package org.zaproxy.zap.extension.alert;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.StringTokenizer;
import java.util.Vector;
import java.util.function.Consumer;
import java.util.stream.Stream;
import net.sf.json.JSON;
import net.sf.json.JSONObject;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.core.scanner.Alert;
import org.parosproxy.paros.db.DatabaseException;
import org.parosproxy.paros.db.RecordAlert;
import org.parosproxy.paros.db.TableAlert;
import org.parosproxy.paros.model.HistoryReference;
import org.parosproxy.paros.model.Model;
import org.parosproxy.paros.network.HttpMalformedHeaderException;
import org.parosproxy.paros.network.HttpMessage;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.zaproxy.zap.db.TableAlertTag;
import org.zaproxy.zap.extension.api.ApiAction;
import org.zaproxy.zap.extension.api.ApiException;
import org.zaproxy.zap.extension.api.ApiImplementor;
import org.zaproxy.zap.extension.api.ApiResponse;
import org.zaproxy.zap.extension.api.ApiResponseElement;
import org.zaproxy.zap.extension.api.ApiResponseList;
import org.zaproxy.zap.extension.api.ApiResponseSet;
import org.zaproxy.zap.extension.api.ApiView;
import org.zaproxy.zap.utils.ApiUtils;
import org.zaproxy.zap.utils.XMLStringUtil;

/* loaded from: input_file:org/zaproxy/zap/extension/alert/AlertAPI.class */
public class AlertAPI extends ApiImplementor {
    public static final String PREFIX = "alert";
    private static final String ACTION_DELETE_ALL_ALERTS = "deleteAllAlerts";
    private static final String ACTION_DELETE_ALERT = "deleteAlert";
    private static final String ACTION_UPDATE_ALERT = "updateAlert";
    private static final String ACTION_ADD_ALERT = "addAlert";
    private static final String ACTION_UPDATE_ALERTS_CONFIDENCE = "updateAlertsConfidence";
    private static final String ACTION_UPDATE_ALERTS_RISK = "updateAlertsRisk";
    private static final String VIEW_ALERT = "alert";
    private static final String VIEW_ALERTS = "alerts";
    private static final String VIEW_ALERTS_SUMMARY = "alertsSummary";
    private static final String VIEW_NUMBER_OF_ALERTS = "numberOfAlerts";
    private static final String VIEW_ALERTS_BY_RISK = "alertsByRisk";
    private static final String VIEW_ALERT_COUNTS_BY_RISK = "alertCountsByRisk";
    private static final String PARAM_BASE_URL = "baseurl";
    private static final String PARAM_COUNT = "count";
    private static final String PARAM_URL = "url";
    private static final String PARAM_ID = "id";
    private static final String PARAM_RECURSE = "recurse";
    private static final String PARAM_RISK = "riskId";
    private static final String PARAM_START = "start";
    private static final String PARAM_MESSAGE_ID = "messageId";
    private static final String PARAM_ALERT_ID = "id";
    private static final String PARAM_ALERT_IDS = "ids";
    private static final String PARAM_ALERT_NAME = "name";
    private static final String PARAM_CONFIDENCE = "confidenceId";
    private static final String PARAM_ALERT_DESCRIPTION = "description";
    private static final String PARAM_ALERT_PARAM = "param";
    private static final String PARAM_ALERT_ATTACK = "attack";
    private static final String PARAM_ALERT_OTHERINFO = "otherInfo";
    private static final String PARAM_ALERT_SOLUTION = "solution";
    private static final String PARAM_ALERT_REFS = "references";
    private static final String PARAM_ALERT_EVIDENCE = "evidence";
    private static final String PARAM_CWEID = "cweId";
    private static final String PARAM_WASCID = "wascId";
    private static final int NO_RISK_ID = -1;
    private static final int NO_CONFIDENCE_ID = -1;
    private ExtensionAlert extension;
    private static final Logger logger = LogManager.getLogger(AlertAPI.class);

    /* loaded from: input_file:org/zaproxy/zap/extension/alert/AlertAPI$CounterProcessor.class */
    private static class CounterProcessor<T> implements Processor<T> {
        private int count = 0;

        @Override // org.zaproxy.zap.extension.alert.AlertAPI.Processor
        public void process(T t) {
            this.count++;
        }

        public int getCount() {
            return this.count;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/zaproxy/zap/extension/alert/AlertAPI$CustomApiResponseSet.class */
    public static class CustomApiResponseSet<T> extends ApiResponseSet<T> {
        public CustomApiResponseSet(String str, Map<String, T> map) {
            super(str, map);
        }

