package com.optimizory.webapp.filter;

import com.optimizory.ApplicationProperties;
import com.optimizory.EntityTypeName;
import com.optimizory.UserStatus;
import com.optimizory.Util;
import com.optimizory.exception.RMsisException;
import com.optimizory.rmsis.PD;
import com.optimizory.rmsis.constants.PreferenceConstants;
import com.optimizory.rmsis.license.LicenseKey;
import com.optimizory.rmsis.model.Operation;
import com.optimizory.rmsis.model.Organization;
import com.optimizory.rmsis.model.Requirement;
import com.optimizory.rmsis.model.User;
import com.optimizory.rmsis.model.UserPreference;
import com.optimizory.rmsis.util.MultiValueMap;
import com.optimizory.service.EntityLinkManager;
import com.optimizory.service.LicenseManager;
import com.optimizory.service.OrganizationManager;
import com.optimizory.service.ProjectManager;
import com.optimizory.service.ProjectUserManager;
import com.optimizory.service.RequirementManager;
import com.optimizory.service.UserManager;
import com.optimizory.service.UserPreferenceManager;
import com.optimizory.webapp.event.DomainEvent;
import com.optimizory.webapp.event.EventSource;
import com.optimizory.webapp.event.EventType;
import com.optimizory.webapp.util.RequestUtil;
import java.io.IOException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:jars/rm.war:WEB-INF/classes/com/optimizory/webapp/filter/MyAuthorizationFilter.class */
public class MyAuthorizationFilter extends GenericFilterBean {
    protected final Log log = LogFactory.getLog(getClass());

