package com.datacloudsec.scan.service.impl;

import com.datacloudsec.annotations.Transactional;
import com.datacloudsec.exception.UEException;
import com.datacloudsec.scan.common.Config;
import com.datacloudsec.scan.common.Constant;
import com.datacloudsec.scan.dao.DeviceGroupMapper;
import com.datacloudsec.scan.dao.DeviceMapper;
import com.datacloudsec.scan.dao.KeywordTempMapper;
import com.datacloudsec.scan.dao.LogMapper;
import com.datacloudsec.scan.dao.PwddicMapper;
import com.datacloudsec.scan.dao.WebBugMapper;
import com.datacloudsec.scan.dao.WebMapper;
import com.datacloudsec.scan.dao.WebProxyMapper;
import com.datacloudsec.scan.dao.WebTempMapper;
import com.datacloudsec.scan.entity.LicCmp;
import com.datacloudsec.scan.entity.Task;
import com.datacloudsec.scan.entity.User;
import com.datacloudsec.scan.service.IEngine;
import com.datacloudsec.scan.service.IReport;
import com.datacloudsec.scan.service.IUser;
import com.datacloudsec.scan.service.IWeb;
import com.datacloudsec.scan.tasks.InitSystemTask;
import com.datacloudsec.scan.tasks.scheduler.PeriodTask;
import com.datacloudsec.scan.tasks.scheduler.job.AlermJob;
import com.datacloudsec.scan.tasks.scheduler.job.ScanJob;
import com.datacloudsec.scan.tasks.scheduler.job.task.WebTask;
import com.datacloudsec.scan.tasks.scheduler.time.TimeIntervalHour;
import com.datacloudsec.scan.tasks.scheduler.time.TimeMonthly;
import com.datacloudsec.scan.tasks.scheduler.time.TimeMutilDay;
import com.datacloudsec.scan.tasks.scheduler.time.TimeWeek;
import com.datacloudsec.utils.ComonZipUtil;
import com.datacloudsec.utils.DataRule;
import com.datacloudsec.utils.IPUtil;
import com.datacloudsec.utils.InstanceUtil;
import com.datacloudsec.utils.JsonUtil;
import com.datacloudsec.utils.MybatisUtil;
import com.datacloudsec.utils.ObjectUtil;
import com.datacloudsec.utils.SecretUtil;
import com.datacloudsec.utils.SerializeUtil;
import com.fasterxml.jackson.core.type.TypeReference;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.regex.Pattern;
import javax.servlet.http.HttpSession;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.ibatis.session.SqlSession;
import org.apache.log4j.Logger;
import org.dom4j.Document;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import org.dom4j.io.OutputFormat;
import org.dom4j.io.XMLWriter;
import sun.misc.BASE64Encoder;

/* loaded from: input_file:com/datacloudsec/scan/service/impl/WebService.class */
public class WebService extends TaskBaseService implements IWeb {
    private Logger LOG = Logger.getLogger(WebService.class);
    private WebMapper webMapper = (WebMapper) InstanceUtil.newDaoInstance(WebMapper.class);
    private WebBugMapper webBugMapper = (WebBugMapper) InstanceUtil.newDaoInstance(WebBugMapper.class);
    private DeviceMapper deviceMapper = (DeviceMapper) InstanceUtil.newDaoInstance(DeviceMapper.class);
    private DeviceGroupMapper deviceGroupMapper = (DeviceGroupMapper) InstanceUtil.newDaoInstance(DeviceGroupMapper.class);
    private KeywordTempMapper keywordTempMapper = (KeywordTempMapper) InstanceUtil.newDaoInstance(KeywordTempMapper.class);
    private WebTempMapper webTempMapper = (WebTempMapper) InstanceUtil.newDaoInstance(WebTempMapper.class);
    private WebProxyMapper webProxyMapper = (WebProxyMapper) InstanceUtil.newDaoInstance(WebProxyMapper.class);
    private WebBugMapper bugMapper = (WebBugMapper) InstanceUtil.newDaoInstance(WebBugMapper.class);
    private IEngine engine = (IEngine) InstanceUtil.newServiceInstance(EngineService.class);
    private PwddicMapper pwddicMapper = (PwddicMapper) InstanceUtil.newDaoInstance(PwddicMapper.class);
    private LogMapper logMapper = (LogMapper) InstanceUtil.newDaoInstance(LogMapper.class);

    @Override // com.datacloudsec.scan.service.IWeb
    public void delete(HttpSession httpSession, Integer num, Integer num2) throws Exception {
        int intValue = this.webMapper.getWebTaskDevCount(num).intValue();
        if (intValue > 0) {
            throw new UEException("该任务中有" + intValue + "个资产正在扫描，请先停止该任务中所有正在扫描的资产再删除！");
        }
        delTask(httpSession, num, num2);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public Integer insert(HttpSession httpSession, String str, String str2, Integer num, String str3, String str4, Integer num2, String str5, String str6, String str7, Integer num3, String str8, String str9, String str10, String str11, String str12, String str13, String str14, Integer num4, Integer num5, String str15, String str16, String str17, String str18, Integer num6, String str19) throws Exception {
        Map params = InitSystemTask.licenseApp.getLicenseLic().getParams();
        String string = ObjectUtil.getString(params.get("cmp"), "");
        if (!string.contains("webscan")) {
            throw new UEException("网站任务未授权");
        }
        if (InitSystemTask.licenseApp.valudate(getLicCp(string, "webscan").getAuthDay()) != 0) {
            throw new UEException("网站任务授权已过期");
        }
        User user = null;
        try {
            user = (User) httpSession.getAttribute(IUser.USER_INFO);
            Integer taskCountByName = this.webMapper.getTaskCountByName(str, 0, user.getId(), null);
            if (taskCountByName != null && taskCountByName.intValue() > 0) {
                throw new UEException("任务名称已存在！");
            }
        } catch (Exception e) {
            Integer tcountForOthers = this.webMapper.getTcountForOthers(str, 0, null);
            if (tcountForOthers != null && tcountForOthers.intValue() > 0) {
                throw new UEException("任务名称已存在！");
            }
        }
        Integer add = add(null, str, str2, num, str3, str4, num2, str5, str6, str7, num3, str8, str9, str10, str11, str12, str13, str14, num4, num5, str15, null, 0, str16, str17, str18, num6, str19, httpSession);
        if (num.intValue() == 1) {
            boolean z = true;
            List<Map<String, Object>> taskDevByTid = this.webMapper.getTaskDevByTid(add);
            String str20 = (String) params.get("type");
            for (Map<String, Object> map : taskDevByTid) {
                Integer num7 = ObjectUtil.getInt(map.get("id"));
                try {
                    if ("tool".equalsIgnoreCase(str20)) {
                        startWeb(num7);
                    } else {
                        if (str3.contains("bug") || str3.contains(IReport.REPORT_TYPE_HORSE) || str3.contains("keyword") || str3.contains("fish")) {
                            startWeb(num7);
                        }
                        if (str3.contains("avail")) {
                            startAvail(num7);
                        }
                        if (str3.contains("tamper")) {
                            startTamper(num7);
                        }
                    }
                } catch (Exception e2) {
                    z = false;
                    this.LOG.error("立即扫描异常URL（" + map.get("url") + "）：", e2);
                }
            }
            if (z) {
                this.logMapper.insert(user == null ? "未登录" : user.getName(), "开始扫描网站任务", "", 1, "扫描成功");
            } else {
                this.logMapper.insert(user == null ? "未登录" : user.getName(), "开始扫描网站任务", "", 2, "扫描失败");
            }
        } else {
            if (str3.contains("bug") || str3.contains(IReport.REPORT_TYPE_HORSE) || str3.contains("keyword") || str3.contains("fish")) {
                startWebScanTimer(add, num, str9, num2, str4, str5, "bug");
            }
            if (str3.contains("tamper")) {
                startWebScanTimer(add, num, str10, num2, str4, str5, "tamper");
            }
            if (str3.contains("avail")) {
                startWebScanTimer(add, num, str11, num2, str4, str5, "avail");
            }
        }
        startWebAlermTimer(add, num2, str4, str5, "all");
        return add;
    }

    private Integer add(Integer num, String str, String str2, Integer num2, String str3, String str4, Integer num3, String str5, String str6, String str7, Integer num4, String str8, String str9, String str10, String str11, String str12, String str13, String str14, Integer num5, Integer num6, String str15, Integer num7, Integer num8, String str16, String str17, String str18, Integer num9, String str19, HttpSession httpSession) throws Exception {
        String urlFormat;
        Map params = InitSystemTask.licenseApp.getLicenseLic().getParams();
        LicCmp licCp = getLicCp(ObjectUtil.getString(params.get("cmp"), ""), "webscan");
        String str20 = (String) params.get("type");
        int maxdevice = licCp.getMaxdevice();
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        String ruleWhere = DataRule.getRuleWhere(httpSession, "t_task");
        ArrayList arrayList = new ArrayList();
        String string = ObjectUtil.getString(params.get("mod"), "");
        if (string.contains("bug") && str3.contains("bug")) {
            arrayList.add("bug");
        }
        if (string.contains("hidelink") && str3.contains(IReport.REPORT_TYPE_HORSE)) {
            arrayList.add(IReport.REPORT_TYPE_HORSE);
        }
        if (string.contains("keyword") && str3.contains("keyword")) {
            arrayList.add("keyword");
        }
        if (string.contains("tamper") && str3.contains("tamper")) {
            arrayList.add("tamper");
        }
        if (string.contains("usable") && str3.contains("avail")) {
            arrayList.add("avail");
        }
        if (string.contains("fish") && str3.contains("fish")) {
            arrayList.add("fish");
        }
        String join = StringUtils.join(arrayList, ",");
        Task task = new Task();
        task.setName(str);
        if (num != null) {
            task.setId(num);
        }
        task.setDesct(str2);
        task.setType(num2);
        task.setAlarmMethod(str4);
        task.setAlarmType(num3);
        task.setAlarmTime(str5);
        task.setMailAddr(str12);
        task.setSmsAddr(str13);
        task.setPeriodTime(str9);
        task.setTamperTime(str10);
        task.setAvailTime(str11);
        if (user != null) {
            task.setUid(user.getId());
        }
        task.setTaskType(num8);
        task.setVersion(num7);
        task.setRule(ruleWhere);
        task.setConfContent(str17);
        task.setDest(join);
        task.setTamper(str14);
        task.setSimilarity(num5);
        task.setHiddenLinkCheckDepth(num6);
        task.setKeyset(str15);
        task.setAvail(str16);
        task.setKid(num4);
        task.setWarningType(str18);
        task.setVal1(num9);
        task.setVal2(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()));
        task.setFtpReportType(str19);
        if (num != null) {
            task.setId(num);
        }
        if (task.getType().intValue() == 1 && "tool".equalsIgnoreCase(str20)) {
            task.setDest("bug");
            task.setTamper(null);
            task.setSimilarity(null);
            task.setHiddenLinkCheckDepth(null);
        }
        SqlSession sqlSession = null;
        try {
            try {
                SqlSession openSession = MybatisUtil.sqlSessionFactory.openSession();
                WebMapper webMapper = (WebMapper) openSession.getMapper(WebMapper.class);
                DeviceMapper deviceMapper = (DeviceMapper) openSession.getMapper(DeviceMapper.class);
                if (num == null) {
                    List<Map> list = (List) JsonUtil.MAPPER_ESCAPE_HTML.readValue(str8, ArrayList.class);
                    int i = 0;
                    for (Map map : list) {
                        if (map.containsKey("id")) {
                            Map<String, Object> devById = deviceMapper.getDevById(ObjectUtil.getInt(map.get("id")));
