"use strict";

Object.defineProperty(exports, "__esModule", {
  value: true
});
exports.registerActionFileDownloadRoutes = exports.getActionFileDownloadRouteHandler = void 0;
var _endpoint = require("../../../../common/api/endpoint");
var _custom_http_request_error = require("../../../utils/custom_http_request_error");
var _services = require("../../services");
var _error_handler = require("../error_handler");
var _constants = require("../../../../common/endpoint/constants");
var _with_endpoint_authz = require("../with_endpoint_authz");
/*
 * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
 * or more contributor license agreements. Licensed under the Elastic License
 * 2.0; you may not use this file except in compliance with the Elastic License
 * 2.0.
 */

const registerActionFileDownloadRoutes = (router, endpointContext) => {
  const logger = endpointContext.logFactory.get('actionFileDownload');
  router.versioned.get({
    access: 'public',
    // NOTE:
    // Because this API is used in the browser via `href` (ex. on link to download a file),
    // we need to enable setting the version number via query params
    enableQueryVersion: true,
    path: _constants.ACTION_AGENT_FILE_DOWNLOAD_ROUTE,
    options: {
      authRequired: true,
      tags: ['access:securitySolution']
    }
  }).addVersion({
    version: '2023-10-31',
    validate: {
      request: _endpoint.EndpointActionFileDownloadSchema
    }
  }, (0, _with_endpoint_authz.withEndpointAuthz)({
    all: ['canWriteFileOperations']
  }, logger, getActionFileDownloadRouteHandler(endpointContext)));
};
exports.registerActionFileDownloadRoutes = registerActionFileDownloadRoutes;
const getActionFileDownloadRouteHandler = endpointContext => {
  const logger = endpointContext.logFactory.get('actionFileDownload');
  return async (context, req, res) => {
    const fleetFiles = await endpointContext.service.getFleetFromHostFilesClient();
    const esClient = (await context.core).elasticsearch.client.asInternalUser;
    const {
      action_id: actionId,
      file_id: fileId
    } = req.params;
    try {
      await (0, _services.validateActionId)(esClient, actionId);
      const file = await fleetFiles.get(fileId);
      if (file.id !== fileId) {
        throw new _custom_http_request_error.CustomHttpRequestError(`Invalid file id [${fileId}] for action [${actionId}]`, 400);
      }
      const {
        stream,
        fileName
      } = await fleetFiles.download(fileId);
      return res.ok({
        body: stream,
        headers: {
          'content-type': 'application/octet-stream',
          'cache-control': 'max-age=31536000, immutable',
          // Note, this name can be overridden by the client if set via a "download" attribute on the HTML tag.
          'content-disposition': `attachment; filename="${fileName !== null && fileName !== void 0 ? fileName : 'download.zip'}"`,
          // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
          'x-content-type-options': 'nosniff'
        }
      });
    } catch (error) {
      return (0, _error_handler.errorHandler)(logger, res, error);
    }
  };
};
exports.getActionFileDownloadRouteHandler = getActionFileDownloadRouteHandler;