package pl.psnc.dl.wf4ever.accesscontrol.filters;

import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerRequestFilter;
import java.net.URI;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.UriInfo;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import pl.psnc.dl.wf4ever.accesscontrol.dicts.Mode;
import pl.psnc.dl.wf4ever.accesscontrol.dicts.Role;
import pl.psnc.dl.wf4ever.accesscontrol.model.AccessMode;
import pl.psnc.dl.wf4ever.accesscontrol.model.Permission;
import pl.psnc.dl.wf4ever.accesscontrol.model.dao.ModeDAO;
import pl.psnc.dl.wf4ever.accesscontrol.model.dao.PermissionDAO;
import pl.psnc.dl.wf4ever.db.UserProfile;
import pl.psnc.dl.wf4ever.db.dao.UserProfileDAO;
import pl.psnc.dl.wf4ever.dl.NotFoundException;
import pl.psnc.dl.wf4ever.dl.UserMetadata;
import pl.psnc.dl.wf4ever.exceptions.ForbiddenException;
import pl.psnc.dl.wf4ever.model.Builder;

/* loaded from: input_file:WEB-INF/classes/pl/psnc/dl/wf4ever/accesscontrol/filters/ROsResourceFilter.class */
public class ROsResourceFilter implements ContainerRequestFilter {
    private static final Logger LOGGER = Logger.getLogger(ROsResourceFilter.class);

    @Context
    private UriInfo uriInfo;

    @Context
    private HttpServletRequest httpRequest;
    private UserMetadata user;
    private UserProfile userProfile;
    private UserProfileDAO profileDao = new UserProfileDAO();
    private ModeDAO modeDao = new ModeDAO();
    private PermissionDAO permissionDAO = new PermissionDAO();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/classes/pl/psnc/dl/wf4ever/accesscontrol/filters/ROsResourceFilter$ROType.class */
    public enum ROType {
        RESOURCE,
        RO_COLLECTION
    }

    @Override // com.sun.jersey.spi.container.ContainerRequestFilter
    public ContainerRequest filter(ContainerRequest containerRequest) {
        this.user = ((Builder) this.httpRequest.getAttribute("Builder")).getUser();
        if (this.user.equals(UserProfile.ADMIN)) {
            return containerRequest;
        }
        this.userProfile = this.profileDao.findByLogin(this.user.getLogin());
        ROType discoverResource = discoverResource(containerRequest.getPath());
        AccessMode accessMode = null;
        URI uri = null;
        if (discoverResource != ROType.RO_COLLECTION) {
            uri = getRootROUri(containerRequest.getPath());
            List<Permission> findByResearchObject = this.permissionDAO.findByResearchObject(uri.toString());
            accessMode = this.modeDao.findByResearchObject(uri.toString());
            if (findByResearchObject == null || findByResearchObject.size() == 0 || accessMode == null) {
                LOGGER.warn("Permissions for ro: " + uri.toString() + " couldn't be calculated.");
                return containerRequest;
            }
            if (accessMode.getMode().equals(Mode.OPEN)) {
                return containerRequest;
            }
        }
        if (containerRequest.getMethod().equals("POST") && discoverResource == ROType.RO_COLLECTION) {
            UserMetadata userMetadata = this.user;
            UserProfile userProfile = this.userProfile;
            if (userMetadata.equals(UserProfile.PUBLIC)) {
                throw new ForbiddenException("User must be logged in to create a new RO");
            }
            return containerRequest;
        }
        if (containerRequest.getMethod().equals("GET") && discoverResource == ROType.RO_COLLECTION) {
            return containerRequest;
        }
        List<Permission> findByUserROAndPermission = this.permissionDAO.findByUserROAndPermission(this.userProfile, uri.toString(), Role.OWNER);
        if (findByUserROAndPermission != null) {
            if (findByUserROAndPermission.size() > 1) {
                LOGGER.error("Ro " + uri + " has more them one owner");
                throw new WebApplicationException(500);
            }
            if (findByUserROAndPermission.size() == 1) {
                return containerRequest;
            }
        }
        if (containerRequest.getMethod().equals("GET")) {
            if (accessMode.getMode().equals(Mode.PUBLIC)) {
                return containerRequest;
            }
            if (accessMode.getMode().equals(Mode.PRIVATE)) {
                if (this.permissionDAO.findByUserROAndPermission(this.userProfile, uri.toString(), Role.EDITOR).size() <= 0 && this.permissionDAO.findByUserROAndPermission(this.userProfile, uri.toString(), Role.READER).size() <= 0 && findByUserROAndPermission.size() <= 0) {
                    throw new NotFoundException("No resource found");
                }
                return containerRequest;
            }
        }
        if (containerRequest.getMethod().equals("DELETE") && isRO(containerRequest.getPath())) {
            throw new ForbiddenException("Only an owner can delet whole RO");
        }
        if (!containerRequest.getMethod().equals("POST") && !containerRequest.getMethod().equals("DELETE") && !containerRequest.getMethod().equals("PUT")) {
            return containerRequest;
        }
        List<Permission> findByUserROAndPermission2 = this.permissionDAO.findByUserROAndPermission(this.userProfile, uri.toString(), Role.EDITOR);
        if (findByUserROAndPermission2 != null && findByUserROAndPermission2.size() > 1) {
            LOGGER.warn("There in a duplicated permission for the user " + this.userProfile.getLogin() + " and ro " + uri.toString());
            return containerRequest;
        }
        if (findByUserROAndPermission2 == null || findByUserROAndPermission2.size() != 1) {
            throw new ForbiddenException("User " + this.userProfile.getLogin() + " deosn't have permission to modify " + uri.toString());
        }
        return containerRequest;
    }

    private boolean isRO(String str) {
        String[] split = str.split("ROs/");
        return split.length != 0 && split[1].split("/").length == 1;
    }

    private ROType discoverResource(String str) {
        String[] split = str.split("ROs");
        if (split.length == 0) {
            return ROType.RO_COLLECTION;
        }
        String str2 = split[1];
        return (str2.replace("/", "").equals("") && StringUtils.countMatches(str2, "/") == 1) ? ROType.RO_COLLECTION : ROType.RESOURCE;
    }

    private URI getRootROUri(String str) {
        String uri = this.uriInfo.getBaseUriBuilder().path("ROs/").build(new Object[0]).toString();
        String str2 = str.split("ROs/")[1];
        return str2.split("/").length == 1 ? URI.create(uri + str2) : URI.create(uri + str2.split("/")[0] + "/");
    }
}
