package com.datacloudsec.scan.handler;

import com.datacloudsec.exception.UEException;
import com.datacloudsec.response.SuyanResponse;
import com.datacloudsec.scan.common.Config;
import com.datacloudsec.scan.common.Constant;
import com.datacloudsec.scan.dao.BaselineMapper;
import com.datacloudsec.scan.dao.EngineMapper;
import com.datacloudsec.scan.dao.SysBugMapper;
import com.datacloudsec.scan.dao.TaskBaseMapper;
import com.datacloudsec.scan.dao.WebBugMapper;
import com.datacloudsec.scan.entity.Task;
import com.datacloudsec.scan.entity.User;
import com.datacloudsec.scan.service.IBaseline;
import com.datacloudsec.scan.service.IConfig;
import com.datacloudsec.scan.service.IPwd;
import com.datacloudsec.scan.service.IPwddic;
import com.datacloudsec.scan.service.ISysconfig;
import com.datacloudsec.scan.service.ISystemTemp;
import com.datacloudsec.scan.service.ITask;
import com.datacloudsec.scan.service.IUser;
import com.datacloudsec.scan.service.IWeb;
import com.datacloudsec.scan.service.impl.BaselineService;
import com.datacloudsec.scan.service.impl.ConfigService;
import com.datacloudsec.scan.service.impl.PwdService;
import com.datacloudsec.scan.service.impl.PwddicService;
import com.datacloudsec.scan.service.impl.ReportService;
import com.datacloudsec.scan.service.impl.SysconfigService;
import com.datacloudsec.scan.service.impl.SystemTempService;
import com.datacloudsec.scan.service.impl.TaskService;
import com.datacloudsec.scan.service.impl.UserService;
import com.datacloudsec.scan.service.impl.WebService;
import com.datacloudsec.scan.tasks.InitSystemTask;
import com.datacloudsec.utils.BASE64Util;
import com.datacloudsec.utils.EntryResult;
import com.datacloudsec.utils.InstanceUtil;
import com.datacloudsec.utils.JsonUtil;
import com.datacloudsec.utils.MybatisUtil;
import com.datacloudsec.utils.ObjectUtil;
import com.datacloudsec.utils.SecretUtil;
import com.datacloudsec.utils.XmlUtils;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import java.io.File;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.ibatis.session.SqlSession;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/datacloudsec/scan/handler/SuyanSysscan.class */
public class SuyanSysscan extends HttpServlet {
    private static final long serialVersionUID = -2782014473823981630L;
    private IUser userService = (IUser) InstanceUtil.newServiceInstance(UserService.class);
    private ITask taskService = (ITask) InstanceUtil.newServiceInstance(TaskService.class);
    private ISysconfig sysconfigService = (ISysconfig) InstanceUtil.newServiceInstance(SysconfigService.class);
    private ISystemTemp systemTempSerice = (ISystemTemp) InstanceUtil.newServiceInstance(SystemTempService.class);
    private IBaseline baseline = (IBaseline) InstanceUtil.newServiceInstance(BaselineService.class);
    private IPwd pwdService = (IPwd) InstanceUtil.newServiceInstance(PwdService.class);
    private IPwddic pwddicService = (IPwddic) InstanceUtil.newServiceInstance(PwddicService.class);
    private IWeb webService = (IWeb) InstanceUtil.newServiceInstance(WebService.class);
    private TaskBaseMapper taskBaseMapper = (TaskBaseMapper) InstanceUtil.newDaoInstance(TaskBaseMapper.class);
    private EngineMapper engineMapper = (EngineMapper) InstanceUtil.newDaoInstance(EngineMapper.class);
    private SysBugMapper sysBugMapper = (SysBugMapper) InstanceUtil.newDaoInstance(SysBugMapper.class);
    private WebBugMapper webBugMapper = (WebBugMapper) InstanceUtil.newDaoInstance(WebBugMapper.class);
    private IConfig configService = (IConfig) InstanceUtil.newServiceInstance(ConfigService.class);
    private static final Logger LOG = Logger.getLogger(SuyanSysscan.class);
    private static final ImmutableMap<Integer, Integer> TASK_TYPE = ImmutableMap.builder().put(2, 2).put(0, 8).put(1, 1).put(3, 4).build();
    private static final ImmutableMap<Integer, Integer> STATUS = ImmutableMap.builder().put(4, 0).put(0, 5).put(1, 2).put(5, 5).put(2, 4).put(3, 8).build();

    private String validateLic(HttpServletRequest httpServletRequest) {
        int valudate = InitSystemTask.licenseApp.valudate();
        if (valudate == 0) {
            return null;
        }
        String str = "许可授权不正确，请联系技术人员";
        if (valudate == 2) {
            str = "许可文件未找到";
        } else if (valudate == 3) {
            str = "许可文件格式错误";
        } else if (valudate == 6) {
            str = "许可授权时间错误";
        } else if (valudate == 7) {
            str = "许可产品码错误";
        } else if (valudate == 8) {
            str = "许可使用次数已用完";
        } else if (valudate == 10) {
            str = "许可非授权给当前机器";
        }
        LOG.error("许可验证未通过，code = " + valudate);
        return str;
    }

    private void results(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i, String str, Map<String, Object> map) {
        SuyanResponse suyanResponse = new SuyanResponse(true);
        if (i != 0) {
            suyanResponse.putObj("ret_code", Integer.valueOf(i));
        }
        if (StringUtils.isNotBlank(str)) {
            suyanResponse.putObj("ret_msg", str);
        }
        suyanResponse.putObj("data", map);
        suyanResponse.shipToResponse(httpServletRequest, httpServletResponse);
    }

