package de.mhus.cherry.web.util.filter;

import de.mhus.cherry.web.api.CallContext;
import de.mhus.cherry.web.api.InternalCallContext;
import de.mhus.cherry.web.api.VirtualHost;
import de.mhus.cherry.web.api.WebFilter;
import de.mhus.cherry.web.util.CherryWebUtil;
import de.mhus.lib.core.IProperties;
import de.mhus.lib.core.IReadProperties;
import de.mhus.lib.core.MLog;
import de.mhus.lib.core.MPeriod;
import de.mhus.lib.core.config.IConfig;
import de.mhus.lib.core.config.MConfig;
import de.mhus.lib.errors.MException;
import java.util.Iterator;
import java.util.Set;
import java.util.UUID;

/* loaded from: input_file:de/mhus/cherry/web/util/filter/AccessFilter.class */
public class AccessFilter extends MLog implements WebFilter {
    private static final String CALL_START = "filter_AccessFilter_start";
    private static final String SESSION_USER_OBJECT = "de.mhus.cherry.web.util.filter.AccessFilter.UserInformation";
    private static final String SESSION_USER_NAME = "username";
    private static final String SESSION_GROUP_PREFIX = "GROUP_";
    private static final String SESSION_USER_DISPLAY_NAME = "userdisplayname";
    private String[] staticContent;
    private boolean defaultPublicAccess = true;

    public boolean doFilterBegin(UUID uuid, InternalCallContext internalCallContext) throws MException {
        if (isStaticContentPath(internalCallContext.getHttpPath())) {
            if (internalCallContext.getVirtualHost().prepareHead(internalCallContext, "_static_content", false) == null) {
                internalCallContext.getHttpResponse().setHeader("Cache-Control", "max-age=290304000, public");
            }
        } else if (internalCallContext.getVirtualHost().prepareHead(internalCallContext, "_dynamic_content", false) == null) {
            internalCallContext.getHttpResponse().setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
            internalCallContext.getHttpResponse().setHeader("Pragma", "no-cache");
            internalCallContext.getHttpResponse().setIntHeader("Expires", 0);
        }
        String str = "public";
        UserInformation userInformation = null;
        if (internalCallContext.getSession() != null) {
            userInformation = (UserInformation) internalCallContext.getSession().get(SESSION_USER_OBJECT);
            if (userInformation != null) {
                str = userInformation.getUserName();
            }
        }
        IReadProperties findConfig = CherryWebUtil.findConfig(internalCallContext);
        if (findConfig != null && !findConfig.getBoolean("public", this.defaultPublicAccess)) {
            if (userInformation == null) {
                internalCallContext.getVirtualHost().sendError(internalCallContext, 404, (Throwable) null);
                return false;
            }
            if (!hasAccess(internalCallContext, userInformation, findConfig)) {
                internalCallContext.getVirtualHost().sendError(internalCallContext, 404, (Throwable) null);
                return false;
            }
        }
        internalCallContext.setAttribute(CALL_START, Long.valueOf(System.currentTimeMillis()));
        log().d(new Object[]{"access", str, internalCallContext.getVirtualHost().getName(), internalCallContext.getRemoteIp(), internalCallContext.getHttpRequest().getRemoteAddr(), internalCallContext.getHttpHost(), internalCallContext.getHttpMethod(), internalCallContext.getHttpPath()});
        return true;
    }

    protected boolean hasAccess(InternalCallContext internalCallContext, UserInformation userInformation, IReadProperties iReadProperties) {
        String string = iReadProperties.getString("access_groups", (String) null);
        String string2 = iReadProperties.getString("access_users", (String) null);
        if (string != null) {
            Set<String> groups = userInformation.getGroups();
            for (String str : string.split(",")) {
                if (groups.contains(str)) {
                    return true;
                }
            }
        }
        if (string2 == null) {
            return false;
        }
        for (String str2 : string2.split(",")) {
            if (userInformation.getUserName().equals(str2)) {
                return true;
            }
        }
        return false;
    }

    protected boolean isStaticContentPath(String str) {
        if (this.staticContent == null) {
            return false;
        }
        for (String str2 : this.staticContent) {
            if (str.matches(str2)) {
                return true;
            }
        }
        return false;
    }

    public void doFilterEnd(UUID uuid, InternalCallContext internalCallContext) throws MException {
        Long l = (Long) internalCallContext.getAttribute(CALL_START);
        if (l != null) {
            long currentTimeMillis = System.currentTimeMillis() - l.longValue();
            log().d(new Object[]{"duration", MPeriod.getIntervalAsString(currentTimeMillis), Long.valueOf(currentTimeMillis), internalCallContext.getHttpHost(), internalCallContext.getHttpMethod(), internalCallContext.getHttpPath()});
        }
    }

    public void doInitialize(UUID uuid, VirtualHost virtualHost, IConfig iConfig) throws MException {
        if (iConfig != null) {
            if (iConfig.isProperty("static")) {
                this.staticContent = MConfig.toStringArray(iConfig.getNode("static").getNodes(), "value");
            }
            this.defaultPublicAccess = iConfig.getBoolean("defaultPublicAccess", this.defaultPublicAccess);
        }
    }

    public static UserInformation getUserInformation(CallContext callContext) {
        return (UserInformation) callContext.getSession().get(SESSION_USER_OBJECT);
    }

    public static void doLogout(CallContext callContext) {
        callContext.getSession().remove(SESSION_USER_OBJECT);
        callContext.getSession().pub().remove(SESSION_USER_NAME);
        callContext.getSession().pub().remove(SESSION_USER_DISPLAY_NAME);
        callContext.getSession().pub().keys().removeIf(str -> {
            return str.startsWith(SESSION_GROUP_PREFIX);
        });
        callContext.getHttpRequest().changeSessionId();
    }

    public static void doLogin(CallContext callContext, UserInformation userInformation) {
        callContext.getSession().put(SESSION_USER_OBJECT, userInformation);
        IProperties pub = callContext.getSession().pub();
        pub.setString(SESSION_USER_NAME, userInformation.getUserName());
        pub.setString(SESSION_USER_DISPLAY_NAME, userInformation.getDisplayName());
        Iterator<String> it = userInformation.getGroups().iterator();
        while (it.hasNext()) {
            pub.setBoolean("GROUP_" + it.next().toUpperCase(), true);
        }
    }
}
