package com.blackducksoftware.tools.commonframework.standard.codecenter.dao;

import com.blackducksoftware.tools.commonframework.standard.codecenter.pojo.ApplicationPojo;
import com.blackducksoftware.tools.commonframework.standard.codecenter.pojo.ApplicationPojoImpl;
import com.blackducksoftware.tools.commonframework.standard.codecenter.pojo.ComponentPojo;
import com.blackducksoftware.tools.commonframework.standard.codecenter.pojo.ComponentPojoImpl;
import com.blackducksoftware.tools.commonframework.standard.codecenter.pojo.ComponentUsePojo;
import com.blackducksoftware.tools.commonframework.standard.codecenter.pojo.VulnerabilityMapping;
import com.blackducksoftware.tools.commonframework.standard.codecenter.pojo.VulnerabilityMappingImpl;
import com.blackducksoftware.tools.commonframework.standard.codecenter.pojo.VulnerabilityPojo;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import org.apache.commons.lang.StringEscapeUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Deprecated
/* loaded from: input_file:com/blackducksoftware/tools/commonframework/standard/codecenter/dao/CodeCenter6_6_1DbDao.class */
public class CodeCenter6_6_1DbDao {
    private final Connection connBdsVuln;
    private final Connection connBdsCatalog;
    private final QueryBuilder queryBuilder = new QueryBuilder();
    private final Logger log = LoggerFactory.getLogger(getClass().getName());
    private final Map<Long, String> vulnStatusCache = new HashMap(16);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/blackducksoftware/tools/commonframework/standard/codecenter/dao/CodeCenter6_6_1DbDao$RemediationDates.class */
    public class RemediationDates {
        private Date targetRemediationDate;
        private Date actualRemediationDate;

        public RemediationDates(Date date, Date date2) {
            this.targetRemediationDate = date;
            this.actualRemediationDate = date2;
        }

        public Date getTargetRemediationDate() {
            return this.targetRemediationDate;
        }

        public Date getActualRemediationDate() {
            return this.actualRemediationDate;
        }
    }

    public CodeCenter6_6_1DbDao(CodeCenterDaoConfigManager codeCenterDaoConfigManager) throws SQLException {
        this.connBdsVuln = getDbConnection(codeCenterDaoConfigManager, "bds_vuln");
        this.connBdsCatalog = getDbConnection(codeCenterDaoConfigManager, "bds_catalog");
    }

    private Connection getDbConnection(CodeCenterDaoConfigManager codeCenterDaoConfigManager, String str) throws SQLException {
        this.log.debug("Opening database connection to " + str);
        String str2 = "jdbc:postgresql://" + codeCenterDaoConfigManager.getCcDbServerName() + ":" + codeCenterDaoConfigManager.getCcDbPort() + "/" + str;
        Properties properties = new Properties();
        properties.setProperty("user", codeCenterDaoConfigManager.getCcDbUserName());
        properties.setProperty("password", codeCenterDaoConfigManager.getCcDbPassword());
        return DriverManager.getConnection(str2, properties);
    }

    public void setDbFields(VulnerabilityPojo vulnerabilityPojo, ComponentUsePojo componentUsePojo) throws SQLException {
        setDefaults(vulnerabilityPojo);
        addStatus(vulnerabilityPojo, componentUsePojo);
        addRemediationDates(componentUsePojo, vulnerabilityPojo);
    }

    public void setVulnStatusFields(VulnerabilityPojo vulnerabilityPojo, ComponentUsePojo componentUsePojo) throws SQLException {
        setDefaults(vulnerabilityPojo);
        addStatus(vulnerabilityPojo, componentUsePojo);
    }

    public void close() throws SQLException {
        if (this.connBdsVuln != null) {
            this.log.debug("Closing bds_vuln DB connection");
            this.connBdsVuln.close();
        }
        if (this.connBdsCatalog != null) {
            this.log.debug("Closing bds_catalog DB connection");
            this.connBdsCatalog.close();
        }
    }

    private void setDefaults(VulnerabilityPojo vulnerabilityPojo) {
        vulnerabilityPojo.setStatus(QueryBuilder.NEW_VULNERABILITY_QUERY);
        vulnerabilityPojo.setStatusComment(QueryBuilder.NEW_VULNERABILITY_QUERY);
    }

    private void addStatus(VulnerabilityPojo vulnerabilityPojo, ComponentUsePojo componentUsePojo) throws SQLException {
        long statusComment = setStatusComment(vulnerabilityPojo, componentUsePojo);
        if (statusComment != -1) {
            vulnerabilityPojo.setStatusId(statusComment);
            vulnerabilityPojo.setStatus(getStatusString(statusComment));
        }
    }

