/* eslint-disable
    camelcase,
    no-cond-assign,
    no-unused-vars,
    node/no-deprecated-api,
*/
// TODO: This file was created by bulk-decaffeinate.
// Fix any style issues and re-enable lint.
/*
 * decaffeinate suggestions:
 * DS101: Remove unnecessary use of Array.from
 * DS102: Remove unnecessary code created because of implicit returns
 * DS103: Rewrite code to no longer use __guard__
 * DS207: Consider shorter variations of null checks
 * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md
 */
let ForbidSymlinks;
const Path = require("path");
const fs = require("fs");
const Settings = require("settings-sharelatex");
const logger = require("logger-sharelatex");
const url = require("url");

module.exports = (ForbidSymlinks = function(staticFn, root, options) {
	const expressStatic = staticFn(root, options);
	const basePath = Path.resolve(root);
	return function(req, res, next) {
		let file, project_id, result;
		const path = __guard__(url.parse(req.url), x => x.pathname);
		// check that the path is of the form /project_id_or_name/path/to/file.log
		if (result = path.match(/^\/?([a-zA-Z0-9_-]+)\/(.*)/)) {
			project_id = result[1];
			file = result[2];
		} else {
			logger.warn({path}, "unrecognized file request");
			return res.sendStatus(404);
		}
		// check that the file does not use a relative path
		for (const dir of Array.from(file.split('/'))) {
			if (dir === '..') {
				logger.warn({path}, "attempt to use a relative path");
				return res.sendStatus(404);
			}
		}
		// check that the requested path is normalized
		const requestedFsPath = `${basePath}/${project_id}/${file}`;
		if (requestedFsPath !== Path.normalize(requestedFsPath)) {
				logger.error({path: requestedFsPath}, "requestedFsPath is not normalized");
				return res.sendStatus(404);
			}
		// check that the requested path is not a symlink
		return fs.realpath(requestedFsPath, function(err, realFsPath){
			if (err != null) {
				if (err.code === 'ENOENT') {
					return res.sendStatus(404);
				} else {
					logger.error({err, requestedFsPath, realFsPath, path: req.params[0], project_id: req.params.project_id}, "error checking file access");
					return res.sendStatus(500);
				}
			} else if (requestedFsPath !== realFsPath) {
				logger.warn({requestedFsPath, realFsPath, path: req.params[0], project_id: req.params.project_id}, "trying to access a different file (symlink), aborting");
				return res.sendStatus(404);
			} else {
				return expressStatic(req, res, next);
			}
		});
	};
});

function __guard__(value, transform) {
  return (typeof value !== 'undefined' && value !== null) ? transform(value) : undefined;
}