjectUtil.getString(map2.get("type"), ""))) {
                        hashMap.put(ObjectUtil.getString(map2.get("name"), ""), string.split("\\|")[0]);
                    } else {
                        hashMap.put(ObjectUtil.getString(map2.get("name"), ""), string);
                    }
                }
            } else {
                String string2 = ObjectUtil.getString(map.get("value"), "");
                if ("select".equals(ObjectUtil.getString(map.get("type"), ""))) {
                    hashMap.put(ObjectUtil.getString(map.get("name"), ""), string2.split("\\|")[0]);
                } else {
                    hashMap.put(ObjectUtil.getString(map.get("name"), ""), string2);
                }
            }
        }
        return hashMap;
    }

    private Integer newTaskftp(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws Exception {
        HttpSession session = httpServletRequest.getSession();
        Map map2 = (Map) map.get("base");
        String string = ObjectUtil.getString(map2.get("target"), "");
        String trim = ObjectUtil.getString(map2.get("task_name"), "").trim();
        Integer num = ObjectUtil.getInt(map2.get("plugin_template_id"));
        String str = (String) InitSystemTask.licenseApp.getLicenseLic().getParams().get("type");
        Map<String, Object> defaultConf = defaultConf("网站");
        if (MapUtils.isNotEmpty((Map) map.get("webauth"))) {
            Map map3 = (Map) map.get("item");
            if (MapUtils.isNotEmpty(map3)) {
                defaultConf.put("auth", map3.get("login_auth"));
                defaultConf.put("authUser", map3.get("login_username"));
                defaultConf.put("authPwd", map3.get("login_userpwd"));
                defaultConf.put("authDomain", "");
            }
            if (MapUtils.isNotEmpty((Map) map.get("proxy"))) {
                defaultConf.put("proxyType", map3.get("proxy_type"));
                defaultConf.put("proxyAuth", map3.get("auth"));
                defaultConf.put("proxyUsername", map3.get("proxy_username"));
                defaultConf.put("proxyPwd", map3.get("proxy_password"));
                defaultConf.put("proxyHost", map3.get("proxy_server"));
                defaultConf.put("proxyPort", map3.get("proxy_port"));
                defaultConf.put("proxyDomain", "");
            }
        }
        if (num != null && num.intValue() != 0) {
            defaultConf.put("policies", num);
        }
        String writeValueAsString = JsonUtil.MAPPER.writeValueAsString(defaultConf);
        ArrayList arrayList = new ArrayList();
        HashMap hashMap = new HashMap();
        hashMap.put("url", string);
        arrayList.add(hashMap);
        String writeValueAsString2 = JsonUtil.MAPPER_ESCAPE_HTML.writeValueAsString(arrayList);
        if ("tool".equalsIgnoreCase(str)) {
            Integer insert = this.webService.insert(session, trim, "", 1, "bug", "system", 1, "0:00", null, null, null, writeValueAsString2, null, null, null, null, null, null, null, null, null, null, writeValueAsString, "high,medium,low", 2, null);
            this.configService.setValue("suyanSendFtp_" + insert, ObjectUtil.getString(map2.get("sendReport_ftp"), "no").trim());
            return insert;
        }
        Integer insert2 = this.webService.insert(session, trim, "", 1, "bug,horse,keyword,tamper,avail,fish", "system", 1, "0:00", null, null, 1, writeValueAsString2, null, null, null, null, null, "imgMD5,title,delLinkRemind,newLinkRemind", 95, 1, "img,idCard", null, writeValueAsString, "high,medium,low", 2, null);
        this.configService.setValue("suyanSendFtp_" + insert2, ObjectUtil.getString(map2.get("sendReport_ftp"), "no").trim());
        return insert2;
    }

    private void stopTask(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws Exception {
        Integer num = ObjectUtil.getInt(map.get("task_id"));
        if (num == null) {
            throw new UEException("task_id不能为空");
        }
        if (this.webService.getTaskById(null, num) == null) {
            throw new UEException("任务不存在");
        }
        this.webService.stopScanTask(num);
    }

    private void pauseTask(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws Exception {
        Integer num = ObjectUtil.getInt(map.get("task_id"));
        if (num == null) {
            throw new UEException("task_id不能为空");
        }
        if (this.webService.getTaskById(null, num) == null) {
            throw new UEException("任务不存在");
        }
        this.webService.pauseScanTask(num);
    }

    private void resumeTask(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws Exception {
        Integer num = ObjectUtil.getInt(map.get("task_id"));
        if (num == null) {
            throw new UEException("task_id不能为空");
        }
        if (this.webService.getTaskById(null, num) == null) {
            throw new UEException("任务不存在");
        }
        this.webService.proceedStartTask(num);
    }