        @Override // org.zaproxy.zap.extension.api.ApiResponseSet, org.zaproxy.zap.extension.api.ApiResponse
        public void toXML(Document document, Element element) {
            element.setAttribute("type", "set");
            for (Map.Entry<String, T> entry : getValues().entrySet()) {
                Element createElement = document.createElement(entry.getKey());
                if ("tags".equals(entry.getKey())) {
                    createElement.setAttribute("type", "list");
                    for (Map.Entry entry2 : ((Map) entry.getValue()).entrySet()) {
                        Element createElement2 = document.createElement("tag");
                        createElement2.setAttribute("type", "set");
                        Element createElement3 = document.createElement("key");
                        createElement3.appendChild(document.createTextNode(XMLStringUtil.escapeControlChrs((String) entry2.getKey())));
                        createElement2.appendChild(createElement3);
                        Element createElement4 = document.createElement("value");
                        createElement4.appendChild(document.createTextNode(XMLStringUtil.escapeControlChrs((String) entry2.getValue())));
                        createElement2.appendChild(createElement4);
                        createElement.appendChild(createElement2);
                    }
                } else {
                    createElement.appendChild(document.createTextNode(XMLStringUtil.escapeControlChrs(entry.getValue() == null ? Constant.USER_AGENT : entry.getValue().toString())));
                }
                element.appendChild(createElement);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/zaproxy/zap/extension/alert/AlertAPI$PaginationConstraintsChecker.class */
    public static class PaginationConstraintsChecker {
        private boolean pageStarted;
        private boolean pageEnded;
        private final int startRecord;
        private final boolean hasEnd;
        private final int finalRecord;
        private int recordsProcessed = 0;

        public PaginationConstraintsChecker(int i, int i2) {
            if (i > 0) {
                this.pageStarted = false;
                this.startRecord = i;
            } else {
                this.pageStarted = true;
                this.startRecord = 0;
            }
            if (i2 > 0) {
                this.hasEnd = true;
                this.finalRecord = !this.pageStarted ? (i + i2) - 1 : i2;
            } else {
                this.hasEnd = false;
                this.finalRecord = 0;
            }
            this.pageEnded = false;
        }

        public void recordProcessed() {
            this.recordsProcessed++;
            if (!this.pageStarted) {
                this.pageStarted = this.recordsProcessed >= this.startRecord;
            }
            if (!this.hasEnd || this.pageEnded) {
                return;
            }
            this.pageEnded = this.recordsProcessed >= this.finalRecord;
        }

        public boolean hasPageStarted() {
            return this.pageStarted;
        }

        public boolean hasPageEnded() {
            return this.pageEnded;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/zaproxy/zap/extension/alert/AlertAPI$Processor.class */
    public interface Processor<T> {
        void process(T t);
    }

    public AlertAPI(ExtensionAlert extensionAlert) {
        this.extension = null;
        this.extension = extensionAlert;
        addApiView(new ApiView("alert", new String[]{"id"}));
        addApiView(new ApiView(VIEW_ALERTS, (String[]) null, new String[]{PARAM_BASE_URL, PARAM_START, PARAM_COUNT, PARAM_RISK}));
        addApiView(new ApiView(VIEW_ALERTS_SUMMARY, (String[]) null, new String[]{PARAM_BASE_URL}));
        addApiView(new ApiView(VIEW_NUMBER_OF_ALERTS, (String[]) null, new String[]{PARAM_BASE_URL, PARAM_RISK}));
        addApiView(new ApiView(VIEW_ALERTS_BY_RISK, (String[]) null, new String[]{PARAM_URL, PARAM_RECURSE}));
        addApiView(new ApiView(VIEW_ALERT_COUNTS_BY_RISK, (String[]) null, new String[]{PARAM_URL, PARAM_RECURSE}));
        addApiAction(new ApiAction(ACTION_DELETE_ALL_ALERTS));
        addApiAction(new ApiAction(ACTION_DELETE_ALERT, new String[]{"id"}));
        addApiAction(new ApiAction(ACTION_UPDATE_ALERTS_CONFIDENCE, new String[]{PARAM_ALERT_IDS, PARAM_CONFIDENCE}));
        addApiAction(new ApiAction(ACTION_UPDATE_ALERTS_RISK, new String[]{PARAM_ALERT_IDS, PARAM_RISK}));
        addApiAction(new ApiAction(ACTION_UPDATE_ALERT, new String[]{"id", "name", PARAM_RISK, PARAM_CONFIDENCE, PARAM_ALERT_DESCRIPTION}, new String[]{"param", PARAM_ALERT_ATTACK, PARAM_ALERT_OTHERINFO, PARAM_ALERT_SOLUTION, PARAM_ALERT_REFS, PARAM_ALERT_EVIDENCE, PARAM_CWEID, PARAM_WASCID}));
        addApiAction(new ApiAction(ACTION_ADD_ALERT, new String[]{PARAM_MESSAGE_ID, "name", PARAM_RISK, PARAM_CONFIDENCE, PARAM_ALERT_DESCRIPTION}, new String[]{"param", PARAM_ALERT_ATTACK, PARAM_ALERT_OTHERINFO, PARAM_ALERT_SOLUTION, PARAM_ALERT_REFS, PARAM_ALERT_EVIDENCE, PARAM_CWEID, PARAM_WASCID}));
    }

