package com.atlassian.confluence.efi;

import com.atlassian.confluence.api.service.accessmode.AccessModeService;
import com.atlassian.confluence.efi.conditions.OnboardingInProgressCondition;
import com.atlassian.confluence.efi.store.UserStorageService;
import com.atlassian.confluence.security.PermissionManager;
import com.atlassian.confluence.security.access.ConfluenceAccessManager;
import com.atlassian.confluence.setup.settings.CoreFeaturesManager;
import com.atlassian.confluence.user.AuthenticatedUserThreadLocal;
import com.atlassian.confluence.user.ConfluenceUser;
import com.atlassian.confluence.user.PersonalInformationManager;
import com.atlassian.confluence.util.GeneralUtil;
import com.atlassian.core.filters.AbstractHttpFilter;
import com.atlassian.plugin.spring.scanner.annotation.imports.ComponentImport;
import com.atlassian.sal.api.features.DarkFeatureManager;
import java.io.IOException;
import javax.annotation.Nullable;
import javax.annotation.ParametersAreNonnullByDefault;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ParametersAreNonnullByDefault
/* loaded from: input_file:com/atlassian/confluence/efi/OnboardingFilter.class */
public class OnboardingFilter extends AbstractHttpFilter {
    private static final Logger LOGGER = LoggerFactory.getLogger(OnboardingFilter.class);
    private static final String ONBOARDING_STATE = "onboarding-state:";
    private static final String INTRO_WORKFLOW_KEY = "introWorkflow";
    private static final String INTRO_WORKFLOW_VALUE_COMPLETE = "__complete__";
    private static final String COOKIE_NAME_IMPERSONATED_USERNAME = "um.user.impersonated.username";
    private static final String FILTER_BYPASS_FEATURE = "confluence.onboarding.bypass";
    private UserStorageService userStorageService;
    private OnboardingManager onboardingManager;
    private PermissionManager permissionManager;
    private CoreFeaturesManager coreFeaturesManager;
    private PersonalInformationManager personalInformationManager;
    private DarkFeatureManager darkFeatureManager;
    private ConfluenceAccessManager confluenceAccessManager;
    private AccessModeService accessModeService;

    public OnboardingFilter(UserStorageService userStorageService, OnboardingManager onboardingManager, @ComponentImport PermissionManager permissionManager, @ComponentImport CoreFeaturesManager coreFeaturesManager, @ComponentImport PersonalInformationManager personalInformationManager, @ComponentImport DarkFeatureManager darkFeatureManager, @ComponentImport ConfluenceAccessManager confluenceAccessManager, @ComponentImport AccessModeService accessModeService) {
        this.userStorageService = userStorageService;
        this.onboardingManager = onboardingManager;
        this.permissionManager = permissionManager;
        this.coreFeaturesManager = coreFeaturesManager;
        this.personalInformationManager = personalInformationManager;
        this.darkFeatureManager = darkFeatureManager;
        this.confluenceAccessManager = confluenceAccessManager;
        this.accessModeService = accessModeService;
    }

