package com.cenqua.fisheye.web.filters;

import com.atlassian.fisheye.spi.TxTemplate;
import com.cenqua.crucible.model.CrucibleUser;
import com.cenqua.crucible.model.Principal;
import com.cenqua.crucible.model.managers.CrucibleUserManager;
import com.cenqua.fisheye.AppConfig;
import com.cenqua.fisheye.LicensePolicyException;
import com.cenqua.fisheye.cache.ViewMode;
import com.cenqua.fisheye.config.RootConfig;
import com.cenqua.fisheye.config.SpringContext;
import com.cenqua.fisheye.logging.Logs;
import com.cenqua.fisheye.rep.DbException;
import com.cenqua.fisheye.user.UserLogin;
import com.cenqua.fisheye.web.LoginServlet;
import com.cenqua.fisheye.web.PreferenceManager;
import com.cenqua.fisheye.web.ServletUtils;
import com.cenqua.fisheye.web.security.UserDetector;
import com.cenqua.fisheye.web.util.WrappedRequest;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.context.support.XmlWebApplicationContext;

/* loaded from: input_file:fecru-2.1.0.M1/fisheye.jar:com/cenqua/fisheye/web/filters/TotalityFilter.class */
public class TotalityFilter implements Filter {
    private final List<RewriteRule> rules = new ArrayList();
    private static final ThreadLocal<Context> context = new ThreadLocal<>();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:fecru-2.1.0.M1/fisheye.jar:com/cenqua/fisheye/web/filters/TotalityFilter$Context.class */
    public static class Context {
        private HttpServletRequest request;
        private HttpServletResponse response;

        public Context(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
            this.request = httpServletRequest;
            this.response = httpServletResponse;
        }

        public HttpServletRequest getRequest() {
            return this.request;
        }

        public HttpServletResponse getResponse() {
            return this.response;
        }
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        this.rules.add(new JsonRewrite());
        this.rules.add(new AdminApiActionRewrite());
        this.rules.add(new UserPageRewrite());
        this.rules.add(new CommitterRedirectRewrite());
        this.rules.add(new ProjectPageRewrite());
        this.rules.add(new ReportsRewrite());
        SimpleRegexRewriteRule simpleRegexRewriteRule = new SimpleRegexRewriteRule("^/avatar(?:/(.*?)(?:\\.(?:jpg|png))?)?$", "/action/avatar.do");
        simpleRegexRewriteRule.addParameter(1, "hash");
        this.rules.add(simpleRegexRewriteRule);
        this.rules.add(new SimpleRegexRewriteRule("^/changelog/?$", "/showactivitypage"));
        this.rules.add(new SimpleRegexRewriteRule("^/?home/?$", "/fe/home.do"));
        SimpleRegexRewriteRule simpleRegexRewriteRule2 = new SimpleRegexRewriteRule("^/?users?(/.+)$", "/fe/listUsersForRepository.do");
        simpleRegexRewriteRule2.addParameter(1, ViewMode.PHYSICAL);
        this.rules.add(simpleRegexRewriteRule2);
        this.rules.add(new SimpleRegexRewriteRule("^/?users?/?$", "/fe/listUsers.do"));
        this.rules.add(new SimpleRegexRewriteRule("^/?committers?/?$", "/fe/listUsers.do"));
        this.rules.add(new SimpleRegexRewriteRule("^/stars$", "/?showStars=true"));
        this.rules.add(new SimpleRegexRewriteRule("^/qsearch/?$", "/fe/globalQuicksearch.do"));
        this.rules.add(new SimpleRegexRewriteRule("^/people/?$", "/fe/listUsers.do"));
        this.rules.add(new SimpleRegexRewriteRule("^/browse/?$", "/fe/listRepositories.do"));
        this.rules.add(new ReviewPermaidRewrite());
        this.rules.add(new ProjectPermaidRewrite());
        this.rules.add(new CrucibleActionRewrite());
        this.rules.add(new MaintenanceRewrite());
    }

    public static HttpServletRequest getRequest() {
        return getContext().getRequest();
    }

    public static HttpServletResponse getResponse() {
        return getContext().getResponse();
    }

