package com.atlassian.jira.web.filters;

import com.atlassian.jira.component.ComponentAccessor;
import com.atlassian.jira.permission.GlobalPermissionKey;
import com.atlassian.jira.security.GlobalPermissionManager;
import com.atlassian.jira.security.login.LoginManager;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.user.util.UserManager;
import com.atlassian.sal.api.user.UserRole;
import com.atlassian.seraph.config.SecurityConfig;
import com.atlassian.seraph.interceptor.LoginInterceptor;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/atlassian/jira/web/filters/JiraLoginInterceptor.class */
public class JiraLoginInterceptor implements LoginInterceptor {
    public void beforeLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, boolean z) {
    }

    public void afterLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, boolean z, String str3) {
        UserRole userRole;
        if ("success".equals(str3) && (userRole = getUserRole(httpServletRequest)) != null) {
            UserManager userManager = ComponentAccessor.getUserManager();
            GlobalPermissionManager globalPermissionManager = ComponentAccessor.getGlobalPermissionManager();
            LoginManager loginManager = (LoginManager) ComponentAccessor.getComponent(LoginManager.class);
            ApplicationUser userByName = userManager.getUserByName(str);
            if ((!userRole.equals(UserRole.SYSADMIN) || globalPermissionManager.hasPermission(GlobalPermissionKey.SYSTEM_ADMIN, userByName)) && (!userRole.equals(UserRole.ADMIN) || globalPermissionManager.hasPermission(GlobalPermissionKey.ADMINISTER, userByName))) {
                return;
            }
            loginManager.logout(httpServletRequest, httpServletResponse);
        }
    }

    public void destroy() {
    }

    public void init(Map<String, String> map, SecurityConfig securityConfig) {
    }

    public static UserRole getUserRole(HttpServletRequest httpServletRequest) {
        UserRole valueOf;
        String parameter = httpServletRequest.getParameter("user_role");
        if (parameter != null) {
            try {
                valueOf = UserRole.valueOf(parameter);
            } catch (IllegalArgumentException e) {
                return null;
            }
        } else {
            valueOf = null;
        }
        return valueOf;
    }
}
