package com.liferay.journal.internal.servlet.filter;

import com.liferay.journal.model.JournalArticleImage;
import com.liferay.journal.service.JournalArticleImageLocalService;
import com.liferay.journal.service.permission.JournalArticlePermission;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.security.auth.PrincipalException;
import com.liferay.portal.kernel.security.permission.PermissionCheckerFactoryUtil;
import com.liferay.portal.kernel.service.CompanyLocalService;
import com.liferay.portal.kernel.service.UserLocalService;
import com.liferay.portal.kernel.servlet.BaseFilter;
import com.liferay.portal.kernel.servlet.PortalSessionThreadLocal;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.Http;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.Portal;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

@Component(immediate = true, property = {"servlet-context-name=", "servlet-filter-name=Journal Article Image Filter", "url-pattern=/image/journal/article/*"}, service = {Filter.class})
/* loaded from: input_file:com/liferay/journal/internal/servlet/filter/JournalArticleImageFilter.class */
public class JournalArticleImageFilter extends BaseFilter {
    private static final Log _log = LogFactoryUtil.getLog(JournalArticleImageFilter.class);

    @Reference
    private CompanyLocalService _companyLocalService;

    @Reference
    private Http _http;

    @Reference
    private JournalArticleImageLocalService _journalArticleImageLocalService;

    @Reference
    private Portal _portal;

    @Reference
    private UserLocalService _userLocalService;

    protected Log getLog() {
        return _log;
    }

    protected void processFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws Exception {
        JournalArticleImage fetchJournalArticleImage;
        long j = ParamUtil.getLong(httpServletRequest, "img_id");
        if (j > 0 && (fetchJournalArticleImage = this._journalArticleImageLocalService.fetchJournalArticleImage(j)) != null) {
            User _getUser = _getUser(httpServletRequest);
            try {
                JournalArticlePermission.check(PermissionCheckerFactoryUtil.create(_getUser), fetchJournalArticleImage.getGroupId(), fetchJournalArticleImage.getArticleId(), "VIEW");
            } catch (PrincipalException e) {
                _processPrincipalException(e, _getUser, httpServletRequest, httpServletResponse);
                return;
            }
        }
        processFilter(JournalArticleImageFilter.class.getName(), httpServletRequest, httpServletResponse, filterChain);
    }

    private User _getUser(HttpServletRequest httpServletRequest) throws Exception {
        User defaultUser;
        HttpSession session = httpServletRequest.getSession();
        if (PortalSessionThreadLocal.getHttpSession() == null) {
            PortalSessionThreadLocal.setHttpSession(session);
        }
        User user = this._portal.getUser(httpServletRequest);
        if (user != null) {
            return user;
        }
        String str = (String) session.getAttribute("j_username");
        String str2 = (String) session.getAttribute("j_password");
        if (str == null || str2 == null) {
            defaultUser = this._companyLocalService.getCompany(this._portal.getCompanyId(httpServletRequest)).getDefaultUser();
        } else {
            defaultUser = this._userLocalService.getUser(GetterUtil.getLong(str));
        }
        return defaultUser;
    }

    private void _processPrincipalException(Throwable th, User user, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (!user.isDefaultUser()) {
            this._portal.sendError(401, (Exception) th, httpServletRequest, httpServletResponse);
            return;
        }
        httpServletResponse.sendRedirect(this._http.addParameter(this._portal.getPathMain() + "/portal/login", "redirect", this._portal.getCurrentURL(httpServletRequest)));
    }
}
