package org.craftercms.studio.impl.v1.web.security.access;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.ServletInputStream;
import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Collection;
import org.apache.commons.fileupload2.jakarta.servlet6.JakartaServletFileUpload;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.studio.api.v2.dal.User;
import org.craftercms.studio.permissions.StudioPermissionsConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpMethod;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.FilterInvocation;

/* loaded from: input_file:org/craftercms/studio/impl/v1/web/security/access/StudioPublishingAPIAccessDecisionVoter.class */
public class StudioPublishingAPIAccessDecisionVoter extends StudioAbstractAccessDecisionVoter {
    private static final Logger logger = LoggerFactory.getLogger(StudioPublishingAPIAccessDecisionVoter.class);
    private static final String PUBLISH_API_ROOT = "/api/1/services/api/1/publish/";
    private static final String COMMITS = "/api/1/services/api/1/publish/commits.json";
    protected final ObjectMapper objectMapper = new ObjectMapper();

    @JsonIgnoreProperties(ignoreUnknown = true)
    /* loaded from: input_file:org/craftercms/studio/impl/v1/web/security/access/StudioPublishingAPIAccessDecisionVoter$ApiParams.class */
    public static class ApiParams {
        private String site;

        public String getSite() {
            return this.site;
        }

        public void setSite(String str) {
            this.site = str;
        }

        public void setSite_id(String str) {
            this.site = str;
        }
    }

    public boolean supports(ConfigAttribute configAttribute) {
        return true;
    }

    @Override // org.craftercms.studio.impl.v1.web.security.access.StudioAbstractAccessDecisionVoter
    public int voteInternal(Authentication authentication, Object obj, Collection collection) {
        int i;
        if (!(obj instanceof FilterInvocation)) {
            logger.trace("The request with URL '{}' has access '{}'", StudioAbstractAccessDecisionVoter.DEFAULT_PERMISSION_VOTER_PATH, 0);
            return 0;
        }
        HttpServletRequest request = ((FilterInvocation) obj).getRequest();
        String replace = request.getRequestURI().replace(request.getContextPath(), StudioAbstractAccessDecisionVoter.DEFAULT_PERMISSION_VOTER_PATH);
        if (!StringUtils.startsWith(replace, PUBLISH_API_ROOT)) {
            logger.trace("The request with URL '{}' has access '{}'", replace, 0);
            return 0;
        }
        String parameter = request.getParameter("username");
        String parameter2 = request.getParameter("site_id");
        if (StringUtils.isEmpty(parameter) && StringUtils.equalsIgnoreCase(request.getMethod(), HttpMethod.POST.name()) && !JakartaServletFileUpload.isMultipartContent(request)) {
            try {
                ServletInputStream inputStream = request.getInputStream();
                try {
                    String iOUtils = IOUtils.toString(inputStream, StandardCharsets.UTF_8);
                    if (StringUtils.isNoneEmpty(new CharSequence[]{iOUtils})) {
                        parameter2 = org.apache.commons.lang.StringUtils.defaultIfEmpty(((ApiParams) this.objectMapper.readValue(iOUtils, ApiParams.class)).getSite(), parameter2);
                    }
                    if (inputStream != null) {
                        inputStream.close();
                    }
                } finally {
                }
            } catch (JsonParseException e) {
                logger.info("Failed to parse request as JSON", e);
            } catch (IOException e2) {
                logger.info("Failed to extract the fields from the POST request", e2);
            }
        }
        User user = (User) authentication.getPrincipal();
        boolean z = -1;
        switch (replace.hashCode()) {
            case -889586916:
                if (replace.equals(COMMITS)) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (!this.siteService.exists(parameter2)) {
                    i = 0;
                    break;
                } else if (user != null && (isSiteAdmin(parameter2, user) || hasPermission(parameter2, StudioAbstractAccessDecisionVoter.DEFAULT_PERMISSION_VOTER_PATH, user.getUsername(), StudioPermissionsConstants.PERMISSION_PUBLISH_BY_COMMITS))) {
                    i = 1;
                    break;
                } else {
                    i = -1;
                    break;
                }
                break;
            default:
                i = 0;
                break;
        }
        logger.trace("The request with URL '{}' has access '{}'", replace, Integer.valueOf(i));
        return i;
    }

    public boolean supports(Class cls) {
        return true;
    }
}