    @Override // org.zaproxy.zap.extension.api.ApiImplementor
    public String getPrefix() {
        return "alert";
    }

    @Override // org.zaproxy.zap.extension.api.ApiImplementor
    public ApiResponse handleApiView(final String str, JSONObject jSONObject) throws ApiException {
        ApiResponse apiResponseSet;
        if ("alert".equals(str)) {
            TableAlert tableAlert = Model.getSingleton().getDb().getTableAlert();
            TableAlertTag tableAlertTag = Model.getSingleton().getDb().getTableAlertTag();
            try {
                RecordAlert read = tableAlert.read(getParam(jSONObject, "id", -1));
                Map<String, String> tagsByAlertId = tableAlertTag.getTagsByAlertId(getParam(jSONObject, "id", -1));
                if (read == null) {
                    throw new ApiException(ApiException.Type.DOES_NOT_EXIST);
                }
                Alert alert = new Alert(read);
                alert.setTags(tagsByAlertId);
                apiResponseSet = new ApiResponseElement(alertToSet(alert));
            } catch (DatabaseException e) {
                logger.error("Failed to read the alert from the session:", e);
                throw new ApiException(ApiException.Type.INTERNAL_ERROR);
            }
        } else if (VIEW_ALERTS.equals(str)) {
            final ApiResponseList apiResponseList = new ApiResponseList(str);
            processAlerts(getParam(jSONObject, PARAM_BASE_URL, (String) null), getParam(jSONObject, PARAM_START, -1), getParam(jSONObject, PARAM_COUNT, -1), getRiskId(jSONObject), new Processor<Alert>() { // from class: org.zaproxy.zap.extension.alert.AlertAPI.1
                @Override // org.zaproxy.zap.extension.alert.AlertAPI.Processor
                public void process(Alert alert2) {
                    apiResponseList.addItem(AlertAPI.this.alertToSet(alert2));
                }
            });
            apiResponseSet = apiResponseList;
        } else if (VIEW_NUMBER_OF_ALERTS.equals(str)) {
            CounterProcessor counterProcessor = new CounterProcessor();
            processAlerts(getParam(jSONObject, PARAM_BASE_URL, (String) null), getParam(jSONObject, PARAM_START, -1), getParam(jSONObject, PARAM_COUNT, -1), getRiskId(jSONObject), counterProcessor);
            apiResponseSet = new ApiResponseElement(str, Integer.toString(counterProcessor.getCount()));
        } else if (VIEW_ALERTS_SUMMARY.equals(str)) {
            final int[] iArr = {0, 0, 0, 0};
            processAlerts(getParam(jSONObject, PARAM_BASE_URL, (String) null), -1, -1, -1, new Processor<Alert>() { // from class: org.zaproxy.zap.extension.alert.AlertAPI.2
                @Override // org.zaproxy.zap.extension.alert.AlertAPI.Processor
                public void process(Alert alert2) {
                    int[] iArr2 = iArr;
                    int risk = alert2.getRisk();
                    iArr2[risk] = iArr2[risk] + 1;
                }
            });
            HashMap hashMap = new HashMap();
            for (int i = 0; i < iArr.length; i++) {
                hashMap.put(Alert.MSG_RISK[i], Integer.valueOf(iArr[i]));
            }
            apiResponseSet = new ApiResponseSet<Object>(AlertEventPublisher.RISK, hashMap) { // from class: org.zaproxy.zap.extension.alert.AlertAPI.3