                            urlFormat = devById != null ? IPUtil.urlFormat(ObjectUtil.getString(((Map) ((Map) JsonUtil.MAPPER.readValue(ObjectUtil.getString(devById.get("confContent"), ""), HashMap.class)).get(ReportService.REPORT_STATE_SUCCESS)).get("url"), "")) : IPUtil.urlFormat(ObjectUtil.getString(map.get("url"), ""));
                        } else {
                            urlFormat = IPUtil.urlFormat(ObjectUtil.getString(map.get("url"), ""));
                        }
                        if (user != null && StringUtils.isNotBlank(user.getUrls()) && !Arrays.asList(user.getUrls().split("\n")).contains(urlFormat)) {
                            throw new UEException("网站地址【" + urlFormat + "】不在扫描范围内，可联系管理员授权扫描此IP");
                        }
                        i++;
                    }
                    if (maxdevice > 0 && webMapper.getCountByType(ReportService.REPORT_STATE_SUCCESS) + i > maxdevice) {
                        throw new UEException("当前资产数已达授权上限[" + maxdevice + "]");
                    }
                    webMapper.insert(task);
                    for (Map map2 : list) {
                        if (map2.containsKey("id")) {
                            Map<String, Object> devById2 = deviceMapper.getDevById(ObjectUtil.getInt(map2.get("id")));
                            if (devById2 != null) {
                                devById2.put("devgroup", ObjectUtil.getString(this.deviceGroupMapper.getDevGroupById(ObjectUtil.getInt(devById2.get("dgid"))).get("name"), ""));
                                devById2.put("type", 1);
                                devById2.put("taskId", task.getId());
                                devById2.put("did", ObjectUtil.getInt(devById2.get("id")));
                                Map map3 = (Map) ((Map) JsonUtil.MAPPER.readValue(ObjectUtil.getString(devById2.get("confContent"), ""), HashMap.class)).get(ReportService.REPORT_STATE_SUCCESS);
                                String urlFormat2 = IPUtil.urlFormat(ObjectUtil.getString(map3.get("url"), ""));
                                map3.put("whiteList", IPUtil.urlFormat(ObjectUtil.getString(map3.get("whiteList"), "")));
                                map3.put("url", urlFormat2);
                                devById2.put("ip", urlFormat2);
                                devById2.put("confContent", JsonUtil.MAPPER.writeValueAsString(map3));
                                webMapper.insertTaskDevice(devById2);
                            } else {
                                HashMap hashMap = new HashMap();
                                String urlFormat3 = IPUtil.urlFormat(ObjectUtil.getString(map2.get("url"), ""));
                                hashMap.put("name", urlFormat3.length() > 50 ? urlFormat3.substring(0, 50) : urlFormat3);
                                hashMap.put("type", 1);
                                hashMap.put("ip", ObjectUtil.getString(urlFormat3, "", 2000));
                                hashMap.put("taskId", task.getId());
                                hashMap.put("regionSid", Integer.valueOf((user == null || user.getRegionSid() == null) ? 110000 : user.getRegionSid().intValue()));
                                hashMap.put("regionCid", Integer.valueOf((user == null || user.getRegionCid() == null) ? 110101 : user.getRegionCid().intValue()));
                                hashMap.put("confContent", "{\"url\":\"" + urlFormat3 + "\"}");
                                webMapper.insertTaskDevice(hashMap);
                            }
                        } else {
                            HashMap hashMap2 = new HashMap();
                            String urlFormat4 = IPUtil.urlFormat(ObjectUtil.getString(map2.get("url"), ""));
                            hashMap2.put("name", urlFormat4.length() > 50 ? urlFormat4.substring(0, 50) : urlFormat4);
                            hashMap2.put("type", 1);
                            hashMap2.put("taskId", task.getId());
                            hashMap2.put("ip", ObjectUtil.getString(urlFormat4, "", 2000));
                            hashMap2.put("regionSid", Integer.valueOf((user == null || user.getRegionSid() == null) ? 110000 : user.getRegionSid().intValue()));
                            hashMap2.put("regionCid", Integer.valueOf((user == null || user.getRegionCid() == null) ? 110101 : user.getRegionCid().intValue()));
                            hashMap2.put("confContent", "{\"url\":\"" + urlFormat4 + "\",\"extraUrls\":\"" + ObjectUtil.getString(map2.get("extraUrls"), "") + "\"}");
                            webMapper.insertTaskDevice(hashMap2);
                        }
                    }
                } else {
                    Integer update = webMapper.update(task);
                    if (update != null && update.intValue() == 0) {
                        throw new UEException(UEException.VERSION_OLD);
                    }
                }
                if (user != null) {
                    if (StringUtils.isNotBlank(str6)) {
                        webMapper.delEmail(user.getId());
                        for (String str21 : str6.split(",")) {
                            webMapper.insertEmail(str21, user.getId());
                        }
                    }
                    if (StringUtils.isNotBlank(str7)) {
                        webMapper.delPhone(user.getId());
                        for (String str22 : str7.split(",")) {
                            webMapper.insertPhone(str22, user.getId());
                        }
                    }
                }
                openSession.commit();
                if (openSession != null) {
                    openSession.close();
                }
                return task.getId();
            } catch (Exception e) {
                if (0 != 0) {
                    sqlSession.rollback();
                }
                throw e;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                sqlSession.close();
            }
            throw th;
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void insertTaskDev(Map<String, Object> map) throws Exception {
        this.webMapper.insertTaskDevice(map);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void update(HttpSession httpSession, Integer num, String str, String str2, Integer num2, String str3, String str4, Integer num3, String str5, String str6, String str7, Integer num4, String str8, String str9, String str10, String str11, String str12, String str13, Integer num5, Integer num6, String str14, Integer num7, String str15, String str16, String str17, Integer num8, String str18) throws Exception {
        Integer taskCountByName = this.webMapper.getTaskCountByName(str, 0, ((User) httpSession.getAttribute(IUser.USER_INFO)).getId(), num);
        if (taskCountByName != null && taskCountByName.intValue() > 0) {
            throw new UEException("任务名称已存在！");
        }
        add(num, str, str2, num2, str3, str4, num3, str5, str6, str7, num4, null, str8, str9, str10, str11, str12, str13, num5, num6, str14, num7, 0, str15, str16, str17, num8, str18, httpSession);
        stopWebTimer(httpSession, num);
        if (num2.intValue() == 2) {
            if (str3.contains("bug") || str3.contains(IReport.REPORT_TYPE_HORSE) || str3.contains("keyword") || str3.contains("fish")) {
                startWebScanTimer(num, num2, str8, num3, str4, str5, "bug");
            }
            if (str3.contains("tamper")) {
                startWebScanTimer(num, num2, str9, num3, str4, str5, "tamper");
            }
            if (str3.contains("avail")) {
                startWebScanTimer(num, num2, str10, num3, str4, str5, "avail");
            }
        }
        startWebAlermTimer(num, num3, str4, str5, "all");
    }

    public void startWebScanTimer(Integer num, Integer num2, String str, Integer num3, String str2, String str3, String str4) throws Exception {
        if (num2.intValue() == 2) {
            String[] split = str.split(":");
            String str5 = "scan_" + str4 + num;
            if (str.charAt(0) == '0') {
                HashMap hashMap = new HashMap();
                hashMap.put("taskid", num);
                hashMap.put("scanType", str4);
                PeriodTask.getInstance().addJob(ScanJob.class, new TimeMonthly(ObjectUtil.getInt(split[1]).intValue(), ObjectUtil.getInt(split[2]).intValue(), ObjectUtil.getInt(split[3]).intValue()), str5, hashMap);
                return;
            }
            if (str.charAt(0) == '1') {
                HashMap hashMap2 = new HashMap();
                hashMap2.put("taskid", num);
                hashMap2.put("scanType", str4);
                PeriodTask.getInstance().addJob(ScanJob.class, new TimeWeek(ObjectUtil.getInt(split[1]).intValue(), ObjectUtil.getInt(split[2]).intValue(), ObjectUtil.getInt(split[3]).intValue()), str5, hashMap2);
                return;
            }
            if (str.charAt(0) == '2') {
                HashMap hashMap3 = new HashMap();
                hashMap3.put("taskid", num);
                hashMap3.put("scanType", str4);
                PeriodTask.getInstance().addJob(ScanJob.class, new TimeMutilDay(0, ObjectUtil.getInt(split[1]).intValue(), ObjectUtil.getInt(split[2]).intValue()), str5, hashMap3);
                return;
            }
            if (str.charAt(0) == '3') {
                HashMap hashMap4 = new HashMap();
                hashMap4.put("taskid", num);
                hashMap4.put("scanType", str4);
                PeriodTask.getInstance().addJob(ScanJob.class, new TimeMutilDay(ObjectUtil.getInt(split[1]).intValue(), ObjectUtil.getInt(split[2]).intValue(), ObjectUtil.getInt(split[3]).intValue()), str5, hashMap4);
                return;
            }
            if (str.charAt(0) == '4') {
                HashMap hashMap5 = new HashMap();
                hashMap5.put("taskid", num);
                hashMap5.put("scanType", str4);
                PeriodTask.getInstance().addJob(ScanJob.class, new TimeIntervalHour(ObjectUtil.getInt(split[1]).intValue(), ObjectUtil.getInt(split[2]).intValue(), 0), str5, hashMap5);
            }
        }
    }

    public void startWebAlermTimer(Integer num, Integer num2, String str, String str2, String str3) throws Exception {
        if (num2.intValue() == 2) {
            if (str.contains("mail") || str.contains("sms")) {
                String[] split = str2.split(":");
                HashMap hashMap = new HashMap();
                hashMap.put("taskid", num);
                hashMap.put("scanType", str3);
                PeriodTask.getInstance().addJob(AlermJob.class, new TimeMutilDay(0, ObjectUtil.getInt(split[0]).intValue(), ObjectUtil.getInt(split[1]).intValue()), "alerm_" + str3 + num, hashMap);
            }
        }
    }

    private void stopWebTimer(HttpSession httpSession, Integer num) throws Exception {
        if (num != null) {
            PeriodTask.getInstance().removeJob("alerm_all" + num);
            PeriodTask.getInstance().removeJob("scan_bug" + num);
            PeriodTask.getInstance().removeJob("scan_tamper" + num);
            PeriodTask.getInstance().removeJob("scan_avail" + num);
            return;
        }
        Iterator<Map<String, Object>> it = this.webMapper.searchTimer(null, DataRule.getRuleWhere(httpSession, "t_task")).iterator();
        while (it.hasNext()) {
            Object obj = it.next().get("id");
            PeriodTask.getInstance().removeJob("alerm_all" + obj);
            PeriodTask.getInstance().removeJob("scan_bug" + obj);
            PeriodTask.getInstance().removeJob("scan_tamper" + obj);
            PeriodTask.getInstance().removeJob("scan_avail" + obj);
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void startTamper(Integer num) throws Exception {
