package fsu.jportal.resources.filter;

import com.sun.jersey.api.model.AbstractMethod;
import com.sun.jersey.api.model.PathValue;
import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerRequestFilter;
import com.sun.jersey.spi.container.ContainerResponse;
import com.sun.jersey.spi.container.ContainerResponseFilter;
import com.sun.jersey.spi.container.ResourceFilter;
import fsu.jportal.config.ResourceSercurityConf;
import fsu.jportal.resources.filter.MyCoReSecurityFilterFactory;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.mycore.common.MCRConfiguration;
import org.mycore.common.MCRSession;
import org.mycore.common.MCRSessionMgr;

/* loaded from: input_file:fsu/jportal/resources/filter/MCRCheckAccessFilter.class */
class MCRCheckAccessFilter implements ResourceFilter, ContainerRequestFilter, ContainerResponseFilter {
    private final MyCoReSecurityFilterFactory myCoReSecurityFilterFactory;
    private String resourceName;
    private String resourceOperation;

    public MCRCheckAccessFilter(MyCoReSecurityFilterFactory myCoReSecurityFilterFactory, AbstractMethod abstractMethod) {
        this.myCoReSecurityFilterFactory = myCoReSecurityFilterFactory;
        this.resourceName = abstractMethod.getResource().getResourceClass().getName();
        this.resourceOperation = getPath(abstractMethod) + "_" + getHttpMethod(abstractMethod);
        ResourceSercurityConf.instance().registerResource(this.resourceName, this.resourceOperation);
    }

    private MyCoReSecurityFilterFactory.AccesManagerConnector getAccessManagerConnector() {
        return (MyCoReSecurityFilterFactory.AccesManagerConnector) MCRConfiguration.instance().getInstanceOf("McrSessionSecurityFilter.MCRAccessManager.Connector", DefaultAccesManagerConnector.class.getName());
    }

    public ContainerRequest filter(ContainerRequest containerRequest) {
        MCRSession currentSession = MCRSessionMgr.getCurrentSession();
        boolean checkPermission = getAccessManagerConnector().checkPermission(this.resourceName, this.resourceOperation, currentSession);
        this.myCoReSecurityFilterFactory.logger.debug("current user ID: " + currentSession.getUserInformation().getCurrentUserID());
        this.myCoReSecurityFilterFactory.logger.debug("resource name: " + this.resourceName);
        this.myCoReSecurityFilterFactory.logger.debug("resource operation: " + this.resourceOperation);
        this.myCoReSecurityFilterFactory.logger.debug("has permission: " + checkPermission);
        if (checkPermission) {
            return containerRequest;
        }
        throw new WebApplicationException(Response.Status.UNAUTHORIZED);
    }

    public ContainerRequestFilter getRequestFilter() {
        return this;
    }

    public ContainerResponseFilter getResponseFilter() {
        return this;
    }

    public ContainerResponse filter(ContainerRequest containerRequest, ContainerResponse containerResponse) {
        return containerResponse;
    }

    private String getPath(AbstractMethod abstractMethod) {
        PathValue path = abstractMethod.getResource().getPath();
        if (path == null) {
            return null;
        }
        String str = "/" + path.getValue();
        Path annotation = abstractMethod.getAnnotation(Path.class);
        return annotation != null ? str + "/" + annotation.value() : str;
    }

    private String getHttpMethod(AbstractMethod abstractMethod) {
        for (Class cls : new Class[]{POST.class, GET.class, PUT.class, DELETE.class}) {
            if (abstractMethod.isAnnotationPresent(cls)) {
                return cls.getSimpleName();
            }
        }
        return null;
    }
}