    private String getStatusString(long j) throws SQLException {
        String str = QueryBuilder.NEW_VULNERABILITY_QUERY;
        Long valueOf = Long.valueOf(j);
        if (this.vulnStatusCache.containsKey(valueOf)) {
            return this.vulnStatusCache.get(valueOf);
        }
        this.log.debug("Fetching vulnerability status name from vulnerability_status table for vulnStatusId: " + j);
        ResultSet executeQuery = this.connBdsCatalog.createStatement().executeQuery("SELECT name FROM vulnerability_status WHERE id = " + j);
        if (executeQuery.next()) {
            str = executeQuery.getString("name");
        }
        this.vulnStatusCache.put(valueOf, str);
        return str;
    }

    private long setStatusComment(VulnerabilityPojo vulnerabilityPojo, ComponentUsePojo componentUsePojo) throws SQLException {
        this.log.debug("Fetching vulnerability_status_id, comment from componentuser_vulnerability table for vuln ID: " + vulnerabilityPojo.getId() + " / compUse ID: " + componentUsePojo.getId());
        long j = -1;
        ResultSet executeQuery = this.connBdsCatalog.createStatement().executeQuery("SELECT vulnerability_status_id,comment FROM componentuse_vulnerability WHERE vulnerability_id = " + vulnerabilityPojo.getId() + " AND componentuse_id = '" + componentUsePojo.getId() + "'");
        if (executeQuery.next()) {
            j = executeQuery.getLong("vulnerability_status_id");
            vulnerabilityPojo.setStatusComment(executeQuery.getString("comment"));
        }
        return j;
    }

    private void addRemediationDates(ComponentUsePojo componentUsePojo, VulnerabilityPojo vulnerabilityPojo) throws SQLException {
        vulnerabilityPojo.setTargetRemediationDate(null);
        vulnerabilityPojo.setActualRemediationDate(null);
        RemediationDates remediationDates = getRemediationDates(vulnerabilityPojo.getId(), componentUsePojo.getId());
        if (remediationDates != null) {
            vulnerabilityPojo.setTargetRemediationDate(remediationDates.getTargetRemediationDate());
            vulnerabilityPojo.setActualRemediationDate(remediationDates.getActualRemediationDate());
        }
    }

    private RemediationDates getRemediationDates(String str, String str2) throws SQLException {
        this.log.debug("Fetching date_remediation, date_completion from componentuse_vulnerability table for vulnId: " + str + " / compUseId: " + str2);
        RemediationDates remediationDates = null;
        String str3 = "SELECT date_remediation,date_completion FROM componentuse_vulnerability WHERE vulnerability_id = " + str + " AND componentuse_id = '" + str2 + "'";
        try {
            ResultSet executeQuery = this.connBdsCatalog.createStatement().executeQuery(str3);
            if (executeQuery.next()) {
                java.sql.Date date = executeQuery.getDate("date_remediation");
                java.sql.Date date2 = executeQuery.getDate("date_completion");
                remediationDates = new RemediationDates(date, date2);
                this.log.debug("From DB: target remediation date: " + date + " (" + getTimeMillis(date) + "); actual remediation date: " + date2 + " (" + getTimeMillis(date2) + ")");
            }
        } catch (SQLException e) {
            this.log.debug("Error executing SQL: " + str3);
            this.log.warn("Unable to read componentuse_vulnerability remediation dates, which were added in Code Center 6.7.1p2;  This is normal when running against older Code Center servers.");
        }
        return remediationDates;
    }

    private long getTimeMillis(Date date) {
        if (date == null) {
            return 0L;
        }
        return date.getTime();
    }

    public void updateCompUseVulnData(ComponentUsePojo componentUsePojo, VulnerabilityPojo vulnerabilityPojo) throws Exception {
        if (getRemediationDates(vulnerabilityPojo.getId(), componentUsePojo.getId()) != null) {
            updateCompUseVulnDataViaUpdate(componentUsePojo, vulnerabilityPojo);
        } else {
            updateCompUseVulnDataViaInsert(componentUsePojo, vulnerabilityPojo);
        }
    }