        Map<String, Object> taskDevById = this.webMapper.getTaskDevById(num);
        if (taskDevById == null) {
            throw new UEException("此任务已被其它用户删除！");
        }
        if (ObjectUtil.getInt(taskDevById.get("tamperStatus"), 1) != 1) {
            SqlSession sqlSession = null;
            try {
                try {
                    sqlSession = MybatisUtil.sqlSessionFactory.openSession(true);
                    WebBugMapper webBugMapper = (WebBugMapper) sqlSession.getMapper(WebBugMapper.class);
                    WebMapper webMapper = (WebMapper) sqlSession.getMapper(WebMapper.class);
                    webBugMapper.delUrlTamper2(num);
                    HashMap hashMap = new HashMap();
                    hashMap.put("tamperOffset", 0);
                    hashMap.put("tamperPro", 0);
                    hashMap.put("devid", num);
                    webMapper.updateTaskDevice(hashMap);
                    sqlSession.commit();
                    if (sqlSession != null) {
                        sqlSession.close();
                    }
                    Map<String, String> map = (Map) JsonUtil.MAPPER.readValue(ObjectUtil.getString(taskDevById.get("confContent"), "{}"), new TypeReference<Map<String, String>>() { // from class: com.datacloudsec.scan.service.impl.WebService.1
                    });
                    map.putAll((Map) JsonUtil.MAPPER.readValue(this.webMapper.getTaskById(ObjectUtil.getInt(taskDevById.get("taskId"))).getConfContent(), new TypeReference<Map<String, String>>() { // from class: com.datacloudsec.scan.service.impl.WebService.2
                    }));
                    map.put("scanMode", "ExploreOnly");
                    map.put("tamper", "yes");
                    map.put("policies", "None");
                    Integer num2 = ObjectUtil.getInt(map.get("proxy"));
                    if (num2 != null) {
                        map.putAll((Map) JsonUtil.MAPPER_ESCAPE_HTML.readValue(this.webProxyMapper.getPrxyConfigById(num2), HashMap.class));
                    }
                    try {
                        IEngine.EngineResult webScan = this.engine.webScan(ObjectUtil.getString(map.get("url"), null), ObjectUtil.getString(map.get("method"), null), ObjectUtil.getString(map.get("referer"), null), ObjectUtil.getString(map.get("body"), null), map);
                        if (webScan == null) {
                            HashMap hashMap2 = new HashMap();
                            hashMap2.put("devid", num);
                            hashMap2.put("tamperStatus", 4);
                            this.webMapper.updateTaskDevice(hashMap2);
                            return;
                        }
                        HashMap hashMap3 = new HashMap();
                        hashMap3.put("devid", num);
                        hashMap3.put("tamperEngineid", webScan.getEngineId());
                        hashMap3.put("tamperEid", Integer.valueOf(webScan.getLocalId()));
                        hashMap3.put("tamperStatus", 1);
                        hashMap3.put("tstartTime", new Date());
                        hashMap3.put("tScanCount", Integer.valueOf(ObjectUtil.getInt(taskDevById.get("tScanCount"), 0) + 1));
                        this.webMapper.updateTaskDevice(hashMap3);
                    } catch (Exception e) {
                        String message = e instanceof UEException ? e.getMessage() : "连接引擎出错";
                        HashMap hashMap4 = new HashMap();
                        hashMap4.put("tamperErr", message);
                        hashMap4.put("tamperStatus", 3);
                        hashMap4.put("devid", num);
                        this.webMapper.updateTaskDevice(hashMap4);
                        this.LOG.error("", e);
                    }
                } catch (Exception e2) {
                    sqlSession.rollback();
                    throw e2;
                }
            } catch (Throwable th) {
                if (sqlSession != null) {
                    sqlSession.close();
                }
                throw th;
            }
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void startAvail(Integer num) throws Exception {
        Map<String, Object> taskDevById = this.webMapper.getTaskDevById(num);
        if (taskDevById == null) {
            throw new UEException("此任务已被其它用户删除！");
        }
        if (ObjectUtil.getInt(taskDevById.get("availStatus"), 1) != 1) {
            HashMap hashMap = new HashMap();
            hashMap.put("availPro", 0);
            hashMap.put("devid", num);
            this.webMapper.updateTaskDevice(hashMap);
            Map<String, String> map = (Map) JsonUtil.MAPPER.readValue(ObjectUtil.getString(taskDevById.get("confContent"), "{}"), new TypeReference<Map<String, String>>() { // from class: com.datacloudsec.scan.service.impl.WebService.3
            });
            map.put("scanMode", "DetectOnly");
            map.put("policies", "None");
            Integer num2 = ObjectUtil.getInt(map.get("proxy"));
            if (num2 != null) {
                map.putAll((Map) JsonUtil.MAPPER_ESCAPE_HTML.readValue(this.webProxyMapper.getPrxyConfigById(num2), HashMap.class));
            }
            try {
                IEngine.EngineResult availScan = this.engine.availScan(ObjectUtil.getString(map.get("url"), null), ObjectUtil.getString(map.get("method"), null), ObjectUtil.getString(map.get("referer"), null), ObjectUtil.getString(map.get("body"), null), map);
                if (availScan == null) {
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put("devid", num);
                    hashMap2.put("availStatus", 4);
                    this.webMapper.updateTaskDevice(hashMap2);
                    return;
                }
                HashMap hashMap3 = new HashMap();
                hashMap3.put("devid", num);
                hashMap3.put("availEngineid", availScan.getEngineId());
                hashMap3.put("availEid", Integer.valueOf(availScan.getLocalId()));
                hashMap3.put("availStatus", 1);
                hashMap3.put("astartTime", new Date());
                hashMap3.put("aScanCount", Integer.valueOf(ObjectUtil.getInt(taskDevById.get("aScanCount"), 0) + 1));
                this.webMapper.updateTaskDevice(hashMap3);
            } catch (Exception e) {
                String message = e instanceof UEException ? e.getMessage() : "连接引擎出错";
                HashMap hashMap4 = new HashMap();
                hashMap4.put("availErr", message);
                hashMap4.put("availStatus", 3);
                hashMap4.put("devid", num);
                this.webMapper.updateTaskDevice(hashMap4);
                this.LOG.error("", e);
            }
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void startWeb(Integer num) throws Exception {
        Map<String, Object> taskDevById = this.webMapper.getTaskDevById(num);
        if (taskDevById == null) {
            throw new UEException("此任务已被其它用户删除！");
        }
        if (ObjectUtil.getInt(taskDevById.get("status"), 1) != 1) {
            Task taskById = this.webMapper.getTaskById(ObjectUtil.getInt(taskDevById.get("taskId")));
            SqlSession sqlSession = null;
            try {
                try {
                    sqlSession = MybatisUtil.sqlSessionFactory.openSession(true);
                    WebBugMapper webBugMapper = (WebBugMapper) sqlSession.getMapper(WebBugMapper.class);
                    WebMapper webMapper = (WebMapper) sqlSession.getMapper(WebMapper.class);
                    webBugMapper.delUrl2(num);
                    webBugMapper.delBug2(num);
                    HashMap hashMap = new HashMap();
                    hashMap.put("offset1", 0);
                    hashMap.put("offset2", 0);
                    hashMap.put("offset3", 0);
                    hashMap.put("progress", 0);
                    hashMap.put("devid", num);
                    webMapper.updateTaskDevice(hashMap);
                    sqlSession.commit();
                    if (sqlSession != null) {
                        sqlSession.close();
                    }
                    Map<? extends String, ? extends String> map = (Map) JsonUtil.MAPPER.readValue(taskById.getConfContent(), new TypeReference<Map<String, String>>() { // from class: com.datacloudsec.scan.service.impl.WebService.4
                    });
                    Map<String, String> map2 = (Map) JsonUtil.MAPPER.readValue(ObjectUtil.getString(taskDevById.get("confContent"), "{}"), new TypeReference<Map<String, String>>() { // from class: com.datacloudsec.scan.service.impl.WebService.5
                    });
                    List<Map<String, Object>> cookiesByDeviceid = this.deviceMapper.getCookiesByDeviceid(ObjectUtil.getInt(taskDevById.get("did")), null, null);
                    if (CollectionUtils.isNotEmpty(cookiesByDeviceid)) {
                        if (StringUtils.isNotBlank(map2.get("extraUrls"))) {
                            cookiesByDeviceid.addAll((Collection) JsonUtil.MAPPER_ESCAPE_HTML.readValue(map2.get("extraUrls"), List.class));
                        }
                        map.put("extraUrls", JsonUtil.MAPPER_ESCAPE_HTML.writeValueAsString(cookiesByDeviceid));
                    }
                    map2.putAll(map);
                    String str = map2.get("clientCertificate");
                    String str2 = map2.get("clientCertificateCert");
                    File file = new File(Constant.COMMON_DIR, "device");
                    if ("PEM".equalsIgnoreCase(str)) {
                        if (StringUtils.isNotBlank(str2)) {
                            map2.put("clientCertificateCert", FileUtils.readFileToString(new File(file, str2)));
                        }
                        String str3 = map2.get("clientCertificateKey");
                        if (StringUtils.isNotBlank(str3)) {
                            map2.put("clientCertificateKey", FileUtils.readFileToString(new File(file, str3)));
                        }
                    } else if ("PFX".equalsIgnoreCase(str) && StringUtils.isNotBlank(str2)) {
                        map2.put("clientCertificateCert", new BASE64Encoder().encode(FileUtils.readFileToByteArray(new File(file, str2))));
                    }
                    Integer num2 = ObjectUtil.getInt(map2.get("proxy"));
                    if (num2 != null) {
                        map2.putAll((Map) JsonUtil.MAPPER_ESCAPE_HTML.readValue(this.webProxyMapper.getPrxyConfigById(num2), HashMap.class));
                    }
                    String dest = taskById.getDest();
                    if (dest.contains("bug")) {
                        Integer num3 = ObjectUtil.getInt(map2.get("policies"));
                        if (num3 != null) {
                            map2.put("policies", ObjectUtil.getString(this.webTempMapper.getWebTempById(num3).get("name_en"), "").replace(",", "`"));
                        }
                    } else {
                        map2.put("policies", "None");
                    }
                    if (dest.contains(IReport.REPORT_TYPE_HORSE)) {
                        map2.put("Hiddenlink", "yes");
                        map2.put("hiddenLinkCheckDepth", new StringBuilder(String.valueOf(ObjectUtil.getInt(taskById.getHiddenLinkCheckDepth(), 2))).toString());
                    }
                    if (dest.contains("fish")) {
                        map2.put("FishingInspection", "yes");
                    }
                    if (dest.contains("keyword")) {
                        map2.put("KeyWords", "yes");
                        String str4 = null;
                        Integer kid = taskById.getKid();
                        if (kid.intValue() != 1) {