    private boolean checkLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws Exception {
        String parameter = httpServletRequest.getParameter("username");
        String parameter2 = httpServletRequest.getParameter("password");
        if (StringUtils.isNotBlank(parameter) && StringUtils.isNotBlank(parameter2)) {
            User userByName = this.userService.getUserByName(parameter);
            if (userByName == null) {
                httpServletResponse.sendError(401);
                return false;
            }
            if (!SecretUtil.digestSha1(parameter2, SecretUtil.SHA1).equalsIgnoreCase(userByName.getPassword())) {
                httpServletResponse.sendError(401);
                return false;
            }
            if (!SecretUtil.digestSha1(parameter2, SecretUtil.SHA1).equalsIgnoreCase("7c4a8d09ca3762af61e59520943dc26494f8941b")) {
                return true;
            }
            httpServletResponse.sendError(401);
            return false;
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (!StringUtils.isBlank(header)) {
            String[] split = BASE64Util.decode(header.substring(6, header.length())).split(":");
            if (split == null || split.length < 2) {
                httpServletResponse.sendError(401);
                return false;
            }
            User userByName2 = this.userService.getUserByName(split[0]);
            if (userByName2 == null) {
                httpServletResponse.sendError(401);
                return false;
            }
            if (SecretUtil.digestSha1(split[1], SecretUtil.SHA1).equalsIgnoreCase(userByName2.getPassword())) {
                return true;
            }
            httpServletResponse.sendError(401);
            return false;
        }
        Map map2 = (Map) map.get("params");
        if (MapUtils.isEmpty(map2)) {
            httpServletResponse.sendError(401);
            return false;
        }
        String string = ObjectUtil.getString(map2.get("username"), "");
        String string2 = ObjectUtil.getString(map2.get("password"), "");
        User userByName3 = this.userService.getUserByName(string);
        if (userByName3 == null) {
            httpServletResponse.sendError(401);
            return false;
        }
        if (!SecretUtil.digestSha1(string2, SecretUtil.SHA1).equalsIgnoreCase(userByName3.getPassword())) {
            httpServletResponse.sendError(401);
            return false;
        }
        if (!SecretUtil.digestSha1(string2, SecretUtil.SHA1).equalsIgnoreCase("7c4a8d09ca3762af61e59520943dc26494f8941b")) {
            return true;
        }
        httpServletResponse.sendError(401);
        return false;
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (validateLic(httpServletRequest) != null) {
            results(httpServletRequest, httpServletResponse, 403, "未授权使用", null);
            return;
        }
        String replaceAll = httpServletRequest.getRequestURI().replaceAll("/+$", "");
        Map<String, Object> map = null;
        try {
            map = fileUplod(httpServletRequest, httpServletResponse);
        } catch (Exception e) {
            LOG.error("", e);
        }
        if (MapUtils.isEmpty(map)) {
            String iOUtils = IOUtils.toString(httpServletRequest.getInputStream(), "UTF8");
            if (StringUtils.isNotBlank(iOUtils)) {
                map = ImmutableMap.builder().put("params", JsonUtil.MAPPER.readValue(iOUtils, Map.class)).build();
            }
        }
        try {
            if (!checkLogin(httpServletRequest, httpServletResponse, map)) {
                return;
            }
        } catch (Exception e2) {
            LOG.error("", e2);
            results(httpServletRequest, httpServletResponse, -1, "认证失败", null);
        }
        Map<String, Object> map2 = null;
        if (MapUtils.isNotEmpty(map)) {
            map2 = (Map) map.get("params");
        }
        if ("/api/task/create".equals(replaceAll)) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, create(httpServletRequest, httpServletResponse, map));
                return;
            } catch (Exception e3) {
                LOG.error("", e3);
                results(httpServletRequest, httpServletResponse, -1, e3.getMessage(), null);
                return;
            }
        }
        if ("/api/task/vul/create".equals(replaceAll)) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, ImmutableMap.builder().put("task_id", bugScan(httpServletRequest, map2)).build());
                return;
            } catch (Exception e4) {
                LOG.error("", e4);
                results(httpServletRequest, httpServletResponse, -1, e4.getMessage(), null);
                return;
            }
        }
        if ("/api/task/baseline/create".equals(replaceAll)) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, ImmutableMap.builder().put("task_id", blineScan(httpServletRequest, map2)).build());
                return;
            } catch (Exception e5) {
                LOG.error("", e5);
                results(httpServletRequest, httpServletResponse, -1, e5.getMessage(), null);
                return;
            }
        }
        if ("/api/task/pwd/create".equals(replaceAll)) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, ImmutableMap.builder().put("task_id", pwdScan(httpServletRequest, map2)).build());
                return;
            } catch (Exception e6) {
                LOG.error("", e6);
                results(httpServletRequest, httpServletResponse, -1, e6.getMessage(), null);
                return;
            }
        }
        if ("/api/task/web/create".equals(replaceAll)) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, ImmutableMap.builder().put("task_id", webScan(httpServletRequest, map2)).build());
                return;
            } catch (Exception e7) {
                LOG.error("", e7);
                results(httpServletRequest, httpServletResponse, -1, e7.getMessage(), null);
                return;
            }
        }
        if (replaceAll.startsWith("/api/task/status/")) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, status(httpServletRequest));
                return;
            } catch (Exception e8) {
                LOG.error("", e8);
                results(httpServletRequest, httpServletResponse, -1, e8.getMessage(), null);
                return;
            }
        }
        if (replaceAll.startsWith("/api/task/pause/")) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, pause(httpServletRequest));
                return;
            } catch (Exception e9) {
                LOG.error("", e9);
                results(httpServletRequest, httpServletResponse, -1, e9.getMessage(), null);
                return;
            }
        }
        if (replaceAll.startsWith("/api/task/resume/")) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, resume(httpServletRequest));
                return;
            } catch (Exception e10) {
                LOG.error("", e10);
                results(httpServletRequest, httpServletResponse, -1, e10.getMessage(), null);
                return;
            }
        }
        if (replaceAll.startsWith("/api/task/rescan/")) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, resume(httpServletRequest));
                return;
            } catch (Exception e11) {
                LOG.error("", e11);
                results(httpServletRequest, httpServletResponse, -1, e11.getMessage(), null);
                return;
            }
        }
        if (replaceAll.startsWith("/api/task/stop/")) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, pause(httpServletRequest));
                return;
            } catch (Exception e12) {
                LOG.error("", e12);
                results(httpServletRequest, httpServletResponse, -1, e12.getMessage(), null);
                return;
            }
        }
        if (replaceAll.startsWith("/api/task/delete/")) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, delete(httpServletRequest));
                return;
            } catch (Exception e13) {
                LOG.error("", e13);
                results(httpServletRequest, httpServletResponse, -1, e13.getMessage(), null);
                return;
            }
        }
        if ("/api/task/list".equals(replaceAll)) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, taskList(map2));
                return;
            } catch (Exception e14) {
                LOG.error("", e14);
                results(httpServletRequest, httpServletResponse, -1, e14.getMessage(), null);
                return;
            }
        }
        if (replaceAll.startsWith("/api/report/task")) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, report(httpServletRequest));
                return;
            } catch (Exception e15) {
                LOG.error("", e15);
                results(httpServletRequest, httpServletResponse, -1, e15.getMessage(), null);
                return;
            }
        }
        if ("/api/system/status".equals(replaceAll)) {
            try {
                results(httpServletRequest, httpServletResponse, 0, null, systemStatus(httpServletRequest));
            } catch (Exception e16) {
                LOG.error("", e16);
                results(httpServletRequest, httpServletResponse, -1, e16.getMessage(), null);
            }
        }
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:28:0x00de. Please report as an issue. */
    private Map<String, Object> create(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws Exception {
        if (MapUtils.isEmpty(map)) {
            throw new UEException("参数不能为空");
        }
        Map map2 = (Map) map.get("params");
        if (MapUtils.isEmpty(map2)) {
            throw new UEException("参数不能为空");
        }
        Integer num = ObjectUtil.getInt(map2.get("type"));
        if (num == null) {
            throw new UEException("type不能为空");
        }
        List list = (List) map.get("files");
        if (CollectionUtils.isEmpty(list)) {
            throw new UEException("未发现上传文件");
        }
        if (list.size() > 1) {
            throw new UEException("仅支持单文件上传");
        }
        Map map3 = (Map) list.get(0);
        File file = (File) map3.get("file");
        if (!"xml".equalsIgnoreCase(FilenameUtils.getExtension(ObjectUtil.getString(map3.get("fileName"), "")))) {
            throw new UEException("文件格式错误");
        }
        HashMap hashMap = new HashMap();
        try {
            try {
                switch (num.intValue()) {
                    case 1:
                        try {
                            Map<String, Object> xml2MapWithAttr = XmlUtils.xml2MapWithAttr(FileUtils.readFileToString(file, "UTF-8"));
                            Map<String, Object> parseEntry = EntryResult.parseEntry((List) ((Map) xml2MapWithAttr.get("server")).get("key"), "@name", "@value");
                            xml2MapWithAttr.remove("server");
                            xml2MapWithAttr.putAll(parseEntry);
                            hashMap.put("task_id", bugScan(httpServletRequest, xml2MapWithAttr));
                            if (file != null && file.exists()) {
                                file.delete();
                            }
                        } catch (Exception e) {
                            LOG.error("", e);
                            if (e instanceof UEException) {
                                results(httpServletRequest, httpServletResponse, -1, e.getMessage(), null);
                            } else {
                                results(httpServletRequest, httpServletResponse, -1, "操作失败", null);
                            }
                            if (file != null && file.exists()) {
                                file.delete();
                            }
                        }
                        return hashMap;
                    case 2:
                        try {
                            try {
                                Map<String, Object> xml2MapWithAttr2 = XmlUtils.xml2MapWithAttr(FileUtils.readFileToString(file, "UTF-8"));
                                Map<String, Object> parseEntry2 = EntryResult.parseEntry((List) ((Map) xml2MapWithAttr2.get("server")).get("key"), "@name", "@value");
                                xml2MapWithAttr2.remove("server");
                                xml2MapWithAttr2.put("server", parseEntry2);
                                hashMap.put("task_id", blineScan(httpServletRequest, xml2MapWithAttr2));
                                if (file != null && file.exists()) {
                                    file.delete();
                                }
                            } catch (Exception e2) {
                                LOG.error("", e2);
                                if (e2 instanceof UEException) {
                                    results(httpServletRequest, httpServletResponse, -1, e2.getMessage(), null);
                                } else {
                                    results(httpServletRequest, httpServletResponse, -1, "操作失败", null);
                                }
                                if (file != null && file.exists()) {
                                    file.delete();
                                }
                            }
                            return hashMap;
                        } catch (Throwable th) {
                            if (file != null && file.exists()) {
                                file.delete();
                            }
                            throw th;
                        }
                    case 3:
                        try {
                            try {
                                Map<String, Object> xml2MapWithAttr3 = XmlUtils.xml2MapWithAttr(FileUtils.readFileToString(file, "UTF-8"));
                                Map<String, Object> parseEntry3 = EntryResult.parseEntry((List) ((Map) xml2MapWithAttr3.get("server")).get("key"), "@name", "@value");
                                xml2MapWithAttr3.remove("server");
                                xml2MapWithAttr3.put("server", parseEntry3);
                                hashMap.put(ReportService.REPORT_STATE_SUCCESS, bugScan(httpServletRequest, xml2MapWithAttr3));
                                hashMap.put(ReportService.REPORT_STATE_FAILED, blineScan(httpServletRequest, xml2MapWithAttr3));
                                if (file != null && file.exists()) {
                                    file.delete();
                                }
                            } catch (Exception e3) {
                                LOG.error("", e3);
                                if (e3 instanceof UEException) {
                                    results(httpServletRequest, httpServletResponse, -1, e3.getMessage(), null);
                                } else {
                                    results(httpServletRequest, httpServletResponse, -1, "操作失败", null);
                                }
                                if (file != null && file.exists()) {
                                    file.delete();
                                }
                            }
                            return hashMap;
                        } catch (Throwable th2) {
                            if (file != null && file.exists()) {
                                file.delete();
                            }
                            throw th2;
                        }
                    case 4:
                        try {
                            Map<String, Object> xml2MapWithAttr4 = XmlUtils.xml2MapWithAttr(FileUtils.readFileToString(file, "UTF-8"));
                            Map<String, Object> parseEntry4 = EntryResult.parseEntry((List) ((Map) xml2MapWithAttr4.get("server")).get("key"), "@name", "@value");
                            xml2MapWithAttr4.remove("server");
                            xml2MapWithAttr4.put("server", parseEntry4);
                            xml2MapWithAttr4.put("targets", ((Map) xml2MapWithAttr4.get("server")).get("targets"));
                            hashMap.put("task_id", pwdScan(httpServletRequest, xml2MapWithAttr4));
                            if (file != null && file.exists()) {
                                file.delete();
                            }
                        } catch (Exception e4) {
                            LOG.error("", e4);
                            if (e4 instanceof UEException) {
                                results(httpServletRequest, httpServletResponse, -1, e4.getMessage(), null);
                            } else {
                                results(httpServletRequest, httpServletResponse, -1, "操作失败", null);
                            }
                            if (file != null && file.exists()) {
                                file.delete();
                            }
                        }
                        return hashMap;
                    case 5:
                    case 6:
                    case 7:
                    default:
                        return hashMap;
                    case 8:
                        try {
                            try {
                                Map<String, Object> xml2MapWithAttr5 = XmlUtils.xml2MapWithAttr(FileUtils.readFileToString(file, "UTF-8"));
                                xml2MapWithAttr5.put("targets", ((Map) xml2MapWithAttr5.get("task")).get("target"));
                                xml2MapWithAttr5.put("name", ((Map) xml2MapWithAttr5.get("task")).get("name"));
                                hashMap.put("task_id", webScan(httpServletRequest, xml2MapWithAttr5));
                                if (file != null && file.exists()) {
                                    file.delete();
                                }
                            } catch (Exception e5) {
                                LOG.error("", e5);
                                if (e5 instanceof UEException) {
                                    results(httpServletRequest, httpServletResponse, -1, e5.getMessage(), null);
                                } else {
                                    results(httpServletRequest, httpServletResponse, -1, "操作失败", null);
                                }
                                if (file != null && file.exists()) {
                                    file.delete();
                                }
                            }
                            return hashMap;
                        } catch (Throwable th3) {
                            if (file != null && file.exists()) {
                                file.delete();
                            }
                            throw th3;
                        }
                }
            } catch (Throwable th4) {
                if (file != null && file.exists()) {
                    file.delete();
                }
                throw th4;
            }
        } catch (Throwable th5) {
            if (file != null && file.exists()) {
                file.delete();
            }
            throw th5;
        }
    }

