package com.vaadin.appsec.views;

import com.vaadin.appsec.backend.AppSecService;
import com.vaadin.appsec.backend.AppSecUtils;
import com.vaadin.appsec.backend.model.AppSecData;
import com.vaadin.appsec.backend.model.analysis.AffectedVersion;
import com.vaadin.appsec.backend.model.analysis.Assessment;
import com.vaadin.appsec.backend.model.analysis.AssessmentStatus;
import com.vaadin.appsec.backend.model.analysis.VulnerabilityDetails;
import com.vaadin.appsec.backend.model.dto.Dependency;
import com.vaadin.appsec.backend.model.dto.SeverityLevel;
import com.vaadin.appsec.backend.model.dto.Vulnerability;
import com.vaadin.appsec.backend.model.osv.response.Ecosystem;
import com.vaadin.flow.component.ClickEvent;
import com.vaadin.flow.component.Component;
import com.vaadin.flow.component.HasValue;
import com.vaadin.flow.component.Html;
import com.vaadin.flow.component.UI;
import com.vaadin.flow.component.Unit;
import com.vaadin.flow.component.button.Button;
import com.vaadin.flow.component.button.ButtonVariant;
import com.vaadin.flow.component.combobox.ComboBox;
import com.vaadin.flow.component.html.NativeLabel;
import com.vaadin.flow.component.html.Span;
import com.vaadin.flow.component.icon.Icon;
import com.vaadin.flow.component.icon.VaadinIcon;
import com.vaadin.flow.component.orderedlayout.FlexComponent;
import com.vaadin.flow.component.orderedlayout.HorizontalLayout;
import com.vaadin.flow.component.orderedlayout.VerticalLayout;
import com.vaadin.flow.component.textfield.TextArea;
import com.vaadin.flow.server.Version;
import java.lang.invoke.SerializedLambda;
import java.text.DateFormat;
import java.time.Instant;
import java.util.Date;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import org.jsoup.Jsoup;
import org.jsoup.safety.Safelist;

/* loaded from: input_file:com/vaadin/appsec/views/VulnerabilityDetailsView.class */
public class VulnerabilityDetailsView extends VerticalLayout {
    private final DateFormat dateFormatter = DateFormat.getDateInstance(2, UI.getCurrent().getLocale());
    private final DateFormat dateTimeFormatter = DateFormat.getDateTimeInstance(2, 2, UI.getCurrent().getLocale());
    private final Vulnerability vulnerabilityDTO;
    private final Runnable closeCallback;
    private Button saveButton;
    private ComboBox<AppSecData.VulnerabilityStatus> developerStatus;
    private TextArea developerAnalysis;
    private Span lastUpdated;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.vaadin.appsec.views.VulnerabilityDetailsView$1, reason: invalid class name */
    /* loaded from: input_file:com/vaadin/appsec/views/VulnerabilityDetailsView$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$vaadin$appsec$backend$model$analysis$AssessmentStatus = new int[AssessmentStatus.values().length];

        static {
            try {
                $SwitchMap$com$vaadin$appsec$backend$model$analysis$AssessmentStatus[AssessmentStatus.TRUE_POSITIVE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$vaadin$appsec$backend$model$analysis$AssessmentStatus[AssessmentStatus.FALSE_POSITIVE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$vaadin$appsec$backend$model$analysis$AssessmentStatus[AssessmentStatus.UNDER_REVIEW.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public VulnerabilityDetailsView(Vulnerability vulnerability, Runnable runnable) {
        this.vulnerabilityDTO = vulnerability;
        this.closeCallback = runnable;
        setSizeFull();
        setMargin(false);
        addClassName("vulnerability-details-view");
        buildHeaderBar();
        buildContent();
    }

    private void buildHeaderBar() {
        HorizontalLayout horizontalLayout = new HorizontalLayout();
        horizontalLayout.addClassName("vulnerability-header");
        horizontalLayout.setDefaultVerticalComponentAlignment(FlexComponent.Alignment.BASELINE);
        horizontalLayout.setWidth(100.0f, Unit.PERCENTAGE);
        Component button = new Button(new Icon(VaadinIcon.CHEVRON_LEFT));
        button.addClassName("navigate-back-button");
        button.addThemeVariants(new ButtonVariant[]{ButtonVariant.LUMO_ICON});
        button.addClassName("border-0");
        button.addClassName("bg-transparent");
        button.setAriaLabel("Navigate back");
        button.setTooltipText("Navigate back");
        button.addClickListener(clickEvent -> {
            this.closeCallback.run();
        });
        horizontalLayout.add(new Component[]{button});
        Component span = new Span(this.vulnerabilityDTO.getIdentifier());
        span.addClassName("vulnerability-title");
        horizontalLayout.addAndExpand(new Component[]{span});
        add(new Component[]{horizontalLayout});
    }

