package com.atlassian.confluence.plugins.mobile.filter;

import com.atlassian.confluence.plugins.mobile.MobileUtils;
import com.atlassian.confluence.plugins.mobile.event.MobileLoginEvent;
import com.atlassian.confluence.security.Permission;
import com.atlassian.confluence.security.PermissionManager;
import com.atlassian.confluence.user.AuthenticatedUserThreadLocal;
import com.atlassian.confluence.user.ConfluenceUser;
import com.atlassian.core.filters.AbstractHttpFilter;
import com.atlassian.event.api.EventPublisher;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/atlassian/confluence/plugins/mobile/filter/CanUseFilter.class */
public class CanUseFilter extends AbstractHttpFilter {
    private final PermissionManager permissionManager;
    private final EventPublisher eventPublisher;
    private String redirectLocation;

    public CanUseFilter(PermissionManager permissionManager, EventPublisher eventPublisher) {
        this.permissionManager = permissionManager;
        this.eventPublisher = eventPublisher;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        super.init(filterConfig);
        this.redirectLocation = filterConfig.getInitParameter("loginRedirectLocation");
    }

    protected void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (MobileUtils.isMobileViewRequest(httpServletRequest)) {
            ConfluenceUser confluenceUser = AuthenticatedUserThreadLocal.get();
            if (!this.permissionManager.hasPermission(confluenceUser, Permission.VIEW, PermissionManager.TARGET_APPLICATION)) {
                if (confluenceUser == null) {
                    httpServletResponse.sendRedirect(createLoginUrl(httpServletRequest));
                    return;
                } else {
                    httpServletResponse.sendError(403, "Not permitted to use the application.");
                    return;
                }
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private String createLoginUrl(HttpServletRequest httpServletRequest) throws UnsupportedEncodingException {
        this.eventPublisher.publish(new MobileLoginEvent(httpServletRequest));
        return httpServletRequest.getContextPath() + this.redirectLocation + "?os_destination=" + URLEncoder.encode(httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length()) + (StringUtils.isNotBlank(httpServletRequest.getQueryString()) ? "?" + httpServletRequest.getQueryString() : ""), "UTF-8");
    }
}