    private Integer bugScan(HttpServletRequest httpServletRequest, Map<String, Object> map) throws Exception {
        if (!"ip".equals(ObjectUtil.getString(map.get("task_type"), "ip"))) {
            throw new UEException("扫描目标类型只能是IP");
        }
        String string = ObjectUtil.getString(map.get("targets"), "");
        if (StringUtils.isBlank(string)) {
            throw new UEException("targets不能为空");
        }
        String string2 = StringUtils.isBlank(ObjectUtil.getString(map.get("taskname"), "")) ? ObjectUtil.getString(map.get("name"), "") : ObjectUtil.getString(map.get("taskname"), "");
        if (StringUtils.isBlank(string2)) {
            throw new UEException("任务名称不能为空");
        }
        ArrayList arrayList = new ArrayList();
        for (String str : string.split(";")) {
            HashMap hashMap = new HashMap();
            hashMap.put("name", str);
            arrayList.add(hashMap);
        }
        Map<String, Object> defaultSysConf = this.sysconfigService.getDefaultSysConf(httpServletRequest.getSession());
        Map<String, Object> tempByName = this.systemTempSerice.getTempByName("全部");
        int i = ObjectUtil.getInt(map.get("template_id"), 0);
        String string3 = ObjectUtil.getString(map.get("report_ifsendftp"), "no");
        Integer insertSys = this.taskService.insertSys(httpServletRequest.getSession(), string2, "", 1, "system", 2, "0:0", null, null, JsonUtil.MAPPER_ESCAPE_HTML.writeValueAsString(arrayList), null, null, null, ObjectUtil.getString(tempByName.get("config"), ""), Integer.valueOf(i == 0 ? ObjectUtil.getInt(tempByName.get("id")).intValue() : i), "high,medium", 2, ObjectUtil.getInt(defaultSysConf.get("id")), null);
        this.configService.setValue("suyan_sys_sendftp_" + insertSys, string3);
        return insertSys;
    }