                            Map<String, Object> templateById = this.keywordTempMapper.getTemplateById(kid);
                            String string = ObjectUtil.getString(templateById.get("path"), "");
                            str4 = !"".equals(string) ? FileUtils.readFileToString(new File(Constant.KEYWORDS_DIC, string), "UTF-8") : ObjectUtil.getString(templateById.get("content"), "");
                        }
                        String keyset = taskById.getKeyset();
                        map2.put("keywordsCheckImage", keyset.contains("img") ? "Yes" : "No");
                        map2.put("keywordsCheckCard", keyset.contains("idCard") ? "Yes" : "No");
                        map2.put("keywords", str4 == null ? null : str4.replace("|", "\r\n"));
                    }
                    if (dest.equals("fish")) {
                        map2.put("scanMode", "TestOnly");
                    }
                    if (map2.containsKey("webpwds")) {
                        Map<String, Object> pwdGroupById = this.pwddicMapper.getPwdGroupById(ObjectUtil.getInt(map2.get("webpwds")));
                        if (MapUtils.isNotEmpty(pwdGroupById)) {
                            Map<String, Object> templateById2 = this.pwddicMapper.getTemplateById(ObjectUtil.getInt(pwdGroupById.get("upid")));
                            if (MapUtils.isNotEmpty(templateById2)) {
                                try {
                                    map2.put("usernames", FileUtils.readFileToString(new File(Constant.PWDDIC_DIC, ObjectUtil.getString(templateById2.get("path"), ""))));
                                } catch (Exception e) {
                                    map2.put("usernames", ObjectUtil.getString(templateById2.get("content"), ""));
                                }
                            }
                            Map<String, Object> templateById3 = this.pwddicMapper.getTemplateById(ObjectUtil.getInt(pwdGroupById.get("ppid")));
                            if (MapUtils.isNotEmpty(templateById3)) {
                                try {
                                    map2.put("passwords", FileUtils.readFileToString(new File(Constant.PWDDIC_DIC, ObjectUtil.getString(templateById3.get("path"), ""))));
                                } catch (Exception e2) {
                                    map2.put("passwords", ObjectUtil.getString(templateById3.get("content"), ""));
                                }
                            }
                        }
                    }
                    if (map2.containsKey("guesspaths") && StringUtils.isNotBlank(ObjectUtil.getString(map2.get("guesspaths"), ""))) {
                        map2.put("guesspaths", FileUtils.readFileToString(new File(Constant.GUESSPATHS_DIR, map2.get("guesspaths")), "UTF-8"));
                    }
                    String str5 = (String) InitSystemTask.licenseApp.getLicenseLic().getParams().get("type");
                    try {
                        IEngine.EngineResult webScan = this.engine.webScan(ObjectUtil.getString(map2.get("url"), null), ObjectUtil.getString(map2.get("method"), null), ObjectUtil.getString(map2.get("referer"), null), ObjectUtil.getString(map2.get("postBody"), null), map2);
                        if (webScan == null) {
                            HashMap hashMap2 = new HashMap();
                            hashMap2.put("devid", num);
                            hashMap2.put("status", 4);
                            if (taskById.getType().intValue() == 1 && "tool".equalsIgnoreCase(str5)) {
                                hashMap2.put("availStatus", 4);
                            }
                            this.webMapper.updateTaskDevice(hashMap2);
                            return;
                        }
                        HashMap hashMap3 = new HashMap();
                        hashMap3.put("devid", num);
                        hashMap3.put("engineId", webScan.getEngineId());
                        hashMap3.put("localEid", Integer.valueOf(webScan.getLocalId()));
                        hashMap3.put("status", 1);
                        hashMap3.put("startTime", new Date());
                        hashMap3.put("scanCount", Integer.valueOf(ObjectUtil.getInt(taskDevById.get("scanCount"), 0) + 1));
                        if (taskById.getType().intValue() == 1 && "tool".equalsIgnoreCase(str5)) {
                            hashMap3.put("availStatus", 1);
                            hashMap3.put("aScanCount", Integer.valueOf(ObjectUtil.getInt(taskDevById.get("aScanCount"), 0) + 1));
                        }
                        this.webMapper.updateTaskDevice(hashMap3);
                    } catch (Exception e3) {
                        String message = e3 instanceof UEException ? e3.getMessage() : "连接引擎出错";
                        HashMap hashMap4 = new HashMap();
                        hashMap4.put("error", message);
                        hashMap4.put("status", 3);
                        if (taskById.getType().intValue() == 1 && "tool".equalsIgnoreCase(str5)) {
                            hashMap4.put("availErr", message);
                            hashMap4.put("availStatus", 3);
                        }
                        hashMap4.put("devid", num);
                        this.webMapper.updateTaskDevice(hashMap4);
                        this.LOG.error("", e3);
                    }
                } catch (Throwable th) {
                    if (sqlSession != null) {
                        sqlSession.close();
                    }
                    throw th;
                }
            } catch (Exception e4) {
                sqlSession.rollback();
                throw e4;
            }
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void start(Integer num, Integer num2) throws Exception {
        Task taskById = this.webMapper.getTaskById(num2);
        String string = ObjectUtil.getString(InitSystemTask.licenseApp.getLicenseLic().getParams().get("type"), "");
        if (taskById.getType().intValue() == 1 && "tool".equalsIgnoreCase(string)) {
            try {
                startWeb(num);
                return;
            } catch (Exception e) {
                this.LOG.error("网站安全监控出错", e);
                return;
            }
        }
        try {
            if (taskById.getDest().contains("bug") || taskById.getDest().contains(IReport.REPORT_TYPE_HORSE) || taskById.getDest().contains("keyword") || taskById.getDest().contains("fish")) {
                startWeb(num);
            }
        } catch (Exception e2) {
            this.LOG.error("网站安全监控出错", e2);
        }
        try {
            if (taskById.getDest().contains("tamper")) {
                startTamper(num);
            }
        } catch (Exception e3) {
            this.LOG.error("篡改扫描出错", e3);
        }
        try {
            if (taskById.getDest().contains("avail")) {
                startAvail(num);
            }
        } catch (Exception e4) {
            this.LOG.error("可用性扫描出错", e4);
        }
    }

    private void stopWeb(Integer num, String str, Task task) throws Exception {
        Map<Object, Object> avail;
        Map<Object, Object> avail2;
        Map<String, Object> taskDevById = this.webMapper.getTaskDevById(num);
        if (taskDevById == null) {
            throw new UEException("此任务已被其它用户删除！");
        }
        Object obj = "";
        Object obj2 = "";
        Object obj3 = "";
        int i = 0;
        if ("bug".equals(str) || "onceBug".equals(str)) {
            obj = "engineId";
            obj2 = "localEid";
            obj3 = "status";
            i = ObjectUtil.getInt(taskDevById.get("scanCount"), 0);
        } else if ("tamper".equals(str)) {
            obj = "tamperEngineid";
            obj2 = "tamperEid";
            obj3 = "tamperStatus";
            i = ObjectUtil.getInt(taskDevById.get("tScanCount"), 0);
        } else if ("avail".equals(str)) {
            obj = "availEngineid";
            obj2 = "availEid";
            obj3 = "availStatus";
            i = ObjectUtil.getInt(taskDevById.get("aScanCount"), 0);
        }
        String string = ObjectUtil.getString(taskDevById.get(obj), null);
        int i2 = ObjectUtil.getInt(taskDevById.get(obj3), 0);
        Object obj4 = obj3;
        if (i2 == 1 || i2 == 4) {
            try {
                this.engine.webStop(string, ObjectUtil.getInt(taskDevById.get(obj2)).intValue());
                HashMap hashMap = new HashMap();
                hashMap.put("devid", num);
                hashMap.put(obj4, 0);
                if (task.getType().intValue() == 1) {
                    hashMap.put("tamperStatus", 0);
                    hashMap.put("availStatus", 0);
                }
                this.webMapper.updateTaskDevice(hashMap);
                if ("onceBug".equals(str)) {
                    if (i != 1) {
                        this.bugMapper.delUrl(num);
                        List<Map<String, Object>> bugByDev = this.bugMapper.getBugByDev(num);
                        this.bugMapper.delBug(num);
                        this.bugMapper.copyUrl2ToUrl(num);
                        this.bugMapper.copyResult(num);
                        this.bugMapper.delUrl2(num);
                        this.bugMapper.delBug2(num);
                        if (bugByDev != null && bugByDev.size() > 0) {
                            this.bugMapper.insertBug2(bugByDev);
                        }
                        File file = task.getType().intValue() == 1 ? Constant.WEB_SCAN_URL : Constant.WEB_SCAN_BUGURL;
                        FileUtils.deleteDirectory(new File(file, new StringBuilder().append(num).toString()));
                        new File(file, WebTask.TEMP_FILE_NAME + num).renameTo(new File(file, new StringBuilder().append(num).toString()));
                        FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_BUG, WebTask.OLD_BUG_NAME + num));
                        new File(Constant.WEB_SCAN_BUG, new StringBuilder().append(num).toString()).renameTo(new File(Constant.WEB_SCAN_BUG, WebTask.OLD_BUG_NAME + num));
                        new File(Constant.WEB_SCAN_BUG, WebTask.TEMP_FILE_NAME + num).renameTo(new File(Constant.WEB_SCAN_BUG, new StringBuilder().append(num).toString()));
                    }
                    Date date = new Date();
                    for (Map<Object, Object> map : this.bugMapper.bugStatistics(num)) {
                        this.bugMapper.saveStatistics(num, Integer.valueOf(ObjectUtil.getInt(map.get("type"), 0)), ObjectUtil.getLong(map.get("num"), 0L), date);
                    }
                    boolean z = false;
                    Map<Object, Object> availNoAccess = this.bugMapper.getAvailNoAccess(num);
                    if (availNoAccess != null && availNoAccess.size() > 0) {
                        if (this.bugMapper.availNoAccessCount(num) >= 50) {
                            this.bugMapper.delOneNoAccessSta(num);
                        }
                        this.bugMapper.insertAvailSta(availNoAccess);
                        z = true;
                    }
                    if (!z && (avail2 = this.bugMapper.getAvail(num)) != null && avail2.size() > 0) {
                        if (this.bugMapper.availStaCount(num) >= 10) {
                            this.bugMapper.delOneAvailSta(num);
                        }
                        this.bugMapper.insertAvailSta(avail2);
                    }
                    sbrOemXml(num);
                    return;
                }
                if ("bug".equals(str)) {
                    if (i != 1) {
                        this.bugMapper.delUrl(num);
                        List<Map<String, Object>> bugByDev2 = this.bugMapper.getBugByDev(num);
