package org.jenkins.plugins.urlFilter;

import hudson.Extension;
import hudson.init.Initializer;
import hudson.util.PluginServletFilter;
import java.io.IOException;
import java.util.List;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jenkins.model.Jenkins;

@Extension
/* loaded from: input_file:org/jenkins/plugins/urlFilter/RequestFilter.class */
public class RequestFilter implements Filter {
    private static final Logger LOGGER = Logger.getLogger(RequestFilter.class.getName());

    @Initializer
    public static void init() throws ServletException {
        LOGGER.fine("Adding Request Filter to PluginServlet Filter");
        PluginServletFilter.addFilter(new RequestFilter());
    }

    public void init(FilterConfig filterConfig) {
        LOGGER.fine("Initializing RequestFilter");
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String requestURI = httpServletRequest.getRequestURI();
        if (!checkIfFilterMatches(requestURI)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else {
            LOGGER.fine("Filter matches with RequestURI:" + requestURI + " returning HTTP 403");
            httpServletResponse.sendError(403);
        }
    }

    public void destroy() {
    }

    private String getLoggedInUser() {
        LOGGER.fine("Getting logged in user");
        return Jenkins.getAuthentication2().getName();
    }

    private boolean checkIfFilterMatches(String str) {
        LOGGER.fine("Start checking request uri:" + str + " if matches with defined RequestFilters");
        List<RequestFilterProperty> requestFilterProperties = UrlFilterPlugin.get().getRequestFilterProperties();
        String loggedInUser = getLoggedInUser();
        LOGGER.fine("Retrieve logged in user:" + loggedInUser);
        for (RequestFilterProperty requestFilterProperty : requestFilterProperties) {
            LOGGER.fine("Processing for RegexFilterProperty filterRegex:" + requestFilterProperty + " excludedUsers:" + requestFilterProperty.getExcludedUsers());
            if (str.matches(requestFilterProperty.getFilterRegex())) {
                LOGGER.fine("Uri matches with filter");
                if (!isUserExcluded(loggedInUser, requestFilterProperty)) {
                    LOGGER.fine("Logged in user is not excluded. Blocking request");
                    LOGGER.info("Request: " + str + " is blocked for user: " + loggedInUser);
                    return true;
                }
            }
        }
        LOGGER.fine("No filter matched with request uri. Not blocking request");
        return false;
    }

    private boolean isUserExcluded(String str, RequestFilterProperty requestFilterProperty) {
        LOGGER.fine("Checking if user is excluded user list.");
        LOGGER.fine("loggedInUser:" + str);
        LOGGER.fine("excludedUsers:" + requestFilterProperty.getExcludedUsers());
        for (String str2 : requestFilterProperty.getExcludedUsers().split(" ")) {
            LOGGER.fine("Checking if logged in user matches with user:" + str2);
            if (str.equals(str2) || str.matches(str2)) {
                LOGGER.fine("Users are matched. Returning true");
                return true;
            }
        }
        LOGGER.fine("No users are matched. Returning false");
        return false;
    }
}