                @Override // org.zaproxy.zap.extension.api.ApiResponseSet, org.zaproxy.zap.extension.api.ApiResponse
                public JSON toJSON() {
                    JSONObject jSONObject2 = new JSONObject();
                    jSONObject2.put(str, super.toJSON());
                    return jSONObject2;
                }
            };
        } else if (VIEW_ALERTS_BY_RISK.equals(str)) {
            String param = getParam(jSONObject, PARAM_URL, Constant.USER_AGENT);
            boolean param2 = getParam(jSONObject, PARAM_RECURSE, false);
            ApiResponseList apiResponseList2 = new ApiResponseList(str);
            apiResponseSet = apiResponseList2;
            ApiResponseList[] apiResponseListArr = new ApiResponseList[4];
            for (int i2 = 0; i2 < apiResponseListArr.length; i2++) {
                apiResponseListArr[i2] = new ApiResponseList(Alert.MSG_RISK[i2]);
            }
            Enumeration children = ((AlertNode) this.extension.getTreeModel().getRoot()).children();
            while (children.hasMoreElements()) {
                AlertNode alertNode = (AlertNode) children.nextElement();
                Alert m188getUserObject = alertNode.m188getUserObject();
                ApiResponseList filterAlertInstances = filterAlertInstances(alertNode, param, param2);
                if (filterAlertInstances.getItems().size() > 0) {
                    apiResponseListArr[m188getUserObject.getRisk()].addItem(filterAlertInstances);
                }
            }
            Stream stream = Arrays.stream(apiResponseListArr);
            Objects.requireNonNull(apiResponseList2);
            stream.forEach((v1) -> {
                r1.addItem(v1);
            });
        } else {
            if (!VIEW_ALERT_COUNTS_BY_RISK.equals(str)) {
                throw new ApiException(ApiException.Type.BAD_VIEW);
            }
            String param3 = getParam(jSONObject, PARAM_URL, Constant.USER_AGENT);
            boolean param4 = getParam(jSONObject, PARAM_RECURSE, false);
            int[] iArr2 = new int[4];
            iArr2[0] = 0;
            iArr2[1] = 0;
            iArr2[2] = 0;
            iArr2[3] = 0;
            Enumeration children2 = ((AlertNode) this.extension.getTreeModel().getRoot()).children();
            while (children2.hasMoreElements()) {
                AlertNode alertNode2 = (AlertNode) children2.nextElement();
                Alert m188getUserObject2 = alertNode2.m188getUserObject();
                if (filterAlertInstances(alertNode2, param3, param4).getItems().size() > 0) {
                    int risk = m188getUserObject2.getRisk();
                    iArr2[risk] = iArr2[risk] + 1;
                }
            }
            HashMap hashMap2 = new HashMap();
            hashMap2.put(Alert.MSG_RISK[3], Integer.valueOf(iArr2[3]));
            hashMap2.put(Alert.MSG_RISK[2], Integer.valueOf(iArr2[2]));
            hashMap2.put(Alert.MSG_RISK[1], Integer.valueOf(iArr2[1]));
            hashMap2.put(Alert.MSG_RISK[0], Integer.valueOf(iArr2[0]));
            apiResponseSet = new ApiResponseSet(str, hashMap2);
        }
        return apiResponseSet;
    }

