package org.craftercms.engine.controller.rest.preview;

import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.configuration2.HierarchicalConfiguration;
import org.apache.commons.lang3.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.bson.types.ObjectId;
import org.craftercms.engine.util.ConfigUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"${crafter.core.rest.base.uri}/profile"})
@RestController
/* loaded from: input_file:BOOT-INF/lib/crafter-studio-3.1.11E-classes.jar:org/craftercms/engine/controller/rest/preview/ProfileRestController.class */
public class ProfileRestController {
    public static final String URL_ROOT = "/profile";
    public static final String PROFILE_SESSION_ATTRIBUTE = "_cr_profile_state";
    public static final String CLEANSE_ATTRS_CONFIG_KEY = "preview.targeting.cleanseAttributes";

    @RequestMapping(value = {"/get"}, method = {RequestMethod.GET})
    public Map<String, String> getProfile(HttpSession httpSession) {
        Map<String, String> map = (Map) httpSession.getAttribute(PROFILE_SESSION_ATTRIBUTE);
        if (map == null) {
            map = new HashMap();
            httpSession.setAttribute(PROFILE_SESSION_ATTRIBUTE, map);
        }
        return map;
    }

    @RequestMapping(value = {"/set"}, method = {RequestMethod.GET})
    public Map<String, String> setProfile(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        boolean shouldCleanseAttributes = shouldCleanseAttributes();
        HashMap hashMap = new HashMap();
        Enumeration<String> parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String nextElement = parameterNames.nextElement();
            String parameter = httpServletRequest.getParameter(nextElement);
            if (StringUtils.isNotEmpty(parameter)) {
                String trim = parameter.trim();
                hashMap.put(nextElement, shouldCleanseAttributes ? StringEscapeUtils.escapeHtml4(trim) : trim);
            }
        }
        hashMap.put("id", new ObjectId().toHexString());
        httpSession.setAttribute(PROFILE_SESSION_ATTRIBUTE, hashMap);
        return hashMap;
    }

    protected boolean shouldCleanseAttributes() {
        HierarchicalConfiguration currentConfig = ConfigUtils.getCurrentConfig();
        return currentConfig != null && currentConfig.getBoolean(CLEANSE_ATTRS_CONFIG_KEY, true);
    }
}
