package com.optimizory.webapp.filter;

import com.optimizory.ApplicationProperties;
import com.optimizory.LicenseKey;
import com.optimizory.SecurityHelper;
import com.optimizory.Util;
import com.optimizory.rmsis.PD;
import com.optimizory.rmsis.constants.PreferenceConstants;
import com.optimizory.rmsis.model.Operation;
import com.optimizory.rmsis.model.Requirement;
import com.optimizory.rmsis.model.User;
import com.optimizory.rmsis.model.UserPreference;
import com.optimizory.rmsis.util.MultiValueMap;
import com.optimizory.service.LicenseManager;
import com.optimizory.service.OrganizationManager;
import com.optimizory.service.ProjectManager;
import com.optimizory.service.RequirementManager;
import com.optimizory.service.UserManager;
import com.optimizory.service.UserPreferenceManager;
import com.optimizory.webapp.event.DomainEvent;
import com.optimizory.webapp.event.EventSource;
import com.optimizory.webapp.event.EventType;
import com.optimizory.webapp.util.RequestUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:jars/rm.war:WEB-INF/classes/com/optimizory/webapp/filter/MyAuthorizationFilter.class */
public class MyAuthorizationFilter extends GenericFilterBean {
    protected final Log log = LogFactory.getLog(getClass());

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletRequest.setAttribute("buildstamp", "v" + ApplicationProperties.appVersion + "-r" + ApplicationProperties.buildNumber);
        httpServletRequest.setAttribute("suffix", "");
        boolean z = true;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        boolean z5 = false;
        if (httpServletRequest.getRequestURI().indexOf("/database.html") != -1) {
            z3 = true;
        } else if (httpServletRequest.getRequestURI().indexOf("/requirements.html") != -1) {
            z4 = true;
        } else if (httpServletRequest.getRequestURI().indexOf("/license.html") != -1) {
            z5 = true;
        }
        WebApplicationContext requiredWebApplicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext());
        if (getServletContext().getInitParameter("jira") != null) {
            servletRequest.setAttribute("jira", Boolean.valueOf(Util.getBoolean(getServletContext().getInitParameter("jira"))));
        }
        if (!z3) {
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            if (authentication != null && authentication.isAuthenticated() && (authentication.getPrincipal() instanceof UserDetails)) {
                z2 = true;
            }
            boolean z6 = false;
            if (z2 || z5) {
                try {
                    LicenseKey licenseMap = ((LicenseManager) requiredWebApplicationContext.getBean("licenseManager")).getLicenseMap(Util.getSystemCode(httpServletRequest));
                    z6 = licenseMap.isLicenseValid().booleanValue();
                    httpServletRequest.setAttribute("licenseMap", licenseMap.getLicenseMap());
                    httpServletRequest.setAttribute("baseUrl", RequestUtil.getAppURL(httpServletRequest));
                } catch (Exception e) {
                    this.log.error(e.getMessage(), e);
                }
            }
            if (z2) {
                try {
                    if (!z4 || z6) {
                        HashSet hashSet = new HashSet();
                        MultiValueMap<Long, Long> multiValueMap = new MultiValueMap<>();
                        HttpSession session = httpServletRequest.getSession(false);
                        UserManager userManager = (UserManager) requiredWebApplicationContext.getBean("userManager");
                        User loadUserByUsername = userManager.loadUserByUsername(((UserDetails) authentication.getPrincipal()).getUsername());
                        if (loadUserByUsername != null) {
                            RequirementManager requirementManager = (RequirementManager) requiredWebApplicationContext.getBean("requirementManager");
                            OrganizationManager organizationManager = (OrganizationManager) requiredWebApplicationContext.getBean("organizationManager");
                            HashSet hashSet2 = new HashSet();
                            Long l = Util.getLong(servletRequest, "projectId", null, true);
                            Long l2 = Util.getLong(servletRequest, "organizationId", null, true);
                            Long l3 = Util.getLong(servletRequest, "baselineId", null, true);
                            addReqProjectId(Util.getLong(servletRequest, "requirementId", null, true), requirementManager, hashSet2);
                            addReqProjectId(Util.getLong(servletRequest, "dependencyId", null, true), requirementManager, hashSet2);
                            addReqProjectId(Util.getLong(servletRequest, "dependentId", null, true), requirementManager, hashSet2);
                            if (l3 != null) {