    private void updateCompUseVulnDataViaUpdate(ComponentUsePojo componentUsePojo, VulnerabilityPojo vulnerabilityPojo) throws Exception {
        this.log.debug("Inserting component use vulnerability data");
        StringBuilder sb = new StringBuilder();
        int i = 0;
        if (vulnerabilityPojo.getStatusId() > 0) {
            sb.append("vulnerability_status_id=");
            sb.append(vulnerabilityPojo.getStatusId());
            i = 0 + 1;
        }
        if (vulnerabilityPojo.getStatusComment() != null && vulnerabilityPojo.getStatusComment().length() > 0) {
            if (sb.length() > 0) {
                sb.append(",");
            }
            sb.append("comment='");
            sb.append(StringEscapeUtils.escapeSql(vulnerabilityPojo.getStatusComment()));
            sb.append("'");
            i++;
        }
        if (vulnerabilityPojo.getTargetRemediationDate() != null) {
            java.sql.Date date = new java.sql.Date(vulnerabilityPojo.getTargetRemediationDate().getTime());
            if (sb.length() > 0) {
                sb.append(",");
            }
            sb.append("date_remediation='");
            sb.append(date);
            sb.append("'");
            i++;
            this.log.debug("Setting target remediation date to: " + date + " (" + date.getTime() + ")");
        }
        if (vulnerabilityPojo.getActualRemediationDate() != null) {
            java.sql.Date date2 = new java.sql.Date(vulnerabilityPojo.getActualRemediationDate().getTime());
            if (sb.length() > 0) {
                sb.append(",");
            }
            sb.append("date_completion='");
            sb.append(date2);
            sb.append("'");
            i++;
            this.log.debug("Setting actual remediation date to: " + date2 + " (" + date2.getTime() + ")");
        }
        if (i == 0) {
            return;
        }
        String str = "UPDATE componentuse_vulnerability SET " + ((Object) sb) + " WHERE vulnerability_id=" + vulnerabilityPojo.getId() + " AND componentuse_id='" + componentUsePojo.getId() + "'";
        Statement createStatement = this.connBdsCatalog.createStatement();
        try {
            this.log.debug("Executing sql: " + str);
            createStatement.executeUpdate(str);
        } catch (SQLException e) {
            this.log.error("Error executing SQL: " + str);
            throw new Exception("Unable to set componentuse_vulnerability remediation dates, which were added in Code Center 6.7.1p2: " + e.getMessage());
        }
    }

    private long getNextDatabaseRowId() throws Exception {
        String str = "Empty result set";
        try {
            ResultSet executeQuery = this.connBdsCatalog.createStatement().executeQuery("SELECT nextval( 'hibernate_sequence' )");
            if (executeQuery.next()) {
                return executeQuery.getLong(1);
            }
        } catch (SQLException e) {
            this.log.error("Error executing SQL: SELECT nextval( 'hibernate_sequence' )");
            str = e.getMessage();
        }
        throw new Exception("Error deriving next datanase record id by reading hibernate_sequence: " + str);
    }

    private void updateCompUseVulnDataViaInsert(ComponentUsePojo componentUsePojo, VulnerabilityPojo vulnerabilityPojo) throws Exception {
        this.log.debug("Updating component use vulnerability data");
        Statement createStatement = this.connBdsCatalog.createStatement();
        long nextDatabaseRowId = getNextDatabaseRowId();
        boolean z = false;
        StringBuilder sb = new StringBuilder();
        StringBuilder sb2 = new StringBuilder();
        sb.append("id");
        sb2.append(nextDatabaseRowId);
        if (vulnerabilityPojo.getStatusId() > 0) {
            sb.append(",vulnerability_status_id");
            sb2.append("," + vulnerabilityPojo.getStatusId());
        }
        sb.append(",componentuse_id,vulnerability_id");
        sb2.append(",'");
        sb2.append(componentUsePojo.getId());
        sb2.append("'");
        sb2.append(",");
        sb2.append(vulnerabilityPojo.getId());
        if (vulnerabilityPojo.getStatusComment() != null && vulnerabilityPojo.getStatusComment().length() > 0) {
            sb.append(",comment");
            sb2.append(",'");
            sb2.append(StringEscapeUtils.escapeSql(vulnerabilityPojo.getStatusComment()));
            sb2.append("'");
            z = true;
        }
        if (vulnerabilityPojo.getTargetRemediationDate() != null) {
            java.sql.Date date = new java.sql.Date(vulnerabilityPojo.getTargetRemediationDate().getTime());
            sb.append(",date_remediation");
            sb2.append(",'");
            sb2.append(date);
            sb2.append("'");
            z = true;
            this.log.debug("Setting target remediation date to: " + date + " (" + date.getTime() + ")");
        }
        if (vulnerabilityPojo.getActualRemediationDate() != null) {
            java.sql.Date date2 = new java.sql.Date(vulnerabilityPojo.getActualRemediationDate().getTime());
            sb.append(",date_completion");
            sb2.append(",'");
            sb2.append(date2);
            sb2.append("'");
            z = true;
            this.log.debug("Setting actual remediation date to: " + date2 + " (" + date2.getTime() + ")");
        }
        if (z) {
            String str = "INSERT INTO componentuse_vulnerability (" + ((Object) sb) + ") VALUES (" + ((Object) sb2) + ")";
            try {
                this.log.debug("Executing sql: " + str);
                createStatement.execute(str);
            } catch (SQLException e) {
                this.log.error("Error executing SQL: " + str);
                throw new Exception("Unable to set componentuse_vulnerability remediation dates, which were added in Code Center 6.7.1p2: " + e.getMessage());
            }
        }
    }

