package com.atlassian.confluence.plugins.restapi.filters;

import com.atlassian.confluence.api.service.accessmode.AccessModeService;
import com.atlassian.confluence.api.service.exceptions.ReadOnlyException;
import com.atlassian.confluence.api.service.settings.SettingsService;
import com.atlassian.core.util.ClassLoaderUtils;
import com.google.common.collect.Lists;
import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerRequestFilter;
import java.io.BufferedReader;
import java.io.FileReader;
import java.net.URL;
import java.util.List;
import java.util.Optional;
import java.util.stream.Stream;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/confluence/plugins/restapi/filters/ReadOnlyAccessRequestFilter.class */
public class ReadOnlyAccessRequestFilter implements ContainerRequestFilter {
    private final AccessModeService accessModeService;
    private final SettingsService settingsService;
    private final boolean hasReadOnlyAccessBlockedAnnotation;
    private static final Logger log = LoggerFactory.getLogger(ReadOnlyAccessRequestFilter.class);
    private Optional<List<String>> whiteListCache = Optional.empty();
    private final List<String> whiteList = Lists.newArrayList(new String[]{"/backdoor/", "/webResources/", "/analytics/", "/plugins/", "/whitelist/", "/applinks/", "/hipchat/", "/nativemobile/", "/custom-apps/", "/troubleshooting/", "/nps/"});

    public ReadOnlyAccessRequestFilter(AccessModeService accessModeService, SettingsService settingsService, boolean z) {
        this.accessModeService = accessModeService;
        this.settingsService = settingsService;
        this.hasReadOnlyAccessBlockedAnnotation = z;
    }

    public ContainerRequest filter(ContainerRequest containerRequest) {
        if (!this.accessModeService.isReadOnlyAccessModeEnabled()) {
            return containerRequest;
        }
        if (this.hasReadOnlyAccessBlockedAnnotation) {
            throw new ReadOnlyException();
        }
        if (!isWhitelisted(containerRequest.getRequestUri().toString().substring(this.settingsService.getGlobalSettings().getBaseUrl().length())) && isMutativeMethod(containerRequest.getMethod())) {
            throw new ReadOnlyException();
        }
        return containerRequest;
    }

    private boolean isMutativeMethod(String str) {
        return StringUtils.equalsAny(str, new CharSequence[]{"POST", "PUT", "DELETE"});
    }

    private boolean isWhitelisted(String str) {
        return StringUtils.containsAny(str, getReadOnlyRestWhitelist());
    }

    private String[] getReadOnlyRestWhitelist() {
        if (!this.whiteListCache.isPresent()) {
            URL resource = ClassLoaderUtils.getResource("", AccessModeService.class);
            if (resource != null) {
                try {
                    BufferedReader bufferedReader = new BufferedReader(new FileReader(resource.getPath() + "read-only-rest-whitelist.txt"));
                    Throwable th = null;
                    try {
                        try {
                            Stream<String> lines = bufferedReader.lines();
                            List<String> list = this.whiteList;
                            list.getClass();
                            lines.forEach((v1) -> {
                                r1.add(v1);
                            });
                            if (bufferedReader != null) {
                                if (0 != 0) {
                                    try {
                                        bufferedReader.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                } else {
                                    bufferedReader.close();
                                }
                            }
                        } finally {
                        }
                    } finally {
                    }
                } catch (Exception e) {
                    log.error("An error has occurred while reading read-only-rest-whitelist.txt");
                    log.debug("", e);
                }
            }
            this.whiteListCache = Optional.of(this.whiteList);
        }
        return (String[]) this.whiteListCache.get().toArray(new String[0]);
    }
}