    private void buildContent() {
        Component buildLeftContent = buildLeftContent();
        HorizontalLayout horizontalLayout = new HorizontalLayout(new Component[]{buildLeftContent, buildRightContent()});
        horizontalLayout.expand(new Component[]{buildLeftContent});
        horizontalLayout.setSizeFull();
        horizontalLayout.addClassName("vulnerability-details-content-panel");
        addAndExpand(new Component[]{horizontalLayout});
    }

    private Component buildLeftContent() {
        Component verticalLayout = new VerticalLayout();
        verticalLayout.addClassName("vulnerability-details-content-left");
        verticalLayout.setMargin(true);
        verticalLayout.add(new Component[]{buildProperties()});
        verticalLayout.add(new Component[]{buildVaadinAnalysis()});
        verticalLayout.add(new Component[]{buildVulnerabilityDesc()});
        verticalLayout.add(new Component[]{buildReferences()});
        HorizontalLayout horizontalLayout = new HorizontalLayout(new Component[]{verticalLayout});
        horizontalLayout.setSizeFull();
        horizontalLayout.addClassName("border-0");
        return horizontalLayout;
    }

    private Component buildProperties() {
        HorizontalLayout horizontalLayout = new HorizontalLayout();
        horizontalLayout.setWidth(100.0f, Unit.PERCENTAGE);
        horizontalLayout.add(new Component[]{buildLabel("Ecosystem", this.vulnerabilityDTO.getDependency().getEcosystem().toString())});
        horizontalLayout.add(new Component[]{buildLabel("Dependency", this.vulnerabilityDTO.getDependency().toString())});
        horizontalLayout.add(new Component[]{buildLabel("Version", this.vulnerabilityDTO.getDependency().getVersion())});
        horizontalLayout.add(new Component[]{buildLabel("Patched in version", this.vulnerabilityDTO.getPatchedVersion())});
        horizontalLayout.add(new Component[]{buildLabel("Risk rating", String.valueOf(this.vulnerabilityDTO.getRiskScore()))});
        horizontalLayout.add(new Component[]{buildLabel("Status", "---")});
        horizontalLayout.add(new Component[]{buildLabel("Time of detection", this.dateFormatter.format(this.vulnerabilityDTO.getDatePublished()))});
        SeverityLevel severityLevel = this.vulnerabilityDTO.getSeverityLevel();
        Component buildLabel = buildLabel("Severity", severityLevel + (SeverityLevel.NONE == severityLevel ? "" : " severity"));
        buildLabel.addClassName("severity-" + this.vulnerabilityDTO.getSeverityLevel().name());
        horizontalLayout.add(new Component[]{buildLabel});
        return horizontalLayout;
    }

    private Component buildLabel(String str, String str2) {
        Component span = new Span(str2);
        span.setId(str);
        Component nativeLabel = new NativeLabel(str);
        nativeLabel.setFor(span);
        nativeLabel.addClassName("vulnerability-property-label");
        VerticalLayout verticalLayout = new VerticalLayout(new Component[]{nativeLabel, span});
        verticalLayout.addClassName("vulnerability-details-property-holder");
        verticalLayout.setSizeUndefined();
        return verticalLayout;
    }