                        this.bugMapper.delBug(num);
                        this.bugMapper.copyUrl2ToUrl(num);
                        this.bugMapper.copyResult(num);
                        this.bugMapper.delUrl2(num);
                        this.bugMapper.delBug2(num);
                        if (bugByDev2 != null && bugByDev2.size() > 0) {
                            this.bugMapper.insertBug2(bugByDev2);
                        }
                        FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_BUGURL, new StringBuilder().append(num).toString()));
                        new File(Constant.WEB_SCAN_BUGURL, WebTask.TEMP_FILE_NAME + num).renameTo(new File(Constant.WEB_SCAN_BUGURL, new StringBuilder().append(num).toString()));
                        FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_BUG, WebTask.OLD_BUG_NAME + num));
                        new File(Constant.WEB_SCAN_BUG, new StringBuilder().append(num).toString()).renameTo(new File(Constant.WEB_SCAN_BUG, WebTask.OLD_BUG_NAME + num));
                        new File(Constant.WEB_SCAN_BUG, WebTask.TEMP_FILE_NAME + num).renameTo(new File(Constant.WEB_SCAN_BUG, new StringBuilder().append(num).toString()));
                    }
                    Date date2 = new Date();
                    for (Map<Object, Object> map2 : this.bugMapper.bugStatistics(num)) {
                        this.bugMapper.saveStatistics(num, Integer.valueOf(ObjectUtil.getInt(map2.get("type"), 0)), ObjectUtil.getLong(map2.get("num"), 0L), date2);
                    }
                    sbrOemXml(num);
                    return;
                }
                if ("tamper".equals(str)) {
                    if (i != 1) {
                        this.bugMapper.delUrlTamper(num);
                        this.bugMapper.copyUrlTamper(num);
                        this.bugMapper.delUrlTamper2(num);
                        FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_URL, new StringBuilder().append(num).toString()));
                        new File(Constant.WEB_SCAN_URL, WebTask.TEMP_FILE_NAME + num).renameTo(new File(Constant.WEB_SCAN_URL, new StringBuilder().append(num).toString()));
                        return;
                    }
                    return;
                }
                if ("avail".equals(str)) {
                    boolean z2 = false;
                    Map<Object, Object> availNoAccess2 = this.bugMapper.getAvailNoAccess(num);
                    if (availNoAccess2 != null && availNoAccess2.size() > 0) {
                        if (this.bugMapper.availNoAccessCount(num) >= 50) {
                            this.bugMapper.delOneNoAccessSta(num);
                        }
                        this.bugMapper.insertAvailSta(availNoAccess2);
                        z2 = true;
                    }
                    if (z2 || (avail = this.bugMapper.getAvail(num)) == null || avail.size() <= 0) {
                        return;
                    }
                    if (this.bugMapper.availStaCount(num) >= 10) {
                        this.bugMapper.delOneAvailSta(num);
                    }
                    this.bugMapper.insertAvailSta(avail);
                }
            } catch (Exception e) {
                this.LOG.error("网站扫描引擎停止错误：", e);
                throw e;
            }
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void stop(Integer num, Integer num2) throws Exception {
        stopDev(num, num2);
        Map<String, Object> waitingDev = this.bugMapper.getWaitingDev(num);
        if (waitingDev == null || waitingDev.size() <= 0) {
            return;
        }
        if (ObjectUtil.getInt(waitingDev.get("scanType")).intValue() == 1) {
            start(ObjectUtil.getInt(waitingDev.get("id")), ObjectUtil.getInt(waitingDev.get("taskId")));
            return;
        }
        String string = ObjectUtil.getString(waitingDev.get("dest"), "");
        int intValue = ObjectUtil.getInt(waitingDev.get("status")).intValue();
        int intValue2 = ObjectUtil.getInt(waitingDev.get("tamperStatus")).intValue();
        int intValue3 = ObjectUtil.getInt(waitingDev.get("availStatus")).intValue();
        if (string.contains("avail") && intValue3 == 4) {
            startAvail(num);
        }
        if (string.contains("bug") && intValue == 4) {
            startWeb(num);
        }
        if (string.contains("tamper") && intValue2 == 4) {
            startTamper(num);
        }
    }

    private void stopDev(Integer num, Integer num2) throws Exception {
        Task taskById = this.webMapper.getTaskById(num2);
        String str = (String) InitSystemTask.licenseApp.getLicenseLic().getParams().get("type");
        if (taskById.getType().intValue() == 1 && "tool".equalsIgnoreCase(str)) {
            try {
                stopWeb(num, "onceBug", taskById);
                return;
            } catch (Exception e) {
                if (!(e instanceof UEException)) {
                    throw new UEException("停止网站安全监控出错", e);
                }
                throw e;
            }
        }
        try {
            stopWeb(num, "bug", taskById);
            try {
                stopWeb(num, "tamper", taskById);
                try {
                    stopWeb(num, "avail", taskById);
                } catch (Exception e2) {
                    if (!(e2 instanceof UEException)) {
                        throw new UEException("停止可用性监控出错", e2);
                    }
                    throw e2;
                }
            } catch (Exception e3) {
                if (!(e3 instanceof UEException)) {
                    throw new UEException("停止篡改监控出错", e3);
                }
                throw e3;
            }
        } catch (Exception e4) {
            if (!(e4 instanceof UEException)) {
                throw new UEException("停止网站安全监控出错", e4);
            }
            throw e4;
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void startScanTask(Integer num) throws Exception {
        List<Map<String, Object>> taskDevByTid = this.webMapper.getTaskDevByTid(num);
        if (taskDevByTid == null) {
            throw new UEException("此任务已被其它用户删除！");
        }
        Iterator<Map<String, Object>> it = taskDevByTid.iterator();
        while (it.hasNext()) {
            start(ObjectUtil.getInt(it.next().get("id")), num);
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void startScanTask(Integer num, String str) throws Exception {
        List<Map<String, Object>> taskDevByTid = this.webMapper.getTaskDevByTid(num);
        if (taskDevByTid == null) {
            throw new UEException("此任务已被其它用户删除！");
        }
        for (Map<String, Object> map : taskDevByTid) {
            if (str.equals("bug")) {
                startWeb(ObjectUtil.getInt(map.get("id")));
            } else if (str.equals("tamper")) {
                startTamper(ObjectUtil.getInt(map.get("id")));
            } else if (str.equals("avail")) {
                startAvail(ObjectUtil.getInt(map.get("id")));
            }
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void stopScanTask(Integer num) throws Exception {
        List<Map<String, Object>> needStopTaskDevs = this.webMapper.getNeedStopTaskDevs(num);
        if (needStopTaskDevs == null) {
            throw new UEException("此任务已被其它用户删除！");
        }
        for (Map<String, Object> map : needStopTaskDevs) {
            Integer num2 = ObjectUtil.getInt(map.get("id"));
            try {
                int i = ObjectUtil.getInt(map.get("status"), 0);
                int i2 = ObjectUtil.getInt(map.get("tamperStatus"), 0);
                if (i == 4 || i2 == 4) {
                    map.put("status", 0);
                    map.put("tamperStatus", 0);
                    map.put("availStatus", 0);
                    map.put("devid", num2);
                    this.webMapper.updateTaskDevice(map);
                } else {
                    stopDev(num2, num);
                }
            } catch (Exception e) {
                if (!(e instanceof UEException)) {
                    throw new UEException("停止出错", e);
                }
                throw e;
            }
        }
        if (ObjectUtil.getInt(this.webMapper.getTaskById(num).getAlarmType(), 0) == 1) {
            AlermJob.alermTask(num);
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void delDev(Integer num) throws Exception {
        Map<String, Object> taskDevById = this.webMapper.getTaskDevById(num);
        if (1 == ObjectUtil.getInt(taskDevById.get("status")).intValue() || 1 == ObjectUtil.getInt(taskDevById.get("tamperStatus")).intValue() || 1 == ObjectUtil.getInt(taskDevById.get("availStatus")).intValue()) {
            throw new UEException("正在扫描，请先停止后再删除！");
        }
        String string = ObjectUtil.getString(taskDevById.get("engineId"), "");
        if (StringUtils.isNotBlank(string)) {
            this.engine.webDelete(string, ObjectUtil.getInt(taskDevById.get("localEid")).intValue());
        }
        SqlSession sqlSession = null;
        try {
            try {
                sqlSession = MybatisUtil.sqlSessionFactory.openSession(true);
                WebBugMapper webBugMapper = (WebBugMapper) sqlSession.getMapper(WebBugMapper.class);
                WebMapper webMapper = (WebMapper) sqlSession.getMapper(WebMapper.class);
                webBugMapper.delAvail(num);
                webBugMapper.delUrl(num);
                webBugMapper.delUrl2(num);
                webBugMapper.delBug(num);
                webBugMapper.delBug2(num);
                webBugMapper.delTamper(num);
                webBugMapper.delUrlTamper(num);
                webBugMapper.delUrlTamper2(num);
                webMapper.delTaskDevById(num);
                sqlSession.commit();
                if (sqlSession != null) {
                    sqlSession.close();
                }
                FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_URL, new StringBuilder().append(num).toString()));
                FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_BUG, new StringBuilder().append(num).toString()));
                FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_BUG, WebTask.OLD_BUG_NAME + num));
                FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_TAMPER, new StringBuilder().append(num).toString()));
                FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_BUGURL, new StringBuilder().append(num).toString()));
            } catch (Exception e) {
                if (sqlSession != null) {
                    sqlSession.rollback();
                }
                throw e;
            }
        } catch (Throwable th) {
            if (sqlSession != null) {
                sqlSession.close();
            }
            throw th;
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void addDev(HttpSession httpSession, String str, Integer num) throws Exception {
        String[] split = str.split(",");
        int maxdevice = getLicCp(ObjectUtil.getString(InitSystemTask.licenseApp.getLicenseLic().getParams().get("cmp"), ""), "webscan").getMaxdevice();
        int length = split.length;
        if (maxdevice > 0 && this.webMapper.getCountByType(ReportService.REPORT_STATE_SUCCESS) + length > maxdevice) {
            throw new UEException("当前资产数已达授权上限[" + maxdevice + "]");
        }
        ArrayList arrayList = new ArrayList();
        for (String str2 : split) {
            Map<String, Object> devById = this.deviceMapper.getDevById(ObjectUtil.getInt(str2));
            devById.put("taskId", num);
            devById.put("type", 1);
