package com.almworks.structure.commons.rest.interceptor;

import com.almworks.jira.structure.api.StructurePluginHelper;
import com.almworks.jira.structure.api.auth.StructureAuth;
import com.almworks.structure.commons.rest.AbstractResource;
import com.almworks.structure.commons.rest.AdminRequired;
import com.almworks.structure.commons.rest.RestUtil;
import com.almworks.structure.commons.rest.SkipStructureAccessChecks;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.jetbrains.annotations.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/lib/structure-commons-32.4.0.jar:com/almworks/structure/commons/rest/interceptor/StructureRestInterceptorCommon.class */
public class StructureRestInterceptorCommon {
    private static final Logger logger = LoggerFactory.getLogger(StructureRestInterceptorCommon.class);
    private final StructurePluginHelper myHelper;

    /* loaded from: input_file:META-INF/lib/structure-commons-32.4.0.jar:com/almworks/structure/commons/rest/interceptor/StructureRestInterceptorCommon$RequestDetails.class */
    public static class RequestDetails {
        public final String myHttpMethod;
        public final UriInfo myUriInfo;
        private String myDebugName;

        public RequestDetails(String str, UriInfo uriInfo) {
            this.myHttpMethod = str;
            this.myUriInfo = uriInfo;
        }

        public String toString() {
            if (this.myDebugName == null) {
                this.myDebugName = buildDebugName();
            }
            return this.myDebugName;
        }

        public String buildDebugName() {
            StringBuilder sb = new StringBuilder();
            return sb.append(this.myHttpMethod).append(" /").append(RestUtil.getUriWithQueryParameters(this.myUriInfo)).toString();
        }
    }

    /* loaded from: input_file:META-INF/lib/structure-commons-32.4.0.jar:com/almworks/structure/commons/rest/interceptor/StructureRestInterceptorCommon$ResponseDetails.class */
    public static class ResponseDetails {
        public final int myStatus;
        public final Object myEntity;

        public ResponseDetails(int i, Object obj) {
            this.myStatus = i;
            this.myEntity = obj;
        }

        public String toString() {
            return RestUtil.responseToString(this.myStatus, this.myEntity);
        }
    }

    public StructureRestInterceptorCommon(StructurePluginHelper structurePluginHelper) {
        this.myHelper = structurePluginHelper;
    }

    @Nullable
    public Response onRequest(RequestDetails requestDetails, ResourceAnnotationAccessor resourceAnnotationAccessor) {
        logRequest(requestDetails);
        if (!isAuthorizedOrAnonymous(requestDetails)) {
            return AbstractResource.unauthorized();
        }
        if (isAccessGranted(resourceAnnotationAccessor)) {
            return null;
        }
        return AbstractResource.permissionViolation();
    }

    public void onResponse(RequestDetails requestDetails, ResponseDetails responseDetails) {
        logResponse(requestDetails, responseDetails);
    }

    private void logRequest(RequestDetails requestDetails) {
        if (logger.isDebugEnabled()) {
            logger.debug(">>>>>> {}", requestDetails.toString());
        }
    }

    private void logResponse(RequestDetails requestDetails, ResponseDetails responseDetails) {
        if (logger.isDebugEnabled()) {
            logger.debug("<<<<<< {} : {}", requestDetails.toString(), responseDetails.toString());
        }
    }

    private boolean isAuthorizedOrAnonymous(RequestDetails requestDetails) {
        return ("true".equals((String) requestDetails.myUriInfo.getQueryParameters().getFirst("loggedIn")) && StructureAuth.getUser() == null) ? false : true;
    }

    private boolean isAccessGranted(ResourceAnnotationAccessor resourceAnnotationAccessor) {
        AdminRequired adminRequired = getAdminRequired(resourceAnnotationAccessor);
        return adminRequired != null ? adminRequired.systemAdmin() ? this.myHelper.isSystemAdmin() : this.myHelper.isAdmin() : this.myHelper.isStructureAvailableToCurrentUser() || resourceAnnotationAccessor.getMethodAnnotation(SkipStructureAccessChecks.class) != null;
    }

    @Nullable
    private AdminRequired getAdminRequired(ResourceAnnotationAccessor resourceAnnotationAccessor) {
        AdminRequired adminRequired = (AdminRequired) resourceAnnotationAccessor.getMethodAnnotation(AdminRequired.class);
        return adminRequired != null ? adminRequired : (AdminRequired) resourceAnnotationAccessor.getResourceAnnotation(AdminRequired.class);
    }
}