    @Override // org.zaproxy.zap.extension.api.ApiImplementor
    public ApiResponse handleApiAction(String str, JSONObject jSONObject) throws ApiException {
        if (ACTION_DELETE_ALERT.equals(str)) {
            this.extension.deleteAlert(getAlertFromDb(ApiUtils.getIntParam(jSONObject, "id")));
        } else if (ACTION_DELETE_ALL_ALERTS.equals(str)) {
            this.extension.deleteAllAlerts();
        } else if (ACTION_UPDATE_ALERT.equals(str)) {
            int intParam = ApiUtils.getIntParam(jSONObject, "id");
            String string = jSONObject.getString("name");
            int riskId = getRiskId(jSONObject);
            int confidenceId = getConfidenceId(jSONObject);
            String string2 = jSONObject.getString(PARAM_ALERT_DESCRIPTION);
            String optionalStringParam = ApiUtils.getOptionalStringParam(jSONObject, "param");
            String optionalStringParam2 = ApiUtils.getOptionalStringParam(jSONObject, PARAM_ALERT_ATTACK);
            String optionalStringParam3 = ApiUtils.getOptionalStringParam(jSONObject, PARAM_ALERT_OTHERINFO);
            String optionalStringParam4 = ApiUtils.getOptionalStringParam(jSONObject, PARAM_ALERT_SOLUTION);
            String optionalStringParam5 = ApiUtils.getOptionalStringParam(jSONObject, PARAM_ALERT_REFS);
            String optionalStringParam6 = ApiUtils.getOptionalStringParam(jSONObject, PARAM_ALERT_EVIDENCE);
            int param = getParam(jSONObject, PARAM_CWEID, 0);
            int param2 = getParam(jSONObject, PARAM_WASCID, 0);
            Alert alertFromDb = getAlertFromDb(intParam);
            alertFromDb.setName(string);
            alertFromDb.setRisk(riskId);
            alertFromDb.setConfidence(confidenceId);
            alertFromDb.setDescription(string2);
            alertFromDb.setParam(optionalStringParam);
            alertFromDb.setAttack(optionalStringParam2);
            alertFromDb.setOtherInfo(optionalStringParam3);
            alertFromDb.setSolution(optionalStringParam4);
            alertFromDb.setReference(optionalStringParam5);
            alertFromDb.setEvidence(optionalStringParam6);
            alertFromDb.setCweId(param);
            alertFromDb.setWascId(param2);
            processAlertUpdate(alertFromDb);
        } else {
            if (ACTION_ADD_ALERT.equals(str)) {
                int intParam2 = ApiUtils.getIntParam(jSONObject, PARAM_MESSAGE_ID);
                String nonEmptyStringParam = ApiUtils.getNonEmptyStringParam(jSONObject, "name");
                int riskId2 = getRiskId(jSONObject);
                int confidenceId2 = getConfidenceId(jSONObject);
                String string3 = jSONObject.getString(PARAM_ALERT_DESCRIPTION);
                String optionalStringParam7 = ApiUtils.getOptionalStringParam(jSONObject, "param");
                String optionalStringParam8 = ApiUtils.getOptionalStringParam(jSONObject, PARAM_ALERT_ATTACK);
                String optionalStringParam9 = ApiUtils.getOptionalStringParam(jSONObject, PARAM_ALERT_OTHERINFO);
                String optionalStringParam10 = ApiUtils.getOptionalStringParam(jSONObject, PARAM_ALERT_SOLUTION);
                String optionalStringParam11 = ApiUtils.getOptionalStringParam(jSONObject, PARAM_ALERT_REFS);
                String optionalStringParam12 = ApiUtils.getOptionalStringParam(jSONObject, PARAM_ALERT_EVIDENCE);
                int param3 = getParam(jSONObject, PARAM_CWEID, 0);
                int param4 = getParam(jSONObject, PARAM_WASCID, 0);
                HttpMessage httpMessage = getHttpMessage(intParam2);
                Alert alert = new Alert(-1, riskId2, confidenceId2, nonEmptyStringParam);
                alert.setSource(Alert.Source.MANUAL);
                alert.setMessage(httpMessage);
                alert.setUri(httpMessage.getRequestHeader().getURI().toString());
                alert.setName(nonEmptyStringParam);
                alert.setRisk(riskId2);
                alert.setConfidence(confidenceId2);
                alert.setDescription(string3);
                alert.setParam(optionalStringParam7);
                alert.setAttack(optionalStringParam8);
                alert.setOtherInfo(optionalStringParam9);
                alert.setSolution(optionalStringParam10);
                alert.setReference(optionalStringParam11);
                alert.setEvidence(optionalStringParam12);
                alert.setCweId(param3);
                alert.setWascId(param4);
                this.extension.alertFound(alert, httpMessage.getHistoryRef());
                return new ApiResponseElement(str, Integer.toString(alert.getAlertId()));
            }
            if (ACTION_UPDATE_ALERTS_CONFIDENCE.equals(str)) {
                int confidenceId3 = getConfidenceId(jSONObject);
                updateAlerts(jSONObject, alert2 -> {
                    alert2.setConfidence(confidenceId3);
                });
            } else {
                if (!ACTION_UPDATE_ALERTS_RISK.equals(str)) {
                    throw new ApiException(ApiException.Type.BAD_ACTION);
                }
                int riskId3 = getRiskId(jSONObject);
                updateAlerts(jSONObject, alert3 -> {
                    alert3.setRisk(riskId3);
                });
            }
        }
        return ApiResponseElement.OK;
    }