    private boolean ignoreFilter(HttpServletRequest httpServletRequest) {
        String substring = httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length());
        if (substring.startsWith("/")) {
            substring = substring.substring(1);
        }
        for (String str : new String[]{"scripts/", "images/", "styles/", "jira/", "syncJiraData.json", "downloads/", "database.html", "apis/loginResponse.json"}) {
            if (substring.startsWith(str)) {
                return true;
            }
        }
        return false;
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletRequest.setAttribute("buildstamp", "v" + ApplicationProperties.appVersion + "-r" + ApplicationProperties.buildNumber);
        httpServletRequest.setAttribute("suffix", "");
        httpServletRequest.setAttribute("baseUrl", RequestUtil.getAppURL(httpServletRequest));
        boolean z = true;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        boolean z5 = false;
        boolean z6 = false;
        String requestURI = httpServletRequest.getRequestURI();
        if (!ignoreFilter(httpServletRequest)) {
            if (requestURI.contains("/jiraLogin.html") || requestURI.contains("/rmsisLogin.jsonp") || requestURI.contains("/loginOptimizory.json")) {
                z5 = true;
            } else if (requestURI.contains("/requirements.html")) {
                z2 = true;
            } else if (requestURI.contains("/users.html")) {
                z4 = true;
            } else if (requestURI.contains("/license.html")) {
                z3 = true;
            } else if (requestURI.contains("/confluence/")) {
                z6 = true;
            }
            WebApplicationContext requiredWebApplicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext());
            if (getServletContext().getInitParameter("jira") != null) {
                servletRequest.setAttribute("jira", Boolean.valueOf(Util.getBoolean(getServletContext().getInitParameter("jira"))));
            }
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            boolean z7 = authentication != null && authentication.isAuthenticated() && (authentication.getPrincipal() instanceof UserDetails);
            boolean z8 = false;
            if (z7 || z3) {
                try {
                    LicenseKey licenseMap = ((LicenseManager) requiredWebApplicationContext.getBean("licenseManager")).getLicenseMap(Util.getSystemCode(httpServletRequest));
                    z8 = licenseMap.isLicenseValid().booleanValue();
                    httpServletRequest.setAttribute("licenseMap", licenseMap.getLicenseMap());
                } catch (Exception e) {
                    this.log.error(e.getMessage(), e);
                }
            }
            if (z7 && !requestURI.contains("/getProjectSyncStatus.json")) {
                try {
                    if ((z2 || z4) && !z8) {
                        httpServletResponse.sendRedirect("license.html");
                        z = false;
                    } else {
                        HashSet hashSet = new HashSet();
                        MultiValueMap multiValueMap = new MultiValueMap();
                        HttpSession session = httpServletRequest.getSession();
                        UserManager userManager = (UserManager) requiredWebApplicationContext.getBean("userManager");
                        User activeInactiveUserByUsername = userManager.getActiveInactiveUserByUsername(((UserDetails) authentication.getPrincipal()).getUsername());
                        if (activeInactiveUserByUsername != null) {
                            RequirementManager requirementManager = (RequirementManager) requiredWebApplicationContext.getBean("requirementManager");
                            OrganizationManager organizationManager = (OrganizationManager) requiredWebApplicationContext.getBean("organizationManager");
                            ProjectManager projectManager = (ProjectManager) requiredWebApplicationContext.getBean("projectManager");
                            Long l = Util.getLong(servletRequest, "organizationId", null, true);
                            if (session != null) {
                                l = (Long) session.getAttribute("organizationId");
                                if (l == null) {
                                    l = userManager.getOrganizationId(activeInactiveUserByUsername.getId());
                                    session.setAttribute("organizationId", l);
                                }
                            }
                            servletRequest.setAttribute("organization", "");
                            if (l == null) {
                                throw new RMsisException("Error: Organization not specified");
                            }
                            Organization organization = organizationManager.get(l);
                            servletRequest.setAttribute("organizationId", l);
                            servletRequest.setAttribute("organization", organization.getName());
                            if (activeInactiveUserByUsername.getStatus().equals(UserStatus.INACTIVE) && !z5 && !z6) {
                                throw new RMsisException(Util.getInactiveUserErrorMsg(l, userManager));
                            }
                            HashSet hashSet2 = new HashSet();
                            List<Operation> list = null;
                            Long l2 = Util.getLong(servletRequest, "projectId", null, true);
                            Long l3 = Util.getLong(servletRequest, "baselineId", null, true);
                            if (l3 != null) {
                                httpServletRequest.setAttribute("baselineId", l3);
                            }
                            if (requestURI.contains("/requirement.html")) {
                                Long addReqProjectId = addReqProjectId(Util.getLong(servletRequest, "id", null, true), requirementManager, hashSet2);
                                if (l2 == null) {
                                    l2 = addReqProjectId;
                                }
                            } else if (requestURI.contains("/testCaseDetail.html")) {
                                Long entityIdByLinkedEntityId = ((EntityLinkManager) requiredWebApplicationContext.getBean("entityLinkManager")).getEntityIdByLinkedEntityId(Util.getLong(servletRequest.getParameter("id")), EntityTypeName.PROJECT, "TESTCASE");
                                if (l2 == null) {
                                    l2 = entityIdByLinkedEntityId;
                                }
                            }
                            ProjectUserManager projectUserManager = (ProjectUserManager) requiredWebApplicationContext.getBean("projectUserManager");
                            if (projectUserManager != null) {
                                hashSet2.addAll(projectUserManager.getProjectIdsByUserId(activeInactiveUserByUsername.getId()));
                            } else {
                                hashSet2.addAll(projectManager.getAllActiveProjectIds());
                            }
                            if (l != null && organizationManager.isAdmin(l, activeInactiveUserByUsername.getId()).booleanValue()) {
                                servletRequest.setAttribute("isAdmin", true);
                                hashSet.addAll(Util.permissions(PD.ORG, l, organizationManager.getAdminOperations(l)));
                                if (l2 != null && projectManager.getProjectIdsByUserIdAndOrgId(activeInactiveUserByUsername.getId(), l, null, true).contains(l2)) {
                                    list = organizationManager.getProjectAdminOperations(l);
                                }
                            }
                            if (l2 != null) {
                                projectManager.get((ProjectManager) l2);
                                UserPreferenceManager userPreferenceManager = (UserPreferenceManager) requiredWebApplicationContext.getBean("userPreferenceManager");
                                httpServletRequest.setAttribute("projectId", l2);
                                UserPreference userPreference = userPreferenceManager.get(activeInactiveUserByUsername.getId(), PreferenceConstants.LAST_PROJECT_ID);
                                if (userPreference == null || (userPreference.getValue() != null && !userPreference.getValue().equals(l2.toString()))) {
                                    servletRequest.setAttribute("projectChanged", true);
                                    userPreferenceManager.updateIfNotExists(activeInactiveUserByUsername.getId(), PreferenceConstants.LAST_PROJECT_ID, l2);
                                    requiredWebApplicationContext.publishEvent(new DomainEvent(l2, EventType.PROJECT_CHANGE, EventSource.RMT, "Project Changed", httpServletRequest));
                                }
                            }
                            for (Long l4 : hashSet2) {
                                List<Operation> operations = userManager.getOperations(activeInactiveUserByUsername.getId(), l4);
                                multiValueMap.putList(l4, Util.getDomainIdList(operations));
                                hashSet.addAll(Util.permissions(PD.PRJ, l4, operations));
                                if (list != null) {
                                    multiValueMap.putList(l4, Util.getDomainIdList(list));
                                    hashSet.addAll(Util.permissions(PD.PRJ, l4, list));
                                }
                            }
                            userManager.updateActivityTiming(activeInactiveUserByUsername);
                        }
                        updateAuthentication((UserDetails) authentication.getPrincipal(), hashSet);
                    }
                } catch (RMsisException e2) {
                    this.log.error(e2.getMessage());
                    throw new ServletException(e2.getMessage(), e2);
                }
            }
        }
        if (z) {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private void updateAuthentication(UserDetails userDetails, Set<String> set) throws RMsisException {
        if (userDetails == null || set == null || set.isEmpty()) {
            return;
        }
        HashSet hashSet = new HashSet();
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            hashSet.add(new SimpleGrantedAuthority(it.next()));
        }
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(new org.springframework.security.core.userdetails.User(userDetails.getUsername(), userDetails.getPassword(), hashSet), userDetails.getPassword(), hashSet));
    }

    private Long addReqProjectId(Long l, RequirementManager requirementManager, Set<Long> set) {
        if (l == null) {
            return null;
        }
        Requirement requirement = requirementManager.get((RequirementManager) l);
        set.add(requirement.getProjectId());
        return requirement.getProjectId();
    }

    private void addProjectIDforProjectKey(String str, ProjectManager projectManager, Set<Long> set) {
        if (str != null) {
            try {
                Long idByProjectKey = projectManager.getIdByProjectKey(str);
                if (idByProjectKey != null) {
                    set.add(idByProjectKey);
                }
            } catch (Exception unused) {
            }
        }
    }

    private void addProjectIDforRequirementKey(String str, ProjectManager projectManager, Set<Long> set) {
        if (str != null) {
            try {
                addProjectIDforProjectKey(str.split("-")[0], projectManager, set);
            } catch (Exception unused) {
            }
        }
    }
}