    private Integer blineScan(HttpServletRequest httpServletRequest, Map<String, Object> map) throws Exception {
        String string = StringUtils.isBlank(ObjectUtil.getString(map.get("taskname"), "")) ? ObjectUtil.getString(map.get("name"), "") : ObjectUtil.getString(map.get("taskname"), "");
        if (StringUtils.isBlank(string)) {
            throw new UEException("任务名称不能为空");
        }
        SqlSession sqlSession = null;
        try {
            try {
                SqlSession openSession = MybatisUtil.sqlSessionFactory.openSession();
                BaselineMapper baselineMapper = (BaselineMapper) openSession.getMapper(BaselineMapper.class);
                String str = "";
                try {
                    str = JsonUtil.MAPPER.writeValueAsString(ImmutableMap.builder().put("ipType", ReportService.REPORT_STATE_READY).put("protocol", map.get("login_type").toString().toLowerCase()).put("assetType", "linux").put("uname", map.get("login_name")).put("password", map.get("login_password")).put("linuxV", "centos").put("port", map.get("login_port")).build());
                } catch (Exception e) {
                    LOG.error("", e);
                }
                Task task = new Task();
                task.setName(string);
                task.setTaskType(2);
                task.setType(1);
                task.setAlarmType(1);
                task.setAlarmMethod("system");
                task.setUid(1);
                task.setBtype("默认");
                task.setWarningType("inconformity");
                task.setVal1(2);
                task.setVal2(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()));
                baselineMapper.insert(task);
                Integer id = task.getId();
                if (map.get("targets") instanceof String) {
                    for (String str2 : ObjectUtil.getString(map.get("targets"), "").split(";")) {
                        HashMap hashMap = new HashMap();
                        hashMap.put("name", str2);
                        hashMap.put("taskId", id);
                        hashMap.put("ip", str2);
                        hashMap.put("regionSid", 110000);
                        hashMap.put("regionCid", 110101);
                        hashMap.put("confContent", str);
                        baselineMapper.insertTaskDevice(hashMap);
                    }
                } else {
                    if (!(map.get("targets") instanceof Map)) {
                        throw new UEException("targets参数错误");
                    }
                    for (Map map2 : (List) ((Map) map.get("targets")).get("target")) {
                        HashMap hashMap2 = new HashMap();
                        hashMap2.put("name", map2.get("ip"));
                        hashMap2.put("taskId", id);
                        hashMap2.put("ip", map2.get("ip"));
                        hashMap2.put("regionSid", 110000);
                        hashMap2.put("regionCid", 110101);
                        hashMap2.put("confContent", JsonUtil.MAPPER.writeValueAsString(ImmutableMap.builder().put("ipType", ReportService.REPORT_STATE_READY).put("port", map2.get("port")).put("protocol", map2.get("protocol").toString().toLowerCase()).put("assetType", "linux").put("uname", map2.get("username")).put("password", map2.get("password")).put("linuxV", "centos").build()));
                        baselineMapper.insertTaskDevice(hashMap2);
                    }
                }
                openSession.commit();
                this.baseline.startScanTask(id);
                if (openSession != null) {
                    openSession.close();
                }
                return id;
            } catch (Throwable th) {
                if (0 != 0) {
                    sqlSession.close();
                }
                throw th;
            }
        } catch (Exception e2) {
            if (0 != 0) {
                sqlSession.rollback();
            }
            throw new UEException("", e2);
        }
    }