    private ApiResponseList filterAlertInstances(AlertNode alertNode, String str, boolean z) {
        ApiResponseList apiResponseList = new ApiResponseList(alertNode.m188getUserObject().getName());
        Enumeration children = alertNode.children();
        while (children.hasMoreElements()) {
            AlertNode alertNode2 = (AlertNode) children.nextElement();
            if (!str.isEmpty()) {
                String uri = alertNode2.m188getUserObject().getUri();
                if (uri.startsWith(str)) {
                    if (!z) {
                        if (uri.indexOf(63) > 0) {
                            uri = uri.substring(0, uri.indexOf(63));
                        }
                        if (!uri.equals(str)) {
                        }
                    }
                }
            }
            apiResponseList.addItem(alertSummaryToSet(alertNode2.m188getUserObject()));
        }
        return apiResponseList;
    }

    private void processAlerts(String str, int i, int i2, int i3, Processor<Alert> processor) throws ApiException {
        ArrayList arrayList = new ArrayList();
        try {
            TableAlert tableAlert = Model.getSingleton().getDb().getTableAlert();
            TableAlertTag tableAlertTag = Model.getSingleton().getDb().getTableAlertTag();
            Vector<Integer> alertList = tableAlert.getAlertList();
            PaginationConstraintsChecker paginationConstraintsChecker = new PaginationConstraintsChecker(i, i2);
            Iterator<Integer> it = alertList.iterator();
            while (it.hasNext()) {
                int intValue = it.next().intValue();
                Alert alert = new Alert(tableAlert.read(intValue));
                if (alert.getConfidence() != 0 && !arrayList.contains(alert)) {
                    if (str == null || alert.getUri().startsWith(str)) {
                        if (i3 == -1 || alert.getRisk() == i3) {
                            paginationConstraintsChecker.recordProcessed();
                            arrayList.add(alert);
                            if (paginationConstraintsChecker.hasPageStarted()) {
                                alert.setTags(tableAlertTag.getTagsByAlertId(intValue));
                                processor.process(alert);
                                if (paginationConstraintsChecker.hasPageEnded()) {
                                    break;
                                }
                            }
                        }
                    }
                }
            }
        } catch (DatabaseException e) {
            logger.error(e.getMessage(), e);
            throw new ApiException(ApiException.Type.INTERNAL_ERROR);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ApiResponseSet<Object> alertToSet(Alert alert) {
        HashMap hashMap = new HashMap();
        hashMap.put("id", String.valueOf(alert.getAlertId()));
        hashMap.put("pluginId", String.valueOf(alert.getPluginId()));
        hashMap.put("alertRef", alert.getAlertRef());
        hashMap.put("alert", alert.getName());
        hashMap.put("name", alert.getName());
        hashMap.put(PARAM_ALERT_DESCRIPTION, alert.getDescription());
        hashMap.put(AlertEventPublisher.RISK, Alert.MSG_RISK[alert.getRisk()]);
        hashMap.put(AlertEventPublisher.CONFIDENCE, Alert.MSG_CONFIDENCE[alert.getConfidence()]);
        hashMap.put(PARAM_URL, alert.getUri());
        hashMap.put("method", alert.getMethod());
        hashMap.put("other", alert.getOtherInfo());
        hashMap.put("param", alert.getParam());
        hashMap.put(PARAM_ALERT_ATTACK, alert.getAttack());
        hashMap.put(PARAM_ALERT_EVIDENCE, alert.getEvidence());
        hashMap.put("reference", alert.getReference());
        hashMap.put("cweid", String.valueOf(alert.getCweId()));
        hashMap.put("wascid", String.valueOf(alert.getWascId()));
        hashMap.put("sourceid", String.valueOf(alert.getSource().getId()));
        hashMap.put(PARAM_ALERT_SOLUTION, alert.getSolution());
        hashMap.put(PARAM_MESSAGE_ID, alert.getHistoryRef() != null ? String.valueOf(alert.getHistoryRef().getHistoryId()) : Constant.USER_AGENT);
        hashMap.put("tags", alert.getTags());
        return new CustomApiResponseSet("alert", hashMap);
    }