    private Component buildVaadinAnalysis() {
        VerticalLayout verticalLayout = new VerticalLayout();
        verticalLayout.addClassName("vaadin-analysis-panel");
        verticalLayout.addClassName("m-s");
        Component span = new Span("Vaadin analysis");
        span.addClassName("vaadin-analysis-title");
        span.setWidth(100.0f, Unit.PERCENTAGE);
        verticalLayout.add(new Component[]{span});
        String fullVersion = Version.getFullVersion();
        List supportedFlow24Versions = AppSecService.getInstance().getSupportedFlow24Versions();
        boolean contains = supportedFlow24Versions.contains(fullVersion);
        Component span2 = new Span();
        Component span3 = new Span();
        if (contains) {
            Optional<AffectedVersion> assessment = getAssessment();
            if (assessment.isPresent()) {
                AffectedVersion affectedVersion = assessment.get();
                AssessmentStatus status = affectedVersion.getStatus();
                span2.setText(status.toString());
                setStatusStyle(span2, status);
                span3.setText(affectedVersion.getComment());
            } else {
                span2.setText("Not Available");
                span3.setText("This vulnerability has not yet been assessed by the Vaadin Security Team. Please check later for updates.");
                span2.addClassName("vaadin-analysis-not-available");
            }
        } else {
            span2.setText("Not Provided");
            span2.addClassName("vaadin-analysis-not-supported");
            span3.setText("This app is running with Vaadin " + fullVersion + " which is not currently getting security updates. Please  upgrade to one of the latest maintained versions: " + String.join(", ", supportedFlow24Versions));
        }
        span3.addClassName("vaadin-analysis-desc");
        span3.setWidth(100.0f, Unit.PERCENTAGE);
        verticalLayout.add(new Component[]{span2});
        verticalLayout.add(new Component[]{span3});
        return verticalLayout;
    }

    private Optional<AffectedVersion> getAssessment() {
        VulnerabilityDetails vulnerabilityDetails = (VulnerabilityDetails) AppSecService.getInstance().getVulnerabilityAnalysis().getVulnerabilities().get(this.vulnerabilityDTO.getIdentifier());
        if (vulnerabilityDetails == null) {
            return Optional.empty();
        }
        Dependency dependency = this.vulnerabilityDTO.getDependency();
        String parentBomRef = dependency.getParentBomRef();
        Assessment assessment = (Assessment) vulnerabilityDetails.getAssessments().get(dependency.getEcosystem() == Ecosystem.MAVEN ? AppSecUtils.bomRefToMavenGroupAndName(parentBomRef) : AppSecUtils.bomRefToNpmGroupAndName(parentBomRef));
        return assessment == null ? Optional.empty() : assessment.getAffectedVersions().values().stream().filter(affectedVersion -> {
            return affectedVersion.isInRange(AppSecUtils.bomRefToVersion(parentBomRef));
        }).findFirst();
    }

    private void setStatusStyle(Span span, AssessmentStatus assessmentStatus) {
        switch (AnonymousClass1.$SwitchMap$com$vaadin$appsec$backend$model$analysis$AssessmentStatus[assessmentStatus.ordinal()]) {
            case 1:
                span.addClassName("vaadin-analysis-true-positive");
                return;
            case 2:
                span.addClassName("vaadin-analysis-false-positive");
                return;
            case 3:
                span.addClassName("vaadin-analysis-under-review");
                return;
            default:
                span.addClassName("vaadin-analysis-not-supported");
                return;
        }
    }

    private Component buildVulnerabilityDesc() {
        VerticalLayout verticalLayout = new VerticalLayout();
        Component span = new Span("Vulnerability description");
        span.addClassName("vulnerability-desc-title");
        span.setWidth(100.0f, Unit.PERCENTAGE);
        verticalLayout.add(new Component[]{span});
        Component html = new Html("<div>\n" + Jsoup.clean(this.vulnerabilityDTO.getDetails(), Safelist.relaxed()) + "\n</div>");
        html.addClassName("vulnerability-desc");
        verticalLayout.add(new Component[]{html});
        return verticalLayout;
    }

    private Component buildReferences() {
        VerticalLayout verticalLayout = new VerticalLayout();
        Component span = new Span("References");
        span.addClassName("references-title");
        span.setWidth(100.0f, Unit.PERCENTAGE);
        verticalLayout.add(new Component[]{span});
        List list = this.vulnerabilityDTO.getReferenceUrls().stream().map(str -> {
            return new Html("<a href=\"" + str + "\" target=\"_blank\">" + str + "</a>");
        }).toList();
        Objects.requireNonNull(verticalLayout);
        list.forEach(component -> {
            verticalLayout.add(new Component[]{component});
        });
        return verticalLayout;
    }