    private Integer pwdScan(HttpServletRequest httpServletRequest, Map<String, Object> map) throws Exception {
        String writeValueAsString;
        if (!"ip".equals(ObjectUtil.getString(map.get("task_type"), "ip"))) {
            throw new UEException("扫描目标类型只能是IP");
        }
        String string = ObjectUtil.getString(map.get("targets"), "");
        if (StringUtils.isBlank(string)) {
            throw new UEException("targets不能为空");
        }
        String string2 = StringUtils.isBlank(ObjectUtil.getString(map.get("taskname"), "")) ? ObjectUtil.getString(map.get("name"), "") : ObjectUtil.getString(map.get("taskname"), "");
        if (StringUtils.isBlank(string2)) {
            throw new UEException("任务名称不能为空");
        }
        ArrayList arrayList = new ArrayList();
        for (String str : string.split(";")) {
            HashMap hashMap = new HashMap();
            hashMap.put("name", str);
            arrayList.add(hashMap);
        }
        if (!"standard".equals(ObjectUtil.getString(map.get("pass_mode"), "standard"))) {
            throw new UEException("pass_mode仅支持standard");
        }
        String lowerCase = ObjectUtil.getString(map.get("service_type"), "").toLowerCase();
        Integer num = ObjectUtil.getInt(map.get("template_id"));
        if (MapUtils.isNotEmpty((Map) map.get("pwdguess"))) {
            Map<String, Object> parseEntry = EntryResult.parseEntry((List) ((Map) map.get("pwdguess")).get("key"), "@name", "@value");
            HashMap hashMap2 = new HashMap();
            ImmutableMap build = ImmutableMap.builder().put("ssh", 22).put("telnet", 23).put("smb", 445).put("rdp", 3389).put("ftp", 21).put("pop3", 110).put("smtp", 25).put("snmp", 161).put("redis", 6379).put("oracle", 1521).put("mysql", 3306).put("mssql", 1433).put("postgres", 5432).build();
            Integer num2 = null;
            for (Map.Entry<String, Object> entry : parseEntry.entrySet()) {
                if ("threadnum".equals(entry.getKey())) {
                    hashMap2.put(entry.getKey().replace("threadnum", "process"), entry.getValue());
                } else {
                    String lowerCase2 = entry.getKey().replace("pwdguess:", "").toLowerCase();
                    if (build.containsKey(lowerCase2)) {
                        num2 = ObjectUtil.getInt(entry.getValue());
                        hashMap2.put("protocol_" + lowerCase2, lowerCase2);
                        hashMap2.put(String.valueOf(lowerCase2) + "_port", build.get(lowerCase2));
                    } else {
                        hashMap2.put(entry.getKey().replace("pwdguess:", "").toLowerCase(), entry.getValue());
                    }
                }
            }
            Map<String, Object> pwdGroupById = this.pwddicService.getPwdGroupById(num2);
            if (pwdGroupById == null) {
                throw new UEException("template_id不能为空");
            }
            hashMap2.put("pwdGroupId", num2);
            hashMap2.put("usernames", pwdGroupById.get("upid"));
            hashMap2.put("passwords", pwdGroupById.get("ppid"));
            hashMap2.put("force", "yes");
            hashMap2.put("emptypwd", "yes");
            writeValueAsString = JsonUtil.MAPPER.writeValueAsString(hashMap2);
        } else {
            if (num == null) {
                throw new UEException("template_id不能为空");
            }
            Map<String, Object> pwdGroupById2 = this.pwddicService.getPwdGroupById(num);
            writeValueAsString = JsonUtil.MAPPER.writeValueAsString(ImmutableMap.builder().put("pwdGroupId", num).put("process", 16).put("force", "yes").put("emptypwd", "yes").put(map.get("service_type") + "_port", map.get("port")).put("protocol_ssh", lowerCase).put("usernames", pwdGroupById2.get("upid")).put("passwords", pwdGroupById2.get("ppid")).build());
        }
        return this.pwdService.insert(httpServletRequest.getSession(), string2, "", 1, "system", 2, "0:0", null, null, JsonUtil.MAPPER_ESCAPE_HTML.writeValueAsString(arrayList), null, null, null, writeValueAsString, null, null);
    }