    private void rescanTask(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws Exception {
        Integer num = ObjectUtil.getInt(map.get("task_id"));
        if (num == null) {
            throw new UEException("task_id不能为空");
        }
        if (this.webService.getTaskById(null, num) == null) {
            throw new UEException("任务不存在");
        }
        this.webService.startScanTask(num);
    }

    private void deleteTask(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws Exception {
        Integer num = ObjectUtil.getInt(map.get("task_id"));
        if (num == null) {
            throw new UEException("task_id不能为空");
        }
        com.datacloudsec.scan.entity.Task taskById = this.webService.getTaskById(null, num);
        if (taskById == null) {
            throw new UEException("任务不存在");
        }
        this.webService.delete(httpServletRequest.getSession(), num, taskById.getVersion());
    }

    private void taskStatus(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws Exception {
        Integer num = ObjectUtil.getInt(map.get("task_id"));
        if (num == null) {
            results(httpServletRequest, httpServletResponse, 22, "task_id不能为空");
            return;
        }
        if (this.webService.getTaskById(null, num) == null) {
            results(httpServletRequest, httpServletResponse, 22, "任务不存在");
            return;
        }
        List<Map<String, Object>> devDetailByTid = this.webService.getDevDetailByTid(num);
        if (CollectionUtils.isEmpty(devDetailByTid)) {
            results(httpServletRequest, httpServletResponse, 22, "任务不存在");
            return;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("idle", 5);
        hashMap.put("scaning", 1);
        hashMap.put("finish", 6);
        hashMap.put("error", 7);
        hashMap.put("stop", 3);
        Map<String, Object> map2 = devDetailByTid.get(0);
        XmlResponse xmlResponse = new XmlResponse(true, false);
        HashMap hashMap2 = new HashMap();
        hashMap2.put("response_code", 10);
        hashMap2.put("response_msg", "success");
        hashMap2.put("task_status", hashMap.get(map2.get("status")));
        hashMap2.put("progress", map2.get("progress"));
        xmlResponse.putObj("root", hashMap2);
        xmlResponse.shipToResponse(httpServletRequest, httpServletResponse);
    }

    private void getTaskreport(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws Exception {
        Integer num = ObjectUtil.getInt(map.get("task_id"));
        if (num == null) {
            results(httpServletRequest, httpServletResponse, 22, "task_id不能为空");
            return;
        }
        com.datacloudsec.scan.entity.Task taskById = this.webService.getTaskById(null, num);
        if (taskById == null) {
            results(httpServletRequest, httpServletResponse, 22, "任务不存在");
            return;
        }
        List<Map<String, Object>> devDetailByTid = this.webService.getDevDetailByTid(num);
        if (CollectionUtils.isEmpty(devDetailByTid)) {
            results(httpServletRequest, httpServletResponse, 22, "任务不存在");
            return;
        }
        XmlResponse xmlResponse = new XmlResponse(true, false);
        xmlResponse.putObj("task_info", report(taskById, devDetailByTid.get(0)));
        xmlResponse.shipToResponse(httpServletRequest, httpServletResponse);
    }

