package io.jenkins.plugins.csp;

import hudson.Extension;
import hudson.ExtensionList;
import hudson.model.PageDecorator;
import hudson.model.User;
import java.util.List;
import jenkins.model.Jenkins;
import org.apache.commons.lang.StringUtils;
import org.jenkinsci.Symbol;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
import org.kohsuke.stapler.Ancestor;
import org.kohsuke.stapler.Stapler;

@Extension
@Restricted({NoExternalUse.class})
@Symbol({"contentSecurityPolicyDecorator"})
/* loaded from: input_file:WEB-INF/lib/csp.jar:io/jenkins/plugins/csp/ContentSecurityPolicyDecorator.class */
public class ContentSecurityPolicyDecorator extends PageDecorator {
    private static String getConfiguredRules() {
        String rule = ((ContentSecurityPolicyConfiguration) ExtensionList.lookupSingleton(ContentSecurityPolicyConfiguration.class)).getRule();
        if (rule == null) {
            return null;
        }
        return StringUtils.removeEnd(rule.trim(), ";");
    }

    public String getHeader() {
        return ((ContentSecurityPolicyConfiguration) ExtensionList.lookupSingleton(ContentSecurityPolicyConfiguration.class)).isReportOnly() ? "Content-Security-Policy-Report-Only" : "Content-Security-Policy";
    }

    public String getValue(String str) {
        return Jenkins.get().hasPermission(Jenkins.READ) ? getConfiguredRules() + "; report-uri " + str + "/content-security-policy-reporting-endpoint/" + getContext() : getConfiguredRules();
    }

    private static String getContext() {
        List ancestors = Stapler.getCurrentRequest().getAncestors();
        if (ancestors.isEmpty()) {
            return "";
        }
        Ancestor ancestor = (Ancestor) ancestors.get(ancestors.size() - 1);
        return Context.encodeContext(ancestor.getObject().getClass().getName(), User.current(), ancestor.getRestOfUrl());
    }
}