    private Component buildRightContent() {
        VerticalLayout verticalLayout = new VerticalLayout();
        verticalLayout.addClassName("vulnerability-details-content-right");
        verticalLayout.addClassName("m-s");
        verticalLayout.setMargin(true);
        verticalLayout.setHeight(100.0f, Unit.PERCENTAGE);
        verticalLayout.setWidth(400.0f, Unit.PIXELS);
        verticalLayout.add(new Component[]{buildDeveloperAnalysisTitle()});
        verticalLayout.add(new Component[]{buildDeveloperAnalysisDesc()});
        verticalLayout.add(new Component[]{buildDeveloperStatus()});
        verticalLayout.addAndExpand(new Component[]{buildDeveloperAnalysis()});
        verticalLayout.add(new Component[]{buildLastUpdated()});
        verticalLayout.add(new Component[]{buildSaveButton()});
        verticalLayout.setHorizontalComponentAlignment(FlexComponent.Alignment.END, new Component[]{this.saveButton});
        return verticalLayout;
    }

    private Component buildDeveloperAnalysisTitle() {
        Span span = new Span("Developer analysis");
        span.addClassName("developer-analysis-title");
        span.setWidth(100.0f, Unit.PERCENTAGE);
        return span;
    }

    private Component buildDeveloperAnalysisDesc() {
        Span span = new Span("You can declare a status for this vulnerability if you have done some analysis on this vulnerability or want to perform an analysis on this vulnerability.");
        span.setWidth(100.0f, Unit.PERCENTAGE);
        span.addClassName("developer-analysis-desc");
        return span;
    }

    private Component buildDeveloperStatus() {
        this.developerStatus = new ComboBox<>();
        this.developerStatus.setItems(new AppSecData.VulnerabilityStatus[]{AppSecData.VulnerabilityStatus.NOT_SET, AppSecData.VulnerabilityStatus.NOT_AFFECTED, AppSecData.VulnerabilityStatus.FALSE_POSITIVE, AppSecData.VulnerabilityStatus.IN_TRIAGE, AppSecData.VulnerabilityStatus.EXPLOITABLE});
        this.developerStatus.setPlaceholder("Select status");
        this.developerStatus.setWidth(100.0f, Unit.PERCENTAGE);
        this.developerStatus.setLabel("Vulnerability status");
        this.developerStatus.setValue(this.vulnerabilityDTO.getDeveloperStatus());
        this.developerStatus.addValueChangeListener((v1) -> {
            developerAnalysisChanged(v1);
        });
        return this.developerStatus;
    }

    private Component buildDeveloperAnalysis() {
        this.developerAnalysis = new TextArea("Description (optional)");
        this.developerAnalysis.setPlaceholder("Add a description that describes the state of this vulnerability");
        this.developerAnalysis.setWidth(100.0f, Unit.PERCENTAGE);
        if (this.vulnerabilityDTO.getDeveloperAnalysis() != null) {
            this.developerAnalysis.setValue(this.vulnerabilityDTO.getDeveloperAnalysis());
        }
        this.developerAnalysis.addValueChangeListener((v1) -> {
            developerAnalysisChanged(v1);
        });
        return this.developerAnalysis;
    }

    private void developerAnalysisChanged(HasValue.ValueChangeEvent<?> valueChangeEvent) {
        this.saveButton.setEnabled((Objects.equals(this.vulnerabilityDTO.getDeveloperStatus(), this.developerStatus.getValue()) && Objects.equals(this.vulnerabilityDTO.getDeveloperAnalysis(), this.developerAnalysis.getValue())) ? false : true);
    }

    private Component buildLastUpdated() {
        this.lastUpdated = new Span("Last updated: " + (this.vulnerabilityDTO.getDeveloperUpdated() == null ? "-" : this.dateTimeFormatter.format(Date.from(this.vulnerabilityDTO.getDeveloperUpdated()))));
        this.lastUpdated.setWidth(310.0f, Unit.PIXELS);
        return this.lastUpdated;
    }

    private Component buildSaveButton() {
        this.saveButton = new Button("Save");
        this.saveButton.setEnabled(false);
        this.saveButton.addThemeVariants(new ButtonVariant[]{ButtonVariant.LUMO_PRIMARY});
        this.saveButton.setAriaLabel("Save developer analysis");
        this.saveButton.setTooltipText("Save developer analysis");
        this.saveButton.addClickListener(this::save);
        return this.saveButton;
    }