            devById.put("confContent", JsonUtil.MAPPER.writeValueAsString(((Map) JsonUtil.MAPPER.readValue(ObjectUtil.getString(devById.get("confContent"), ""), HashMap.class)).get(ReportService.REPORT_STATE_SUCCESS)));
            this.webMapper.insertTaskDevice(devById);
            arrayList.add(ObjectUtil.getInt(devById.get("id")));
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            Map<String, Object> taskDevById = this.webMapper.getTaskDevById((Integer) it.next());
            Task taskById = this.webMapper.getTaskById(num);
            if (taskById != null && taskById.getType().intValue() == 1) {
                User user = (User) httpSession.getAttribute(IUser.USER_INFO);
                boolean z = true;
                try {
                    startWeb(ObjectUtil.getInt(taskDevById.get("id")));
                } catch (Exception e) {
                    z = false;
                    this.LOG.error("扫描出错", e);
                }
                if (z) {
                    this.logMapper.insert(user == null ? "未登录" : user.getName(), "开始扫描网站安全监控任务", "", 1, "扫描成功");
                } else {
                    this.logMapper.insert(user == null ? "未登录" : user.getName(), "开始扫描网站安全监控任务", "", 2, "扫描失败");
                }
            }
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void manualAddWeb(HttpSession httpSession, String str, Integer num) throws Exception {
        int maxdevice = getLicCp(ObjectUtil.getString(InitSystemTask.licenseApp.getLicenseLic().getParams().get("cmp"), ""), "webscan").getMaxdevice();
        if (maxdevice > 0 && this.webMapper.getCountByType(ReportService.REPORT_STATE_SUCCESS) + 1 > maxdevice) {
            throw new UEException("当前资产数已达授权上限[" + maxdevice + "]");
        }
        Task taskById = this.webMapper.getTaskById(num);
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        HashMap hashMap = new HashMap();
        hashMap.put("name", str.length() > 50 ? str.substring(0, 50) : str);
        hashMap.put("type", 1);
        hashMap.put("taskId", num);
        hashMap.put("ip", str);
        hashMap.put("regionCid", user.getRegionCid());
        hashMap.put("regionSid", Integer.valueOf(user.getRegionSid() == null ? 110000 : user.getRegionSid().intValue()));
        hashMap.put("confContent", "{\"url\":\"" + str + "\"}");
        this.webMapper.insertTaskDevice(hashMap);
        if (taskById == null || taskById.getType().intValue() != 1) {
            return;
        }
        boolean z = true;
        try {
            startWeb(ObjectUtil.getInt(hashMap.get("id")));
        } catch (Exception e) {
            z = false;
            this.LOG.error("扫描出错", e);
        }
        if (z) {
            this.logMapper.insert(user == null ? "未登录" : user.getName(), "开始扫描网站安全监控任务", "", 1, "扫描成功");
        } else {
            this.logMapper.insert(user == null ? "未登录" : user.getName(), "开始扫描网站安全监控任务", "", 2, "扫描失败");
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> getDevDetailByTid(Integer num) throws Exception {
        return this.webMapper.getDevDetailByTid(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> getBugByTWidAndType(Integer num, Integer num2) throws Exception {
        return this.webMapper.getBugByTWidAndType(num, num2);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> getTamperByTWid(Integer num) throws Exception {
        return this.webMapper.getTamperByTWid(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public Map<String, Object> getAvailByTWid(Integer num) throws Exception {
        return this.webMapper.getAvailByTWid(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> bugCount(Integer num) throws Exception {
        return this.webMapper.bugCount(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<String> getBugTimeByTwid(Integer num) throws Exception {
        return this.webMapper.getBugTimeByTwid(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> getBugStaByTwid(Integer num) throws Exception {
        return this.webMapper.getBugStaByTwid(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> webStruct(Integer num, String[] strArr) throws Exception {
        List<Map<String, Object>> webStruct = this.webMapper.webStruct(num, strArr);
        Collections.sort(webStruct, new Comparator<Map<String, Object>>() { // from class: com.datacloudsec.scan.service.impl.WebService.6
            @Override // java.util.Comparator
            public int compare(Map<String, Object> map, Map<String, Object> map2) {
                return ObjectUtil.getString(map.get("url"), "").toUpperCase().compareTo(ObjectUtil.getString(map2.get("url"), "").toUpperCase());
            }
        });
        return webStruct;
    }

    private void delTask(HttpSession httpSession, Integer num, Integer num2) throws Exception {
        File file;
        List<Map<String, Object>> taskDevByTid = this.webMapper.getTaskDevByTid(num);
        Exception exc = null;
        int i = 0;
        for (Map<String, Object> map : taskDevByTid) {
            try {
                String string = ObjectUtil.getString(map.get("engineId"), "");
                if (StringUtils.isNotBlank(string)) {
                    this.engine.webDelete(string, ObjectUtil.getInt(map.get("localEid")).intValue());
                }
                i++;
            } catch (Exception e) {
                this.LOG.error("", e);
                exc = e;
            }
        }
        if (i == 0) {
            throw exc;
        }
        Iterator<Map<String, Object>> it = taskDevByTid.iterator();
        while (it.hasNext()) {
            Integer num3 = ObjectUtil.getInt(it.next().get("id"));
            this.webBugMapper.delAvail(num3);
            this.webBugMapper.delAvailSta(num3);
            this.webBugMapper.delUrl(num3);
            this.webBugMapper.delUrl2(num3);
            this.webBugMapper.delBug(num3);
            this.webBugMapper.delBug2(num3);
            this.webBugMapper.delTamper(num3);
            this.webBugMapper.delUrlTamper(num3);
            this.webBugMapper.delUrlTamper2(num3);
            this.webBugMapper.clearStatistics(num3);
            FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_URL, new StringBuilder().append(num3).toString()));
            FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_BUG, new StringBuilder().append(num3).toString()));
            FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_BUG, WebTask.OLD_BUG_NAME + num3));
            FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_TAMPER, new StringBuilder().append(num3).toString()));
            FileUtils.deleteDirectory(new File(Constant.WEB_SCAN_BUGURL, new StringBuilder().append(num3).toString()));
        }
        String confContent = this.webMapper.getTaskById(num).getConfContent();
        if (StringUtils.isNotBlank(confContent)) {
            Map map2 = (Map) JsonUtil.MAPPER.readValue(confContent, Map.class);
            String string2 = ObjectUtil.getString(map2.get("guesspaths"), "");
            if (map2.containsKey("guesspaths") && StringUtils.isNotBlank(string2) && (file = new File(Constant.GUESSPATHS_DIR, string2)) != null && file.exists()) {
                file.delete();
            }
        }
        stopWebTimer(httpSession, num);
        this.webMapper.delTaskDevByTid(num);
        if (Integer.valueOf(this.webMapper.delete(num, num2, DataRule.getRuleWhere(httpSession, "t_task"))).intValue() == 0) {
            throw new UEException(UEException.VERSION_OLD);
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public Map<String, Object> getKeywordsByTid(Integer num) throws Exception {
        return this.webMapper.getKeywordsByTid(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public Map<String, Object> getBugById(Integer num) throws Exception {
        return this.webMapper.getBugById(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public Map<String, Object> getTamperById(Integer num) throws Exception {
        return this.webMapper.getTamperById(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> fishBug(Integer num) throws Exception {
        return this.webMapper.fishBug(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> newBug(Integer num) throws Exception {
        return this.webMapper.newBug(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> recovered(Integer num) throws Exception {
        return this.webMapper.recovered(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public Map<String, Object> getBug2ById(Integer num) throws Exception {
        return this.webMapper.getBug2ById(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public int markBugErr(Integer num, Integer num2) throws Exception {
        return this.webMapper.markBugErr(num, num2);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public File webBackup(Integer num) throws Exception {
        File file = new File(Constant.TEMP_DIR, new StringBuilder(String.valueOf(System.nanoTime())).toString());
        if (!file.exists()) {
            file.mkdirs();
        }
        File file2 = new File(Constant.TEMP_DIR, String.valueOf(System.nanoTime()) + ".webtask");
        try {
            try {
                SerializeUtil.serializeObj(new File(file, "task.backup"), this.webMapper.getTaskById(num));
                for (Map<String, Object> map : this.webMapper.getTaskDevByTid(num)) {
                    Integer num2 = ObjectUtil.getInt(map.get("id"));
                    File file3 = new File(file, new StringBuilder().append(num2).toString());
                    if (!file3.exists()) {
                        file3.mkdirs();
                    }
                    SerializeUtil.serializeObj(new File(file3, "dev.backup"), map);
                    SerializeUtil.serializeObj(new File(file3, "sta.backup"), this.webMapper.getBugStaByDevId(num2));
                    SerializeUtil.serializeObj(new File(file3, "avail.backup"), this.webMapper.getAvailByTWid(num2));
                    SerializeUtil.serializeObj(new File(file3, "availsta.backup"), this.webMapper.getAvailStaByDevId(num2));
                    List<Map<String, Object>> bugByDevid = this.webMapper.getBugByDevid(num2);
                    if (bugByDevid != null && bugByDevid.size() > 0) {
                        File file4 = new File(file3, "bug");
                        if (!file4.exists()) {
                            file4.mkdirs();
                        }
                        FileUtils.copyDirectory(new File(Constant.WEB_SCAN_BUG, new StringBuilder().append(num2).toString()), file4);
                        SerializeUtil.serializeObj(new File(file3, "bug.backup"), bugByDevid);
                    }
                    List<Map<String, Object>> bug2ByDevid = this.webMapper.getBug2ByDevid(num2);
                    if (bug2ByDevid != null && bug2ByDevid.size() > 0) {
                        File file5 = new File(file3, "bug2");
                        if (!file5.exists()) {
                            file5.mkdirs();
                        }
                        FileUtils.copyDirectory(new File(Constant.WEB_SCAN_BUG, WebTask.OLD_BUG_NAME + num2), file5);
                        SerializeUtil.serializeObj(new File(file3, "bug2.backup"), bug2ByDevid);
                    }
                    List<Map<String, Object>> urlByDevid = this.webMapper.getUrlByDevid(num2);
                    if (urlByDevid != null && urlByDevid.size() > 0) {
                        File file6 = new File(file3, "url");
                        if (!file6.exists()) {
                            file6.mkdirs();
                        }
                        File file7 = new File(Constant.WEB_SCAN_URL, new StringBuilder().append(num2).toString());
                        if (file7 != null && file7.exists()) {
                            FileUtils.copyDirectory(file7, file6);