    private Integer webScan(HttpServletRequest httpServletRequest, Map<String, Object> map) throws Exception {
        String string = ObjectUtil.getString(map.get("targets"), "");
        if (StringUtils.isBlank(string)) {
            throw new UEException("targets不能为空");
        }
        String string2 = ObjectUtil.getString(map.get("name"), "");
        if (StringUtils.isBlank(string2)) {
            throw new UEException("任务名称不能为空");
        }
        String str = (String) InitSystemTask.licenseApp.getLicenseLic().getParams().get("type");
        ArrayList arrayList = new ArrayList();
        for (String str2 : string.split(";")) {
            HashMap hashMap = new HashMap();
            hashMap.put("url", str2);
            arrayList.add(hashMap);
        }
        String writeValueAsString = JsonUtil.MAPPER_ESCAPE_HTML.writeValueAsString(arrayList);
        Map<String, Object> defaultConf = defaultConf("网站");
        int i = ObjectUtil.getInt(map.get("template_id"), 0);
        if (i != 0) {
            defaultConf.put("policies", Integer.valueOf(i));
        }
        String writeValueAsString2 = JsonUtil.MAPPER.writeValueAsString(defaultConf);
        return "tool".equalsIgnoreCase(str) ? this.webService.insert(httpServletRequest.getSession(), string2, "", 1, "bug", "system", 1, "0:00", null, null, null, writeValueAsString, null, null, null, null, null, null, null, null, null, null, writeValueAsString2, "high,medium,low", 2, null) : this.webService.insert(httpServletRequest.getSession(), string2, "", 1, "bug,horse,keyword,tamper,avail,fish", "system", 1, "0:00", null, null, 1, writeValueAsString, null, null, null, null, null, "imgMD5,title,delLinkRemind,newLinkRemind", 95, 1, "img,idCard", null, writeValueAsString2, "high,medium,low", 2, null);
    }

    private Map<String, Object> status(HttpServletRequest httpServletRequest) throws Exception {
        Integer num = ObjectUtil.getInt(httpServletRequest.getRequestURI().substring(httpServletRequest.getRequestURI().lastIndexOf("/") + 1));
        Task taskById = this.taskService.getTaskById(httpServletRequest.getSession(), num);
        if (taskById == null) {
            throw new UEException("任务不存在");
        }
        List<Map<String, Object>> taskDevByTid = this.taskService.getTaskDevByTid(num);
        if (2 == taskById.getStatus().intValue() && CollectionUtils.isEmpty(taskDevByTid)) {
            return ImmutableMap.builder().put("id", num).put("name", ObjectUtil.getString(taskById.getName(), "")).put("type", ObjectUtil.getString(TASK_TYPE.get(taskById.getTaskType()), "")).put("status", "8").put("process", 100).put("starttime", "").put("endtime", "").build();
        }
        Map<String, Object> map = taskDevByTid.get(0);
        return ImmutableMap.builder().put("id", num).put("name", ObjectUtil.getString(taskById.getName(), "")).put("type", ObjectUtil.getString(TASK_TYPE.get(taskById.getTaskType()), "")).put("status", ObjectUtil.getString(STATUS.get(taskById.getStatus()), "5")).put("process", Float.valueOf(ObjectUtil.getFloat(map.get("progress"), 0.0f))).put("starttime", taskById.getTaskType().intValue() == 1 ? ObjectUtil.getString(taskById.getStartTime(), "") : ObjectUtil.getString(map.get("startTime"), "")).put("endtime", taskById.getTaskType().intValue() == 1 ? ObjectUtil.getString(taskById.getEndTime(), "") : ObjectUtil.getString(map.get("lastTime"), "")).build();
    }

    private Map<String, Object> pause(HttpServletRequest httpServletRequest) throws Exception {
        Integer num = ObjectUtil.getInt(httpServletRequest.getRequestURI().substring(httpServletRequest.getRequestURI().lastIndexOf("/") + 1));
        Task taskById = this.taskService.getTaskById(httpServletRequest.getSession(), num);
        if (taskById == null) {
            throw new UEException("任务不存在");
        }
        switch (taskById.getTaskType().intValue()) {
            case 0:
                this.webService.stopScanTask(num);
                break;
            case 1:
                this.taskService.stop(num);
                break;
            case 3:
                this.pwdService.stopScanTask(num);
                break;
        }
        return ImmutableMap.builder().put("success", true).build();
    }

