package io.codemodder.codemods;

import com.github.javaparser.Range;
import com.github.javaparser.ast.CompilationUnit;
import com.github.javaparser.ast.NodeList;
import com.github.javaparser.ast.body.CallableDeclaration;
import com.github.javaparser.ast.expr.BinaryExpr;
import com.github.javaparser.ast.expr.Expression;
import com.github.javaparser.ast.expr.MethodCallExpr;
import com.github.javaparser.ast.expr.StringLiteralExpr;
import io.codemodder.Codemod;
import io.codemodder.CodemodChange;
import io.codemodder.CodemodFileScanningResult;
import io.codemodder.CodemodInvocationContext;
import io.codemodder.Importance;
import io.codemodder.ReviewGuidance;
import io.codemodder.ast.ASTTransforms;
import io.codemodder.javaparser.JavaParserChanger;
import io.codemodder.remediation.sqlinjection.QueryParameterizer;
import java.util.ArrayList;
import java.util.Deque;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.function.Predicate;
import java.util.stream.Collectors;

@Codemod(id = "pixee:java/hql-parameterizer", importance = Importance.HIGH, reviewGuidance = ReviewGuidance.MERGE_AFTER_REVIEW)
/* loaded from: input_file:io/codemodder/codemods/HQLParameterizationCodemod.class */
public final class HQLParameterizationCodemod extends JavaParserChanger {
    private static final String queryParameterNamePrefix = ":parameter";

    private Optional<CodemodChange> onNodeFound(CodemodInvocationContext codemodInvocationContext, MethodCallExpr methodCallExpr, CompilationUnit compilationUnit) {
        if (isQueryCreation(methodCallExpr)) {
            QueryParameterizer queryParameterizer = new QueryParameterizer(methodCallExpr.getArgument(0));
            if (!queryParameterizer.getInjections().isEmpty()) {
                fix(methodCallExpr, queryParameterizer);
                Optional findAncestor = methodCallExpr.findAncestor(new Class[]{CallableDeclaration.class});
                findAncestor.ifPresent(callableDeclaration -> {
                    ASTTransforms.removeEmptyStringConcatenation(callableDeclaration);
                });
                findAncestor.ifPresent(callableDeclaration2 -> {
                    ASTTransforms.removeUnusedLocalVariables(callableDeclaration2);
                });
                return Optional.of(CodemodChange.from(((Range) methodCallExpr.getRange().get()).begin.line));
            }
        }
        return Optional.empty();
    }

    public CodemodFileScanningResult visit(CodemodInvocationContext codemodInvocationContext, CompilationUnit compilationUnit) {
        return CodemodFileScanningResult.withOnlyChanges((List) compilationUnit.findAll(MethodCallExpr.class).stream().flatMap(methodCallExpr -> {
            return onNodeFound(codemodInvocationContext, methodCallExpr, compilationUnit).stream();
        }).collect(Collectors.toList()));
    }

    private boolean isQueryCreation(MethodCallExpr methodCallExpr) {
        Predicate predicate = methodCallExpr2 -> {
            return methodCallExpr2.getNameAsString().equals("createQuery") || methodCallExpr2.getNameAsString().equals("createNativeQuery");
        };
        methodCallExpr3 -> {
            return methodCallExpr3.getScope().filter(expression -> {
                return expression.calculateResolvedType().describe().equals("org.hibernate.Session");
            }).isPresent();
        };
        return predicate.test(methodCallExpr);
    }

    private List<Expression> fixInjections(List<Deque<Expression>> list, Map<Expression, Expression> map) {
        ArrayList arrayList = new ArrayList();
        int i = 0;
        for (Deque<Expression> deque : list) {
            Expression removeFirst = deque.removeFirst();
            String value = removeFirst.asStringLiteralExpr().getValue();
            StringBuilder sb = new StringBuilder(value);
            int lastIndexOf = value.lastIndexOf(39) + 1;
            String substring = value.substring(lastIndexOf);
            sb.replace(lastIndexOf - 1, value.length(), ":parameter" + i);
            removeFirst.asStringLiteralExpr().setValue(sb.toString());
            Expression removeLast = deque.removeLast();
            String value2 = removeLast.asStringLiteralExpr().getValue();
            int indexOf = value2.indexOf(39);
            String substring2 = removeLast.asStringLiteralExpr().getValue().substring(indexOf + 1);
            String substring3 = value2.substring(0, indexOf);
            removeLast.asStringLiteralExpr().setValue(substring2);
            Expression combineExpressions = combineExpressions(deque, map);
            if (substring != "") {
                combineExpressions = new BinaryExpr(new StringLiteralExpr(substring), combineExpressions, BinaryExpr.Operator.PLUS);
            }
            if (substring3 != "") {
                combineExpressions = new BinaryExpr(combineExpressions, new StringLiteralExpr(substring3), BinaryExpr.Operator.PLUS);
            }
            arrayList.add(combineExpressions);
            i++;
        }
        return arrayList;
    }

    private Expression combineExpressions(Deque<Expression> deque, Map<Expression, Expression> map) {
        Iterator<Expression> it = deque.iterator();
        Expression next = it.next();
        boolean z = false;
        try {
            z = next.calculateResolvedType().describe().equals("java.lang.String");
        } catch (Exception e) {
        }
        unresolve(next, map).replace(new StringLiteralExpr(""));
        while (it.hasNext()) {
            Expression next2 = it.next();
            if (!z) {
                try {
                    if (next2.calculateResolvedType().describe().equals("java.lang.String")) {
                        z = true;
                    }
                } catch (Exception e2) {
                }
            }
            unresolve(next2, map).replace(new StringLiteralExpr(""));
            next = new BinaryExpr(next, next2, BinaryExpr.Operator.PLUS);
        }
        return z ? next : new BinaryExpr(next, new StringLiteralExpr(""), BinaryExpr.Operator.PLUS);
    }

    private Expression unresolve(Expression expression, Map<Expression, Expression> map) {
        Expression expression2 = expression;
        while (true) {
            Expression expression3 = expression2;
            if (map.get(expression3) == null) {
                return expression3;
            }
            expression2 = map.get(expression3);
        }
    }

    private void fix(MethodCallExpr methodCallExpr, QueryParameterizer queryParameterizer) {
        List<Expression> fixInjections = fixInjections(queryParameterizer.getInjections(), queryParameterizer.getLinearizedQuery().getResolvedExpressionsMap());
        MethodCallExpr methodCallExpr2 = methodCallExpr;
        for (int i = 0; i < fixInjections.size(); i++) {
            MethodCallExpr methodCallExpr3 = new MethodCallExpr();
            methodCallExpr2.replace(methodCallExpr3);
            methodCallExpr3.setScope(methodCallExpr2);
            methodCallExpr3.setName("setParameter");
            methodCallExpr3.setArguments(new NodeList(new Expression[]{new StringLiteralExpr(":parameter" + i), fixInjections.get(i)}));
            methodCallExpr2 = methodCallExpr3;
        }
        methodCallExpr.setArgument(0, queryParameterizer.getRoot());
    }
}
