package org.jahia.bin.filters;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.jcr.ItemNotFoundException;
import javax.jcr.RepositoryException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.jahia.bin.Jahia;
import org.jahia.bin.JahiaControllerUtils;
import org.jahia.data.templates.JahiaTemplatesPackage;
import org.jahia.registries.ServicesRegistry;
import org.jahia.services.content.JCRContentUtils;
import org.jahia.services.content.JCRNodeWrapper;
import org.jahia.services.content.JCRSessionFactory;
import org.jahia.services.content.JCRSessionWrapper;
import org.jahia.services.content.decorator.JCRSiteNode;
import org.jahia.services.sites.JahiaSite;
import org.jahia.services.sites.JahiaSitesService;
import org.jahia.services.templates.JahiaTemplateManagerService;
import org.jahia.services.uicomponents.bean.contentmanager.ManagerConfiguration;
import org.jahia.services.usermanager.JahiaUser;
import org.jahia.services.usermanager.JahiaUserManagerService;
import org.jahia.settings.SettingsBean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanFactoryUtils;
import org.springframework.context.ApplicationListener;

/* loaded from: input_file:org/jahia/bin/filters/ContentManagerAccessCheckFilter.class */
public class ContentManagerAccessCheckFilter implements Filter, ApplicationListener<JahiaTemplateManagerService.TemplatePackageRedeployedEvent> {
    private static final Logger logger = LoggerFactory.getLogger(ContentManagerAccessCheckFilter.class);
    private Map<String, String> mapping;
    private SettingsBean settingsBean;
    private String defaultContentManager = "repositoryexplorer";
    private String defaultContentPicker = "filepicker";
    private boolean requireAuthenticatedUser = true;

    protected boolean checkConfig(HttpServletRequest httpServletRequest) {
        return getMapping().containsKey(StringUtils.defaultIfEmpty(httpServletRequest.getParameter("conf"), isContentPicker(httpServletRequest) ? this.defaultContentPicker : this.defaultContentManager));
    }

    protected boolean checkWorkspace(HttpServletRequest httpServletRequest) {
        return JCRContentUtils.isValidWorkspace(httpServletRequest.getParameter("workspace"), true);
    }

    public void destroy() {
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v23, types: [org.jahia.services.content.JCRNodeWrapper] */
    /* JADX WARN: Type inference failed for: r0v45, types: [org.jahia.services.content.JCRNodeWrapper] */
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        JCRSiteNode m238getRootNode;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if ((this.requireAuthenticatedUser && JahiaUserManagerService.isGuest(getCurrentUser())) || this.settingsBean.isReadOnlyMode()) {
            httpServletResponse.sendError(403);
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (!checkWorkspace(httpServletRequest)) {
            httpServletResponse.sendError(404);
            return;
        }
        String defaultIfEmpty = StringUtils.defaultIfEmpty(httpServletRequest.getParameter("conf"), isContentPicker(httpServletRequest) ? this.defaultContentPicker : this.defaultContentManager);
        if (!getMapping().containsKey(defaultIfEmpty)) {
            httpServletResponse.sendError(404);
            return;
        }
        if (defaultIfEmpty.equals("repositoryexplorer")) {
            try {
                m238getRootNode = JCRSessionFactory.getInstance().getCurrentUserSession().m238getRootNode();
            } catch (RepositoryException e) {
                logger.error(e.getMessage(), e);
                httpServletResponse.sendError(403);
                return;
            }
        } else if (defaultIfEmpty.equals("categorymanager")) {
            try {
                m238getRootNode = JCRSessionFactory.getInstance().getCurrentUserSession().m234getNode("/sites/systemsite");
            } catch (RepositoryException e2) {
                logger.error(e2.getMessage(), e2);
                httpServletResponse.sendError(403);
                return;
            }
        } else {
            m238getRootNode = getSite(httpServletRequest);
            if (m238getRootNode == null) {
                httpServletResponse.sendError(404);
                return;
            }
        }
        if (this.requireAuthenticatedUser) {
            String str = getMapping().get(defaultIfEmpty);
            if (str == null && isContentPicker(httpServletRequest)) {
                str = "jcr:read_default";
            }
            if (str != null && !isAllowed(str, m238getRootNode)) {
                httpServletResponse.sendError(403);
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    protected JahiaUser getCurrentUser() {
        return JCRSessionFactory.getInstance().getCurrentUser();
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected Map<String, String> getMapping() {
        if (this.mapping == null) {
            this.mapping = new HashMap();
            for (JahiaTemplatesPackage jahiaTemplatesPackage : ServicesRegistry.getInstance().getJahiaTemplateManagerService().getAvailableTemplatePackages()) {
                if (jahiaTemplatesPackage.getContext() != null) {
                    for (Map.Entry entry : BeanFactoryUtils.beansOfTypeIncludingAncestors(jahiaTemplatesPackage.getContext(), ManagerConfiguration.class).entrySet()) {
                        this.mapping.put(entry.getKey(), ((ManagerConfiguration) entry.getValue()).getRequiredPermission());
                    }
                }
            }
        }
        return this.mapping;
    }

    protected JCRSiteNode getSite(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("site");
        try {
            JCRSessionWrapper currentUserSession = JCRSessionFactory.getInstance().getCurrentUserSession();
            if (StringUtils.isNotEmpty(parameter)) {
                return currentUserSession.m237getNodeByUUID(parameter).getResolveSite();
            }
            JahiaSite defaultSite = JahiaSitesService.getInstance().getDefaultSite();
            if (defaultSite != null) {
                return (JCRSiteNode) currentUserSession.m237getNodeByUUID(((JCRSiteNode) defaultSite).getIdentifier());
            }
            return null;
        } catch (RepositoryException e) {
            logger.warn("Unble to lookup site for UUID '{}'", parameter);
            return null;
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    protected boolean isAllowed(String str, JCRNodeWrapper jCRNodeWrapper) {
        boolean z = false;
        try {
            z = JahiaControllerUtils.hasRequiredPermission(jCRNodeWrapper, getCurrentUser(), str);
        } catch (RepositoryException e) {
            logger.warn(e.getMessage(), e);
        } catch (ItemNotFoundException e2) {
        }
        return z;
    }

    protected boolean isContentPicker(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().equals(Jahia.getContextPath() + "/engines/contentpicker.jsp");
    }

    public void onApplicationEvent(JahiaTemplateManagerService.TemplatePackageRedeployedEvent templatePackageRedeployedEvent) {
        this.mapping = null;
    }

    public void setDefaultContentManager(String str) {
        this.defaultContentManager = str;
    }

    public void setDefaultContentPicker(String str) {
        this.defaultContentPicker = str;
    }

    public void setRequireAuthenticatedUser(boolean z) {
        this.requireAuthenticatedUser = z;
    }

    public void setSettingsBean(SettingsBean settingsBean) {
        this.settingsBean = settingsBean;
    }
}