    private Map<String, Object> resume(HttpServletRequest httpServletRequest) throws Exception {
        Integer num = ObjectUtil.getInt(httpServletRequest.getRequestURI().substring(httpServletRequest.getRequestURI().lastIndexOf("/") + 1));
        Task taskById = this.taskService.getTaskById(httpServletRequest.getSession(), num);
        if (taskById == null) {
            throw new UEException("任务不存在");
        }
        switch (taskById.getTaskType().intValue()) {
            case 0:
                this.webService.startScanTask(num);
                break;
            case 1:
                this.taskService.startTask(num);
                break;
            case 2:
                this.baseline.startScanTask(num);
                break;
            case 3:
                this.pwdService.startScanTask(num);
                break;
        }
        return ImmutableMap.builder().put("success", true).build();
    }

    private Map<String, Object> delete(HttpServletRequest httpServletRequest) throws Exception {
        Integer num = ObjectUtil.getInt(httpServletRequest.getRequestURI().substring(httpServletRequest.getRequestURI().lastIndexOf("/") + 1));
        Task taskById = this.taskService.getTaskById(httpServletRequest.getSession(), num);
        if (taskById == null) {
            throw new UEException("任务不存在");
        }
        switch (taskById.getTaskType().intValue()) {
            case 0:
                this.webService.delete(httpServletRequest.getSession(), num, taskById.getVersion());
                break;
            case 1:
                this.taskService.delete(httpServletRequest.getSession(), num, taskById.getVersion());
                break;
            case 2:
                this.baseline.delete(httpServletRequest.getSession(), num, taskById.getVersion());
                break;
            case 3:
                this.pwdService.delete(httpServletRequest.getSession(), num, taskById.getVersion());
                break;
        }
        return ImmutableMap.builder().put("success", true).build();
    }

    private Map<String, Object> taskList(Map<String, Object> map) throws Exception {
        Integer num = ObjectUtil.getInt(map.get("page"));
        Integer num2 = ObjectUtil.getInt(map.get("page_size"));
        Integer num3 = null;
        if (num == null || num2 == null) {
            num2 = null;
        } else {
            num3 = Integer.valueOf((num.intValue() - 1) * num2.intValue());
        }
        ArrayList arrayList = new ArrayList();
        for (Map<String, Object> map2 : this.taskBaseMapper.getTasks(num3, num2)) {
            arrayList.add(ImmutableMap.builder().put("id", ObjectUtil.getInt(map2.get("id"))).put("name", ObjectUtil.getString(map2.get("name"), "")).put("type", ObjectUtil.getString(TASK_TYPE.get(map2.get("taskType")), "")).put("status", ObjectUtil.getString(STATUS.get(Integer.valueOf(ObjectUtil.getInt(ObjectUtil.getString(map2.get("status"), "").split(",")[0], 0))), "")).put("process", Float.valueOf(ObjectUtil.getFloat(map2.get("progress"), 0.0f))).put("starttime", ObjectUtil.getInt(map2.get("taskType")).intValue() == 1 ? ObjectUtil.getString(map2.get("sys_starttime"), "") : ObjectUtil.getString(map2.get("startTime"), "")).put("endtime", ObjectUtil.getInt(map2.get("taskType")).intValue() == 1 ? ObjectUtil.getString(map2.get("sys_endtime"), "") : ObjectUtil.getString(map2.get("lastTime"), "")).build());
        }
        return ImmutableMap.builder().put("page", Integer.valueOf(ObjectUtil.getInt(num, 0))).put("page_size", Integer.valueOf(ObjectUtil.getInt(num2, 0))).put("page_total", Integer.valueOf((num == null || num2 == null) ? 0 : this.taskBaseMapper.getTaskCount() / num2.intValue())).put("task_total", Integer.valueOf(arrayList.size())).put("tasklist", arrayList).build();
    }