    private static Context getContext() {
        Context context2 = context.get();
        if (context2 == null) {
            throw new RuntimeException("Called getContext outside request");
        }
        return context2;
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String rewrite;
        if (!(servletRequest instanceof HttpServletRequest) || !(servletResponse instanceof HttpServletResponse)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String postContextPath = ServletUtils.getPostContextPath(httpServletRequest);
        WrappedRequest wrappedRequest = new WrappedRequest(httpServletRequest);
        boolean z = false;
        for (RewriteRule rewriteRule : this.rules) {
            Matcher applyRule = rewriteRule.applyRule(postContextPath);
            if (applyRule != null && (rewrite = rewriteRule.rewrite(applyRule, wrappedRequest)) != null) {
                postContextPath = rewrite;
                z = true;
            }
        }
        if (z) {
            wrappedRequest.getRequestDispatcher(postContextPath).forward(wrappedRequest, httpServletResponse);
            return;
        }
        if (requiresSetup() && !isSetupUrl(postContextPath) && !isStaticContent(postContextPath)) {
            httpServletResponse.sendRedirect(wrappedRequest.getContextPath() + "/setup");
            return;
        }
        if (isStaticContent(postContextPath)) {
            filterChain.doFilter(wrappedRequest, httpServletResponse);
            return;
        }
        boolean z2 = false;
        UserLogin userLogin = null;
        try {
            userLogin = new UserDetector().process(wrappedRequest, httpServletResponse);
        } catch (LicensePolicyException e) {
            Logs.APP_LOG.warn("problem authenticating user: " + e.getMessage());
            wrappedRequest.setAttribute("errormsg", e.getMessage());
            z2 = true;
        }
        if ((z2 || requiresLogin(userLogin)) && !isOutsideLogin(postContextPath)) {
            LoginServlet.redirectToLogin(wrappedRequest, httpServletResponse);
            return;
        }
        if (!isOutsideLogin(postContextPath)) {
            try {
                if (AppConfig.getsConfig().getLicense() != null && (AppConfig.getsConfig().getLicense().getExcessFEUsers() > 0 || AppConfig.getsConfig().getLicense().getExcessCruUsers() > 0)) {
                    httpServletResponse.sendRedirect(wrappedRequest.getContextPath() + "/admin/userAdmin.do");
                    return;
                }
            } catch (DbException e2) {
                Logs.APP_LOG.debug("Could not read users from database", e2);
                throw new IOException("Could not read users from database");
            }
        }
        PreferenceManager.doFilter(wrappedRequest, httpServletResponse);
        setCachingHeaders(userLogin, httpServletResponse);
        if (isSetupUrl(postContextPath)) {
            filterChain.doFilter(wrappedRequest, httpServletResponse);
            return;
        }
        Context context2 = context.get();
        try {
            context.set(new Context(wrappedRequest, httpServletResponse));
            TxTemplate txTemplate = (TxTemplate) SpringContext.getComponent(TxTemplate.class, "txTemplate");
            txTemplate.pushEffectivePrincipal(userLogin, getCurrentUser(userLogin));
            try {
                filterChain.doFilter(wrappedRequest, httpServletResponse);
            } finally {
                txTemplate.popEffectivePrincipal();
            }
        } finally {
            context.set(context2);
        }
    }

    private CrucibleUser getCurrentUser(UserLogin userLogin) {
        if (userLogin == null) {
            return null;
        }
        return CrucibleUserManager.getUserByName(userLogin.getUsername());
    }

    private boolean requiresLogin(UserLogin userLogin) {
        return userLogin == null && !AppConfig.getsConfig().getConfig().getSecurity().getAllowAnon();
    }

    private void setCachingHeaders(UserLogin userLogin, HttpServletResponse httpServletResponse) {
        if (userLogin != null) {
            httpServletResponse.setHeader("Cache-Control", "private");
        }
    }

    private boolean requiresSetup() {
        RootConfig rootConfig = AppConfig.getsConfig();
        return !rootConfig.getAdminConfig().haveDoneInitialSetup() || rootConfig.getLicense() == null || rootConfig.getLicense().isTerminated();
    }

    private boolean isOutsideLogin(String str) {
        return isStaticContent(str) || isSetupUrl(str) || str.startsWith("/admin/") || str.equals("/admin") || str.equals("/login") || str.startsWith("/login/") || str.startsWith("/download/") || str.startsWith("/action/avatar.do") || handlesOwnSecurity(str) || str.equals("/logout");
    }

    private boolean handlesOwnSecurity(String str) {
        return str.startsWith("/api") || str.startsWith("/rest-service/") || str.startsWith("/rest-service-fe/") || str.startsWith("/service/") || str.startsWith("/plugins/servlet/");
    }

    public static boolean isSetupUrl(String str) {
        return str.startsWith("/setup");
    }

    public static boolean isStaticContent(String str) {
        return str.startsWith(XmlWebApplicationContext.DEFAULT_CONFIG_LOCATION_PREFIX) || str.equals("/favicon.ico") || str.startsWith("/static/");
    }

    public static TxTemplate getTxTemplate() {
        return (TxTemplate) SpringContext.getComponent("txTemplate");
    }

    public static CrucibleUser getCurrentUser() {
        return getTxTemplate().getEffectiveCrucibleUser();
    }

    public static Principal getCurrentPrincipal() {
        return getTxTemplate().getEffectivePrincipal();
    }
}