                            SerializeUtil.serializeObj(new File(file3, "url.backup"), urlByDevid);
                        }
                        File file8 = new File(Constant.WEB_SCAN_BUGURL, new StringBuilder().append(num2).toString());
                        if (file8 != null && file8.exists()) {
                            File file9 = new File(file3, "bugurl");
                            if (!file9.exists()) {
                                file9.mkdirs();
                            }
                            FileUtils.copyDirectory(file8, file9);
                        }
                    }
                    List<Map<String, Object>> tamperByDevid = this.webMapper.getTamperByDevid(num2);
                    if (tamperByDevid != null && tamperByDevid.size() > 0) {
                        File file10 = new File(file3, "tamper");
                        if (!file10.exists()) {
                            file10.mkdirs();
                        }
                        FileUtils.copyDirectory(new File(Constant.WEB_SCAN_TAMPER, new StringBuilder().append(num2).toString()), file10);
                        SerializeUtil.serializeObj(new File(file3, "tamper.backup"), tamperByDevid);
                    }
                }
                ComonZipUtil.zip(file.getPath(), file2.getPath());
                return file2;
            } catch (Exception e) {
                throw e;
            }
        } finally {
            if (file != null && file.exists()) {
                FileUtils.deleteDirectory(file);
            }
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    @Transactional
    public void webRestore(HttpSession httpSession, File file) throws Exception {
        File file2 = new File(Constant.COMMON_DIR, new StringBuilder(String.valueOf(System.nanoTime())).toString());
        ComonZipUtil.unzip(file, file2);
        Task task = (Task) SerializeUtil.deserializeObj(new File(file2, "task.backup"));
        Integer taskCountByName = this.webMapper.getTaskCountByName(task.getName(), 0, ((User) httpSession.getAttribute(IUser.USER_INFO)).getId(), null);
        if (taskCountByName != null && taskCountByName.intValue() > 0) {
            throw new UEException("webTaskAlready:" + file2.getName());
        }
        try {
            restore(file2, task);
        } catch (Exception e) {
            FileUtils.deleteDirectory(file2);
            throw e;
        }
    }

    private void restore(File file, Task task) throws Exception {
        Map<String, Object> map;
        if (file == null || task == null) {
            return;
        }
        this.webMapper.insert(task);
        for (File file2 : file.listFiles()) {
            if (!file2.getName().equals("task.backup") && (map = (Map) SerializeUtil.deserializeObj(new File(file2, "dev.backup"))) != null) {
                map.put("taskId", task.getId());
                this.webMapper.inserTaskDevById(map);
                Integer num = ObjectUtil.getInt(map.get("id"));
                Map map2 = (Map) SerializeUtil.deserializeObj(new File(file2, "avail.backup"));
                if (map2 != null && map2.size() > 0) {
                    this.bugMapper.insertAvail(num, ObjectUtil.getString(map2.get("code"), ""), ObjectUtil.getInt(map2.get("status")), ObjectUtil.getInt(map2.get("dnsTime")), ObjectUtil.getInt(map2.get("connectTime")), ObjectUtil.getInt(map2.get("responseTime")), ObjectUtil.getInt(map2.get("type")), ObjectUtil.getString(map2.get("remoteIp"), ""), ObjectUtil.getString(map2.get("preRemoteIp"), ""), ObjectUtil.getString(map2.get("server"), ""), ObjectUtil.getString(map2.get("xpowerdby"), ""), ObjectUtil.getString(map2.get("title"), ""));
                }
                List<Map<String, Object>> list = (List) SerializeUtil.deserializeObj(new File(file2, "availsta.backup"));
                if (CollectionUtils.isNotEmpty(list)) {
                    this.webMapper.insertAvailStas(num, list);
                }
                List<Map<String, Object>> list2 = (List) SerializeUtil.deserializeObj(new File(file2, "sta.backup"));
                if (CollectionUtils.isNotEmpty(list2)) {
                    this.webMapper.insertWebSta(num, list2);
                }
                List<Map<String, Object>> list3 = (List) SerializeUtil.deserializeObj(new File(file2, "tamper.backup"));
                if (CollectionUtils.isNotEmpty(list3)) {
                    this.webMapper.inserWebTamper(num, list3);
                    FileUtils.copyDirectory(new File(file2, "tamper"), new File(Constant.WEB_SCAN_TAMPER, new StringBuilder().append(num).toString()));
                }
                List<Map<String, Object>> list4 = (List) SerializeUtil.deserializeObj(new File(file2, "bug.backup"));
                if (list4 != null && list4.size() > 0) {
                    for (Map<String, Object> map3 : list4) {
                        String string = ObjectUtil.getString(map3.get("rawDataPath"), "");
                        if (!"".equals(string)) {
                            map3.put("rawDataPath", num + "/" + string.split("/")[1]);
                        }
                        String string2 = ObjectUtil.getString(map3.get("testDataPath"), "");
                        if (!"".equals(string2)) {
                            map3.put("testDataPath", num + "/" + string2.split("/")[1]);
                        }
                    }
                    this.webMapper.inserWebBugs(num, list4);
                    FileUtils.copyDirectory(new File(file2, "bug"), new File(Constant.WEB_SCAN_BUG, new StringBuilder().append(num).toString()));
                }
                List<Map<String, Object>> list5 = (List) SerializeUtil.deserializeObj(new File(file2, "bug2.backup"));
                if (CollectionUtils.isNotEmpty(list5)) {
                    for (Map<String, Object> map4 : list5) {
                        String string3 = ObjectUtil.getString(map4.get("rawDataPath"), "");
                        if (!"".equals(string3)) {
                            map4.put("rawDataPath", num + "/" + string3.split("/")[1]);
                        }
                        String string4 = ObjectUtil.getString(map4.get("testDataPath"), "");
                        if (!"".equals(string4)) {
                            map4.put("testDataPath", num + "/" + string4.split("/")[1]);
                        }
                    }
                    this.webMapper.inserWebBugs2(num, list5);
                    FileUtils.copyDirectory(new File(file2, "bug2"), new File(Constant.WEB_SCAN_BUG, WebTask.OLD_BUG_NAME + num));
                }
                List<Map<String, Object>> list6 = (List) SerializeUtil.deserializeObj(new File(file2, "url.backup"));
                if (CollectionUtils.isNotEmpty(list6)) {
                    for (Map<String, Object> map5 : list6) {
                        String string5 = ObjectUtil.getString(map5.get("rowDataPath"), "");
                        if (!"".equals(string5)) {
                            map5.put("rowDataPath", num + "/" + string5.split("/")[1]);
                        }
                    }
                    this.webMapper.inserWebUrl(num, list6);
                    FileUtils.copyDirectory(new File(file2, "url"), new File(Constant.WEB_SCAN_URL, new StringBuilder().append(num).toString()));
                    File file3 = new File(file2, "bugurl");
                    if (file3 != null && file3.exists()) {
                        FileUtils.copyDirectory(file3, new File(Constant.WEB_SCAN_BUGURL, new StringBuilder().append(num).toString()));
                    }
                }
            }
        }
        String dest = task.getDest();
        if (dest.contains("bug") || dest.contains(IReport.REPORT_TYPE_HORSE) || dest.contains("keyword") || dest.contains("fish")) {
            startWebScanTimer(task.getId(), task.getType(), task.getPeriodTime(), task.getAlarmType(), task.getAlarmMethod(), task.getAlarmTime(), "bug");
        }
        if (dest.contains("tamper")) {
            startWebScanTimer(task.getId(), task.getType(), task.getTamperTime(), task.getAlarmType(), task.getAlarmMethod(), task.getAlarmTime(), "tamper");
        }
        if (dest.contains("avail")) {
            startWebScanTimer(task.getId(), task.getType(), task.getAvailTime(), task.getAlarmType(), task.getAlarmMethod(), task.getAlarmTime(), "avail");
        }
        startWebAlermTimer(task.getId(), task.getAlarmType(), task.getAlarmMethod(), task.getAlarmTime(), "all");
        FileUtils.deleteDirectory(file);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    @Transactional
    public void webEnter(HttpSession httpSession, String str) throws Exception {
        File file = new File(Constant.COMMON_DIR, str);
        if (file == null || !file.exists()) {
            this.LOG.error("网站恢复，文件不存在！");
            return;
        }
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        Task task = (Task) SerializeUtil.deserializeObj(new File(file, "task.backup"));
        task.setName(String.valueOf(task.getName()) + System.nanoTime());
        task.setUid(user.getId());
        try {
            restore(file, task);
        } catch (Exception e) {
            FileUtils.deleteDirectory(file);
            throw e;
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public File sbrOemXml(Integer num) throws Exception {
        Properties properties = (Properties) InitSystemTask.servletContext.getAttribute("oem");
        if (!properties.getProperty("copyright", "").contains("圣博润")) {
            return null;
        }
        Config config = Config.getInstance();
        Map<String, Object> taskDevById = this.webMapper.getTaskDevById(num);
        Document createDocument = DocumentHelper.createDocument();
        Element addElement = createDocument.addElement("result");
        Element addElement2 = addElement.addElement("scheme");
        Element addElement3 = addElement2.addElement("tool_info");
        addElement3.addAttribute("ToolVersion", ObjectUtil.getString("V" + config.getString("version", ""), "", 20));
        addElement3.addAttribute("ToolCategory", "005");
        addElement3.addAttribute("ToolName", properties.getProperty("sysname", ""));
        addElement3.addAttribute("ToolCode", "LsWebScan.exe");
        addElement3.addAttribute("CorpName", "北京圣博润高新技术股份有限公司");
        addElement3.addAttribute("CorpCode", "BJSBRGXJSGFYXGS");
        addElement3.addAttribute("Category", "12");
        addElement3.addAttribute("Code", "12-01");
        Element addElement4 = addElement2.addElement("operation_info");
        String string = ObjectUtil.getString(taskDevById.get("confContent"), "");
        if (!"".equals(string)) {
            addElement4.addAttribute("DestHostName", ObjectUtil.getString(((Map) JsonUtil.MAPPER.readValue(string, HashMap.class)).get("url"), "", 100));
            addElement4.addAttribute("DestMac", "");
            addElement4.addAttribute("DestIp", "");
            addElement4.addAttribute("SrcHostName", "");
            addElement4.addAttribute("SrcIp", "");
            addElement4.addAttribute("SrcOs", "");
            addElement4.addAttribute("Stamp", new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()));
        }
        Element addElement5 = addElement.addElement("report").addElement(IReport.REPORT_TYPE_SUMMARY);
        addElement5.addAttribute("title", "报告摘要");
        Element addElement6 = addElement5.addElement("issue_stat");
        addElement6.addAttribute("title", "网站漏洞类型统计");
        HashMap hashMap = new HashMap();
        hashMap.put("SQL注入漏洞", "否");
        hashMap.put("中间件", "否");
        hashMap.put("信息泄露", "否");
        hashMap.put("其他漏洞", "否");
        hashMap.put("危险端口", "否");
        hashMap.put("后台管理地址泄露漏洞", "否");