    public Document report(com.datacloudsec.scan.entity.Task task, Map<String, Object> map) throws Exception {
        Integer num = ObjectUtil.getInt(map.get("id"));
        int i = ObjectUtil.getInt(this.reportMapper.webScoreById(ObjectUtil.getInt(map.get("id"))), 10);
        float f = i <= 10 ? 10.0f : (i <= 10 || i > 20) ? (i <= 30 || i > 40) ? (i <= 40 || i > 50) ? (i <= 50 || i > 60) ? (i <= 60 || i > 70) ? (i <= 70 || i > 80) ? (i <= 80 || i > 50) ? (i <= 85 || i > 90) ? 1.0f : 2.0f : 3.0f : 4.0f : 5.0f : 6.0f : 7.0f : 8.0f : 9.0f;
        HashMap hashMap = new HashMap();
        hashMap.put("idle", 0);
        hashMap.put("scaning", 1);
        hashMap.put("finish", 6);
        hashMap.put("error", 7);
        Document createDocument = DocumentHelper.createDocument();
        Element createElement = DocumentHelper.createElement("task_info");
        createDocument.add(createElement);
        createElement.addElement("task_name").addCDATA(task.getName());
        createElement.addElement("risk_point").addCDATA(new StringBuilder(String.valueOf(f)).toString());
        createElement.addElement("all_url").addCDATA(new StringBuilder().append(map.get("urlCount")).toString());
        createElement.addElement("start_time").addCDATA(new StringBuilder().append(map.get("startTime")).toString());
        createElement.addElement("end_time").addCDATA(new StringBuilder().append(map.get("end_time")).toString());
        createElement.addElement("targets").addCDATA(new StringBuilder().append(map.get("ip")).toString());
        Element addElement = createElement.addElement("site_status").addElement("site");
        addElement.addElement("site_url").addCDATA(new StringBuilder().append(map.get("ip")).toString());
        addElement.addElement("status").addCDATA(new StringBuilder().append(hashMap.get(map.get("status"))).toString());
        createElement.addElement("plugin_template_name").addCDATA("默认");
        createElement.addElement("user").addCDATA("admin");
        createElement.addElement("system_version").addCDATA(Config.getInstance().getString("version", ""));
        createElement.addElement("if_exploit").addCDATA("False");
        Element addElement2 = createElement.addElement("vuln_list");
        HashMap hashMap2 = new HashMap();
        hashMap2.put("A1[注入]", 42);
        hashMap2.put("A3[跨站脚本]", 43);
        for (Map<String, Object> map2 : this.webService.getBugListByDevid(num)) {
            if ("脚本木马(Webshell)".equalsIgnoreCase(new StringBuilder().append(map2.get("i18n_name")).toString())) {
            }
            int i2 = "WebDav列目录".equalsIgnoreCase(new StringBuilder().append(map2.get("i18n_name")).toString()) ? 47 : "服务器存在可直接查看文件列表的目录".equalsIgnoreCase(new StringBuilder().append(map2.get("i18n_name")).toString()) ? 48 : ObjectUtil.getInt(hashMap2.get(map2.get("vul_type")), 0);
            Element addElement3 = addElement2.addElement("vul_info");
            addElement3.addElement("vul_id").addCDATA(new StringBuilder().append(map2.get("vul_id")).toString());
            addElement3.addElement("vul_type").addCDATA(new StringBuilder(String.valueOf(i2)).toString());
            addElement3.addElement("i18n_name").addCDATA(new StringBuilder().append(map2.get("i18n_name")).toString());
            addElement3.addElement("i18n_solution").addCDATA(new StringBuilder().append(map2.get("i18n_solution")).toString());
            addElement3.addElement("i18n_description").addCDATA(new StringBuilder().append(map2.get("i18n_description")).toString());
            addElement3.addElement("severity_points").addCDATA(new StringBuilder().append(map2.get("severity_points")).toString());
            String string = ObjectUtil.getString(map2.get("urls"), "");
            if (StringUtils.isNotBlank(string)) {
                String[] split = string.split("\n");
                Element addElement4 = addElement3.addElement("urls");
                for (String str : split) {
                    String[] split2 = str.split("`");
                    if (split2 != null && split2.length != 0) {
                        Element addElement5 = addElement4.addElement("url");
                        addElement5.addElement("url_id");
                        addElement5.addElement("url_info").addCDATA(split2[0].startsWith(",") ? split2[0].substring(1) : split2[0]);
                        addElement5.addElement("vul_params").addCDATA(split2.length == 2 ? split2[1] : "");
                    }
                }
            }
        }
        return createDocument;
    }

    private void pluginTemplateList(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        XmlResponse xmlResponse = new XmlResponse(true, false);
        if (CollectionUtils.isEmpty(this.webTempService.search(httpServletRequest.getSession(), null, null, null, null))) {
            results(httpServletRequest, httpServletResponse, 20, "为发现策略模板");
            return;
        }
        ArrayList arrayList = new ArrayList();
        for (Map<String, Object> map : this.webTempService.search(httpServletRequest.getSession(), null, null, null, null)) {
            HashMap hashMap = new HashMap();
            hashMap.put("id", map.get("id"));
            hashMap.put("name", map.get("name"));
            HashMap hashMap2 = new HashMap();
            hashMap2.put("item", hashMap);
            arrayList.add(hashMap2);
        }
        xmlResponse.putObj("plugin_templates", arrayList);
        xmlResponse.shipToResponse(httpServletRequest, httpServletResponse);
    }

    private void sysStatus(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws Exception {
        Map<String, Object> memAndCpuByType = this.engineMapper.getMemAndCpuByType(0);
        if (MapUtils.isEmpty(memAndCpuByType)) {
            results(httpServletRequest, httpServletResponse, 20, "获取系统状态有误，请确认！");
        } else {
            results(httpServletRequest, httpServletResponse, 10, JsonUtil.MAPPER.writeValueAsString(memAndCpuByType));
        }
    }
}