    private Map<String, Object> report(HttpServletRequest httpServletRequest) throws Exception {
        Integer num = ObjectUtil.getInt(httpServletRequest.getRequestURI().substring(httpServletRequest.getRequestURI().lastIndexOf("/") + 1));
        Task taskById = this.taskService.getTaskById(httpServletRequest.getSession(), num);
        if (taskById == null) {
            throw new UEException("任务不存在");
        }
        List<Map<String, Object>> taskDevByTid = this.taskService.getTaskDevByTid(num);
        if (CollectionUtils.isEmpty(taskDevByTid)) {
            throw new UEException("未发现任务资产");
        }
        Map<String, Object> map = taskDevByTid.get(0);
        Integer num2 = ObjectUtil.getInt(map.get("id"));
        List<Map<String, Object>> list = null;
        if (1 == taskById.getTaskType().intValue()) {
            list = this.sysBugMapper.getBugsBySuyan(num2);
        } else if (taskById.getTaskType().intValue() == 0) {
            list = this.webBugMapper.getBugByDev(num2);
        } else if (2 == taskById.getTaskType().intValue()) {
            list = this.baseline.blineBugForDevice(num2);
        } else {
            taskById.getTaskType().intValue();
        }
        ArrayList arrayList = new ArrayList();
        if (CollectionUtils.isNotEmpty(list)) {
            for (Map<String, Object> map2 : list) {
                String[] split = ObjectUtil.getString(map2.get("location"), "").split("/");
                arrayList.add(ImmutableMap.builder().put("mess_string", ObjectUtil.getString(map2.get("detail"), "")).put("protocol", (split == null || split.length != 2) ? "" : split[1]).put("vul_id", ObjectUtil.getString(map2.get("oid"), "")).put("service", "").put("port", split == null ? "" : split[0].replaceAll("[A-Za-z]", "")).build());
            }
        }
        ArrayList arrayList2 = new ArrayList();
        if (CollectionUtils.isNotEmpty(list)) {
            for (Map<String, Object> map3 : list) {
                arrayList2.add(ImmutableMap.builder().put("bugtraq_id", ObjectUtil.getString(map3.get("bids"), "")).put("risk_points", Float.valueOf(ObjectUtil.getFloat(map3.get("cvss"), 0.0f))).put("nsfocus_id", ObjectUtil.getString(map3.get("oid"), "")).put("name", ObjectUtil.getString(map3.get("name"), "")).put("cve_id", ObjectUtil.getString(map3.get("cves"), "")).put("plugin_id", Integer.valueOf(ObjectUtil.getInt(map3.get("id"), 0))).put("description", ObjectUtil.getString(map3.get("desct"), "")).put("threat_category", ObjectUtil.getString(map3.get("old_family"), "")).put("vul_id", ObjectUtil.getString(map3.get("oid"), "")).put("solution", ObjectUtil.getString(map3.get("advice"), "")).build());
            }
        }
        Properties properties = (Properties) httpServletRequest.getServletContext().getAttribute("oem");
        return ImmutableMap.builder().put("target_total", 1).put("report", ImmutableMap.builder().put("product", properties.getProperty("sysname", "")).put("task", ImmutableMap.builder().put("task_type", ObjectUtil.getString(TASK_TYPE.get(taskById.getTaskType()), "")).put("name", taskById.getName()).put("id", num).put("vuln_template", 0).put("time_start_scan", taskById.getTaskType().intValue() == 1 ? ObjectUtil.getString(taskById.getStartTime(), "") : ObjectUtil.getString(map.get("startTime"), "")).put("time_end_scan", taskById.getTaskType().intValue() == 1 ? ObjectUtil.getString(taskById.getEndTime(), "") : ObjectUtil.getString(map.get("lastTime"), "")).build()).put("vendor", properties.getProperty("copyright", "")).put("sysvul_version", properties.getProperty("sub-version", "")).put("version", properties.getProperty("version", "")).put("targets", ImmutableList.builder().add(ImmutableMap.builder().put("vuln_scanned", arrayList).put("ip", ObjectUtil.getString(map.get("ip"), "")).put("vuln_detail", arrayList2).put("password_results", new ArrayList()).build()).build()).build()).put("page_total", 1).put("page", 1).put("page_size", Integer.valueOf(CollectionUtils.isNotEmpty(arrayList) ? arrayList.size() : 0)).build();
    }

    private Map<String, Object> systemStatus(HttpServletRequest httpServletRequest) throws Exception {
        Map<String, Object> map = this.engineMapper.getEngineByType(5).get(0);
        return ImmutableMap.builder().put("task_running", 1).put("version", Config.getInstance().getString("version", "").replaceAll("v|V", "")).put("vul_version", map.get("version")).put("web_version", this.engineMapper.getEngineByType(3).get(0).get("version")).put("memory", map.get("mem")).put("cpu", map.get("cpu")).put("disk", map.get("disk")).put("timestamp", Long.valueOf(System.currentTimeMillis())).put("vuln_count", 0).build();
    }

    private Map<String, Object> defaultConf(String str) throws Exception {
        List<Map> list = (List) com.datacloudsec.scan.cache.Task.getInstance().getConfig().get(str);
        HashMap hashMap = new HashMap();
        for (Map map : list) {
            if (map.containsKey("childs")) {
                for (Map map2 : (List) map.get("childs")) {
                    String string = ObjectUtil.getString(map2.get("value"), "");
                    if ("select".equals(ObjectUtil.getString(map2.get("type"), ""))) {
                        hashMap.put(ObjectUtil.getString(map2.get("name"), ""), string.split("\\|")[0]);
                    } else {
                        hashMap.put(ObjectUtil.getString(map2.get("name"), ""), string);
                    }
                }
            } else {
                String string2 = ObjectUtil.getString(map.get("value"), "");
                if ("select".equals(ObjectUtil.getString(map.get("type"), ""))) {
                    hashMap.put(ObjectUtil.getString(map.get("name"), ""), string2.split("\\|")[0]);
                } else {
                    hashMap.put(ObjectUtil.getString(map.get("name"), ""), string2);
                }
            }
        }
        return hashMap;
    }

    private Map<String, Object> fileUplod(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!ServletFileUpload.isMultipartContent(httpServletRequest)) {
            throw new UEException("请求类型错误！");
        }
        ServletFileUpload servletFileUpload = new ServletFileUpload(new DiskFileItemFactory());
        servletFileUpload.setFileSizeMax(5242880L);
        servletFileUpload.setSizeMax(20971520L);
        servletFileUpload.setHeaderEncoding("UTF-8");
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        ArrayList arrayList = new ArrayList();
        try {
            for (FileItem fileItem : servletFileUpload.parseRequest(httpServletRequest)) {
                if (fileItem.isFormField()) {
                    hashMap2.put(fileItem.getFieldName(), fileItem.getString("UTF-8"));
                } else {
                    File file = new File(Constant.TEMP_DIR, new StringBuilder(String.valueOf(System.nanoTime())).toString());
                    fileItem.write(file);
                    fileItem.delete();
                    arrayList.add(ImmutableMap.builder().put("file", file).put("fileName", fileItem.getName()).build());
                }
            }
            hashMap.put("files", arrayList);
            hashMap.put("params", hashMap2);
            return hashMap;
        } catch (FileUploadException e) {
            throw e;
        } catch (Exception e2) {
            throw e2;
        }
    }
}