        hashMap.put("攻击痕迹", "否");
        hashMap.put("文件上传漏洞", "否");
        hashMap.put("文件包含", "否");
        hashMap.put("目录遍历", "否");
        hashMap.put("第三方插件漏洞", "否");
        hashMap.put("网站暗链", "否");
        hashMap.put("网站木马", "否");
        hashMap.put("跨站脚本", "否");
        hashMap.put("配置文件漏洞", "否");
        hashMap.put("页面篡改", "否");
        for (Map<String, Object> map : this.webMapper.getSbrOemWeb(num)) {
            String string2 = ObjectUtil.getString(map.get("title"), "");
            String string3 = ObjectUtil.getString(map.get("family"), "");
            Integer valueOf = Integer.valueOf(ObjectUtil.getInt(map.get("found"), 0));
            if ("A1[注入]".equalsIgnoreCase(string3) && valueOf.intValue() == 1) {
                hashMap.put("SQL注入漏洞", "是");
            } else if ((string2.contains("Weblogic") || string2.contains("Tomcat") || string2.contains("Nginx") || string2.contains("IIS")) && valueOf.intValue() == 1) {
                hashMap.put("中间件", "是");
            } else if ("A6[敏感信息泄露]".equalsIgnoreCase(string3) && valueOf.intValue() == 1) {
                hashMap.put("信息泄露", "是");
            } else if ("A0[其他]".equalsIgnoreCase(string3) && valueOf.intValue() == 1) {
                hashMap.put("其他漏洞", "是");
            } else if ("管理后台登陆入口".equals(string2) && valueOf.intValue() == 1) {
                hashMap.put("后台管理地址泄露漏洞", "是");
            } else if (string2.contains("文件上传") && valueOf.intValue() == 1) {
                hashMap.put("文件上传漏洞", "是");
            } else if ((string2.contains("远程文件包含漏洞") || string2.contains("本地文件包含漏洞")) && valueOf.intValue() == 1) {
                hashMap.put("文件包含", "是");
            } else if (string2.contains("目录遍历漏洞(可访问任意目录下文件)") && valueOf.intValue() == 1) {
                hashMap.put("目录遍历", "是");
            } else if ("A9[使用含有已知漏洞的组件]".equalsIgnoreCase(string3) && valueOf.intValue() == 1) {
                hashMap.put("第三方插件漏洞", "是");
            } else if (string2.contains("脚本木马(Webshell)") && valueOf.intValue() == 1) {
                hashMap.put("网站木马", "是");
            } else if ("A3[跨站脚本]".equalsIgnoreCase(string3) && valueOf.intValue() == 1) {
                hashMap.put("跨站脚本", "是");
            } else if ("A5[安全配置错误]".equalsIgnoreCase(string3) && valueOf.intValue() == 1) {
                hashMap.put("配置文件漏洞", "是");
            }
        }
        for (Map.Entry entry : hashMap.entrySet()) {
            Element addElement7 = addElement6.addElement("item");
            addElement7.addAttribute("title", (String) entry.getKey());
            addElement7.addAttribute("found", (String) entry.getValue());
        }
        File file = new File(Constant.SBR_OEM, ObjectUtil.getString(Pattern.compile("[\\s\\\\/:\\*\\?\\\"<>\\|]").matcher(String.valueOf(ObjectUtil.getString(taskDevById.get("ip"), "")) + "_" + new SimpleDateFormat("yyyy_MM_dd_HH_mm_ss").format(new Date()) + ".xml").replaceAll(""), "", 255));
        outputXml(createDocument, file, "GB2312");
        return file;
    }

    private void outputXml(Document document, File file, String str) throws Exception {
        XMLWriter xMLWriter = null;
        OutputFormat createPrettyPrint = OutputFormat.createPrettyPrint();
        createPrettyPrint.setEncoding(str);
        File parentFile = file.getParentFile();
        if (!parentFile.isDirectory()) {
            parentFile.mkdirs();
        }
        ByteArrayOutputStream byteArrayOutputStream = null;
        try {
            try {
                byteArrayOutputStream = new ByteArrayOutputStream();
                xMLWriter = new XMLWriter(byteArrayOutputStream, createPrettyPrint);
                xMLWriter.write(document);
                xMLWriter.flush();
                FileUtils.writeByteArrayToFile(file, SecretUtil.SM4.encryption(byteArrayOutputStream.toByteArray(), "&$L(,nfT/%IU@#g".getBytes()));
                if (xMLWriter != null) {
                    xMLWriter.close();
                }
                IOUtils.closeQuietly(byteArrayOutputStream);
            } catch (Exception e) {
                throw e;
            }
        } catch (Throwable th) {
            if (xMLWriter != null) {
                xMLWriter.close();
            }
            IOUtils.closeQuietly(byteArrayOutputStream);
            throw th;
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Integer> getTaskStatus(Integer num) throws Exception {
        return this.webMapper.getTaskStatus(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> getTamperLevelCount(Integer num) throws Exception {
        return this.webMapper.getTamperLevelCount(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> getTamperByDevid(Integer num) throws Exception {
        return this.webMapper.getTamperByDevid(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> getKeyWordsByDevid(Integer num) throws Exception {
        return this.webMapper.getKeyWordsByDevid(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> getHorseByDevid(Integer num) throws Exception {
        return this.webMapper.getHorseByDevid(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public int markBugFlag(Integer num, Integer num2) throws Exception {
        return this.webMapper.markBugFlag(num, num2);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> getBugsInter(Integer num) throws Exception {
        return this.webMapper.getBugsInter(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public List<Map<String, Object>> getBugListByDevid(Integer num) throws Exception {
        return this.webMapper.getBugListByDevid(num);
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void proceedStart(Integer num, Integer num2) throws Exception {
        Task taskById = this.webMapper.getTaskById(num2);
        String string = ObjectUtil.getString(InitSystemTask.licenseApp.getLicenseLic().getParams().get("type"), "");
        Map<String, Object> taskDevById = this.webMapper.getTaskDevById(num);
        if ("tool".equalsIgnoreCase(string) || taskById.getDest().contains("bug") || taskById.getDest().contains(IReport.REPORT_TYPE_HORSE) || taskById.getDest().contains("keyword") || taskById.getDest().contains("fish")) {
            if (1 == ObjectUtil.getInt(taskDevById.get("status"), 0)) {
                return;
            }
            proceed(taskById, ObjectUtil.getString(taskDevById.get("engineId"), ""), ObjectUtil.getInt(taskDevById.get("localEid")), num, string);
            taskDevById.put("status", 1);
            taskDevById.put("devid", num);
            this.webMapper.updateTaskDevice(taskDevById);
        }
        if (taskById.getDest().contains("tamper")) {
            if (1 == ObjectUtil.getInt(taskDevById.get("tamperStatus"), 0)) {
                return;
            }
            try {
                proceed(taskById, ObjectUtil.getString(taskDevById.get("tamperEngineid"), ""), ObjectUtil.getInt(taskDevById.get("tamperEid")), num, string);
                taskDevById.put("tamperStatus", 1);
                taskDevById.put("devid", num);
                this.webMapper.updateTaskDevice(taskDevById);
            } catch (Exception e) {
                startTamper(num);
                this.LOG.error("", e);
            }
        }
        if (taskById.getDest().contains("avail")) {
            startAvail(num);
        }
    }

    private void proceed(Task task, String str, Integer num, Integer num2, String str2) throws Exception {
        try {
            this.engine.webContinuescan(str, num.intValue());
        } catch (Exception e) {
            String message = e instanceof UEException ? e.getMessage() : "连接引擎出错";
            HashMap hashMap = new HashMap();
            hashMap.put("error", message);
            hashMap.put("status", 3);
            if (task.getType().intValue() == 1 && "tool".equalsIgnoreCase(str2)) {
                hashMap.put("availErr", message);
                hashMap.put("availStatus", 3);
            }
            hashMap.put("devid", num2);
            this.webMapper.updateTaskDevice(hashMap);
            this.LOG.error("继续扫描出错", e);
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void pause(Integer num, Integer num2) throws Exception {
        Task taskById = this.webMapper.getTaskById(num2);
        Map<String, Object> taskDevById = this.webMapper.getTaskDevById(num);
        String str = (String) InitSystemTask.licenseApp.getLicenseLic().getParams().get("type");
        try {
            if (taskById.getType().intValue() == 1 && "tool".equalsIgnoreCase(str)) {
                this.engine.webStop(ObjectUtil.getString(taskDevById.get("engineId"), ""), ObjectUtil.getInt(taskDevById.get("localEid"), 0));
                taskDevById.put("status", 5);
                this.webMapper.updateTaskDevice(taskDevById);
                return;
            }
            String string = ObjectUtil.getString(taskDevById.get("engineId"), "");
            if (StringUtils.isNotBlank(string)) {
                this.engine.webStop(string, ObjectUtil.getInt(taskDevById.get("localEid"), 0));
            }
            String string2 = ObjectUtil.getString(taskDevById.get("tamperEngineid"), "");
            if (StringUtils.isNotBlank(string2)) {
                this.engine.webStop(string2, ObjectUtil.getInt(taskDevById.get("tamperEid"), 0));
            }
            taskDevById.put("availStatus", 5);
            taskDevById.put("status", 5);
            taskDevById.put("tamperStatus", 5);
            taskDevById.put("devid", num);
            this.webMapper.updateTaskDevice(taskDevById);
        } catch (Exception e) {
            String message = e instanceof UEException ? e.getMessage() : "连接引擎出错";
            HashMap hashMap = new HashMap();
            hashMap.put("error", message);
            hashMap.put("status", 3);
            if (taskById.getType().intValue() == 1 && "tool".equalsIgnoreCase(str)) {
                hashMap.put("availErr", message);
                hashMap.put("availStatus", 3);
            }
            hashMap.put("devid", num);
            this.webMapper.updateTaskDevice(hashMap);
            this.LOG.error("继续扫描出错", e);
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void proceedStartTask(Integer num) throws Exception {
        List<Map<String, Object>> taskDevByTid = this.webMapper.getTaskDevByTid(num);
        if (CollectionUtils.isEmpty(taskDevByTid)) {
            throw new UEException("此任务已被其它用户删除！");
        }
        Iterator<Map<String, Object>> it = taskDevByTid.iterator();
        while (it.hasNext()) {
            proceedStart(ObjectUtil.getInt(it.next().get("id")), num);
        }
    }

    @Override // com.datacloudsec.scan.service.IWeb
    public void pauseScanTask(Integer num) throws Exception {
        List<Map<String, Object>> needStopTaskDevs = this.webMapper.getNeedStopTaskDevs(num);
        if (CollectionUtils.isEmpty(needStopTaskDevs)) {
            throw new UEException("此任务已被其它用户删除！");
        }
        for (Map<String, Object> map : needStopTaskDevs) {
            Integer num2 = ObjectUtil.getInt(map.get("id"));
            try {
                int i = ObjectUtil.getInt(map.get("status"), 0);
                int i2 = ObjectUtil.getInt(map.get("tamperStatus"), 0);
                if (i == 4 || i2 == 4) {
                    map.put("status", 0);
                    map.put("tamperStatus", 0);
                    map.put("availStatus", 0);
                    map.put("devid", num2);
                    this.webMapper.updateTaskDevice(map);
                } else {
                    pause(num2, num);
                }
            } catch (Exception e) {
                if (!(e instanceof UEException)) {
                    throw new UEException("暂停出错", e);
                }
                throw e;
            }
        }
    }
}