                                httpServletRequest.setAttribute("baselineId", l3);
                            }
                            if (httpServletRequest.getRequestURI().indexOf("/requirement.html") != -1) {
                                Long addReqProjectId = addReqProjectId(Util.getLong(servletRequest, "id", null, true), requirementManager, hashSet2);
                                if (l == null) {
                                    l = addReqProjectId;
                                }
                            }
                            if (session != null) {
                                l2 = (Long) session.getAttribute("organizationId");
                                if (l2 == null) {
                                    l2 = userManager.getOrganizationId(loadUserByUsername.getId());
                                    session.setAttribute("organizationId", l2);
                                }
                            }
                            servletRequest.setAttribute("organization", "");
                            if (l2 == null) {
                                throw new ServletException("Error: Organization not specified");
                            }
                            servletRequest.setAttribute("organizationId", l2);
                            servletRequest.setAttribute("organization", organizationManager.get(l2).getName());
                            if (l2 != null && organizationManager.isAdmin(l2, loadUserByUsername.getId()).booleanValue()) {
                                servletRequest.setAttribute("isAdmin", true);
                                hashSet.addAll(Util.permissions(PD.ORG, l2, organizationManager.getAdminOperations(l2)));
                            }
                            if (l != null) {
                                UserPreferenceManager userPreferenceManager = (UserPreferenceManager) requiredWebApplicationContext.getBean("userPreferenceManager");
                                ProjectManager projectManager = (ProjectManager) requiredWebApplicationContext.getBean("projectManager");
                                hashSet2.add(l);
                                httpServletRequest.setAttribute("projectId", l);
                                projectManager.get(l);
                                UserPreference userPreference = userPreferenceManager.get(loadUserByUsername.getId(), PreferenceConstants.LAST_PROJECT_ID);
                                if (userPreference == null || (userPreference.getValue() != null && !userPreference.getValue().equals(l.toString()))) {
                                    servletRequest.setAttribute("projectChanged", true);
                                    userPreferenceManager.updateIfNotExists(loadUserByUsername.getId(), PreferenceConstants.LAST_PROJECT_ID, l);
                                    requiredWebApplicationContext.publishEvent(new DomainEvent(l, EventType.PROJECT_CHANGE, EventSource.RMT, "Project Changed", httpServletRequest));
                                }
                            }
                            for (Long l4 : hashSet2) {
                                List<Operation> operations = userManager.getOperations(loadUserByUsername.getId(), l4);
                                multiValueMap.putList(l4, Util.getDomainIdList(operations));
                                hashSet.addAll(Util.permissions(PD.PRJ, l4, operations));
                            }
                        }
                        ((SecurityHelper) requiredWebApplicationContext.getBean("securityHelper")).addProjectPermissionIds(multiValueMap);
                        ArrayList arrayList = new ArrayList();
                        if (hashSet.size() > 0) {
                            Iterator it = hashSet.iterator();
                            while (it.hasNext()) {
                                arrayList.add(new GrantedAuthorityImpl((String) it.next()));
                            }
                        }
                        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), arrayList));
                    } else {
                        httpServletResponse.sendRedirect("license.html");
                        z = false;
                    }
                } catch (Exception e2) {
                    this.log.error(e2.getMessage(), e2);
                    SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), new ArrayList()));
                }
            }
        }
        if (z) {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private Long addReqProjectId(Long l, RequirementManager requirementManager, Set<Long> set) {
        if (l == null) {
            return null;
        }
        Requirement requirement = requirementManager.get((RequirementManager) l);
        set.add(requirement.getProjectId());
        return requirement.getProjectId();
    }
}