    protected void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        String contextPath = httpServletRequest.getContextPath();
        if ((!isRootOrIndexPath(httpServletRequest, contextPath) && !isWelcomePath(httpServletRequest) && !isDashboardPath(httpServletRequest)) || bypassFilter()) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        ConfluenceUser confluenceUser = AuthenticatedUserThreadLocal.get();
        if (isWelcomePath(httpServletRequest)) {
            if (!isLicensedForOnboarding(confluenceUser) || hasUserCompletedOnboarding(confluenceUser) || this.accessModeService.isReadOnlyAccessModeEnabled()) {
                httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/dashboard.action");
                return;
            }
        } else if (isDashboardPath(httpServletRequest) || isRootOrIndexPath(httpServletRequest, contextPath)) {
            String parameter = httpServletRequest.getParameter("onboarding");
            if (confluenceUser != null && StringUtils.equalsIgnoreCase("clear-state", parameter)) {
                LOGGER.debug("[Confluence Onboarding] [User = {}] [Request Parameter 'onboarding=clear-state'] Removing data & redirecting to dashboard", AuthenticatedUserThreadLocal.getUsername());
                this.userStorageService.remove("onboarding-state:introWorkflow", confluenceUser);
                this.userStorageService.remove("onboarding-state:tutorialFlow", confluenceUser);
                httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/dashboard.action");
                return;
            }
            if (!this.accessModeService.isReadOnlyAccessModeEnabled() && !isRunningWebDriver(httpServletRequest.getCookies()) && !isImpersonatingUser(httpServletRequest.getCookies()) && checkIfNeedToReredirect(httpServletRequest)) {
                if (StringUtils.equalsIgnoreCase("evaluator", parameter)) {
                    httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/welcome.action?evaluator=true");
                    return;
                } else {
                    httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/welcome.action");
                    return;
                }
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    protected boolean checkIfNeedToReredirect(HttpServletRequest httpServletRequest) {
        ConfluenceUser confluenceUser = AuthenticatedUserThreadLocal.get();
        if (!isLicensedForOnboarding(confluenceUser)) {
            return false;
        }
        String parameter = httpServletRequest.getParameter("onboarding");
        if (parameter != null && !parameter.equals("false")) {
            if (!parameter.equals("evaluator")) {
                this.userStorageService.remove("onboarding-state:introWorkflow", confluenceUser);
            }
            LOGGER.debug("[Confluence Onboarding] [User = {}] [Request Parameter 'onboarding={}']", AuthenticatedUserThreadLocal.getUsername(), parameter);
            return true;
        }
        if (isCloudSysAdmin(confluenceUser)) {
            return false;
        }
        long userCreatedDateInMillis = getUserCreatedDateInMillis();
        long pluginInstalledDateInMillis = this.onboardingManager.getPluginInstalledDateInMillis();
        String str = this.userStorageService.get("onboarding-state:introWorkflow", confluenceUser);
        boolean z = userCreatedDateInMillis > pluginInstalledDateInMillis && !hasUserCompletedOnboarding(confluenceUser);
        if (z) {
            LOGGER.debug("[Confluence Onboarding] [User = {}] [userCreatedDateInMillis = {}] [pluginInstalledDateInMillis = {}] [sequenceKey = {}] ", new Object[]{AuthenticatedUserThreadLocal.getUsername(), Long.valueOf(userCreatedDateInMillis), Long.valueOf(pluginInstalledDateInMillis), str});
        }
        return z;
    }

    private boolean hasUserCompletedOnboarding(@Nullable ConfluenceUser confluenceUser) {
        if (confluenceUser == null) {
            return true;
        }
        return StringUtils.equalsIgnoreCase(INTRO_WORKFLOW_VALUE_COMPLETE, this.userStorageService.get("onboarding-state:introWorkflow", confluenceUser));
    }

    private boolean isLicensedForOnboarding(@Nullable ConfluenceUser confluenceUser) {
        if (confluenceUser == null || GeneralUtil.isLicenseExpired()) {
            return false;
        }
        return this.confluenceAccessManager.getUserAccessStatus(confluenceUser).hasLicensedAccess();
    }

    private long getUserCreatedDateInMillis() {
        if (AuthenticatedUserThreadLocal.getUsername() == null) {
            return Long.MIN_VALUE;
        }
        return new DateTime(this.personalInformationManager.getOrCreatePersonalInformation(AuthenticatedUserThreadLocal.get()).getCreationDate()).plusHours(1).getMillis();
    }

    private boolean isCloudSysAdmin(ConfluenceUser confluenceUser) {
        return this.coreFeaturesManager.isOnDemand() && this.permissionManager.isSystemAdministrator(confluenceUser);
    }

    private static boolean isImpersonatingUser(Cookie[] cookieArr) {
        return OnboardingUtils.isCookieContains(cookieArr, COOKIE_NAME_IMPERSONATED_USERNAME, null);
    }

    private static boolean isRunningWebDriver(@Nullable Cookie[] cookieArr) {
        return OnboardingUtils.isCookieContains(cookieArr, "webdriver", OnboardingInProgressCondition.ONBOARDING_COOKIE_LOAD_VALUE);
    }

    private boolean isWelcomePath(HttpServletRequest httpServletRequest) {
        return isPathContain(httpServletRequest, "/welcome.action");
    }

    private boolean isDashboardPath(HttpServletRequest httpServletRequest) {
        return isPathContain(httpServletRequest, "/dashboard.action");
    }

    private boolean isPathContain(HttpServletRequest httpServletRequest, String str) {
        return httpServletRequest.getRequestURI().contains(str);
    }

    private boolean isRootOrIndexPath(HttpServletRequest httpServletRequest, String str) {
        return httpServletRequest.getRequestURI().equals(str) || httpServletRequest.getRequestURI().equals(new StringBuilder().append(str).append("/").toString()) || httpServletRequest.getRequestURI().equals(new StringBuilder().append(str).append("/index.action").toString());
    }

    private boolean bypassFilter() {
        return this.darkFeatureManager.isFeatureEnabledForCurrentUser(FILTER_BYPASS_FEATURE);
    }
}