    public List<VulnerabilityMapping> retrieveVulnerabilityImpact(int i, String str) throws SQLException {
        this.log.debug("Fetch vulnerability impact");
        String reportDateCriteria = getReportDateCriteria(i, str);
        Statement createStatement = this.connBdsVuln.createStatement();
        String queryVulnerabilityImpact = this.queryBuilder.getQueryVulnerabilityImpact(reportDateCriteria);
        ArrayList arrayList = new ArrayList();
        this.log.debug("Executing sql: " + queryVulnerabilityImpact);
        ResultSet executeQuery = createStatement.executeQuery(queryVulnerabilityImpact);
        while (executeQuery.next()) {
            arrayList.add(new VulnerabilityMappingImpl(executeQuery.getInt("nvd_cve_id"), executeQuery.getInt(QueryBuilder.NVD_RELEASE_MAPPINGS_VERSION_ID), executeQuery.getInt(QueryBuilder.NVD_RELEASE_MAPPINGS_RELEASE_ID)));
        }
        return arrayList;
    }

    public List<ComponentPojo> retrieveComponentForRelease(int i) throws SQLException {
        this.log.debug("Fetching component for release");
        ArrayList arrayList = new ArrayList();
        Statement createStatement = this.connBdsCatalog.createStatement();
        String queryComponentForRelease = this.queryBuilder.getQueryComponentForRelease(i);
        this.log.debug("Executing sql: " + queryComponentForRelease);
        ResultSet executeQuery = createStatement.executeQuery(queryComponentForRelease);
        while (executeQuery.next()) {
            ComponentPojoImpl componentPojoImpl = new ComponentPojoImpl(executeQuery.getString("id"), executeQuery.getString("name"), executeQuery.getString("version"), executeQuery.getString(QueryBuilder.COMPONENT_KB_COMPONENT_ID));
            this.log.info(componentPojoImpl.toString());
            arrayList.add(componentPojoImpl);
        }
        if (arrayList.size() > 0) {
            this.log.info("Components identified for the RELEASE_ID : " + i + " - " + arrayList.size());
        }
        return arrayList;
    }

    public List<ApplicationPojo> retrieveApplicationFromComponentUse(String str) throws SQLException {
        this.log.debug("Fetching application from componentUse");
        ArrayList arrayList = new ArrayList();
        Statement createStatement = this.connBdsCatalog.createStatement();
        Statement createStatement2 = this.connBdsCatalog.createStatement();
        String queryComponentFromComponentUse = this.queryBuilder.getQueryComponentFromComponentUse(str);
        this.log.debug("Executing sql: " + queryComponentFromComponentUse);
        ResultSet executeQuery = createStatement.executeQuery(queryComponentFromComponentUse);
        while (executeQuery.next()) {
            String string = executeQuery.getString("application");
            this.log.debug("Searching for application: ID = " + string);
            ResultSet executeQuery2 = createStatement2.executeQuery(this.queryBuilder.getQueryAppliaction(string));
            while (executeQuery2.next()) {
                String string2 = executeQuery2.getString("name");
                arrayList.add(new ApplicationPojoImpl(executeQuery2.getString("id"), string2, executeQuery2.getString("version"), executeQuery2.getString(QueryBuilder.APPLICATION_DESCN), null));
                this.log.debug("Identified application : " + string + ":" + string2);
            }
        }
        return arrayList;
    }

    private String getReportDateCriteria(int i, String str) {
        return (str == null || str.trim().isEmpty()) ? "updated >= (now() - '" + i + " hour'::INTERVAL) " : "to_char(updated, 'YYYY-MM-DD') = " + str;
    }
}