    private ApiResponseSet<String> alertSummaryToSet(Alert alert) {
        HashMap hashMap = new HashMap();
        hashMap.put("id", String.valueOf(alert.getAlertId()));
        hashMap.put("name", alert.getName());
        hashMap.put(AlertEventPublisher.RISK, Alert.MSG_RISK[alert.getRisk()]);
        hashMap.put(AlertEventPublisher.CONFIDENCE, Alert.MSG_CONFIDENCE[alert.getConfidence()]);
        hashMap.put(PARAM_URL, alert.getUri());
        hashMap.put("param", alert.getParam());
        return new ApiResponseSet<>("alertsummary", hashMap);
    }

    private static void throwInvalidRiskId() throws ApiException {
        throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, Constant.messages.getString("alert.api.param.riskId.illegal", PARAM_RISK));
    }

    private static void throwInvalidConfidenceId() throws ApiException {
        throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, Constant.messages.getString("alert.api.param.confidenceId.illegal", PARAM_RISK));
    }

    private int getRiskId(JSONObject jSONObject) throws ApiException {
        String trim = getParam(jSONObject, PARAM_RISK, Constant.USER_AGENT).trim();
        if (trim.isEmpty()) {
            return -1;
        }
        int i = -1;
        try {
            i = Integer.parseInt(trim);
        } catch (NumberFormatException e) {
            throwInvalidRiskId();
        }
        if (i < 0 || i > 3) {
            throwInvalidRiskId();
        }
        return i;
    }

    private int getConfidenceId(JSONObject jSONObject) throws ApiException {
        String trim = getParam(jSONObject, PARAM_CONFIDENCE, Constant.USER_AGENT).trim();
        if (trim.isEmpty()) {
            return -1;
        }
        int i = -1;
        try {
            i = Integer.parseInt(trim);
        } catch (NumberFormatException e) {
            throwInvalidConfidenceId();
        }
        if (i < 0 || i > 4) {
            throwInvalidConfidenceId();
        }
        return i;
    }

    private List<Integer> getAlertIds(String str) throws ApiException {
        ArrayList arrayList = new ArrayList();
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        while (stringTokenizer.hasMoreTokens()) {
            String trim = stringTokenizer.nextToken().trim();
            try {
                arrayList.add(Integer.valueOf(Integer.parseInt(trim)));
            } catch (NumberFormatException e) {
                throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, Constant.messages.getString("alert.api.param.alertIds.illegal", trim, str));
            }
        }
        return arrayList;
    }

    private Alert getAlertFromDb(int i) throws ApiException {
        try {
            RecordAlert read = Model.getSingleton().getDb().getTableAlert().read(i);
            if (read == null) {
                throw new ApiException(ApiException.Type.DOES_NOT_EXIST, String.valueOf(i));
            }
            return new Alert(read);
        } catch (DatabaseException e) {
            logger.error(e.getMessage(), e);
            throw new ApiException(ApiException.Type.INTERNAL_ERROR, e);
        }
    }

    private void processAlertUpdate(Alert alert) throws ApiException {
        try {
            this.extension.updateAlert(alert);
        } catch (DatabaseException | HttpMalformedHeaderException e) {
            logger.error(e.getMessage(), e);
            throw new ApiException(ApiException.Type.INTERNAL_ERROR, e);
        }
    }

    private void updateAlerts(JSONObject jSONObject, Consumer<Alert> consumer) throws ApiException {
        Iterator<Integer> it = getAlertIds(jSONObject.getString(PARAM_ALERT_IDS)).iterator();
        while (it.hasNext()) {
            Alert alertFromDb = getAlertFromDb(it.next().intValue());
            consumer.accept(alertFromDb);
            processAlertUpdate(alertFromDb);
        }
    }

    private static HttpMessage getHttpMessage(int i) throws ApiException {
        try {
            return new HistoryReference(i, true).getHttpMessage();
        } catch (DatabaseException | HttpMalformedHeaderException e) {
            if (e.getMessage() == null) {
                throw new ApiException(ApiException.Type.DOES_NOT_EXIST, PARAM_MESSAGE_ID);
            }
            logger.error("Failed to read the history record:", e);
            throw new ApiException(ApiException.Type.INTERNAL_ERROR, e);
        }
    }
}