    private void save(ClickEvent<Button> clickEvent) {
        if (this.developerStatus.getValue() == null) {
            this.developerStatus.setValue(AppSecData.VulnerabilityStatus.NOT_SET);
        }
        String identifier = this.vulnerabilityDTO.getIdentifier();
        AppSecData data = AppSecService.getInstance().getData();
        AppSecData.VulnerabilityAssessment vulnerabilityAssessment = (AppSecData.VulnerabilityAssessment) data.getVulnerabilities().get(identifier);
        if (vulnerabilityAssessment == null) {
            vulnerabilityAssessment = new AppSecData.VulnerabilityAssessment();
        }
        vulnerabilityAssessment.setId(identifier);
        vulnerabilityAssessment.setStatus((AppSecData.VulnerabilityStatus) this.developerStatus.getValue());
        vulnerabilityAssessment.setDeveloperAnalysis(this.developerAnalysis.getValue());
        Instant now = Instant.now();
        vulnerabilityAssessment.setUpdated(now);
        data.getVulnerabilities().put(identifier, vulnerabilityAssessment);
        AppSecService.getInstance().setData(data);
        this.lastUpdated.setText("Last updated: " + this.dateTimeFormatter.format(Date.from(now)));
        this.saveButton.setEnabled(false);
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case 3522941:
                if (implMethodName.equals("save")) {
                    z = true;
                    break;
                }
                break;
            case 1343738776:
                if (implMethodName.equals("lambda$buildHeaderBar$9b1b5227$1")) {
                    z = 2;
                    break;
                }
                break;
            case 2118785806:
                if (implMethodName.equals("developerAnalysisChanged")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/flow/component/HasValue$ValueChangeListener") && serializedLambda.getFunctionalInterfaceMethodName().equals("valueChanged") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lcom/vaadin/flow/component/HasValue$ValueChangeEvent;)V") && serializedLambda.getImplClass().equals("com/vaadin/appsec/views/VulnerabilityDetailsView") && serializedLambda.getImplMethodSignature().equals("(Lcom/vaadin/flow/component/HasValue$ValueChangeEvent;)V")) {
                    VulnerabilityDetailsView vulnerabilityDetailsView = (VulnerabilityDetailsView) serializedLambda.getCapturedArg(0);
                    return (v1) -> {
                        r0.developerAnalysisChanged(v1);
                    };
                }
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/flow/component/HasValue$ValueChangeListener") && serializedLambda.getFunctionalInterfaceMethodName().equals("valueChanged") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lcom/vaadin/flow/component/HasValue$ValueChangeEvent;)V") && serializedLambda.getImplClass().equals("com/vaadin/appsec/views/VulnerabilityDetailsView") && serializedLambda.getImplMethodSignature().equals("(Lcom/vaadin/flow/component/HasValue$ValueChangeEvent;)V")) {
                    VulnerabilityDetailsView vulnerabilityDetailsView2 = (VulnerabilityDetailsView) serializedLambda.getCapturedArg(0);
                    return (v1) -> {
                        r0.developerAnalysisChanged(v1);
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/flow/component/ComponentEventListener") && serializedLambda.getFunctionalInterfaceMethodName().equals("onComponentEvent") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lcom/vaadin/flow/component/ComponentEvent;)V") && serializedLambda.getImplClass().equals("com/vaadin/appsec/views/VulnerabilityDetailsView") && serializedLambda.getImplMethodSignature().equals("(Lcom/vaadin/flow/component/ClickEvent;)V")) {
                    VulnerabilityDetailsView vulnerabilityDetailsView3 = (VulnerabilityDetailsView) serializedLambda.getCapturedArg(0);
                    return vulnerabilityDetailsView3::save;
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/flow/component/ComponentEventListener") && serializedLambda.getFunctionalInterfaceMethodName().equals("onComponentEvent") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lcom/vaadin/flow/component/ComponentEvent;)V") && serializedLambda.getImplClass().equals("com/vaadin/appsec/views/VulnerabilityDetailsView") && serializedLambda.getImplMethodSignature().equals("(Lcom/vaadin/flow/component/ClickEvent;)V")) {
                    VulnerabilityDetailsView vulnerabilityDetailsView4 = (VulnerabilityDetailsView) serializedLambda.getCapturedArg(0);
                    return clickEvent -> {
                        this.closeCallback.run();
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
