package com.atlassian.confluence.plugins.baseurl;

import com.atlassian.confluence.plugin.webresource.ConfluenceWebResourceManager;
import com.atlassian.confluence.security.PermissionManager;
import com.atlassian.confluence.user.AuthenticatedUserThreadLocal;
import com.atlassian.core.filters.AbstractHttpFilter;
import com.atlassian.plugin.spring.scanner.annotation.imports.ComponentImport;
import java.io.IOException;
import java.util.Collections;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/atlassian/confluence/plugins/baseurl/IncludeResourcesFilter.class */
public class IncludeResourcesFilter extends AbstractHttpFilter {
    static final String BASE_URL_RESOURCE_CONTEXT = "baseurl-checker-resource";
    private static final Set<String> UNFILTER_REQUEST_URLS = Collections.unmodifiableSet((Set) Stream.of("/plugins/servlet/mobile").collect(Collectors.toSet()));
    private final ConfluenceWebResourceManager webResourceManager;
    private final PermissionManager permissionManager;

    @Autowired
    public IncludeResourcesFilter(@ComponentImport ConfluenceWebResourceManager confluenceWebResourceManager, @ComponentImport PermissionManager permissionManager) {
        this.webResourceManager = confluenceWebResourceManager;
        this.permissionManager = permissionManager;
    }

    protected void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (this.permissionManager.isSystemAdministrator(AuthenticatedUserThreadLocal.get()) && isURIFiterable(httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length()))) {
            this.webResourceManager.requireResourcesForContext(BASE_URL_RESOURCE_CONTEXT);
            this.webResourceManager.putMetadata("server-scheme", String.valueOf(httpServletRequest.getScheme()));
            this.webResourceManager.putMetadata("server-port", String.valueOf(httpServletRequest.getServerPort()));
            this.webResourceManager.putMetadata("server-name", String.valueOf(httpServletRequest.getServerName()));
            this.webResourceManager.putMetadata("behind-proxy", String.valueOf(httpServletRequest.getHeader("Http-X-Forwarded-For")));
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private boolean isURIFiterable(String str) {
        return !UNFILTER_REQUEST_URLS.stream().anyMatch(str2 -> {
            return str.startsWith(str2);
        });
    }
}
